The Model for Storing Tokens in Local Storage (Cookies) Using JSON Web Token (JWT) with HMAC (Hash-based Message Authentication Code) in E-Learning Systems
DOI:
https://doi.org/10.37385/jaets.v3i2.662Keywords:
Hash-Based Message Authentication Code, Json Web Token, Restful API, E-LearningAbstract
E-learning is a technology that may be used in the learning process to improve not only the distribution of learning materials but also the ability of learners to modify their abilities of various competencies contained in a database. A Web Service is used to integrate the data. Web Service is a set of standards and programming methods for sharing data between different software applications, distributing services over the internet that supports system interoperability. In this digital era, the system that will survive is one that can function on multiple platforms, and one of the options is to use web servicess. Data is exchanged in JSON format, and JSON Web Tokens are used for authentication security (JWT). The use of JWT for token-based authentication on web services can help overcome interoperability issues. JWT is stateless and allows for the inclusion of data in the token authorisation. JWT includes a number of algorithm possibilities, including HMAC. Overall, the adoption of HMAC outperforms the criteria of token generation time, token size, and token transfer speed. Storing JSON Web Token into local storage in the client browser using the HMAC algorithm has been presented in this paper. The proposed work has shown that JWTs do not need to be stored on the server but can be stored on the client browser side using local storage.
Downloads
References
Adam, S. I., Moedjahedy, J. H., & Maramis, J. (2020, October 27). RESTful Web Service Implementation on Unklab Information System Using JSON Web Token (JWT). 2020 2nd International Conference on Cybernetics and Intelligent System, ICORIS 2020. https://doi.org/10.1109/ICORIS50180.2020.9320801
Alam, M. S., Atmojo, U. D., Blech, J. O., & Lastra, J. L. M. (2020). A REST and HTTP-based Service Architecture for Industrial Facilities. Proceedings - 2020 IEEE Conference on Industrial Cyberphysical Systems, ICPS 2020, 398–401. https://doi.org/10.1109/ICPS48405.2020.9274792
Aldya, A. P., Rahmatulloh, A., & Arifin, M. N. (2019). Stateless Authentication with JSON Web Tokens using RSA-512 Algorithm. JURNAL INFOTEL, 11(2), 36. https://doi.org/10.20895/infotel.v11i2.427
Ed-Douibi, H., Izquierdo, J. L. C., Gómez, A., Tisi, M., & Cabot, J. (2016). EMF-REST: Generation of RESTful APIs from models. Proceedings of the ACM Symposium on Applied Computing, 04-08-April-2016, 1446–1453. https://doi.org/10.1145/2851613.2851782
Ethelbert, O., Moghaddam, F. F., Wieder, P., & Yahyapour, R. (2017). A JSON token-based authentication and access management schema for cloud SaaS applications. Proceedings - 2017 IEEE 5th International Conference on Future Internet of Things and Cloud, FiCloud 2017, 2017-January, 47–53. https://doi.org/10.1109/FiCloud.2017.29
Gunawan, R., & Rahmatulloh, A. (2018). Optimasi Sistem Informasi Akademik View project Keamanan RESTful Web Service Menggunakan JSON Web Token (JWT) Studi Kasus STIKes BTH Tasikmalaya View project. https://www.researchgate.net/publication/332278532
Haupt, F., Leymann, F., Scherer, A., & Vukojevic-Haupt, K. (2017). A Framework for the Structural Analysis of REST APIs. Proceedings - 2017 IEEE International Conference on Software Architecture, ICSA 2017, 55–58. https://doi.org/10.1109/ICSA.2017.40
Insights of JSON Web Token. (2020). International Journal of Recent Technology and Engineering, 8(6), 1707–1710. https://doi.org/10.35940/ijrte.f7689.038620
Kumari, A., Yahya Abbasi, M., Kumar, V., & Khan, A. A. (2019). A secure user authentication protocol using elliptic curve cryptography. Journal of Discrete Mathematical Sciences and Cryptography, 22(4), 521–530. https://doi.org/10.1080/09720529.2019.1637155
Lee, A., & Han, J.-Y. (n.d.). Effective User Authentication System in an E-Learning Platform. In International Journal of Innovation, Creativity and Change. www.ijicc.net (Vol. 13). www.ijicc.net
Miguel, J., Caballé, S., Xhafa, F., & Prieto, J. (2015). Security in online web learning assessment: Providing an effective trustworthiness approach to support e-learning teams. World Wide Web, 18(6), 1655–1676. https://doi.org/10.1007/s11280-014-0320-2
Mousavi, S. M., & Shakour, Dr. M. H. (2019). Increasing Cryptography Security using Hash-based Message Authentication Code. International Journal of Engineering and Technology, 11(4), 1046–1056. https://doi.org/10.21817/ijet/2019/v11i4/191104086
Neumann, A., Laranjeiro, N., & Bernardino, J. (2021). An Analysis of Public REST Web Service APIs. IEEE Transactions on Services Computing, 14(4), 957–970. https://doi.org/10.1109/TSC.2018.2847344
Perkasa, M. I., & Setiawan, E. B. (2018). Pembangunan Web Service Data Masyarakat Menggunakan REST API dengan Access Token. ULTIMA Computing, X(1).
Rahmatulloh, A., Gunawan, R., & Nursuwars, F. M. S. (2019a). Performance comparison of signed algorithms on JSON Web Token. IOP Conference Series: Materials Science and Engineering, 550(1). https://doi.org/10.1088/1757-899X/550/1/012023
Rahmatulloh, A., Gunawan, R., & Nursuwars, F. M. S. (2019b). Performance comparison of signed algorithms on JSON Web Token. IOP Conference Series: Materials Science and Engineering, 550(1). https://doi.org/10.1088/1757-899X/550/1/012023
Sabir, B. E., Youssfi, M., Bouattane, O., & Allali, H. (2019). Authentication and load balancing scheme based on JSON Token for Multi-Agent Systems. Procedia Computer Science, 148, 562–570. https://doi.org/10.1016/j.procs.2019.01.029
Tihomirovs, J., & Grabis, J. (2017). Comparison of SOAP and REST Based Web Services Using Software Evaluation Metrics. Information Technology and Management Science, 19(1). https://doi.org/10.1515/itms-2016-0017
CITEDNESS IN SCOPUS
CITEDNESS IN WOS
