Relevant bibliographies by topics / Authentication authorization and accounting

Academic literature on the topic 'Authentication authorization and accounting'

Author: Grafiati
Published: 10 December 2022
Last updated: 28 January 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Contents

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Authentication authorization and accounting.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Authentication authorization and accounting"

1

Metz, C. "AAA protocols: authentication, authorization, and accounting for the Internet." IEEE Internet Computing 3, no. 6 (1999): 75–79. http://dx.doi.org/10.1109/4236.807015.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Wu, Wei-Chen, and Horng-Twu Liaw. "An authentication, authorization, and accounting mechanism for 3G/WLAN networks." Security and Communication Networks 9, no. 6 (July 2, 2013): 468–80. http://dx.doi.org/10.1002/sec.830.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Lopez-Fernandez, Luis, Micael Gallego, Boni Garcia, David Fernandez-Lopez, and Francisco Javier Lopez. "Authentication, Authorization, and Accounting in WebRTC PaaS Infrastructures: The Case of Kurento." IEEE Internet Computing 18, no. 6 (November 2014): 34–40. http://dx.doi.org/10.1109/mic.2014.102.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Lin, Phone, Shin-Ming Cheng, and Wanjiun Liao. "Modeling Key Caching for Mobile IP Authentication, Authorization, and Accounting (AAA) Services." IEEE Transactions on Vehicular Technology 58, no. 7 (September 2009): 3596–608. http://dx.doi.org/10.1109/tvt.2009.2015766.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Yu, Hewei, and Ziliang Li. "Handover Algorithm to Avoid Duplication Authentication Within or Between Proxy Mobile IPv6 Domains." International Journal of Interdisciplinary Telecommunications and Networking 11, no. 3 (July 2019): 1–10. http://dx.doi.org/10.4018/ijitn.2019070101.

Full text
Abstract:
This article proposes an enhanced handover scheme of Proxy Mobile IPv6 (PMIPv6) which can avoid duplication authentication. In traditional handover scheme, a Mobile Node (MN) needs an authentication procedure by AAA (Authentication, Authorization and Accounting) server while it enters a PMIPv6 domain. However, when an MN moves to a new subnet in the same domain, it still needs another authentication procedure, which would increase handover latency. In the proposed scheme, an MN only needs to be authenticated once while it enters a PMIPv6 domain, and a Mobile Access Gateway (MAG) that an MN is attached to will send the authentication information to the New MAG (NMAG) which MN will access to before the MN's handover. So that MN can skip the second authentication. The authors build a test-bed and have done some tests. Result shows that this scheme has got improvement in decreasing handover latency.
APA, Harvard, Vancouver, ISO, and other styles
6

Fauzi, Achmad, Joseph Dedy Irawan, and Nurlaily Vendyansyah. "RANCANG BANGUN SISTEM MANAJEMEN USER AAA (AUTHENTICATION, AUTHORIZATION, ACCOUNTING) DAN MONITORING JARINGAN HOTSPOT BERBASIS WEB." JATI (Jurnal Mahasiswa Teknik Informatika) 4, no. 1 (August 18, 2020): 176–83. http://dx.doi.org/10.36040/jati.v4i1.2328.

Full text
Abstract:
Pada saat ini pengolahan terhadap koneksi jaringan komputer sudah sangat diperlukan . Dengan pengelohan suatu sistem pada jaringan komputer akan memberikan kemudahan bagi administrator untuk lebih efisien dalam mengolah jaringan. Pada saat ini pengolahan terhadap user pada laboratorium teknik informatika itn malang yang terkoneksi jaringan wireless yang ter-integrasi dengan server radius eksternal belum diterapkan, terutama untuk pengolahan penambahan user , pengolahan kecepatan bandwidth user , limitasi waktu user terkoneksi , dan kemudian aktifitas memantau user . Sistem Manajemen User dan Monitoring Jaringan Hotspot Pada Server Radius terdapat 3 bagian . Bagian pertama Authentication dimana user sebelum memasuki jaringan yang akan di akses akan memasukkan username dan password. Bagian kedua Authorize proses ini setelah terjadinya authentication, ketika user memasukkan username dan password yang sesuai, maka user dapat mengakses jaringan tersebut proses ini yang dinamakan authorize. Bagian Ketiga Accounting proses ini dimana administrator dapat mengolah user, dalam hal mengolah bandwidth maupun limit waktu user . Dari Hasil dari pengujian sistem menunjukkan bahwa fungsi dari manajemen user layanan hotspot, monitoring user layanan hotspot, dan monitoring router mikrotik dapat berjalan sesuai dengan fungsinya, sistem dapat membuat user baru, alokasi bandwidth setiap user, monitoring aktifitas user. Sehingga dapat membantu administrator jaringan dalam mengolah jaringan komputer, terutama dalam pengolahan data user dalam layanan hotspot .
APA, Harvard, Vancouver, ISO, and other styles
7

Sembiring, Abdul Sani. "Penerapan Model Protokol Aaa (Authentication, Authorization, Accounting) Pada Keamanan Jaringan Komunikasi Wan (Wide Area Network)." Jurnal Multimedia dan Teknologi Informasi (Jatilima) 2, no. 1 (March 5, 2022): 19–29. http://dx.doi.org/10.54209/jatilima.v2i1.140.

Full text
Abstract:
Keamanan adalah aspek paling kritis dari sebuah jaringan komputer—baik dalam jaringan yang bersifat lokal maupun tidak. Masalah utama yang sering dijumpai pada jaringan komputer antara lain perusakan perangkat sistem, akses informasi, perubahan pengetahuan, dan penghapusan data oleh orang yang tidak berhak atas informasi tersebut. Perkembangan teknologi, untuk saat ini hampir semua instansi telah menggunakan jaringan komputer seperti WAN, dimana fungsinya dapat menghubungkan jaringan LAN dalam wilayah geografis yang luas serta dapat melakukan pertukaran paket data dan frame antara router dan switch. Model protokol AAA (Otentikasi, Otorisasi, Akuntansi) dapat digunakan satu per satu atau digabungkan sesuai kebutuhan. Menggunakan model jaringan ini akan jauh lebih aman daripada hanya menggunakan satu proses keamanan.
APA, Harvard, Vancouver, ISO, and other styles
8

Ou, Hsia Hung, Hao Hsiang Ku, and Te Yu Chen. "The Concept of Extensible Authentication Protocol for Mobile Equipment to Heterogeneous Network (EAP-M2H)." Applied Mechanics and Materials 145 (December 2011): 204–8. http://dx.doi.org/10.4028/www.scientific.net/amm.145.204.

Full text
Abstract:
Extensible Authentication Protocol (EAP) is a universal authentication framework defined by RFC3748 and updated by RFC5247. It is not a specific authentication mechanism for exclusive system and then the widespread acceptance and implementation in wireless networks or other Point-to-Point (P2P) connections. A number of vendor specific EAP methods were proposed for special purpose such as EAP-MD5, EAP-TLS, EAP-TTLS, EAP-PEAP, LEAP, SPEKE, EAP-SIM, EAP-AKA, EAP-FAST, and so on. All of them have a common characteristic that the client submitted his Security Association (SA) to the neighbor Access Point (AP), then AP forward it to identify his validity by Authentication Authorization Accounting (AAA) server of both sides. Although these EAPs are design to meet the widespread authentication demands. But in fact they have the independent authentication procedure respectively. That is they are incompatible with each other. For mobile devices, in order to meet the needs of different connection it had to support many of the EAPs. This situation for the most mobile devices is a heavy load and result the inconvenient which move in the different service network. This paper devotes in solves this situation. For this goal, an extensible authentication protocol for mobile equipment to heterogeneous network (EAP-M2H) is provided in the paper. EAP-M2H development from the EAP-AKA and improve their applicability and compatibility in heterogeneous network.
APA, Harvard, Vancouver, ISO, and other styles
9

Zaghloul, S., and A. Jukan. "Signaling rate and performance for authentication, authorization, and accounting (AAA)) systems in all-IP cellular networks." IEEE Transactions on Wireless Communications 8, no. 6 (June 2009): 2960–71. http://dx.doi.org/10.1109/twc.2009.080105.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Li, Dawei, Enzhun Zhang, Ming Lei, and Chunxiao Song. "Zero trust in edge computing environment: a blockchain based practical scheme." Mathematical Biosciences and Engineering 19, no. 4 (2022): 4196–216. http://dx.doi.org/10.3934/mbe.2022194.

Full text
Abstract:
<abstract> <p>Edge computing offloads the data processing capacity to the user side, provides flexible and efficient computing services for the development of smart city, and brings many security challenges. Aiming at the problems of fuzzy boundary security protection and dynamic identity authentication in the edge computing environment in smart city, the zero trust architecture based on blockchain is studied, and a digital identity model and dynamic authentication scheme of edge computing nodes based on distributed ledger are proposed. Firstly, a digital identity model of two-way authentication between edge computing node and sensing terminal is established to realize fine-grained authorization and access control in edge computing. Secondly, based on the identity data and behavior log bookkeeping on the chain, the quantification of trust value, trust transmission and update are realized, and the traceability of security events is improved. Finally, based on the improved RAFT consensus algorithm, the multi-party consensus and consistency accounting in the authentication process are realized. Simulation results show that this scheme can meet the requirements of zero trust verification in edge computing environment, and has good efficiency and robustness.</p> </abstract>
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Authentication authorization and accounting"

1

Sandberg, Joakim. "Network Authentication to the Physical World." Thesis, KTH, Kommunikationssystem, CoS, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-221177.

