{"updated":"2025-01-19T07:21:11.147513+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00242318","sets":["934:10195:11872:11922"]},"path":["11922"],"owner":"44499","recid":"242318","title":["Developing the Flexible Conformance Test Execution Platform for OAuth 2.0-based Security Profiles "],"pubdate":{"attribute_name":"公開日","attribute_value":"2025-01-15"},"_buckets":{"deposit":"1720efe7-c5bf-45f9-94d8-4cd0c09cfde6"},"_deposit":{"id":"242318","pid":{"type":"depid","value":"242318","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"Developing the Flexible Conformance Test Execution Platform for OAuth 2.0-based Security Profiles ","author_link":["668835","668839","668837","668840","668836","668838"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Developing the Flexible Conformance Test Execution Platform for OAuth 2.0-based Security Profiles "},{"subitem_title":"Developing the Flexible Conformance Test Execution Platform for OAuth 2.0-based Security Profiles ","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[一般投稿論文] conformance test, security profile, OAuth 2.0, Financial-grade API (FAPI), Keycloak","subitem_subject_scheme":"Other"}]},"item_type_id":"3","publish_date":"2025-01-15","item_3_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"Hitachi, Ltd.／Graduate School of Natural Science and Technology, Okayama University"},{"subitem_text_value":"Hitachi, Ltd."},{"subitem_text_value":"Faculty of Environmental, Life, Natural Science and Technology, Okayama University"}]},"item_3_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Hitachi, Ltd. / Graduate School of Natural Science and Technology, Okayama University","subitem_text_language":"en"},{"subitem_text_value":"Hitachi, Ltd.","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Environmental, Life, Natural Science and Technology, Okayama University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/242318/files/IPSJ-TDP0601010.pdf","label":"IPSJ-TDP0601010.pdf"},"date":[{"dateType":"Available","dateValue":"2025-01-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-TDP0601010.pdf","filesize":[{"value":"2.8 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"5"},{"tax":["include_tax"],"price":"0","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"0d0db859-c97f-46b8-bab3-3a78136be218","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2025 by the Information Processing Society of Japan"}]},"item_3_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Takashi, Norimatsu"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yuichi, Nakamura"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Toshihiro, Yamauchi"}],"nameIdentifiers":[{}]}]},"item_3_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Takashi, Norimatsu","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yuichi, Nakamura","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Toshihiro, Yamauchi","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_3_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12894091","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_3_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2435-6484","subitem_source_identifier_type":"ISSN"}]},"item_3_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Developers of OAuth 2.0's authorization server or OpenID Connect 1.0's OpenID provider software that support multiple OAuth 2.0-based security profiles need their products to pass conformance tests provided by the OpenID Foundation. However, they usually encounter several challenges. Specifically, they require extensive man-hours to create programs other than the product targeted for the conformance tests, provide support for execution of a new conformance test if required by a new security profile, and execute multiple conformance tests. Together with the Open-source Software community OAuth Special Interest Group, we developed a conformance test execution platform to resolve these issues, using Keycloak as the target for conformance tests. We evaluated the platform and confirmed that it resolves these issues. Using the platform, we executed conformance tests of the Financial-grade API (FAPI) and Open Banking security profiles to Keycloak and confirmed that Keycloak passed the conformance tests of these security profiles. This implies that Keycloak complies with their specifications. We confirmed by the evaluation of the platform that automating execution of a conformance test reduced its completion time by 56.8%, parallelizing execution of nine conformance tests reduced its completion time by 62.4% and lines of code of programs the developer needs to write was reduced by 85.7% by the platform. Finally, we published the platform on the GitHub repository for public use.\n------------------------------\nThis is a preprint of an article intended for publication Journal of\nInformation Processing(JIP). This preprint should not be cited. This\narticle should be cited as: Journal of Information Processing Vol.33(2025) (online)\n------------------------------","subitem_description_type":"Other"}]},"item_3_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Developers of OAuth 2.0's authorization server or OpenID Connect 1.0's OpenID provider software that support multiple OAuth 2.0-based security profiles need their products to pass conformance tests provided by the OpenID Foundation. However, they usually encounter several challenges. Specifically, they require extensive man-hours to create programs other than the product targeted for the conformance tests, provide support for execution of a new conformance test if required by a new security profile, and execute multiple conformance tests. Together with the Open-source Software community OAuth Special Interest Group, we developed a conformance test execution platform to resolve these issues, using Keycloak as the target for conformance tests. We evaluated the platform and confirmed that it resolves these issues. Using the platform, we executed conformance tests of the Financial-grade API (FAPI) and Open Banking security profiles to Keycloak and confirmed that Keycloak passed the conformance tests of these security profiles. This implies that Keycloak complies with their specifications. We confirmed by the evaluation of the platform that automating execution of a conformance test reduced its completion time by 56.8%, parallelizing execution of nine conformance tests reduced its completion time by 62.4% and lines of code of programs the developer needs to write was reduced by 85.7% by the platform. Finally, we published the platform on the GitHub repository for public use.\n------------------------------\nThis is a preprint of an article intended for publication Journal of\nInformation Processing(JIP). This preprint should not be cited. This\narticle should be cited as: Journal of Information Processing Vol.33(2025) (online)\n------------------------------","subitem_description_type":"Other"}]},"item_3_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌デジタルプラクティス（TDP）"}],"bibliographicIssueDates":{"bibliographicIssueDate":"2025-01-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"1","bibliographicVolumeNumber":"6"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"created":"2025-01-19T01:47:27.283587+00:00","id":242318,"links":{}}