FIGI: The Architecture of an Internet-Based Financial Information Gathering Infrastructure
WECWIS '99 Proceedings of the International Workshop on Advance Issues of E-Commerce and Web-Based Information Systems
Mobile Agents for WWW Distributed Database Access
ICDE '99 Proceedings of the 15th International Conference on Data Engineering
MashupOS: operating system abstractions for client mashups
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Please Permit Me: Stateless Delegated Authorization in Mashups
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
POAuth: privacy-aware open authorization for native apps on smartphone platforms
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Hi-index | 0.00 |
Mashups are web based applications that merge contents (data and code) from multiple sources, and provide an integrated view to the user. One of the main requirements in mashup is the authorization of user to the backend services. Current protocols for authorization in mashup have obvious limitations. With strawman approach a malicious or compromised mashup can leak user credentials. OAuth approach has the scalability problem and requires a statefull server at the backend service. AuthSub issues only single use token and obtaining session token requires additional steps and also explicit revocation, which may not be possible in some situation. The problem with Permit based approach is that it requires separate permit for each backend service and also require renewal or obtaining new permit in case of mashup requirements changes (e.g. read to execute). Revocation is a problem in this approach as well. In this paper we propose a new protocol for accessing backend services in mashup. Our protocol makes use of Java based mobile agent called Aglet. The main source of problem in above approaches is due to delegating the authorization process to mashup. In our approach, mashup that require content from backend services that content is accessed and provided to the mashup through Aglet, without delegating authorization rights or releasing credentails to the mashup. Aglet has the ability to move around the nodes of a network and to sense its environment and to perform the desire actions. So the stated limitation of above approaches can be overcome with our Aglet based approach by allowing the Aglet to move across different mashup and backend services and provides data and code as necessary.