A Provisioning Model towards OAuth 2.0 Optimization

Conference paper


Nouriddine, Moustafa and Bashroush, R. 2011. A Provisioning Model towards OAuth 2.0 Optimization. 10th IEEE International Conference on Cybernetic Intelligent Systems. London Sep 2011
AuthorsNouriddine, Moustafa and Bashroush, R.
TypeConference paper
Abstract

A major hurdle of formal adoption of OAuth protocol
for enterprise applications is performance. Enterprise
applications (e.g. SAP, SharePoint, Exchange Server, etc.)
require a mechanism to predict and manage performance
expectations. As these applications become more and more
ubiquitous in the Cloud, the scale and performance expectations
become an important factor impacting architectural decisions for
security protocol adoption. This paper proposes an optimization
to OAuth 2.0 for enterprise adoption. This optimization is
achieved by introducing provisioning steps to pre-establish trust
amongst enterprise applications’ Resource Servers, its associated
Authorization Server and the clients interested in access to
protected resources. In this model, trust is provisioned and
synchronized as a pre-requisite step to authentication and
authorization amongst all communicating entities in OAuth
protocol, namely, the client requesting a protected resource, the
resource server, and the authorization server. For a case study,
we analyze SAP authenticating with SharePoint using our
optimization versus existing OAuth protocol. We believe such
optimization will further facilitate the adoption of OAuth in the
enterprise where scale and performance are critical factors.

KeywordsAuthentication and Authorization; Cloud Performance; Access Delegation; Authorization Servers
Year2011
Conference10th IEEE International Conference on Cybernetic Intelligent Systems
Accepted author manuscript
License
CC BY-ND
Publication dates
Print2011
Publication process dates
Deposited12 Apr 2012
Web address (URL)http://hdl.handle.net/10552/1530
Additional information

Citation:
M. Nouriddine and R. Bashroush, “A Provisioning Model towards OAuth 2.0 Optimization”, in Proceedings of the 10th IEEE International Conference on Cybernetic Intelligent Systems, London, UK, September 2011..

Permalink -

https://repository.uel.ac.uk/item/8617z

  • 10
    total views
  • 18
    total downloads
  • 3
    views this month
  • 3
    downloads this month

