An analysis on the revoking mechanisms for JSON Web Tokens-Reference-Cited by-同舟云学术

An analysis on the revoking mechanisms for JSON Web Tokens

Published:2018-09 Issue:9 Volume:14 Page:155014771880153
ISSN:1550-1477
Container-title:International Journal of Distributed Sensor Networks
language:en
Short-container-title:International Journal of Distributed Sensor Networks

Author:

Jánoky László Viktor¹^ORCID,Levendovszky János²,Ekler Péter¹

Affiliation:

1. Department of Automation and Applied Informatics, Budapest University of Technology and Economics, Budapest, Hungary

2. Department of Telecommunications and Media Informatics, Budapest University of Technology and Economics, Budapest, Hungary

Abstract

JSON Web Tokens provide a scalable solution with significant performance benefits for user access control in decentralized, large-scale distributed systems. Such examples would entail cloud-based, micro-services styled systems or typical Internet of Things solutions. One of the obstacles still preventing the wide-spread use of JSON Web Token–based access control is the problem of invalidating the issued tokens upon clients leaving the system. Token invalidation presently takes a considerable processing overhead or a drastically increased architectural complexity. Solving this problem without losing the main benefits of JSON Web Tokens still remains an open challenge which will be addressed in the article. We are going to propose some solutions to implement low-complexity token revocations and compare their characteristics in different environments with the traditional solutions. The proposed solutions have the benefit of preserving the advantages of JSON Web Tokens, while also adhering to stronger security constraints and possessing a finely tuneable performance cost.

Publisher

SAGE Publications

Subject

Computer Networks and Communications,General Engineering

Link

http://journals.sagepub.com/doi/pdf/10.1177/1550147718801535

Reference9 articles.

1. Research Directions for the Internet of Things

Cited by 10 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Authentication and Authorization Management in SOA with the Focus on RESTful Services;International Journal of Software Engineering and Knowledge Engineering;2023-07-21

2. Energy Sector Digitilisation: A Security Framework Application for Role-Based Access Management;2023 14th International Conference on Information, Intelligence, Systems & Applications (IISA);2023-07-10

3. Design and Implementation of Standardization of Power Detection Test Data Based on JSON Representation;The proceedings of the 10th Frontier Academic Forum of Electrical Engineering (FAFEE2022);2023

4. Improvising JSON Web Token Authentication in SDN;2022 International Conference on Communication, Computing and Internet of Things (IC3IoT);2022-03-10

5. Investigating the role of usable security in developers' intention toward security enhancement in service‐oriented applications;SECURITY AND PRIVACY;2021-12-23