Distributed Authorization with CAProck
Using cryptographic capabilities to overcome internet centralization
Jens Finkhaeuser
Jens Finkhaeuser is a software professional, architect, founder and established FLOSS developer. His work spans around two decades, and most of the Internet stack, with a particular focus on security and networking protocol design and implementation. He started the Interpeer Project with the intent of bringing this experience to bringing the human factor back into the next evolution of the Internet. Jens adopted Bavaria as his home and lives there with his wife, two children and a tortoise.
In distributed systems, authorization is often the last centralized component. Cryptographic capabilities offer an alternative.
For the related problem of authentication, the use of public key cryptography allows decoupling different authentication phases in time, with the effect that at the point of use, only those parts need to be performed that can be distributed, i.e. without any reliance on centralized components. The same principle can be applied to authorization.
This talk introduces the concept described in Capabilities for Distributed Authorization, and introduces the CAProck library that implements the concept.
A basic understanding of public key cryptography is assumed, i.e. how digital signatures work.
- Date:
- 2023 November 4 - 10:30
- Duration:
- 20 min
- Room:
- Room 3
- Conference:
- SeaGL 2023
- Language:
- Track:
- Security and Privacy
- Difficulty:
- Intermediate
- Secure Coding: Fix from the root
- Start Time:
- 2023 November 4 10:30
- Room:
- Room 2
- Effective git code review - make their job easier and you look smarter
- Start Time:
- 2023 November 4 10:30
- Room:
- Room 4
- Going as fast as possible in Rust
- Start Time:
- 2023 November 4 10:30
- Room:
- Room 1