Full text
Abstract:
Quick Response (QR) codes have been used for both non-authentication purposes and authentication & authorization of a user. The visual representation of a QR code requires a reader/decoder to convert the code to a readable resource for an application. This raises some concerns, such as: What kind of information and how much information can be stored in this representation? What kind of vulnerabilities are there when using this technology in some type of authentication? The concrete problem addressed in this thesis is whether a mobile device displaying a QR code can be used as an authenticator for an Axis Communications A8105-E Network Video Door Station. To solve this problem the thesis investigates the use of QR codes in authentication & authorization based upon displaying a QR code on a mobile device, scanning this code via a camera, and then verifying the code using a validation server. Two important issues were what information to put into the QR code (given that the QR code is to be read by a camera) and where the decoding process should be carried out. This thesis also considers multiple types of authentication. Moreover, the system contains multiple components which themselves rely on secure communication and well-designed protocols to ensure security (against popular methods of attack) and stability. A prototype of the proposed authentication process was evaluated using a testbed consisting of three door stations, an Android app, and a backend service for analysing QR codes and making an authentication & authorization decision. QR codes proved to be as secure as the current solutions, such as magnetic stripe or RFID access cards. Using QR codes together with the user’s mobile device also offered additional functionality, such as easy management of the device registration/deregistration and compatibility with multifactor authentication. The conclusion is with the current door station products and the finalized design of the software; it is possible to have a secure and scalable system which is also cost-effective by eliminating the need of human verification as well as equipment required for access card systems.
Quick-Response (QR) koder har använts både för icke autentiseringssyften men även för just autentisering av en användare. Den visuella representationen av en QR-kod behöver en läsare för att kunna omvandla koden till en läsbar resurs för en applikation. Detta leder till frågeställningarna: Vad för information och hur mycket kan man lagra i en QR-kod? Vilka sårbarheter finns det med användningen av denna teknologi inom autentisering? Det konkreta problemet i detta examensarbete är huruvida en mobil enhet som visar en QR-kod kan användas med en Axis Communications A8105-E Network Video Door Station. För att lösa detta problem så undersöker detta arbete användningen av QR-koder inom autentisering baserat på att visa QR koden på den mobila enheten, skanna denna kod med en kamera och validera denna kod med en valideringsserver. Två viktiga frågor var vilken information som skulle lagras i QR-koden samt vart avläsningen av en QR-kod tog plats. Detta arbete undersöker också olika typer av multifaktor autentisering. Systemet består vidare av flera komponenter som förlitar sig på säker kommunikation och väldesignade protokoll sam ger säkerhet (mot de mest populära nätverksattackerna) och stabilitet. Den tänkta autentiseringsprocessens prototyp evaluerades i en testmiljö bestående av tre Door Station, en Android applikation och en backend service för att analysera QR-koder samt hantera autentiserings och behörighetslogik. QR-koder bevisades vara lika säkert som befintliga lösningar som till exempel kort accesskort med magnetremsa och RFID chip. Användning av QR-koder med de mobila enheterna gör dessutom att hantering av registrering/avregistrering av enheterna kan ske på ett enkelt sätt samt även integreras med multifaktor autentisering. Slutsatsen är att med de befintliga Door Station enheterna och den slutgiltiga designen av mjukvaran ger det säkert och skalbart system som dessutom är kostnadseffektivt genom att behovet av en mänsklig verifiering samt de fysiska komponenterna av befintliga accesskortsystem, inte längre finns.
APA, Harvard, Vancouver, ISO, and other styles
2

Crespo, Juan Carlos. "Requirements for a secure and efficientAuthentication System for a large organizationJuan Carlos." Thesis, Linnaeus University, School of Computer Science, Physics and Mathematics, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-7575.

Full text
Abstract:

In this thesis, a full review on what are the minimum requirements needed to perform an Authentication System is explained. While building the system we have in consideration the users of it, the security needed for each of the resources that must be accessed by the users and what methods can be applied to access to these resources.

