Delegated authorization protocols have become wide-spread to implement Web applications and services, where some popular providers managing people identity information and personal data allow their users to delegate third party Web services to access their data. In this paper, we analyze the risks related to untrusted providers not behaving correctly, and we solve this problem by proposing the first verifiable delegated authorization protocol that allows third party services to verify the correctness of users data returned by the provider. The contribution of the paper is twofold: we show how delegated authorization can be cryptographically enforced through authenticated data structures protocols, we extend the standard OAuth2 protocol by supporting efficient and verifiable delegated authorization including database updates and privileges revocation.

Verifiable Delegated Authorization for User-Centric Architectures and an OAuth2 Implementation / Ferretti, Luca; Marchetti, Mirco; Colajanni, Michele. - 2:(2017), pp. 718-723. (Intervento presentato al convegno 41st IEEE Annual Computer Software and Applications Conference Workshops, COMPSAC 2017 tenutosi a ita nel 2017) [10.1109/COMPSAC.2017.260].

Verifiable Delegated Authorization for User-Centric Architectures and an OAuth2 Implementation

Ferretti, Luca;Marchetti, Mirco
;
Colajanni, Michele
2017

Abstract

Delegated authorization protocols have become wide-spread to implement Web applications and services, where some popular providers managing people identity information and personal data allow their users to delegate third party Web services to access their data. In this paper, we analyze the risks related to untrusted providers not behaving correctly, and we solve this problem by proposing the first verifiable delegated authorization protocol that allows third party services to verify the correctness of users data returned by the provider. The contribution of the paper is twofold: we show how delegated authorization can be cryptographically enforced through authenticated data structures protocols, we extend the standard OAuth2 protocol by supporting efficient and verifiable delegated authorization including database updates and privileges revocation.
2017
41st IEEE Annual Computer Software and Applications Conference Workshops, COMPSAC 2017
ita
2017
2
718
723
Ferretti, Luca; Marchetti, Mirco; Colajanni, Michele
Verifiable Delegated Authorization for User-Centric Architectures and an OAuth2 Implementation / Ferretti, Luca; Marchetti, Mirco; Colajanni, Michele. - 2:(2017), pp. 718-723. (Intervento presentato al convegno 41st IEEE Annual Computer Software and Applications Conference Workshops, COMPSAC 2017 tenutosi a ita nel 2017) [10.1109/COMPSAC.2017.260].
File in questo prodotto:
File Dimensione Formato  
main.pdf

Open access

Descrizione: Articolo principale
Tipologia: Versione dell'autore revisionata e accettata per la pubblicazione
Dimensione 1.65 MB
Formato Adobe PDF
1.65 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Licenza Creative Commons
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11380/1149171
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 2
social impact