SlideShare uma empresa Scribd logo

Overview of JSON Object Signing and Encryption

Masaru Kurahayashi
Masaru Kurahayashi

Title: Overview of JSON Object Signing and Encryption Abstract: JavaScript Object Notation (JSON) is a text format for the serialization of structured data. The JSON format is often used for serializing and transmitting structured data over a network connection. JSON Object Signing and Encryption (JOSE) WG in IETF standardized mechanism for integrity protection (signature and MAC) and encryption as well as the format for keys and algorithm identifiers to support interoperability of security services for protocols that use the JSON. There are specifications such as JSON Web Key (JWK), JSON Web Signature (JWS) and JSON Web Encryption (JWE) in JOSE WG. This lightning talk will introduce overview of them. WebHack #11 Feb 20, 2018 URL:https://webhack.connpass.com/event/78719/

Internet
1 de 20
Baixar para ler offline
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. February 20, 2018 Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Masaru Kurahayashi WebHack #11 Overview of JSON Object Signing and Encryption
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Profile 2 Masaru Kurahayashi (kura) Yahoo Japan Corporation CISO-Board Authentication Technology Kuro-obi OpenID Foundation Japan Evangelist @kura_lab
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Kuro-obi system 3 Kuro-obi is a title given to an individual who is a leading expert that holds outstanding expertise and skills in a certain field Kuro-obi system http://hr.yahoo.co.jp/workplace/culture.html
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Agenda 1. Overview 2. Use cases 3. JWS (JWT) & Demonstration 4. JWE 5. JWK 6. JWA 7. Conclusion 4
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. 5 JOSE
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JOSE • JOSE = JSON Object Signing and Encryption • Working Group in IETF • Integrity protection (signature and MAC) and encryption • 9 RFCs (and more) defined by the WG 6
JOSE JWA JWK JWT Reference Reference JWEJWS
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Use cases • Security Tokens • OAuth • OpenID Connect • Web Cryptography • Constrained Devices (IoT), etc. 8
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWS • JSON Web Signature (RFC 7515) • Content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based integrity protection 10
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWS Compact Serialization BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload) || '.' || BASE64URL(JWS Signature) 11
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWT • JSON Web Token (RFC 7519) • This specification was defined by OAuth WG • The suggested pronunciation of JWT is the same as the English word "jot” • JWTs represent a set of claims as a JSON object that is encoded in a JWS and/or JWE structure 12
https://jwt.io
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWE • JSON Web Encryption (RFC 7516) • JWE Compact Serialization • JWE JSON Serialization 14
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWE Compact Serialization BASE64URL(UTF8(JWE Protected Header)) || '.' || BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication Tag) 15
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWK • JSON Web Key (RFC 7517) • JSON data structure that represents a cryptographic key • JWKs and JWK Sets are used in the JWS and JWE specifications 16
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWA • JSON Web Algorithms (RFC 7518) • Cryptographic algorithms and identifiers to be used with JWS, JWE, and JWK specifications • HMAC-SHA256, RSA-SHA256, ECDSA- SHA256 and RSASSA-PSS SHA256, etc. 17
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Conclusion 1. JOSE WG in IETF 2. JOSE are used with OpenID Connect and OAuth, etc. 3. Overview of 5 RFCs • JWS (JWT), JWE, JWK, JWA 18
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. 19 Letʼs see JOSE !! https://datatracker.ietf.org/wg/jose/
Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved.Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Thank you for your kind attention!

Recomendados

Android httpclient
Android httpclientAndroid httpclient
Android httpclientallanh0526
 
Java Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepJava Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepGuo Albert
 
Java 8 Streams
Java 8 StreamsJava 8 Streams
Java 8 StreamsManvendra Singh
 
Java IO Package and Streams
Java IO Package and StreamsJava IO Package and Streams
Java IO Package and Streamsbabak danyal
 
Data Persistence in Android with Room Library
Data Persistence in Android with Room LibraryData Persistence in Android with Room Library
Data Persistence in Android with Room LibraryReinvently
 
AOT and Native with Spring Boot 3.0
AOT and Native with Spring Boot 3.0AOT and Native with Spring Boot 3.0
AOT and Native with Spring Boot 3.0MoritzHalbritter
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQLAmazon Web Services
 
