A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise

Conference paper


Nouriddine, Moustafa and Bashroush, R. 2011. A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
AuthorsNouriddine, Moustafa and Bashroush, R.
TypeConference paper
Abstract

As Cloud software (Software-as-a-Service) become more and more
ubiquitous, the scale and performance expectations become an important factor
impacting architectural decisions for security protocol adoption. WS-Trust[6]
and WS-Federation[7] are enterprise scale protocols but lacked wide adoption
due to complexity. OAuth 1.0 emerged as an industry standard for unifying
identity management for major SaaS players. However, OAuth 1.0 soon was
proven to fail performance criteria for enterprise adoption. With the
introduction of OAuth 2.0 some of the performance concerns were addressed.
This paper proposes an optimization to OAuth 2.0 for enterprise adoption. This
optimization is achieved by introducing manageability steps to pre-establish
trust amongst the client and the protected resource server. In this model, the
client needs to set up trust with the protected resource server as well as with the
authorization server. These clients are called highly trusted clients. We believe
such optimization makes it feasible to adopt OAuth in the enterprise where
scale and performance are critical factors.

KeywordsOAuth; Access Delegation; Authorization Servers
Year2011
ConferenceProceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3)
Accepted author manuscript
License
CC BY-ND
Publication dates
Print2011
Publication process dates
Deposited12 Apr 2012
Web address (URL)http://hdl.handle.net/10552/1531
Additional information

Citation:
M. Nouriddine and R. Bashroush, “A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise”, in Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3), Greece, August 2011..

Permalink -

https://repository.uel.ac.uk/item/8617y

Download files


Accepted author manuscript
  • 238
    total views
  • 131
    total downloads
  • 2
    views this month
  • 1
    downloads this month

