Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token

Authors

  • Indra Gita Anugrah Universitas Muhammadiyah Gresik
  • Muhamad Aldi Rifai Imam Fakhruddin Universitas Muhammadiyah Gresik

DOI:

https://doi.org/10.30587/innovation.v1i2.1927

Keywords:

REst, API, Token, Encrytion, Single Sign On

Abstract

The security of an application is the most important problem in an information system integration process. The authentication and authorization process is usually carried out using Single Sign On (SSO). Authentication and authorization methods are used to secure data in a system. The authentication and authorization processes are carried out on the client side (web browser) in the form of a session and on the server side (web server) in the form of cookies. Sessions and cookies are valuable assets in the authentication and authorization process because they contain the data required for the login process so that the session and cookies need to be secured. Session is a combination of username and password data that has been encrypted while cookies store login information data so that they are still in a state of gaining access according to the privileges given to the user. So important is the role of sessions and cookies in the authentication and authorization process, so we need a way to secure data on sessions and cookies. One way to secure data is to use the REst API and Auth Token.

References

Ahmadi, R., Heidari, E. and Zand, M. (2016). Security Enhancement for Restful Web Services. Journal of Fundamental and Applied Sciences, 8(2S), pp. 2804-2817.
Chen, M., Zhang, D. and Zhou, L. (2005). Providing web services to mobile users. International Journal of Mobile Communications, 3(1), pp. 1-18.
Kurniawan, Y.K., Oslan, Y. and Kristanto,
H. (2013). Implementasi REST-API Untuk Portal Akademik UKDW Berbasis Android. Jurnal Eksplorasi Karya Sistem Informasi dan Sains, 6(2), pp. 29-40.
Lee, H.M. and Mehta, M.R. (2013). Defense against REST - based web service attacks for enterprise systems. Communications of the IIMA, 13(1), pp. 57-68.
Prüter, S., Moritz, G., Zeeb, E., Salomon, R., Golatowski, F. and Timmermann,
D. (2008). Applicability of web service technologies to reach real time capabilities. Object Oriented Real- Time Distributed Computing (ISORC), 11th IEEE International Symposium, pp. 229-233.
Rahman, M.A., Kuswardayan, I. and Hariadi, R.R. (2013). Perancangan dan Implementasi RESTful Web Service untuk Game Sosial Food Merchant Saga pada Perangkat Android. Teknik Informatika ITS, 1(2), pp. 1-4.
Sinha, R., Khatkar, M. and Gupta, S.C., Design & Development of a REST based Web Service Platform for Applications Integration on Cloud. International Journal of Innovative Science, Engineering and Technology,

1(7), pp.385-389.
Zhou, W., Li, L., Luo, M. and Chou, W. (2014). REST API design patterns for SDN northbound API. In Advanced Information Networking and Applications Workshops (WAINA), 28th IEEE International Conference. pp. 358-365.

Downloads

Published

2020-09-22

How to Cite

Anugrah, I. G., & Fakhruddin, M. A. R. I. (2020). Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token. INNOVATION RESEARCH JOURNAL, 1(2), 127–132. https://doi.org/10.30587/innovation.v1i2.1927

Issue

Section

Articles