Securing a REST API Server
Nowadays, there are more sources of cyber-threats and more cyber-attacks that target all kind of victim profiles. From big companies with big architectures, to small businesses that only have a web site as a platform to sell or advertise themselves. Hence, the need of security awareness among users,...
| Autor: | |
|---|---|
| Tipo de recurso: | tesis de maestría |
| Fecha de publicación: | 2022 |
| País: | España |
| Institución: | Universitat Politècnica de Catalunya (UPC) |
| Repositorio: | UPCommons. Portal del coneixement obert de la UPC |
| Idioma: | inglés |
| OAI Identifier: | oai:upcommons.upc.edu:2117/377463 |
| Acceso en línea: | https://hdl.handle.net/2117/377463 |
| Access Level: | acceso abierto |
| Palabra clave: | Computer security Security API Argon2 OWASP Seguretat informàtica Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica |
| Sumario: | Nowadays, there are more sources of cyber-threats and more cyber-attacks that target all kind of victim profiles. From big companies with big architectures, to small businesses that only have a web site as a platform to sell or advertise themselves. Hence, the need of security awareness among users, developers and systems administrators, as well as the application of security measures and best practices is mandatory. There are a lots of organisations promoting security recommendations or standardisation of procedures, in order to build more robust applications or infrastructures. The purpose of this thesis is to provide a practical application of those recommendations, sets of best practices and standards, in order to achieve a proper level of security of a common type of application or service, as can be an e-commerce platform. This project can be an example of applying good security measures and basic infrastructure security to try to create more robust applications. Moreover, in this project will be used tools for testing the good application of the security measures, pentesting purposes and for possible vulnerability discovering, which will be documented as well. |
|---|