Suche senden
Hochladen
The JSON-based Identity Protocol Suite
•
Als PPTX, PDF herunterladen
•
4 gefällt mir
•
4,952 views
Twobo Technologies
Folgen
An overview of the JSON-based identity protocol suite, including JWT, JWE, JWK, etc.
Weniger lesen
Mehr lesen
Technologie
Melden
Teilen
Melden
Teilen
1 von 13
Jetzt herunterladen
Empfohlen
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Twobo Technologies
Incorporating OAuth
Incorporating OAuth
Twobo Technologies
Neo-security Stack
Neo-security Stack
Twobo Technologies
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Twobo Technologies
Authorization The Missing Piece of the Puzzle
Authorization The Missing Piece of the Puzzle
Nordic APIs
DDD Melbourne 2019 : Modern Authentication 101
DDD Melbourne 2019 : Modern Authentication 101
Dasith Wijesiriwardena
Empfohlen
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Twobo Technologies
Incorporating OAuth
Incorporating OAuth
Twobo Technologies
Neo-security Stack
Neo-security Stack
Twobo Technologies
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Twobo Technologies
Authorization The Missing Piece of the Puzzle
Authorization The Missing Piece of the Puzzle
Nordic APIs
DDD Melbourne 2019 : Modern Authentication 101
DDD Melbourne 2019 : Modern Authentication 101
Dasith Wijesiriwardena
Launching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
HyWAI Web Bluetooth API
HyWAI Web Bluetooth API
Jonathan Jeon
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
Nordic APIs
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Nat Sakimura
Security via Java
Security via Java
Bahaa Zaid
CIS14: I Left My JWT in San JOSE
CIS14: I Left My JWT in San JOSE
CloudIDSummit
Sign in with Apple
Sign in with Apple
Nov Matake
Designing an API
Designing an API
Twobo Technologies
Disrupting the Car Industry and Driver Experience with APIs - API Days San Fr...
Disrupting the Car Industry and Driver Experience with APIs - API Days San Fr...
Fabernovel
Fidor TecS AG Company Presentation
Fidor TecS AG Company Presentation
Frank Schwab
The end of polling (Audrey Neveu)
The end of polling (Audrey Neveu)
Nordic APIs
Why should C-Level care about APIs? It's the new economy, stupid.
Why should C-Level care about APIs? It's the new economy, stupid.
Fabernovel
The future of Banking @ Social Media Week 2015
The future of Banking @ Social Media Week 2015
Lars Markull
Why Drones are the Future of IoT
Why Drones are the Future of IoT
Colin Snow
Automated Deployment with Maven - going the whole nine yards
Automated Deployment with Maven - going the whole nine yards
John Ferguson Smart Limited
EVOLVE'13 | Keynote | Roy Fielding
EVOLVE'13 | Keynote | Roy Fielding
Evolve The Adobe Digital Marketing Community
API Management architect presentation
API Management architect presentation
sflynn073
Token Based Authentication Systems with AngularJS & NodeJS
Token Based Authentication Systems with AngularJS & NodeJS
Hüseyin BABAL
エンタープライズIT環境での OpenID Connect / SCIM の具体的実装方法 idit2014
エンタープライズIT環境での OpenID Connect / SCIM の具体的実装方法 idit2014
Takashi Yahata
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Twobo Technologies
Transforming organizations into platforms
Transforming organizations into platforms
Twobo Technologies
Beveiliging en REST services
Beveiliging en REST services
Maurice De Beijer [MVP]
Weitere ähnliche Inhalte
Was ist angesagt?
Launching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
HyWAI Web Bluetooth API
HyWAI Web Bluetooth API
Jonathan Jeon
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
Nordic APIs
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Nat Sakimura
Security via Java
Security via Java
Bahaa Zaid
CIS14: I Left My JWT in San JOSE
CIS14: I Left My JWT in San JOSE
CloudIDSummit
Sign in with Apple
Sign in with Apple
Nov Matake
Was ist angesagt?
