Home

Machines have become a driving force in all industries by helping increase business productivity, and efficiency. For these machines to effectively work in a network, communication is necessary. Each machine needs to know who to talk to and what purpose they would solve. Cryptographic keys and digital certificates can be used to define the identities of the machines. These identities are used to establish trust, authenticate, and securely communicate between machines.

With emerging security instruments such as mutual TLS and Service Mesh, the traditional ways for defining and monitoring the lifecycle and authentications are being questioned and challenged. In this project, we aim to solve this problem by building a human accessible language that would be used to define machine identity management lifecycle and authentication for different types of certificates, policies and environments.

• Home
• Design Philosophy and Methodology
  • Design Philosophy
  • Machine Identity types used by Authorization vs Authentication
  • Machine Identity types by Use Cases
  • Methodology
• Scenario List
  • Certificate Lifecycle Scenarios
    • Expiration
    • Renewal
    • Installation
    • Phase
    • Ownership
    • Issuance
    • Replacement
  • Certificate Authorization Scenarios
• Vocabulary List
  • Glossary Lists
    • Noun
    • Verbs
    • Adjectives
• Future Work
  • Identity Types
    • Introduction
    1. JWT Tokens
    2. SSH
    3. SSH Certificates
    4. Defining Machines On Cloud
    5. Workload Identities: Role-Based Identity management
    6. TPM Hardware as the machine identity
  • Implementation Recommendation
    • Recommended Research Areas
  • References