CC BY
4
Kholkhodjaeva Guljakhon Republic of Uzbekistan, Fergana city Fergana Computer Technologies and Vocational college, Teacher AN OAUTH - BASED LDF (LOCAL DATABASE OF FRIEND LIST) IN
IOT NETWORKS
Open authorization (OAuth) is an open protocol, which allows secure authorization in a simple and standardized way from third-party applications accessing online services, based on the representational state transfer (REST) web architecture. OAuth has been designed to provide an authorization layer, typically on top of a secure transport layer such as HTTPS. The idea is about the LDF(Local Database of Friend List), which is used to allow the particular group people to have an access to the IoT network without the additional authentication.
OAuth was invented for a very specific purpose: to allow users to control access to their accounts without requiring that they share their username and password. [1] Before OAuth, if the user wanted Site B to have access to her data on Site A, she'd give Site B her username and password on Site A. Site B would store the username and password and impersonate Alice each time it needs to access Site A on her behalf. By using User's username and password, Site B would demonstrate that it had Alice's implicit permission to access her account on Site A. This is sometimes called the password anti-pattern.
OAuth Protocol
[2] OAuth is an open standard authorization protocol which allows users to grant a third-party application access to restricted resources without providing their credentials. Figure 1 shows the standard OAuth 2.0 protocol flow. The OAuth protocol works as follows:
OAuth flow diagram
When a user tries to access the IoT network, initially user gets directed to the security manager. [3] Security manager redirects the user to the service provider. User grants access to the security manager through the service provider. Service provider directs the user to security manager with the authorization code.
Security manager uses its client id and the authorization code to request the access token. After verifying the client id and authorization code, service provider grants an access token to security manager. Security manger uses this access token to access the user information, by performing the API call to get user information from the service provider. [4] Service provider provides the response with user information including user ID. The user ID obtained from the service provider is compared with the list of user's ID in the local database. If the user ID matches with the list in the database. Security manager grants access to the IoT network through the gateway.
The database management process in security manager can be clearly seen in the following Figure 2:
SERVICE PROVIDER
Figure 2.
Database is built with the list of user ID obtained from the friend list of IoT network manager. Security manager requests for the refresh token before the expiry of access token for future synchronization between friend list and database. [5] Database updation will be done periodically using the refresh token obtained by security manager. During periodic update, security manager compares the existing database with the latest friend list provided by service provider. Database will be updated with the users added or deleted from friend list. [7] Alternatively IoT network manager has an option to login to security manager application for instant synchronization between friend list and database. Once a user login to IoT network, user ID is obtained using access token and it will be compared with the user ID in database, if database match is success, then user can get to access the IoT network or else the user is denied to access the network even though the user is an authorized user from the service provider. [6] Using the proposed approach IoT network manager can have control of users accessing the network using OAuth protocol. And it reduces the user's effort to create multiple user ID across
different networks. Also, it helps the IoT network manager from the effort of maintaining user information in each IoT network.
References:
1. R. Fielding et al., Hypertext Transfer Protocol— HTTP/1.1, RFC 2616, Internet Engineering Task Force, Jun. 1999. [Online]. Available: http: //www.ietf.org/rfc/rfc2616.txt
2. H. Tschofenig, The OAuth 2.0 Internet of Things (IoT) Client Credentials Grant, ACE, Internet-Draft, Mar. 2015
3. E. Hammer-Lahav, The OAuth 1.0 Protocol, RFC 5849, Internet Engineering Task Force, Apr. 2010.
4. T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.2, RFC 5246, Internet Engineering Task Force, Aug. 2008. [Online]. Available: http://www.ietf.org/rfc/rfc5246.txt
5. D. Hardt, The OAuth 2.0 Authorization Framework, RFC 6749, Internet Engineering Task Force, Oct. 2012. [Online]. Available: http: //www.ietf.org/rfc/rfc6749.txt
6. IPSO Alliance. [Online]. Available: http://www.ipso-alliance.org/, accessed Oct. 15, 2014.
7. Shamini Emerson, Young-Kyu Choi, Dong-Yeop Hwang, Kang-Seok Kim and Ki-Hyung Kim*: An OAuth based Authentication Mechanism for IoT Networks
УДК 316.61
Аксакова Г.Н. магистр 2 курса
факультет «Психологии и педагогического образования» Государственное образовательное учреждение высшего
образования Республики Крым «Крымский инженерно-педагогический университет»
Россия, г. Симферополь ТЕОРЕТИЧЕСКИЙ АНАЛИЗ ОСНОВНЫХ ПОДХОДОВ К ИЗУЧЕНИЮ ПРОЦЕССУАЛЬНОЙ МОТИВАЦИИ ПЕДАГОГОВ Аннотация: в статье представлен теоретический анализ основных подходов к изучению процессуальной мотивации.
Ключевые слова: процессуальная мотивация, трудовая деятельность, способ поведения.
THEORETICAL ANALYSIS OF THE MAIN APPROACHES TO THE STUDY OF THE PROCEDURAL MOTIVATION OF TEACHERS
Annotation. This article presents a theoretical analysis of the main approaches to the study of procedural motivation.
Keywords: procedural motivation, work, way of behavior.
Постановка проблемы. Проблема изучения мотивационной сферы личности является достаточно изученной и проработанной. В тоже время