(7)
Launching a Successful and Secure API
Launching a Successful and Secure API
HyWAI Web Bluetooth API
HyWAI Web Bluetooth API
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Security via Java
Security via Java
CIS14: I Left My JWT in San JOSE
CIS14: I Left My JWT in San JOSE
Sign in with Apple
Sign in with Apple
Andere mochten auch
Designing an API
Designing an API
Twobo Technologies
Disrupting the Car Industry and Driver Experience with APIs - API Days San Fr...
Disrupting the Car Industry and Driver Experience with APIs - API Days San Fr...
Fabernovel
Fidor TecS AG Company Presentation
Fidor TecS AG Company Presentation
Frank Schwab
The end of polling (Audrey Neveu)
The end of polling (Audrey Neveu)
Nordic APIs
Why should C-Level care about APIs? It's the new economy, stupid.
Why should C-Level care about APIs? It's the new economy, stupid.
Fabernovel
The future of Banking @ Social Media Week 2015
The future of Banking @ Social Media Week 2015
Lars Markull
Why Drones are the Future of IoT
Why Drones are the Future of IoT
Colin Snow
Automated Deployment with Maven - going the whole nine yards
Automated Deployment with Maven - going the whole nine yards
John Ferguson Smart Limited
EVOLVE'13 | Keynote | Roy Fielding
EVOLVE'13 | Keynote | Roy Fielding
Evolve The Adobe Digital Marketing Community
API Management architect presentation
API Management architect presentation
sflynn073
Token Based Authentication Systems with AngularJS & NodeJS
Token Based Authentication Systems with AngularJS & NodeJS
Hüseyin BABAL
エンタープライズIT環境での OpenID Connect / SCIM の具体的実装方法 idit2014
エンタープライズIT環境での OpenID Connect / SCIM の具体的実装方法 idit2014
Takashi Yahata
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Twobo Technologies
Transforming organizations into platforms
Transforming organizations into platforms
Twobo Technologies
Beveiliging en REST services
Beveiliging en REST services
Maurice De Beijer [MVP]
OpenID ConnectとSCIMの標準化動向
OpenID ConnectとSCIMの標準化動向
Tatsuo Kudo
#dd12 OAuth for Domino Developers
#dd12 OAuth for Domino Developers
Dominopoint - Italian Lotus User Group
Five Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern Identity
Mark Diodati
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Twobo Technologies
Twobo LDAP Attribute Store for ADFS
Twobo LDAP Attribute Store for ADFS
Twobo Technologies
Andere mochten auch
(20)
Designing an API
Designing an API
Disrupting the Car Industry and Driver Experience with APIs - API Days San Fr...
Disrupting the Car Industry and Driver Experience with APIs - API Days San Fr...
Fidor TecS AG Company Presentation
Fidor TecS AG Company Presentation
The end of polling (Audrey Neveu)
The end of polling (Audrey Neveu)
Why should C-Level care about APIs? It's the new economy, stupid.
Why should C-Level care about APIs? It's the new economy, stupid.
