Related papers: $OIDC^2$: Open Identity Certification with OpenID …
Authentication and authorization are two key elements of a software application. In modern day, OAuth 2.0 framework and OpenID Connect protocol are widely adopted standards fulfilling these requirements. These protocols are implemented into…
Many millions of users routinely use their Google accounts to log in to relying party (RP) websites supporting the Google OpenID Connect service. OpenID Connect, a newly standardised single-sign-on protocol, builds an identity layer on top…
OpenID Connect for Agents (OIDC-A) 1.0 is an extension to OpenID Connect Core 1.0 that provides a comprehensive framework for representing, authenticating, and authorizing LLM-based agents within the OAuth 2.0 ecosystem. As autonomous AI…
OAuth is the new de facto standard for delegating authorization in the web. An important limitation of OAuth is the fact that it was designed for authorization and not for authentication. The usage of OAuth for authentication thus leads to…
OpenID Connect (OIDC) enables a user with commercial-off-the-shelf browsers to log into multiple websites, called relying parties (RPs), by her username and credential set up in another trusted web system, called the identity provider…
The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were…
Web-based single sign-on (SSO) services such as Google Sign-In and Log In with Paypal are based on the OpenID Connect protocol. This protocol enables so-called relying parties to delegate user authentication to so-called identity providers.…
Web authentication is a critical component of today's Internet and the digital world we interact with. The FIDO2 protocol enables users to leverage common devices to easily authenticate to online services in both mobile and desktop…
AI-assisted developer services are increasingly embedded in modern IDEs, yet enterprises must ensure these tools operate within existing identity, access control, and governance requirements. The Model Context Protocol (MCP) enables AI…
Self-Sovereign Identity (SSI), as a new and promising identity management paradigm, needs mechanisms that can ease a gradual transition of existing services and developers towards it. Systems that bridge the gap between SSI and established…
Millions of users routinely use Google to log in to websites supporting OAuth 2.0 or OpenID Connect; the security of OAuth 2.0 and OpenID Connect is therefore of critical importance. As revealed in previous studies, in practice RPs often…
Web3's decentralised infrastructure has upended the standardised approach to digital identity established by protocols like OpenID Connect. Web2 and Web3 currently operate in silos, with Web2 leveraging selective disclosure JSON web tokens…
Today, Internet of Things (IoT) technology is being increasingly popular which is applied in a wide range of industry sectors such as healthcare, transportation and some critical infrastructures. With the widespread applications of IoT…
Internet of Things (IoT) is a distributed communication technology system that offers the possibility for physical devices (e.g. vehicles home appliances sensors actuators etc.) known as Things to connect and exchange data more importantly…
Continuous Authentication (CA) has been proposed as a potential solution to counter complex cybersecurity attacks that exploit conventional static authentication mechanisms that authenticate users only at an ingress point. However, widely…
OAuth 2.0 is the industry-standard protocol for authorization. It facilitates secure service provisioning, as well as secure interoperability among diverse stakeholders. All OAuth 2.0 protocol flows result in the creation of an access…
Self-Sovereign Identity (SSI) enables user-controlled, cryptographically verifiable credentials. As EU regulations mandate EUDI Wallet acceptance by 2027, SSI adoption becomes a compliance necessity. However, each SSI Verifier exposes…
The rapid growth of the Internet of Things (IoT), cloud computing, Fog computing, mobile edge computing and wireless grids has resulted in the widespread deployment of relatively immature technology. These technologies, which will primarily…
OAuth 2.0 is a framework for authorization. Being a framework, OAuth 2.0 allows extensions to build on top of it. OpenID Connect is one such extension which adds authentication layer using identity details. OAuth 2.0 define several roles…
We propose a capability-based access control technique for sharing Web resources, based on Verifiable Credentials (VCs) and OAuth 2.0. VCs are a secure means for expressing claims about a subject. Although VCs are ideal for encoding…