A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data

Md Jobair Hossain Faruk; Bilash Saha; Jim Basney

doi:10.1145/3569951.3597566

A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data

Md Jobair Hossain Faruk, Bilash Saha, Jim Basney

National Center for Supercomputing Applications (NCSA)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.

Original language	English (US)
Title of host publication	PEARC 2023 - Computing for the common good
Subtitle of host publication	Practice and Experience in Advanced Research Computing
Publisher	Association for Computing Machinery
Pages	302-305
Number of pages	4
ISBN (Electronic)	9781450399852
DOIs	https://doi.org/10.1145/3569951.3597566
State	Published - Jul 23 2023
Event	2023 Practice and Experience in Advanced Research Computing, PEARC 2023 - Portland, United States Duration: Jul 23 2023 → Jul 27 2023

Publication series

Name	PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing

Conference

Conference	2023 Practice and Experience in Advanced Research Computing, PEARC 2023
Country/Territory	United States
City	Portland
Period	7/23/23 → 7/27/23

Keywords

Blockchain
JWT
SciTokens
Smart Contracts
Verifiable Credentials

ASJC Scopus subject areas

Computational Theory and Mathematics
Computer Networks and Communications
Computer Science Applications
Software
Theoretical Computer Science

Online availability

10.1145/3569951.3597566

Library availability

Discover UIUC Full Text

Cite this

Hossain Faruk, M. J., Saha, B., & Basney, J. (2023). A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data. In PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing (pp. 302-305). (PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing). Association for Computing Machinery. https://doi.org/10.1145/3569951.3597566

A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data. / Hossain Faruk, Md Jobair; Saha, Bilash; Basney, Jim.
PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing. Association for Computing Machinery, 2023. p. 302-305 (PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hossain Faruk, MJ, Saha, B & Basney, J 2023, A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data. in PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing. PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing, Association for Computing Machinery, pp. 302-305, 2023 Practice and Experience in Advanced Research Computing, PEARC 2023, Portland, United States, 7/23/23. https://doi.org/10.1145/3569951.3597566

Hossain Faruk MJ, Saha B, Basney J. A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data. In PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing. Association for Computing Machinery. 2023. p. 302-305. (PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing). doi: 10.1145/3569951.3597566

Hossain Faruk, Md Jobair ; Saha, Bilash ; Basney, Jim. / A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts : Novel Approaches for Authentication and Secure Access to Scientific Data. PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing. Association for Computing Machinery, 2023. pp. 302-305 (PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing).

@inproceedings{2c193e67310748bba21c9ec801e87e36,

title = "A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data",

abstract = "Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.",

keywords = "Blockchain, JWT, SciTokens, Smart Contracts, Verifiable Credentials",

author = "\{Hossain Faruk\}, \{Md Jobair\} and Bilash Saha and Jim Basney",

note = "This material is based upon work supported by the National Science Foundation under grant number 2114989.; 2023 Practice and Experience in Advanced Research Computing, PEARC 2023 ; Conference date: 23-07-2023 Through 27-07-2023",

year = "2023",

month = jul,

day = "23",

doi = "10.1145/3569951.3597566",

language = "English (US)",

series = "PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing",

publisher = "Association for Computing Machinery",

pages = "302--305",

booktitle = "PEARC 2023 - Computing for the common good",

address = "United States",

}

TY - GEN

T1 - A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts

T2 - 2023 Practice and Experience in Advanced Research Computing, PEARC 2023

AU - Hossain Faruk, Md Jobair

AU - Saha, Bilash

AU - Basney, Jim

N1 - This material is based upon work supported by the National Science Foundation under grant number 2114989.

PY - 2023/7/23

Y1 - 2023/7/23

N2 - Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.

AB - Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.

KW - Blockchain

KW - JWT

KW - SciTokens

KW - Smart Contracts

KW - Verifiable Credentials

UR - http://www.scopus.com/inward/record.url?scp=85176269620&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85176269620&partnerID=8YFLogxK

U2 - 10.1145/3569951.3597566

DO - 10.1145/3569951.3597566

M3 - Conference contribution

AN - SCOPUS:85176269620

T3 - PEARC 2023 - Computing for the common good: Practice and Experience in Advanced Research Computing

SP - 302

EP - 305

BT - PEARC 2023 - Computing for the common good

PB - Association for Computing Machinery

Y2 - 23 July 2023 through 27 July 2023

ER -

A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this