Token Based Authorization

Baruzzi, Giovanni A.

Author:

Abstract

A secure, scalable, fine grained and flexible access control is extremely important for the digital society. The approaches used until now (RBAC, Groups in an LDAP Directory, XACML) alone may not be able to deliver to this challenge. Building from past experiences in the Industry, we propose an Access Management Framework where the central role is played by a token containing all the information needed to implement fine grained access control. This Authorization Token should be signed by the approver and embedded into a “claim” to the application at session time. The application, after checking the validity of the token will control access to the desired resource. In this way we can achieve fine granular access control, scalability and independence from network topologies.

Citation
BibTeX

Baruzzi, G. A., (2020). Token Based Authorization. In: Roßnagel, H., Schunck, C. H., Mödersheim, S. & Hühnlein, D. (Hrsg.), Open Identity Summit 2020. Bonn: Gesellschaft für Informatik e.V.. (S. 179-184). DOI: 10.18420/ois2020_16

@inproceedings{mci/Baruzzi2020,
author = {Baruzzi, Giovanni A.},
title = {Token Based Authorization},
booktitle = {Open Identity Summit 2020},
year = {2020},
editor = {Roßnagel, Heiko AND Schunck, Christian H. AND Mödersheim, Sebastian AND Hühnlein, Detlef} ,
pages = { 179-184 } ,
doi = { 10.18420/ois2020_16 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}

	Dateien	Groesse	Format	Anzeige
	proceedings-16.pdf	97.31Kb	PDF	View/Open

Sollte hier kein Volltext (PDF) verlinkt sein, dann kann es sein, dass dieser aus verschiedenen Gruenden (z.B. Lizenzen oder Copyright) nur in einer anderen Digital Library verfuegbar ist. Versuchen Sie in diesem Fall einen Zugriff ueber die verlinkte DOI: 10.18420/ois2020_16

Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback