Masoumeh Hashemi, Mehdi Sakhaei-nia, Morteza Yousef Sanati
{"title":"An ESB-based Architecture for Authentication as a Service Through Enterprise Application Integration","authors":"Masoumeh Hashemi, Mehdi Sakhaei-nia, Morteza Yousef Sanati","doi":"10.1109/IKT51791.2020.9345636","DOIUrl":null,"url":null,"abstract":"AUTHaaS is a solution for various problems in an enterprise involving different software systems, each of which have a different authentication mechanism. Multiple usernames and passwords for a user, different security vulnerabilities for each software, and possible changes to the authentication mechanism are some of these problems. The solutions proposed for AUTHaaS are based on SOA. As communication in SOA is synchronous, the authentication process can confront problems if the authentication service is delayed for any reason. It is the purpose of this paper to answer these problems. In this paper, a security architecture is proposed for AUTHaaS through enterprise application integration. The core of the integration solution is the Enterprise Service Bus (ESB) technology. Proposed ESB-based architecture allows the user to authenticate only once for using different systems. Once the user is successfully authenticated for an application, other applications receive events through the ESB that indicate the user has successfully authenticated. So they do not need to be authenticated again by the authentication service for further access. The results show that after the 500th request, i.e. the second request of each user, the response time is reduced by 50% and the number of visits to the authentication server for subsequent requests of users will be zero.","PeriodicalId":382725,"journal":{"name":"2020 11th International Conference on Information and Knowledge Technology (IKT)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 11th International Conference on Information and Knowledge Technology (IKT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IKT51791.2020.9345636","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
AUTHaaS is a solution for various problems in an enterprise involving different software systems, each of which have a different authentication mechanism. Multiple usernames and passwords for a user, different security vulnerabilities for each software, and possible changes to the authentication mechanism are some of these problems. The solutions proposed for AUTHaaS are based on SOA. As communication in SOA is synchronous, the authentication process can confront problems if the authentication service is delayed for any reason. It is the purpose of this paper to answer these problems. In this paper, a security architecture is proposed for AUTHaaS through enterprise application integration. The core of the integration solution is the Enterprise Service Bus (ESB) technology. Proposed ESB-based architecture allows the user to authenticate only once for using different systems. Once the user is successfully authenticated for an application, other applications receive events through the ESB that indicate the user has successfully authenticated. So they do not need to be authenticated again by the authentication service for further access. The results show that after the 500th request, i.e. the second request of each user, the response time is reduced by 50% and the number of visits to the authentication server for subsequent requests of users will be zero.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
