CN109918942B - Decentralized identifier management system based on ether house block chain - Google Patents
Decentralized identifier management system based on ether house block chain Download PDFInfo
- Publication number
- CN109918942B CN109918942B CN201910132811.XA CN201910132811A CN109918942B CN 109918942 B CN109918942 B CN 109918942B CN 201910132811 A CN201910132811 A CN 201910132811A CN 109918942 B CN109918942 B CN 109918942B
- Authority
- CN
- China
- Prior art keywords
- decentralized identifier
- decentralized
- user
- contract
- intelligent contract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a decentralized identifier management system based on an Ethernet bay block chain, which comprises an intelligent contract on the Ethernet bay block chain and a decentralized identifier document analysis module under the block chain, the expression form of the distributed identifiers is designated in the intelligent contract, the attribute analysis function of the decentralized identifiers is realized through the decentralized identifier document analysis module, a user can use a public key which is independently used by the intelligent contract in a public mode to realize key rotation and management, a third-party service provider website and other users can verify the authenticity of a digital signature of the user under a block chain by inquiring data in the decentralized identifier document to determine the identity of the user, and an entity can freely use any shared trust root to manage the decentralized identifiers of the user, so that the centralized authority and single point failure do not exist, and the information management safety and privacy are high.
Description
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a decentralized identifier management system based on an Ether house block chain.
Background
The digital identity refers to a public key which can concentrate real identity information into digital codes and can be inquired and identified through a network, related equipment and the like, with the continuous expansion of the application field of the internet, the potential safety hazard of network information is increasingly serious, identity authentication is used as a technical method for determining user resource access and use permission, and has important significance for ensuring the safety of a system and data and preventing hackers from stealing legal user information, the identity authentication technology is gradually becoming an important gateway for ensuring the network safety, a traditional centralized identity identifier management system is based on centralized permissions, such as a company directory service organization, a certificate issuing organization or a domain name registration organization, from the perspective of encryption trust verification, each of the centralized permissions is the authority trust root of an entity, and the dependency on the centralized certificate issuing organization (a hierarchical PKI standard mode) of the centralized registration organization or key management exists, single point of failure is easy to occur, and the information management safety and privacy are poor.
Disclosure of Invention
Therefore, the embodiment of the invention provides a decentralized identifier management system based on an Ethernet bay block chain, which is used for solving the problems that in the prior art, a single point fault is easy to occur and the information management security and privacy are poor due to the fact that the existing centralized identifier management system is based on centralized authority.
In order to achieve the above object, the embodiments of the present invention provide the following technical solutions: a decentralized identifier management system based on an Ethernet bay blockchain comprises intelligent contracts on the Ethernet bay blockchain and a decentralized identifier document analysis module under the blockchain, wherein the intelligent contracts comprise decentralized identifier ownership contracts, key rotation and management contracts and decentralized identifier related attribute contracts;
the decentralized identifier ownership contract is for agreeing on all parties to the decentralized identifier by binding an Etherhouse address in the decentralized identifier;
the key rotation and management contract is used for realizing the rotation and management of a public key which is autonomously recorded in an intelligent contract by a user and is associated with the decentralized identifier, and the key rotation and management contract is realized by sending an Etherhouse transaction to the Etherhouse by the user by using the Etherhouse addresses of all parties of the decentralized identifier and calling a corresponding intelligent contract interface;
the identifier-related attribute contract is used for storing attribute information which is autonomously recorded in an intelligent contract by a user and is related to the decentralized identifier;
the decentralized identifier document analysis module is used for reading data recorded in the intelligent contract and converting the data into a decentralized identifier document which can be read by a third party or other users.
Furthermore, the system also comprises an Etherhouse interaction module;
the Ethernet shop interaction module is used for providing a necessary intelligent contract interaction interface to realize the interaction between the user and the intelligent contract.
Further, the decentralized identifier document parsing module reads data of the portions through smart contract events corresponding to the decentralized identifier ownership contract, the key rotation and management contract, and the decentralized identifier related property contract, respectively.
Further, the decentralized identifier document is in a json data format.
Further, the decentralized identifier document comprises a version of the decentralized identifier standard specification, decentralized identifier content, a public key json array, a user-defined service endpoint and customized special field information.
Further, the attribute information includes user-defined service endpoint information and entity attribute information.
Further, the public key supports data formats such as hexadecimal character strings, base64 character strings or pems.
The embodiment of the invention has the following advantages:
the decentralized identifier management system based on the Ether house block chain provided by the embodiment of the invention comprises an intelligent contract on the Ether house block chain and a decentralized identifier document analysis module under the block chain, the expression form of the distributed identifiers is designated in the intelligent contract, the attribute analysis function of the decentralized identifiers is realized through the decentralized identifier document analysis module, a user can use a public key which is independently used by the intelligent contract in a public mode to realize key rotation and management, a third-party service provider website and other users can verify the authenticity of a digital signature of the user under a block chain by inquiring data in the decentralized identifier document to determine the identity of the user, and an entity can freely use any shared trust root to manage the decentralized identifiers of the user, so that the centralized authority and single point failure do not exist, and the information management safety and privacy are high.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary, and that other embodiments can be derived from the drawings provided by those of ordinary skill in the art without inventive effort.
The structures, ratios, sizes, and the like shown in the present specification are only used for matching with the contents disclosed in the specification, so as to be understood and read by those skilled in the art, and are not used to limit the conditions that the present invention can be implemented, so that the present invention has no technical significance, and any structural modifications, changes in the ratio relationship, or adjustments of the sizes, without affecting the effects and the achievable by the present invention, should still fall within the range that the technical contents disclosed in the present invention can cover.
Fig. 1 is a schematic diagram of a logical architecture of a decentralized identifier management system based on an ethernet block chain according to embodiment 1 of the present invention.
Detailed Description
The present invention is described in terms of particular embodiments, other advantages and features of the invention will become apparent to those skilled in the art from the following disclosure, and it is to be understood that the described embodiments are merely exemplary of the invention and that it is not intended to limit the invention to the particular embodiments disclosed. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
Decentralized Identifiers (DIDs) are a new type of verifiable digital identity identifier with "autonomy" as an authentication data structure for Decentralized authentication, the specification of methods that can define people, things, and organizations, decentralized identifiers was created by the world wide web consortium (W3C), the advent of blockchain technology provides opportunities for implementing decentralized identity management, in decentralized identifiers, all identity information shares trust nodes in the form of distributed ledgers, each decentralized identifier is cryptographically protected by the identity owner's private key, which is recognized as an important layer of security that can redefine the absence in internet protocols, namely, the identity layer, the traditional identity authentication management system is centralized, and the decentralized identifier is completely independent of a centralized management center, a third-party authentication service and a certificate authority.
Decentralized identifiers DIDs are fully subject controlled by DIDs, independent of any central registration authority, identity provider or certificate authority. The system design for decentralized identifiers should eliminate the dependency on the hierarchical PKI (public key infrastructure) standard model of centralized registrars and centralized certificate authorities for key management, and since DIDs reside on distributed accounts, each entity can act as its own root of authority trust-an architecture known as DPKI (decentralized PKI).
DIDs are UR L (Uniform resource identifier) that associates DIDs topics with trusted interaction endpoints, which are parsed into DIDs documents, which are simple documents that describe how to use the particular DIDs, each DIDs document containing at least three components, cryptographic material, an authentication suite and a service endpoint, the cryptographic material in combination with the authentication suite providing a set of mechanisms (e.g., public keys, anonymous biometric protocols, etc.) for authentication as DIDs topics, the service endpoint supporting trusted interaction with DIDs topics.
With the increasing demand for decentralized identifiers, two specific requirements are created for a new type UR L that still fits the Web architecture, and there are some additional requirements, namely a more traditional UR L (such as the HTTP-based UR L) does not:
1. most of the existing URs L are based on DNS names or IP addresses that rely on centralized authorizations for registration and ultimate control, and new types of UR L should not require centralized rights to register, resolve, update or revoke identifiers, and it should be possible to create and manage DIDs without any such rights.
2. UR L, whose ownership and associated metadata (including public keys) can be cryptographically verified, is authenticated by DIDs and DIDs documents using the same public/private key cryptography techniques as distributed ledgers.
Etherhouses (Ethereum) is an open-source, common blockchain platform with intelligent contract functionality, which is a computer protocol intended to propagate, validate or execute contracts in an informative manner, allowing trusted transactions to be conducted without third parties, which transactions are traceable and irreversible.
