A security analysis of authentication and authorization implemented in web applications based on the REST architecture

The purpose of this article is to prepare a security analysis of authentication and authorization mechanisms in web applications based on the REST architecture. The article analyzes the problems encountered during the implementation of the JSON Web Token (JWT) mechanism. The article presents example...

Full description

Bibliographic Details
Published in:	Journal of Computer Sciences Institute
Main Authors:	Tomasz Muszyński, Grzegorz Koziel
Format:	Article
Language:	English
Published:	Lublin University of Technology 2020-09-01
Subjects:	rest jwt api security security vulnerability
Online Access:	https://ph.pollub.pl/index.php/jcsi/article/view/1925

Similar Items

Pengamanan Restful API menggunakan JWT untuk Aplikasi Sales Order
by: Edy Edy, et al.
Published: (2019-08-01)

Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History
by: Ahmet Bucko, et al.
Published: (2023-04-01)

Revamp Keamanan Web Service Milik PT XYZ Menggunakan REST API
by: Agus Tedyyana, et al.
Published: (2021-05-01)

Restful Web Services Security By Using ASP.NET Web API MVC Based
by: Muhammad Imran Hussain
Published: (2014-07-01)

Fiatal közmunkások egyik lehetségesjövőképe(?) – avagy a magyar JWT
by: Tamás Sánta
Published: (2023-03-01)

LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience
by: Emil Marian Pasca, et al.
Published: (2025-01-01)

IoT Security Approaches in Oil & Gas Solution Industry 4.0
by: Cristian TOMA, et al.
Published: (2018-01-01)

Analysis of security CMS platforms by vulnerability scanners
by: Patryk Zamościński, et al.
Published: (2020-09-01)

Design and implementation of national security vulnerability database
by: ZHANG Yu-qing1, et al.
Published: (2011-01-01)

Design and implementation of national security vulnerability database
by: ZHANG Yu-qing1, et al.
Published: (2011-01-01)

Implementation of Automated Test Case Generation in REST API on Android-Based Koperasi Application
by: Syamsul Mujahidin, et al.
Published: (2023-02-01)

Enhancing RESTful API Authentication with Cryptography in Student Information Systems
by: Sucipto Sucipto, et al.
Published: (2024-08-01)

Secure and Modular Data Portal: Database System to Manage Broadly Classified and Large Scale Data
by: Atnafu Abrham Lencha, et al.
Published: (2024-04-01)

Exploring dynamic RESTful API implementation in IoT environments using Docker
by: Ebenhezer Mabotha, et al.
Published: (2025-10-01)

Optimization of Direct Sales and Sales Canvasser Sales Target Monitoring With RESTful API Implementation on Web-Based Monitoring System
by: Restian Dwi Friwaldi, et al.
Published: (2024-11-01)

Enhancing User Authentication: An Approach Utilizing Context-Based Fingerprinting With Random Forest Algorithm
by: Akram Al-Rumaim, et al.
Published: (2024-01-01)

Detection of the Security Vulnerabilities in Web Applications
Published: (2009-01-01)

A Dockerized Approach to Dynamic Endpoint Management for RESTful Application Programming Interfaces in Internet of Things Ecosystems
by: Ebenhezer Mabotha, et al.
Published: (2025-05-01)

IMPLEMENTASI JWT, FINGERPRINT DAN ALGORITMA HAVERSINE DALAM APLIKASI PRESENSI MAHASISWA
by: Madhiyono, et al.
Published: (2021-11-01)

Performance comparison of development frameworks in selected environments in REST API architecture
by: Mateusz Szewczyk, et al.
Published: (2025-06-01)

DESIGN AND DEVELOPMENT OF BACKEND APPLICATION FOR THESIS MANAGEMENT SYSTEM USING MICROSERVICE ARCHITECTURE AND RESTFUL API
by: Ach. Khozaimi, et al.
Published: (2023-01-01)

Golang and NSG Implementation in REST API Based Third-Party Sandbox System
by: Yulius Harjoseputro, et al.
Published: (2020-08-01)

A Black Box Tool for Robustness Testing of REST Services
by: Nuno Laranjeiro, et al.
Published: (2021-01-01)

A Security Analysis Method for Security Protocol Implementations Based on Message Construction
by: Jintian Lu, et al.
Published: (2018-12-01)

Performance evaluation of microservices communication with REST, GraphQL, and gRPC
by: Muhammad Niswar, et al.
Published: (2024-06-01)

REST and GraphQL comparative analysis
by: Piotr Margański, et al.
Published: (2021-06-01)

The IDL tool suite: Specifying and analyzing inter-parameter dependencies in web APIs
by: Saman Barakat, et al.
Published: (2025-02-01)

SECURING WEB APPLICATIONS WITH OWASP ZAP FOR COMPREHENSIVE SECURITY TESTING
by: S. P. Maniraj, et al.
Published: (2024-12-01)

Evaluating Performance and Resource Consumption of REST Frameworks and Execution Environments: Insights and Guidelines for Developers and Companies
by: Sergio Di Meglio, et al.
Published: (2024-01-01)

Аналіз методів автентифікації для вебзастосунків та реалізація вебзастосунку з інтегрованою системою автентифікації
by: Tamara Radivilova, et al.
Published: (2024-09-01)

Аналіз методів автентифікації для вебзастосунків та реалізація вебзастосунку з інтегрованою системою автентифікації
by: Тамара Радівілова, et al.
Published: (2024-09-01)

Security Assessment of Web Based Distributed Applications
by: Catalin BOJA, et al.
Published: (2010-01-01)

Leaving the Business Security Burden to LiSEA: A Low-Intervention Security Embedding Architecture for Business APIs
by: Hang Li, et al.
Published: (2023-10-01)

IMPORTANCE OF VULNERABILITY SCANNERS FOR IMPROVING SECURITY AND PROTECTION OF THE WEB SERVERS
by: Darjan Karabašević, et al.
Published: (2018-06-01)

Cloud Based Secure Web Application
by: Saad K. Majeed, et al.
Published: (2015-10-01)

On Combining Static, Dynamic and Interactive Analysis Security Testing Tools to Improve OWASP Top Ten Security Vulnerability Detection in Web Applications
by: Francesc Mateo Tudela, et al.
Published: (2020-12-01)

The concept of information packet interaction in a multilevel system of digital twins
by: Vorobev, Andrei Vladimirovich
Published: (2021-11-01)

Enhancing Patient-Medical Staff Interaction using Technology
by: Dragos Vlad GRANU
Published: (2025-05-01)

Optimizing Customer Data Security in Water Meter Data Management Based on RESTful API and Data Encryption Using AES-256 Algorithm
by: Syahrul Adrianto, et al.
Published: (2025-06-01)

Applying Spring Security Framework with KeyCloak-Based OAuth2 to Protect Microservice Architecture APIs: A Case Study
by: Ayan Chatterjee, et al.
Published: (2022-02-01)