JPA and Hibernate
JPA and HibernateJPA and Hibernate
JPA and Hibernateelliando dias
 

Recomendados

Android httpclient
Android httpclientAndroid httpclient
Android httpclientallanh0526
 
Java Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepJava Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepGuo Albert
 
Java 8 Streams
Java 8 StreamsJava 8 Streams
Java 8 StreamsManvendra Singh
 
Java IO Package and Streams
Java IO Package and StreamsJava IO Package and Streams
Java IO Package and Streamsbabak danyal
 
Data Persistence in Android with Room Library
Data Persistence in Android with Room LibraryData Persistence in Android with Room Library
Data Persistence in Android with Room LibraryReinvently
 
AOT and Native with Spring Boot 3.0
AOT and Native with Spring Boot 3.0AOT and Native with Spring Boot 3.0
AOT and Native with Spring Boot 3.0MoritzHalbritter
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQLAmazon Web Services
 
JPA and Hibernate
JPA and HibernateJPA and Hibernate
JPA and Hibernateelliando dias
 
REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQLSquareboat
 
Building Modern APIs with GraphQL
Building Modern APIs with GraphQLBuilding Modern APIs with GraphQL
Building Modern APIs with GraphQLAmazon Web Services
 
Java 8 Lambda and Streams
Java 8 Lambda and StreamsJava 8 Lambda and Streams
Java 8 Lambda and StreamsVenkata Naga Ravi
 
An Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
An Introduction to JUnit 5 and how to use it with Spring boot tests and MockitoAn Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
An Introduction to JUnit 5 and how to use it with Spring boot tests and Mockitoshaunthomas999
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introductionRasheed Waraich
 
Spring Update | July 2023
Spring Update | July 2023Spring Update | July 2023
Spring Update | July 2023VMware Tanzu
 
Introduction to Java 8
Introduction to Java 8Introduction to Java 8
Introduction to Java 8Knoldus Inc.
 
Classes and Nested Classes in Java
Classes and Nested Classes in JavaClasses and Nested Classes in Java
Classes and Nested Classes in JavaRavi_Kant_Sahu
 
Hibernate ppt
Hibernate pptHibernate ppt
Hibernate pptAneega
 
Build JSON and XML using RABL gem
Build JSON and XML using RABL gemBuild JSON and XML using RABL gem
Build JSON and XML using RABL gemNascenia IT
 
Spring Framework - Data Access
Spring Framework - Data AccessSpring Framework - Data Access
Spring Framework - Data AccessDzmitry Naskou
 
L'API Collector dans tous ses états
L'API Collector dans tous ses étatsL'API Collector dans tous ses états
L'API Collector dans tous ses étatsJosé Paumard
 
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...Edureka!
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQLSangeeta Ashrit
 
Intro to React
Intro to ReactIntro to React
Intro to ReactJustin Reock
 
Spring boot - an introduction
Spring boot - an introductionSpring boot - an introduction
Spring boot - an introductionJonathan Holloway
 
Java EE Introduction
Java EE IntroductionJava EE Introduction
Java EE Introductionejlp12
 
Introduction to Spring Boot
Introduction to Spring BootIntroduction to Spring Boot
Introduction to Spring BootTrey Howard
 
Deep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKDeep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKJosé Paumard
 
Java IO
Java IOJava IO
Java IOUTSAB NEUPANE
 
JWTs and JOSE in a flash
JWTs and JOSE in a flashJWTs and JOSE in a flash
JWTs and JOSE in a flashEvan J Johnson (Not a CISSP)
 
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]Otávio Santana
 

Mais conteúdo relacionado

Mais procurados

REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQLSquareboat
 
Building Modern APIs with GraphQL
Building Modern APIs with GraphQLBuilding Modern APIs with GraphQL
Building Modern APIs with GraphQLAmazon Web Services
 
An Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
An Introduction to JUnit 5 and how to use it with Spring boot tests and MockitoAn Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
An Introduction to JUnit 5 and how to use it with Spring boot tests and Mockitoshaunthomas999
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introductionRasheed Waraich
 
Spring Update | July 2023
Spring Update | July 2023Spring Update | July 2023
Spring Update | July 2023VMware Tanzu
 
Introduction to Java 8
Introduction to Java 8Introduction to Java 8
Introduction to Java 8Knoldus Inc.
 
