Affiliation:
1. Faculty of Computer Science, University “Ukshin Hoti” — Prizren, Rruga e Shkronjave 1, 20000 Prizren, Kosovo
2. Faculty of Computer Science and Engineering, University “Ss. Cyril and Methodius” Rugjer Boskovikj 16, 1000 Skopje, North Macedonia
Abstract
SOA is an architectural style that enables providing applications as services. Following the authentication procedure, most Web services-based applications use application-specific access control mechanisms to make authorization decisions. Services can interact with one another, sometimes relying on a trust-based relationship. However, if unauthorized access is gained to a particular service, it could potentially jeopardize the whole security system. REST, likewise, is an architectural style defined by a set of principles for creating network-based software structures. These concepts come together to form a coherent metaphor for the Web’s processes and interactions. In RESTful services, authentication and authorization play a tremendous role in terms of security, so services are constantly charged with authenticating users. Security as an essential aspect of services affects those servers necessarily containing the authentication mechanism, and they must authenticate each service for each of its requests. This study presents the mechanisms of authentication and authorization in RESTful services. A RESTful service’s authorization management framework is proposed and the possibility to manage service access authorization to specific services (resources) is described and implemented. The paper is concluded with the presentation of experimental results derived from the implementation of the REST services based on the proposed framework.
Publisher
World Scientific Pub Co Pte Ltd
Subject
Artificial Intelligence,Computer Graphics and Computer-Aided Design,Computer Networks and Communications,Software