{"id":"https://openalex.org/W2915144602","doi":"https://doi.org/10.3390/fi11030056","title":"On the Need for a General REST-Security Framework","display_name":"On the Need for a General REST-Security Framework","publication_year":2019,"publication_date":"2019-02-27","ids":{"openalex":"https://openalex.org/W2915144602","doi":"https://doi.org/10.3390/fi11030056","mag":"2915144602"},"language":"en","primary_location":{"id":"doi:10.3390/fi11030056","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi11030056","pdf_url":"https://www.mdpi.com/1999-5903/11/3/56/pdf?version=1551264063","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1999-5903/11/3/56/pdf?version=1551264063","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5037591969","display_name":"Luigi Lo Iacono","orcid":"https://orcid.org/0000-0002-7863-0622"},"institutions":[{"id":"https://openalex.org/I102520234","display_name":"TH K\u00f6ln - University of Applied Sciences","ror":"https://ror.org/014nnvj65","country_code":"DE","type":"education","lineage":["https://openalex.org/I102520234"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Luigi Lo Iacono","raw_affiliation_strings":["Data and Application Security Group, Cologne University of Applied Sciences, 50679 Cologne, Germany"],"raw_orcid":"https://orcid.org/0000-0002-7863-0622","affiliations":[{"raw_affiliation_string":"Data and Application Security Group, Cologne University of Applied Sciences, 50679 Cologne, Germany","institution_ids":["https://openalex.org/I102520234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085741749","display_name":"Hoai Viet Nguyen","orcid":"https://orcid.org/0000-0002-6540-5389"},"institutions":[{"id":"https://openalex.org/I102520234","display_name":"TH K\u00f6ln - University of Applied Sciences","ror":"https://ror.org/014nnvj65","country_code":"DE","type":"education","lineage":["https://openalex.org/I102520234"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Hoai Viet Nguyen","raw_affiliation_strings":["Data and Application Security Group, Cologne University of Applied Sciences, 50679 Cologne, Germany"],"raw_orcid":"https://orcid.org/0000-0002-6540-5389","affiliations":[{"raw_affiliation_string":"Data and Application Security Group, Cologne University of Applied Sciences, 50679 Cologne, Germany","institution_ids":["https://openalex.org/I102520234"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5043448995","display_name":"Peter Leo Gorski","orcid":"https://orcid.org/0000-0003-0391-4054"},"institutions":[{"id":"https://openalex.org/I102520234","display_name":"TH K\u00f6ln - University of Applied Sciences","ror":"https://ror.org/014nnvj65","country_code":"DE","type":"education","lineage":["https://openalex.org/I102520234"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Peter Leo Gorski","raw_affiliation_strings":["Data and Application Security Group, Cologne University of Applied Sciences, 50679 Cologne, Germany"],"raw_orcid":"https://orcid.org/0000-0003-0391-4054","affiliations":[{"raw_affiliation_string":"Data and Application Security Group, Cologne University of Applied Sciences, 50679 Cologne, Germany","institution_ids":["https://openalex.org/I102520234"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5037591969"],"corresponding_institution_ids":["https://openalex.org/I102520234"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":1.4104,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.85909104,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"11","issue":"3","first_page":"56","last_page":"56"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8320401906967163},{"id":"https://openalex.org/keywords/representational-state-transfer","display_name":"Representational state transfer","score":0.8284837007522583},{"id":"https://openalex.org/keywords/soap","display_name":"SOAP","score":0.6343796253204346},{"id":"https://openalex.org/keywords/rest","display_name":"Rest (music)","score":0.5895451307296753},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5434716939926147},{"id":"https://openalex.org/keywords/architectural-style","display_name":"Architectural style","score":0.5429016351699829},{"id":"https://openalex.org/keywords/service-oriented-architecture","display_name":"Service-oriented