CLOUD API SECURITY AUDIT: An Extensive Approach to API Assessment

Orji, Charity Uche

4. semester

Cyber Security, Master

2023

2023-06-02

51 pages

The migration of computing services to the cloud and the use of APIs to communicate and interact with several applications over the internet come with its challenges. As these challenges increase by the day, it is very important that attention is paid to auditing the use of APIs, especially in enterprises. This project presents an extensive approach to assessing RESTful APIs. It commences by touching on why this is essential, discussing vulnerabilities to APIs, and outlining security requirements for APIs. A review of current API security audit frameworks and approaches to auditing is highlighted. Next, an extensive approach to assessing Cloud APIs is proposed using the presented security requirements as metrics. Finally, the results of an assessment of a Public API are discussed.

The migration of computing services to the cloud and the use of APIs to communicate and interact with several applications over the internet come with its challenges. As these challenges increase by the day, it is very important that attention is paid to auditing the use of APIs, especially in enterprises. This project presents an extensive approach to assessing RESTful APIs. It commences by touching on why this is essential, discussing vulnerabilities to APIs, and outlining security requirements for APIs. A review of current API security audit frameworks and approaches to auditing is highlighted. Next, an extensive approach to assessing Cloud APIs is proposed using the presented security requirements as metrics. Finally, the results of an assessment of a Public API are discussed.

Cloud API auditing, ; API auditing ; API audit framework ; API Security ; API Testing ; API Security Testing

Download
View record in AAU Student Projects