eprintid: 72935
rev_number: 10
eprint_status: archive
userid: 12460
dir: disk0/00/07/29/35
datestamp: 2025-09-16 07:19:50
lastmod: 2025-09-16 07:19:50
status_changed: 2025-09-16 07:19:50
type: thesis
metadata_visibility: show
contact_email: muh.khabib@uin-suka.ac.id
creators_name: Ejah Said Mansur, NIM.: 22206051012
title: STUDI KOMPARASI KINERJA DAN KEAMANAN JSON WEB TOKEN (JWT) DAN PLATFORM AGNOSTIC SECURITY TOKENS (PASETO) PADA RESTful API APLIKASI PASAR MURAH
ispublished: pub
subjects: 005.8.
divisions: S2_inf
full_text_status: restricted
keywords: RESTful, API, JWT, PASETO
note: Dr. Bambang Sugiantoro, S.Si., M.T.
abstract: Authentication is a crucial aspect in maintaining the security of user data within a system. This study aims to compare two authentication protocols, JSON Web Token (JWT) and Platform Agnostic Security Tokens (PASETO), implemented on the RESTful API of the Pasar Murah Application. The research method uses a quantitative approach by conducting performance and security testing for each protocol. The test results show that JWT has better performance than PASETO. The average token generation time for JWT is recorded at 1.68 ms, while PASETO requires 2.35 ms. The token transfer time for JWT is 31.62 ms, while PASETO takes 35.94 ms. In terms of size, the JWT token is 809 bytes, whereas the PASETO token is slightly larger at 839 bytes. However, in terms of security, PASETO demonstrates greater strength. Based on the security testing results, the JWT token is considered secure against several types of attacks listed in the Top 3 OWASP API Security 2023, such as Broken Authentication, Broken Object Level Authorization , Broken Object Property Level Authorization. However, JWT remains vulnerable to Broken User Authentication threats. In contrast, PASETO shows stronger resistance, successfully withstanding all three types of attacks without exposing any vulnerabilities.
date: 2025-08-08
date_type: published
pages: 79
institution: UIN SUNAN KALIJAGA YOGYAKARTA
department: FAKULTAS SAINS DAN TEKNOLOGI
thesis_type: masters
thesis_name: other
citation:   Ejah Said Mansur, NIM.: 22206051012  (2025) STUDI KOMPARASI KINERJA DAN KEAMANAN JSON WEB TOKEN (JWT) DAN PLATFORM AGNOSTIC SECURITY TOKENS (PASETO) PADA RESTful API APLIKASI PASAR MURAH.  Masters thesis, UIN SUNAN KALIJAGA YOGYAKARTA.   
document_url: https://digilib.uin-suka.ac.id/id/eprint/72935/1/22206051012_BAB-I_IV-atau-V_DAFTAR-PUSTAKA.pdf
document_url: https://digilib.uin-suka.ac.id/id/eprint/72935/2/22206051012_BAB-II_sampai_SEBELUM-BAB-TERAKHIR.pdf