Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation."— Presentation transcript:

1 Hannes Tschofenig (IETF#79, SAAG, Beijing)

2 Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation. 6/1/2015IETF #79, OAuth Overview, SAAG Meeting, Beijing 2

3 6/1/2015IETF #79, OAuth Overview, SAAG Meeting, Beijing 3 The Problem: Secure Data Sharing

4 6/1/2015IETF #79, OAuth Overview, SAAG Meeting, Beijing 4

5 6/1/2015IETF #79, OAuth Overview, SAAG Meeting, Beijing 5 Example OAuth Exchange

6 6/1/20156IETF #79, OAuth Overview, SAAG Meeting, Beijing User Enters a URL In the web browser

7 6/1/20157IETF #79, OAuth Overview, SAAG Meeting, Beijing Browser opens URL

8 6/1/20158IETF #79, OAuth Overview, SAAG Meeting, Beijing User is presented With the option to access remote (but protected) data

9 6/1/20159IETF #79, OAuth Overview, SAAG Meeting, Beijing Resource Consumer Redirects to Authorization Server

10 6/1/201510IETF #79, OAuth Overview, SAAG Meeting, Beijing User authentication takes place

11 6/1/201511IETF #79, OAuth Overview, SAAG Meeting, Beijing User authorizes data exchange

12 6/1/201512IETF #79, OAuth Overview, SAAG Meeting, Beijing Authorization Granted Redirect from Authz Server back to Resource Consumer

13 6/1/201513IETF #79, OAuth Overview, SAAG Meeting, Beijing Resource Consumer Requests Token from Authorization Server For Access to the Resource Server

14 6/1/201514IETF #79, OAuth Overview, SAAG Meeting, Beijing Resource Consumer Receives Token

15 6/1/201515IETF #79, OAuth Overview, SAAG Meeting, Beijing Resource Consumer Requests access to Data at the Resource Server

16 6/1/201516IETF #79, OAuth Overview, SAAG Meeting, Beijing Data exchange takes place

17 OAuth Profiles Token Request Work Scope User User Agent Authorization Server Resource Server Resource Consumer Access Request (incl. Token) Authorization Request 6/1/201517IETF #79, OAuth Overview, SAAG Meeting, Beijing User Interface Token Format And Content Authz Server Interaction Data ExchangeAuthentication Request Security Token Request/ Response Exchange

18 Summary Open Web Authentication (OAuth) is developed in the IETF to provide delegated authentication. Code available (see http://oauth.net/code/) and deployment on the way.http://oauth.net/code/ Working group is working on finalizing the OAuth 2.0 specification: –http://tools.ietf.org/html/draft-ietf-oauth-v2http://tools.ietf.org/html/draft-ietf-oauth-v2 Rechartering discussion started with many extensions being considered by the group Your input is needed! 6/1/2015IETF #79, OAuth Overview, SAAG Meeting, Beijing 18

Download ppt "Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation."

Similar presentations

The How of OAuth OAuth Hackathon – Six Apart

The How of OAuth OAuth Hackathon – Six Apart
22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.

22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.
Service Chaining with OAuth 2.0 Bearer Tokens

Service Chaining with OAuth 2.0 Bearer Tokens
FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
Prabath Siriwardena | Johann Nallathamby.

Prabath Siriwardena | Johann Nallathamby.
IETF OAuth Proof-of-Possession

IETF OAuth Proof-of-Possession
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
1 IETF OAuth Proof-of-Possession Hannes Tschofenig.

1 IETF OAuth Proof-of-Possession Hannes Tschofenig.
Hannes Tschofenig, Blaine Cook (IETF#79, Beijing).

Hannes Tschofenig, Blaine Cook (IETF#79, Beijing).
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Workflow OpenID Scenario Users get OpenID from provider Andy is given access to service, and then to workflow server. Andy installs workflow Workflow gets.

Workflow OpenID Scenario Users get OpenID from provider Andy is given access to service, and then to workflow server. Andy installs workflow Workflow gets.
SEVA: Securing Extranets Yves ROUDIER, Refik MOLVA Institut Eurécom

SEVA: Securing Extranets Yves ROUDIER, Refik MOLVA Institut Eurécom
Hannes Tschofenig MIT CFP Privacy & Security Working Group Feb. 2 nd 2011.

Hannes Tschofenig MIT CFP Privacy & Security Working Group Feb. 2 nd 2011.
Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.
OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.

OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)

OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten

OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten
UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.

UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.

Similar presentations

Ads by Google