Estudio de mejora en la seguridad de aplicaciones Web y de aplicaciones móviles mediante el protocolo OpenID Connect open source utilizado en IdentityServer4

Abstract

The creation of access account by platform and access to them using current technologies are susceptible to multiple attacks in order to obtain sensitive and useful information for the attacker. According to the United States government, we invite several billon USD to resolve cyber defense incidents, which are about 40% unauthorized access. According to Kaspersky Lab, there are more than 110 thousand daily malware attacks correspond to Ecuador. This problem is common in mobile and web applications. The unification of the authentication process partially solves the impact of risks presented by different types of developments in web and mobile applications which only facilitates authentication with JWT Encryption to users registered in Identity Server. The features that will be used in this article are based on Identity Server with the OpenID Connect protocol, which can be used by developers and future university research. The methodology used for the analysis of the documentation is the systematic mapping with the objective of identifying and evidencing each of the different stages of solution plus possible failures. The implementation of the Identity Server solution provided a high level of security against unauthorized access in web and mobile applications, which represents an improvement in security. After analyzing the implementation of this article, there are possible variables that have not been validated and which will surely alter the result of this research.