More information about the project

README.md

-# Enabling Zero Trust Architectures using OAuth2.0 and Verifiable Credentials
+# ZeroTrustVC Project Summary
 
-## About
+## Introduction
 Enabling Zero Trust Architectures using OAuth2.0 and Verifiable Credentials 
 (**ZeroTrustVC**) implements Authentication and Authorization for HTTP services
 using [JWT-encoded Verifiable Credentials](https://www.w3.org/TR/vc-data-model/#json-web-token).
@@ -12,3 +12,19 @@ for multi-tenant systems using OAuth 2.0 and Verifiable Credentials](https://mm.
 by N. Fotiou, V.A. Siris, G.C. Polyzos, appeared in 30th International Conference 
 on Computer Communications and Networks (ICCCN). You can view a video presentation
 of this paper [here](https://www.youtube.com/watch?v=B6biTo8w5zw)
+
+## Description
+ZeroTrustVC is an access control solution that relies on widely used standards, 
+composed of a VC issuer and a VC verifier. The VC issuer is an OAuth 2.0 authorization 
+server extended with VC issuing capabilities. Issued VCs are encoded as JWT and signed 
+using JWS, improving compatibility and integration with existing tools. ZeroTrustVC
+provides VC verifiers: a generic Python3-based, acting as transparent proxy, and a .NET 
+core framework authorization middleware for securing .NET web apps. Users 
+interact with ZeroTrustVC using standard OAuth 2.0 flows. ZeroTrustVC facilitates
+capabilities-based access control, supports efficient VC revocation, and enables
+"strong authentication and authorization of every access request" enabling resource
+access over public, untrusted networks, aka Zero -Trust Architectures (ZTAs). 
+
+## Solution overview
+The following figure illustrates the modules of our solution
+![ZeroTurstVC architecture](architecture.png "ZeroTurstVC architecture")
\ No newline at end of file