Logo des Repositoriums
 

Continuous authorization over HTTP using Verifiable Credentials and OAuth 2.0

dc.contributor.authorFotiou, Nikos
dc.contributor.authorFaltaka, Evgenia
dc.contributor.authorKalos, Vasilis
dc.contributor.authorKefala, Anna
dc.contributor.authorPittaras, Iakovos
dc.contributor.authorSiris, Vasilios A.
dc.contributor.authorPolyzos, George C.
dc.contributor.editorRoßnagel, Heiko
dc.contributor.editorSchunck, Christian H.
dc.contributor.editorMödersheim, Sebastian
dc.date.accessioned2022-06-07T07:04:32Z
dc.date.available2022-06-07T07:04:32Z
dc.date.issued2022
dc.description.abstractWe design, implement, and evaluate a solution for achieving continuous authorization of HTTP requests exploiting Verifiable Credentials (VCs) and OAuth 2.0. Specifically, we develop a VC issuer that acts as an OAuth 2.0 authorization server, a VC verifier that transparently protects HTTP-based resources, and a VC wallet implemented as a browser extension capable of injecting the necessary authentication data in HTTP requests without needing user intervention. Our approach is motivated by recent security paradigms, such as the Zero Trust architecture, that require authentication and authorization of every request and it is tailored for HTTP-based services, accessed using a web browser. Our solution leverages JSONWeb Tokens and JSONWeb Signatures for encoding VCs and protecting their integrity, achieving this way interoperability and security. VCs in our system are bound to a user-controlled public key or a Decentralized Identifier, and mechanisms for proving possession are provided. Finally, VCs can be easily revoked.en
dc.identifier.doi10.18420/OID2022_03
dc.identifier.isbn978-3-88579-719-7
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/38703
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofOpen Identity Summit 2022
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-305
dc.subjectAccess control
dc.subjectAuthentication
dc.subjectZero Trust
dc.titleContinuous authorization over HTTP using Verifiable Credentials and OAuth 2.0en
dc.typeText/Conference Paper
gi.citation.endPage50
gi.citation.publisherPlaceBonn
gi.citation.startPage39
gi.conference.date07.-08. July 2022
gi.conference.locationCopenhagen, Denmark
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
proceedings-03.pdf
Größe:
319.71 KB
Format:
Adobe Portable Document Format