Token Based Authorization

Baruzzi, Giovanni A.

Konferenzbeitrag

Token Based Authorization

Dokumententyp

Text/Conference Paper

Dateien

proceedings-16.pdf (97.31 KB)

Datum

2020

Autor:innen

Baruzzi, Giovanni A.

Quelle

Open Identity Summit 2020

Short Paper

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

A secure, scalable, fine grained and flexible access control is extremely important for the digital society. The approaches used until now (RBAC, Groups in an LDAP Directory, XACML) alone may not be able to deliver to this challenge. Building from past experiences in the Industry, we propose an Access Management Framework where the central role is played by a token containing all the information needed to implement fine grained access control. This Authorization Token should be signed by the approver and embedded into a “claim” to the application at session time. The application, after checking the validity of the token will control access to the desired resource. In this way we can achieve fine granular access control, scalability and independence from network topologies.

Baruzzi, Giovanni A. (2020): Token Based Authorization. Open Identity Summit 2020. DOI: 10.18420/ois2020_16. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-699-2. pp. 179-184. Short Paper. Copenhagen, Denmark. 26.-27. May 2020

Schlagwörter

Access Control , Token , Fine-grained Access , Authorization , Claim.

DOI

10.18420/ois2020_16

Sammlungen

P305 - Open Identity Summit 2020

Komplettanzeige

Token Based Authorization

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen