DETECTING BROKEN OBJECT LEVEL AND FUNCTION LEVEL AUTHORIZATION ISSUES WITH API SERVICES

In one embodiment, an illustrative method may comprise: monitoring, by a process, a behavior of an application between one or more client devices and an application programming interface service; establishing, by the process, an application model of objects and functions within the application based...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: DUMINUCO, Alessandro, BOSCH, Hendrikus, G.P, BARBOT, Julien, MULLENDER, Sape, Jurriën, SHUPER, Ariel
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In one embodiment, an illustrative method may comprise: monitoring, by a process, a behavior of an application between one or more client devices and an application programming interface service; establishing, by the process, an application model of objects and functions within the application based on the behavior; and determining, by the process, an authorization logic of the application for the objects and functions based on the application model. In one embodiment, the illustrative method further comprises: testing one or more authorization approaches against the application to determine one or more discrepancies within the authorization logic indicative of faulty authorizations; and mitigating the one or more discrepancies.