• DocumentCode
    244175
  • Title

    Platform-level Support for Authorization in Cloud Services with OAuth 2

  • Author

    Sendor, Jakub ; Lehmann, Yann ; Serme, Gabriel ; Santana de Oliveira, Anderson

  • Author_Institution
    SAP Labs., Sophia-Antipolis, France
  • fYear
    2014
  • fDate
    11-14 March 2014
  • Firstpage
    458
  • Lastpage
    465
  • Abstract
    The OAuth 2 web authorization framework allows services to act on behalf of users when interacting with other services. It avoids sharing username and passwords across services, thus, in principle protecting users from several threats. However, it is known that the implementation of this kind of authorization protocol is tricky, and potentially leads to vulnerable web services. In this paper we present a toolkit for Java-based Cloud platforms which facilitates the deployment of the OAuth 2 authorization framework into existing web services. We developed a set of interceptors, using aspect-oriented programming techniques for SOA, to handle the main OAuth flow. Secondly, we created an Eclipse plug-in to integrate OAuth into cloud services with minimum effort.
  • Keywords
    Java; Web services; aspect-oriented programming; authorisation; cloud computing; cryptographic protocols; Eclipse plug-in; Java-based cloud platform toolkit; OAuth 2 Web authorization framework; SOA; Web services; aspect-oriented programming; authorization protocol; cloud service authorization; platform-level support; user protection; Authorization; Insurance; Libraries; Protocols; Servers; Web services; Authorization; Cloud; OAuth 2; Platform as a Service; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cloud Engineering (IC2E), 2014 IEEE International Conference on
  • Conference_Location
    Boston, MA
  • Type

    conf

  • DOI
    10.1109/IC2E.2014.60
  • Filename
    6903511
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=244175