Managing authorization grants beyond OAuth 2
| dc.contributor.author | Imbault, Fabien | |
| dc.contributor.author | Richer, Justin | |
| dc.contributor.author | Parecki, Aaron | |
| dc.contributor.editor | Roßnagel, Heiko | |
| dc.contributor.editor | Schunck, Christian H. | |
| dc.contributor.editor | Mödersheim, Sebastian | |
| dc.date.accessioned | 2021-05-20T13:12:13Z | |
| dc.date.available | 2021-05-20T13:12:13Z | |
| dc.date.issued | 2021 | |
| dc.description.abstract | The Grant Negotiation and Authorization Protocol, also known as GNAP, is currently being formulated in an IETF working group. GNAP gives the opportunity to reflect on the strengths and weaknesses of OAuth 2, and highlights the new directions to improve digital access. We compare with the approach taken by OAuth 2 and show that designing authorization servers primarily as “token issuers” provides insightful consequences for security and privacy. | en |
| dc.identifier.isbn | 978-3-88579-706-7 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/36492 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | Open Identity Summit 2021 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-312 | |
| dc.subject | authorization protocol | |
| dc.subject | OAuth 2 | |
| dc.subject | GNAP | |
| dc.title | Managing authorization grants beyond OAuth 2 | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 198 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 193 | |
| gi.conference.date | 01.-02. June 2021 | |
| gi.conference.location | Copenhagen, Denmark | |
| gi.conference.sessiontitle | Short Paper |
Dateien
Originalbündel
1 - 1 von 1