Authorizing Third-Party Applications Served through Messaging Platforms
Resumen: The widespread adoption of smartphones and the new-generation wireless networks have changed the way that people interact among themselves and with their environment. The use of messaging platforms, such as WhatsApp, has become deeply ingrained in peoples’ lives, and many digital services have started to be delivered using these communication channels. In this work, we propose a new OAuth grant type to be used when the interaction between the resource owner and the client takes place through a messaging platform. This new grant type firstly allows the authorization server to be sure that no Man-in-the-Middle risk exists between the resource owner and the client before issuing an access token. Secondly, it allows the authorization server to interact with the resource owner through the same user-agent already being used to interact with the client, i.e., the messaging platform, which is expected to improve the overall user experience of the authorization process. To verify this assumption, we conducted a usability study in which subjects were required to perform the full authorization process using both the standard authorization code grant type (through a web-browser) and the new grant type defined in this work. They have also been required to fill in a small questionnaire including some demographic information and their impressions about both authorization flows. The results suggest that the proposed grant type eases the authorization process in most cases.
Idioma: Inglés
DOI: 10.3390/s21175716
Año: 2021
Publicado en: Sensors 21, 17 (2021), 5716 [16 pp.]
ISSN: 1424-8220

Factor impacto JCR: 3.847 (2021)
Categ. JCR: CHEMISTRY, ANALYTICAL rank: 29 / 87 = 0.333 (2021) - Q2 - T2
Categ. JCR: INSTRUMENTS & INSTRUMENTATION rank: 19 / 64 = 0.297 (2021) - Q2 - T1
Categ. JCR: ENGINEERING, ELECTRICAL & ELECTRONIC rank: 95 / 277 = 0.343 (2021) - Q2 - T2

Factor impacto CITESCORE: 6.4 - Engineering (Q1) - Physics and Astronomy (Q1) - Biochemistry, Genetics and Molecular Biology (Q2)

Factor impacto SCIMAGO: 0.803 - Analytical Chemistry (Q1) - Biochemistry (Q1) - Instrumentation (Q1) - Information Systems (Q1) - Electrical and Electronic Engineering (Q1)

Financiación: info:eu-repo/grantAgreement/ES/DGA-FEDER/T31-20R
Financiación: info:eu-repo/grantAgreement/ES/DGA-MECD/FPU15-04841
Financiación: info:eu-repo/grantAgreement/ES/MINECO-FEDER/TIN2016-76770-R
Tipo y forma: Article (Published version)
Área (Departamento): Área Ingeniería Telemática (Dpto. Ingeniería Electrón.Com.)

Creative Commons You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.


Exportado de SIDERAL (2023-05-18-15:18:03)


Visitas y descargas

Este artículo se encuentra en las siguientes colecciones:
Articles



 Record created 2021-10-08, last modified 2023-05-19


Versión publicada:
 PDF
Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)