REST protocol is a commonly used Web-based communication interface in various areas (e.g., Web service, IoT devices). Current REST protocol faces several challenges to solve the authentication system. This paper describes an ID-based authentication algorithm using Boneh-Franklin ID-based encryption to achieve a secure and stateless RESTful Web service. This ID-based authentication process allows a server to handle client requests by acknowledging the client's URI rather than storing client's state, thereby simplifying the process. This paper discusses the shortcomings of current authentication mechanisms, the concept of ID-based encryption (IBE), and the process of stateless secure REST protocol.
LeeS., JoJ., KimY. and StephenH., A Framework for Environmental Monitoring with Arduino-Based Sensors Using Restful Web Service, Services Computing (SCC), 2014 IEEE International Conference on, June 27 2014. pp. 275-282.
2.
The Solar Energy-Water-Environment Nexus in Nevada [Online]. Available: http://nvsolarnexus.org/.
3.
LeeS., JoJ., KimY. and StephenH., Restful Web Service and Web-Based Data Visualization for Environmental Monitoring, International Journal of Software Innovation3(1) (Jan. 2015), 75-95.
4.
FerreiraH.G.C., CanedoE.D. and de Sousa JuniorR., ``IoT Architecture to Enable Intercommunication Through REST API and UPnP Using IP, ZigBee and Arduino,''1st International Workshop on Internet of Things Communications and Technologies (IoT'13), 7-9 Oct. 2013, pp. 53-60.
5.
AihkisaloT., Latencies of Service Invocation and Processing of the REST and SOAP Web Service Interfaces, Services, IEEE Eighth World Congress on (24 June 2012), 100-107.
6.
LeeS., JoJ. and KimY., Environmental Sensor Monitoring with secure RESTful Web Service, International Journal of Services Computing (ISSN 2330-4472), 2015.
7.
Google ``A well-earned retirement for the SOAP Search API'', 31 Aug. 2009. Online available: http://googlecode. blogspot.com/2009/08/well-earned-retirement-for-soap-search.html.
8.
O'ReillyT., ``REST vs. SOAP at Amazon'', OREILLY Community, 30 Apr. 2003. Online available: http://archive.oreilly. com/pub/wlg/3005.
9.
FieldingR.T., Architectural Styles and the Design of Network based Software Architectures, California, Irvine: University of California, 2000.
10.
FengX., ShenJ. and FanY., REST: An alternative to RPC for Web services architecture, Future Information Networks. First International Conference on, 14 Oct. 2009, pp. 7-10.
11.
MasoodA., Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities in financial services, Technologies for Homeland Security (HST), 2013 IEEE International Conference on, 12 Nov. 2013, pp. 1-6.
12.
JoJ., KimY. and LeeS., Mindmetrics: Identifying users without their login IDs, Systems, Man and Cybernetics (SMC), 2014 IEEE International Conference on. 5 Oct. 2014. pp. 2121-2126.
13.
PengD., LiC. and HuoH., An extended Username Token-based approach for REST-style Web Service Security Authentication, Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on, 8 Aug. 2009. pp. 582-586.
14.
BonehD. and FranklinM., Identity-Based Encryption from the Weil Pairing, Proc. of Advances in Cryptology - Crypto 2001, LNCS 2139, Springer-Verlag, 2001, pp. 213-229.
15.
SANS, ``Four Attacks on OAuth - How to Secure Your OAuth Implementation''. Online available: http://www.sans.org/ reading-room/whitepapers/application.
16.
ShamirA., Identity-Based Cryptosystems and Signature Schemes, Advances in Cryptology: Proceedings of CRYPTO 84, Lecture Notes in Computer Science7 (1984), 47-53.
17.
MillerV.S., Use of Elliptic Curves in Cryptography, in Advances in Cryptology - CRYPTO 85: Proceedings. 218: Springer-Verlag, 1986, pp. 417-426.
18.
KoblitzN., Elliptic Curve Cryptosystems, Mathematics of Computation48 (1987), 203-209.
19.
LeeS., JoJ. and KimY., A Method for Secure RESTful Web Service'', Computer and Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on. 28 Jun. 2015, pp. 77-81.
20.
DongC., Bilinear Pairing in Pure Java, 20 Jan. 2015. Online available: https://personal.cis.strath.ac.uk/changyu.dong/ jpair/jpair.html.
21.
Sinha.R., KumarH. and GuptaS.S., Performance Based Comparison Study of RSA and Elliptic Curve Cryptography, International Journal of Scientific & Engineering Research4(5) (May 2013), 720-725.
22.
LeeS., JoJ. and KimY., Performance Testing of Web-Based Data Visualization, Systems, Man and Cybernetics (SMC), IEEE International Conference on. 5 Oct. 2014. pp. 1648-1653.
23.
NahF., ``A study on tolerable waiting time: how long are Web users willing to wait?'', AMCIS2003, p. 285.
