Busca avançada
Ano de início
Entree


DVID: Adding Delegated Authentication to SPIFFE Trusted Domains

Texto completo
Autor(es):
Jessup, Andrew ; Cochak, Henrique Z. ; Koslovski, Guilherme P. ; Pillon, Mauricio A. ; Miers, Charles C. ; Correia, Pedro H. B. ; Marques, Marco A. ; Simplicio, Marcos A., Jr.
Número total de Autores: 8
Tipo de documento: Artigo Científico
Fonte: ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 4, AINA 2024; v. 202, p. 12-pg., 2024-01-01.
Resumo

One of the challenges of cloud computing is ensuring secure access to data and resources. Identity Management Systems (IMS), which enable organizations to handle user identities, authentication, and authorization, are commonly employed for tackling this issue. Whilst OAuth 2.0, SAML, and OpenID Connect are typically used in web applications, the Secure Production Identity Framework for Everyone (SPIFFE) is today among one of the many open source IMS for cloud environments. The reason is that SPIFFE provides a secure and standardized attestation framework for authenticating cloud workloads from the moment they are instantiated. Our work extends SPIFFE's capabilities, allowing the identification not only of the workload making a request, but also of the user behind that request. For this purpose, we design a new credential called Delegated Assertion SVID (DVID), describe a proof-of-concept implementation, and benchmark some baseline scenarios. (AU)

Processo FAPESP: 20/09850-0 - Centro de Pesquisa Aplicada em Inteligência Artificial: impulsionando a transformação das indústrias rumo ao padrão 5.0
Beneficiário:Jefferson de Oliveira Gomes
Modalidade de apoio: Auxílio à Pesquisa - Programa Centros de Pesquisa em Engenharia