Application Programming Interface (API) Security in Cloud Applications

Many cloud services utilize an API gateway, which enables them to be offered to users through API platforms such as Platform as a Service (PaaS), Software as a service (SaaS), Infrastructure as a Service (IaaS) and cross-platforms APIs. APIs are designed for functionality and speed by developers who...

Full description

Saved in:
Bibliographic Details
Published in:EAI endorsed transactions on cloud systems Vol. 7; no. 23; p. e1
Main Author: Qazi, Farhan
Format: Journal Article
Language:English
Published: Ghent European Alliance for Innovation (EAI) 17.10.2023
Subjects:
Application programming interface
Cloud computing
Cybersecurity
Organizations
Software services
Software-as-a-service
Visibility
ISSN:2410-6895, 2410-6895
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Many cloud services utilize an API gateway, which enables them to be offered to users through API platforms such as Platform as a Service (PaaS), Software as a service (SaaS), Infrastructure as a Service (IaaS) and cross-platforms APIs. APIs are designed for functionality and speed by developers who write a small portion of code, which has visibility and is secure. The code that is created from third-party software or libraries has no visibility, which makes it insecure. APIs are the most vulnerable points of attack, and many users are not aware of their insecurity. This paper reviews API security in cloud applications and discusses details of API vulnerabilities, existing security tools for API security to mitigate API attacks. The author’s study showed that most users are unaware of API insecurity, organizations lack resources and training to educate users about APIs, and organizations depend on the overall security of the network instead of the security of standalone APIs.
Bibliography:SourceType-Scholarly Journals-1
ObjectType-Commentary-1
content type line 14
ISSN:2410-6895
2410-6895
DOI:10.4108/eetcs.v7i23.3011