architecture","score":0.5050778985023499},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5008566379547119},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.42896631360054016},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.41752031445503235},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.41125333309173584},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.39542871713638306},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.3599167466163635},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2653276324272156},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.162350594997406},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.10114392638206482}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8320401906967163},{"id":"https://openalex.org/C65399332","wikidata":"https://www.wikidata.org/wiki/Q749568","display_name":"Representational state transfer","level":3,"score":0.8284837007522583},{"id":"https://openalex.org/C17881449","wikidata":"https://www.wikidata.org/wiki/Q189620","display_name":"SOAP","level":2,"score":0.6343796253204346},{"id":"https://openalex.org/C77265313","wikidata":"https://www.wikidata.org/wiki/Q879844","display_name":"Rest (music)","level":2,"score":0.5895451307296753},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5434716939926147},{"id":"https://openalex.org/C2777364373","wikidata":"https://www.wikidata.org/wiki/Q32880","display_name":"Architectural style","level":3,"score":0.5429016351699829},{"id":"https://openalex.org/C57041688","wikidata":"https://www.wikidata.org/wiki/Q220644","display_name":"Service-oriented architecture","level":3,"score":0.5050778985023499},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5008566379547119},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.42896631360054016},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.41752031445503235},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.41125333309173584},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.39542871713638306},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.3599167466163635},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2653276324272156},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.162350594997406},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.10114392638206482},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C136264566","wikidata":"https://www.wikidata.org/wiki/Q159810","display_name":"Economy","level":1,"score":0.0},{"id":"https://openalex.org/C164705383","wikidata":"https://www.wikidata.org/wiki/Q10379","display_name":"Cardiology","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/fi11030056","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi11030056","pdf_url":"https://www.mdpi.com/1999-5903/11/3/56/pdf?version=1551264063","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:gam:jftint:v:11:y:2019:i:3:p:56-:d:209521","is_oa":false,"landing_page_url":"https://www.mdpi.com/1999-5903/11/3/56/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},{"id":"pmh:oai:doaj.org/article:92aad2c72b3e4812bd92ec08b1bfff45","is_oa":true,"landing_page_url":"https://doaj.org/article/92aad2c72b3e4812bd92ec08b1bfff45","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet, Vol 11, Iss 3, p 56 (2019)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1999-5903/11/3/56/","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3390/fi11030056","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/fi11030056","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi11030056","pdf_url":"https://www.mdpi.com/1999-5903/11/3/56/pdf?version=1551264063","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W1577231857","https://openalex.org/W1716079485","https://openalex.org/W1786840554","https://openalex.org/W1922832738","https://openalex.org/W1935173149","https://openalex.org/W1955972220","https://openalex.org/W2013581618","https://openalex.org/W2031926216","https://openalex.org/W2095462340","https://openalex.org/W2098284912","https://openalex.org/W2103866959","https://openalex.org/W2105103777","https://openalex.org/W2106672610","https://openalex.org/W2112995928","https://openalex.org/W2114134373","https://openalex.org/W2133723082","https://openalex.org/W2234639732","https://openalex.org/W2248