Explore chapters and articles related to this topic
Common Standards in Cloud Computing
Published in John W. Rittinghouse, James F. Ransome, Cloud Computing, 2017
John W. Rittinghouse, James F. Ransome
OAuth is a method for publishing and interacting with protected data. For developers, OAuth provides users access to their data while protecting account credentials. OAuth allows users to grant access to their information, which is shared by the service provider and consumers without sharing all of their identity. The Core designation is used to stress that this is the baseline, and other extensions and protocols can build on it.
Cybersecurity and Risk
Published in Diego Galar Pascual, Pasquale Daponte, Uday Kumar, Handbook of Industry 4.0 and SMART Systems, 2019
Diego Galar Pascual, Pasquale Daponte, Uday Kumar
OAuth 2.0 is a protocol that allows a user to grant limited access to resources on one site to another site, without having to expose his or her credentials (https://auth0.com/docs/protocols/oauth2).
A Blockchain Based Decentralized Identifiers for Entity Authentication in Electronic Health Records
Published in Cogent Engineering, 2022
Manoj T, Krishnamoorthi Makkithaya, Narendra V G
The authentication of entities can be achieved by binding centralized identifiers to cryptographically generated keys, signatures and certificates with the help of public key infrastructure (PKI). Some of the earlier studies that demonstrated the role of PKI in healthcare based authentication schemes includes multi-biometric key generation in cloud framework (Khan et al., 2014), Burrows-Abadi-Needham(BAN) logic combined with Elliptical Curve Cryptography (ECC; He & Wang, 2015), ECC and three-party key agreement (Odelu et al., 2015), random oracle model (Chatterjee et al., 2018) and centralized identifiers integrated with continuous biometric authentication in cloud (Farid et al., 2021). The primary issue with all the mechanisms associated with public key cryptography-based authentication is that identifier tied with the public key is controlled by either IDPs or service providers (SPs). The federated identity schemes such as OAuth, OpenID, and Security Assertion Markup Language (SAML) try to address identity silos created by multiple identifiers. The authentication schemes proposed by Bahga et al (Bahga & Madisetti, 2013) and Mandel et al., (Mandel et al., 2016) in the EHR environment makes use of SAML based Single Sign-On (SSO) method and Open ID Connect, respectively. Inspite of providing the relaxation from using multiple identifiers by federated identity mechanism, it suffers from the single point of failure problem, which could leave entities inaccessible to relying parties and also enable a service provider to breach the trust by masquerading as a user (Lesavre et al., 2019).
Designing a personal informatics system for users without experience in self-tracking: a case study
Published in Behaviour & Information Technology, 2018
Amon Rapp, Alessandro Marcengo, Luca Buriano, Giancarlo Ruffo, Mirko Lai, Federica Cena
The system is flexible and other channels can be easily added. All these channels provide APIs that adopt standard technologies to access data (HTTP/JSON) and to let the users authenticate to get their data (OAuth). SSO technology provided through OAuth plays a fundamental role: we can aggregate the identities a single user presents to different PI systems by registering them once in our platform, through the management interface, which is implemented by Spring Framework. In the event that two or more providers collect data for the same channel, the user can choose the one with the highest priority.