Export as

Related outputs

SWOT Analysis of Information Security Management System ISO 27001
Akinyemi, I., Schatz, D. and Bashroush, R. 2020. SWOT Analysis of Information Security Management System ISO 27001. International Journal of Services Operations and Informatics. 10 (4), p. 305–329. https://doi.org/10.1504/IJSOI.2020.111297
Optimizing server refresh cycles: The case for circular economy with an aging Moore’s Law
Bashroush, R., Rteil, N., Kenny, R. and Wynne, A. 2020. Optimizing server refresh cycles: The case for circular economy with an aging Moore’s Law. IEEE Transactions on Sustainable Computing. 7 (1), pp. 189-200. https://doi.org/10.1109/TSUSC.2020.3035234
Case Studies for achieving a Return on Investment with a Hardware Refresh in Organizations with Small Data Centers
Doyle, J. and Bashroush, R. 2020. Case Studies for achieving a Return on Investment with a Hardware Refresh in Organizations with Small Data Centers. IEEE Transactions on Sustainable Computing. 6 (4), pp. 599-611. https://doi.org/10.1109/TSUSC.2020.3031450
Towards Efficient and Scalable Data-Intensive Content Delivery: State-of-the-Art, Issues and Challenges
Kilanioti, Irene, Fernández-Montes, Alejandro, Fernández-Cerero, Damián, Karageorgos, Anthony, Mettouris, Christos, Nejkovic, Valentina, Albanis, Nikolas, Bashroush, R. and Papadopoulos, George A. 2019. Towards Efficient and Scalable Data-Intensive Content Delivery: State-of-the-Art, Issues and Challenges. in: Kołodziej, Joanna and González-Vélez, Horacio (ed.) High-Performance Modelling and Simulation for Big Data Applications: Selected Results of the COST Action IC1406 cHiPSet Springer, Cham.
Security predictions — A way to reduce uncertainty
Schatz, D. and Bashroush, R. 2019. Security predictions — A way to reduce uncertainty. Journal of Information Security and Applications. 45, pp. 107-116. https://doi.org/10.1016/j.jisa.2019.01.009
Towards a More Representative Definition of Cyber Security
Schatz, Daniel, Bashroush, R. and Wall, J. 2017. Towards a More Representative Definition of Cyber Security. Journal of Digital Forensics, Security and Law. 12 (2), pp. 53-74. https://doi.org/10.15394/jdfsl.2017.1476
Representing Variability in Software Architecture: A Systematic Literature Review
Haider, U., Woods, E. and Bashroush, R. 2018. Representing Variability in Software Architecture: A Systematic Literature Review. International Journal of Software Engineering and Computer Systems. 4 (2), pp. 19-37. https://doi.org/10.15282/ijsecs.4.2.2018.2.0046
A Comprehensive Reasoning Framework for Hardware Refresh in Data Centers
Bashroush, R. 2018. A Comprehensive Reasoning Framework for Hardware Refresh in Data Centers. IEEE Transactions on Sustainable Computing. 3 (4), pp. 209-220. https://doi.org/10.1109/TSUSC.2018.2795465
The ALI Architecture Description Language
Haider, U., McGregor, John D. and Bashroush, R. 2018. The ALI Architecture Description Language. ACM SIGSOFT Software Engineering Notes. 43 (4), pp. 52-52. https://doi.org/10.1145/3282517.3282545
Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment
Tawil, Abdel-Rahman H., Taweel, Adel, Naeem, U., Montebello, Matthew, Bashroush, R. and Al-Nemrat, A. 2014. Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment. Journal of Intelligent Information Systems. 43 (1), pp. 1-32. https://doi.org/10.1007/s10844-013-0300-5
Jolinar: Analysing the Energy Footprint of Software Applications (demo)
Noureddine, A., Islam, S. and Bashroush, R. 2016. Jolinar: Analysing the Energy Footprint of Software Applications (demo). in: Proceedings of the 25th International Symposium on Software Testing and Analysis New York, NY, USA Association for Computing Machinery (ACM). pp. 445-448
Architectural Principles for Energy-Aware Internet-Scale Applications
Bashroush, R. and Woods, E. 2017. Architectural Principles for Energy-Aware Internet-Scale Applications. IEEE Software. 34 (3), pp. 14-17. https://doi.org/10.1109/MS.2017.60
CASE Tool support for variability management in software product lines
Bashroush, R., Garba, M., Rabiser, R., Groher, I. and Botterweck, G. 2017. CASE Tool support for variability management in software product lines. ACM Computing Surveys. 50 (Art. 14). https://doi.org/10.1145/3034827
gUML: Reasoning about Energy at Design Time by Extending UML Deployment Diagrams with Data Centre Contextual Information
Jebraeil, Nigar, Noureddine, A., Doyle, J., Islam, S. and Bashroush, R. 2017. gUML: Reasoning about Energy at Design Time by Extending UML Deployment Diagrams with Data Centre Contextual Information. in: 2017 IEEE World Congress on Services (SERVICES) IEEE. pp. In Press
Cloud Strife: Expanding the Horizons of Cloud Gaming Services
Doyle, J., Islam, S., Bashroush, R. and O'Mahony, Donal 2017. Cloud Strife: Expanding the Horizons of Cloud Gaming Services. in: 2017 IEEE World Congress on Services (SERVICES) IEEE.
