Web Security: Security Methodology for Integrated Website using RESTful Web Services
Nguyen, Toan (2016)
Nguyen, Toan
2016
MDP in Software Development
Informaatiotieteiden yksikkö - School of Information Sciences
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2016-06-02
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:uta-201606232008
https://urn.fi/URN:NBN:fi:uta-201606232008
Tiivistelmä
Security is not only one of the most important feature in software development but also a key point to gain user s trust. The higher is security, the more trust users put on the application. Especially in Web services, security plays a key role in reaching success for the application. Therefore, this thesis will focus on this important field, that is security in RESTful Web service.
The first five chapters research and analyze the current security methods which are used by some popular API providers. Because there are various security methods in the market, the standard method named OAuth 2.0 and some methods which are required by API providers are selected and researched in this thesis. This part is also the theoretical foundation for chapter six.
In detail, Twitter and Stripe services are analyzed to determine how the important information can be secured through out API calls. This would describe the general standard security model on integrated websites.
The second part includes the descriptions of my own website and C# library which could help users to make an API calls easily and securely. This website is an ideal solution for small business in marketing and sale process. By exploiting the speed of social networks, it offers a huge chance to spread their products over the globe. Furthermore, users are able to develop their own website by using the C# library.
The first five chapters research and analyze the current security methods which are used by some popular API providers. Because there are various security methods in the market, the standard method named OAuth 2.0 and some methods which are required by API providers are selected and researched in this thesis. This part is also the theoretical foundation for chapter six.
In detail, Twitter and Stripe services are analyzed to determine how the important information can be secured through out API calls. This would describe the general standard security model on integrated websites.
The second part includes the descriptions of my own website and C# library which could help users to make an API calls easily and securely. This website is an ideal solution for small business in marketing and sale process. By exploiting the speed of social networks, it offers a huge chance to spread their products over the globe. Furthermore, users are able to develop their own website by using the C# library.