Implementation of a RESTful Web Service with JSON Web Token Authentication and AES-256 Cryptographic Algorithm for Mobile-Based Laboratory Loan Applications at Budi Luhur University

Gabriel Yoda Gustiegan, Painem Painem

Abstract


Leasing the lab room is one of the services provided by the Integrated ICT LAB for every citizen of the Budiluhur University campus. So far in the process of borrowing the computer laboratory, the borrower must come directly to the Integrated ICT LAB or use social networks such as WhatsApp to communicate in two directions in making loans lab. This is not effective enough to serve borrowers who are usually lecturers. In the process of borrowing the lab, there are many problems, for example, the collision between lecture schedule and lecturer activity units, student activity units and other activities that require laboratory facilities. Seeing this problem, an application is needed to facilitate lab borrowing and coordination to the mobile-based ICT LAB Assistant. Meanwhile, for integration with existing systems a web service is required as a backend system so that lab lending services can be accessed by various platforms. The architecture used in the web service uses the RESTFUL API (Application Programming Interface), but there are still some problems with the RESTFUL API, namely regarding security in the process of authentication and data encryption on borrower data. In the REST architecture, a security method is needed, namely using the JSON Web Token and the Advanced Encryption Standard-256 (AES-256) cryptographic method. On the Web Services client side that provides requests and receives responses from the server then a token will be generated for the user which becomes plain data to be encrypted then saved to the database, and pulls the cipher data to be decrypted and returned to the calling application so that it can make transactions between platforms

Keywords


Scheduling; Web Service; API; Cryptography; AES-256

Full Text:

PDF (Indonesian)

References


P. Painem and H. Soetanto, “Sistem Presensi Pegawai Berbasis Web Service Menggunakan Metode Restfull Dengan Keamanan JWT Dan Algoritma Haversine,” Fountain Informatics J., vol. 5, no. 3, p. 6, 2020.

R. Gunawan and A. Rahmatulloh, “JSON Web Token (JWT) untuk Authentication pada Interoperabilitas Arsitektur berbasis RESTful Web Service,” J. Edukasi dan Penelit. Inform., vol. 5, no. 1, p. 74, 2019.

A. Rahmatulloh, H. Sulastri, and R. Nugroho, “Keamanan RESTful Web Service Menggunakan JSON Web Token (JWT) HMAC SHA-512,” J. Nas. Tek. Elektro dan Teknol. Inf., vol. 7, no. 2, 2018.

R. Rizal and A. Rahmatulloh, “Restful Web Service Untuk Integrasi Sistem Akademik Dan Perpustakaan Universitas Perjuangan,” J. Ilm. Inform., vol. 7, no. 01, p. 54, 2019.

A. A. G. Y. Paramartha, G. K. Suryaningsih, and K. Y. E. Aryanto, “Implementasi Web Service Pada Sistem Pengindeksan Dan Praktik Kerja Lapangan,” J. Sains dan Teknol., vol. 5, no. 2, pp. 1–8, 2016.

S. Sibagariang, “Penerapan Web Service Pada Perpustakaan Berbasis Android,” JurnalMaharjana Inf., vol. 1, no. 2, pp. 8–11, 2016.

A. Prameshwari and N. P. Sastra, “Implementasi Algoritma Advanced Encryption Standard (AES) 128 Untuk Enkripsi dan Dekripsi File Dokumen,” Eksplora Inform., vol. 8, no. 1, p. 52, 2018.

A. P. Nugroho and H. B. Suseno, “Keamanan Data Transaksi Nasabah Pada Aplikasi Bank Sampah Berbasis Web Menggunakan Algoritma AES,” vol. 5341, no. April, pp. 9–17, 2020.

A. Kusyanti and K. Amron, “Analisis Perbandingan Algoritma Advanced Encryption Standard Untuk Enkripsi Short Message Service ( SMS ) Pada Android,” J. Pengemb. Teknol. Inf. dan Ilmu Komput. Univ. Brawijaya, vol. 2, no. 10, pp. 4281–4289, 2018.

A. Pariddudin and F. Syauqi, “Penerapan Algoritma AES pada QR CODE untuk Keamanan Verifikasi Tiket,” Teknois J. Ilm. Teknol. Inf. dan Sains, vol. 10, no. 2, pp. 43–52, 2020.

W. N. Cholifah, Y. Yulianingsih, and S. M. Sagita, “Pengujian Black Box Testing pada Aplikasi Action & Strategy Berbasis Android dengan Teknologi Phonegap,” STRING (Satuan Tulisan Ris. dan Inov. Teknol., vol. 3, no. 2, p. 206, 2018.

U. Hanifah, R. Alit, and S. Sugiarto, “Penggunaan Metode Black Box Pada Pengujian Sistem Informasi Surat Keluar Masuk,” SCAN - J. Teknol. Inf. dan Komun., vol. 11, no. 2, pp. 33–40, 2016.




DOI: http://dx.doi.org/10.36080/bit.v19i1.1835

Refbacks

  • There are currently no refbacks.


Copyright (c) 2022 Bit (Fakultas Teknologi Informasi Universitas Budi Luhur)

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.


OFFICE:

FAKULTAS TEKNOLOGI INFORMASI - UNIVERSITAS BUDI LUHUR, Jl. Ciledug Raya, Petukangan Utara, Jakarta Selatan, 12260. DKI Jakarta, Indonesia. Telp: 021-585 3753 Fax: 021-585 3752

Bit (Fakultas Teknologi Informasi Universitas Budi Luhur) by FAKULTAS TEKNOLOGI INFORMASI - UNIVERSITAS BUDI LUHUR is licensed under CC BY-SA 4.0 Creative Commons License

View Bit (Fakultas Teknologi Informasi Universitas Budi Luhur) Satats Web Analytics Made Easy