Comparative Analysis of Selected Programming Frameworks in terms of their Suitability for User Authentication and Authorization

Przemysław Rodzik

doi:10.35784/jcsi.3128

Open full text

PDF

Published: Jun 30, 2023

DOI: https://doi.org/10.35784/jcsi.3128

Issue Vol. 27 (2023)

Articles

A comparative analysis of the measurement tools of fuel consumption in a passenger car
Karol Sawczuk, Jakub Grzesiak, Marcin Barszcz

100-103
Comparative Analysis of Selected Programming Frameworks in terms of their Suitability for User Authentication and Authorization
Przemysław Rodzik

104-111
Analysis of the Spring Boot and Spring Cloud in developing Java cloud applications
Mateusz Kozak

112-120
PaaS platform comparison based on users feedback
Mateusz Saputa, Konrad Prządka, Jakub Smołka

121-124
Comparative analysis of the availability of cinema websites, taking into account the principles of universal design
Hanna Boguta, Maria Skublewska-Paszkowska

125-131
Comparison of shallow and deep learning methods of ECG signals clas-sification for arrhythmia detection
Dodon Turianto Nugrahadi, Rudy Herteno, Dwi Kartini, Muhammad Haekal, Mohammad Reza Faisal

132-137
Comparative analysis of VPN protocols
Comparative analysis of VPN protocols
Jerzy Antoniuk, Małgorzata Plechawska-Wójcik

138-144
A comparison of word embedding-based extraction feature techniques and deep learning models of natural disaster messages classification
Mohammad Reza Faisal, Irwan Budiman, Friska Abadi, Muhammad Haekal, Dodon Turianto Nugrahadi

145-153
Comparative analysis of frameworks and automation tools in terms of functionality and performance on the Salesforce CRM Platform
Damian Ciechan

154-161
Influence of video content type on the usefulness of reinforcement learning algorithms in DASH systems
Przemyslaw Markiewicz, Sławomir Przyłucki

162-170
Comparative analysis of data reading performance from the Salesforce platform using GraphQL, REST and SOAP interfaces
Ryszard Rogalski

171-177
The analysis of Java ORM frameworks performance in terms of analytical data processing
Justyna Baran, Piotr Muryjas

178-185

DOI

https://doi.org/10.35784/jcsi.3128

Authors

Przemysław Rodzik

przemyslaw.rodzik@pollub.edu.pl

Lublin University of Technology, Poland

Abstract

The aim of the article was to perform a comparative analysis of the Net 6 and NestJS programming framework in terms of their suitability for user authentication and authorization. The functionalities and programming libraries offered by the researched technologies were reviewed. Applications were created in the tested skeletons. Application performance and load tests were carried out. The obtained test results showed that the application written in NestJS offered a shorter time to service the request and was able to handle a larger number of users compared to the application using Net 6. Net 6 offered a greater number of functionalities in the field of authentication and authorization, their implementation required less work from the developer compared to the NestJS backbone.

Keywords:

comparative analysis, authentication, NestJS, Net

References

S. Tumin, S. Encheva, A Closer Look at Authentication and Authorization Mechanisms for Web-based Applications, Proceedings of the 5th WSEAS Congress on Applied Computing Conference, and Proceedings of the 1st International Conference on Biologically Inspired Computation (2012) 100-105.

J. Lopez, R. Oppliger, G. Pernul, Authentication and authorization infrastructures (AAIs): a comparative survey, Computers & Security 23(7) (2004) 578-590, https://doi.org/10.1016/j.cose.2004.06.013. DOI: https://doi.org/10.1016/j.cose.2004.06.013

M. J. Price, C# 10 and .NET 6 - Modern Cross-Platform Development, Packt Publishing, 2021.

G. Magolan, et.al., Nest.js: A Progressive Node.js Framework, Packt Publishing, 2022.

C. Ntantogian, et.al., Evaluation of password hashing schemes in open source web platforms, Computers & Security 84 (2019) 206-224, https://doi.org/10.1016/j.cose.2019.03.011. DOI: https://doi.org/10.1016/j.cose.2019.03.011

L. Ertaul, et.al., Implementation and Performance Analysis of PBKDF2, Bcrypt, Scrypt Algorithms, Proceedings of the International Conference on Wireless Networks (ICWN) (2016) 66-72.

