Related papers: Trust-Based Identity Sharing For Token Grants
In recent times, a necessity has been raised in order to distribute computing applications often across grids. These applications are dependent on the services like data transfer or data portal services as well as submission of jobs.…
AI-assisted developer services are increasingly embedded in modern IDEs, yet enterprises must ensure these tools operate within existing identity, access control, and governance requirements. The Model Context Protocol (MCP) enables AI…
In this work, we leverage advances in decentralized identifiers and permissioned blockchains to build a flexible user authentication and authorization mechanism that offers enhanced privacy, achieves fast revocation, and supports…
APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…
Many millions of users routinely use their Google, Facebook and Microsoft accounts to log in to websites supporting OAuth 2.0 and/or OpenID Connect-based single sign on. The security of OAuth 2.0 and OpenID Connect is therefore of critical…
We propose a capability-based access control method that leverages OAuth 2.0 and Verifiable Credentials (VCs) to share resources in crowdsourced drone services. VCs securely encode claims about entities, offering flexibility. However,…
Web-based single sign-on (SSO) services such as Google Sign-In and Log In with Paypal are based on the OpenID Connect protocol. This protocol enables so-called relying parties to delegate user authentication to so-called identity providers.…
As IoT becomes omnipresent vast amounts of data are generated, which can be used for building innovative applications. However,interoperability issues and security concerns, prevent harvesting the full potentials of these data. In this…
Current architectures to validate, certify, and manage identity are based on centralised, top-down approaches that rely on trusted authorities and third-party operators. We approach the problem of digital identity starting from a human…
Millions of users routinely use Google to log in to websites supporting OAuth 2.0 or OpenID Connect; the security of OAuth 2.0 and OpenID Connect is therefore of critical importance. As revealed in previous studies, in practice RPs often…
The development of services and the growing demand for resources sharing among users from different organizations with some level of affinity have motivated the creation of Identity Management Systems. Identity Management has gained…
The rapid growth of the Internet of Things (IoT), cloud computing, Fog computing, mobile edge computing and wireless grids has resulted in the widespread deployment of relatively immature technology. These technologies, which will primarily…
Authentication and authorization of a user's identity are generally done by the service providers or identity providers. However, these centralized systems limit the user's control of their own identity and are prone to massive data leaks…
Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication…
"Distributed Identity" refers to the transition from centralized identity systems using Decentralized Identifiers (DID) and Verifiable Credentials (VC) for secure and privacy-preserving authentications. With distributed identity, control of…
Identity and access management (I&AM) is the umbrella term for managing users and their permissions. It is required for users to access different services. These services can either be provided from their home organization, like a company…
This paper presents an architecture of a Personal Information Management System, in which individuals can define the access to their personal data by means of smart contracts. These smart contracts, running on the Ethereum blockchain,…
The usage of different technologies and smart devices helps people to get medical services remotely for multiple benefits. Thus, critical and sensitive data is exchanged between a user and a doctor. When health data is transmitted over a…
Most OAuth service providers, such as Google and Microsoft, offer only a limited range of coarse-grained data access. As a result, third-party OAuth applications often end up accessing more user data than necessary, even if their developers…
Password-authenticated identities, where users establish username-password pairs with individual servers and use them later on for authentication, is the most widespread user authentication method over the Internet. Although they are…