The search functionality is under construction.
The search functionality is under construction.

Open Access
Secure Enrollment Token Delivery Mechanism for Zero Trust Networks Using Blockchain

Javier Jose DIAZ RIVERA, Waleed AKBAR, Talha AHMED KHAN, Afaq MUHAMMAD, Wang-Cheol SONG

  • Full Text Views

    323

  • Cite this
  • Free PDF (1.7MB)

Summary :

Zero Trust Networking (ZTN) is a security model where no default trust is given to entities in a network infrastructure. The first bastion of security for achieving ZTN is strong identity verification. Several standard methods for assuring a robust identity exist (E.g., OAuth2.0, OpenID Connect). These standards employ JSON Web Tokens (JWT) during the authentication process. However, the use of JWT for One Time Token (OTT) enrollment has a latent security issue. A third party can intercept a JWT, and the payload information can be exposed, revealing the details of the enrollment server. Furthermore, an intercepted JWT could be used for enrollment by an impersonator as long as the JWT remains active. Our proposed mechanism aims to secure the ownership of the OTT by including the JWT as encrypted metadata into a Non-Fungible Token (NFT). The mechanism uses the blockchain Public Key of the intended owner for encrypting the JWT. The blockchain assures the JWT ownership by mapping it to the intended owner's blockchain public address. Our proposed mechanism is applied to an emerging Zero Trust framework (OpenZiti) alongside a permissioned Ethereum blockchain using Hyperledger Besu. The Zero Trust Framework provides enrollment functionality. At the same time, our proposed mechanism based on blockchain and NFT assures the secure distribution of OTTs that is used for the enrollment of identities.

Publication
IEICE TRANSACTIONS on Communications Vol.E106-B No.12 pp.1293-1301
Publication Date
2023/12/01
Publicized
2023/06/01
Online ISSN
1745-1345
DOI
10.1587/transcom.2022TMP0005
Type of Manuscript
Special Section PAPER (Special Section on Towards Management for Future Communications and Services in Conjunction with Main Topics of APNOMS2022)
Category

Authors

Javier Jose DIAZ RIVERA
  Jeju National University
Waleed AKBAR
  Jeju National University
Talha AHMED KHAN
  Jeju National University
Afaq MUHAMMAD
  Jeju National University
Wang-Cheol SONG
  Jeju National University

Keyword