Restful API Security Using JSON Web Token (JWT) With HMAC-Sha512 Algorithm in Session Management

Abstract

Information systems are technologies that can help work systematically. However, the existing systems or applications are not yet integrated with one another, making many processes have the same function on different systems, for example the authentication process is built using the web service concept. Integration or interoperability of information system software involving various components, which may create gaps that can disrupt system security. In this study, security has been implemented in web services using JSON Web Token (JWT) with the HMAC-SHA512 algorithm which is stored in browser cookies. From the research results, this concept is very suitable to be applied to applications or information systems on different platforms that use the same service, JWT tokens are also successfully stored in browser cookies. In addition, a comparison was also made between the HMAC-SHA512 and HMACSHA-256 algorithms and in the final result it was found that the total time difference was 185 ms and the average time difference was 6.17 ms. It can be concluded that the HMAC-SHA512 algorithm is 0.9861% faster than the HMAC-SHA256 algorithm.