all InfoSec news
OpenAPI Specification Extended Security Scheme: A method to reduce the prevalence of Broken Object Level Authorization. (arXiv:2212.06606v1 [cs.CR])
Dec. 14, 2022, 2:10 a.m. | Rami Haddad, Rim El Malki
cs.CR updates on arXiv.org arxiv.org
APIs have become the prominent technology of choice for achieving
inter-service communications. The growth of API deployments has driven the
urgency in addressing its lack of security standards. API Security is a topic
for concern given the absence of standardized authorization in the OpenAPI
standard, improper authorization opens the possibility for known and unknown
vulnerabilities, which in the past years have been exploited by malicious
actors resulting in data loss. This paper examines the number one vulnerability
in API Security: …
authorization broken object level authorization object openapi openapi specification security
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Cybersecurity Triage Analyst
@ Peraton | Linthicum, MD, United States
Associate DevSecOps Engineer
@ LinQuest | Los Angeles, California, United States
DORA Compliance Program Manager
@ Resillion | Brussels, Belgium
Head of Workplace Risk and Compliance
@ Wise | London, United Kingdom