In basics, an Authentication System is built when we need to keep track to who is entering on an organization, the bigger the organization is and the more information must be keep  safe the more complex the system will be.

Although there are other methods, I tried to keep it easy and understandable for all the possible readers. With this, the reader will understand the basics that he need to keep in mind when implementing such a system like this. The organization in mind for the system is a University that consist between twenty two thousand (22.000) and twenty five thousand (25.000) users.

APA, Harvard, Vancouver, ISO, and other styles
3

af, Sandeberg Joakim. "Graphical system visualization and flow display : A visual representation of an authentication, authorization, and accounting backend." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-190007.

Full text
Abstract:
Displaying the architecture of a software system is not a simple task. Showing all of the available information will unnecessarily complicate the view, while showing too little might render the view unhelpful. Furthermore, showing the dynamics of the operation of such a system is even more challenging. This thesis project describes the development of a graphical tool that can both display the configuration of an advanced authentication, authorization, and accounting (AAA) system and the messages passed between nodes in the system.  The solution described uses force-based graph layouts coupled with adaptive filters as well as vector-based rendering to deliver a view of the status of the system. Force-based layout spreads out the nodes in an adaptive fashion. The adaptive filters starts by showing what is most often the most relevant information, but can be configured by the user. Finally, the vector based rendering offers unlimited zoom into the individual nodes in the graph in order to display additional detailed information. Unified Modeling Language (UML) sequence charts are used to display the message flow inside the system (both between nodes and inside individual nodes). To validate the results of this thesis project each iteration of the design was evaluated through meetings with the staff at Aptilo Networks. These meetings provided feedback on the direction the project was taking as well as provided input (such as ideas for features to implement). The result of this thesis project shows a way to display the status of an AAA system with multiple properties displayed at the same time. It combines this with a view of the flow of messages and application of policies in the network via a dynamically generated UML sequence diagram. As a result human operators are able to see both the system’s architecture and the dynamics of its operation using the same user interface. This integrated view should enable more effective management of the AAA system and facilitate responding to problems and attacks.
Att visualisera arkitekturen av ett mjukvarusystem är inte lätt. Visas all tillgänglig information så blir vyn för komplicerad medan ifall för lite visas så blir vyn onödig. Att samtidigt visa dynamiken som uppstår när systemet arbetar är ytterligare en utmaning. Detta examensprojektet beskriver hur utvecklingen av ett grafiskt verktyg, som både kan visa konfigurationen av ett avancerat autentisering-, tillåtelse- och bokförings-system (AAA) och meddelanden som skickas mellan noder i systemet.<p> Lösningen använder en kraftriktad graflayout tillsammans med adaptiva filter och vektorbaserad rendering för att visa en vy av systemets status. De adaptiva filtren börjar med att visa den information som oftast är mest relevant men kan ställas in av användaren. Nyttjandet av vektorbaserad grafik tillhandahåller obegränsade möjligheter för användaren att zooma in på delar av grafen för att visa mer detaljerad information. UML sekvensdiagram används för att visa medelandeflödet inuti systemet (både mellan noder och inuti noder). För att utvärdera resultatet av examensprojektet blev varje iteration av designen utvärderad vid möten med personalen på Aptilo Networks. Dessa möten gav återkoppling på vilken rikting projektet tog samt input med t. ex. id´eer på nya egenskaper att lägga till. Resultatet av detta examensarbete visar ett sätt att visa statusen för ett AAA system med många av systemets egenskaper visade samtidigt. Det kombinerar detta med en vy av flödet av meddelanden och applikationpolicies i nätverket via ett dynamiskt genererat UML sekvensdiagram. Resultatet av detta är att mänskliga operatörer kan se både systemets arkitektur och dynamiken i hur det fungerar i samma gränssnitt. Detta gränssnitt bör möjliggöra mer effektiv hantering av AAA systemet och underlätta lösningar på både problem i systemet och attacker mot systemet.
APA, Harvard, Vancouver, ISO, and other styles
4

Zaghloul, Said Ismail Said [Verfasser], and Admela [Akademischer Betreuer] Jukan. "Design and Performance Optimization of Authentication, Authorization, and Accounting (AAA) Systems in Mobile Telecommunications Networks / Said Ismail Said Zaghloul ; Betreuer: Admela Jukan." Braunschweig : Technische Universität Braunschweig, 2010. http://d-nb.info/1175828149/34.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Hakobyan, Davit. "Authentication and Authorization Systems in Cloud Environments." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-102870.

