Seguridad en APIs
Since the middle of the last decade the development of web APIs has skyrocketed and their presence has multiplied, becoming essential. Regrettably, this boom has not been accompanied by the best practices in terms of security. In this document we intend to give a global vision from a security perspe...
| Autor: | |
|---|---|
| Tipo de recurso: | tesis de maestría |
| Fecha de publicación: | 2019 |
| País: | España |
| Institución: | Universitat Oberta de Catalunya (UOC) |
| Repositorio: | O2, repositorio institucional de la UOC |
| OAI Identifier: | oai:openaccess.uoc.edu:10609/95147 |
| Acceso en línea: | http://hdl.handle.net/10609/95147 |
| Access Level: | acceso abierto |
| Palabra clave: | API security testing penetration testing prova de seguretat proves de penetració prueba de seguridad pruebas de penetración Computer security -- TFM Seguretat informàtica -- TFM Seguridad informática -- TFM |
| Sumario: | Since the middle of the last decade the development of web APIs has skyrocketed and their presence has multiplied, becoming essential. Regrettably, this boom has not been accompanied by the best practices in terms of security. In this document we intend to give a global vision from a security perspective. We have traced the historical evolution of web APIs and analyzed the causes of their current boom and ubiquity. We have listed and detailed their most frequent vulnerabilities and the most common attacks of which they are victims. When possible, we have offered examples of real cases. We have also listed solutions to mitigate or prevent these vulnerabilities in the form of security testing. |
|---|