使用OAuth 2对云服务中的授权提供平台级支持

2014 IEEE International Conference on Cloud Engineering Pub Date : 2014-03-11 DOI:10.1109/IC2E.2014.60

Jakub Sendor, Yann Lehmann, Gabriel Serme, Anderson Santana de Oliveira

{"title":"使用OAuth 2对云服务中的授权提供平台级支持","authors":"Jakub Sendor, Yann Lehmann, Gabriel Serme, Anderson Santana de Oliveira","doi":"10.1109/IC2E.2014.60","DOIUrl":null,"url":null,"abstract":"The OAuth 2 web authorization framework allows services to act on behalf of users when interacting with other services. It avoids sharing username and passwords across services, thus, in principle protecting users from several threats. However, it is known that the implementation of this kind of authorization protocol is tricky, and potentially leads to vulnerable web services. In this paper we present a toolkit for Java-based Cloud platforms which facilitates the deployment of the OAuth 2 authorization framework into existing web services. We developed a set of interceptors, using aspect-oriented programming techniques for SOA, to handle the main OAuth flow. Secondly, we created an Eclipse plug-in to integrate OAuth into cloud services with minimum effort.","PeriodicalId":273902,"journal":{"name":"2014 IEEE International Conference on Cloud Engineering","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"Platform-level Support for Authorization in Cloud Services with OAuth 2\",\"authors\":\"Jakub Sendor, Yann Lehmann, Gabriel Serme, Anderson Santana de Oliveira\",\"doi\":\"10.1109/IC2E.2014.60\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The OAuth 2 web authorization framework allows services to act on behalf of users when interacting with other services. It avoids sharing username and passwords across services, thus, in principle protecting users from several threats. However, it is known that the implementation of this kind of authorization protocol is tricky, and potentially leads to vulnerable web services. In this paper we present a toolkit for Java-based Cloud platforms which facilitates the deployment of the OAuth 2 authorization framework into existing web services. We developed a set of interceptors, using aspect-oriented programming techniques for SOA, to handle the main OAuth flow. Secondly, we created an Eclipse plug-in to integrate OAuth into cloud services with minimum effort.\",\"PeriodicalId\":273902,\"journal\":{\"name\":\"2014 IEEE International Conference on Cloud Engineering\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-03-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE International Conference on Cloud Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IC2E.2014.60\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE International Conference on Cloud Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IC2E.2014.60","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 22

摘要

OAuth 2 web授权框架允许服务在与其他服务交互时代表用户行事。它避免了跨服务共享用户名和密码，因此，原则上保护用户免受多种威胁。然而，众所周知，这种授权协议的实现是棘手的，并且可能导致易受攻击的web服务。在本文中，我们为基于java的云平台提供了一个工具包，该工具包有助于将OAuth 2授权框架部署到现有的web服务中。我们开发了一组拦截器，使用面向方面的SOA编程技术来处理主要的OAuth流。其次，我们创建了一个Eclipse插件，以最小的工作量将OAuth集成到云服务中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Platform-level Support for Authorization in Cloud Services with OAuth 2

The OAuth 2 web authorization framework allows services to act on behalf of users when interacting with other services. It avoids sharing username and passwords across services, thus, in principle protecting users from several threats. However, it is known that the implementation of this kind of authorization protocol is tricky, and potentially leads to vulnerable web services. In this paper we present a toolkit for Java-based Cloud platforms which facilitates the deployment of the OAuth 2 authorization framework into existing web services. We developed a set of interceptors, using aspect-oriented programming techniques for SOA, to handle the main OAuth flow. Secondly, we created an Eclipse plug-in to integrate OAuth into cloud services with minimum effort.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 IEEE International Conference on Cloud Engineering

自引率

0.00%

发文量

期刊最新文献

Combining Declarative and Imperative Cloud Application Provisioning Based on TOSCA Splicing MPLS and OpenFlow Tunnels Based on SDN Paradigm CoMoT -- A Platform-as-a-Service for Elasticity in the Cloud A Verification Platform for SDN-Enabled Applications Extraction of Bridges from High Resolution Remote Sensing Image Based on Topology Modeling