English
Related papers

Related papers: Capability-based access control for multi-tenant s…

200 papers

OpenID Connect (OIDC) is a widely used authentication standard for the Web. In this work, we define a new Identity Certification Token (ICT) for OIDC. An ICT can be thought of as a JSON-based, short-lived user certificate for end-to-end…

Cryptography and Security · Computer Science 2024-06-13 Jonas Primbs , Michael Menth

Low-cost portable devices capable of capturing signature signals are being increasingly used. Additionally, the social and legal acceptance of the written signature for authentication purposes is opening a range of new applications. We…

Cryptography and Security · Computer Science 2023-01-12 Fernando Alonso-Fernandez , Julian Fierrez-Aguilar , Javier Ortega-Garcia , Joaquin Gonzalez-Rodriguez

While many resource-constrained networks, such as Internet of Things (IoT) and Internet of Vehicles (IoV), are inherently distributed, the majority still rely on central servers for fast authentication and data sharing. Blockchain-based…

Cryptography and Security · Computer Science 2026-01-21 Faisal Haque Bappy , Tahrim Hossain , Raiful Hasan , Kamrul Hasan , Mohamed Younis , Tariqul Islam

Authcoin is an alternative approach to the commonly used public key infrastructures such as central authorities and the PGP web of trust. It combines a challenge response-based validation and authentication process for domains,…

Cryptography and Security · Computer Science 2016-09-19 Benjamin Leiding , Clemens H. Cap , Thomas Mundt , Samaneh Rashidibajgan

Automated certificate authorities (CAs) have expanded the reach of public key infrastructure on the web and for software signing. The certificates that these CAs issue attest to proof of control of some digital identity. Some of these…

Cryptography and Security · Computer Science 2023-07-18 Zachary Newman

The User-Managed Access (UMA) extension to OAuth 2.0 is a promising candidate for increasing Digital Trust in personal data ecosystems like Solid. With minor modifications, it can achieve many requirements regarding usage control and…

Cryptography and Security · Computer Science 2025-01-08 Wouter Termont , Ruben Dedecker , Wout Slabbinck , Beatriz Esteves , Ben De Meester , Ruben Verborgh

Many service systems rely on verifiable identity-related information of their users. Manipulation and unwanted exposure of this privacy-relevant information, however, must at the same time be prevented and avoided. Peer-to-peer…

Cryptography and Security · Computer Science 2022-09-21 Jonathan Heiss , Robert Muth , Frank Pallas , Stefan Tai

This paper proposes a decentralized, blockchain-based system for the publication of Common Vulnerabilities and Exposures (CVEs), aiming to mitigate the limitations of the current centralized model primarily overseen by MITRE. The proposed…

Cryptography and Security · Computer Science 2025-05-02 Novruz Amirov , Kemal Bicakci

The goal of this paper is to propose a blockchain-based platform to enhance transparency and traceability of cybersecurity certification information motivated by the recently adopted EU Cybersecurity Act. The proposed platform is generic…

Cryptography and Security · Computer Science 2019-09-17 Ricardo Neisse , José L. Hernández-Ramos , Sara N. Matheu , Gianmarco Baldini , Antonio Skarmeta

Anonymous credentials (ACs) are a crucial cryptographic tool for privacy-preserving authentication in decentralized networks, allowing holders to prove eligibility without revealing their identity. However, a major limitation of standard…

Cryptography and Security · Computer Science 2025-12-24 Bin Xie , Rui Song , Xuyuan Cai

Static, long-lived credentials for workload authentication create untenable security risks that violate Zero-Trust principles. This paper presents a multi-cloud framework using Workload Identity Federation (WIF) and OpenID Connect (OIDC)…

Cryptography and Security · Computer Science 2025-10-21 Saurabh Deochake , Ryan Murphy , Jeremiah Gearheart

Along with the classical problem of managing multiple identities, actions, devices, APIs etc. in different businesses, there has been an escalating need for having the capability of flexible attribute based access control~(ABAC) mechanisms.…

Cryptography and Security · Computer Science 2018-04-18 Baiyu Liu , Abhinav Palia , Shan-Ho Yang

With the large-scale deployment of industrial internet of things (IIoT) devices, the number of vulnerabilities that threaten IIoT security is also growing dramatically, including a mass of undisclosed IIoT vulnerabilities that lack…

Cryptography and Security · Computer Science 2022-05-11 Wenbo Zhang , Jing Zhang , Yifei Shi , Jingyu Feng

This paper introduces a novel blockchain-enabled authentication and communications network for scalable Internet of Vehicles, which aims to bolster security and confidentiality, diminish communications latency, and reduce dependence on…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-15 Qi Shi , Jingyi Sun , Hanwei Fu , Peizhe Fu , Jiayuan Ma , Hao Xu , Erwu Liu

Authentication and authorization are two tightly coupled and interrelated concepts which are used to keep transactions secure and help in protecting confidential information. This paper proposes to evaluate the current techniques used for…

Cryptography and Security · Computer Science 2011-04-22 K. Lakshmi Madhuri , T. R. Gopalakrishnan Nair

Unauthorized resource access represents a typical security threat in the Internet of things (IoT), while distributed ledger technologies (e.g., blockchain and IOTA) hold great promise to address this threat. Although blockchain-based IoT…

Cryptography and Security · Computer Science 2021-03-09 Ruka Nakanishi , Yuanyu Zhang , Masahiro Sasabe , Shoji Kasahara

The immense shift to cloud computing has brought changes in security and privacy requirements, impacting critical Identity Management services. Currently, many IdM systems and solutions are accessible as cloud services, delivering identity…

Cryptography and Security · Computer Science 2024-10-30 Ivana Kovacevic , Tamara Rankovic , Milan Stojkov , Milos Simic

The object-capability model is a security measure that consists in encoding access rights in individual objects to restrict its interactions with other objects. Since its introduction in 2013, different approaches to object-capability have…

Software Engineering · Computer Science 2019-07-19 Jörn Koepe

Authorization currently introduces partial centralization in otherwise distributed network architectures, such as ICN approaches. Analyzing existing work in (partially) distributed authentication and authorization, and rearranging proven…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-08-09 Jens Finkhäuser

VANET security introduces significant processing overhead for resource-constrained On-Board Units (OBUs). Here, we propose a novel scheme that allows secure Vehicular Communication (VC) systems to scale well beyond network densities for…

Cryptography and Security · Computer Science 2020-01-20 Hongyu Jin , Panos Papadimitratos