Title :
Authentication, Authorization, and Accounting in WebRTC PaaS Infrastructures: The Case of Kurento
Author :
Lopez-Fernandez, Luis ; Gallego, Micael ; Garcia, Belen ; Fernandez-Lopez, David ; Lopez, Francisco Javier
Abstract :
WebRTC server infrastructures are useful for creating rich real-time communication (RTC) applications. Developers commonly use them for accessing capabilities such as group communications, archiving, and transcoding. Details on how to implement and use such infrastructures securely are of increasing interest to the engineering community. Kurento is an open source project that provides a WebRTC media server and a platform as a service cloud built on top of it. The authors present the Kurento API and analyze different security models for it, investigating the suitability of using simple access control lists (ACLs) and capability-based security schemes to provide authorization. Using minimal implementation, they discuss the advantages and drawbacks of each scheme and conclude that, for the proposed schemes, ACLs are less scalable but provide more granularity.
Keywords :
application program interfaces; authorisation; cloud computing; public domain software; ACL; Kurento API; Kurento open source project; WebRTC PaaS infrastructure; WebRTC media server; access control lists; accounting; application program interface; authentication; authorization; capability-based security scheme; platform-as-a-service cloud; realtime communication; Access control; Access protocols; Authentication; Authorization; Media; Real-time systems; Servers; Transcoding; WebRTC; AAA; ACLs; WebRTC; authorization; capabilities; infrastructures; platform as a service;
Journal_Title :
Internet Computing, IEEE
DOI :
10.1109/MIC.2014.102
