Paper Abstract and Keywords |
Presentation |
2023-07-25 11:00
An Approach to Authorization Protocol Using PUF-based Access Token Risa Yashiro, Kohei Isobe, Hiroki Kunii (SECOM) ISEC2023-41 SITE2023-35 BioX2023-44 HWS2023-41 ICSS2023-38 EMM2023-41 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
OAuth is one of the protocols that enable to authorize resource access for a client through API. The authorization by OAuth is accomplished by issuing access token to the client with approval from the user. By using access token, the client can share the user’s information between applications without exchanging the authentication information of the user. In OAuth, it is assumed that access token would be stored on high security platforms such as smartphones and computers. On the other hand, however, it has been hardly considered about how to deal with access token on the platform with limited resources like IoT devices. Therefore, its implementation is client-dependent and could be vulnerable against the threat that access tokens could be stolen by the device analysis.
In this paper, we made a consideration about using OAuth in combination with Physically Unclonable Function (PUF) as the authorization protocol for IoT devices. The client can share the secret information like access token with an authorization server without holding the information while minimizing the operation cost of the server in this protocol. The protocol enables to accomplish secure authorization against the threats that the secret information could be stolen from the clients. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Access Token / OAuth / Physically Unclonable Function / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 123, no. 132, HWS2023-41, pp. 176-181, July 2023. |
Paper # |
HWS2023-41 |
Date of Issue |
2023-07-17 (ISEC, SITE, BioX, HWS, ICSS, EMM) |
ISSN |
Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ISEC2023-41 SITE2023-35 BioX2023-44 HWS2023-41 ICSS2023-38 EMM2023-41 |
Conference Information |
Committee |
EMM BioX ISEC SITE ICSS HWS IPSJ-CSEC IPSJ-SPT |
Conference Date |
2023-07-24 - 2023-07-25 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Hokkaido Jichiro Kaikan |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
|
Paper Information |
Registration To |
HWS |
Conference Code |
2023-07-EMM-BioX-ISEC-SITE-ICSS-HWS-CSEC-SPT |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
An Approach to Authorization Protocol Using PUF-based Access Token |
Sub Title (in English) |
|
Keyword(1) |
Access Token |
Keyword(2) |
OAuth |
Keyword(3) |
Physically Unclonable Function |
Keyword(4) |
|
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Risa Yashiro |
1st Author's Affiliation |
SECOM Co., Ltd. (SECOM) |
2nd Author's Name |
Kohei Isobe |
2nd Author's Affiliation |
SECOM Co., Ltd. (SECOM) |
3rd Author's Name |
Hiroki Kunii |
3rd Author's Affiliation |
SECOM Co., Ltd. (SECOM) |
4th Author's Name |
|
4th Author's Affiliation |
() |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2023-07-25 11:00:00 |
Presentation Time |
20 minutes |
Registration for |
HWS |
Paper # |
ISEC2023-41, SITE2023-35, BioX2023-44, HWS2023-41, ICSS2023-38, EMM2023-41 |
Volume (vol) |
vol.123 |
Number (no) |
no.129(ISEC), no.130(SITE), no.131(BioX), no.132(HWS), no.133(ICSS), no.134(EMM) |
Page |
pp.176-181 |
#Pages |
6 |
Date of Issue |
2023-07-17 (ISEC, SITE, BioX, HWS, ICSS, EMM) |
|