We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Multiple JSON Web Tokens for Mobile Distributed Applications.
- Authors
Mestre, Pedro; Madureira, Rui; Melo-Pinto, Pedro; Serodio, Carlos
- Abstract
Internet of (almost) everything brought to the spotlight the need for efficient, and yet secure, ways to transmit data between connected devices. In the context of securing RESTful web services to be used in (but not limited to) agriculturalrelated applications, authors have developed a system, based on JSON Web Tokens. The objective of that work was to develop a system able to prevent replay attacks. This objective was achieved by using multiple tokens, i.e., a system based on onetime tokens. The client, before using the service must request a token to an authentication service, however the issued token can be used only once. When the client accesses a service, the token is checked, and if it is valid the service will return, along with its results, a new token to replace the previous one. Because scalability is also one of the key objectives, a distributed token validation was implemented. Instead of generating new tokens using a centralized service, tokens are issued and verified by the (trusted) service providers. The system was tested in laboratory using virtualized Linux servers and clients. Because the objective of the authors is to use this system in the real life, in this paper are presented new tests made to the system, now using real and in production networks. Tests were made using a Linux client with a benchmarking software developed in Java and an Android client. Results show that it is feasible to implement the system in a real life scenario, however the trade-off is the greater complexity of the mobile application code, if parallel communications are needed.
- Subjects
JSON (Document markup language); MOBILE apps; INTERNET of things; INTERNET security; WEB services
- Publication
Engineering Letters, 2018, Vol 26, Issue 2, p281
- ISSN
1816-093X
- Publication type
Article