Bootstrapping OAuth for mobile apps using QR codes

Authors

  • V. Giralt Central ICT Services, University of Málaga, Málaga, Spain
  • M. Baleriola Central ICT Services, University of Málaga, Málaga, Spain
  • I. Pérez-Martín Central ICT Services, University of Málaga, Málaga, Spain
  • A. Muñoz Central ICT Services, University of Málaga, Málaga, Spain
  • J. Canca Central ICT Services, University of Málaga, Málaga, Spain

DOI:

https://doi.org/10.7250/eunis.2013.048

Keywords:

Mobile apps, QR codes, Oauth, identity management

Abstract

The current trend to do as many things as possible using mobile devices prompted the University of Málaga Central ICT Services to plan the development of mobile apps that would allow access to student data stored in the student management systems. Allowing access to personal data required strong authentication of the users and a secure way of storing credentials in otherwise insecure devices. Most mobile devices used by the student population have cameras that can scan QR codes and act on them. So, inserting a QR scan in the application installation process was an easy way to go. The initial application is able to send alerts to the registered handsets and allow for reviewing published exams results. The app got over two thousand registered devices in five days.

References

PhoneGap website (2013). PhoneGap framework. Retrieved May 1st, 2013, from: http://phonegap.com/

Hammer-Lahav, E., Ed. (2010). RFC 5849: The OAuth 1.0 Protocol. April, 2010. Internet Engineering Task Force. ISSN: 2070-1721

Downloads

Issue

2013: ICT Role for Next Generation Universities

Section

Enterprise Architecture