Classes and Nested Classes in Java
Classes and Nested Classes in JavaClasses and Nested Classes in Java
Classes and Nested Classes in JavaRavi_Kant_Sahu
 
Hibernate ppt
Hibernate pptHibernate ppt
Hibernate pptAneega
 
Build JSON and XML using RABL gem
Build JSON and XML using RABL gemBuild JSON and XML using RABL gem
Build JSON and XML using RABL gemNascenia IT
 
Spring Framework - Data Access
Spring Framework - Data AccessSpring Framework - Data Access
Spring Framework - Data AccessDzmitry Naskou
 
L'API Collector dans tous ses états
L'API Collector dans tous ses étatsL'API Collector dans tous ses états
L'API Collector dans tous ses étatsJosé Paumard
 
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...Edureka!
 
Spring boot - an introduction
Spring boot - an introductionSpring boot - an introduction
Spring boot - an introductionJonathan Holloway
 
Java EE Introduction
Java EE IntroductionJava EE Introduction
Java EE Introductionejlp12
 
Introduction to Spring Boot
Introduction to Spring BootIntroduction to Spring Boot
Introduction to Spring BootTrey Howard
 
Deep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKDeep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKJosé Paumard
 

Mais procurados (20)

REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQL
 
Building Modern APIs with GraphQL
Building Modern APIs with GraphQLBuilding Modern APIs with GraphQL
Building Modern APIs with GraphQL
 
Java 8 Lambda and Streams
Java 8 Lambda and StreamsJava 8 Lambda and Streams
Java 8 Lambda and Streams
 
An Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
An Introduction to JUnit 5 and how to use it with Spring boot tests and MockitoAn Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
An Introduction to JUnit 5 and how to use it with Spring boot tests and Mockito
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introduction
 
Spring Update | July 2023
Spring Update | July 2023Spring Update | July 2023
Spring Update | July 2023
 
Introduction to Java 8
Introduction to Java 8Introduction to Java 8
Introduction to Java 8
 
Classes and Nested Classes in Java
Classes and Nested Classes in JavaClasses and Nested Classes in Java
Classes and Nested Classes in Java
 
Hibernate ppt
Hibernate pptHibernate ppt
Hibernate ppt
 
Build JSON and XML using RABL gem
Build JSON and XML using RABL gemBuild JSON and XML using RABL gem
Build JSON and XML using RABL gem
 
Spring Framework - Data Access
Spring Framework - Data AccessSpring Framework - Data Access
Spring Framework - Data Access
 
L'API Collector dans tous ses états
L'API Collector dans tous ses étatsL'API Collector dans tous ses états
L'API Collector dans tous ses états
 
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
Java Interview Questions and Answers | Spring and Hibernate Interview Questio...
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQL
 
Intro to React
Intro to ReactIntro to React
Intro to React
 
Spring boot - an introduction
Spring boot - an introductionSpring boot - an introduction
Spring boot - an introduction
 
Java EE Introduction
Java EE IntroductionJava EE Introduction
Java EE Introduction
 
Introduction to Spring Boot
Introduction to Spring BootIntroduction to Spring Boot
Introduction to Spring Boot
 
Deep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKDeep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UK
 
Java IO
Java IOJava IO
Java IO
 

Semelhante a Overview of JSON Object Signing and Encryption

Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]Otávio Santana
 
Future of Java EE with SE 8 (revised)
Future of Java EE with SE 8 (revised)Future of Java EE with SE 8 (revised)
Future of Java EE with SE 8 (revised)Hirofumi Iwasaki
 
IPTC News in JSON Spring 2013
IPTC News in JSON Spring 2013IPTC News in JSON Spring 2013
IPTC News in JSON Spring 2013Stuart Myles
 
What's new in the Java API for JSON Binding
What's new in the Java API for JSON BindingWhat's new in the Java API for JSON Binding
What's new in the Java API for JSON BindingDmitry Kornilov
 
