Modern computer systems typically have different services and resources that can be accessed by users of the computer system. When users request access to the services and resources, such requests are generally verified before access is granted so that a user does not gain access to services and resources not granted by the set of permissions associated with that user account. One system typically used for providing secure access to services and resources is based on creating short-term session credentials that are associated with a user. Once a session is established, a user can use the session credentials associated with the session to issue multiple requests over the life of that session. Typically, session credentials are encrypted and include a secret key that is used to sign each of the multiple requests over the life of the session.
A drawback of such sessions and the associated session credentials is that any service that can decrypt the session credentials can have access to the secret key. Since decrypting the session credentials is typically required to verify a request, when the secret key is a symmetric key, the secret key can be used by services to improperly sign additional requests. For example, a service can receive a request and decrypt the session credentials associated with the request to extract the secret key for the purposes of verifying the request. However, the service may also use the extracted secret key to generate requests to other services, even though such requests may not necessarily originate from the owner of the session.