Scientific and Technical Journal

ELECTROTECHNIC AND COMPUTER SYSTEMS

ISSN Print 2221-3937
ISSN Online 2221-3805
IMPROVEMENT OF SECURITY FOR WEB SERVICES BY RESEARCH AND DEVELOPMENT OF OAUTH SERVER
Abstract:

With the crucial growth of information-technologies is rapidly growing sociability. The clearest example - there are many social networks. To solve the problem of authorization for third-party web services use OAuth protocol, which asks user to enter his credentials in Web-browser or native application and as a result gives to application access token is used for authorization with REST-API to identify user. All social networks such as Facebook, Twitter, Google+, Foursquare, Evernote, VK provide REST-APIs protected by OAuth 1.0a or OAuth 2.0.

For implementation of web services developers use custom frameworks. In this work, we researched, developed and analyzed OAuth library for creation of web-services built on JAX-RS 2.0 framework.

For verification and comparison our solution with others we plan test all the solutions by test suite which allows to achieve high number of concurrent connections. To reduce workload on test server we are going to launch test suite on a different PC. After achieving the results, we will compare them to existing solutions and analyze our solution for weak points.

Authors:
Keywords
DOI
References

1. Surkov S.S.,  Martynyuk O.M., and Mileiko I.G., (2015), Modification of Open Authorization Protocol for Verification of Request,  Electronic and Computer System, Special Edition, No. 19 (95), Odessa, Ukraine, pp. 178 – 181.

2. Surkov S.S., and MartynyukO.N. Avtomatizatsiya avtomobilnogo kompyutera bez podderjki brausera posredstvom Bluetooth [Authorization for Automobile Headunit without Browser Support with Mobile Devices through Bbluetooth], (2015),HolodilnayaTehnikaITehnologiya, No. 2, Kviten,Odessa, Ukraine, pp. 65 – 71 (In Russian).

3. Surkov S.S., and Martynyuk O.M., (2015), Method of Migration from Single Server System to Server Cluster,  Proceedings of the 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS’2015), 24-26 September 2015, Warsaw, Poland, pp. 808 – 811.

4. Surkov S.S., and O.N. Martynyuk,Avtomatizatsiya avtomobilnogo kompyutera bez podderjki brausera posredstvom Bluetooth [Authorization for Automobile Headunit without Browser Support with Mobile Devices through Bbluetooth], (2015), Holodilnaya Tehnika I Tehnologiya, No. 2, Kviten, 2015. Odessa, Ukraine,pp. 65 – 71 (In Russian).

5.   Hammer-Lahav E. (ed.), (2010), The OAuth 1.0 Protocol, IETF RFC 5849 (Informational), April 2010, (In English) [Electronic resource], Available at: URL: http://tools.ietf.org/html/rfc5849 (accessed 23.06.2016).

6. Basney Jim, and  Gaynor Jeff, (2016), An OAuth Service for Issuing Certificates to Science Gateways for TeraGrid Users, National Center for Supercomputing Applications University of Illinois at Urbana-Champaign 1205 West Clark Street, Urbana, Illinois 61801,  Article No. 32, (In English) [Electronic resource], Available at:  URL: http://dl.acm.org/citation.cfm?id=2016776 (accessed 23.06.2016).

7. Richardson Leonard, and  Ruby Sam, (2011), RESTfull Web Services Web services for the real world, O'Reilly Media, May 2011, pp. 188 – 205.

8. Mark Masse, (2013),   REST API Design Rulebook, O'Reilly Media, pp.23 – 35.

9. Fielding R., and Reschke J. (2014), Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing, IETF RFC 7230, June 2014, (In English) [Electronic resource], Available at:  URL: https://tools.ietf.org/html/rfc7230 (accessed 23.06.2016).

10. Siewert Sam B., (2013), Cloud Scaling, Part 1: Build a Compute node or Small Cluster Application and Scale with HPC, University of Alaska Anchorage, (In English) [Electronic resource], Available at:  URL: http://www.ibm.com/developerworks/cloud/library/cl-cloudscaling1-hpcondemand/ (accessed 23.06.2016).

11. WebberJim,  Parastatidis Savas, RobinsonIan, (2012),  REST in Practice Hypermedia and Systems Architecture,O'Reilly Media, September 2012, pp. 285 – 351.

Published:
Last download:
2017-11-16 09:14:33

[ © KarelWintersky ] [ All articles ] [ All authors ]
[ © Odessa National Polytechnic University, 2014. Any use of information from the site is possible only under the condition that the source link! ]
Яндекс.Метрика