TY - JOUR
T1 - Analysis of Authentication Methods and Secure Web Application Realization With an Integrated Authentication System
AU - Alghawli, Abed Saif Ahmed
N1 - Publisher Copyright:
© 2025 NSP Natural Sciences Publishing Cor.
PY - 2025/9
Y1 - 2025/9
N2 - The number of cyberattacks is growing every year, and their main goal is to steal personal and confidential data. In most cases, this happens through hacking or theft of web application user credentials due to vulnerabilities in authentication and authorization methods, which in most cases occur due to incorrectly implemented authentication methods. The use of modern authentication methods and their correct use and configuration in web applications are critical features of secure and resilient web applications. This article analyzes the authentication methods for web applications, their vulnerabilities, and a variety of attacks on them, which lead to high risks in their implementation and further use. A standard web application has been created that is similar to the one created based on the Shopify web application builder with authentication based on the Hypertext Transfer Protocol cookie session. The risks of vulnerabilities and attacks on the created web application were analyzed, and considering its results, advantages and disadvantages of authentication methods; the web application was improved: authentication methods, application settings, and security features. The two most secure authentication methods were selected for the web application: JWT Access/Refresh token with browser fingerprints and OAuth 2.0 standard, based on which the improved web application was implemented. A risk analysis of vulnerabilities and attacks on the improved web application has been carried out, which showed that the risks of vulnerabilities and attacks on it are very low. The correct implementation and configuration of the JWT Access/Refresh token authentication method in combination with browser fingerprints is presented, and an analysis of its use is carried out, which shows that this combination provides reliable prevention of token theft and use from another computer. The author also implements authentication using OAuth 2.0 in combination with browser fingerprints and describes its correct implementation and configuration. When analyzing its use, it turned out that delegating authentication to Facebook or Google services can provide a low level of risk of attacks and vulnerabilities on a web application.
AB - The number of cyberattacks is growing every year, and their main goal is to steal personal and confidential data. In most cases, this happens through hacking or theft of web application user credentials due to vulnerabilities in authentication and authorization methods, which in most cases occur due to incorrectly implemented authentication methods. The use of modern authentication methods and their correct use and configuration in web applications are critical features of secure and resilient web applications. This article analyzes the authentication methods for web applications, their vulnerabilities, and a variety of attacks on them, which lead to high risks in their implementation and further use. A standard web application has been created that is similar to the one created based on the Shopify web application builder with authentication based on the Hypertext Transfer Protocol cookie session. The risks of vulnerabilities and attacks on the created web application were analyzed, and considering its results, advantages and disadvantages of authentication methods; the web application was improved: authentication methods, application settings, and security features. The two most secure authentication methods were selected for the web application: JWT Access/Refresh token with browser fingerprints and OAuth 2.0 standard, based on which the improved web application was implemented. A risk analysis of vulnerabilities and attacks on the improved web application has been carried out, which showed that the risks of vulnerabilities and attacks on it are very low. The correct implementation and configuration of the JWT Access/Refresh token authentication method in combination with browser fingerprints is presented, and an analysis of its use is carried out, which shows that this combination provides reliable prevention of token theft and use from another computer. The author also implements authentication using OAuth 2.0 in combination with browser fingerprints and describes its correct implementation and configuration. When analyzing its use, it turned out that delegating authentication to Facebook or Google services can provide a low level of risk of attacks and vulnerabilities on a web application.
KW - JWT
KW - OAuth
KW - authentication
KW - integrated authentication system
KW - token
KW - vulnerabilities
KW - web application
UR - https://www.scopus.com/pages/publications/105022119653
U2 - 10.18576/amis/190505
DO - 10.18576/amis/190505
M3 - Article
AN - SCOPUS:105022119653
SN - 1935-0090
VL - 19
SP - 1027
EP - 1038
JO - Applied Mathematics and Information Sciences
JF - Applied Mathematics and Information Sciences
IS - 5
ER -