Enhancing Keycloak: Implementing OpenID Connect for Identity Assurance

  • Brendon Vicente R. Silva UFSC
  • Frederico Schardong UFSC / IFRS
  • Ricardo F. Custódio UFSC
DOI: https://doi.org/10.5753/sbseg_estendido.2024.243391

Resumo


Electronic identities are pivotal in a world where digital interactions are evolving fast. In this context, OpenID Connect, a cornerstone of user identification and authentication, plays an important role in the operation of electronic identification services. This paper describes a novel implementation of the OpenID Connect for Identity Assurance 1.0 (OIDC4IDA), an extension to OpenID Connect, on Keycloak, the leading open-source identity provider.

Referências

Authlete (2024a). Authlete - homepage. Available at [link], accessed on 19/06/2024.

Authlete (2024b). Authlete common library for java. Available at [link], accessed on 19/06/2024.

Connect2id (2024). Connect2id server. Available at [link], accessed on 20/06/2024.

Ferdous, M. S. (2015). User-controlled identity management systems using mobile devices. PhD thesis, University of Glasgow.

Hardt, D. (2012). The OAuth 2.0 Authorization Framework. RFC 6749.

Identity First Tech (2021). ekyc hub. Available at [link], accessed on 20/06/2024.

Keycloak (2024). Open source identity and access management. Available at [link], accessed on 18/06/2024.

Lodderstedt, T., Fett, D., Haine, M., Pulido, A., Lehmann, K., and Koiwai, K. (2022). Openid connect for identity assurance 1.0.

Lodderstedt, T., Sanz, M., and Haine, M. (2023). Openid connect for identity assurance implementations. Available at [link], accessed on 20/06/2024.

Miyata, T., Koga, Y., Madsen, P., Adachi, S.-I., Tsuchiya, Y., Sakamoto, Y., and Takahashi, K. (2006). A survey on identity management protocols and standards. IEICE TRANSACTIONS on Information and Systems, 89(1):112–123.

Sakimura, N., Bradley, J., Jones, M., De Medeiros, B., and Mortimore, C. (2014). Openid connect core 1.0. The OpenID Foundation, page S3.

Silva, B., Schardong, F., Custódio, R., and Vendramin, L. (2023). Identificação eletrônica do registro civil do brasil. In Anais do XXIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais. SBC.

Wright, A., Andrews, H., Hutton, B., and Dennis, G. (2022). Json schema: A media type for describing json documents.
Publicado
16/09/2024
Como Citar

Selecione um Formato
SILVA, Brendon Vicente R.; SCHARDONG, Frederico; CUSTÓDIO, Ricardo F.. Enhancing Keycloak: Implementing OpenID Connect for Identity Assurance. In: WORKSHOP DE GESTÃO DE IDENTIDADES DIGITAIS - SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 193-196. DOI: https://doi.org/10.5753/sbseg_estendido.2024.243391.

Artigos mais lidos do(s) mesmo(s) autor(es)