|
Title:
|
TOWARD SECURE M2M AUTHENTICATION FOR S3 OBJECT STORAGE |
|
Author(s):
|
Michael Geiger and Andreas U. Schmidt |
|
ISBN:
|
978-989-8704-71-9 |
|
Editors:
|
Paula Miranda and Pedro IsaĆas |
|
Year:
|
2025 |
|
Edition:
|
Single |
|
Keywords:
|
Amazon S3, Credential Leak, Privileged Access Management, OpenID Connect, Credential Vault, Amazon STS |
|
Type:
|
Short Paper |
|
First Page:
|
235 |
|
Last Page:
|
239 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
if you are a member please login 
|
|
Paper Abstract:
|
This paper addresses security vulnerabilities in Machine-to-Machine authentication for Amazon S3 object storage in
industrial environments. Current AWS authentication relies on often insecurely managed symmetric keys. While Amazon's
Secure Token Service with OpenID Connect authentication offers a solution in principle, most enterprise S3-compatible
storage products lack STS support. We propose a security architecture combining Privileged Access Management (PAM)
with OIDC authentication to abstract credentials from application code, enabling automated key rotation and centralized
management. Through industrial simulation testing, we demonstrate this approach maintains production continuity while
significantly improving credential security for M2M S3 access. |
|
|
|
|
|
|
