Authorization-aware HATEOAS

Marc Hüffmeyer; Florian Haupt; Frank Leymann; Ulf Schreier

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Authorization-aware HATEOAS

Topics: Access Control; Privacy, Security and Trust; Service Innovation; Service Modeling and Specification; Service Platforms; Service-oriented Architecture; Services Security and Reliability; Web Services

In Proceedings of the 8th International Conference on Cloud Computing and Services Science CLOSER - Volume 1, 78-89, 2018 , Funchal, Madeira, Portugal

Authors: Marc Hüffmeyer ¹ ; Florian Haupt ² ; Frank Leymann ² and Ulf Schreier ¹

Affiliations: ¹ Hochschule Furtwangen, Germany ; ² University of Stuttgart, Germany

Keyword(s): REST, Web Services, Authorization, Attribute Based Access Control.

Related Ontology Subjects/Areas/Topics: Cloud Computing ; Collaboration and e-Services ; Data Engineering ; e-Business ; Enterprise Information Systems ; Mobile Software and Services ; Ontologies and the Semantic Web ; Services Science ; Software Agents and Internet Computing ; Software Engineering ; Software Engineering Methods and Techniques ; Telecommunications ; Web Services ; Wireless Information Networks and Systems

Abstract: The architectural style named Representational State Transfer (REST) is nowadays widely established and still enjoys a growing popularity. One of the core principles of REST is referred as ”Hypermedia as the Engine of Application State” (HATEOAS). HATEOAS is one of the foundations of the scalability that RESTful systems provide and enables the decoupling of client and server. But the realization of HATEOAS is challenging, because there is no systematic approach how to enforce the constraint. Therefore, the implementation is mostly up to the developer of a RESTful service. This work describes a new method of how to apply the HATEOAS constraint. We describe a method that systematically enables HATEOAS based on REST API models and the integration of access control mechanisms. In order to avoid unauthorized access attempts and unnecessary network traffic, the resource representations are customized to the requesting subject. References that lead to not accessible resources, are not inclu ded in the customized resource representations. Therefore, an attribute based access control mechanism is extended to distinguish between static and dynamic attributes. A 2-phase authorization procedure is introduced that relies on this discrimination and determines the references which must be included in the resource representation. The result is a flexible realization of HATEOAS based on formal models. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.145.66.104

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Hüffmeyer, M.; Haupt, F.; Leymann, F. and Schreier, U. (2018). Authorization-aware HATEOAS. In Proceedings of the 8th International Conference on Cloud Computing and Services Science - CLOSER; ISBN 978-989-758-295-0; ISSN 2184-5042, SciTePress, pages 78-89. DOI: 10.5220/0006683700780089

@conference{closer18,
author={Marc Hüffmeyer. and Florian Haupt. and Frank Leymann. and Ulf Schreier.},
title={Authorization-aware HATEOAS},
booktitle={Proceedings of the 8th International Conference on Cloud Computing and Services Science - CLOSER},
year={2018},
pages={78-89},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006683700780089},
isbn={978-989-758-295-0},
issn={2184-5042},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Cloud Computing and Services Science - CLOSER
TI - Authorization-aware HATEOAS
SN - 978-989-758-295-0
IS - 2184-5042
AU - Hüffmeyer, M.
AU - Haupt, F.
AU - Leymann, F.
AU - Schreier, U.
PY - 2018
SP - 78
EP - 89
DO - 10.5220/0006683700780089
PB - SciTePress