The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud based web services have contributed to the level of integration that can be achieved between applications. This paper investigates the potential security issues of OAuth, an authorisation framework for granting third party applications revocable access to user data. OAuth has rapidly become an interim defacto standard for protecting access to web API data. Vendors have implemented OAuth before the open standard was officially published. To evaluate whether the OAuth 2.0 specification is truly ready for industry application, an entire OAuth client server environment was developed and validated against the speciation threat model. The research also included the analysis of the security features of several popular OAuth integrated websites and comparing those to the threat model. High impacting exploits leading to account hijacking were identified with a number of major online publications. It is hypothesised that the OAuth 2.0 specification can be a secure authorisation mechanism when implemented correctly.
The need for location based services has dramatically increased within the past few years, especially with the popularity and capability of mobile device such as smart phones and tablets. The limitation of GPS for indoor positioning has seen an increase of indoor positioning based on Wireless Local Area Network 802.11. The authors demonstrate here a real world application of determining one's location with the Cisco Context-Aware Mobility which provides a Real Time Location System solution based on Wi-Fi. They detail their implementation of an Android application which communicates with the Cisco Context-Aware Mobility system to visually display the location of the mobile device. The application was tested in a production environment and limitations in the production environment along with the diagnostic capabilities of the Context-Aware Mobility were identified. The authors found that to obtain optimal accuracy, a device must be detected by four or more Access points so a recommended distribution for an indoor positioning system built on the Cisco context-aware mobility framework is for an Access Point to be placed every 12 – 20 linear meters.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.