Enhancing OAuth services security by an authentication service with face recognition

2015 Long Island Systems, Applications and Technology Pub Date : 2015-05-01 DOI:10.1109/LISAT.2015.7160208

Aziz Alotaibi, Ausif Mahmmod

{"title":"Enhancing OAuth services security by an authentication service with face recognition","authors":"Aziz Alotaibi, Ausif Mahmmod","doi":"10.1109/LISAT.2015.7160208","DOIUrl":null,"url":null,"abstract":"Controlling secure access to web Application Programming Interfaces (APIs) and web services has become more vital with advancement and use of the web technologies. The security of web services APIs is encountering critical issues in managing authenticated and authorized identities of users. Open Authorization (OAuth) is a secure protocol that allows the resource owner to grant permission to a third-party application in order to access the resource owner's protected resource on their behalf, without releasing their credentials. Most web APIs are still using the traditional authentication which is vulnerable to many attacks such as man-in-the middle attack. To reduce such vulnerability, we enhance the security of OAuth through the implementation of a biometric service. We introduce a face verification system based on Local Binary Patterns as an authentication service handled by the authorization server. The entire authentication process consists of three services: Image registration service, verification service, and access token service. The developed system is most useful in securing those services where a human identification is required.","PeriodicalId":235333,"journal":{"name":"2015 Long Island Systems, Applications and Technology","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 Long Island Systems, Applications and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LISAT.2015.7160208","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Controlling secure access to web Application Programming Interfaces (APIs) and web services has become more vital with advancement and use of the web technologies. The security of web services APIs is encountering critical issues in managing authenticated and authorized identities of users. Open Authorization (OAuth) is a secure protocol that allows the resource owner to grant permission to a third-party application in order to access the resource owner's protected resource on their behalf, without releasing their credentials. Most web APIs are still using the traditional authentication which is vulnerable to many attacks such as man-in-the middle attack. To reduce such vulnerability, we enhance the security of OAuth through the implementation of a biometric service. We introduce a face verification system based on Local Binary Patterns as an authentication service handled by the authorization server. The entire authentication process consists of three services: Image registration service, verification service, and access token service. The developed system is most useful in securing those services where a human identification is required.

查看原文本刊更多论文

通过带有人脸识别的身份验证服务增强OAuth服务的安全性

随着web技术的进步和使用，控制对web应用程序编程接口(api)和web服务的安全访问变得越来越重要。web服务api的安全性在管理经过身份验证和授权的用户身份时遇到了关键问题。开放授权(OAuth)是一种安全协议，它允许资源所有者向第三方应用程序授予权限，以便代表资源所有者访问受保护的资源，而无需释放其凭据。大多数web api仍然使用传统的身份验证，这很容易受到许多攻击，例如中间人攻击。为了减少这种漏洞，我们通过实施生物识别服务来增强OAuth的安全性。介绍了一种基于本地二进制模式的人脸验证系统，作为授权服务器处理的认证服务。整个身份验证过程包括三个服务:图像注册服务、验证服务和访问令牌服务。开发的系统在保护那些需要人工识别的服务方面最有用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 Long Island Systems, Applications and Technology

自引率

0.00%

发文量