Enhancing RESTful Web Service Security

To date, organizations are still running various autonomous legacy systems alongside newer modern Web-based systems. Most of the old legacy systems are based on the monolithic architectures such as the client-server which are considered obsolete as they no longer meet the needs of modern applications. Modern applications require an architecture that can support multichannel user experiences such as web apps, mobile apps, social media, email and many more. Service-oriented architecture (SOA) were proposed as a solution to the challenges experienced in monolithic applications. SOA comes into two flavors that's SOAP, and REST. However, SOAP is a heavyweight communication technology that is not appropriate for use in modern web applications thus REST is preferred for use in developing modern applications today due to its lightweight nature. However, unlike SOAP which is standardized, REST currently has no specified security standards and therefore, it is not recommended for use in enterprise systems which require strong security implementations. Therefore, the researcher developed an authentication scheme for RESTful web services based on a two-factor authentication mechanism.