Secure Information Technology Center – Austria

Security Aspects of Web-APIs

Web-APIs represent a significant building block of the modern Web. They enable efficient and technology neutral data and process integration between diverse entities and platforms. As an innovation driver, they facilitate the creation of new business models and products. The broad variety of APIs, as well as the need to efficiently manage their lifecycles, motivated the inception of specifications and tools to ease and accelerate their development and integration in programmatic environments. The most known examples of such frameworks are Swagger (OpenAPI), RAML and API BluePrint. Focused on practical aspects of API development and integration, these specifications do not put a particular emphasis on non-functional aspects, such as security. This work particularly addresses that aspect by evaluating existing security-related features of API-description frameworks and investigating their potential application in the area relevant to the security of Web APIs.



Titel Version Datum
Project report (EN) 1.0 2017-03-13

Posted 15.03.2017, Kategorie: Cloud Computing, eGovernment, IT-Security, Web Technologies.