Miha Eržen (2012) Open authentication. EngD thesis.
The thesis Open Authentication aims to present in detail the open authorization protocol that could be used in the future to resolve or mitigate the need for constantly entering passwords into online systems and other applications. With open authentication users can share their private resources (files, personal information, etc.), which are stored on some server with the application, without having to provide the application with their user name and password. The thesis begins with a short presentation of the history of open authentication, as well as a short description of the difference between the traditional model of authentication (user name and password) and open authentication. Also presented is the role of the resource owner, which has been added to the traditional model of authentication for the purposes of authorization. The basic principles of how open authentication functions are also briefly outlined. The thesis continues with a detailed presentation of open authentication methods. It describes the chain of events in exchanging information between the user, the application, and the server, as well as all methods necessary for proper encryption, signing, and transferring this information between end points. The thesis also presents in brief the downsides to open authentication. The way these problems are resolved in version 2 is described in the second part of the thesis.
Actions (login required)