An embodiment of the present invention provides a decentralized identifier management system based on an ethernet bay blockchain, as shown in fig. 1, the system includes an intelligent contract on the ethernet bay blockchain, and a decentralized identifier document parsing module under the blockchain, where the intelligent contract includes a decentralized identifier ownership (owener) contract, a key rotation and management (public keys) contract, and a decentralized identifier correlation attribute (attribute) contract.
The decentralized identifier ownership contract is used to contract all parties to a decentralized identifier by binding the EtherFang address in the decentralized identifier. The private key of the Etherhouse is randomly generated through a specp256k1 elliptic curve algorithm, the public key can be obtained through the private key, and the Etherhouse address is a derivative of the public key. In the asymmetric encryption technology, the encryption of information is carried out by using a public key and the decryption is carried out by using a private key, so that the safety of the information is ensured; the digital signature is to encrypt and generate a signature by a private key and decrypt and verify the signature by a public key to ensure the attribute of the digital signature, and the signature has non-repudiation.
Specifically, the decentralized identifier adopts a data format of a fixed prefix "DIDs: idhub" plus a Taifang address, in this embodiment, each user entity can have as many DIDs as necessary to respect the identity desired by the entity, so as to realize the separation of the character role and the background, each decentralized identifier can designate an Etfang address as an owner of the decentralized identifier, and the owner has a unique right to modify the data corresponding to the centralized identifier in the three parts of the intelligent contract.
The key rotation and management contract is used for realizing the rotation and management of the public key which is autonomously recorded in the intelligent contract by the user and is associated with the decentralized identifier, and the key rotation and management contract is realized by sending an Ethernet shop transaction to the Ethernet shop by the user by using the Ethernet shop address of all parties of the decentralized identifier to call an intelligent contract interface to call the intelligent contract. The public key supports data formats such as hexadecimal character strings, base64 character strings or pem.
The decentralized identifier document analysis module is used for reading data recorded in the intelligent contract and converting the data into a decentralized identifier document which can be read by a third party or other users.
The decentralized identifier document is in a readable json data format. The decentralized identifier document comprises a version of the decentralized identifier standard specification, decentralized identifier content, a public key json array, a user-defined service endpoint and customized special field information.
Specifically, the decentralized identifier document mainly comprises the following fields:
1. context: "@ Context" represents the version of the decentralized identifier standard specification;
2. subject: "id" denotes decentralized identifier content, default "DIDs: idhub: EthereumAddressExampe";
3. public keys "pubic key" represents a json array of public keys that contain all users' own records in the intelligent contract for decentralized identifiers for key rotation and management, and third parties or other users can verify user signature data through the contents of this field. The format of a single element of the public key json array is exemplified as follows, the public key format defaults to "publicKeyHex":
4. service represents data recorded in an intelligent contract 'Attribute' field by a user, and particularly refers to a service endpoint required by the user for data processing under the block downlink. For example, the general format is as follows:
5. customizing the special field information: the user may customize the special fields to handle the customized data recorded within the decentralized identity compliance session.
Wherein the decentralized identifier document parsing module reads data of each portion via smart contract events corresponding to the decentralized identifier ownership contract, the key rotation and management contract, and the decentralized identifier related property contract, respectively. Smart contract events are a convenient tool to use the EVM log built-in functions, which in turn can invoke callbacks to snoop events in the DAPP's interface. Events may be inherited in smart contracts, which when invoked will trigger (emit) parameters to be stored in logs of transactions (a special data structure on the blockchain), which are associated with the addresses of the contracts and merged into the blockchain, which will always exist as long as the blocks are accessible.
The identifier-related attribute contract is used for storing attribute information related to the decentralized identifier, which is autonomously recorded in the intelligent contract by the user. The attribute information comprises user-defined service endpoint information and entity attribute information. When applied, all parties to the decentralized identifier may autonomously send the etherhouse transaction binding specific data, such as service endpoints, entity attribute information data, and public keys in other data formats, to the smart contract.
The system also comprises an Ethernet workshop interaction module which is used for providing a necessary intelligent contract interaction interface to realize the interaction of the user and the intelligent contract.
