TAILIEUCHUNG - Implementing web service security policies for education database system

In this article, we analyze the information security risks of web services, evaluate existing solutions, and then select the most effective policies for the education database system. We have implemented security policies including authentication, authorization. In which authentication is based on OAuth and JSON web tokens (JWT). | Implementing web service security policies for education database system AGU International Journal of Sciences – 2019, Vol. 7 (4), 74 – 81 IMPLEMENTING WEB SERVICE SECURITY POLICIES FOR EDUCATION DATABASE SYSTEM Nguyen Hoang Tung1, Nguyen Van Hoa1 1 An Giang University, VNU - HCM Information: ABSTRACT Received: 20/02/2019 Today, information security is particularly relevant when considering the Accepted: 29/03/2019 increasing risk of information security when exchanging data on the Internet Published: 11/2019 between applications and web services. In this article, we analyze the Keywords: information security risks of web services, evaluate existing solutions, and Web service, security, then select the most effective policies for the education database system. We identification, authentication, have implemented security policies including authentication, authorization. authorization In which authentication is based on OAuth and JSON web tokens (JWT). We have also implemented two authorization filters with the roles of raw authorization filter and fine-grained authorization filter for improving the effectiveness of the authorization. Experimental results show that the running time of fine-grained authorization filter is negligible. 1. INTRODUCTION select and implement synchronous information security policies. Today, the exchange of information on the Internet is ever-expanding. Therefore, the need for In the era of the information explosion, web information security when exchanging technology has become a familiar and widely- information is an urgent and vital requirement for used platform. Many large organizations, such as robust information systems. The exchange of Google, Amazon, Ebay, Paypal, and Facebook, information on the Internet often contains a lot of have made substantial strides thanks to the risks because of the constant attacks of many development of the website based on the .

• Kỹ thuật lập trình
• Implementing web service security policies
• Education database system
• JSON web tokens
• Evaluate existing solutions
• The information security risk
• The education database system