Securing Authentication and Authorization in Computing Continuum
摘要
This research paper presents the experience of the authors in implementing protocols for authentication and authorization, along with secure key exchange mechanisms for accessing remote resources within a computing continuum scenario. The implementation encompasses a comprehensive security framework designed to facilitate secure access control and cryptographic key management across resource-constrained Internet of Things (IoT) devices, edge nodes, and cloud platforms, addressing the unique challenges of distributed computing environments. In particular, this implementation integrates the Authentication and Authorization for Constrained Environments (ACE) framework, Ephemeral Diffie-Hellman Over COSE (EDHOC) protocol, and Object Security for Constrained RESTful Environments (OSCORE) protocol. The proposed model combines ACE for authentication and authorization, EDHOC for secure key exchange, and OSCORE for message security. By facilitating the delegation of authorization management to less constrained trusted hosts, the proposed work optimizes resource utilization while maintaining robust security across the entire continuum.