The future of Banking @ Social Media Week 2015
The future of Banking @ Social Media Week 2015
Why Drones are the Future of IoT
Why Drones are the Future of IoT
Automated Deployment with Maven - going the whole nine yards
Automated Deployment with Maven - going the whole nine yards
EVOLVE'13 | Keynote | Roy Fielding
EVOLVE'13 | Keynote | Roy Fielding
API Management architect presentation
API Management architect presentation
Token Based Authentication Systems with AngularJS & NodeJS
Token Based Authentication Systems with AngularJS & NodeJS
エンタープライズIT環境での OpenID Connect / SCIM の具体的実装方法 idit2014
エンタープライズIT環境での OpenID Connect / SCIM の具体的実装方法 idit2014
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Transforming organizations into platforms
Transforming organizations into platforms
Beveiliging en REST services
Beveiliging en REST services
OpenID ConnectとSCIMの標準化動向
OpenID ConnectとSCIMの標準化動向
#dd12 OAuth for Domino Developers
#dd12 OAuth for Domino Developers
Five Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern Identity
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Twobo LDAP Attribute Store for ADFS
Twobo LDAP Attribute Store for ADFS
Ähnlich wie The JSON-based Identity Protocol Suite
JWTs and JOSE in a flash
JWTs and JOSE in a flash
Evan J Johnson (Not a CISSP)
A Primer on JSON Web Tokens
A Primer on JSON Web Tokens
Chris Herbert
NoSql-YesSQL mickey alon
NoSql-YesSQL mickey alon
Mickey Alon
IoT関連技術の動向@IETF87
IoT関連技術の動向@IETF87
Shoichi Sakane
HFile: A Block-Indexed File Format to Store Sorted Key-Value Pairs
HFile: A Block-Indexed File Format to Store Sorted Key-Value Pairs
Schubert Zhang
I Left My JWT in San JOSE
I Left My JWT in San JOSE
Brian Campbell
Introduction to the Emerging JSON-Based Identity and Security Protocols
Introduction to the Emerging JSON-Based Identity and Security Protocols
Brian Campbell
HBase Data Modeling and Access Patterns with Kite SDK
HBase Data Modeling and Access Patterns with Kite SDK
HBaseCon
Event-driven IO server-side JavaScript environment based on V8 Engine
Event-driven IO server-side JavaScript environment based on V8 Engine
Ricardo Silva
Pki by Steve Lamb
Pki by Steve Lamb
Information Security Awareness Group
What’s new in JSR 367 Java API for JSON Binding
What’s new in JSR 367 Java API for JSON Binding
Dmitry Kornilov
BCS_PKI_part1.ppt
BCS_PKI_part1.ppt
UskuMusku1
Cassandra 3.0 - JSON at scale - StampedeCon 2015
Cassandra 3.0 - JSON at scale - StampedeCon 2015
StampedeCon
Hfile格式详细介绍
Hfile格式详细介绍
Institute of Computing Technology, Chinese Academy of Sciences
Overview of JSON Object Signing and Encryption
Overview of JSON Object Signing and Encryption
Masaru Kurahayashi
Best Practices of IoT in the Cloud
Best Practices of IoT in the Cloud
Amazon Web Services
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the Cloud
Amazon Web Services
Introduction to JWT and How to integrate with Spring Security
Introduction to JWT and How to integrate with Spring Security
Bruno Henrique Rother
支撐英雄聯盟戰績網的那條巨蟒
支撐英雄聯盟戰績網的那條巨蟒
Toki Kanno
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the Cloud
Amazon Web Services
Ähnlich wie The JSON-based Identity Protocol Suite
(20)
JWTs and JOSE in a flash
JWTs and JOSE in a flash
A Primer on JSON Web Tokens
A Primer on JSON Web Tokens
NoSql-YesSQL mickey alon
NoSql-YesSQL mickey alon
IoT関連技術の動向@IETF87
IoT関連技術の動向@IETF87
HFile: A Block-Indexed File Format to Store Sorted Key-Value Pairs
HFile: A Block-Indexed File Format to Store Sorted Key-Value Pairs
I Left My JWT in San JOSE
I Left My JWT in San JOSE
Introduction to the Emerging JSON-Based Identity and Security Protocols
Introduction to the Emerging JSON-Based Identity and Security Protocols
HBase Data Modeling and Access Patterns with Kite SDK
HBase Data Modeling and Access Patterns with Kite SDK
Event-driven IO server-side JavaScript environment based on V8 Engine
Event-driven IO server-side JavaScript environment based on V8 Engine
Pki by Steve Lamb
Pki by Steve Lamb
What’s new in JSR 367 Java API for JSON Binding
What’s new in JSR 367 Java API for JSON Binding
BCS_PKI_part1.ppt
BCS_PKI_part1.ppt
Cassandra 3.0 - JSON at scale - StampedeCon 2015
Cassandra 3.0 - JSON at scale - StampedeCon 2015
Hfile格式详细介绍
Hfile格式详细介绍
Overview of JSON Object Signing and Encryption
Overview of JSON Object Signing and Encryption
Best Practices of IoT in the Cloud
Best Practices of IoT in the Cloud
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the Cloud
Introduction to JWT and How to integrate with Spring Security
Introduction to JWT and How to integrate with Spring Security
支撐英雄聯盟戰績網的那條巨蟒
支撐英雄聯盟戰績網的那條巨蟒
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the Cloud
Kürzlich hochgeladen
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Nathaniel Shimoni
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
blackmambaettijean
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
BkGupta21
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
mohitsingh558521
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
Raghuram Pandurangan
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
Kürzlich hochgeladen
(20)
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
The JSON-based Identity Protocol Suite
1.
