Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization System

机译：在OAuth 2.0作为身份验证和授权系统上实现基于角色的访问控制

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

As today's technology transition from monolithic towards microservices architecture, the authentication and authorization system also becomes a new concern because of the difference between monolithic and microservices pattern. Monolithic mostly uses role-based access control while microservices uses scope with OAuth 2.0. With this in mind, there is a need for a model that can integrate OAuth 2.0 with role-based access control. With role-based access control implemented on OAuth 2.0, we expect a simpler authorization process and a more secure authentication and authorization system for microservices backend architecture. This paper proposes a model to implement role-based access control on OAuth 2.0 using Laravel framework, we also test the performance of the system following by response time, data transferred and throughput. From the performance test, this approach has a good performance and can handle certain requests with simulated users even with limited resources.

机译：随着当今技术从单片架构过渡到微服务架构，由于单片架构与微服务模式之间的差异，身份验证和授权系统也成为新的关注点。整体式大多数使用基于角色的访问控制，而微服务使用OAuth 2.0的作用域。考虑到这一点，需要一种可以将OAuth 2.0与基于角色的访问控制集成的模型。通过在OAuth 2.0上实现基于角色的访问控制，我们期望针对微服务后端体系结构的授权过程更加简单，身份验证和授权系统更加安全。本文提出了一个使用Laravel框架在OAuth 2.0上实现基于角色的访问控制的模型，我们还根据响应时间，数据传输和吞吐量来测试系统的性能。从性能测试来看，这种方法具有良好的性能，即使资源有限，也可以处理模拟用户的某些请求。

著录项

来源
《International Conference on Electrical Engineering, Computer Science and Informatics》|2019年|259-263|共5页
会议地点
作者
Zehan Triartono; Ridha Muldina Negara; Sussi;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
authorisation; message authentication; Web services;

机译：授权;消息认证; Web服务;

相似文献

外文文献
中文文献
专利

1. Role-based access control for grid database services using the community authorization service [J] . Pereira A.L., Muppavarapu V., Chung S.M. IEEE transactions on dependable and secure computing . 2006,第2期

机译：使用社区授权服务的网格数据库服务的基于角色的访问控制
2. Mutual Authentication Protocol for Role-Based Access Control Using Mobile RFID [J] . Bing-Chang Chen, Cheng-Ta Yang, Her-Tyan Yeh, Applied Sciences . 2016,第8期

机译：使用移动RFID的基于角色的访问控制的相互认证协议
3. Mutual Authentication Protocol for Role-Based Access Control Using Mobile RFID [J] . Bing-Chang Chen, Cheng-Ta Yang, Her-Tyan Yeh, Applied Sciences . 2016,第8期

机译：使用移动RFID的基于角色的访问控制的相互认证协议
4. Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization System [C] . Zehan Triartono, Ridha Muldina Negara, Sussi International Conference on Electrical Engineering, Computer Science and Informatics . 2019

机译：在OAuth 2.0上实现基于角色的访问控制作为认证和授权系统
5. Finding Differences in Privilege Protection and Their Origin in Role-Based Access Control Implementations [D] . Laverdière-Papineau, Marc-André. 2018

机译：在基于角色的访问控制实现中发现特权保护的差异及其起源
6. A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach [O] . Santiago Figueroa-Lorenzo, Javier Añorga, Saioa Arrizabalaga 2019

机译：Modbus SCADA系统中的基于角色的访问控制模型。集中模型方法
7. Authentication and Authorization for Native Mobile Applications using OAuth 2.0 [O] . Aas Dag-Inge 2013

机译：使用OAuth 2.0进行本地移动应用程序的身份验证和授权
8. Scalable Authorization in Role-Based Access Control Using Negative Permissions and Remote Authorization [R] . Shah, A. P. 2003

机译：使用否定权限和远程授权的基于角色的访问控制中的可扩展授权

Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization System

摘要

著录项

相似文献

相关主题

期刊订阅