The analysis was carried out and the results of a comparative review of the most common methods of authentication and authorization of users of web-oriented systems with a distributed architecture were presented. Considering the relevance of cybersecurity issues in the digital age, the research focuses on identifying effective strategies for protecting user data in the development of distributed web-oriented systems within the trade sector. The most likely threats to data access, characteristic of distributed web-based systems, have been studied, and the potential causes of these vulnerabilities have been determined. Particular attention in the publication is devoted to assessing the risks and benefits of various approaches, including basic authentication, session-based authentication, JWT tokens, and access and refresh tokens (OAuth 2.0 standard). Various aspects of each method have been analyzed, particularly their reliability and vulnerability to attacks. The work discusses real cases of vulnerabilities in distributed web-oriented systems and offer recommendations for their elimination to enhance the security of online trading platforms.
Read full abstract