Vis enkel innførsel

dc.contributor.authorFossen, Kenneth
dc.date.accessioned2022-06-28T00:11:56Z
dc.date.available2022-06-28T00:11:56Z
dc.date.issued2022-06-01
dc.date.submitted2022-06-27T22:00:45Z
dc.identifier.urihttps://hdl.handle.net/11250/3001153
dc.description.abstractAccess control is one of the most critical aspects of software engineering when designing secure software. In 2021, the Open Web Application Security Project (OWASP)foundation_owasp_nodate released a new Top10 several years after its last release in 2017. Broken Access Control made a significant jump to the top of the list, marking it as the most prone and vital security aspect of software development. Previous research shows that security challenges, such as Confused Deputy, can be solved with a capability-based approach. To achieve a capability-based system for REepresentational State Transfer (RESTful) Application Programming Interfaces(APIs), we use the Rust programming language to explore how we can create a capability design pattern. We want to create a library for the developer to harness the power of capabilities when writing the code, adhering to the capability properties and Principles of Least Privilege (PoLP), and creating a RESTful API. We created a capability library we used to implement a RESTful API, simple-api, connecting it with Grant Negotiation and Authorization Protocol (GNAP) into a proof-of-concept capability-based system published on GitHub. Resulting in successfully creating capability-based access control for RESTful APIs. We show a use-case where the core access control model is Capabilities and potentially mitigates confused deputies in a RESTful API software architecture.
dc.language.isoeng
dc.publisherThe University of Bergen
dc.rightsCopyright the Author. All rights reserved
dc.titleExploring Capability-based security in software design with Rust
dc.typeMaster thesis
dc.date.updated2022-06-27T22:00:45Z
dc.rights.holderCopyright the Author. All rights reserved
dc.description.degreeMasteroppgåve i informatikk
dc.description.localcodeINF399
dc.description.localcodeMAMN-INF
dc.description.localcodeMAMN-PROG
dc.subject.nus754199
fs.subjectcodeINF399
fs.unitcode12-12-0


Tilhørende fil(er)

Thumbnail

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel