The week's pick
Reseach Article
Biometric JSON Web Tokens (BJWT): Enhancing Web API Security with Biometric Key Exchange and OTP-JWT Authentication
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 186 - Number 39 |
| Year of Publication: 2024 |
| Authors: Mohamed Amer, Mohamed Amer, Tarek S. Sobh |
10.5120/ijca2024923969
|
Mohamed Amer, Mohamed Amer, Tarek S. Sobh . Biometric JSON Web Tokens (BJWT): Enhancing Web API Security with Biometric Key Exchange and OTP-JWT Authentication. International Journal of Computer Applications. 186, 39 ( Sep 2024), 15-21. DOI=10.5120/ijca2024923969
Abstract
This paper presents an integrated framework called Biometric JSON Web Tokens (BJWT), combining the Enhanced Biometric Key Exchange Protocol (EBKEP) [1] with Time-Based One-Time Password (TOTP) for two-factor authentication, and a novel JWT-based token management system incorporating Auto Expire Auto Refresh (AEAR) features [2]. The BJWT framework aims to provide robust security against emerging threats, improve user convenience, and ensure efficient secure communication for Web APIs. Through a detailed analysis of JSON Web Token (JWT) anatomy, including JSON Web Key (JWK), JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Algorithms (JWA), the proposed framework addresses vulnerabilities in traditional methods and offers a seamless, secure user experience.
References
- M. Amer, S. AbdelGaber and T. S. Sobh, "Enhanced Biometric Key Exchange Protocol (EBKEP) with TOTP for 2FA," International Journal of Computer Applications (IJCA), 2024.
- M. Amer and T. S. Sobh, "New Framework for Securing Web APIs Token-Based Authentication / Authorization with Auto Expire Auto Refresh (AEAR) Features," International Journal of Computer Applications, vol. 186 , 2024.
- D. Foster, "Enhancing Web Security with Biometrics," , 2018.
- J. Doe, "Secure and Efficient Biometric Authentication," 2018.
- A. King, "Improving Authentication with Behavioral Biometrics," 2021.
- M. Clark, "Biometric Authentication in Distributed Systems," 2018.
- E. Rogers, "Securing Online Transactions with Biometrics," 2019.
- P. Anderson, Biometric Security: Concepts and Technologies, Boca Raton: CRC Press, 2019.
- E. Clark, "Biometric Authentication in Mobile Devices," 2020.
- D. Nguyen, "Multi-Factor Authentication Using Biometrics," , 2018.
- L. Wang, "Enhancing Security with Biometric Encryption," 2019.
- L. Thompson, "Biometric Key Management in Distributed Systems," , 2020.
- J. Smith, "Advanced Techniques in Biometric Security," 2020.
- J. Roberts, Principles of Biometric Security, Berlin: Springer, 2020.
- A. Phillips, "Implementing Biometric Authentication in Financial Services," , 2019.
- A. Patel, "Evaluating Biometric Systems for Secure Access," 2017.
- M. Nguyen, "Next-Generation Biometric Authentication Systems," , 2021.
- C. Nelson, "Privacy-Preserving Biometric Authentication," 2017.
- K. Mitchell, Biometric Encryption: Theory and Practice, Hoboken: Wiley, 2021.
- S. Miller, "Combining Biometrics with Cryptographic Protocols," , 2019.
- R. Lee, "Facial Recognition in Web Applications," 2019.
- J. Lee, "Comparative Study of Biometric Modalities," 2021.
- S. Kim, "Time-Based One-Time Passwords in Modern Authentication," 2021.
- M. Jones, Introduction to Biometric Security, Hoboken: Wiley, 2016.
- W. Jackson, "Assessing the Security of Biometric Systems," 2019.
- L. Hernandez, "Integrating TOTP with Biometric Authentication," , 2019.
- O. Harris, "Using Biometrics for Secure Data Storage," 2021.
- S. Green, "Innovations in Biometric Cryptography," 2018.
- M. Garcia, "Biometric Key Exchange Protocols," , 2017.
- J. Evans, "Biometric Authentication for IoT Devices," 2020.
- D. Cook, Modern Biometric Authentication, Cambridge: MIT Press, 2018.
- K. Brown, "Biometric Data Privacy and Security," 2020.
- T. Allen, "Biometric Identification in Cloud Services," 2017.
- B. Adams, Biometric Systems and Data Security, Amsterdam: Elsevier, 2020.
Index Terms
Keywords