An OAuth2.0-Based Unified Authentication System for Secure Services in the Smart Campus Environment

Based on the construction of Shandong Normal University’s smart authentication system, this paper researches the key technologies of Open Authorization(OAuth) protocol, which allows secure authorization in a simple and standardized way from third-party applications accessing online services. Through the analysis of OAuth2.0 standard and the open API details between different applications, and concrete implementation procedure of the smart campus authentication platform, this paper summarizes the research methods of building the smart campus application system with existing educational resources in cloud computing environment. Through the conducting of security experiments and theoretical analysis, this system has been proved to run stably and credibly, flexible, easy to integrate with existing smart campus services, and efficiently improve the security and reliability of campus data acquisition. Also, our work provides a universal reference and significance to the authentication system construction of the smart campus.

[1]  Kevin Curran,et al.  Security evaluation of the OAuth 2.0 framework , 2015, Inf. Comput. Secur..

[2]  Jacek Kopecký,et al.  A history and future of Web APIs , 2014, it Inf. Technol..

[3]  William A. Wulf,et al.  Trends in the Design and Implementation of Programming Languages , 1980, Computer.

[4]  Tom Coughlin Objectives and Activities [Future Directions] , 2015, IEEE Consumer Electron. Mag..

[5]  Luca Veltri,et al.  IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios , 2015, IEEE Sensors Journal.

[6]  Barry Leiba,et al.  OAuth Web Authorization Protocol , 2012, IEEE Internet Computing.

[7]  Zeljko Obrenovic,et al.  Integrating User Customization and Authentication: The Identity Crisis , 2012, IEEE Security & Privacy.

[8]  Mayank Upadhyay,et al.  Authentication at Scale , 2013, IEEE Security & Privacy.

[9]  Tim Berners-Lee,et al.  The World-Wide Web , 1994, CACM.

[10]  Phillip J. Windley,et al.  API Access Control with OAuth: Coordinating interactions with the Internet of Things. , 2015, IEEE Consumer Electronics Magazine.

[11]  William Allen,et al.  Data Security, Privacy, Availability and Integrity in Cloud Computing: Issues and Current Solutions , 2016 .

[12]  Lee Garber The Lowly API Is Ready to Step Front and Center , 2013, Computer.

[13]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[14]  Lucy Lynch Inside the Identity Management Game , 2011, IEEE Internet Computing.

[15]  Stephen Frosh,et al.  Identity crisis , 2015, Science.

[16]  In Young Choi,et al.  The OAuth 2.0 Web Authorization Protocol for the Internet Addiction Bioinformatics (IABio) Database , 2016, Genomics & informatics.

[17]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[18]  Avinash C. Kak,et al.  Some structural measures of API usability , 2015, Softw. Pract. Exp..

[19]  Mohamed Shehab,et al.  Recommendation Models for Open Authorization , 2012, IEEE Transactions on Dependable and Secure Computing.

[20]  Gunnar Peterson,et al.  How to Do Application Logging Right , 2010, IEEE Security & Privacy.

[21]  Konni Srinivasa Rao,et al.  Providing Multi User Authentication and Anonymous Data sharing in cloud computing , 2016 .