A provisioning model towards OAuth 2.0 performance optimization

A major hurdle of formal adoption of OAuth protocol for enterprise applications is performance. Enterprise applications (e.g. SAP, SharePoint, Exchange Server, etc.) require a mechanism to predict and manage performance expectations. As these applications become more and more ubiquitous in the Cloud, the scale and performance expectations become an important factor impacting architectural decisions for security protocol adoption. This paper proposes an optimization to OAuth 2.0 for enterprise adoption. This optimization is achieved by introducing provisioning steps to pre-establish trust amongst enterprise applications´ Resource Servers, its associated Authorization Server and the clients interested in access to protected resources. In this model, trust is provisioned and synchronized as a pre-requisite step to authentication and authorization amongst all communicating entities in OAuth protocol, namely, the client requesting a protected resource, the resource server, and the authorization server. For a case study, we analyze SAP authenticating with SharePoint using our optimization versus existing OAuth protocol. We believe such optimization will further facilitate the adoption of OAuth in the enterprise where scale and performance are critical factors.