Institutional Repository
Technical University of Crete
Technical University of Crete
EN
|
EL
| URI: | http://purl.tuc.gr/dl/dias/BD5A9ECF-71B8-41B1-80F5-A247DD086ED5 | ||
| Year | 2020 | ||
| Type of Item | Diploma Work | ||
| License |
|
||
| Bibliographic Citation | Ilias Kontochristos, "Authorized user access in federated service oriented architectures for the internet of things in the cloud", Diploma Work, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2020 https://doi.org/10.26233/heallink.tuc.87895 | ||
| Appears in Collections |
This thesis aims in enhancing the security of a federated Service Oriented Architecture, allowing safer communication of RESTful micro-services in the cloud. To achieve this goal, HTTPS (HyperText Transfer Protocol Secure) or HTTP over TLS (Transport Layer Security) were incorporated in the communication of the micro-services. In each exposed service, TLS certificates were installed in order to encrypt the communication and guarantee the authenticity of the service. Emphasis was put on improving the mechanism for user authorization and authentication, when they access the system. Τhe authorization code grant of the OAuth 2.0 protocol and OpenID Connect were incorporated in the API of the system. The authorization code grant provides API security and reduces the chance of exposing user credentials, by utilizing scoped access tokens. OpenID Connect extends the OAuth 2.0 Protocol and provides enhanced user authentication, ID token validation, and SSO (Single Sign-On) functionality, amongst the federated architecture nodes. A series of experiments showed that the added security measures introduce delay into the system. Furthermore, it is demonstrated that different encryption algorithms and key lengths affect system performance.
Copyright © DIAS 2013
