Enhancing SPIFFE/SPIRE Environment with a Nested Security Token Model

Henrique Cochak; Milton Neto; Charles Miers; Marco Marques; Marcos A. Simplicio Jr.

doi:10.5220/0012634400003711

Enhancing SPIFFE/SPIRE Environment with a Nested Security Token Model

Henrique Cochak, Milton Neto, Charles Miers, Marco Marques, Marcos A. Simplicio Jr.

2024

Abstract

Within the domains of authentication, authorization, and accounting, vulnerabilities often arise, posing significant challenges due to the inter-connectivity and communication among various system components. Addressing these threats, SPIFFE framework emerges as a robust solution tailored for workloads identity management. This work explores solutions for use cases not originally foreseen in the SPIFFE scope, focusing on enhancing security measures, particularly investigating a novel token model that introduces a nesting concept. This extended token model operates within a SPIRE environment, enabling token nesting with new features such as token tracing with both ephemeral and non-ephemeral keys and the possibility of delegated assertions.

Download

Paper Citation

in Harvard Style

Cochak H., Neto M., Miers C., Marques M. and A. Simplicio Jr. M. (2024). Enhancing SPIFFE/SPIRE Environment with a Nested Security Token Model. In Proceedings of the 14th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER; ISBN 978-989-758-701-6, SciTePress, pages 184-191. DOI: 10.5220/0012634400003711

in Bibtex Style

@conference{closer24,
author={Henrique Cochak and Milton Neto and Charles Miers and Marco Marques and Marcos A. Simplicio Jr.},
title={Enhancing SPIFFE/SPIRE Environment with a Nested Security Token Model},
booktitle={Proceedings of the 14th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER},
year={2024},
pages={184-191},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012634400003711},
isbn={978-989-758-701-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 14th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER
TI - Enhancing SPIFFE/SPIRE Environment with a Nested Security Token Model
SN - 978-989-758-701-6
AU - Cochak H.
AU - Neto M.
AU - Miers C.
AU - Marques M.
AU - A. Simplicio Jr. M.
PY - 2024
SP - 184
EP - 191
DO - 10.5220/0012634400003711
PB - SciTePress