Solution for controlling authentication and authorisation of AI Agents without attaching these controls to the agents .
Tag Archives: authentication
On the AI Road that Leads to Identity Hell
A notion of personal identity and Identity Management (IM) are frequently mixed, creating a misreading and speculations about “which one leads the dance”. An appearance of AI has finally put some light on the purpose of this strange mixture. Now, I can say that without an AI-enabled digital identity, you are nobody.
#Microservice #Protection based on the principle of #Zero #Trust
The task addressed in the article is about protecting Microservice’s functionality and resources in the inter-Microservice interactions. Known techniques like OpenID Connects, JWT and OAuth2 were reviewed from the perspective of Microservice interactions. It has been found that these techniques cannot be applied as-is to the Microservices either because unanswered questions to them or because of doubtful trustfulness of related workflows.
The article proposes two protective methods for Microservice (or service) that have sensitive functionality and/or resources. While the Basic Protection Method is just a classic identity verification and following access permission control, the method does not require single centralised Identity and Permission Authorities. The latter can be distributed as needed following the distribution of Microservice-based applications. The Closed Optimised Protection Method replaces Identity and Permission Authorities with Dependency Catalogue Service per application and provides full protection with performance comparable with OpenID-JWT/OAuth2.
HOW to ARCHITECT for DEVELOPERS 