Sitecore Install Extensions in Action
Sitecore Install Extensions in ActionSitecore Install Extensions in Action
Sitecore Install Extensions in ActionRobert Senktas
 
A Primer on JSON Web Tokens
A Primer on JSON Web TokensA Primer on JSON Web Tokens
A Primer on JSON Web TokensChris Herbert
 
Java API for JSON Binding - Introduction and update
Java API for JSON Binding - Introduction and updateJava API for JSON Binding - Introduction and update
Java API for JSON Binding - Introduction and updateMartin Grebac
 
What’s new in JSR 367 Java API for JSON Binding
What’s new in JSR 367 Java API for JSON BindingWhat’s new in JSR 367 Java API for JSON Binding
What’s new in JSR 367 Java API for JSON BindingDmitry Kornilov
 
Pebank java handsout
Pebank java handsoutPebank java handsout
Pebank java handsoutPE-BANK
 
Oracle Code One 2018 Feedback (Server Side / Japanese)
Oracle Code One 2018 Feedback (Server Side / Japanese)Oracle Code One 2018 Feedback (Server Side / Japanese)
Oracle Code One 2018 Feedback (Server Side / Japanese)Logico
 
From Java EE to Jakarta EE
From Java EE to Jakarta EEFrom Java EE to Jakarta EE
From Java EE to Jakarta EEDmitry Kornilov
 
Integrating a Domain Ontology Development Environment and an Ontology Search ...
Integrating a Domain Ontology Development Environment and an Ontology Search ...Integrating a Domain Ontology Development Environment and an Ontology Search ...
Integrating a Domain Ontology Development Environment and an Ontology Search ...Takeshi Morita
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Codemotion
 
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...Deploy360 Programme (Internet Society)
 
Python and the MySQL Document Store
Python and the MySQL Document StorePython and the MySQL Document Store
Python and the MySQL Document StoreJesper Wisborg Krogh
 
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界オラクルエンジニア通信
 
Huge Enterprise Systems Architecture Design with Java EE
Huge Enterprise Systems Architecture Design with Java EEHuge Enterprise Systems Architecture Design with Java EE
Huge Enterprise Systems Architecture Design with Java EERakuten Group, Inc.
 

Semelhante a Overview of JSON Object Signing and Encryption (20)

JWTs and JOSE in a flash
JWTs and JOSE in a flashJWTs and JOSE in a flash
JWTs and JOSE in a flash
 
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]
 
Future of Java EE with SE 8 (revised)
Future of Java EE with SE 8 (revised)Future of Java EE with SE 8 (revised)
Future of Java EE with SE 8 (revised)
 
March 2012 HUG: JuteRC compiler
March 2012 HUG: JuteRC compilerMarch 2012 HUG: JuteRC compiler
March 2012 HUG: JuteRC compiler
 
IPTC News in JSON Spring 2013
IPTC News in JSON Spring 2013IPTC News in JSON Spring 2013
IPTC News in JSON Spring 2013
 
What's new in the Java API for JSON Binding
What's new in the Java API for JSON BindingWhat's new in the Java API for JSON Binding
What's new in the Java API for JSON Binding
 
Sitecore Install Extensions in Action
Sitecore Install Extensions in ActionSitecore Install Extensions in Action
Sitecore Install Extensions in Action
 
A Primer on JSON Web Tokens
A Primer on JSON Web TokensA Primer on JSON Web Tokens
A Primer on JSON Web Tokens
 
Java API for JSON Binding - Introduction and update
Java API for JSON Binding - Introduction and updateJava API for JSON Binding - Introduction and update
Java API for JSON Binding - Introduction and update
 
What’s new in JSR 367 Java API for JSON Binding
What’s new in JSR 367 Java API for JSON BindingWhat’s new in JSR 367 Java API for JSON Binding
What’s new in JSR 367 Java API for JSON Binding
 
Pebank java handsout
Pebank java handsoutPebank java handsout
Pebank java handsout
 
Oracle Code One 2018 Feedback (Server Side / Japanese)
Oracle Code One 2018 Feedback (Server Side / Japanese)Oracle Code One 2018 Feedback (Server Side / Japanese)
Oracle Code One 2018 Feedback (Server Side / Japanese)
 
From Java EE to Jakarta EE
From Java EE to Jakarta EEFrom Java EE to Jakarta EE
From Java EE to Jakarta EE
 
Integrating a Domain Ontology Development Environment and an Ontology Search ...
Integrating a Domain Ontology Development Environment and an Ontology Search ...Integrating a Domain Ontology Development Environment and an Ontology Search ...
Integrating a Domain Ontology Development Environment and an Ontology Search ...
 
