Personal OAuth authorization server and push OAuth for Internet of Things
Internet of Things will connect millions of things to the Internet to make our lives more convenient. However, Internet of Things security is an essential factor. OAuth is one of the most successful authentication and authorization protocols on the Internet. This article proposes push OAuth and pers...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2017-06-01
|
| Series: | International Journal of Distributed Sensor Networks |
| Online Access: | https://doi.org/10.1177/1550147717712627 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832559120987717632 |
|---|---|
| author | Seung Wook Jung Souhwan Jung |
| author_facet | Seung Wook Jung Souhwan Jung |
| author_sort | Seung Wook Jung |
| collection | DOAJ |
| description | Internet of Things will connect millions of things to the Internet to make our lives more convenient. However, Internet of Things security is an essential factor. OAuth is one of the most successful authentication and authorization protocols on the Internet. This article proposes push OAuth and personal OAuth authorization server by expanding OAuth for a secure access to the information on Internet of Things devices. In personal OAuth, the smartphones that communicate with remote servers to deliver information on Internet of Things devices can be the OAuth authorization server. Hospitals (OAuth client) that intend to access the information on Internet of Things devices cannot know millions of OAuth authorization server when the smartphone becomes the OAuth authorization server. This article proposes the push OAuth that changes the OAuth protocol and issues the OAuth token when the OAuth authorization server registers to the OAuth client first. Personal OAuth authorization server is far more trustworthy than using a third-party OAuth authorization server to authenticate because users directly control access to the information generated by Internet of Things devices. The personal OAuth authorization server and push OAuth suggested here are expected to create a more secure Internet of Things environment as users can directly authenticate the OAuth client that can access the information on their Internet of Things devices. |
| format | Article |
| id | doaj-art-128759240dce4987a3fc74cde45583e9 |
| institution | Kabale University |
| issn | 1550-1477 |
| language | English |
| publishDate | 2017-06-01 |
| publisher | Wiley |
| record_format | Article |
| series | International Journal of Distributed Sensor Networks |
| spelling | doaj-art-128759240dce4987a3fc74cde45583e92025-02-03T01:30:43ZengWileyInternational Journal of Distributed Sensor Networks1550-14772017-06-011310.1177/1550147717712627Personal OAuth authorization server and push OAuth for Internet of ThingsSeung Wook Jung0Souhwan Jung1Department of Cyber Security Engineering, Konyang University, Nonsan, KoreaSchool of Electronic Engineering, Soongsil University, Seoul, KoreaInternet of Things will connect millions of things to the Internet to make our lives more convenient. However, Internet of Things security is an essential factor. OAuth is one of the most successful authentication and authorization protocols on the Internet. This article proposes push OAuth and personal OAuth authorization server by expanding OAuth for a secure access to the information on Internet of Things devices. In personal OAuth, the smartphones that communicate with remote servers to deliver information on Internet of Things devices can be the OAuth authorization server. Hospitals (OAuth client) that intend to access the information on Internet of Things devices cannot know millions of OAuth authorization server when the smartphone becomes the OAuth authorization server. This article proposes the push OAuth that changes the OAuth protocol and issues the OAuth token when the OAuth authorization server registers to the OAuth client first. Personal OAuth authorization server is far more trustworthy than using a third-party OAuth authorization server to authenticate because users directly control access to the information generated by Internet of Things devices. The personal OAuth authorization server and push OAuth suggested here are expected to create a more secure Internet of Things environment as users can directly authenticate the OAuth client that can access the information on their Internet of Things devices.https://doi.org/10.1177/1550147717712627 |
| spellingShingle | Seung Wook Jung Souhwan Jung Personal OAuth authorization server and push OAuth for Internet of Things International Journal of Distributed Sensor Networks |
| title | Personal OAuth authorization server and push OAuth for Internet of Things |
| title_full | Personal OAuth authorization server and push OAuth for Internet of Things |
| title_fullStr | Personal OAuth authorization server and push OAuth for Internet of Things |
| title_full_unstemmed | Personal OAuth authorization server and push OAuth for Internet of Things |
| title_short | Personal OAuth authorization server and push OAuth for Internet of Things |
| title_sort | personal oauth authorization server and push oauth for internet of things |
| url | https://doi.org/10.1177/1550147717712627 |
| work_keys_str_mv | AT seungwookjung personaloauthauthorizationserverandpushoauthforinternetofthings AT souhwanjung personaloauthauthorizationserverandpushoauthforinternetofthings |