Designing RESTful API for the e-procurement system in private sector

The software for the e-procurement system was developed based on .NET Core RESTful API with Open API specifications. The server side uses RESTful API which ensures compatibility with the ma-jority of clients and enables them to exchange information in JSON format. The authentication and authorization flow was implemented using OAuth open standard paired with Microsoft Identity Service. User roles and functionality were handled with a standalone service for authentication and registration that made our system efficient and scalable. Business logic was designed to be split into micro-services accessible through rout-ing controllers. This approach allowed us to separate the responsibilities between the server and the client side. Special authorization headers passed during modi-fication queries allowed us to control and restrict access to particular resources for unauthorized users. The distributed cache mechanism inside the data repository level was used in order to increase the responsiveness of the system. The state handling subsystem was designed utilizing Finite State Machine concepts. The developed system was verified using unit and integration tests.

Download Full-text

Managing a Secure Refresh Token Implementation with JSON Web Token in REST API

10.54216/ijwac.020101 ◽

2021 ◽

pp. 01-20

Author(s):

Ehab .. ◽

◽

Walid .. ◽

...

Keyword(s):

Security Measures ◽

Size Limit ◽

Server Side ◽

Front End ◽

Side Component ◽

Authentication And Authorization ◽

Security Properties ◽

Rest Api ◽

Client Side ◽

The Web

JSON Web Token (JWT) is a compact and self-contained mechanism, digitally authenticated and trusted, for transmitting data between various parties. They are mainly used for implementing stateless authentication mechanisms. The Open Authorization (OAuth 2.0) implementations are using JWTs for their access tokens. OAuth 2.0 and JWT are used token frameworks or standards for authorizing access to REST APIs because of their statelessness and signature implementation and JWT tokens are based on JSON and used in new authentication and authorization protocols in OAuth 2.0 because of their small size. When refresh tokens are stored in cookies, the size limit of a cookie or URL may be quickly exceeded. There may be refresh tokens for accessing users and getting the refresh token is a bit more complicated and refresh tokens in the browser require additional security measures and the attacker steals a refresh token and attempts to use it after the application has already used it. This implies that the attacker was able to steal a refresh token from the application. If the refresh token can be stolen, then so can the access token, even short token lifetimes can still lead to major abuse scenarios. In this article, we discuss the security properties of refresh tokens in the browser and the pattern to secure JWT tokens in the web front-end better. We propose a Backend for Frontend (BFF) pattern, where the token handling is deferred to the server-side component to a secure token that provides a lot of flexibility to the client-side.

Download Full-text

Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token

INNOVATION RESEARCH JOURNAL ◽

10.30587/innovation.v1i2.1927 ◽

2020 ◽

Vol 1 (2) ◽

pp. 127

Author(s):

Indra Gita Anugrah ◽

Muhamad Aldi Rifai Imam Fakhruddin

Keyword(s):

System Integration ◽

Web Browser ◽

Single Sign On ◽

Server Side ◽

Secure Data ◽

Authentication And Authorization ◽

Information System Integration ◽

Rest Api ◽

Client Side

The security of an application is the most important problem in an information system integration process. The authentication and authorization process is usually carried out using Single Sign On (SSO). Authentication and authorization methods are used to secure data in a system. The authentication and authorization processes are carried out on the client side (web browser) in the form of a session and on the server side (web server) in the form of cookies. Sessions and cookies are valuable assets in the authentication and authorization process because they contain the data required for the login process so that the session and cookies need to be secured. Session is a combination of username and password data that has been encrypted while cookies store login information data so that they are still in a state of gaining access according to the privileges given to the user. So important is the role of sessions and cookies in the authentication and authorization process, so we need a way to secure data on sessions and cookies. One way to secure data is to use the REst API and Auth Token.