Introduction to FIWARE IoT
Introduction to FIWARE IoTIntroduction to FIWARE IoT
Introduction to FIWARE IoT
 
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...
 
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
 
Python and the MySQL Document Store
Python and the MySQL Document StorePython and the MySQL Document Store
Python and the MySQL Document Store
 
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
 
Huge Enterprise Systems Architecture Design with Java EE
Huge Enterprise Systems Architecture Design with Java EEHuge Enterprise Systems Architecture Design with Java EE
Huge Enterprise Systems Architecture Design with Java EE
 

Mais de Masaru Kurahayashi

認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜Masaru Kurahayashi
 
Yahoo! JAPANのOpenID Certified Mark取得について
Yahoo! JAPANのOpenID Certified Mark取得についてYahoo! JAPANのOpenID Certified Mark取得について
Yahoo! JAPANのOpenID Certified Mark取得についてMasaru Kurahayashi
 
IoT時代のインターネット技術動向 -アプリケーションプロトコル編-
IoT時代のインターネット技術動向 -アプリケーションプロトコル編-IoT時代のインターネット技術動向 -アプリケーションプロトコル編-
IoT時代のインターネット技術動向 -アプリケーションプロトコル編-Masaru Kurahayashi
 
サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜
サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜
サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜Masaru Kurahayashi
 
IETF94 M2M Authentication関連報告
IETF94 M2M Authentication関連報告IETF94 M2M Authentication関連報告
IETF94 M2M Authentication関連報告Masaru Kurahayashi
 
エンタープライズの視点からFIDOとFederationのビジネスを考える
エンタープライズの視点からFIDOとFederationのビジネスを考えるエンタープライズの視点からFIDOとFederationのビジネスを考える
エンタープライズの視点からFIDOとFederationのビジネスを考えるMasaru Kurahayashi
 
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜Masaru Kurahayashi
 
OpenID ConnectとAndroidアプリのログインサイクル
OpenID ConnectとAndroidアプリのログインサイクルOpenID ConnectとAndroidアプリのログインサイクル
OpenID ConnectとAndroidアプリのログインサイクルMasaru Kurahayashi
 
俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターンMasaru Kurahayashi
 
安全なID連携のハウツー
安全なID連携のハウツー安全なID連携のハウツー
安全なID連携のハウツーMasaru Kurahayashi
 
これからのネイティブアプリにおけるOpenID Connectの活用
これからのネイティブアプリにおけるOpenID Connectの活用これからのネイティブアプリにおけるOpenID Connectの活用
これからのネイティブアプリにおけるOpenID Connectの活用Masaru Kurahayashi
 

Mais de Masaru Kurahayashi (12)

認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜
 
Yahoo! JAPANのOpenID Certified Mark取得について
Yahoo! JAPANのOpenID Certified Mark取得についてYahoo! JAPANのOpenID Certified Mark取得について
Yahoo! JAPANのOpenID Certified Mark取得について
 
IoT時代のインターネット技術動向 -アプリケーションプロトコル編-
IoT時代のインターネット技術動向 -アプリケーションプロトコル編-IoT時代のインターネット技術動向 -アプリケーションプロトコル編-
IoT時代のインターネット技術動向 -アプリケーションプロトコル編-
 
Standard-based Identity (1)
Standard-based Identity (1)Standard-based Identity (1)
Standard-based Identity (1)
 
サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜
サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜
サバフェス 2016 Yahoo! ID連携のご紹介 〜OpenID Connect入門〜
 
IETF94 M2M Authentication関連報告
IETF94 M2M Authentication関連報告IETF94 M2M Authentication関連報告
IETF94 M2M Authentication関連報告
 