823624","https://openalex.org/W2249895122","https://openalex.org/W2263365646","https://openalex.org/W2267846771","https://openalex.org/W2280570678","https://openalex.org/W2292809303","https://openalex.org/W2293966858","https://openalex.org/W2295626312","https://openalex.org/W2296718334","https://openalex.org/W2296912888","https://openalex.org/W2304965889","https://openalex.org/W2482813613","https://openalex.org/W2521524686","https://openalex.org/W2552662125","https://openalex.org/W2611663843","https://openalex.org/W2738224615","https://openalex.org/W2795042312","https://openalex.org/W4205480687","https://openalex.org/W4210531213","https://openalex.org/W4254098104","https://openalex.org/W4254697110","https://openalex.org/W6629279469","https://openalex.org/W6632603301","https://openalex.org/W6641506132","https://openalex.org/W6670015450","https://openalex.org/W6687778174","https://openalex.org/W6729722249","https://openalex.org/W6737066658","https://openalex.org/W6906355099"],"related_works":["https://openalex.org/W4232065107","https://openalex.org/W2912654454","https://openalex.org/W1560930976","https://openalex.org/W815641727","https://openalex.org/W2126602404","https://openalex.org/W2591994366","https://openalex.org/W2889930684","https://openalex.org/W2556264891","https://openalex.org/W2791375890","https://openalex.org/W2204562014"],"abstract_inverted_index":{"Contemporary":[0],"software":[1,12,30],"is":[2,60,81,116,142],"inherently":[3],"distributed.":[4],"The":[5,127,144,176],"principles":[6],"guiding":[7],"the":[8,18,39,74,105,114,120,136,148,158,171,208],"design":[9],"of":[10,46,123,129,170,196,207,233],"such":[11,49],"have":[13],"been":[14,45],"mainly":[15],"manifested":[16],"by":[17,29,34,103,199],"service-oriented":[19],"architecture":[20],"(SOA)":[21],"concept.":[22],"In":[23],"a":[24,65,85,179,187],"SOA,":[25],"applications":[26],"are":[27,133,161,211],"orchestrated":[28],"services":[31],"generally":[32],"operated":[33],"distinct":[35],"entities.":[36],"Due":[37],"to":[38,72,153,183,215],"latter":[40],"fact,":[41],"service":[42,94,125,194],"security":[43,67,121,189],"has":[44],"importance":[47],"in":[48,151,213],"systems":[50,59,95,195],"ever":[51],"since.":[52],"A":[53],"dominant":[54],"protocol":[55,230],"for":[56,91,138,191,221],"implementing":[57],"SOA-based":[58],"SOAP,":[61,73],"which":[62],"comes":[63],"with":[64,219],"well-elaborated":[66],"framework.":[68],"As":[69],"an":[70],"alternative":[71],"architectural":[75],"style":[76],"representational":[77],"state":[78],"transfer":[79],"(REST)":[80],"gaining":[82],"traction":[83],"as":[84,186],"simple,":[86],"lightweight":[87],"and":[88,135,155,164,201,226],"flexible":[89],"guideline":[90],"designing":[92],"distributed":[93],"that":[96,157],"scale":[97],"at":[98],"large.":[99],"This":[100],"paper":[101,145,177],"starts":[102],"introducing":[104],"basic":[106],"constraints":[107],"representing":[108],"REST.":[109],"Based":[110],"on":[111,119,181],"these":[112],"foundations,":[113],"focus":[115],"afterwards":[117],"drawn":[118],"needs":[122],"REST-based":[124,193],"systems.":[126],"limitations":[128],"transport-oriented":[130],"protection":[131,203],"means":[132],"emphasized":[134],"demand":[137],"specific":[139],"message-oriented":[140],"safeguards":[141],"assessed.":[143],"then":[146],"reviews":[147],"current":[149],"activities":[150],"respect":[152],"REST-security":[154,185],"finds":[156],"available":[159],"schemes":[160,173],"mostly":[162],"HTTP-centered":[163],"very":[165],"heterogeneous.":[166],"More":[167],"importantly,":[168],"all":[169],"analyzed":[172],"contain":[174],"vulnerabilities.":[175],"contributes":[178],"methodology":[180],"how":[182],"establish":[184],"general":[188],"framework":[190],"protecting":[192],"any":[197],"kind":[198],"consistent":[200],"comprehensive":[202],"means.":[204],"First":[205],"adoptions":[206],"introduced":[209],"approach":[210],"presented":[212],"relation":[214],"REST":[216],"message":[217],"authentication":[218],"instantiations":[220],"REST-ful":[222,227],"HTTP":[223],"(web/cloud":[224],"services)":[225],"constraint":[228],"application":[229],"(CoAP)":[231],"(internet":[232],"things":[234],"(IoT)":[235],"services).":[236]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}