OAuth 2.0 Authorization using Blockchain-based Tokens

Fotiou, Nikos; Pittaras, Iakovos; Siris, Vasilios A.; Voulgaris, Spyros; Polyzos, George C.

doi:10.14722/diss.2020.23002

Cited by 14 publications

(3 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors in [15] propose a blockchain-based smart contract design and implementation for OAuth 2.0 authorization tokens. The scenario presented by the authors considers clients, authorization servers, resource servers, and resource owners.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Secure Enrollment Token Delivery Mechanism for Zero Trust Networks Using Blockchain

Rivera

Akbar

Khan

et al. 2023

IEICE Trans. Commun.

View full text Add to dashboard Cite

Zero Trust Networking (ZTN) is a security model where no default trust is given to entities in a network infrastructure. The first bastion of security for achieving ZTN is strong identity verification. Several standard methods for assuring a robust identity exist (E.g., OAuth2.0, OpenID Connect). These standards employ JSON Web Tokens (JWT) during the authentication process. However, the use of JWT for One Time Token (OTT) enrollment has a latent security issue. A third party can intercept a JWT, and the payload information can be exposed, revealing the details of the enrollment server. Furthermore, an intercepted JWT could be used for enrollment by an impersonator as long as the JWT remains active. Our proposed mechanism aims to secure the ownership of the OTT by including the JWT as encrypted metadata into a Non-Fungible Token (NFT). The mechanism uses the blockchain Public Key of the intended owner for encrypting the JWT. The blockchain assures the JWT ownership by mapping it to the intended owner's blockchain public address. Our proposed mechanism is applied to an emerging Zero Trust framework (OpenZiti) alongside a permissioned Ethereum blockchain using Hyperledger Besu. The Zero Trust Framework provides enrollment functionality. At the same time, our proposed mechanism based on blockchain and NFT assures the secure distribution of OTTs that is used for the enrollment of identities.

show abstract

Section: Related Workmentioning

confidence: 99%

“…The proposed work in the present manuscript takes the ERC-721 approach of [15] as its basis but applies it to authentication instead of authorization. Our research aims to provide a secure distribution mechanism for enrollment tokens to create a strong identity.…”

Section: Related Workmentioning

confidence: 99%

Secure Enrollment Token Delivery Mechanism for Zero Trust Networks Using Blockchain

Rivera

Akbar

Khan

et al. 2023

IEICE Trans. Commun.

View full text Add to dashboard Cite

show abstract

“…The attack vector always finds ways to intervene in the security protocols. That is where the additional authentication protocols come in handy such as OpenID [ 58 ], Security Assertion Markups Language (SAML 1.1/2), Fast Identity Online (FIDO), or Open Authorization (OAuth) [ 59 , 60 , 61 ]. At the same time, the implementation relies on trusted third-party (TTP) solutions.…”

Section: Iot-enabled Smart Device Authentication Architectures In Sma...mentioning

confidence: 99%

A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions

Khalil

Malik

Uddin

et al. 2022

Sensors

View full text Add to dashboard Cite

Smart devices have become an essential part of the architectures such as the Internet of Things (IoT), Cyber-Physical Systems (CPSs), and Internet of Everything (IoE). In contrast, these architectures constitute a system to realize the concept of smart cities and, ultimately, a smart planet. The adoption of these smart devices expands to different cyber-physical systems in smart city architecture, i.e., smart houses, smart healthcare, smart transportation, smart grid, smart agriculture, etc. The edge of the network connects these smart devices (sensors, aggregators, and actuators) that can operate in the physical environment and collects the data, which is further used to make an informed decision through actuation. Here, the security of these devices is immensely important, specifically from an authentication standpoint, as in the case of unauthenticated/malicious assets, the whole infrastructure would be at stake. We provide an updated review of authentication mechanisms by categorizing centralized and distributed architectures. We discuss the security issues regarding the authentication of these IoT-enabled smart devices. We evaluate and analyze the study of the proposed literature schemes that pose authentication challenges in terms of computational costs, communication overheads, and models applied to attain robustness. Hence, lightweight solutions in managing, maintaining, processing, and storing authentication data of IoT-enabled assets are an urgent need. From an integration perspective, cloud computing has provided strong support. In contrast, decentralized ledger technology, i.e., blockchain, light-weight cryptosystems, and Artificial Intelligence (AI)-based solutions, are the areas with much more to explore. Finally, we discuss the future research challenges, which will eventually help address the ambiguities for improvement.

show abstract

SSH-DAuth: secret sharing based decentralized OAuth using decentralized identifier

Krishna,

Ramaguru,

Praveen

et al. 2023

Sci Rep

View full text Add to dashboard Cite

OAuth2.0 is a Single Sign-On approach that helps to authorize users to log into multiple applications without re-entering the credentials. Here, the OAuth service provider controls the central repository where data is stored, which may lead to third-party fraud and identity theft. To circumvent this problem, we need a distributed framework to authenticate and authorize the user without third-party involvement. This paper proposes a distributed authentication and authorization framework using a secret-sharing mechanism that comprises a blockchain-based decentralized identifier and a private distributed storage via an interplanetary file system. We implemented our proposed framework in Hyperledger Fabric (permissioned blockchain) and Ethereum TestNet (permissionless blockchain). Our performance analysis indicates that secret sharing-based authentication takes negligible time for generation and a combination of shares for verification. Moreover, security analysis shows that our model is robust, end-to-end secure, and compliant with the Universal Composability Framework.

show abstract

OAuth 2.0 Authorization using Blockchain-based Tokens

Cited by 14 publications

References 11 publications

Secure Enrollment Token Delivery Mechanism for Zero Trust Networks Using Blockchain

Secure Enrollment Token Delivery Mechanism for Zero Trust Networks Using Blockchain

A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions

SSH-DAuth: secret sharing based decentralized OAuth using decentralized identifier

Contact Info

Product

Resources

About