エンタープライズの視点からFIDOとFederationのビジネスを考える
エンタープライズの視点からFIDOとFederationのビジネスを考えるエンタープライズの視点からFIDOとFederationのビジネスを考える
エンタープライズの視点からFIDOとFederationのビジネスを考える
 
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
 
OpenID ConnectとAndroidアプリのログインサイクル
OpenID ConnectとAndroidアプリのログインサイクルOpenID ConnectとAndroidアプリのログインサイクル
OpenID ConnectとAndroidアプリのログインサイクル
 
俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン
 
安全なID連携のハウツー
安全なID連携のハウツー安全なID連携のハウツー
安全なID連携のハウツー
 
これからのネイティブアプリにおけるOpenID Connectの活用
これからのネイティブアプリにおけるOpenID Connectの活用これからのネイティブアプリにおけるOpenID Connectの活用
これからのネイティブアプリにおけるOpenID Connectの活用
 

Último

best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...kajalverma014
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Roommeghakumariji156
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样ayvbos
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样ayvbos
 
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria IuzzolinoPower point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolinonuriaiuzzolino1
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...gajnagarg
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxgalaxypingy
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.krishnachandrapal52
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsMonica Sydney
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoilmeghakumariji156
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 

Último (20)

best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria IuzzolinoPower point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 

Overview of JSON Object Signing and Encryption

  • 1. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. February 20, 2018 Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Masaru Kurahayashi WebHack #11 Overview of JSON Object Signing and Encryption
  • 2. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Profile 2 Masaru Kurahayashi (kura) Yahoo Japan Corporation CISO-Board Authentication Technology Kuro-obi OpenID Foundation Japan Evangelist @kura_lab
  • 3. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Kuro-obi system 3 Kuro-obi is a title given to an individual who is a leading expert that holds outstanding expertise and skills in a certain field Kuro-obi system http://hr.yahoo.co.jp/workplace/culture.html
  • 4. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Agenda 1. Overview 2. Use cases 3. JWS (JWT) & Demonstration 4. JWE 5. JWK 6. JWA 7. Conclusion 4
  • 5. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. 5 JOSE
  • 6. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JOSE • JOSE = JSON Object Signing and Encryption • Working Group in IETF • Integrity protection (signature and MAC) and encryption • 9 RFCs (and more) defined by the WG 6
  • 8. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Use cases • Security Tokens • OAuth • OpenID Connect • Web Cryptography • Constrained Devices (IoT), etc. 8
  • 9.
  • 10. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWS • JSON Web Signature (RFC 7515) • Content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based integrity protection 10
  • 11. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWS Compact Serialization BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload) || '.' || BASE64URL(JWS Signature) 11
  • 12. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWT • JSON Web Token (RFC 7519) • This specification was defined by OAuth WG • The suggested pronunciation of JWT is the same as the English word "jot” • JWTs represent a set of claims as a JSON object that is encoded in a JWS and/or JWE structure 12
  • 14. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWE • JSON Web Encryption (RFC 7516) • JWE Compact Serialization • JWE JSON Serialization 14
  • 15. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWE Compact Serialization BASE64URL(UTF8(JWE Protected Header)) || '.' || BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication Tag) 15
  • 16. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWK • JSON Web Key (RFC 7517) • JSON data structure that represents a cryptographic key • JWKs and JWK Sets are used in the JWS and JWE specifications 16
  • 17. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. JWA • JSON Web Algorithms (RFC 7518) • Cryptographic algorithms and identifiers to be used with JWS, JWE, and JWK specifications • HMAC-SHA256, RSA-SHA256, ECDSA- SHA256 and RSASSA-PSS SHA256, etc. 17
  • 18. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Conclusion 1. JOSE WG in IETF 2. JOSE are used with OpenID Connect and OAuth, etc. 3. Overview of 5 RFCs • JWS (JWT), JWE, JWK, JWA 18
  • 19. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. 19 Letʼs see JOSE !! https://datatracker.ietf.org/wg/jose/
  • 20. Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved.Copyright © 2018 Yahoo Japan Corporation. All Rights Reserved. Thank you for your kind attention!