Ανάπτυξη βιβλιοθήκης αυθεντικοποίησης και εξουσιοδότησης για Java Backend εφαρμογές
Development of an authentication and authorization library for Java Backend applications
View/
Keywords
Αυθεντικοποίηση ; Εξουσιοδότηση ; JWT ; MFA ; Κρυπτογραφία ; Java ; Ασφάλεια εφαρμογών ; Authentication ; Authorization ; RBAC ; Cryptography ; Application securityAbstract
This master's thesis presents the development of a comprehensive authentication and authorization library for Java backend applications. The library implements modern security practices including JWT token management, multi-factor authentication (MFA) based on the TOTP standard, role-based access control (RBAC), modern cryptography with Ed25519 and ChaCha20-Poly1305 algorithms, and a comprehensive security event logging system.
The library's architecture follows SOLID principles and implements the Defense in Depth pattern, providing multiple layers of protection. The system includes adaptive authentication with real-time risk analysis, API key management with scopes and lifecycle management, as well as real-time threat monitoring.
The implementation achieves excellent performance with 50,000 JWT validations per second and 100,000 permission checks per second, while maintaining code coverage above 95%. The library is OWASP Top 10 compliant and follows NIST Cybersecurity Framework guidelines.