JSON Web Token (JWT) untuk Authentication pada Interoperabilitas Arsitektur berbasis RESTful Web Service
DOI:
https://doi.org/10.26418/jp.v5i1.27232Keywords:
Authentication, Interoperability, JSON Web Token, REST, Web ServiceAbstract
Permasalahan donor darah merupakan masalah disetiap negara, termasuk di Indonesia. Walaupun sudah ada sistem di Palang Merah Indonesia (PMI) namun belum bisa mengatasi permasalahan pencarian maupun distribusi donor darah. Sesuai trend sekarang di jaman gadget yaitu maraknya penggunaan Android, maka untuk mengatasi masalah ini diperlukan aplikasi berbasis Android. Sementara untuk integrasi dengan sistem yang sudah ada diperlukan web service sebagai backend system sehingga layanan donor darah dapat diakses oleh berbagai platform. Arsitektur yang digunakan pada web service menggunakan REST, namun masih ada beberapa masalah pada REST yaitu mengenai keamanan pada proses otentikasi. Pada arsitektur REST diperlukan metode otentikasi yang tidak bernegara (stateless), salah satunya dapat menggunakan JSON Web Token. Hasil penelitian ini menunjukan bahwa penggunaan JSON Web Token Authentication pada Web Service and Backend System Blood Donors dapat membentuk sistem yang sangat skalabel, aman, mampu berinteraksi multi-platform serta dapat diandalkan.References
R. Rezaei, T. K. Chiew, S. P. Lee and Z. S. Aliee, "Interoperability evaluation models: A systematic review," Computers in Industry, 2014.
H. Hamad, M. Saad and R. Abed, "Performance Evaluation of RESTful Web Services for Mobile Devices," International Arab Journal of e-Technology, Vols. Vol. 1,, no. No. 3, January 2010.
R. Gunawan and A. Rahmatulloh, "Implementasi Web Service pada Sistem Host-To-Host Pembayaran Biaya Akademik," Setrum: Sistem Kendali-Tenaga-Elektronika-Telekomunikasi-Komputer, vol. 7, no. 2, pp. 320-329, 2019.
A. Dudhe and S. Sherekar, "Performance Analysis of SOAP and RESTful Mobile Web Services in Cloud Environment," International Journal of Computer Applications, 2014.
P. Markey and T. G. Clynch, "A performance analysis of WS-* (SOAP) and RESTful Web Services for Implementing Service and Resource Orientated Architectures," in The 12th Information Technology and Telecommunications (IT&T) Conference, Athlone IT, 2013.
Yogiswara, Wijono and H. S. Dahlan, "Kinerja Web Service pada Proses Integrasi Data," Jurnal EECCIS, vol. 1, no. 1, 2014.
R. I. Perwira and B. Santosa, "IMPLEMENTASI WEB SERVICE PADA INTEGRASI DATA AKADEMIK DENGAN REPLIKA PANGKALAN DATA DIKTI," TELEMATIKA, vol. 14, no. 1, 2017.
A. Adi and Riyanto, "Web Service Useness as a Pharmacy Data Integration in RSU Banyumas," Jurnal Informatika, vol. 2, no. 4, 2013.
M. R. S. Surendra, "Implementasi PHP Web Service Sebagai Penyedia Data Aplikasi Mobile," Jurnal Teknik Informatika (ULTIMATICS), vol. 6, no. 2, 2014.
R. K. Sungkur and S. Daiboo, "SOREST, A Novel Framework Combining SOAP and REST for Implementing Web Services," in The Second International Conference on Data Mining, Internet Computing, and Big Data (BigData2015), 2015.
D. D. Rathod, "PERFORMANCE EVALUATION OF RESTFUL WEB SERVICES AND SOAP / WSDL WEB SERVICES," International Journal of Advanced Research in Computer Science, vol. 8, no. 7, pp. 415-420, 2017.
A. Memeti, F. Imeri and B. Cico, "REST vs. SOAP: Choosing the best web service while developing in-house web applications," Journal of Natural Sciences and Mathematics of UT, vol. 2, no. 3, pp. 63-68, 2017.
V. Kumari, "Web Services Protocol: SOAP vs REST," International Journal of Advanced Research in Computer Engineering & Technology (IJARCET), vol. 4, no. 5, 2015.
M. I. Hussain and N. Dilber, "Restful web services security by using ASP.NET web API MVC based," Journal of Independent Studies and Research – Computing, vol. 12, no. 1, 2014.
P. Sahoo, N. K. Janghel and D. Samanta, "Securing WEB API Based on Token Authentication," International Journal on Advanced Electrical and Computer Engineering (IJAECE), vol. 4, no. 2, 2017.
X.-W. Huang, C.-Y. Hsieh, C. H. Wu and Y. C. Cheng, "A token-based user authentication mechanism for data exchange in RESTful API," International Conference on Network-Based Information Systems, pp. 601-606, 2015.
A. Bhawiyuga, M. Data and A. Warda, "Architectural Design of Token based Authentication of MQTT Protocol in Constrained IoT Device," 2017 11th International Conference on Telecommunication Systems Services and Applications (TSSA), 2017.
L. Xinhua, "The Design of Digital Campus Unified Identity Authentication System Based on Web Services," Applied Mechanics and Materials, pp. 2301-2304, 2013.
I. I, P. M. R. Anand and V. Bhaskar, "Encrypted Token based Authentication with Adapted SAML Technology for Cloud Web Services," Journal of Network and Computer Applications 99, 2017.
A. Rahmatulloh, H. Sulastri and R. Nugroho, "Keamanan RESTful Web Service Menggunakan JSON Web Token (JWT) HMAC SHA-512," Jurnal Nasional Teknik Elektro dan Teknologi Informasi (JNTETI), vol. 7, no. 2, pp. 131-137, 2018.
R. T. Fielding, Architectural Styles and the Design of Network-based Software Architectures, University of California, Irvine, 2000.
M. Jones, J. Bradley and N. Sakimura, "JSON Web Token (JWT)," 2015.
K. Zheng and W. Jiang, "A Token Authentication Solution for Hadoop Based on Kerberos Pre-Authentication," International Conference on Data Science and Advanced Analytics (DSAA) , October 2014.
R. Fielding and J. Reschke, "Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content," Internet Engineering Task Force (IETF), June 2014.