Full text
Abstract:
The emergence of cloud computing paradigm offers attractive and innovative computing services through resource pooling and virtualization techniques. Cloud providers deliver various types of computing services to customers according to a pay-per-use economic model. However, this technology shift introduces a new concern for enterprises and businesses regarding their privacy and security. Security as a Service is a new cloud service model for the security enhancement of a cloud environment. This is a way of centralizing security solutions under the control of professional security specialists. Identity and access control services are one of the areas of cloud security services, and sometimes, are presented under the term Identity as a Service. This master thesis research is focused on identity-security solutions for cloud environments. More specifically, architecture of a cloud security system is designed and proposed for providing two identity services for cloud-based systems: authentication and authorization. The main contribution of this research is to design these services using service-oriented architectural approach, which will enable cloud-based application service providers to manage their online businesses in an open, flexible, interoperable and secure environment. First, the architecture of the proposed services is described. Through this architecture all system entities that are necessary for managing and providing those identity services are defined. Then, the design and specification of each service is described and explained. These services are based on existing and standardized security mechanisms and frameworks. As a demonstration, a prototype system of an authorization service is implemented and tested based on the designed authorization solution. The implementation is done using Web Service technology respective to the service-oriented design approach. It is shown that both services are at least computationally secure against potential security risks associated with replay attacks, message information disclosure, message tampering, repudiation and impersonation. The designed security system ensures a secure and reliable environment for cloud-based application services which is very easy to deploy and exploit on cloud-based platforms.
APA, Harvard, Vancouver, ISO, and other styles
6

Hamedtoolloei, Hamidreza. "A service-oriented architecture for authentication and authorization." Diss., Connect to a 24 p. preview or request complete full text in PDF format. Access restricted to UC campuses, 2009. http://wwwlib.umi.com/cr/ucsd/fullcit?p1460003.

Full text
Abstract:
Thesis (M.S.)--University of California, San Diego, 2009.
Title from first page of PDF file (viewed January 9, 2009). Available via ProQuest Digital Dissertations. Includes bibliographical references (p. 94-97).
APA, Harvard, Vancouver, ISO, and other styles
7

Yao, Danfeng. "Privacy-aware authentication and authorization in trust management." View abstract/electronic edition; access limited to Brown University users, 2008. http://gateway.proquest.com/openurl?url_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&res_dat=xri:pqdiss&rft_dat=xri:pqdiss:3318375.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Subils, Jean-Baptiste. "Authentication Via Multiple Associated Devices." Scholar Commons, 2015. http://scholarcommons.usf.edu/etd/5778.

Full text
Abstract:
This thesis presents a practical method of authentication utilizing multiple devices. The factors contributing to the practicality of the method are: the utilization of devices already commonly possessed by users and the amenability to being implemented on a wide variety of devices. The term “device” refers to anything able to perform cryptographic operations, store data, and communicate with another such device. In the method presented herein, multiple devices need to be associated with a single user to provide this user an identity in the system. A public key infrastructure is used to provide this identity. Each of the devices associated with a user possesses a public and private key which allow cryptographic operations to be performed. These operations include signing and encrypting data and will prove the identity of each device. The addition of these identities helps authenticate a single user. A wide variety of devices qualifies to be used by this authentication method. The minimum requirements are: the storage of data such as a private key, the ability to communicate, and a processor to perform the cryptographic operations. Smart devices possess these requirements and the manufacture of such devices can be realized at a reasonable cost. This method is malleable and implemented in numerous authentication protocols. This thesis illustrates and explains several instances of these protocols. The method’s primary novelty is its resistance to theft-based attacks, which results from the utilization of multiple devices to authenticate users. A user associated with multiple devices needs to be in possession of these devices to correctly perform the authentication task. This thesis focuses on the system design of this novel authentication method.
APA, Harvard, Vancouver, ISO, and other styles
9

Tran, Florén Simon. "Implementation and Analysis of Authentication and Authorization Methods in a Microservice Architecture : A Comparison Between Microservice Security Design Patterns for Authentication and Authorization Flows." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-301620.

