user855 – WindowsTechs.com

What happens if a secure token is provided to a trusted party that gets compromised

Posted on December 30, 2020 by user855

Take for example – AWS STS token or JWT tokens.
Let’s say node A got a token for accessing a resource of account X on behalf of account X. Access includes read/write privileges.
Let’s say few minutes later the node A got compromised.
Nothi… Continue reading What happens if a secure token is provided to a trusted party that gets compromised→

What happens if a secure token is provided to a trusted party that gets compromised

Posted on December 30, 2020 by user855

What are various mechanisms for establishing secure channels [closed]

Posted on July 4, 2020 by user855

By Wikipedia definition of secure channel is one that protects from overhearing and tampering.
I know we can use certificates to establish a secure channel via TLS/SSL. This is possible if there is access to a CA.
If I don’t have access to… Continue reading What are various mechanisms for establishing secure channels [closed]→

Few basic questions on CA [closed]

Posted on July 3, 2020 by user855

Which problem does it solve – AuthN or AuthZ or something else?
If a client is attempting to talk to a large pool of servers and I want to individually establish the identity of each server host, is CA scalable? If the pool size is 10,000… Continue reading Few basic questions on CA [closed]→

What are the recommended mechanism to securely distribute private keys to thousands of servers?

Posted on July 3, 2020 by user855

I am asking this question because in this article https://engineering.fb.com/security/delegated-credentials/ there is a sentence stating "We securely distribute private keys to the servers".
I am trying to understand how that is … Continue reading What are the recommended mechanism to securely distribute private keys to thousands of servers?→

Is CA the only way to securely share public key?

Posted on May 28, 2020 by user855

Is CA the only way to securely share public key – are there other mechanisms that are viable in practice?

I guess if you had a trusted software deployment system that securely transmitted contents from itself to the host, you can use that… Continue reading Is CA the only way to securely share public key?→

How to establish a secure channel with authenticated and authorized access to a remote entity

Posted on May 28, 2020 by user855

I have the following problem:

There are 3 parties A, B and X.
X is holding 2 entities on behalf of A and B.
A communicates with X to operate it’s own entity. B also communicates with X to operate it’s own entity.
Permissions could be … Continue reading How to establish a secure channel with authenticated and authorized access to a remote entity→

How does access delegation work – Access Token work?

Posted on March 17, 2019 by user855

I’m trying to understand how do access tokens work. What is the mechanism used to generate access tokens similar to AWS Secure Token Service or OAuth Tokens.

I am assuming the algorithm is as follows:

Person A authenticate… Continue reading How does access delegation work – Access Token work?→