Due to the openness of the blockchain, anyone can query the public key data associated with the decentralized identifier and can prove that the private key is kept by the entity to which the owner of the decentralized identifier corresponds. Due to the characteristics of the block chain and the asymmetric encryption, a user only needs to ensure the safety of the private key.
The embodiment of the invention mainly uses the key alternation and management in the prior art, a user can use an intelligent contract to disclose a public key which is independently used through an Ethernet interactive module, a third-party service provider website and other users can verify the authenticity of a digital signature of the user under a block chain by inquiring data in a decentralized identifier document so as to determine the identity of the user, and the basic process is as follows:
1. the owner of the decentralized identifier defaults to the Ethern address in the decentralized identifier, and optionally, a user can call a changeOwner interface of the intelligent contract to change the owner of the decentralized identifier;
2. the user sends an addPublicKey interface of the EtherFang transaction invoking Intelligent contract using the EtherFang address representing all parties of the decentralized identifier, and after the invocation succeeds, the Intelligent contract adds the following data in a mapping (bytes32 ═ mapping (bytes32 ═ uint))) public PublicKeys' data structure: "publicKeys [ identity ] [ keccak256(publicKeyType) ] [ publicKey ] (now + validity); "to indicate that this public key is valid for the validity expiration time from now on;
3. after the validity period of the public key is recorded, the intelligent contract also adds a special piece of Etherhouse contract data named 'DIDsPublicKeyChanged', namely an Etherhouse intelligent contract EVENT with the data format of 'EVENT', wherein the same data as those in the 'mapping publishing keys' in the step 2 are recorded, and a block link which occurs in the last 'EVENT' is also added;
4. according to the characteristics of an Ethern, searching a block link, where the 'EVENT' is more convenient than a data structure in a contract and the last 'EVENT' occurs, recorded in the 'EVENT', and searching data in the block link according to the principle and checking the identity data of a specific decentralized identifier by a decentralized identifier document analysis module to generate a decentralized identifier document;
5. other users or third parties can obtain the public key which the user wants to use publicly through the decentralized identifier document to verify the digital signature information of the user, or can verify whether the user public key is used correctly by calling an interface of an EtherFang Intelligent contract 'validpublicKey (address identity, bytes32publicKeyType, bytes32 publicKey)'.
The invention realizes the key alternation management function based on the intelligent contract of the Ether house block chain, specifies the expression form of the decentralized identifiers by referring to the cryptology specification used by the Ether house, and codes to realize the attribute analysis function of the decentralized identifiers, and the entity can freely use any shared trust root. The following principles of the DIDs architecture are finally realized:
dividing the right: eliminating the need for centralized authority or single point of failure for identifier management, including registration of globally unique identifiers, public authentication keys, service endpoints and other metadata; the autonomy: providing human and non-human entities with the ability to directly own and control their digital identifiers without relying on external rights; privacy: enabling entities to control the privacy of their information, including the minimal, selective, and progressive disclosure of attributes or other data; safety: providing sufficient security for the relying party to rely on the DIDs document to reach the required level of assurance; evidence basis: enabling an entity to provide encrypted proof of identity and proof of authorization rights; it can be found that: enabling entities to discover the DIDs of other entities for more information about or interaction with these entities; interoperability: using interoperable standards, having existing tools and software libraries that can be designed for interoperability; portability: any system that is system and network independent and enables entities to use their numeric identifiers to support the DIDs and DIDs methods; the method is simple: to achieve these design goals, the DIDs architecture should be "as simple as possible but not simple"; and (3) expandability: extensibility is supported if possible, provided that it does not significantly hinder interoperability, portability or simplicity.
Although the invention has been described in detail above with reference to a general description and specific examples, it will be apparent to one skilled in the art that modifications or improvements may be made thereto based on the invention. Accordingly, such modifications and improvements are intended to be within the scope of the invention as claimed.