N. Provos, D. Mazières, A Future-Adaptable Password Scheme, FREENIX Track: 1999 USENIX Annual Technical Conference Proceedings (1999) 81-92.

C. Percival, S. Josefsson, The scrypt Password-Based Key Derivation Function, RFC 7914 (2016) 1-16, https://doi.org/10.17487/RFC7914. DOI: https://doi.org/10.17487/RFC7914

Ed. K. Moriarty, B. Kaliski, A. Rusch, PKCS #5: Password-Based Cryptography Specification Version 2.1, RFC 8018 (2017) 1-40, https://doi.org/10.17487/RFC8018. DOI: https://doi.org/10.17487/RFC8018

B. Pervan, J. Knezovic, K. Pericin, Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms, 13th USENIX Workshop on Offensive Technologies (WOOT 19) (2019) 1-8.

A. Dikanski, R. Steinegger, Identification and implementation of authentication and authorization patterns in the spring security framework, SECURWARE 2012 - 6th International Conference on Emerging Security Information, Systems and Technologies (2012) 14-20.

M. Trnka, et.al., Systematic Review of Authentication and Authorization Advancements for the Internet of Things, Sensors 22(4) (2022) 1361-1385, https://doi.org/10.3390/s22041361. DOI: https://doi.org/10.3390/s22041361

Internet rzeczy, definicja, https://en.wikipedia.org/wiki/Internet_of_things, [03.05.2022].

Wikipedia - Role-based access control, https://en.wikipedia.org/wiki/Role-based_access_control, [22.09.2022].

Wikipedia - Attribute-based access control, https://en.wikipedia.org/wiki/Attributebased_access_control, [19.09.2022].

Oficjalna strona producenta maszyny wirtualnej Vmware, https://www.vmware.com/pl.html, [09.10.2022].

S. Newman, Building Microservices, 2nd Edition, O'Reilly Media, 2021.

K. Indrasiri, D. Kuruppu, gRPC: Up and Running, O'Reilly Media, 2020.

Json Web Token, definicja, https://datatracker.ietf.org/doc/html/rfc7519, [03.05.2022].

Token odświeżenia, definicja, https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/, [15.08.2022].

Narzędzie do tworzenia testów wydajnościowych k6, https://k6.io, [03.05.2022].

Informacje o programie Performance Monitor, https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc749154(v=ws.10), [03.05.2022].

Definicja funkcji skrótu, https://en.wikipedia.org/wiki/Hash_function, [05.05.2022].

A. Biryukov, et.al., Argon2: New Generation of Memory-Hard Functions for Password Hashing and Other Applications, 2016 IEEE European Symposium on Security and Privacy (EuroS&P) (2016) 292-302, https://www.doi.org/10.1109/EuroSP.2016.31. DOI: https://doi.org/10.1109/EuroSP.2016.31

Główna strona internetowa Open Web Application Security Project, https://owasp.org, [22.06.2022].

Rodzik, P. (2023). Comparative Analysis of Selected Programming Frameworks in terms of their Suitability for User Authentication and Authorization. Journal of Computer Sciences Institute, 27, 104–111. https://doi.org/10.35784/jcsi.3128

Comparative Analysis of Selected Programming Frameworks in terms of their Suitability for User Authentication and Authorization

Issue Vol. 27 (2023)

Archives

DOI

Authors

Abstract

Keywords:

References

License

Article Sidebar

Issue Vol. 27 (2023)

Archives

Main Article Content

DOI

Authors

Abstract

Keywords:

References

Article Details

License