John Bradley

John Bradley

Chile
2 mil seguidores Más de 500 contactos

Unirse para ver el perfil
Yubico
Blog

Actividad

Unirse para ver toda la actividad

Experiencia

Publicaciones

  • OAuth 2.0 Demonstrating Proof of Possession (DPoP)

    IETF

    This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens.

    Otros autores
    Ver publicación

  • OAuth 2.0 Dynamic Client Registration Management Protocol

    IETF

    This specification defines methods for management of OAuth 2.0 dynamic client registrations for use cases in which the properties of a registered client may need to be changed during the lifetime of the client. Not all authorization servers supporting dynamic client registration will support these management methods.

    Otros autores
    Ver publicación

  • OAuth 2.0 Dynamic Client Registration Protocol

    IETF

    This specification defines mechanisms for dynamically registering OAuth 2.0 clients with authorization servers. Registration requests send a set of desired client metadata values to the authorization server. The resulting registration responses return a client identifier to use at the authorization server and the client metadata values registered for the client. The client can then use this registration information to communicate with the authorization server using the OAuth 2.0 protocol.…

    This specification defines mechanisms for dynamically registering OAuth 2.0 clients with authorization servers. Registration requests send a set of desired client metadata values to the authorization server. The resulting registration responses return a client identifier to use at the authorization server and the client metadata values registered for the client. The client can then use this registration information to communicate with the authorization server using the OAuth 2.0 protocol. This specification also defines a set of common client metadata fields and values for clients to use during registration.

    Otros autores
    Ver publicación

  • JSON Web Signature (JWS)

    IETF

    JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and an IANA registry defined by that specification. Related encryption capabilities are described in the separate JSON Web Encryption (JWE) specification.

    Otros autores
    Ver publicación

  • JSON Web Token (JWT)

    IETF

    JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.

    Otros autores
    Ver publicación

Patentes

  • METHODS AND APPARATUS FOR ASSESSING AUTHENTICATION RISK AND IMPLEMENTING SINGLE SIGN ON (SSO) USING A DISTRIBUTED CONSENSUS DATABASE

    Expedida Estados Unidos 20170289134

    Ver patente

  • Electronic commerce system and system and method for establishing a trusted session

    Presentada el Estados Unidos

    A system and method for establishing two-factor security using a mobile device comprising authorizing one or more transactions requests received by a server, identifying one or more credentials required before the transaction can be processed, transmitting the list of credentials and a request session ID to a mobile device that stores, or is linked to, one or more required credentials, and pushing (or authorizing a credentials server to push) such credentials to the server that received the…

    A system and method for establishing two-factor security using a mobile device comprising authorizing one or more transactions requests received by a server, identifying one or more credentials required before the transaction can be processed, transmitting the list of credentials and a request session ID to a mobile device that stores, or is linked to, one or more required credentials, and pushing (or authorizing a credentials server to push) such credentials to the server that received the request in order to permit the associated transaction and/or upgrade the prior session to a secured or “authorized” connection.

    Otros inventores
    Ver patente

  • Globally aware authentication system

    Presentada el Estados Unidos

    A computer security monitoring method and system includes receiving input data, wherein the input data includes user account data associated with a user's security-related interaction with a particular network, security-related local network data associated with the particular network, and security-related external network data regarding security threats at one or more independent, external networks. The input data is analyzed to generate at least one composite security status score, wherein…

    A computer security monitoring method and system includes receiving input data, wherein the input data includes user account data associated with a user's security-related interaction with a particular network, security-related local network data associated with the particular network, and security-related external network data regarding security threats at one or more independent, external networks. The input data is analyzed to generate at least one composite security status score, wherein the analyzing includes an analysis of the user account data based on previously stored data associated with the user account, and an analysis of the security-related local and external network data to adjust the composite security status score when the analysis of the security-related local and external network data indicates an increased security threat. The method and system may produce human-readable output including an alert associated with the at least one composite security status score. Other features are disclosed.

    Otros inventores
    Ver patente

Proyectos

Empresas

  • Open Identity Exchange (OIX)

    Tresurer

    - actualidad

  • IETF

    WG Chair in Security Area

    - actualidad

    Token Binding WG

  • OpenID Foundation

    Mobile Profile for OpenID Connect WG Co-Chair

    - actualidad

    1) Working Group name:
    Mobile Profile for OpenID Connect

    2) Purpose:
    Developing a profile of OIDC intended to be appropriate for use by mobile network operators (MNOs) providing identity services to RPs and for RPs in consuming those services as well as any other party wishing to be interoperable with this profile.

    Identify and make recommendations for additional standards items.

    3) Scope:
    Create a profile of OIDC focused on delivering a common set of…

    1) Working Group name:
    Mobile Profile for OpenID Connect

    2) Purpose:
    Developing a profile of OIDC intended to be appropriate for use by mobile network operators (MNOs) providing identity services to RPs and for RPs in consuming those services as well as any other party wishing to be interoperable with this profile.

    Identify and make recommendations for additional standards items.

    3) Scope:
    Create a profile of OIDC focused on delivering a common set of implementation guidelines for MNOs (acting as IDPs) and RPs. In doing so, take into account any considerations driven by:

    User interface/interaction methods on Mobile Devices

    Different methods of authenticating the user through the mobile device and/or network (including but not limited to SIM, USSD, TEE, network capabilities etc.)

    Option of supporting additional claims (attributes), e.g., location, age-verification, presence.

    Methods of obtaining user consent (including long-lived consent) and ability for user to revoke that consent

    Methods needed for discovering which MNO the RP should submit an authentication request to for a given user

    Non-scope:

    Making breaking change to OIDC.

  • Kantara

    Chair Federation Interoperability WG

    - actualidad

    Work on profiling identity standards like SAML and openID Connect for cross organization use, and addressing other deployment issues.

  • OpenID Foundation

    Treasurer

    - actualidad

    I have been elected to four terms as a board member of the foundation, and have served as Treasurer and a member of the foundation's executive committee since 2011.

    I chair a number of the Working groups and have been one of the core authors of the new OpenID Connect specification adopted in 2014.

  • Open Source Identity System (OSIS) initiative

    Steward

    - actualidad

    IDCommons Working group on interoperability testing.

  • Open Identity Exchange (OIX)

    Board Representitive for Ping Identity

    -

  • Kantara

    Chair Leadership Council

    -

Recomendaciones recibidas

2 personas han recomendado a John Unirse para verlo

Más actividad de John

Ver el perfil completo de John

  • Descubrir a quién conocéis en común
  • Conseguir una presentación
  • Contactar con John directamente
Unirse para ver el perfil completo

Perfiles similares

Otras personas con el nombre de John Bradley

Hay 1746 personas más con el nombre de John Bradley en LinkedIn

Ver a otras personas con el nombre de John Bradley

Añade nuevas aptitudes con estos cursos

Ver todos los cursos