Proceedings of the 3rd International Conference on Cryptography, Security and Privacy最新文献

筛选

英文中文

Multiway analysis for face recognition 人脸识别的多向分析

Proceedings of the 3rd International Conference on Cryptography, Security and Privacy Pub Date : 2019-01-19 DOI: 10.1145/3309074.3309111

Suriani Ab Rahman, Marcella Peter, Jacey-Lynn Minoi, Hamimah Ujir

引用次数: 0

Trust-based identity sharing for token grants 用于令牌授予的基于信任的身份共享

Proceedings of the 3rd International Conference on Cryptography, Security and Privacy Pub Date : 2018-07-29 DOI: 10.1145/3309074.3309078

Kavindu Dodanduwa, I. Kaluthanthri

{"title":"Trust-based identity sharing for token grants","authors":"Kavindu Dodanduwa, I. Kaluthanthri","doi":"10.1145/3309074.3309078","DOIUrl":"https://doi.org/10.1145/3309074.3309078","url":null,"abstract":"Authentication and authorization are two key elements of a software application. In modern day, OAuth 2.0 framework and OpenID Connect protocol are widely adopted standards fulfilling these requirements. These protocols are implemented into authorization servers. It is common to call these authorization servers as identity servers or identity providers since they hold user identity information. Applications registered to an identity provider can use OpenID Connect to retrieve ID token for authentication. Access token obtained along with ID token allows the application to consume OAuth 2.0 protected resources. In this approach, the client application is bound to a single identity provider. If the client needs to consume a protected resource from a different domain, which only accepts tokens of a defined identity provider, then the client must again follow OpenID Connect protocol to obtain new tokens. This requires user identity details to be stored in the second identity provider as well. This paper proposes an extension to OpenID Connect protocol to overcome this issue. It proposes a client-centric mechanism to exchange identity information as token grants against a trusted identity provider. Once a grant is accepted, resulting token response contains an access token, which is good enough to access protected resources from token issuing identity provider's domain.","PeriodicalId":430283,"journal":{"name":"Proceedings of the 3rd International Conference on Cryptography, Security and Privacy","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114726447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

Proceedings of the 3rd International Conference on Cryptography, Security and Privacy 第三届密码学、安全与隐私国际会议论文集

Proceedings of the 3rd International Conference on Cryptography, Security and Privacy Pub Date : 1900-01-01 DOI: 10.1145/3309074

引用次数: 0

首页上一页