[Openid-specs-ab] Attribute-Based Encryption for OpenID Connect?
Giovanni Bartolomeo
giovanni.bartolomeo at uniroma2.it
Thu Mar 18 07:35:52 UTC 2021
Dear AB/Connect WG,
this is Giovanni Bartolomeo, I'm a researcher working with CNIT
(www.cnit.it) and I'm new to this community. Since last year I'm
working on a slight variant of the OpenID Connect protocol with the
goal to introduce token antiforgery and proof-of-possession directly
in crypto by a technique known as "Attribute-Based Encryption" (ABE).
Currently, I've written a paper describing my research which is freely
available here:
https://www.techrxiv.org/articles/preprint/Attribute-Based_Encryption_for_Access_Control_in_Cloud_Ecosystems/13546871
Also I've developed a reference implementation available on GitHub:
https://github.com/netgroup/abe4jwt
I'm looking for validation on real world implementation scenarios.
Would you/your company be interested in any possible experimentation?
Note that, at the moment, the code is under Affero GPL (due to ABE
specific implementation), but we can discuss this.
It would also be nice to discuss with this community whether any
element of this research work could be integrated into the main
standard.
Many thanks for your time.
Best Regards,
Giovanni
--
Giovanni Bartolomeo
More information about the Openid-specs-ab
mailing list