Claims (7)
1. A decentralized identifier management system based on an Ethernet bay blockchain is characterized by comprising intelligent contracts on the Ethernet bay blockchain and a decentralized identifier document analysis module under the blockchain, wherein the intelligent contracts comprise decentralized identifier ownership contracts, key rotation and management contracts and decentralized identifier related attribute contracts;
the decentralized identifier ownership contract is for agreeing on all parties to the decentralized identifier by binding an Etherhouse address in the decentralized identifier;
the key rotation and management contract is used for realizing the rotation and management of a public key which is autonomously recorded in an intelligent contract by a user and is associated with the decentralized identifier, and the key rotation and management contract is realized by sending an Etherhouse transaction to the Etherhouse by the user by using the Etherhouse addresses of all parties of the decentralized identifier and calling a corresponding intelligent contract interface;
the identifier-related attribute contract is used for storing attribute information which is autonomously recorded in an intelligent contract by a user and is related to the decentralized identifier;
the decentralized identifier document analysis module is used for reading data recorded in the intelligent contract and converting the data into a decentralized identifier document which can be read by a third party or other users.
2. The ethernet house block chain based decentralized identifier management system according to claim 1, characterized in that said system further comprises an ethernet house interaction module;
the Ethernet shop interaction module is used for providing a necessary intelligent contract interaction interface to realize the interaction between the user and the intelligent contract.
3. The Etherhouse blockchain based decentralized identifier management system according to claim 1,
the decentralized identifier document parsing module reads data of the portions through smart contract events corresponding to the decentralized identifier ownership contracts, the key rotation and management contracts, and the decentralized identifier related property contracts, respectively.
4. The Etherhouse blockchain based decentralized identifier management system according to claim 1,
the decentralized identifier document is in a json data format.
5. The Etherhouse blockchain based decentralized identifier management system according to claim 4,
the decentralized identifier document comprises a version of a decentralized identifier standard specification, decentralized identifier content, a public key json array, a user-defined service endpoint and customized special field information.
6. The Etherhouse blockchain based decentralized identifier management system according to claim 1,
the attribute information comprises user-defined service endpoint information and user entity attribute information.
7. The Etherhouse blockchain based decentralized identifier management system according to claim 1,
the public key supports a hexadecimal string, a base64 string, or a pem data format.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910132811.XA CN109918942B (en) | 2019-02-21 | 2019-02-21 | Decentralized identifier management system based on ether house block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910132811.XA CN109918942B (en) | 2019-02-21 | 2019-02-21 | Decentralized identifier management system based on ether house block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109918942A CN109918942A (en) | 2019-06-21 |
| CN109918942B true CN109918942B (en) | 2020-07-31 |
Family
ID=66962008
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910132811.XA Active CN109918942B (en) | 2019-02-21 | 2019-02-21 | Decentralized identifier management system based on ether house block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109918942B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11240244B2 (en) | 2019-06-26 | 2022-02-01 | Microsoft Technologly Licensing, LLC | Presentation interrupt for a DID attestation |
| CN111213147B (en) | 2019-07-02 | 2023-10-13 | 创新先进技术有限公司 | Systems and methods for blockchain-based cross-entity authentication |
| CN111066020B (en) * | 2019-07-02 | 2023-08-04 | 创新先进技术有限公司 | System and method for creating a decentralised identity |
| CN111316303B (en) | 2019-07-02 | 2023-11-10 | 创新先进技术有限公司 | Systems and methods for blockchain-based cross-entity authentication |
| CN111164594B (en) | 2019-07-02 | 2023-08-25 | 创新先进技术有限公司 | System and method for mapping a de-centralized identity to a real entity |
| CN111095327B (en) | 2019-07-02 | 2023-11-17 | 创新先进技术有限公司 | System and method for verifying verifiable claims |
| EP3688930B1 (en) * | 2019-07-02 | 2021-10-20 | Advanced New Technologies Co., Ltd. | System and method for issuing verifiable claims |