Full text
Abstract:
Microservices have emerged as an attractive alternative to more classical monolithic software application architectures. Microservices provides many benefits that help with code base comprehension, deployability, testability, and scalability. As the Information technology (IT) industry has grown ever larger, it makes sense for the technology giants to adopt the microservice architecture to make use of these benefits. However, with new software solutions come new security vulnerabilities, especially when the technology is new and vulnerabilities are yet to be fully mapped out. Authentication and authorization are the cornerstone of any application that has a multitude of users. However, due to the lack of studies of microservices, stemming from their relatively young age, there are no standardized design patterns for how authentication and authorization are best implemented in a microservice. This thesis investigates an existing microservice in order to secure it by applying what is known as a security design pattern for authentication and authorization. Different security patterns were tested and compared on performance. The differing levels of security provided by these approaches assisted in identifying an acceptable security versus performance trade-off. Ultimately, the goal was to give the patterns greater validity as accepted security patterns within the area of microservice security. Another goal was to find such a security pattern suitable for the given microservice used in this project. The results showed a correlation between increased security and longer response times. For the general case a security pattern which provided internal authentication and authorization but with some trust between services was suggested. If horizontal scaling was used the results showed that normal services proved to be the best target. Further, it was also revealed that for lower user counts the performance penalties were close to equal between the tested patterns. This meant that for the specific case where microservices sees lower amounts of traffic the recommended pattern was the one that implemented the maximum amount access control checks. In the case for the environment where the research were performed low amounts of traffic was seen and the recommended security pattern was therefore one that secured all services of the microservices.
Mikrotjänster har framträtt som ett mer attraktivt alternativ än mer konventionella mjukvaruapplikationsarkitekturer såsom den monolitiska. Mikrotjänster erbjuder flera fördelar som underlättar med en helhetsförståelse för kodbasen, driftsättning, testbarhet, och skalbarhet. Då IT industrin har växt sig allt större, så är det rimligt att tech jättar inför mikrotjänstarkitekturen för att kunna utnyttja dessa fördelar. Nya mjukvarulösningar medför säkerhetsproblem, speciellt då tekniken är helt ny och inte har kartlagts ordentligt. Autentisering och auktorisering utgör grunden för applikationer som har ett flertal användare. Då mikrotjänster ej hunnit blivit utförligt täckt av undersökning, på grund av sin relativt unga ålder, så finns det ej några standardiserade designmönster för hur autentisering och auktorisering är implementerade till bästa effekt i en mikrotjänst. Detta examensarbete undersöker en existerande mikrotjänst för att säkra den genom att applicera vad som är känt som ett säkerhetsdesignmönster för autentisering och auktorisering. Olika sådana mönster testades och jämfördes baserat på prestanda i olika bakgrunder. De varierade nivåerna av säkerhet från de olika angreppssätten som säkerhetsmönstrena erbjöd användes för att identifiera en acceptabel kompromiss mellan säkerhet mot prestanda. Målet är att i slutändan så kommer detta att ge mönstren en högre giltighet när det kommer till att bli accepterade som säkerhetsdesignmönster inom området av mikrotjänstsäkerhet. Ett annat mål var att hitta den bästa kandidaten bland dessa säkerhetsmönster för den givna mikrotjänsten som användes i projektet. Resultaten visade på en korrelation mellan ökad säkerhet och längre responstider. För generella fall rekommenderas det säkerhetsmönster som implementerade intern autentisering och auktorisering men med en viss del tillit mellan tjänster. Om horisontell skalning användes visade resultaten att de normala tjänsterna var de bästa valet att lägga dessa resurser på. Fortsättningsvis visade resultaten även att för ett lägre antal användare så var den negativa effekten på prestandan nästan likvärdig mellan de olika mönstren. Detta innebar att det specifika fallet då mikrotjänster ser en lägre mängd trafik så är det rekommenderade säkerhetsmönstret det som implementerad flest åtkomstkontroller. I fallet för den miljö där undersökningen tog plats förekom det en lägre mängd trafik och därför rekommenderades det säkerhetsmönster som säkrade alla tjänster närvarande i mikrotjänsten.
APA, Harvard, Vancouver, ISO, and other styles
10

Aas, Dag-Inge. "Authentication and Authorization for Native Mobile Applications using OAuth 2.0." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for datateknikk og informasjonsvitenskap, 2013. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-22969.

Full text
Abstract:
OAuth 2.0 has in the recent years become the de-facto standard of doing API authorization and authentication on mobile devices. However, recent critics have claimed that OAuth does not provide sufficient security or ease-of-use for developers on mobile devices. In this thesis, I study four approaches to mobile authorization using OAuth 2.0, and suggest an improved solution based on current industry best-practices for security on Android. The end result is a solution which provides a native authorization flow for third-party developers to integrate with an existing API endpoint. However, the thesis shows that even with current industry best-practices the proposed solution does not provide a completely secure approach, and developers must keep the security consequences of that fact in mind when implementing OAuth on mobile devices.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Authentication authorization and accounting"

