English
Related papers

Related papers: Trust-Based Identity Sharing For Token Grants

200 papers

OAuth 2.0 is a framework for authorization. Being a framework, OAuth 2.0 allows extensions to build on top of it. OpenID Connect is one such extension which adds authentication layer using identity details. OAuth 2.0 define several roles…

Cryptography and Security · Computer Science 2018-11-26 Kavindu Dodanduwa , Ishara Kaluthanthri

OAuth 2.0 is the industry-standard protocol for authorization. It facilitates secure service provisioning, as well as secure interoperability among diverse stakeholders. All OAuth 2.0 protocol flows result in the creation of an access…

Cryptography and Security · Computer Science 2020-01-29 Nikos Fotiou , Iakovos Pittaras , Vasilios A. Siris , Spyros Voulgaris , George C. Polyzos

The immense shift to cloud computing has brought changes in security and privacy requirements, impacting critical Identity Management services. Currently, many IdM systems and solutions are accessible as cloud services, delivering identity…

Cryptography and Security · Computer Science 2024-10-30 Ivana Kovacevic , Tamara Rankovic , Milan Stojkov , Milos Simic

The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were…

Cryptography and Security · Computer Science 2019-01-31 Daniel Fett , Ralf Kuesters , Guido Schmitz

OAuth is the new de facto standard for delegating authorization in the web. An important limitation of OAuth is the fact that it was designed for authorization and not for authentication. The usage of OAuth for authentication thus leads to…

Cryptography and Security · Computer Science 2016-01-08 Vladislav Mladenov , Christian Mainka , Jörg Schwenk

OpenID Connect (OIDC) is a widely used authentication standard for the Web. In this work, we define a new Identity Certification Token (ICT) for OIDC. An ICT can be thought of as a JSON-based, short-lived user certificate for end-to-end…

Cryptography and Security · Computer Science 2024-06-13 Jonas Primbs , Michael Menth

Authentication and authorization are two tightly coupled and interrelated concepts which are used to keep transactions secure and help in protecting confidential information. This paper proposes to evaluate the current techniques used for…

Cryptography and Security · Computer Science 2011-04-22 K. Lakshmi Madhuri , T. R. Gopalakrishnan Nair

OAuth 2.0 is a popular authorization framework that allows third-party clients such as websites and mobile apps to request limited access to a user's account on another application. The specification classifies clients into different types…

Cryptography and Security · Computer Science 2023-08-03 Jaimandeep Singh , Naveen Kumar Chaudhary

Many millions of users routinely use their Google accounts to log in to relying party (RP) websites supporting the Google OpenID Connect service. OpenID Connect, a newly standardised single-sign-on protocol, builds an identity layer on top…

Cryptography and Security · Computer Science 2015-08-10 Wanpeng Li , Chris J Mitchell

Authentication with username and password is becoming an inconvenient process for the user. End users typically have little control over their personal privacy, and data breaches effecting millions of users have already happened several…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-06-09 Zoltán András Lux , Dirk Thatmann , Sebastian Zickau , Felix Beierle

OpenID Connect for Agents (OIDC-A) 1.0 is an extension to OpenID Connect Core 1.0 that provides a comprehensive framework for representing, authenticating, and authorizing LLM-based agents within the OAuth 2.0 ecosystem. As autonomous AI…

Networking and Internet Architecture · Computer Science 2025-10-01 Subramanya Nagabhushanaradhya

We present models for utilizing blockchain and smart contract technology with the widely used OAuth 2.0 open authorization framework to provide delegated authorization for constrained IoT devices. The models involve different tradeoffs in…

Cryptography and Security · Computer Science 2019-05-07 Vasilios A. Siris , Dimitrios Dimopoulos , Nikos Fotiou , Spyros Voulgaris , George C. Polyzos

Self-Sovereign Identity (SSI), as a new and promising identity management paradigm, needs mechanisms that can ease a gradual transition of existing services and developers towards it. Systems that bridge the gap between SSI and established…

Cryptography and Security · Computer Science 2024-01-19 Felix Hoops , Florian Matthes

Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical…

Cryptography and Security · Computer Science 2014-09-10 Thomas Nyman , Jan-Erik Ekberg , N. Asokan

Controlled sharing is fundamental to distributed systems. We consider a capability-based distributed authorization system where a client receives capabilities (access tokens) from an authorization server to access the resources of resource…

Cryptography and Security · Computer Science 2022-11-10 Adrian Shuai Li , Reihaneh Safavi-Naini , Philip W. L. Fong

We propose a capability-based access control technique for sharing Web resources, based on Verifiable Credentials (VCs) and OAuth 2.0. VCs are a secure means for expressing claims about a subject. Although VCs are ideal for encoding…

Cryptography and Security · Computer Science 2021-04-30 Nikos Fotiou , Vasilios A. Siris , George C. Polyzos

Internet of Things (IoT) have gained popularity in recent times. With an increase in the number of IoT devices, security and privacy vulnerabilities are also increasing. For sensitive domains like healthcare and industrial sectors, such…

Cryptography and Security · Computer Science 2023-12-27 Sai Sreekar Vankayalapati , Srijanee Mookherji , Vanga Odelu

The rapid rise of AI agents presents urgent challenges in authentication, authorization, and identity management. Current agent-centric protocols (like MCP) highlight the demand for clarified best practices in authentication and…

Web3's decentralised infrastructure has upended the standardised approach to digital identity established by protocols like OpenID Connect. Web2 and Web3 currently operate in silos, with Web2 leveraging selective disclosure JSON web tokens…

Cryptography and Security · Computer Science 2025-01-24 Ben Biedermann , Matthew Scerri , Victoria Kozlova , Joshua Ellul

Identity verification in Data Spaces is a fundamental aspect of ensuring security and privacy in digital environments. This paper presents an identity verification protocol tailored for shared data environments within Data Spaces. This…

Cryptography and Security · Computer Science 2025-09-04 Rodrigo Menéndez , Andres Munoz-Arcentales , Joaquín Salvachúa , Carlos Aparicio , Irene Plaza , Gabriel Huecas
‹ Prev 1 2 3 10 Next ›