BazEkon - Biblioteka Główna Uniwersytetu Ekonomicznego w Krakowie

BazEkon home page

Meny główne

Autor
Nowakowski Grzegorz (Cracow University of Technology (PK))
Tytuł
Rest API Safety Assurance by Means of HMAC Mechanism
Źródło
Information Systems in Management, 2016, vol. 5, nr 3, s. 358-369, rys., tab., bibliogr. 15 poz.
Systemy Informatyczne w Zarządzaniu
Słowa kluczowe
Oprogramowanie, Aplikacje internetowe, Uwierzytelnianie
Software, Internet application, Authentication
Uwagi
summ.
Abstrakt
The HMAC mechanism that enables authentication REST services and assures their integrity, non-repudiation and confidentiality, has been presented in this article. A demonstration Restful API has been implemented using Slim Framework, in which several endpoints for login, test route available only for registered users and authenticated by means of HMAC mechanism, have been assigned. The solution proposed here suggests an alternative that is easy to implement compared to other well-known methods of authentication and authorization. (original abstract)
Pełny tekst
Pokaż
Bibliografia
Pokaż
  1. Webber J., Parastatidis S., Robinson I. (2010) REST in Practice: Hypermedia and Systems Architecture, O'Reilly Media, 1 edition.
  2. Mehta B. (2014) RESTful Java Patterns and Best Practices, Packt Publishing.
  3. Richardson L., Amundsen M., Ruby S. (2013) RESTful Web APIs, O'Reilly Media.
  4. Fielding R.T. (2000) Architectural Styles and the Design of Network-based Software Architectures, Chapter 5, Dissertation, University Of California, Irvine.
  5. JSON, (online) homepage: http://json.org/ (date of access: 2016-02-05).
  6. XML, (online) homepage: http://www.w3.org/XML/ (date of access: 2016-02-05).
  7. Slim Framework, a micro framework for PHP (online) homepage: http://www.slimframework.com/ (date of access: 2016-02-05).
  8. Slim Framework, Middleware-Overview (online) homepage: http://docs.slimframework.com/#Middleware-Overview (date of access: 2016-02-05).
  9. hash_hmac(), (online) homepage: http://php.net/manual/en/function.hash-hmac.php (date of access: 2016-02-05).
  10. Krawczyk H., Bellare M., and Canetti R. (1997) HMAC: Keyed-Hashing for Message Authentication, Internet Engineering Task Force, Request for Comments (RFC) 2104.
  11. National Institute of Standards and Technology (2008) Secure Hash Standards (SHS), Federal Information Processing Standards Publication 180-3.
  12. NIST Special Publication (SP) 800-57 (2007) Recommendation for Key Management - Part 1: General (Revised).
  13. NIST Special Publication (SP) 800-107 (2009) Recommendation for Applications Using Approved Hash Algorithms.
  14. Hash-based Message Authentication Code (HMAC) definition, (online) homepage: http://searchsecurity.techtarget.com/definition/Hash-based-Message-Authentication-Code-HMAC (date of access: 2016-02-05).
  15. Using HMAC to authenticate Web service requests, (online) homepage: http://rc3.org/2011/12/02/using-hmac-to-authenticate-web-service-requests/ (date of access: 2016-02-05).
Cytowane przez
Pokaż
ISSN
2084-5537
Język
eng
Udostępnij na Facebooku Udostępnij na Twitterze Udostępnij na Google+ Udostępnij na Pinterest Udostępnij na LinkedIn Wyślij znajomemu