JSON Web Tokens: A study about their application

  • Amanda de Oliveira Laurindo UDC
  • Ali Mohamad Termos UDC
  • Luciano Santos Cardoso UDC
DOI: https://doi.org/10.5753/latinoware.2024.245716

Abstract


The JSON Web Token is a security standard for communicating data between clients and servers. It is structured by a header which has the cryptography norms used, the payload which has the data that is going to be cryptographed and the signature that has the key used to cryptograph the entire token using the cryptographic algorithm defined in the header. Its main advantage is not being dependable in databases to store the core information allowing different applications to share that data with each other, but as a disadvantage the token stays online till its due date which can cause problems in case of a security breach of confidential data of the users.

Keywords: Security Breach, Algorithms, Data Sharing

References

A. Rich, “JWT claims”, Stytch, [link]. (Out3.2023)

K. Nagaraj, “Security hash Algorithm 1(SHA-1): A Comprehensive Overview”, Medium, [link]. (Mar. 3. 2023)

D. Moore, “Components of JWTs Explained”, Fusion Auth, [link].

“Prevenção de ataques Cross-site Request Forgery (CSRF)”, IBM, [link] (Jan. 30. 2024)

D. Detering, J. Somorovsky, C. Mainka, V. Mladenov e J. Schwenk. “On The (In-)Security Of JavaScript Object Signing And Encryption”. Association for Computing Machinery. [link]. (Nov. 16. 2017)

L. Santos. “Usando tokens JWT de forma segura”. Lucas [link]. (Ago. 18. 2022.)

OAuth vs. JWT: Ultimate Comparison”, Permify, [link]. (Jun. 26. 2024)
Published
2024-11-27
How to Cite

Select a Format
LAURINDO, Amanda de Oliveira; TERMOS, Ali Mohamad; CARDOSO, Luciano Santos. JSON Web Tokens: A study about their application. In: LATIN AMERICAN CONGRESS ON FREE SOFTWARE AND OPEN TECHNOLOGIES (LATINOWARE), 21. , 2024, Foz do Iguaçu/PR. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 456-459. DOI: https://doi.org/10.5753/latinoware.2024.245716.