The "WebToken"

Besides a cool buzzword, what could a "WebToken" possibly be? 
 
Well, since human users mostly interact with cloud services through the "Universal Client", the Internet browser, this probably means that such a token scheme must be integrated with the browser in some way, right? 
 
Because tokens are supposed to be secure, there should be a way to maintain token integrity even in the harsh open Internet environment; otherwise we may better stick to passwords forever! 
 
Finally, we can't ignore that Mobile Devices have become the shortest path to the Internet. 
 
Here follows a short list of some desirable properties for a token scheme that could work for everything from bloggers to government agencies:

For those who are heavy into authentication technologies, I have compiled a set of links to the most important documents. 
 
Note that this is work-in-progress and contents may change from day to day! In addition, documents, software and hardware are not always "in sync". 
 
SKS/KeyGen2 - Executive Level Presentation http://webpki.org/papers/keygen2/sks-keygen2-exec-level-presentation.pdf
SKS API Description https://cyberphone.github.io/openkeystore/resources/docs/sks-api-arch.pdf
KeyGen2 Protocol Description https://cyberphone.github.io/openkeystore/resources/docs/keygen2.html
JSON Clear Text Signature Description https://cyberphone.github.io/openkeystore/resources/docs/jcs.html
WebCrypto++ Conceptual Specification http://webpki.org/papers/PKI/pki-webcrypto.pdf
Open Hardware Development Platform TBD
SKS integration in a CPU https://cyberphone.github.io/openkeystore/resources/docs/tee-se-combo.pdf
https://github.com/cyberphone/openkeystore/blob/master/library/src/org/webpki/sks/twolayer/se/SEReferenceImplementation.java
https://github.com/cyberphone/openkeystore/blob/master/library/src/org/webpki/sks/twolayer/tee/TEEReferenceImplementation.java
Open Software Project https://github.com/cyberphone/openkeystore
Java API Documentation http://webpki.org/papers/keygen2/doc
Secure Key Store - Reference Implementation Java source code
JUnit KeyGen2 Output JUnit Printout
Application Note: Remote Key Unlock http://webpki.org/papers/keygen2/remote-key-unlock.pdf
Public Domain Invention Disclosure https://cyberphone.github.io/openkeystore/resources/docs/Efficient-Provisioning-of-Complex-Structures-Over-Unsecured-Channels.pdf

 
Primary Contact
 
anders.rundgren.net@gmail.com
 
LinkedIn profile