The JSON-based Identity
Protocol Suite By Travis Spencer Copyright © 2013 Twobo Technologies AB.
2.
Overview of the
Protocol Suite JavaScript Object Notation (JSON) – Data encoding format popularized by AJAX & REST All being defined in IETF Used to encode OAuth 2.0 security model Tokens (JWT) Encryption (JWE) Keys (JWK) Signatures (JWS) OAuth 2.0 Bearer Token spec binds it to OAuth Basis of OAuth and OpenID Connect Copyright © 2013 Twobo Technologies AB.
3.
Overview of JWT
JWT – pronounced “jot” – are lightweight tokens passed in HTTP headers & query strings Three basic sections – header, claims, signature Akin to SAML tokens Less expressive Less security options Encoded w/ JSON not XML for compactness Copyright © 2013 Twobo Technologies AB.
4.
Basic Layout &
Wire Format Header Claims Crypto JWT Token base64url(Header) + “.” + base64url(Claims) + “.” + base64url(Crypto) Copyright © 2013 Twobo Technologies AB.
5.
Claims Section Reserved
(but optional) claim names Expiration time (exp) Issuer (iss) Not before (nbf) Type (typ) Issued at (iat) Audience (aud) Public claim names IANA JWT claims registry Domain name, OID, or UUID Private claim names – Any unused name Value can be any JSON type Copyright © 2013 Twobo Technologies AB.
6.
Overview of JWE
Used to encrypt JWTs Supports symmetric & asymmetric encryption Three basic sections – header, key, ciphertext Plaintext may be signed first Encryption algorithm RSA1_5 A(128|256)KW RSA-OAEP A(128|256)GCM ECDH-ES Cyphertext is put in the crypto section of the JWT Copyright © 2013 Twobo Technologies AB.
7.
Basic Layout &
Wire Format Header Key Ciphertext JWE JWE = base64url(Header) + “.” + base64url(Key) + “.” + base64url(Ciphertext) Copyright © 2013 Twobo Technologies AB.
8.
Overview of JWK
Array of public keys encoded as JSON objects Intended for inclusion in JWS for signature verification Explicit support for Elliptic Curve and RSA keys Copyright © 2013 Twobo Technologies AB.
9.
JWK Example {“keyvalues” :
{“algorithm” : “RSA”, [ “modulus” : “…”, {“algorithm” : “EC”, “exponent” : “…”, “curve” : “P-256”, “keyid” : “…”} ] “x” : “…”, } “y” : “…”, “use” : “encryption”, “keyid” : “1”}, Copyright © 2013 Twobo Technologies AB.
10.
Overview of JWS
Header input is JWT header Payload input is JWT claims Output is appended to JWT inputs & (optionally) points to the JWK that was used Supports symmetric & asymmetric signing algorithms HMAC SHA RSA SHA ECDSA w/ curve P & SHA Copyright © 2013 Twobo Technologies AB.
11.
Basic Layout &
Wire Format Header Payload JWS JWS = base64url(sig(base64url(Header) + “.” + base64url(Payload))) Copyright © 2013 Twobo Technologies AB.
12.
Questions & Thanks
@2botech @travisspencer www.2botech.com www.travisspencer.com Copyright © 2013 Twobo Technologies AB.
Hinweis der Redaktion
Crypto = Signature & Ciphertext
Jetzt herunterladen