Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token
DOI:
https://doi.org/10.30587/innovation.v1i2.1927Keywords:
REst, API, Token, Encrytion, Single Sign OnAbstract
The security of an application is the most important problem in an information system integration process. The authentication and authorization process is usually carried out using Single Sign On (SSO). Authentication and authorization methods are used to secure data in a system. The authentication and authorization processes are carried out on the client side (web browser) in the form of a session and on the server side (web server) in the form of cookies. Sessions and cookies are valuable assets in the authentication and authorization process because they contain the data required for the login process so that the session and cookies need to be secured. Session is a combination of username and password data that has been encrypted while cookies store login information data so that they are still in a state of gaining access according to the privileges given to the user. So important is the role of sessions and cookies in the authentication and authorization process, so we need a way to secure data on sessions and cookies. One way to secure data is to use the REst API and Auth Token.
References
Chen, M., Zhang, D. and Zhou, L. (2005). Providing web services to mobile users. International Journal of Mobile Communications, 3(1), pp. 1-18.
Kurniawan, Y.K., Oslan, Y. and Kristanto,
H. (2013). Implementasi REST-API Untuk Portal Akademik UKDW Berbasis Android. Jurnal Eksplorasi Karya Sistem Informasi dan Sains, 6(2), pp. 29-40.
Lee, H.M. and Mehta, M.R. (2013). Defense against REST - based web service attacks for enterprise systems. Communications of the IIMA, 13(1), pp. 57-68.
Prüter, S., Moritz, G., Zeeb, E., Salomon, R., Golatowski, F. and Timmermann,
D. (2008). Applicability of web service technologies to reach real time capabilities. Object Oriented Real- Time Distributed Computing (ISORC), 11th IEEE International Symposium, pp. 229-233.
Rahman, M.A., Kuswardayan, I. and Hariadi, R.R. (2013). Perancangan dan Implementasi RESTful Web Service untuk Game Sosial Food Merchant Saga pada Perangkat Android. Teknik Informatika ITS, 1(2), pp. 1-4.
Sinha, R., Khatkar, M. and Gupta, S.C., Design & Development of a REST based Web Service Platform for Applications Integration on Cloud. International Journal of Innovative Science, Engineering and Technology,
1(7), pp.385-389.
Zhou, W., Li, L., Luo, M. and Chou, W. (2014). REST API design patterns for SDN northbound API. In Advanced Information Networking and Applications Workshops (WAINA), 28th IEEE International Conference. pp. 358-365.