Evaluating the Performance of Novel JWT Revocation Strategy

Keywords: JWT, JSON Web Tokens, user access control

Abstract

JSON Web Tokens (JWT) provide a scalable, distributed way of user access control for modern web-based systems. The main advantage of the scheme is that the tokens are valid by themselves – through the use of digital signing – also imply its greatest weakness. Once issued, there is no trivial way to revoke a JWT token. In our work, we present a novel approach for this revocation problem, overcoming some of the problems of currently used solutions. To compare our solution to the established solutions, we also introduce the mathematical framework of comparison, which we ultimately test using real-world measurements.

Downloads

Download data is not yet available.
Published
2021-08-04
How to Cite
Jánoky, L. V., Ekler, P., & Levendovszky, J. (2021). Evaluating the Performance of Novel JWT Revocation Strategy. Acta Cybernetica, 25(2), 307-318. https://doi.org/10.14232/actacyb.289455
Section
Special Issue of the 12th Conference of PhD Students in Computer Science