| 基于RequestBody的Open API安全认证机制 |
| |
| 引用本文: | 姜建武,胡垚,李景文.基于RequestBody的Open API安全认证机制[J].科学技术与工程,2019,19(19):196-200. |
| |
| 作者姓名: | 姜建武 胡垚 李景文 |
| |
| 作者单位: | 桂林理工大学,桂林理工大学,桂林理工大学 |
| |
| 基金项目: | 国家自然科学基金项目(地区基金)41461085 |
| |
| 摘 要: | 为解决当前Open API面临的身份伪造钓鱼攻击、账户与业务信息泄露和API平台恶意攻击等问题,提出了一种基于Request Body(请求体)的API安全认证机制。该机制由双重签名验证、请求体加密、URI验证、接口权限认证和异常侦测五部分组成,用于防范钓鱼网站诱骗、加固用户数据传输安全和提升API平台抵御攻击的能力。通过在线测试和实际项目验证,表明该机制能够在保证API认证速度的同时保证用户和接口的安全。
|
| 关 键 词: | Open API 安全认证 RestFul API 信息加密 |
| 收稿时间: | 2019/1/10 0:00:00 |
| 修稿时间: | 2019/3/18 0:00:00 |
Research on Open Api Security Authentication Mechanism Based on Requestbody |
| |
| jiangjianwu,huyao and.Research on Open Api Security Authentication Mechanism Based on Requestbody[J].Science Technology and Engineering,2019,19(19):196-200. |
| |
| Authors: | jiangjianwu huyao and |
| |
| Institution: | Guilin University of Technology,Guilin University of Technology, |
| |
| Abstract: | Aiming at the problems of identity forgery phishing attacks, account and business information leakage and API platform malicious attacks, this paper proposes an API security authentication mechanism based on Request Body. The mechanism consists of five parts: double signature verification, request body encryption, URI verification, interface authority authentication and exception detection. It is used to prevent phishing scams, strengthen user data transmission security and improve the ability of the API platform to resist attacks. Through online testing and actual project verification, it shows that the mechanism can ensure the security of users and interfaces while ensuring the speed of API authentication. |
| |
| Keywords: | open api security certification restful api inforrmation encryption |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《科学技术与工程》浏览原始摘要信息 |
| 点击此处可从《科学技术与工程》下载免费的PDF全文 |
|
