Published January 30, 2025 | Version CC-BY-NC-ND 4.0
Journal article Open

An In-Depth Approach to Strengthening Security in Open-Access Libraries Utilizing JSON Web Tokens (JWT)

Creators

  • 1. Department of Physics, Engineering and Computer Science and University of Hertfordshire, Hatfield, UK.

Contributors

Researcher:

  • 1. Department of Physics, Engineering and Computer Science and University of Hertfordshire, Hatfield, UK.

Description

Abstract: In response to growing security concerns in software development, this study introduces an open-access library designed to enhance authentication systems using JSON Web Tokens (JWT). This research addresses critical challenges in integrating secure authentication mechanisms by developing a new, scalable, user-friendly library focused on security and ease of implementation. The library incorporates JWT rotation, Redis integration, and customizable validation to ensure robust, adaptable security for developers. Utilizing an agile, Extreme Programming (XP) methodology, the library was iteratively tested and optimized based on real-world developer feedback. The result of the new library shows improved usability, flexibility, and token management efficiency, demonstrating the effectiveness in supporting secure authentication practices compared to the state-of-the-art libraries. The new library is offering a practical, open-source solution to strengthen authentication systems in modern web applications, advancing the accessibility of secure, reliable software development tools.

Files

E818113050125.pdf

Files (627.3 kB)

Name Size Download all
md5:fbe8d06579c21992d1afd7c87c8198da
627.3 kB Preview Download

Additional details

Identifiers

DOI
10.35940/ijrte.E8181.13050125
EISSN
2277-3878

Dates

Accepted
2025-01-15
Manuscript received on 31 October 2024 | First Revised Manuscript received on 15 November 2024 | Second Revised Manuscript received on 02 December 2024 | Manuscript Accepted on 15 January 2025 | Manuscript published on 30 January 2025.

References

  • M. Jones, B. Campbell, C. Mortimore "JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants," RFC 7523, May 2015. DOI: https://doi.org/10.17487/RFC7523
  • A. Bucko, K. Vishi, B. Krasniqi and B. Rexha "Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History" Computers, vol. 12, no. 4, pp. 1-15, 2023. DOI: https://doi.org/10.3390/computers12040078
  • P. Varalakshmi, G. Bhuvaneswari, V. S. Praveena, D. Thomas, and S. Kannan, "Improvising JSON Web Token Authentication in SDN," 2022 International Conference on Communication, Computing and Internet of Things (IC3IoT), 2022, pp. 1-8. DOI: https://doi.org/10.1109/IC3IOT53935.2022.9767873.
  • S. Ahmed, and Q. Mahmood "An authentication-based scheme for application using JSON Web token", 2019 22nd International Multitopic Conference (INMIC). pp. 11-15. DOI: https://doi.org/10.1109/INMIC48123.2019.9022766
  • M. Haekal, and Eliyani "Token-based authentication using JSON Web Token on SIKASIR RESTful Web Service," 2016 International Conference on Informatics and Computing (ICIC), 2016, pp. 175-179, DOI: https://doi.org/10.1109/IAC.2016.7905711
  • D. Hardt, The OAuth 2.0 Authorization Framework, RFC 6749, Oct. 2012. DOI: https://doi.org/10.17487/RFC6749
  • M. Karlsson, "Analysis of the use of the Redis in the distributed order processing system in the restaurant network," Redis Labs, 2022. DOI: https://doi.org/10.15587/2706-5448.2021.238460
  • C. J. Stettina, J. Garbajosa, and P. Kruchten, "Agile Processes in Software Engineering and Extreme Programming: Proceedings of the 24th International Conference, XP 2023, Amsterdam, The Netherlands," Springer, 2023. DOI: https://doi.org/10.1007/978-3-031-33976-9
  • S. Dalimunthe, E. H. Putra, M. A. F. Ridha "Restful API Security Using JSON Web Token (JWT) With HMAC-Sha512 Algorithm in Session Management" 2023. DOI: https://dx.doi.org/10.25299/itjrd.2023.12029
  • Reddy, P. A., & Reddy, P. H. chandan. (2020). User Authentication and Password Protection using an Algorithm ACR. In International Journal of Innovative Technology and Exploring Engineering (Vol. 9, Issue 4, pp. 3212–3215). Doi: https://doi.org/10.35940/ijitee.c8869.029420
  • Mahindrakar, P., & Pujeri, Dr. U. (2020). Insights of JSON Web Token. In International Journal of Recent Technology and Engineering (IJRTE) (Vol. 8, Issue 6, pp. 1707–1710). Doi: https://doi.org/10.35940/ijrte.f7689.038620
  • Mahindrakar, P., & Pujeri, U. (2020). Security Implications for Json web Token Used in MERN Stack for Developing E Commerce Web Application. In International Journal of Engineering and Advanced Technology (Vol. 10, Issue 1, pp. 39–45). Doi: https://doi.org/10.35940/ijeat.a1663.1010120
  • Kumar, Dr. A., Bhatia, Dr. A., Mishra, Dr. A., & Gupta, T. (2024). A Model Apporach for Identity and Access Management (IAM) System in the Cloud. In International Journal of Soft Computing and Engineering (Vol. 13, Issue 6, pp. 28–36). Doi: https://doi.org/10.35940/ijsce.d3645.13060124
  • Dungarani, R., & Gujjar, Dr. S. N. (2024). Intrusion Detection System to Secure a Network using ACNN Model and Machine Learning. In International Journal of Innovative Science and Modern Engineering (Vol. 12, Issue 6, pp. 1–5). Doi: https://doi.org/10.35940/ijisme.g1319.12060624