MUSA: A Scalable Multi-Touch and Multi-Perspective Variability Management Tool
Garba, Muhammad, Noureddine, Adel and Bashroush, R. 2016. MUSA: A Scalable Multi-Touch and Multi-Perspective Variability Management Tool. in: 2016 13th Working IEEE/IFIP Conference on Software Architecture (WICSA) IEEE. pp. 299-302
Economic Valuation for Information Security Investment: A Systematic Literature Review
Schatz, Daniel and Bashroush, R. 2016. Economic Valuation for Information Security Investment: A Systematic Literature Review. Information Systems Frontiers. 19 (5), pp. 1205-1228. https://doi.org/10.1007/s10796-016-9648-8
Modelling large-scale information systems using ADLs – An industrial experience report
Woods, Eoin and Bashroush, R. 2014. Modelling large-scale information systems using ADLs – An industrial experience report. The Journal of Systems and Software. 99 (1), pp. 97-108.
The Impact Of Repeated Data Breach Events On Organisations’ Market Value
Schatz, Daniel and Bashroush, R. 2016. The Impact Of Repeated Data Breach Events On Organisations’ Market Value. Information and Computer Security. 24 (1), pp. 73-92.
Activities of daily life recognition using process representation modelling to support intention analysis
Naeem, U., Bashroush, R., Anthony, Richard, Azam, Muhammad Awais, Tawil, Abdel Rahman, Lee, S. and Mou-Ling, Dennis 2015. Activities of daily life recognition using process representation modelling to support intention analysis. International Journal of Pervasive Computing and Communications. 11 (3), pp. 347-371. https://doi.org/10.1108/IJPCC-01-2015-0002
Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report
Woods, Eoin and Bashroush, R. 2012. Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report. Proceedings of the Joint 10th Working IEEE/IFIP Conference on Software Architecture & 6th European Conference on Software Architecture. Helsinki Finland Aug 2012
The contribution of architecture description languages to the evaluation of software architectures
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. The contribution of architecture description languages to the evaluation of software architectures.
Using the NaSr Architectural Style to Solve the Broken Hyperlink Problem
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Using the NaSr Architectural Style to Solve the Broken Hyperlink Problem.
Towards an Automated Evaluation Process for Software Architectures
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Towards an Automated Evaluation Process for Software Architectures.
A Real-time Network Emulator: ADLARS Case Study
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. A Real-time Network Emulator: ADLARS Case Study.
A Network Architectural Style for Real-time Systems: NaSr
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. A Network Architectural Style for Real-time Systems: NaSr.
Deriving Product Architectures from an ADLARS Described Reference Architecture using Leopard
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Deriving Product Architectures from an ADLARS Described Reference Architecture using Leopard.
Feature Guided Architecture Development for Embedded System Families
Brown, John, Bashroush, R., Gillan, Charles, Spence, Ivor and Kilpatrick, Peter 2005. Feature Guided Architecture Development for Embedded System Families.
A Generic Reference Software Architecture for Load Balancing Over Mirrored Web Servers: NaSr Case Study
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2005. A Generic Reference Software Architecture for Load Balancing Over Mirrored Web Servers: NaSr Case Study.
ADLARS: An Architecture Description Language for Software Product Lines
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2005. ADLARS: An Architecture Description Language for Software Product Lines.
Weaving Behaviour into Feature Models for Embedded System Families
Brown, John, Gawley, Rachel, Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Gillan, Charles 2006. Weaving Behaviour into Feature Models for Embedded System Families.
Towards More Flexible Architecture Description Languages for Industrial Applications
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2006. Towards More Flexible Architecture Description Languages for Industrial Applications. in:
Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications
Fritzsche, M, Gilani, Wasif, Spence, Ivor, Kilpatrick, Peter, Brown, John and Bashroush, R. 2008. Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications. in: Schierferdecker, Ina and Hartman, Alan (ed.) Model Driven Architecture – Foundations and Applications Springer.
A Multiple Views Model for Variability Management in Software Product Lines
