Continuous authorization over HTTP using Verifiable Credentials and OAuth 2.0
Zusammenfassung
We design, implement, and evaluate a solution for achieving continuous authorization of HTTP requests exploiting Verifiable Credentials (VCs) and OAuth 2.0. Specifically, we develop a VC issuer that acts as an OAuth 2.0 authorization server, a VC verifier that transparently protects HTTP-based resources, and a VC wallet implemented as a browser extension capable of injecting the necessary authentication data in HTTP requests without needing user intervention. Our approach is motivated by recent security paradigms, such as the Zero Trust architecture, that require authentication and authorization of every request and it is tailored for HTTP-based services, accessed using a web browser. Our solution leverages JSONWeb Tokens and JSONWeb Signatures for encoding VCs and protecting
their integrity, achieving this way interoperability and security. VCs in our system are bound to a
user-controlled public key or a Decentralized Identifier, and mechanisms for proving possession are
provided. Finally, VCs can be easily revoked.
- Vollständige Referenz
- BibTeX
Fotiou, N., Faltaka, E., Kalos, V., Kefala, A., Pittaras, I., Siris, V. A. & Polyzos, G. C.,
(2022).
Continuous authorization over HTTP using Verifiable Credentials and OAuth 2.0.
In:
Roßnagel, H., Schunck, C. H. & Mödersheim, S.
(Hrsg.),
Open Identity Summit 2022.
Bonn:
Gesellschaft für Informatik e.V..
(S. 39-50).
DOI: 10.18420/OID2022_03
@inproceedings{mci/Fotiou2022,
author = {Fotiou, Nikos AND Faltaka, Evgenia AND Kalos, Vasilis AND Kefala, Anna AND Pittaras, Iakovos AND Siris, Vasilios A. AND Polyzos, George C.},
title = {Continuous authorization over HTTP using Verifiable Credentials and OAuth 2.0},
booktitle = {Open Identity Summit 2022},
year = {2022},
editor = {Roßnagel, Heiko AND Schunck, Christian H. AND Mödersheim, Sebastian} ,
pages = { 39-50 } ,
doi = { 10.18420/OID2022_03 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Fotiou, Nikos AND Faltaka, Evgenia AND Kalos, Vasilis AND Kefala, Anna AND Pittaras, Iakovos AND Siris, Vasilios A. AND Polyzos, George C.},
title = {Continuous authorization over HTTP using Verifiable Credentials and OAuth 2.0},
booktitle = {Open Identity Summit 2022},
year = {2022},
editor = {Roßnagel, Heiko AND Schunck, Christian H. AND Mödersheim, Sebastian} ,
pages = { 39-50 } ,
doi = { 10.18420/OID2022_03 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Dateien | Groesse | Format | Anzeige | |
---|---|---|---|---|
proceedings-03.pdf | 319.7Kb | Öffnen |
Sollte hier kein Volltext (PDF) verlinkt sein, dann kann es sein, dass dieser aus verschiedenen Gruenden (z.B. Lizenzen oder Copyright) nur in einer anderen Digital Library verfuegbar ist. Versuchen Sie in diesem Fall einen Zugriff ueber die verlinkte DOI: 10.18420/OID2022_03
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Feedback abschicken
Mehr Information
DOI: 10.18420/OID2022_03
ISBN: 978-3-88579-719-7
ISSN: 1617-5468
Datum: 2022
Sprache: (en)
Typ: Text/Conference Paper