Download Full-text

Case Studies Using JavaScript-Based Frameworks

Advances in Web Technologies and Engineering - Frameworks, Methodologies, and Tools for Developing Rich Internet Applications ◽

10.4018/978-1-4666-6437-1.ch009 ◽

2014 ◽

pp. 189-209

Keyword(s):

Web Services ◽

Case Studies ◽

Third Party ◽

Markup Language ◽

Business Logic ◽

Thin Client ◽

Server Side ◽

Extensible Markup ◽

Client Side ◽

Hypertext Markup Language

In development of thin-client applications, it is a common practice to use server-side technologies in order to create data and business logic back-ends and client side-technologies to create lightweight HyperText Markup Language (HTML)-based front-ends. In the development of Web 2.0 applications, the data and business logic back-ends are typically built on top of third-party Web services. In this context, Simple Object Access Protocol (SOAP) has been traditionally used as the standard communication protocol for eXtensible Markup Language (XML)-based Web services. This chapter presents a review of the support for invoking SOAP-based Web services using Java; then, it discusses the development, using jQuery, Prototype, Dojo, and Java Server Pages (JSP), of different thin-client applications based on third-party SOAP Web services by means of a series of case studies to exemplify the use of some User Interface (UI) patterns for accomplishing rich design principles such as stay on the page and use transitions.

Download Full-text

EMR System for Orthodontics Based on Flex and SSH

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.44-47.728 ◽

2010 ◽

Vol 44-47 ◽

pp. 728-732

Author(s):

Wen Jun Zhang ◽

Yi Liu ◽

Ai Min Yang ◽

Yan Jiang

Keyword(s):

Medical Records ◽

Web Design ◽

Business Logic ◽

Rich Internet Application ◽

Server Side ◽

Peking University ◽

Data Persistence ◽

Java Ee ◽

Internet Application ◽

Client Side

Because no commercial EMR system in the field of orthodontics is suitable for orthodontist’s purposes now, we study orthodontist’s daily workflow, analyze the requirements, and finally develop the EMR system, Decision-Support and Orthodontist Management for Peking University School of Stomatology. We adopt advanced Rich Internet Application (RIA), such as Flex, to implement business process, human-computer interaction and data visualization on the client-side according to orthodontist’s workflow; SSH (Struts, Spring, Hibernate), three popular Web design frameworks based on Java EE, to implement orthodontist’s business logic and data persistence on the server-side so as to develop low-coupling codes. And the EMR system is integrated with existing Resister, Ward and Drugstore information systems. The practice shows that the EMR system can fit seamlessly into orthodontist’s daily workflow and effectively replace current paper medical records.

Download Full-text

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2019-1-22-26 ◽

2019 ◽

Author(s):

Kostyantyn Kharchenko

Keyword(s):

Knowledge Base ◽

Service Oriented Architecture ◽

Main Idea ◽

The Real ◽

Server Side ◽

Service Oriented ◽

Services Orchestration ◽

Client Side ◽

Abstract Operation ◽

Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Download Full-text

Optimized watershed delineation library for server-side and client-side web applications

Open Geospatial Data Software and Standards ◽

10.1186/s40965-019-0068-9 ◽

2019 ◽

Vol 4 (1) ◽

Cited By ~ 3

Author(s):

Muhammed Sit ◽

Yusuf Sermet ◽

Ibrahim Demir

Keyword(s):

Web Applications ◽

Server Side ◽

Watershed Delineation ◽

Client Side

Download Full-text

CADDAC: Multi-Client Collaborative Shape Design System with Server-based Geometry Kernel

Journal of Computing and Information Science in Engineering ◽

10.1115/1.1582882 ◽

2003 ◽

Vol 3 (2) ◽

pp. 170-173 ◽

Cited By ~ 21

Author(s):

Karthik Ramani, ◽

Abhishek Agrawal, and ◽

Mahendra Babu ◽

Christoph Hoffmann

Keyword(s):

