A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise

Nouriddine, Moustafa and Bashroush, Rabih (2011) ‘A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise’, Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece, August 2011.

[img]
Preview
Text
ICGS3-OAuth paper-Camer ready.pdf - Accepted Version
Available under License Creative Commons Attribution No Derivatives.

Download (271Kb) | Preview

Abstract

As Cloud software (Software-as-a-Service) become more and more ubiquitous, the scale and performance expectations become an important factor impacting architectural decisions for security protocol adoption. WS-Trust[6] and WS-Federation[7] are enterprise scale protocols but lacked wide adoption due to complexity. OAuth 1.0 emerged as an industry standard for unifying identity management for major SaaS players. However, OAuth 1.0 soon was proven to fail performance criteria for enterprise adoption. With the introduction of OAuth 2.0 some of the performance concerns were addressed. This paper proposes an optimization to OAuth 2.0 for enterprise adoption. This optimization is achieved by introducing manageability steps to pre-establish trust amongst the client and the protected resource server. In this model, the client needs to set up trust with the protected resource server as well as with the authorization server. These clients are called highly trusted clients. We believe such optimization makes it feasible to adopt OAuth in the enterprise where scale and performance are critical factors.

Item Type: Conference or Event Item (Paper)
Additional Information: Citation: M. Nouriddine and R. Bashroush, “A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise”, in Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3), Greece, August 2011..
Divisions: Schools > Architecture Computing and Engineering, School of
Depositing User: Rabih Bashroush
Date Deposited: 12 Apr 2012 22:20
Last Modified: 12 Oct 2012 14:08
URI: http://hdl.handle.net/10552/1531

Actions (login required)

View Item View Item