SFDS: Selective File Disclosure System

πŸ“… 2026-07-10
πŸ“ˆ Citations: 0
✨ Influential: 0
πŸ“„ PDF
πŸ€– AI Summary
This work proposes a read-only file security sharing architecture based on Selective Disclosure JWT (SD-JWT), addressing limitations of traditional identity and access management (IAM) systemsβ€”such as complex configuration, security vulnerabilities, and the absence of a unified cross-format digital signature mechanism. By embedding digitally signed, integrity-protected metadata directly within files, the approach enables decentralized, verifiable authenticity at the file level without relying on centralized authentication or user databases. This is the first application of SD-JWT to file-level secure sharing, offering strong security guarantees for immutable resources while supporting cross-format distribution and significantly simplifying deployment.
πŸ“ Abstract
Access control to networked resources has been a longstanding challenge. The conventional solution relies on authentication mechanisms, which introduce additional complexities associated with Identity and Access Management (IAM). Such systems require user authentication, identity management, and authorization services, while also introducing security risks arising from vulnerabilities, misconfigurations, or implementation flaws. Furthermore, different file formats employ different mechanisms for ensuring authenticity and integrity through digital signatures. For example, PDF documents support the PDF Advanced Electronic Signature (PAdES) standard, whereas plain text files typically lack a standardized mechanism for embedding digital signatures. This paper proposes an architecture based on the Selective Disclosure JSON Web Token (SD-JWT) standard for securely sharing read-only files. The proposed architecture embeds cryptographic signatures and integrity protection directly into the shared resource, providing verifiable authenticity without relying on complex IAM infrastructures, such as centralized user databases, authentication services, or authorization mechanisms. By eliminating these components, the proposed solution simplifies deployment while maintaining strong security guarantees for the distribution of immutable resources.
Problem

Research questions and friction points this paper is trying to address.

access control
identity and access management
digital signatures
file integrity
secure file sharing
Innovation

Methods, ideas, or system contributions that make the work stand out.

Selective Disclosure
SD-JWT
File Integrity
Digital Signature Embedding
IAM-free Access Control
πŸ”Ž Similar Papers
No similar papers found.