Global Economy ◽

Design System ◽

Shape Design ◽

Server Side ◽

Collaborative Product Design ◽

Flexible Architecture ◽

Computationally Intensive ◽

New Feature ◽

Rendering Pipeline ◽

Client Side

New and efficient paradigms for web-based collaborative product design in a global economy will be driven by increased outsourcing, increased competition, and pressures to reduce product development time. We have developed a three-tier (client-server-database) architecture based collaborative shape design system, Computer Aided Distributed Design and Collaboration (CADDAC). CADDAC has a centralized geometry kernel and constraint solver. The server-side provides support for solid modeling, constraint solving operations, data management, and synchronization of clients. The client-side performs real-time creation, modification, and deletion of geometry over the network. In order to keep the clients thin, many computationally intensive operations are performed at the server. Only the graphics rendering pipeline operations are performed at the client-side. A key contribution of this work is a flexible architecture that decouples Application Data (Model), Controllers, Viewers, and Collaboration. This decoupling allows new feature development to be modular and easy to develop and manage.

Download Full-text

The Framework Design of E-Box Multimedia System

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.739.628 ◽

2013 ◽

Vol 739 ◽

pp. 628-631

Author(s):

Xiao Meng Chen ◽

Wei Chang Feng

Keyword(s):

Remote Control ◽

Multimedia System ◽

The Internet ◽

Tv Viewing ◽

Server Side ◽

Framework Design ◽

E Box ◽

Video And Audio ◽

The Rich ◽

Client Side

E-Box multimedia system is developed for the rich audio and video resource on the Internet and on its server side, it can automatically search and integration of network video and audio resources, and send to the client side for the user in real-time broadcast TV viewing, full use of remote control operation, Simply its a very easy to use multimedia system. This article introduces its infrastructure, main technical ideas and you can also see some details about server side and client side.

Download Full-text

A Home Multimedia Control Centers of Improved Design

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.338.796 ◽

2011 ◽

Vol 338 ◽

pp. 796-799

Author(s):

Wei Chang Feng

Keyword(s):

Remote Control ◽

Real Time ◽

Multimedia System ◽

The Internet ◽

Tv Viewing ◽

Server Side ◽

Video And Audio ◽

The Rich ◽

Improved Design ◽

Client Side

E-Yuan multimedia system is developed for the rich audio and video resource on the Internet and on its server side, it can automatically search and integration of network video and audio resources, and send to the client side for the user in real-time broadcast TV viewing, full use of remote control operation, Simply it’s a very easy to use multimedia system. This article introduces its infrastructure, main technical ideas and you can also see some details about server side and client side. At the same time, the improvement on how to collect and integrate video resources is comprehensively elaborated.

Download Full-text

Reducing distributed denial of service (DDoS) attacks using client puzzle mechanism

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.1.9473 ◽

2017 ◽

Vol 7 (1.1) ◽

pp. 230

Author(s):

C. Vasan Sai Krishna ◽

Y. Bhuvana ◽

P. Pavan Kumar ◽

R. Murugan

Keyword(s):

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attack ◽

Computing Power ◽

Server Side ◽

Ddos Attack ◽

Client Machine ◽

Client Side

In a typical DoS attack, the attacker tries to bring the server down. In this case, the attacker sends a lot of bogus queries to the server to consume its computing power and bandwidth. As the server’s bandwidth and computing power are always greater than attacker’s client machine, He seeks help from a group of connected computers. DDoS attack involves a lot of client machines which are hijacked by the attacker (together called as botnet). As the server handles all these requests sent by the attacker, all its resources get consumed and it cannot provide services. In this project, we are more concerned about reducing the computing power on the server side by giving the client a puzzle to solve. To prevent such attacks, we use client puzzle mechanism. In this mechanism, we introduce a client-side puzzle which demands the machine to perform tasks that require more resources (computation power). The client’s request is not directly sent to the server. Moreover, there will be an Intermediate Server to monitor all the requests that are being sent to the main server. Before the client’s request is sent to the server, it must solve a puzzle and send the answer. Intermediate Server is used to validate the answer and give access to the client or block the client from accessing the server.

Download Full-text