Securing Microservices Architecture Using JSON Web Tokens (JWS)
PDF

Keywords

Microservices, Security, JWT, JSON Web Tokens, Authentication, Authorization, Stateless, Scalability, Key Man- agement, Service-to-Service Communication

How to Cite

[1]
Priyanka Gowda Ashwath Narayana Gowda, “Securing Microservices Architecture Using JSON Web Tokens (JWS)”, N. American. J. of Engg. Research, vol. 4, no. 3, Aug. 2023, Accessed: Nov. 27, 2024. [Online]. Available: http://najer.org/najer/article/view/75

Abstract

Microservices architecture represents the newest rage in methodologies for designing scalable and maintainable software systems.
In securing these distributed services, however, decentralized architectures pose considerable challenges. This paper considers
using JSON Web Tokens to improve security in a microservices architecture. JWT offers a stateless yet compact and URL-safe
means for representing claims between two parties. Our research has targeted the structure and implementation of JWT and the
integration for authentication and authorization and has analyzed its benefits and limitations. We implemented JWT in micro-
services settings to know its practical application and effectiveness for securing service-to-service communication. More recent
work was based on a case study where we compared JWT with other security mechanisms and measured their influence on per-
formance. This research concludes that JWT has significantly enhanced the security of microservices and their scalability by
reducing the need for a centralized authentication server and enabling stateless authentication. On the other hand, it resulted in
concerns about token size and secure key management. It is, hence, a widely acceptable concluding statement. In the future,
research needs to be carried out in optimizing JWT implementation to address the limitations associated with it and additional
exploration of security features to enhance its efficacy within a complex microservices environment. Additionally, it needs to be
researched whether JWT may be combined with any other up-and-coming security protocols which may be a complete security
framework for the microservices architecture

PDF
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Copyright (c) 2023 North American Journal of Engineering Research

Downloads

Download data is not yet available.