Related outputs

Towards Efficient and Scalable Data-Intensive Content Delivery: State-of-the-Art, Issues and Challenges
Kilanioti, Irene, Fernández-Montes, Alejandro, Fernández-Cerero, Damián, Karageorgos, Anthony, Mettouris, Christos, Nejkovic, Valentina, Albanis, Nikolas, Bashroush, R. and Papadopoulos, George A. 2019. Towards Efficient and Scalable Data-Intensive Content Delivery: State-of-the-Art, Issues and Challenges. in: Kołodziej, Joanna and González-Vélez, Horacio (ed.) High-Performance Modelling and Simulation for Big Data Applications: Selected Results of the COST Action IC1406 cHiPSet Springer, Cham.
Towards a More Representative Definition of Cyber Security
Schatz, Daniel, Bashroush, R. and Wall, J. 2017. Towards a More Representative Definition of Cyber Security. Journal of Digital Forensics, Security and Law. 12 (2), pp. 53-74.
Representing Variability in Software Architecture: A Systematic Literature Review
Haider, U., Woods, E. and Bashroush, R. 2018. Representing Variability in Software Architecture: A Systematic Literature Review. International Journal of Software Engineering and Computer Systems. 4 (2), pp. 19-37.
The ALI Architecture Description Language
Haider, U., McGregor, John D. and Bashroush, R. 2018. The ALI Architecture Description Language. ACM SIGSOFT Software Engineering Notes. 43 (4), pp. 52-52.
gUML: Reasoning about Energy at Design Time by Extending UML Deployment Diagrams with Data Centre Contextual Information
Jebraeil, Nigar, Noureddine, A., Doyle, J., Islam, S. and Bashroush, R. 2017. gUML: Reasoning about Energy at Design Time by Extending UML Deployment Diagrams with Data Centre Contextual Information. in: 2017 IEEE World Congress on Services (SERVICES) Institute of Electrical and Electronics Engineers (IEEE). pp. In Press
Cloud Strife: Expanding the Horizons of Cloud Gaming Services
Doyle, J., Islam, S., Bashroush, R. and O'Mahony, Donal 2017. Cloud Strife: Expanding the Horizons of Cloud Gaming Services. in: 2017 IEEE World Congress on Services (SERVICES) Institute of Electrical and Electronics Engineers (IEEE).
Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment
Tawil, Abdel-Rahman H., Taweel, Adel, Naeem, U., Montebello, Matthew, Bashroush, R. and Al-Nemrat, A. 2014. Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment. Journal of Intelligent Information Systems. 43 (1), pp. 1-32.
Jolinar: Analysing the Energy Footprint of Software Applications (demo)
Noureddine, A., Islam, S. and Bashroush, R. 2016. Jolinar: Analysing the Energy Footprint of Software Applications (demo). in: Proceedings of the 25th International Symposium on Software Testing and Analysis New York, NY, USA ACM. pp. 445-448
CASE Tool support for variability management in software product lines
Bashroush, R., Garba, Muhammad, Rabiser, Rick, Groher, Iris and Botterweck, Goetz 2017. CASE Tool support for variability management in software product lines. ACM Computing Surveys. 50 (1), p. Art. 14.
MUSA: A Scalable Multi-Touch and Multi-Perspective Variability Management Tool
Garba, Muhammad, Noureddine, Adel and Bashroush, R. 2016. MUSA: A Scalable Multi-Touch and Multi-Perspective Variability Management Tool. in: 2016 13th Working IEEE/IFIP Conference on Software Architecture (WICSA) Institute of Electrical and Electronics Engineers (IEEE). pp. 299-302
Economic Valuation for Information Security Investment: A Systematic Literature Review
Schatz, Daniel and Bashroush, R. 2016. Economic Valuation for Information Security Investment: A Systematic Literature Review. Information Systems Frontiers. 19 (5), pp. 1205-1228.
Modelling large-scale information systems using ADLs – An industrial experience report
Woods, Eoin and Bashroush, R. 2014. Modelling large-scale information systems using ADLs – An industrial experience report. The Journal of Systems and Software. 99 (1), pp. 97-108.
The Impact Of Repeated Data Breach Events On Organisations’ Market Value
Schatz, Daniel and Bashroush, R. 2016. The Impact Of Repeated Data Breach Events On Organisations’ Market Value. Information and Computer Security. 24 (1), pp. 73-92.
Activities of daily life recognition using process representation modelling to support intention analysis
Naeem, U., Bashroush, R., Anthony, Richard, Azam, Muhammad Awais, Tawil, Abdel Rahman, Lee, S. and Mou-Ling, Dennis 2015. Activities of daily life recognition using process representation modelling to support intention analysis. International Journal of Pervasive Computing and Communications. 11 (3), pp. 347-371.
Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report
Woods, Eoin and Bashroush, R. 2012. Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report. Proceedings of the Joint 10th Working IEEE/IFIP Conference on Software Architecture & 6th European Conference on Software Architecture. Helsinki Finland Aug 2012
The contribution of architecture description languages to the evaluation of software architectures
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. The contribution of architecture description languages to the evaluation of software architectures.
Using the NaSr Architectural Style to Solve the Broken Hyperlink Problem
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Using the NaSr Architectural Style to Solve the Broken Hyperlink Problem.
Towards an Automated Evaluation Process for Software Architectures
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Towards an Automated Evaluation Process for Software Architectures.
A Real-time Network Emulator: ADLARS Case Study
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. A Real-time Network Emulator: ADLARS Case Study.
A Network Architectural Style for Real-time Systems: NaSr
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. A Network Architectural Style for Real-time Systems: NaSr.
Deriving Product Architectures from an ADLARS Described Reference Architecture using Leopard
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Deriving Product Architectures from an ADLARS Described Reference Architecture using Leopard.
Feature Guided Architecture Development for Embedded System Families
Brown, John, Bashroush, R., Gillan, Charles, Spence, Ivor and Kilpatrick, Peter 2005. Feature Guided Architecture Development for Embedded System Families.
