Enhancing RESTful Web Service Security

To date organizations are still running various autonomous legacy systems alongside newer modern Web-based systems. Most of the old legacy systems are based on the monolithic architectures such as the client-server which are considered obsolete as they no longer meet the needs of modern applications. Modern applications require an architecture that can support multichannel user experiences such as web apps mobile apps social media email and many more. Service-oriented architecture (SOA) were proposed as a solution to the challenges experienced in monolithic applications. SOA comes into two flavors that’s SOAP and REST. However SOAP is a heavyweight communication technology that is not appropriate for use in modern web applications thus REST is preferred for use in developing modern applications today due to its lightweight nature. However unlike SOAP which is standardized REST currently has no specified security standards and therefore it is not recommended for use in enterprise systems which require strong security implementations. Therefore the researcher developed an authentication scheme for RESTful web services based on a two-factor authentication mechanism.