1

Saracino, Andrea, and Paolo Mori, eds. Emerging Technologies for Authorization and Authentication. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-93747-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Saracino, Andrea, and Paolo Mori, eds. Emerging Technologies for Authorization and Authentication. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-39749-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Saracino, Andrea, and Paolo Mori, eds. Emerging Technologies for Authorization and Authentication. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-030-04372-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Saracino, Andrea, and Paolo Mori, eds. Emerging Technologies for Authorization and Authentication. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-64455-0.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Security controls for Sarbanes-Oxley section 404 IT compliance: Authorization, authentication, and access. Hoboken, NJ: Wiley, 2005.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Guide to claims-based identity and access control: Authentication and authorization for services and the web. [Redmond, Wash.]: Microsoft Press, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

United Nations Reform Act of 2005; Foreign Relations Authorization Act, fiscal years 2006 and 2007; and expressing the sense of the House of Representatives regarding the massacre at Srebrenica in July 1995: Markup before the Committee on International Relations, House of Representatives, One Hundred Ninth Congress, first session, on H.R. 2745, H.R. 2601 and H. Res. 199, June 8 and 9, 2005. Washington: U.S. G.P.O., 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Dashorst, Martijn. Wicket in action. Greenwich, CT: Manning, 2009.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Dashorst, Martijn. Wicket in action. Greenwich, CT: Manning, 2009.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Kao, I.-Lung. Effective and Efficient Authentication and Authorization in Distributed Systems. Dissertation Discovery Company, 2019.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Authentication authorization and accounting"

1

Paolini, Alessandro, Diego Scardaci, Nicolas Liampotis, Vincenzo Spinoso, Baptiste Grenier, and Yin Chen. "Authentication, Authorization, and Accounting." In Lecture Notes in Computer Science, 247–71. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-52829-4_14.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Yegin, Alper E., and Fujio Watanabe. "Authentication, Authorization, and Accounting." In Next Generation Mobile Systems 3G and Beyond, 315–43. Chichester, UK: John Wiley & Sons, Ltd, 2005. http://dx.doi.org/10.1002/0470091533.ch11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Tsenov, Tseno, and Hannes Tschofenig. "Quality of Service Authentication, Authorization and Accounting." In Quality of Service – IWQoS 2005, 343–45. Berlin, Heidelberg: Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11499169_27.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Rabadão, Carlos, and Edmundo Monteiro. "Authentication, Authorization, Admission, and Accounting for QoS Applications." In Universal Multiservice Networks, 440–49. Berlin, Heidelberg: Springer Berlin Heidelberg, 2004. http://dx.doi.org/10.1007/978-3-540-30197-4_44.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Mercl, Lubos, Vladimir Sobeslav, Peter Mikulecky, and Michal Macinka. "Infrastructure Authentication, Authorization and Accounting Solutions for an OpenStack Platform." In Mobile Web and Intelligent Information Systems, 123–35. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-27192-3_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Chenait, Manel. "LMIP/AAA: Local Authentication, Authorization and Accounting (AAA) Protocol for Mobile IP." In Communications in Computer and Information Science, 228–38. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008. http://dx.doi.org/10.1007/978-3-540-69403-8_27.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Chenait, Manel. "Erratum to: LMIP/AAA: Local Authentication, Authorization and Accounting (AAA) Protocol for Mobile IP." In Communications in Computer and Information Science, E1. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008. http://dx.doi.org/10.1007/978-3-540-69403-8_36.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Norberg, Scott. "Authentication and Authorization." In Advanced ASP.NET Core 3 Security, 231–85. Berkeley, CA: Apress, 2020. http://dx.doi.org/10.1007/978-1-4842-6014-2_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Calles, Miguel A. "Authentication and Authorization." In Serverless Security, 229–56. Berkeley, CA: Apress, 2020. http://dx.doi.org/10.1007/978-1-4842-6100-2_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Lopez, Daniel Andres Pelaez. "Authentication and Authorization." In Full-Stack Web Development with Jakarta EE and Vue.js, 369–400. Berkeley, CA: Apress, 2020. http://dx.doi.org/10.1007/978-1-4842-6342-6_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Authentication authorization and accounting"

