Date of Award

5-17-2022

Document Type

Masters Project

Abstract

Controlling authentication and authorization is a pivotal part of managing modern web resources. Over the past decade, Oauth and OpenID Connect have shown that they are capable and secure protocols used for secure communication between the Identity Providers (IdP) and requesting parties that consume them. Zero Trust (ZT) architectures are based on authenticating individual requests instead of machines or networks. ZT has shown a pathway that enables a more secure flow oftrusted communication. This is done by defining the control systems and their counterpart the data systems. Zauthly applies ZT principles to Oauth2 flows to create a middleware service that solely controls the authorization ofusers. It aims to enable increased security in existing tools and control flows while it utilizes Google as an IdP to enable authentication of end users. A Single Sign On (SSO) proxy is used to consume the provided Oauth2 authorization from Zauthly. Then its users are managed by a simple interface that communicates with a user database. Zauthly is designed to be deployed in a modular way drawing inspiration from the microservice architectural style. Its deployment is controlled by Docker and Docker-Compose to provide enhanced scalability and flexibility. This paper will explore the design choices of Zauthly, relevant drawbacks, and performance of the tool.

Handle

http://hdl.handle.net/11122/14695

Download

Share

COinS