Nouriddine, Moustafa and Bashroush, Rabih (2011) ‘A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise’, Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece, August 2011.
ICGS3-OAuth paper-Camer ready.pdf - Accepted Version
Available under License Creative Commons Attribution No Derivatives.
Download (271Kb) | Preview
As Cloud software (Software-as-a-Service) become more and more ubiquitous, the scale and performance expectations become an important factor impacting architectural decisions for security protocol adoption. WS-Trust and WS-Federation are enterprise scale protocols but lacked wide adoption due to complexity. OAuth 1.0 emerged as an industry standard for unifying identity management for major SaaS players. However, OAuth 1.0 soon was proven to fail performance criteria for enterprise adoption. With the introduction of OAuth 2.0 some of the performance concerns were addressed. This paper proposes an optimization to OAuth 2.0 for enterprise adoption. This optimization is achieved by introducing manageability steps to pre-establish trust amongst the client and the protected resource server. In this model, the client needs to set up trust with the protected resource server as well as with the authorization server. These clients are called highly trusted clients. We believe such optimization makes it feasible to adopt OAuth in the enterprise where scale and performance are critical factors.
|Item Type:||Conference or Event Item (Paper)|
|Additional Information:||Citation: M. Nouriddine and R. Bashroush, “A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise”, in Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3), Greece, August 2011..|
|Divisions:||Schools > Architecture Computing and Engineering, School of|
|Depositing User:||Rabih Bashroush|
|Date Deposited:||12 Apr 2012 22:20|
|Last Modified:||12 Oct 2012 14:08|
Actions (login required)