Related papers: Practical Decentralized Attribute-Based Delegation…
Distributed system architectures such as cloud computing or the emergent architectures of the Internet Of Things, present significant challenges for security and privacy. Specifically, in a complex application there is a need to securely…
Verifiable delegation in digital identity systems remains unresolved across centralized, federated, and self-sovereign identity (SSI) environments, particularly where both human users and autonomous AI agents must exercise and transfer…
Digital identities today continue to be a company resource instead of belonging to the actual person they represent. At the same time, the digitalization of everyday services intensifies the Identity Management problem and leads to a…
Research challenges such as climate change and the search for habitable planets increasingly use academic and commercial computing resources distributed across different institutions and physical sites. Furthermore, such analyses often…
The current Domain Name System (DNS), as a core infrastructure of the internet, exhibits several shortcomings: its centralized architecture leads to censorship risks and single points of failure, making domain name resolution vulnerable to…
The current Domain Name System (DNS) infrastructure faces critical vulnerabilities including poisoning attacks, censorship mechanisms, and centralized points of failure that compromise internet freedom and security. Recent incidents such as…
The challenge to establish and verify human identity over the Internet in a secure and privacy-respecting way is long-standing. In this paper, we explore the blockchain trilemma of scalability, security, and decentralization in the context…
Confidential services running in hardware-protected Trusted Execution Environments (TEEs) can provide higher security assurance, but this requires custom clients and protocols to distribute, update, and verify their attestation evidence.…
The rapid deployment of autonomous AI agents creates urgent challenges around authorization, accountability, and access control in digital spaces. New standards are needed to know whom AI agents act on behalf of and guide their use…
Current authentication methods on the Web have serious weaknesses. First, services heavily rely on the traditional password paradigm, which diminishes the end-users' security and usability. Second, the lack of attribute-based authentication…
Since the dawn of human civilization, trust has been the core challenge of social organization. Trust functions to reduce the effort spent in constantly monitoring others' actions in order to verify their assertions, thus facilitating…
When training a machine learning model, it is standard procedure for the researcher to have full knowledge of both the data and model. However, this engenders a lack of trust between data owners and data scientists. Data owners are…
Interoperation for data sharing between permissioned blockchain networks relies on networks' abilities to independently authenticate requests and validate proofs accompanying the data; these typically contain digital signatures. This…
A key challenge for mobile network operators in 6G is to bring together and orchestrate a variety of new emerging players of today's mobile ecosystems in order to provide economically viable and seamless mobile connectivity in form of a…
The digital identity problem is a complex one in large part because it involves personal data, the algorithms which compute reputations on the data and the management of the identifiers that are linked to personal data. The reality of today…
This thesis addresses the problem of providing trusted individuals with confidential information about other individuals, in particular, granting access to databases of personal records using the World-Wide Web. It proposes an access rights…
Verifying user attributes to provide fine-grained access control to databases is fundamental to an attribute-based authentication system. In such systems, either a single (central) authority verifies all attributes, or multiple independent…
Decentralized Internet is booming. People are fascinated by its promise that users can truly own their data. However, in a decentralized Internet, completing a task usually involves multiple nodes with mutual distrust. Such distrust might…
This paper attempts to accurately model security requirements for computational grid environments with particular focus on authentication. We introduce the Audited Credential Delegation (ACD) architecture as a solution to some of the…
In this tutorial, we present an authorization model for distributed systems that operate with limited internet connectivity. Reliable internet access remains a luxury for a majority of the world's population. Even for those who can afford…