1

Adibi, Sasan, Bin Lin, Pin-han Ho, G. B. Agnew, and Shervin Erfani. "Authentication Authorization and Accounting (AAA) Schemes in WiMAX." In 2006 IEEE International Conference on Electro/Information Technology. IEEE, 2006. http://dx.doi.org/10.1109/eit.2006.252118.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Papatheodoulou, N., and N. Sklavos. "Architecture & system design of Authentication, Authorization, & Accounting services." In IEEE EUROCON 2009 (EUROCON). IEEE, 2009. http://dx.doi.org/10.1109/eurcon.2009.5167894.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Wong, Stan, Nishanth Sastry, Oliver Holland, Vasilis Friderikos, Mischa Dohler, and Hamid Aghvami. "Virtualized authentication, authorization and accounting (V-AAA) in 5G networks." In 2017 IEEE Conference on Standards for Communications and Networking (CSCN). IEEE, 2017. http://dx.doi.org/10.1109/cscn.2017.8088618.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Schiller, Eryk, Alexey Monakhov, and Peter Kropf. "Shibboleth based Authentication, Authorization, Accounting and Auditing in Wireless Mesh Networks." In 2011 IEEE 36th Conference on Local Computer Networks (LCN 2011). IEEE, 2011. http://dx.doi.org/10.1109/lcn.2011.6115572.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Moustafa, Hassnaa, Gilles Bourdon, and Yvon Gourhant. "Authentication, authorization and accounting (AAA) in hybrid ad hoc hotspot's environments." In the 4th international workshop. New York, New York, USA: ACM Press, 2006. http://dx.doi.org/10.1145/1161023.1161030.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Lu, Peggy Joy, Lo-Yao Yeh, and Jiun-Long Huang. "An Privacy-Preserving Cross-Organizational Authentication/Authorization/Accounting System Using Blockchain Technology." In 2018 IEEE International Conference on Communications (ICC 2018). IEEE, 2018. http://dx.doi.org/10.1109/icc.2018.8422733.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Moon, Jong-Sik, Jon Hyuk Park, and Im-Yeong Lee. "A Study on Authentication/Authorization/Accounting and Roaming Mechanism in Pervasive Environment." In 5th International ICST Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. ICST, 2008. http://dx.doi.org/10.4108/icst.mobiquitous2008.4161.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Moustafa, Hassnaa, Estelle Transy, and Jacky Forestier. "Authentication, authorization, and accounting of services in multi-hop mobile networks through rewarding." In 2010 IFIP Wireless Days (WD). IEEE, 2010. http://dx.doi.org/10.1109/wd.2010.5657730.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Ferrari, Elena. "Session details: Authorization and Authentication." In SACMAT'17: The 22nd ACM Symposium on Access Control Models and Technologies. New York, NY, USA: ACM, 2017. http://dx.doi.org/10.1145/3254590.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Toseef, Umar, and Kostas Pentikousis. "Authentication and Authorization in FELIX." In 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC). IEEE, 2015. http://dx.doi.org/10.1109/ucc.2015.98.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Authentication authorization and accounting"

1

Mitton, D., M. St.Johns, S. Barkley, D. Nelson, B. Patil, M. Stevens, and B. Wolff. Authentication, Authorization, and Accounting: Protocol Evaluation. RFC Editor, June 2001. http://dx.doi.org/10.17487/rfc3127.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Glass, S., T. Hiller, S. Jacobs, and C. Perkins. Mobile IP Authentication, Authorization, and Accounting Requirements. RFC Editor, October 2000. http://dx.doi.org/10.17487/rfc2977.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Aboba, B., and J. Wood. Authentication, Authorization and Accounting (AAA) Transport Profile. RFC Editor, June 2003. http://dx.doi.org/10.17487/rfc3539.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Housley, R., and B. Aboba. Guidance for Authentication, Authorization, and Accounting (AAA) Key Management. RFC Editor, July 2007. http://dx.doi.org/10.17487/rfc4962.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Giaretta, G., I. Guardini, E. Demaria, J. Bournelle, and R. Lopez. Authentication, Authorization, and Accounting (AAA) Goals for Mobile IPv6. RFC Editor, September 2009. http://dx.doi.org/10.17487/rfc5637.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Perkins, C., and P. Calhoun. Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4. RFC Editor, March 2005. http://dx.doi.org/10.17487/rfc3957.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Loughney, J., and G. Camarillo. Authentication, Authorization, and Accounting Requirements for the Session Initiation Protocol (SIP). RFC Editor, February 2004. http://dx.doi.org/10.17487/rfc3702.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Narayan, K., and D. Nelson. Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings. Edited by R. Presuhn. RFC Editor, December 2010. http://dx.doi.org/10.17487/rfc6065.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Bormann, C. An Authorization Information Format (AIF) for Authentication and Authorization for Constrained Environments (ACE). RFC Editor, August 2022. http://dx.doi.org/10.17487/rfc9237.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Selander, G., M. Mani, and S. Kumar. Use Cases for Authentication and Authorization in Constrained Environments. Edited by L. Seitz and S. Gerdes. RFC Editor, January 2016. http://dx.doi.org/10.17487/rfc7744.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Authentication authorization and accounting' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography