Publication Date: 2023/05/31
Abstract: Modern web applications and software systems have shifted to relying on RESTful APIs, which are more susceptible to security threats such as injection attacks, authentication attacks, and data breaches. This article discusses the difficulties of performing security testing on RESTful APIs, such as input validation, authentication, and authorisation. It has been identified that vulnerabilities that affect security configuration include insufficient logging, faulty object-level authorisation, asset management, faulty function-level authorisation, and mass assignment. It concludes by summarising the findings and offering suggestions for maintaining the security of RESTful APIs using previous research studies.
Keywords: API security testing; RESTful APIs; Security challenges; API security vulnerabilities; Security testing techniques; API security practices.
DOI: https://doi.org/10.5281/zenodo.7988410
PDF: https://ijirst.demo4.arinfotech.co/assets/upload/files/IJISRT23MAY1879.pdf
REFERENCES