A Generic Reference Software Architecture for Load Balancing Over Mirrored Web Servers: NaSr Case Study
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2005. A Generic Reference Software Architecture for Load Balancing Over Mirrored Web Servers: NaSr Case Study.
ADLARS: An Architecture Description Language for Software Product Lines
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2005. ADLARS: An Architecture Description Language for Software Product Lines.
Weaving Behaviour into Feature Models for Embedded System Families
Brown, John, Gawley, Rachel, Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Gillan, Charles 2006. Weaving Behaviour into Feature Models for Embedded System Families.
Towards More Flexible Architecture Description Languages for Industrial Applications
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2006. Towards More Flexible Architecture Description Languages for Industrial Applications. in:
Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications
Fritzsche, M, Gilani, Wasif, Spence, Ivor, Kilpatrick, Peter, Brown, John and Bashroush, R. 2008. Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications. in: Schierferdecker, Ina and Hartman, Alan (ed.) Model Driven Architecture – Foundations and Applications Springer.
A Multiple Views Model for Variability Management in Software Product Lines
Bashroush, R., Spence, Ivor, Kilpatrick, Peter, Brown, John and Gillan, Charles 2008. A Multiple Views Model for Variability Management in Software Product Lines. Proceedings of the Second International Workshop on Variability Modelling of Software-intensive Systems (VaMoS2008). Essen, Germany 16 - 18 Jan 2008
ALI: An Extensible Architecture Description Language for Industrial Applications
Bashroush, R., Spence, Ivor, Kilpatrick, Peter, Brown, John, Gilani, Wasif and Fritzsche, M 2008. ALI: An Extensible Architecture Description Language for Industrial Applications. in: Springer.
Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications
Bashroush, R. and Spence, Ivor 2008. Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications. in: Proceedings of 15th IEEE International Conference on Engineering of Computer-Based Systems (ECBS) IEEE. pp. 57-65
A Scalable Multiple Perspective Variability Management CASE Tool
Bashroush, R. 2010. A Scalable Multiple Perspective Variability Management CASE Tool. 14th International Software Product Line Conference (SPLC). South Korea Sep 2010
A NUI Based Multiple Perspective Variability Modelling CASE Tool
Bashroush, R. 2010. A NUI Based Multiple Perspective Variability Modelling CASE Tool. in: Babar, Muhammad Ali and Gorton, IAn (ed.) Software Architecture: Proceedings of 4th European Conference, ECSA 2010, Copenhagen, Denmark, August 23-26, 2010 Springer.
Logical Reasoning and Decision Making
Ong, D, Khaddaj, Souheil and Bashroush, R. 2011. Logical Reasoning and Decision Making. 10th IEEE International Conference on Cybernetic Intelligent Systems. London Aug 2011
A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise
Nouriddine, Moustafa and Bashroush, R. 2011. A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
Modality Cost Analysis: A Methodology for Cost Effective Datacenter Capacity Planning in the Cloud
Nouriddine, Moustafa and Bashroush, R. 2011. Modality Cost Analysis: A Methodology for Cost Effective Datacenter Capacity Planning in the Cloud.
Modality Cost Analysis Based Methodology for Cost Effective Datacenter Capacity Planning in the Cloud
Nouriddine, Moustafa and Bashroush, R. 2011. Modality Cost Analysis Based Methodology for Cost Effective Datacenter Capacity Planning in the Cloud. Ubiquitous Computing and Communication Journal.
Sufficiency of Windows Event log as Evidence in Digital Forensics
Ibrahim, Nurdeen, Al-Nemrat, Ameer, Jahankhani, Hamid and Bashroush, R. 2011. Sufficiency of Windows Event log as Evidence in Digital Forensics. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
GSi Compliant RAS for Public Private Sector Partnership
Fawzi, Fawzi and Bashroush, R. 2011. GSi Compliant RAS for Public Private Sector Partnership. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator
Bashroush, R., Al-Nemrat, Ameer, Bachrouch, Mohammad and Spence, Ivor 2011. Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator. Proceedings of the International Conference on Information and Communication Systems (ICICS 2011). Jordan May 2011
Visualizing Variability Models Using Hyperbolic Trees
Bashroush, R., Al-Nemrat, Ameer, Bachrouch, Mohammad and Jahankhani, Hamid 2011. Visualizing Variability Models Using Hyperbolic Trees. Proceedings of the 23rd International Conference on Advanced Information Systems Engineering Forum(CAiSE Forum 2011). London Jun 2011
A Cost Effective Cloud Datacenter Capacity Planning Method Based on Modality Cost Analysis
Bashroush, R. and Nouriddine, Moustafa 2013. A Cost Effective Cloud Datacenter Capacity Planning Method Based on Modality Cost Analysis. International Journal of Communication Networks and Distributed Systems. 11 (3), pp. 250-261.
Challenges in the Application of Feature Modelling in Fixed Line Telecommunications
Gillan, Charles, Kilpatrick, Peter, Spence, Ivor, Brown, T. John, Bashroush, R. and Gawley, Rachel 2007. Challenges in the Application of Feature Modelling in Fixed Line Telecommunications. Proceedings of the First International Workshop on Variability Modelling of Software-intensive Systems (VaMoS 2007), Lemrick, Ireland, Jan 16 -18, 2007. C Gillan
Using a Software Product Line Approach in Designing Grid Services
Bashroush, R. and Perrott, Ronald 2005. Using a Software Product Line Approach in Designing Grid Services. 4th UK e-Science All Hands Meeting (AHM2005). Nottingham, UK Sep 2005
Requirements Modelling and Design Notations for Software Product Lines
Brown, T. John, Gawley, Rachel, Spence, Ivor, Kilpatrick, Peter, Gillan, Charles and Bashroush, R. 2007. Requirements Modelling and Design Notations for Software Product Lines. Proceedings of the First International Workshop on Variability Modelling of Software-intensive Systems (VaMoS2007), Lemrick, Ireland, Jan 16-18, 2007. T J. Brown