An analysis on the revoking mechanisms for JSON Web Tokens
JSON Web Tokens provide a scalable solution with significant performance benefits for user access control in decentralized, large-scale distributed systems. Such examples would entail cloud-based, micro-services styled systems or typical Internet of Things solutions. One of the obstacles still preve...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
SAGE Publishing
2018-09-01
|
| Series: | International Journal of Distributed Sensor Networks |
| Online Access: | https://doi.org/10.1177/1550147718801535 |
| id |
doaj-78ca7421005a4f13a2019a2623900a13 |
|---|---|
| record_format |
Article |
| spelling |
doaj-78ca7421005a4f13a2019a2623900a132020-11-25T01:23:55ZengSAGE PublishingInternational Journal of Distributed Sensor Networks1550-14772018-09-011410.1177/1550147718801535An analysis on the revoking mechanisms for JSON Web TokensLászló Viktor Jánoky0János Levendovszky1Péter Ekler2Department of Automation and Applied Informatics, Budapest University of Technology and Economics, Budapest, HungaryDepartment of Telecommunications and Media Informatics, Budapest University of Technology and Economics, Budapest, HungaryDepartment of Automation and Applied Informatics, Budapest University of Technology and Economics, Budapest, HungaryJSON Web Tokens provide a scalable solution with significant performance benefits for user access control in decentralized, large-scale distributed systems. Such examples would entail cloud-based, micro-services styled systems or typical Internet of Things solutions. One of the obstacles still preventing the wide-spread use of JSON Web Token–based access control is the problem of invalidating the issued tokens upon clients leaving the system. Token invalidation presently takes a considerable processing overhead or a drastically increased architectural complexity. Solving this problem without losing the main benefits of JSON Web Tokens still remains an open challenge which will be addressed in the article. We are going to propose some solutions to implement low-complexity token revocations and compare their characteristics in different environments with the traditional solutions. The proposed solutions have the benefit of preserving the advantages of JSON Web Tokens, while also adhering to stronger security constraints and possessing a finely tuneable performance cost.https://doi.org/10.1177/1550147718801535 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
László Viktor Jánoky János Levendovszky Péter Ekler |
| spellingShingle |
László Viktor Jánoky János Levendovszky Péter Ekler An analysis on the revoking mechanisms for JSON Web Tokens International Journal of Distributed Sensor Networks |
| author_facet |
László Viktor Jánoky János Levendovszky Péter Ekler |
| author_sort |
László Viktor Jánoky |
| title |
An analysis on the revoking mechanisms for JSON Web Tokens |
| title_short |
An analysis on the revoking mechanisms for JSON Web Tokens |
| title_full |
An analysis on the revoking mechanisms for JSON Web Tokens |
| title_fullStr |
An analysis on the revoking mechanisms for JSON Web Tokens |
| title_full_unstemmed |
An analysis on the revoking mechanisms for JSON Web Tokens |
| title_sort |
analysis on the revoking mechanisms for json web tokens |
| publisher |
SAGE Publishing |
| series |
International Journal of Distributed Sensor Networks |
| issn |
1550-1477 |
| publishDate |
2018-09-01 |
| description |
JSON Web Tokens provide a scalable solution with significant performance benefits for user access control in decentralized, large-scale distributed systems. Such examples would entail cloud-based, micro-services styled systems or typical Internet of Things solutions. One of the obstacles still preventing the wide-spread use of JSON Web Token–based access control is the problem of invalidating the issued tokens upon clients leaving the system. Token invalidation presently takes a considerable processing overhead or a drastically increased architectural complexity. Solving this problem without losing the main benefits of JSON Web Tokens still remains an open challenge which will be addressed in the article. We are going to propose some solutions to implement low-complexity token revocations and compare their characteristics in different environments with the traditional solutions. The proposed solutions have the benefit of preserving the advantages of JSON Web Tokens, while also adhering to stronger security constraints and possessing a finely tuneable performance cost. |
| url |
https://doi.org/10.1177/1550147718801535 |
| work_keys_str_mv |
AT laszloviktorjanoky ananalysisontherevokingmechanismsforjsonwebtokens AT janoslevendovszky ananalysisontherevokingmechanismsforjsonwebtokens AT peterekler ananalysisontherevokingmechanismsforjsonwebtokens AT laszloviktorjanoky analysisontherevokingmechanismsforjsonwebtokens AT janoslevendovszky analysisontherevokingmechanismsforjsonwebtokens AT peterekler analysisontherevokingmechanismsforjsonwebtokens |
| _version_ |
1725120020702298112 |