Title :
Design of a security mechanism for RESTful Web Service communication through mobile clients
Author :
De Backere, Femke ; Hanssens, Brecht ; Heynssens, Ruben ; Houthooft, Rein ; Zuliani, Alexander ; Verstichel, Stijn ; Dhoedt, Bart ; De Turck, Filip
Author_Institution :
Inf. Technol. Dept. (INTEC), Ghent Univ. - iMinds, Ghent, Belgium
Abstract :
Security is not taken into account by default in the Representational State Transfer (REST) architecture, but its layered architecture provides many opportunities for implementing it. In this paper, a security mechanism for Web Service communication through mobile clients devices is proposed, that conforms to the REST architecture as much as possible. This approach has been inspired by some known security mechanisms, but implemented in such a way that it focusses on statelessness and aims to be lightweight. Results indicate that the custom security mechanism outperforms the Transport Layered Security (TLS) based system. Because of the genericness of REST, the proposed security mechanism can be adopted by a wide variety of other RESTful Web Services.
Keywords :
Web services; mobile computing; security of data; REST architecture; RESTful Web service communication; TLS based system; mobile clients devices; representational state transfer; security mechanism design; transport layered security; Authentication; Cryptography; Databases; Protocols; Servers; Web services;
Conference_Titel :
Network Operations and Management Symposium (NOMS), 2014 IEEE
Conference_Location :
Krakow
DOI :
10.1109/NOMS.2014.6838308