Bashroush, R., Spence, Ivor, Kilpatrick, Peter, Brown, John and Gillan, Charles 2008. A Multiple Views Model for Variability Management in Software Product Lines. Proceedings of the Second International Workshop on Variability Modelling of Software-intensive Systems (VaMoS2008). Essen, Germany 16 - 18 Jan 2008
ALI: An Extensible Architecture Description Language for Industrial Applications
Bashroush, R., Spence, Ivor, Kilpatrick, Peter, Brown, John, Gilani, Wasif and Fritzsche, M 2008. ALI: An Extensible Architecture Description Language for Industrial Applications. in: Springer.
Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications
Bashroush, R. and Spence, Ivor 2008. Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications. in: Proceedings of 15th IEEE International Conference on Engineering of Computer-Based Systems (ECBS) IEEE. pp. 57-65
A Scalable Multiple Perspective Variability Management CASE Tool
Bashroush, R. 2010. A Scalable Multiple Perspective Variability Management CASE Tool. 14th International Software Product Line Conference (SPLC). South Korea Sep 2010
A NUI Based Multiple Perspective Variability Modelling CASE Tool
Bashroush, R. 2010. A NUI Based Multiple Perspective Variability Modelling CASE Tool. in: Babar, Muhammad Ali and Gorton, IAn (ed.) Software Architecture: Proceedings of 4th European Conference, ECSA 2010, Copenhagen, Denmark, August 23-26, 2010 Springer.
Logical Reasoning and Decision Making
Ong, D, Khaddaj, Souheil and Bashroush, R. 2011. Logical Reasoning and Decision Making. 10th IEEE International Conference on Cybernetic Intelligent Systems. London Aug 2011
A Provisioning Model towards OAuth 2.0 Optimization
Nouriddine, Moustafa and Bashroush, R. 2011. A Provisioning Model towards OAuth 2.0 Optimization. 10th IEEE International Conference on Cybernetic Intelligent Systems. London Sep 2011
Modality Cost Analysis: A Methodology for Cost Effective Datacenter Capacity Planning in the Cloud
Nouriddine, Moustafa and Bashroush, R. 2011. Modality Cost Analysis: A Methodology for Cost Effective Datacenter Capacity Planning in the Cloud.
Modality Cost Analysis Based Methodology for Cost Effective Datacenter Capacity Planning in the Cloud
Nouriddine, Moustafa and Bashroush, R. 2011. Modality Cost Analysis Based Methodology for Cost Effective Datacenter Capacity Planning in the Cloud. Ubiquitous Computing and Communication Journal.
Sufficiency of Windows Event log as Evidence in Digital Forensics
Ibrahim, Nurdeen, Al-Nemrat, Ameer, Jahankhani, Hamid and Bashroush, R. 2011. Sufficiency of Windows Event log as Evidence in Digital Forensics. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
GSi Compliant RAS for Public Private Sector Partnership
Fawzi, Fawzi and Bashroush, R. 2011. GSi Compliant RAS for Public Private Sector Partnership. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator
Bashroush, R., Al-Nemrat, Ameer, Bachrouch, Mohammad and Spence, Ivor 2011. Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator. Proceedings of the International Conference on Information and Communication Systems (ICICS 2011). Jordan May 2011
Visualizing Variability Models Using Hyperbolic Trees
Bashroush, R., Al-Nemrat, Ameer, Bachrouch, Mohammad and Jahankhani, Hamid 2011. Visualizing Variability Models Using Hyperbolic Trees. Proceedings of the 23rd International Conference on Advanced Information Systems Engineering Forum(CAiSE Forum 2011). London Jun 2011
A Cost Effective Cloud Datacenter Capacity Planning Method Based on Modality Cost Analysis
Bashroush, R. and Nouriddine, Moustafa 2013. A Cost Effective Cloud Datacenter Capacity Planning Method Based on Modality Cost Analysis. International Journal of Communication Networks and Distributed Systems. 11 (3), pp. 250-261.
Challenges in the Application of Feature Modelling in Fixed Line Telecommunications
Gillan, Charles, Kilpatrick, Peter, Spence, Ivor, Brown, T. John, Bashroush, R. and Gawley, Rachel 2007. Challenges in the Application of Feature Modelling in Fixed Line Telecommunications. Proceedings of the First International Workshop on Variability Modelling of Software-intensive Systems (VaMoS 2007), Lemrick, Ireland, Jan 16 -18, 2007. C Gillan
Using a Software Product Line Approach in Designing Grid Services
Bashroush, R. and Perrott, Ronald 2005. Using a Software Product Line Approach in Designing Grid Services. 4th UK e-Science All Hands Meeting (AHM2005). Nottingham, UK Sep 2005
Requirements Modelling and Design Notations for Software Product Lines
Brown, T. John, Gawley, Rachel, Spence, Ivor, Kilpatrick, Peter, Gillan, Charles and Bashroush, R. 2007. Requirements Modelling and Design Notations for Software Product Lines. Proceedings of the First International Workshop on Variability Modelling of Software-intensive Systems (VaMoS2007), Lemrick, Ireland, Jan 16-18, 2007. T J. Brown