A Model for Signatories in Cyber-Physical Systems

Sudarsan, Sreelakshmi Vattaparambil; Schelén, Olov; Bodin, Ulf

doi:10.1109/etfa46521.2020.9212081

Cited by 4 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…PoA-based authorization [8] is an authorization technique used to authorize devices to access protected resources on behalf of the principal, without requiring the principal to be online. The PoA model in its base form is completely decentralized (like for example Pretty Good Privacy (PGP)), where the user subgrants their power in the form of a selfcontained PoA that contains public information such as public keys and a specific set of permissions for a predefined time.…”

Section: A Power Of Attorney Based Authorizationmentioning

confidence: 99%

See 1 more Smart Citation

Multilevel Subgranting by Power of Attorney and OAuth Authorization Server in Cyber–Physical Systems

Sudarsan

Schelén

Bodin

2023

IEEE Internet Things J.

View full text Add to dashboard Cite

Many Cyber-Physical Systems are today semiautonomous and powerful enough to perform advanced tasks on their own. This means they can also act as representatives of people or devices that have given them an order.However, traditional access control policies and delegation models do not meet industrial requirements such as support for letting autonomous CPS devices act on their own with certified credentials under the sub authorization by subcontractors, without the need for a separate account per device.In this paper, we analyze and compare power of attorney, proxy signature by warrant, and OAuth to identify the strengths and challenges of each. Based on the comparison, we propose an OAuth grant type based on the power of attorney and inspired by the concept of proxy signature by warrant. Power of Attorney is a generic and self-contained document that a principal signs and directs to an agent, thereby providing it the power to execute actions on behalf of the principal for a predefined time, even if it is offline. One key advantage of the power of attorney is that it can support effective sub-granting on several levels to support industrial scenarios where resource owners bring in authorized contractors that can in their turn authorize and bring in several devices without incurring management overhead to the resource owner. A proof-of-concept and performance evaluation of the proposed model is presented using an industrial use-case scenario with multi-level authorization.

show abstract

Section: A Power Of Attorney Based Authorizationmentioning

confidence: 99%

“…The scope of this paper is to compare existing delegation models, specifically the Power-of-Attorney (PoA) [8], the proxy signature by warrant [9], and OAuth [6]. The objective is to analyze the trade-offs and propose a solution based on industry standards to facilitate industry uptake.…”

Section: Introductionmentioning

confidence: 99%

Multilevel Subgranting by Power of Attorney and OAuth Authorization Server in Cyber–Physical Systems

Sudarsan

Schelén

Bodin

2023

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

Granting Access Privileges Using OpenID Connect in Permissioned Distributed Ledgers

Kakei¹,

Shiraishi²,

Saito³

2023

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification

2022

View full text Add to dashboard Cite

I also wish to sincerely show my gratefulness and appreciation to Professor Chi Chi-Hung for his guidance and support on identifying problems, finding solutions, and constantly giving me insightful pointers when reviewing my work. It has helped me to grow as an independent researcher.In addition, I would like to also thank the thesis advisory committee members, Professor Wang Huaxiong and Assistant Professor Zhao Jun, for spending the time to review my work and providing me with valuable feedbacks and comments.Last but not least, I must thank my beloved family for their continued supports and understandings to provide me the time and space to accomplish my work.It has not been an easy journey, but with great supports, persistence and consistency, I can fulfill my pursuant of life-long learning. viii To my beloved family You will never know how high you can fly unless you spread your wings.

show abstract

A Model for Signatories in Cyber-Physical Systems

Cited by 4 publications

References 10 publications

Multilevel Subgranting by Power of Attorney and OAuth Authorization Server in Cyber–Physical Systems

Multilevel Subgranting by Power of Attorney and OAuth Authorization Server in Cyber–Physical Systems

Granting Access Privileges Using OpenID Connect in Permissioned Distributed Ledgers

Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification

Contact Info

Product

Resources

About