Scientific and Technical Journal

ELECTROTECHNIC AND COMPUTER SYSTEMS

ISSN Print 2221-3937
ISSN Online 2221-3805
MODIFICATION OF OPEN AUTHORIZATION PROTOCOL FOR VERIFICATION OF REQUEST
Abstract:

User’s authorization social networks creates a problem of protection of information from third-party applications. To solve it is commonly used protocol OAuth, however, the development of Internet applications, and also requires the protection of data that is not in the OAuth 1.0, in particular for requests other than the URL-encoded. In this paper we propose a modification of the protocol OAuth, classes and signature generation algorithm, which provides support for the signature of any requests. The modified library supports standard and custom implementation of OAuth. This change significantly increased the scope of usage for protocol OAuth. For verification the test was conducted in which 40 threads continuously load server. Using this modification imposes the requirement for developers to monitor the average size of the request and in the case of a large request to consider not using the verification of request body.

Authors:
Keywords
DOI
References
  1. Surkov S.S., and Martynyuk A.N. Avtorizatsiya avtomobilnogo kompyutera bez poddergki brauzera posredstvom Bluetooth [Authorization for Automobile head unit Without Browser Support with Mobile Devices through Bluetooth], (2015),Refrigeration Engineering and Technology, No. 2, pp. 65 – 71 [In Russian].
  2. RichardsonLeonard, and Ruby Sam, (2007), RESTful Web Services Web Services for the Real World, O'Reilly Media May 2007, 454 p. Available at: Url: http://shop.oreilly.com/product/9780596529260.do (Accessed 24.05.2007).
  3. Masse Mark, (2013), REST API Design Rulebook, O'Reilly Media, 112 p., Available at: Url: http://shop.oreilly.com/product/0636920021575.do (Accessed 12.10.2011).
  1. Hammer-Lahav E. (ed.), (2010), The OAuth 1.0 Protocol,IETF RFC 5849 (Informational) April 2010, [Electronic Resource] Available at: Url: http://tools.ietf.org/html/rfc5849 (Accessed 19.04.2010).
  2. Basney Jim, and Jeff Gaynor, (2014), National an OAuth Service for Issuing Certificates to Science Gateways for TeraGrid Users, Center for Supercomputing Applications University of Illinois at Urbana-Champaign 1205 West Clark Street, Urbana, Illinois 61801, July 2014, Available at: Url: http://www.slideserve.com/cleta/an-oauth-service-for-issuing-certificates-to-science-gateways-for-teragrid-users(Accessed 21.07.2014).
  1. Dierks T., and E. Rescorla, (eds.), (2008), The Transport Layer Security (TLS) Protocol, IETF RFC 5246 (Standards Track), August 2008. Available at: Url: http://tools.ietf.org/html/rfc5246 (Accessed 25.08.2008).
  2. Rescorla E.,(ed.), (2000), HTTP over TLS, IETF RFC 2818 (Informational), May 2000, Available at: Url: http://tools.ietf.org/html/rfc2818 (Accessed 29.05.2000).
  3. LeBlanc J., (2011), Programming Social Applications: Building Viral Experiences with OpenSocial, OAuth, OpenID,[Electronic Resource], Available at: Url: http://www.torrentino.net/torrent/282288(Accessed 19.12.2011).
  4. Fielding R., and Reаches J, (2014), Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing, IETF RFC 7230 June 2014. [Electronic Resource] Available at: Url:https://tools.ietf.org/html/rfc7230 (Accessed 16.06.2014).
  5. Bray T. (ed.), (2014), The JavaScript Object Notation (JSON) Data Interchange Format, Ed IETF RFC 7159, March 2014, Available at: Url: http://tools.ietf.org/html/rfc7159 (Accessed 26.03.2014).
Published:
Last download:
2017-11-16 09:14:46

[ © KarelWintersky ] [ All articles ] [ All authors ]
[ © Odessa National Polytechnic University, 2014. Any use of information from the site is possible only under the condition that the source link! ]
Яндекс.Метрика