Abstract
Recent technology developments in the area of services on the Web are marked by the proliferation of Web applications and APIs. The implementation and evolution of applications based on Web APIs is, however, hampered by the lack of automation that can be achieved with current technologies. Research on semantic Web services is therefore trying to adapt the principles and technologies that were devised for traditional Web services, to deal with this new kind of services. In this paper we show that currently more than 80% of the Web APIs require some form of authentication. Therefore authentication plays a major role for Web API invocation and should not be neglected in the context of mashups and composite data applications. We present a thorough analysis carried out over a body of publicly available APIs that determines the most commonly used authentication approaches. In the light of these results, we propose an ontology for the semantic annotation of Web API authentication information and demonstrate how it can be used to create semantic Web API descriptions. We evaluate the applicability of our approach by providing a prototypical implementation, which uses authentication annotations as the basis for automated service invocation.
Chapter PDF
Similar content being viewed by others
Keywords
- Authentication Protocol
- Semantic Annotation
- Semantic Description
- Authentication Information
- Authentication Credential
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Richardson, L., Ruby, S.: RESTful Web Services. O’Reilly Media, Sebastopol (May 2007)
Hadley, M. J.: Web Application Description Language (WADL). Technical report, Sun Microsystems (November 2006), https://wadl.dev.java.net
Web Services Description Language (WSDL) Version 2.0. W3C Recommendation (June 2007), http://www.w3.org/TR/wsdl20/
Kopecký, J., Vitvar, T., Fensel, D., Gomadam, K.: hRESTS & MicroWSMO. Technical report (2009), http://cms-wg.sti2.org/TR/d12/
Sheth, A.P., Gomadam, K., Lathem, J.: SA-REST: Semantically Interoperable and Easier-to-Use Services and Mashups. IEEE Internet Computing 11(6), 91–94 (2007)
Kopecký, J., Vitvar, T., Bournez, C., Farrel, J.: SAWSDL: Semantic Annotations for WSDL and XML Schema. IEEE Internet Computing 11(6), 60–67 (2007)
Kopecký, J., Gomadam, K., Vitvar, T.: hRESTS: an HTML Microformat for Describing RESTful Web Services. In: Proceedings of International Conference on Web Intelligence, WI 2008 (2008)
RDFa in XHTML: Syntax and Processing. Proposed Recommendation, W3C (September 2008), http://www.w3.org/TR/rdfa-syntax/
Nadalin, A., Kaler, C., Monzillo, R., Hallam-Baker, P.: Web Services Security: SOAP Message Security 1.1, WS-Security 2004 (2006)
Franks, J., Hallam-Baker, P., Hostetler, J.: HTTP Authentication: Basic and Digest Access Authentication RFC 2617. The Internet Society (1999)
Freed, N., Borenstein, N.: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies, http://tools.ietf.org/html/rfc2045
The MD5 Message-Digest Algorithm, http://tools.ietf.org/html/rfc1321 (visited June 2010)
Atwood, M., et al.: OAuth Core 1.0 Specification, http://oauth.net/core/1.0/
Maleshkova, M., Pedrinaci, C., Domingue, J.: Supporting the creation of semantic RESTful service descriptions. In: Service Matchmaking and Resource Retrieval in the Semantic Web (SMR2) at 8th International Semantic Web Conference (2009)
Álvaro, G., Martínez, I., Gómez, J.M., Lecue, F., Pedrinaci, C., Villa, M., Di Matteo, G.: Using SPICES for a Better Service Consumption. Poster at the 7th Extended Semantic Web Conference, ESWC (2010)
Close, T.: Web-key: Mashing with Permission. In: Proceedings of Web 2.0 Security and Privacy (2008)
Story, H., Harbulot, B., Jacobi, I., Jones, M.: FOAF+SSL: RESTful Authentication for the Social Web. In: SPOT 2009 European Semantic Web Conference (2009)
Kagal, L., Paolucci, M., Srinivasan, N., Denker, G., Finin, T., Sycara, K.: Authorization and Privacy for Semantic Web Services. IEEE Intelligent Systems 19(4) (July 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Maleshkova, M., Pedrinaci, C., Domingue, J., Alvaro, G., Martinez, I. (2010). Using Semantics for Automating the Authentication of Web APIs. In: Patel-Schneider, P.F., et al. The Semantic Web – ISWC 2010. ISWC 2010. Lecture Notes in Computer Science, vol 6496. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17746-0_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-17746-0_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17745-3
Online ISBN: 978-3-642-17746-0
eBook Packages: Computer ScienceComputer Science (R0)