| CN110300112B (en) * | 2019-07-02 | 2022-05-10 | 石家庄铁道大学 | Block chain key hierarchical management method |
| WO2020098839A2 (en) * | 2020-02-14 | 2020-05-22 | Alipay (Hangzhou) Information Technology Co., Ltd. | Data authorization based on decentralized identifiers |
| CN111596954B (en) * | 2020-05-12 | 2023-08-01 | 杭州溪塔科技有限公司 | Distributed version control method and system based on block chain |
| CN112270161A (en) * | 2020-10-10 | 2021-01-26 | 中国信息通信研究院 | Method and device for supporting trusted identifier of custom coding rule |
| CN113327165A (en) | 2021-06-07 | 2021-08-31 | 支付宝(杭州)信息技术有限公司 | Transaction method based on block chain |
| CN113722196A (en) * | 2021-08-27 | 2021-11-30 | 北京八分量信息科技有限公司 | Decentralized-based user behavior information analysis system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107507091A (en) * | 2017-09-07 | 2017-12-22 | 复旦大学 | Enhanced data Right protection method based on block chain and intelligent contract |
| CN108389045A (en) * | 2018-02-01 | 2018-08-10 | 北京泰尔英福网络科技有限责任公司 | Network identity root zone data managing method based on block chain technology and system |
| CN109194466A (en) * | 2018-10-29 | 2019-01-11 | 南开大学 | A kind of cloud data integrity detection method and system based on block chain |
| CN109462588A (en) * | 2018-11-13 | 2019-03-12 | 上海物融智能科技有限公司 | A kind of decentralization data trade method and system based on block chain |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106875164A (en) * | 2016-12-29 | 2017-06-20 | 北京握奇智能科技有限公司 | A kind of decentralization electricity transaction method and system based on block chain technology |
| WO2018144302A1 (en) * | 2017-01-31 | 2018-08-09 | Rush Thomas Jay | Blockchain data-processing engine |
| CN107682331B (en) * | 2017-09-28 | 2020-05-12 | 复旦大学 | Block chain-based Internet of things identity authentication method |
| CN109389500A (en) * | 2018-09-29 | 2019-02-26 | 重庆邮电大学 | Data trade platform based on ether mill |
-
2019
- 2019-02-21 CN CN201910132811.XA patent/CN109918942B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107507091A (en) * | 2017-09-07 | 2017-12-22 | 复旦大学 | Enhanced data Right protection method based on block chain and intelligent contract |
| CN108389045A (en) * | 2018-02-01 | 2018-08-10 | 北京泰尔英福网络科技有限责任公司 | Network identity root zone data managing method based on block chain technology and system |
| CN109194466A (en) * | 2018-10-29 | 2019-01-11 | 南开大学 | A kind of cloud data integrity detection method and system based on block chain |
| CN109462588A (en) * | 2018-11-13 | 2019-03-12 | 上海物融智能科技有限公司 | A kind of decentralization data trade method and system based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109918942A (en) | 2019-06-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109918942B (en) | Decentralized identifier management system based on ether house block chain | |
| CN109936569B (en) | Decentralized digital identity login management system based on Ether house block chain | |
| Fedrecheski et al. | Self-sovereign identity for IoT environments: a perspective | |
| Park et al. | Role-based access control on the web | |
| Kohl et al. | The evolution of the Kerberos authentication service | |
| EP1703694B1 (en) | Trusted third party authentication for web services | |
| US6490679B1 (en) | Seamless integration of application programs with security key infrastructure | |
| CA2708059C (en) | System and method for dynamic, multi-attribute authentication | |
| US20080263644A1 (en) | Federated authorization for distributed computing | |
| Bhatti et al. | An integrated approach to federated identity and privilege management in open systems | |
| Lesniewski-Laas et al. | Alpaca: extensible authorization for distributed services | |
| Schuba et al. | Countering abuse of name-based authentication | |
| CN113569298A (en) | Identity generation method and identity system based on block chain | |
| EP2805447B1 (en) | Integrating server applications with multiple authentication providers | |
| Gymnopoulos et al. | GRID security review | |
| Lock et al. | Grid Security and its use of X. 509 Certificates | |
| Abdulla et al. | Identify cloud security weakness related to authentication and identity management (IAM) using openstack keystone model | |
| Gábor | Evaluation of distributed authentication, authorization and directory services | |
| Merrill et al. | Profiles for conveying the secure communication requirements of Web services | |
| Barton et al. | Design Issues in a Public Key Infrastructure (PKI) | |
| US20100180329A1 (en) | Authenticated Identity Propagation and Translation within a Multiple Computing Unit Environment | |
| Kim et al. | Design of integration security system using XML security | |
| Jana et al. | Interoperability and security issues of grid services for ubiquitous computing | |
| Chetioui et al. | Cryptographic Encapsulation in the New ENC-DNSSEC Protocol | |
| Van Droogenbroeck | Introduction to PKI-public key infrastructure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |