CINXE.COM

Application Programming Interface (API) Security in Cloud Applications | EAI Endorsed Transactions on Cloud Systems

<!DOCTYPE html> <html lang="en-US" xml:lang="en-US"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title> Application Programming Interface (API) Security in Cloud Applications | EAI Endorsed Transactions on Cloud Systems </title> <link rel="icon" href="https://publications.eai.eu/public/journals/16/favicon_en_US.png"> <meta name="generator" content="Open Journal Systems 3.3.0.18"> <link rel="schema.DC" href="http://purl.org/dc/elements/1.1/" /> <meta name="DC.Creator.PersonalName" content="Farhan Qazi"/> <meta name="DC.Date.created" scheme="ISO8601" content="2023-10-17"/> <meta name="DC.Date.dateSubmitted" scheme="ISO8601" content="2023-01-31"/> <meta name="DC.Date.issued" scheme="ISO8601" content="2023-10-17"/> <meta name="DC.Date.modified" scheme="ISO8601" content="2023-10-17"/> <meta name="DC.Description" xml:lang="en" content="Many cloud services utilize an API gateway, which enables them to be offered to users through API platforms such as Platform as a Service (PaaS), Software as a service (SaaS), Infrastructure as a Service (IaaS) and cross-platforms APIs. APIs are designed for functionality and speed by developers who write a small portion of code, which has visibility and is secure. The code that is created from third-party software or libraries has no visibility, which makes it insecure. APIs are the most vulnerable points of attack, and many users are not aware of their insecurity. This paper reviews API security in cloud applications and discusses details of API vulnerabilities, existing security tools for API security to mitigate API attacks. The author’s study showed that most users are unaware of API insecurity, organizations lack resources and training to educate users about APIs, and organizations depend on the overall security of the network instead of the security of standalone APIs."/> <meta name="DC.Format" scheme="IMT" content="application/pdf"/> <meta name="DC.Identifier" content="3011"/> <meta name="DC.Identifier.pageNumber" content="e1"/> <meta name="DC.Identifier.DOI" content="10.4108/eetcs.v7i23.3011"/> <meta name="DC.Identifier.URI" content="https://publications.eai.eu/index.php/cs/article/view/3011"/> <meta name="DC.Language" scheme="ISO639-1" content="en"/> <meta name="DC.Rights" content="Copyright (c) 2023 Farhan Qazi"/> <meta name="DC.Rights" content="https://creativecommons.org/licenses/by-nc-sa/4.0"/> <meta name="DC.Source" content="EAI Endorsed Transactions on Cloud Systems"/> <meta name="DC.Source.ISSN" content="2410-6895"/> <meta name="DC.Source.Issue" content="23"/> <meta name="DC.Source.Volume" content="7"/> <meta name="DC.Source.URI" content="https://publications.eai.eu/index.php/cs"/> <meta name="DC.Subject" xml:lang="en" content="Cloud/API Security"/> <meta name="DC.Title" content="Application Programming Interface (API) Security in Cloud Applications "/> <meta name="DC.Type" content="Text.Serial.Journal"/> <meta name="DC.Type.articleType" content="Commentary"/> <meta name="gs_meta_revision" content="1.1"/> <meta name="citation_journal_title" content="EAI Endorsed Transactions on Cloud Systems"/> <meta name="citation_journal_abbrev" content="EAI Endorsed Trans Cloud Sys"/> <meta name="citation_issn" content="2410-6895"/> <meta name="citation_author" content="Farhan Qazi"/> <meta name="citation_author_institution" content="Capitol Technology University "/> <meta name="citation_title" content="Application Programming Interface (API) Security in Cloud Applications "/> <meta name="citation_language" content="en"/> <meta name="citation_date" content="2022"/> <meta name="citation_volume" content="7"/> <meta name="citation_issue" content="23"/> <meta name="citation_firstpage" content="e1"/> <meta name="citation_lastpage" content="e1"/> <meta name="citation_doi" content="10.4108/eetcs.v7i23.3011"/> <meta name="citation_abstract_html_url" content="https://publications.eai.eu/index.php/cs/article/view/3011"/> <meta name="citation_keywords" xml:lang="en" content="Cloud API"/> <meta name="citation_keywords" xml:lang="en" content="Cybersecurity"/> <meta name="citation_keywords" xml:lang="en" content="zero trust."/> <meta name="citation_keywords" xml:lang="en" content="Cloud Security"/> <meta name="citation_keywords" xml:lang="en" content="API Security"/> <meta name="citation_keywords" xml:lang="en" content="Cloud/API Security"/> <meta name="citation_pdf_url" content="https://publications.eai.eu/index.php/cs/article/download/3011/2609"/> <meta name="citation_reference" content="Butler, B. (2015). The myth about how Amazon’s web service started just won’t die: How AWS got started and what its co-founder is doing now that he says could be bigger than cloud. Network world, URL https://www.networkworld.com/article/2891297/the-myth-about-how-amazon-s-web-service-started-just- won-t-die.html"/> <meta name="citation_reference" content="Campbell, S. (2021) Postman’s 2021 State of API Report Finds APIs Key to Sparking Innovation During Pandemic, Ushering in API-First World, Business Wire. URL https://www.businesswire.com/news/home/20211028005033/en/Postman%E2%80%99s-2021-State-of-API-Report-Finds-APIs-Key-to-Sparking-Innovation-During-Pandemic-Ushering-in-API-First-World"/> <meta name="citation_reference" content="Market Research Future Cloud (2022) API Market Is Anticipated Grow USD 3.71 Billion at a CAGR of 23.2% by 2030 - Report by Market Research Future (MRFR) URL https://www.globenewswire.com/news-release/2022/09/28/2524089/0/en/Cloud-API-Market-Is-Anticipated-Grow-USD-3-71-Billion-at-a-CAGR-of-23-2-by-2030-Report-by-Market-Research-Future-MRFR.html"/> <meta name="citation_reference" content="Bettendorf, M. (2021) API growth continues to skyrocket in 2020 and into 2021. URL https://blog.postman.com/api-growth-rate/."/> <meta name="citation_reference" content="Salt Labs (2023) Salt State of API Security Report Q1 2023 https://content.salt.security/state-api-report.html"/> <meta name="citation_reference" content="Salt Security. (2022) Salt Security State of API Security Report Reveals 94% of Companies Experienced Security Incidents in Production APIs in the Past Year. URL https://salt.security/press-releases/salt-security-state-of-api-security-report-reveals-94-of-companies-experienced-security-incidents-in-production-apis-in-the-past-year"/> <meta name="citation_reference" content="Lemos, R. (2022) API Security Losses Total Billions, But It's Complicated,” Dark Reading, June 30, 2022. https://www.darkreading.com/application-security/api-security-losses-billions-complicated )"/> <meta name="citation_reference" content="Qazi, F. and S. Miller, A Qualitative Study of Security in Application Programming Interfaces (APIs). In 20th International Conference on Security &amp; Management (SAM'21), July 26-29, 2021, USA."/> <meta name="citation_reference" content="Bush, T. (2021) What is an API gateway? URL https://nordicapis.com/what-is-an-api gateway/"/> <meta name="citation_reference" content="Sandoval, K. (2015). API Keys ≠ Security: Why API Keys Are Not Enough. URL https://nordicapis.com/why-api-keys-are-not-enough/."/> <meta name="citation_reference" content="Berlind, D. (2020) Understanding the realities of API security. URL https://www.programmableweb.com/apiuniversity/understanding-realities-api-security"/> <meta name="citation_reference" content="Deahl, D. (2018) Panera bread leaked customer data on its website for eight months. The verge. URL https://www.theverge.com/2018/4/3/17192348/panera-bread-leaked-customer-data-breach-website,"/> <meta name="citation_reference" content="Chinnasamy V. (2022) Bad bots are coming at APIs! How to beat the API bot attacks?” Help Net Security. URL https://www.helpnetsecurity.com/2022/09/12/api-bot-attacks/."/> <meta name="citation_reference" content="Psarris, S. (2022) API Security in the Cloud, Reblaze,. URL https://www.reblaze.com/blog/api-security/api-security-in-the-cloud/"/> <meta name="citation_reference" content="Bavati. I (2020) Moving to the Cloud? How to Secure APIs on AWS, Azure, and GCP,” Nordic APIs URL https://nordicapis.com/moving-to-the-cloud-how-to-secure-apis-on-aws-azure-and-gcp/"/> <meta name="citation_reference" content="Taylor, D., John Downs, J., Vic Vhorne V; Alex Buck, A. (2020) Azure Web Application Firewall on Azure Application Gateway bot protection overview. URL https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/bot-protection-overview/."/> <meta name="citation_reference" content="Microsoft, (2022) Protect APIs with Application Gateway and API Management. URL https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/apis/protect-apis"/> <meta name="citation_reference" content="Liu , N. (2022) Google Cloud Combats API Misconfiguration, Bot Attacks. URL https://www.sdxcentral.com/articles/news/google-cloud-combats-api-misconfiguration-bot-attacks/2022/06/"/> <meta name="citation_reference" content="Macy, J. (2018). Public cloud API security: How safe is our data?, URL https://www.itproportal.com/features/public-cloud-api-security-how-safe-is-our-data/."/> <meta name="citation_reference" content="Walker, A. (2021) API vs Web Service: What’s the Difference?, URL https://www.guru99.com/comparison-between-web-services.html."/> <meta name="citation_reference" content="Fitzgerald, A. (2021) SOAP vs REST APIs: The Key Differences Explained for Beginners. URL https://blog.hubspot.com/website/rest-vs-soap."/> <meta name="citation_reference" content="Sengupta, S. (2021) What is GraphQL Security? Best Practices for GraphQL Security. URL https://crashtest-security.com/graphql-security-vulnerabilities/."/> <meta name="citation_reference" content="Populi, N. (2018) How to Secure a GraphQL API (The Complete Vulnerability Checklist). URL https://leapgraph.com/graphql-api-security."/> <meta name="citation_reference" content="Wallarm, (2022) Q2-2022 API Vulnerability &amp; Exploit full report, Wallarm Resource Library. URL https://www.wallarm.com/resources/q2-2022-api-vulnerability-exploit-full-report."/> <meta name="citation_reference" content="Vizard, M. (2021) Survey Finds API Security Incidents on the Rise URL https://securityboulevard.com/2021/08/survey-finds-api-security-incidents-on-the-rise/."/> <meta name="citation_reference" content="OWASP. (2021) OWASP Top Ten Web Application Security Risks. URL https://owasp.org/www-project-top-ten/#."/> <meta name="citation_reference" content="Schmidt, J.) OWASP OWASP Top 10 risks get update, highlighting insecure design — injection No longer on top. URL https://devclass.com/2021/09/28/owasp-top-10-2021/."/> <meta name="citation_reference" content="Madhani, P. (2021) “OWASP Working Group Releases Draft of Top 10 Web Application Risks for 2021. URL https://www.k2io.com/owasp-working-group-releases-draft-of-top-10-web-application-risks-for-2021/."/> <meta name="citation_reference" content="Writer, G. (2021) API Security: Protect your APIs from Attacks and Data Breaches. Insight, URL https://www.itsecurityguru.org/2021/10/21/protecting-your-apis-from-attacks-and-data-breaches/"/> <meta name="citation_reference" content="L7Defence. (2021) API Security Attacks, How API attacks work and How to Identify and Prevent them. URL https://www.l7defense.com/solutions/api-attacks/."/> <meta name="citation_reference" content="GoldSky Security. (2023) Understanding API Attacks and How to Prevent Them https://www.goldskysecurity.com/understanding-api-attacks-and-how-to-prevent-them/"/> <meta name="citation_reference" content="Akami.com. (2021) Akamai Finds API Vulnerabilities to be a High-Stakes Game for Companies and Individuals Worldwide. URL https://www.akamai.com/newsroom/press-release/akamai-finds-api-vulnerabilities-to-be-a-high-stakes- game-for-companies-and-individuals-worldwide."/> <meta name="citation_reference" content="Coble, S. (2021) Q1 2021 Sees 2.9 million DDoS Attacks Launched. URL https://infosecurity-magazine.com/news/q1-2021-sees-millions-ddos attacks#:~:text=Sarah%20Coble%20News%20Writer%20Approximately%202.9%20million%20Distributed,increase%20compared%20to%20the%20same%20period%20in%202020."/> <meta name="citation_reference" content="Constantin, L. (2020) APIs are becoming a major target for credential stuffing attacks. URL https://www.csoonline.com/article/3527858/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html.."/> <meta name="citation_reference" content="Harguindeguy, B. (2018, January 17). API security: the past, present, and future [Video file]. Retrieved from https://www.brighttalk.com/webcast/288/297033/api-security-the-past-present-and-future"/> <meta name="citation_reference" content="Perry, M. (2019, June 17). The dangerous connections that can damage your business: Why API security is critical to the digital business era [Web log post]. Retrieved fromhttps://www.csoonline.com/article/3502895/the-dangerous-connections-that-can-damage-your-business-why-api-security-is-critical-in-the-digital-.html"/> <meta name="citation_reference" content="Simpson, J (May 2023). 8 Significant API Breaches of Recent Years. https://nordicapis.com/8-significant-api-breaches-of-recent- years/"/> <meta name="citation_reference" content="Kerner, L. (2020) Critical API security risks: 10 best practices. URL https://techbeacon.com/security/critical-api- security-risks-10-best-practices."/> <meta name="citation_reference" content="Juviler, J. (2021) 8 API Security Best Practices to Protect Sensitive Data. URL https://blog.hubspot.com/website/api- Security."/> <meta name="citation_reference" content="Backer, S. (2020) Securing APIs:10 Ways to Keep Your Data and Infrastructure Safe. URL https://www.f5.com/labs/articles/education/securing-apis--10-best-practices-for-keeping-your-data-and-infra."/> <meta name="citation_reference" content="Chinnasamy, V. (2021) Top 6 API Security Best Practices for 2022. URL https://www.indusface.com/blog/top-6- api-security-best-practices for-2022."/> <meta name="citation_reference" content="Sandoval, K. (2020) Introducing the API security maturity model. URL https://nordicapis.com/introducing-the-api-security-maturity-model/."/> <meta name="citation_reference" content="Farrell, S. (2016, September 25). 28 tips for creating great qualitative surveys [Web log post]. Retrieved from https://www.nngroup.com/articles/qualitative-surveys"/> <meta name="citation_reference" content="Castellani, S., &amp; Dorairajan, A. (2020, April). What are the different types of apis?. APIfriends. Retrieved from https://apifriends.com/api-creation/different-types-apis/"/> <meta name="citation_reference" content="Pompon, R. (2018, November 27). Reviewing recent api security incidents. [Web log post]. f5 labs. Retrieved from https://www.f5.com/labs/articles/threat-intelligence/reviewing-recent-api-security-incidents"/> <meta name="citation_reference" content="Richer, J., &amp; Sanso, A. (2016). Understanding API security. Shelter Island, NY: Manning Publications"/> <meta name="citation_reference" content="Gerring, J. (2007) Case study research: Principles and practices. Cambridge University Press, Cambridge, England, U.K."/> <meta name="citation_reference" content="Silverman, D. (2000). Doing qualitative research: A practical handbook. Thousand Oaks, CA: Sage."/> <meta name="citation_reference" content="Kabir, S. M. S. (2016). Methods of data collection. In Basic guidelines for research: An introductory approach for all disciplines (pp.201–275). Retrieved from https://www.researchgate.net/publication/325846997_METHODS_OF_DATA_COLLECTION"/> <meta name="citation_reference" content="Jansen, H. (2010). The logic of qualitative survey research and its position in the field of social research methods. Forum: Qualitative Social Research, 11(2), 1–21. Retrieved from https://www.qualitative research.net/index.php/fqs/article/view/1450/2947."/> <meta name="citation_reference" content="} Creswell, J. W. (2015). Educational research: Planning, conducting, and evaluating quantitative.and qualitative research (5th ed.). Lincoln, Nebraska: Pearson."/> <meta name="citation_reference" content="Stake, R. E. (1995). The art of case study research [DX Reader version]. Retrieved from https://books.google.com/books?id=ApGdBx76b9kC&amp;pg=PA7&amp;lpg=PA7&amp;dq=the+case+study+is+the+study+of+particularity+and+complexity+of+a+case,+coming+to+understand+its+activity+within+important+circumstances&amp;source=bl&amp;ots=KvNMk6Mocu&amp;sig=ACfU3U0621yLWdK_VaU8d446pIIN9ByfXg&amp;hl=en&amp;ppis=_e&amp;sa=X&amp;ved=2ahUKEwjfnqilmPzmAhUDhOAKHS6YBEgQ6AEwC3oECAgQAQ#v=onepage&amp;q=nuance&amp;f=false"/> <meta name="citation_reference" content="Myers, M. D. (1997). Qualitative research in information systems. MIS quarterly, 21(2), 1–19. Retrieved from https://www.researchgate.net/publication/220260372_Qualitative_Research_in_Information_Systems"/> <meta name="citation_reference" content="Braun, V., &amp; Clarke, V. (2013). Successful qualitative research: A practical guide for beginners. London, U.K.: Sage"/> <meta name="citation_reference" content="Meng, M., Schubert, A., &amp; Steinhardt, S. (2017). Application programming interface documentation: What do software developers want? Journal of Technical Writing and Communication, 48(3), 295–330. Retrieved from https://journals.sagepub.com/doi/abs/10.1177/0047281617721853?journalCode=jtwa"/> <meta name="citation_reference" content="Elliott, V. (2018). Thinking about the coding process in qualitative data analysis. The qualitative report, 23(11), 2850–2861. Retrieved from https://nsuworks.nova.edu/tqr/vol23/iss11/14"/> <meta name="citation_reference" content="Creswell, J. W. (2013). Qualitative inquiry &amp; research design: Choosing among five approaches (3rd ed.). Los Angeles, CA: SAGE Publications."/> <meta name="citation_reference" content="Creswell, J. W. (2013, November). Steps in conducting a scholarly mixed methods study. Discipline-Based Education Research Group. Retrieved from https://digitalcommons.unl.edu/cgi/viewcontent.cgi?article=1047&amp;context=dberspeakers"/> <meta name="citation_reference" content="DeCuir-Gunby, J. T., Marshall, P. L., &amp; McCulloch, A. W. (2011). Developing and using a codebook for the analysis of interview"/> <meta name="citation_reference" content="Saldaña, J. (2013). The coding manual for qualitative researchers (2nd ed.). Los Angeles, California: SAGE"/> <meta name="citation_reference" content="Yin, R. K. (2014). Case study research design and methods (5th ed.). Thousand Oaks, CA: SAGE."/> <meta name="citation_reference" content="Dowell, A., Roberts, K., &amp; Nie, J. B. (2019). Attempting rigour and replicability in thematic analysis of qualitative research data; a case study of codebook development. BMC Medical Research Methodology, 19(66), 1–8. Retrieved from https://bmcmedresmethodol.biomedcentral.com/articles/10.1186/s12874-019-0707-y#citeas"/> <meta name="citation_reference" content="Bowen, G. A. (2006). Grounded theory and sensitizing concepts. International Journal of Qualitative Methods, 5(3), 12–23. Retrieved from http://scholar.google.com/scholar_url url=https://journals.sagepub.com/doi/pdf/10.1177/160940690600500304&amp;hl=en&amp;sa=X&amp;ei=TQ6YMKBNMbPmAGYsb6gDA&amp;scisig=AAGBfm37Y2E4rSEPt3olmfOam9E-XH1BcA&amp;nossl=1&amp;oi=scholar"/> <meta name="citation_reference" content="Lewins, A., &amp; Silver, C. (2020). Using software in qualitative research: A step-by-step guide (2nd ed.). Thousand Oaks, California: SAGE."/> <meta name="citation_reference" content="Green, M., &amp; Smith, M. (2016) Developers are not the enemy: The need for usable security APIs. URL http://mattsmith.de/pdfs/DevelopersAreNotTheEnemy.pdf.."/> <meta name="citation_reference" content="Yin, R.K. (2014) Case study research design and methods (5th ed.), Thousand Oaks, CA: SAGE."/> <meta name="citation_reference" content="Patton, M.Q. (2014) Qualitative research &amp; evaluation methods: Integrating theory and practice (4th ed.), Thousand Oaks, CA: Sage Publications."/> <meta name="citation_reference" content="O’Neill, M., S. Heidbrink, J. Whitehead, T. Perdue, L. Dickinson, T. Collett, N. Bonner, and D. Zappala, “The secure socket API: TLS as an operating system service.” 27th USENIX Security Symposium, 799–816, URL https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-o_neill.pdf."/> <meta name="citation_reference" content="National Institute of Standards and Technology. (2019) “Security strategies for microservices-based application systems,” (Special Publication 800-204), Gaithersburg, MD: U.S. Government Printing Office."/> <meta name="citation_reference" content="Swanner, N. (2017) Build: What ‘intelligent cloud, intelligent edge’ means. URL https://insights.dice.com/2017/05/11/build-intelligent-cloud-intelligent-edge/."/> <meta name="citation_reference" content="Dadhich., P. (2020) Top 10 cybersecurity incidents in 2020. URL https://www.znetlive.com/blog/top-10-cybersecurity-incidents-in-2020/."/> <meta name="citation_reference" content="Drake, N. &amp; Turner, B. (2021) Best cloud log management services of 2021. URL https://www.techradar.com/best/best-cloud-logging-services."/> <meta name="citation_reference" content="Jon. (2021) Cyber-attacks and data breaches list from 2014 to 2021, 2021, URL https://www.51sec.org/2021/02/16/security-events-and-data-breaches-in-2018-2017-2016-2015-2014/,"/> <meta name="citation_reference" content="Gaurav, S. (2017) Machine learning impact on cloud computing. URL https://www.botmetric.com/blog/machine- learning-impact-on-cloud-computing."/> <meta name="citation_reference" content="Gander, M., B. Katt, B. M. Felderer, A. Tolbaru, R. Breu, R., &amp; A. Moschitti. (2012). Anomaly detection in the cloud: detecting security incidents via machine learning. URL http://disi.unitn.it/moschitti/articles/2012/JIMSE2012-UIBK.pdf."/> <meta name="citation_reference" content="Drinkwater, D. (2016) How to get more from your security budget. URL https://www.infoworld.com/article/3152153/how-to-get-more-from-your-security-budget.html."/> <meta name="citation_reference" content="Stoltzfus, J. (2019) How cloud computing is changing cybersecurity. URL https://www.techopedia.com/how-cloud-computing-is-changing-cybersecurity/2/3394."/> <meta name="citation_reference" content="Fiala, J. (2015) A Survey of Machine Learning Applications to Cloud Computing. URL https://www.cse.wustl.edu/~jain/cse570-15/ftp/cld_ml/index.html."/> <meta name="citation_reference" content="Hoadley, D.S. &amp; N.J. Lucas, N.J. AI and national security,” 2018, Library of Congress Congressional Research Service, URL https://www.hsdl.org/?abstract&amp;did=810166"/> <meta name="citation_reference" content="Canner, B. (2018) Ping identity releases survey on the perils of enterprise APIs. URL https://solutionsreview.com/identity-management/ping-identity-releases- survey-on-the-perils-of-enterprise-apis/."/> <meta name="citation_reference" content="Jason Kent (March 2023) Using ChatGPT to Improve API Security: Open AI &amp; Security , Security Boulevard https://securityboulevard.com/2023/03/using-chatgpt-to-improve-api-security-open-ai-security/)"/> <meta name="og:site_name" content="EAI Endorsed Transactions on Cloud Systems"/> <meta name="og:type" content="article"/> <meta name="og:title" content="Application Programming Interface (API) Security in Cloud Applications "/> <meta name="og:description" content=" Many cloud services utilize an API gateway, which enables them to be offered to users through API platforms such as Platform as a Service (PaaS), Software as a service (SaaS), Infrastructure as a Service (IaaS) and cross-platforms APIs. APIs are designed for functionality and speed by developers who write a small portion of code, which has visibility and is secure. The code that is created from third-party software or libraries has no visibility, which makes it insecure. APIs are the most vulnerable points of attack, and many users are not aware of their insecurity. This paper reviews API security in cloud applications and discusses details of API vulnerabilities, existing security tools for API security to mitigate API attacks. The author’s study showed that most users are unaware of API insecurity, organizations lack resources and training to educate users about APIs, and organizations depend on the overall security of the network instead of the security of standalone APIs. "/> <meta name="og:url" content="https://publications.eai.eu/index.php/cs/article/view/3011"/> <meta name="og:locale" content="en_US"/> <meta name="og:image" content=""/> <meta name="article:published_time" content="2023-10-17"/> <meta name="article:tag" content="Cloud API"/> <meta name="article:tag" content="Cybersecurity"/> <meta name="article:tag" content="zero trust."/> <meta name="article:tag" content="Cloud Security"/> <meta name="article:tag" content="API Security"/> <meta name="article:tag" content="Cloud/API Security"/> <link rel="alternate" type="application/atom+xml" href="https://publications.eai.eu/index.php/cs/gateway/plugin/AnnouncementFeedGatewayPlugin/atom"> <link rel="alternate" type="application/rdf+xml" href="https://publications.eai.eu/index.php/cs/gateway/plugin/AnnouncementFeedGatewayPlugin/rss"> <link rel="alternate" type="application/rss+xml" href="https://publications.eai.eu/index.php/cs/gateway/plugin/AnnouncementFeedGatewayPlugin/rss2"> <link rel="stylesheet" href="https://publications.eai.eu/index.php/cs/$$$call$$$/page/page/css?name=stylesheet" type="text/css" /><link rel="stylesheet" href="https://publications.eai.eu/index.php/cs/$$$call$$$/page/page/css?name=font" type="text/css" /><link rel="stylesheet" href="https://publications.eai.eu/lib/pkp/styles/fontawesome/fontawesome.css?v=3.3.0.18" type="text/css" /><style type="text/css">.pkp_structure_head { background: center / cover no-repeat url("https://publications.eai.eu/public/journals/16/homepageImage_en_US.png");}</style><link rel="stylesheet" href="https://publications.eai.eu/plugins/generic/citations/css/citations.css?v=3.3.0.18" type="text/css" /> </head> <body class="pkp_page_article pkp_op_view" dir="ltr"> <div class="pkp_structure_page"> <header class="pkp_structure_head" id="headerNavigationContainer" role="banner"> <nav class="cmp_skip_to_content" aria-label="Jump to content links"> <a href="#pkp_content_main">Skip to main content</a> <a href="#siteNav">Skip to main navigation menu</a> <a href="#pkp_content_footer">Skip to site footer</a> </nav> <div class="pkp_head_wrapper"> <div class="pkp_site_name_wrapper"> <button class="pkp_site_nav_toggle"> <span>Open Menu</span> </button> <div class="pkp_site_name"> <a href=" https://publications.eai.eu/index.php/cs/index " class="is_text">EAI Endorsed Transactions on Cloud Systems</a> </div> </div> <nav class="pkp_site_nav_menu" aria-label="Site Navigation"> <a id="siteNav"></a> <div class="pkp_navigation_primary_row"> <div class="pkp_navigation_primary_wrapper"> <ul id="navigationPrimary" class="pkp_navigation_primary pkp_nav_list"> <li class=""> <a href="https://publications.eai.eu/index.php/cs/index"> Home </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/about"> About </a> <ul> <li class=""> <a href="https://publications.eai.eu/index.php/cs/about"> About the Journal </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/about/submissions"> Submissions </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/about/editorialTeam"> Editorial Team </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/indexing"> Indexing </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/open-access"> Open Access Information </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/benefits"> Benefits of EAI Transactions </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/about/privacy"> Privacy Statement </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/about/contact"> Contact </a> </li> </ul> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/issue/current"> Current </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/issue/archive"> Archives </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/special-issues"> Special Issues </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/ethics"> Publication Ethics </a> </li> <li class=""> <a href="https://publications.eai.eu/index.php/cs/announcement"> Announcements </a> </li> </ul> <div class="pkp_navigation_search_wrapper"> <a href="https://publications.eai.eu/index.php/cs/search" class="pkp_search pkp_search_desktop"> <span class="fa fa-search" aria-hidden="true"></span> Search </a> </div> </div> </div> <div class="pkp_navigation_user_wrapper" id="navigationUserWrapper"> <ul id="navigationUser" class="pkp_navigation_user pkp_nav_list"> <li class="profile"> <a href="https://publications.eai.eu/index.php/cs/user/register"> Register </a> </li> <li class="profile"> <a href="https://publications.eai.eu/index.php/cs/login"> Login </a> </li> </ul> </div> </nav> </div><!-- .pkp_head_wrapper --> </header><!-- .pkp_structure_head --> <div class="pkp_structure_content has_sidebar"> <div class="pkp_structure_main" role="main"> <a id="pkp_content_main"></a> <div class="page page_article"> <nav class="cmp_breadcrumbs" role="navigation" aria-label="You are here:"> <ol> <li> <a href="https://publications.eai.eu/index.php/cs/index"> Home </a> <span class="separator">/</span> </li> <li> <a href="https://publications.eai.eu/index.php/cs/issue/archive"> Archives </a> <span class="separator">/</span> </li> <li> <a href="https://publications.eai.eu/index.php/cs/issue/view/408"> Vol. 7 No. 23 (2022): EAI Endorsed Transactions on Cloud Systems </a> <span class="separator">/</span> </li> <li class="current" aria-current="page"> <span aria-current="page"> Commentary </span> </li> </ol> </nav> <article class="obj_article_details"> <h1 class="page_title"> Application Programming Interface (API) Security in Cloud Applications </h1> <div class="row"> <div class="main_entry"> <section class="item authors"> <h2 class="pkp_screen_reader">Authors</h2> <ul class="authors"> <li> <span class="name"> Farhan Qazi </span> <span class="affiliation"> Capitol Technology University <a href="https://ror.org/045ej2q36"><?xml version="1.0" encoding="UTF-8" standalone="no"?> <!-- Generator: Adobe Illustrator 23.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --> <svg xmlns:i="&amp;ns_ai;" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://creativecommons.org/ns#" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 23.4225 16.696501" xml:space="preserve" sodipodi:docname="rorId.svg" inkscape:version="0.92.5 (2060ec1f9f, 2020-04-08)" width="23.422501" height="16.696501"><metadata id="metadata93"><rdf:RDF><cc:Work rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage" /></cc:Work></rdf:RDF></metadata><defs id="defs91" /><sodipodi:namedview pagecolor="#ffffff" bordercolor="#666666" borderopacity="1" objecttolerance="10" gridtolerance="10" guidetolerance="10" inkscape:pageopacity="0" inkscape:pageshadow="2" inkscape:window-width="1880" inkscape:window-height="1016" id="namedview89" showgrid="true" showguides="false" inkscape:zoom="1" inkscape:cx="-177.76975" inkscape:cy="13.962506" inkscape:window-x="40" inkscape:window-y="27" inkscape:window-maximized="1" inkscape:current-layer="Layer_1" /> <switch id="switch86" transform="matrix(0.15,0,0,0.15,-0.7305,-0.624)"> <foreignObject requiredExtensions="http://ns.adobe.com/AdobeIllustrator/10.0/" x="0" y="0" width="1" height="1"> </foreignObject> <g i:extraneous="self" id="g84"> <polygon class="strorId0" points="68.65,4.16 56.52,22.74 44.38,4.16 " id="polygon72" style="fill:#53baa1" /> <polygon class="strorId0" points="119.41,4.16 107.28,22.74 95.14,4.16 " id="polygon74" style="fill:#53baa1" /> <polygon class="strorId0" points="44.38,115.47 56.52,96.88 68.65,115.47 " id="polygon76" style="fill:#53baa1" /> <polygon class="strorId0" points="95.14,115.47 107.28,96.88 119.41,115.47 " id="polygon78" style="fill:#53baa1" /> <g id="g82"> <path class="st1" d="m 145.53,63.71 c 4.3,-0.8 7.57,-2.71 9.8,-5.72 2.24,-3.01 3.35,-6.67 3.35,-10.96 0,-3.56 -0.62,-6.52 -1.85,-8.9 -1.23,-2.38 -2.9,-4.27 -4.99,-5.68 -2.09,-1.4 -4.53,-2.41 -7.31,-3.01 -2.78,-0.6 -5.72,-0.9 -8.81,-0.9 h -23.56 v 18.83 c -0.19,-0.55 -0.39,-1.09 -0.61,-1.63 -1.63,-3.95 -3.91,-7.32 -6.84,-10.1 -2.93,-2.78 -6.39,-4.92 -10.41,-6.41 -4.01,-1.49 -8.4,-2.24 -13.16,-2.24 -4.76,0 -9.14,0.75 -13.16,2.24 -4.01,1.49 -7.48,3.63 -10.41,6.41 -2.62,2.49 -4.72,5.46 -6.3,8.9 -0.23,-2.47 -0.81,-4.61 -1.74,-6.41 -1.23,-2.38 -2.9,-4.27 -4.99,-5.68 -2.09,-1.4 -4.53,-2.41 -7.31,-3.01 -2.78,-0.6 -5.72,-0.9 -8.81,-0.9 H 4.87 V 89.42 H 18.28 V 65.08 H 24.9 L 37.63,89.42 H 53.71 L 38.24,63.71 c 4.3,-0.8 7.57,-2.71 9.8,-5.72 0.1,-0.14 0.19,-0.29 0.29,-0.43 -0.02,0.47 -0.03,0.94 -0.03,1.42 0,4.87 0.82,9.29 2.45,13.24 1.63,3.95 3.91,7.32 6.84,10.1 2.92,2.78 6.39,4.92 10.41,6.41 4.01,1.49 8.4,2.24 13.16,2.24 4.76,0 9.14,-0.75 13.16,-2.24 4.01,-1.49 7.48,-3.63 10.41,-6.41 2.92,-2.78 5.2,-6.15 6.84,-10.1 0.22,-0.53 0.42,-1.08 0.61,-1.63 v 18.83 h 13.41 V 65.08 h 6.62 l 12.73,24.34 h 16.08 z M 36.39,50.81 c -0.72,0.92 -1.62,1.59 -2.71,2.02 -1.09,0.43 -2.31,0.69 -3.65,0.77 -1.35,0.09 -2.62,0.13 -3.83,0.13 H 18.29 V 39.89 h 8.77 c 1.2,0 2.44,0.09 3.7,0.26 1.26,0.17 2.38,0.5 3.35,0.99 0.97,0.49 1.78,1.19 2.41,2.11 0.63,0.92 0.95,2.15 0.95,3.7 0,1.65 -0.36,2.94 -1.08,3.86 z m 62.35,16.04 c -0.89,2.38 -2.16,4.44 -3.83,6.19 -1.66,1.75 -3.65,3.11 -5.98,4.09 -2.32,0.98 -4.92,1.46 -7.78,1.46 -2.87,0 -5.46,-0.49 -7.78,-1.46 -2.32,-0.97 -4.31,-2.34 -5.98,-4.09 -1.66,-1.75 -2.94,-3.81 -3.83,-6.19 -0.89,-2.38 -1.33,-5 -1.33,-7.87 0,-2.81 0.44,-5.42 1.33,-7.83 0.89,-2.41 2.16,-4.48 3.83,-6.23 1.66,-1.75 3.65,-3.11 5.98,-4.09 2.32,-0.97 4.91,-1.46 7.78,-1.46 2.87,0 5.46,0.49 7.78,1.46 2.32,0.97 4.31,2.34 5.98,4.09 1.66,1.75 2.94,3.83 3.83,6.23 0.89,2.41 1.33,5.02 1.33,7.83 0,2.87 -0.44,5.49 -1.33,7.87 z m 44.94,-16.04 c -0.72,0.92 -1.62,1.59 -2.71,2.02 -1.09,0.43 -2.31,0.69 -3.65,0.77 -1.35,0.09 -2.62,0.13 -3.83,0.13 h -7.91 V 39.89 h 8.77 c 1.2,0 2.44,0.09 3.7,0.26 1.26,0.17 2.38,0.5 3.35,0.99 0.97,0.49 1.78,1.19 2.41,2.11 0.63,0.92 0.95,2.15 0.95,3.7 0,1.65 -0.36,2.94 -1.08,3.86 z" id="path80" inkscape:connector-curvature="0" style="fill:#202826" /> </g> </g> </switch> </svg> </a> </span> </li> </ul> </section> <section class="item doi"> <h2 class="label"> DOI: </h2> <span class="value"> <a href="https://doi.org/10.4108/eetcs.v7i23.3011"> https://doi.org/10.4108/eetcs.v7i23.3011 </a> </span> </section> <section class="item keywords"> <h2 class="label"> Keywords: </h2> <span class="value"> Cloud API, Cybersecurity, zero trust., Cloud Security, API Security, Cloud/API Security </span> </section> <section class="item abstract"> <h2 class="label">Abstract</h2> <p>Many cloud services utilize an API gateway, which enables them to be offered to users through API platforms such as Platform as a Service (PaaS), Software as a service (SaaS), Infrastructure as a Service (IaaS) and cross-platforms APIs. APIs are designed for functionality and speed by developers who write a small portion of code, which has visibility and is secure. The code that is created from third-party software or libraries has no visibility, which makes it insecure. APIs are the most vulnerable points of attack, and many users are not aware of their insecurity. This paper reviews API security in cloud applications and discusses details of API vulnerabilities, existing security tools for API security to mitigate API attacks. The author’s study showed that most users are unaware of API insecurity, organizations lack resources and training to educate users about APIs, and organizations depend on the overall security of the network instead of the security of standalone APIs.</p> </section> <!-- Plum Analytics --> <a href="https://plu.mx/plum/a/?doi=10.4108/eetcs.v7i23.3011" class="plumx-details" data-hide-when-empty="true" ></a> <!-- /Plum Analytics --> <section class="item references"> <h2 class="label"> References </h2> <div class="value"> <p>Butler, B. (2015). The myth about how Amazon’s web service started just won’t die: How AWS got started and what its co-founder is doing now that he says could be bigger than cloud. Network world, URL <a href="https://www.networkworld.com/article/2891297/the-myth-about-how-amazon-s-web-service-started-just-">https://www.networkworld.com/article/2891297/the-myth-about-how-amazon-s-web-service-started-just-</a> won-t-die.html </p> <p>Campbell, S. (2021) Postman’s 2021 State of API Report Finds APIs Key to Sparking Innovation During Pandemic, Ushering in API-First World, Business Wire. URL <a href="https://www.businesswire.com/news/home/20211028005033/en/Postman%E2%80%99s-2021-State-of-API-Report-Finds-APIs-Key-to-Sparking-Innovation-During-Pandemic-Ushering-in-API-First-World">https://www.businesswire.com/news/home/20211028005033/en/Postman%E2%80%99s-2021-State-of-API-Report-Finds-APIs-Key-to-Sparking-Innovation-During-Pandemic-Ushering-in-API-First-World</a> </p> <p>Market Research Future Cloud (2022) API Market Is Anticipated Grow USD 3.71 Billion at a CAGR of 23.2% by 2030 - Report by Market Research Future (MRFR) URL <a href="https://www.globenewswire.com/news-release/2022/09/28/2524089/0/en/Cloud-API-Market-Is-Anticipated-Grow-USD-3-71-Billion-at-a-CAGR-of-23-2-by-2030-Report-by-Market-Research-Future-MRFR.html">https://www.globenewswire.com/news-release/2022/09/28/2524089/0/en/Cloud-API-Market-Is-Anticipated-Grow-USD-3-71-Billion-at-a-CAGR-of-23-2-by-2030-Report-by-Market-Research-Future-MRFR.html</a> </p> <p>Bettendorf, M. (2021) API growth continues to skyrocket in 2020 and into 2021. URL <a href="https://blog.postman.com/api-growth-rate/">https://blog.postman.com/api-growth-rate/</a>. </p> <p>Salt Labs (2023) Salt State of API Security Report Q1 2023 <a href="https://content.salt.security/state-api-report.html">https://content.salt.security/state-api-report.html</a> </p> <p>Salt Security. (2022) Salt Security State of API Security Report Reveals 94% of Companies Experienced Security Incidents in Production APIs in the Past Year. URL <a href="https://salt.security/press-releases/salt-security-state-of-api-security-report-reveals-94-of-companies-experienced-security-incidents-in-production-apis-in-the-past-year">https://salt.security/press-releases/salt-security-state-of-api-security-report-reveals-94-of-companies-experienced-security-incidents-in-production-apis-in-the-past-year</a> </p> <p>Lemos, R. (2022) API Security Losses Total Billions, But It's Complicated,” Dark Reading, June 30, 2022. <a href="https://www.darkreading.com/application-security/api-security-losses-billions-complicated">https://www.darkreading.com/application-security/api-security-losses-billions-complicated</a> ) </p> <p>Qazi, F. and S. Miller, A Qualitative Study of Security in Application Programming Interfaces (APIs). In 20th International Conference on Security &amp; Management (SAM'21), July 26-29, 2021, USA. </p> <p>Bush, T. (2021) What is an API gateway? URL <a href="https://nordicapis.com/what-is-an-api">https://nordicapis.com/what-is-an-api</a> gateway/ </p> <p>Sandoval, K. (2015). API Keys ≠ Security: Why API Keys Are Not Enough. URL <a href="https://nordicapis.com/why-api-keys-are-not-enough/">https://nordicapis.com/why-api-keys-are-not-enough/</a>. </p> <p>Berlind, D. (2020) Understanding the realities of API security. URL <a href="https://www.programmableweb.com/apiuniversity/understanding-realities-api-security">https://www.programmableweb.com/apiuniversity/understanding-realities-api-security</a> </p> <p>Deahl, D. (2018) Panera bread leaked customer data on its website for eight months. The verge. URL <a href="https://www.theverge.com/2018/4/3/17192348/panera-bread-leaked-customer-data-breach-website">https://www.theverge.com/2018/4/3/17192348/panera-bread-leaked-customer-data-breach-website</a>, </p> <p>Chinnasamy V. (2022) Bad bots are coming at APIs! How to beat the API bot attacks?” Help Net Security. URL <a href="https://www.helpnetsecurity.com/2022/09/12/api-bot-attacks/">https://www.helpnetsecurity.com/2022/09/12/api-bot-attacks/</a>. </p> <p>Psarris, S. (2022) API Security in the Cloud, Reblaze,. URL <a href="https://www.reblaze.com/blog/api-security/api-security-in-the-cloud/">https://www.reblaze.com/blog/api-security/api-security-in-the-cloud/</a> </p> <p>Bavati. I (2020) Moving to the Cloud? How to Secure APIs on AWS, Azure, and GCP,” Nordic APIs URL <a href="https://nordicapis.com/moving-to-the-cloud-how-to-secure-apis-on-aws-azure-and-gcp/">https://nordicapis.com/moving-to-the-cloud-how-to-secure-apis-on-aws-azure-and-gcp/</a> </p> <p>Taylor, D., John Downs, J., Vic Vhorne V; Alex Buck, A. (2020) Azure Web Application Firewall on Azure Application Gateway bot protection overview. URL <a href="https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/bot-protection-overview/">https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/bot-protection-overview/</a>. </p> <p>Microsoft, (2022) Protect APIs with Application Gateway and API Management. URL <a href="https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/apis/protect-apis">https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/apis/protect-apis</a> </p> <p>Liu , N. (2022) Google Cloud Combats API Misconfiguration, Bot Attacks. URL <a href="https://www.sdxcentral.com/articles/news/google-cloud-combats-api-misconfiguration-bot-attacks/2022/06/">https://www.sdxcentral.com/articles/news/google-cloud-combats-api-misconfiguration-bot-attacks/2022/06/</a> </p> <p>Macy, J. (2018). Public cloud API security: How safe is our data?, URL <a href="https://www.itproportal.com/features/public-cloud-api-security-how-safe-is-our-data/">https://www.itproportal.com/features/public-cloud-api-security-how-safe-is-our-data/</a>. </p> <p>Walker, A. (2021) API vs Web Service: What’s the Difference?, URL <a href="https://www.guru99.com/comparison-between-web-services.html">https://www.guru99.com/comparison-between-web-services.html</a>. </p> <p>Fitzgerald, A. (2021) SOAP vs REST APIs: The Key Differences Explained for Beginners. URL <a href="https://blog.hubspot.com/website/rest-vs-soap">https://blog.hubspot.com/website/rest-vs-soap</a>. </p> <p>Sengupta, S. (2021) What is GraphQL Security? Best Practices for GraphQL Security. URL <a href="https://crashtest-security.com/graphql-security-vulnerabilities/">https://crashtest-security.com/graphql-security-vulnerabilities/</a>. </p> <p>Populi, N. (2018) How to Secure a GraphQL API (The Complete Vulnerability Checklist). URL <a href="https://leapgraph.com/graphql-api-security">https://leapgraph.com/graphql-api-security</a>. </p> <p>Wallarm, (2022) Q2-2022 API Vulnerability &amp; Exploit full report, Wallarm Resource Library. URL <a href="https://www.wallarm.com/resources/q2-2022-api-vulnerability-exploit-full-report">https://www.wallarm.com/resources/q2-2022-api-vulnerability-exploit-full-report</a>. </p> <p>Vizard, M. (2021) Survey Finds API Security Incidents on the Rise URL <a href="https://securityboulevard.com/2021/08/survey-finds-api-security-incidents-on-the-rise/">https://securityboulevard.com/2021/08/survey-finds-api-security-incidents-on-the-rise/</a>. </p> <p>OWASP. (2021) OWASP Top Ten Web Application Security Risks. URL <a href="https://owasp.org/www-project-top-ten/#">https://owasp.org/www-project-top-ten/#</a>. </p> <p>Schmidt, J.) OWASP OWASP Top 10 risks get update, highlighting insecure design — injection No longer on top. URL <a href="https://devclass.com/2021/09/28/owasp-top-10-2021/">https://devclass.com/2021/09/28/owasp-top-10-2021/</a>. </p> <p>Madhani, P. (2021) “OWASP Working Group Releases Draft of Top 10 Web Application Risks for 2021. URL <a href="https://www.k2io.com/owasp-working-group-releases-draft-of-top-10-web-application-risks-for-2021/">https://www.k2io.com/owasp-working-group-releases-draft-of-top-10-web-application-risks-for-2021/</a>. </p> <p>Writer, G. (2021) API Security: Protect your APIs from Attacks and Data Breaches. Insight, URL <a href="https://www.itsecurityguru.org/2021/10/21/protecting-your-apis-from-attacks-and-data-breaches/">https://www.itsecurityguru.org/2021/10/21/protecting-your-apis-from-attacks-and-data-breaches/</a> </p> <p>L7Defence. (2021) API Security Attacks, How API attacks work and How to Identify and Prevent them. URL <a href="https://www.l7defense.com/solutions/api-attacks/">https://www.l7defense.com/solutions/api-attacks/</a>. </p> <p>GoldSky Security. (2023) Understanding API Attacks and How to Prevent Them <a href="https://www.goldskysecurity.com/understanding-api-attacks-and-how-to-prevent-them/">https://www.goldskysecurity.com/understanding-api-attacks-and-how-to-prevent-them/</a> </p> <p>Akami.com. (2021) Akamai Finds API Vulnerabilities to be a High-Stakes Game for Companies and Individuals Worldwide. URL <a href="https://www.akamai.com/newsroom/press-release/akamai-finds-api-vulnerabilities-to-be-a-high-stakes-">https://www.akamai.com/newsroom/press-release/akamai-finds-api-vulnerabilities-to-be-a-high-stakes-</a> game-for-companies-and-individuals-worldwide. </p> <p>Coble, S. (2021) Q1 2021 Sees 2.9 million DDoS Attacks Launched. URL <a href="https://infosecurity-magazine.com/news/q1-2021-sees-millions-ddos">https://infosecurity-magazine.com/news/q1-2021-sees-millions-ddos</a> attacks#:~:text=Sarah%20Coble%20News%20Writer%20Approximately%202.9%20million%20Distributed,increase%20compared%20to%20the%20same%20period%20in%202020. </p> <p>Constantin, L. (2020) APIs are becoming a major target for credential stuffing attacks. URL <a href="https://www.csoonline.com/article/3527858/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html">https://www.csoonline.com/article/3527858/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html</a>. </p> <p>Harguindeguy, B. (2018, January 17). API security: the past, present, and future [Video file]. Retrieved from <a href="https://www.brighttalk.com/webcast/288/297033/api-security-the-past-present-and-future">https://www.brighttalk.com/webcast/288/297033/api-security-the-past-present-and-future</a> </p> <p>Perry, M. (2019, June 17). The dangerous connections that can damage your business: Why API security is critical to the digital business era [Web log post]. Retrieved from<a href="https://www.csoonline.com/article/3502895/the-dangerous-connections-that-can-damage-your-business-why-api-security-is-critical-in-the-digital-.html">https://www.csoonline.com/article/3502895/the-dangerous-connections-that-can-damage-your-business-why-api-security-is-critical-in-the-digital-.html</a> </p> <p>Simpson, J (May 2023). 8 Significant API Breaches of Recent Years. <a href="https://nordicapis.com/8-significant-api-breaches-of-recent-">https://nordicapis.com/8-significant-api-breaches-of-recent-</a> years/ </p> <p>Kerner, L. (2020) Critical API security risks: 10 best practices. URL <a href="https://techbeacon.com/security/critical-api-">https://techbeacon.com/security/critical-api-</a> security-risks-10-best-practices. </p> <p>Juviler, J. (2021) 8 API Security Best Practices to Protect Sensitive Data. URL <a href="https://blog.hubspot.com/website/api-">https://blog.hubspot.com/website/api-</a> Security. </p> <p>Backer, S. (2020) Securing APIs:10 Ways to Keep Your Data and Infrastructure Safe. URL <a href="https://www.f5.com/labs/articles/education/securing-apis--10-best-practices-for-keeping-your-data-and-infra">https://www.f5.com/labs/articles/education/securing-apis--10-best-practices-for-keeping-your-data-and-infra</a>. </p> <p>Chinnasamy, V. (2021) Top 6 API Security Best Practices for 2022. URL <a href="https://www.indusface.com/blog/top-6-">https://www.indusface.com/blog/top-6-</a> api-security-best-practices for-2022. </p> <p>Sandoval, K. (2020) Introducing the API security maturity model. URL <a href="https://nordicapis.com/introducing-the-api-security-maturity-model/">https://nordicapis.com/introducing-the-api-security-maturity-model/</a>. </p> <p>Farrell, S. (2016, September 25). 28 tips for creating great qualitative surveys [Web log post]. Retrieved from <a href="https://www.nngroup.com/articles/qualitative-surveys">https://www.nngroup.com/articles/qualitative-surveys</a> </p> <p>Castellani, S., &amp; Dorairajan, A. (2020, April). What are the different types of apis?. APIfriends. Retrieved from <a href="https://apifriends.com/api-creation/different-types-apis/">https://apifriends.com/api-creation/different-types-apis/</a> </p> <p>Pompon, R. (2018, November 27). Reviewing recent api security incidents. [Web log post]. f5 labs. Retrieved from <a href="https://www.f5.com/labs/articles/threat-intelligence/reviewing-recent-api-security-incidents">https://www.f5.com/labs/articles/threat-intelligence/reviewing-recent-api-security-incidents</a> </p> <p>Richer, J., &amp; Sanso, A. (2016). Understanding API security. Shelter Island, NY: Manning Publications </p> <p>Gerring, J. (2007) Case study research: Principles and practices. Cambridge University Press, Cambridge, England, U.K. </p> <p>Silverman, D. (2000). Doing qualitative research: A practical handbook. Thousand Oaks, CA: Sage. </p> <p>Kabir, S. M. S. (2016). Methods of data collection. In Basic guidelines for research: An introductory approach for all disciplines (pp.201–275). Retrieved from <a href="https://www.researchgate.net/publication/325846997_METHODS_OF_DATA_COLLECTION">https://www.researchgate.net/publication/325846997_METHODS_OF_DATA_COLLECTION</a> </p> <p>Jansen, H. (2010). The logic of qualitative survey research and its position in the field of social research methods. Forum: Qualitative Social Research, 11(2), 1–21. Retrieved from <a href="https://www.qualitative">https://www.qualitative</a> research.net/index.php/fqs/article/view/1450/2947. </p> <p>} Creswell, J. W. (2015). Educational research: Planning, conducting, and evaluating quantitative.and qualitative research (5th ed.). Lincoln, Nebraska: Pearson. </p> <p>Stake, R. E. (1995). The art of case study research [DX Reader version]. Retrieved from <a href="https://books.google.com/books?id=ApGdBx76b9kC&amp;pg=PA7&amp;lpg=PA7&amp;dq=the+case+study+is+the+study+of+particularity+and+complexity+of+a+case,+coming+to+understand+its+activity+within+important+circumstances&amp;source=bl&amp;ots=KvNMk6Mocu&amp;sig=ACfU3U0621yLWdK_VaU8d446pIIN9ByfXg&amp;hl=en&amp;ppis=_e&amp;sa=X&amp;ved=2ahUKEwjfnqilmPzmAhUDhOAKHS6YBEgQ6AEwC3oECAgQAQ#v=onepage&amp;q=nuance&amp;f=false">https://books.google.com/books?id=ApGdBx76b9kC&amp;pg=PA7&amp;lpg=PA7&amp;dq=the+case+study+is+the+study+of+particularity+and+complexity+of+a+case,+coming+to+understand+its+activity+within+important+circumstances&amp;source=bl&amp;ots=KvNMk6Mocu&amp;sig=ACfU3U0621yLWdK_VaU8d446pIIN9ByfXg&amp;hl=en&amp;ppis=_e&amp;sa=X&amp;ved=2ahUKEwjfnqilmPzmAhUDhOAKHS6YBEgQ6AEwC3oECAgQAQ#v=onepage&amp;q=nuance&amp;f=false</a> </p> <p>Myers, M. D. (1997). Qualitative research in information systems. MIS quarterly, 21(2), 1–19. Retrieved from <a href="https://www.researchgate.net/publication/220260372_Qualitative_Research_in_Information_Systems">https://www.researchgate.net/publication/220260372_Qualitative_Research_in_Information_Systems</a> </p> <p>Braun, V., &amp; Clarke, V. (2013). Successful qualitative research: A practical guide for beginners. London, U.K.: Sage </p> <p>Meng, M., Schubert, A., &amp; Steinhardt, S. (2017). Application programming interface documentation: What do software developers want? Journal of Technical Writing and Communication, 48(3), 295–330. Retrieved from <a href="https://journals.sagepub.com/doi/abs/10.1177/0047281617721853?journalCode=jtwa">https://journals.sagepub.com/doi/abs/10.1177/0047281617721853?journalCode=jtwa</a> </p> <p>Elliott, V. (2018). Thinking about the coding process in qualitative data analysis. The qualitative report, 23(11), 2850–2861. Retrieved from <a href="https://nsuworks.nova.edu/tqr/vol23/iss11/14">https://nsuworks.nova.edu/tqr/vol23/iss11/14</a> </p> <p>Creswell, J. W. (2013). Qualitative inquiry &amp; research design: Choosing among five approaches (3rd ed.). Los Angeles, CA: SAGE Publications. </p> <p>Creswell, J. W. (2013, November). Steps in conducting a scholarly mixed methods study. Discipline-Based Education Research Group. Retrieved from <a href="https://digitalcommons.unl.edu/cgi/viewcontent.cgi?article=1047&amp;context=dberspeakers">https://digitalcommons.unl.edu/cgi/viewcontent.cgi?article=1047&amp;context=dberspeakers</a> </p> <p>DeCuir-Gunby, J. T., Marshall, P. L., &amp; McCulloch, A. W. (2011). Developing and using a codebook for the analysis of interview </p> <p>Saldaña, J. (2013). The coding manual for qualitative researchers (2nd ed.). Los Angeles, California: SAGE </p> <p>Yin, R. K. (2014). Case study research design and methods (5th ed.). Thousand Oaks, CA: SAGE. </p> <p>Dowell, A., Roberts, K., &amp; Nie, J. B. (2019). Attempting rigour and replicability in thematic analysis of qualitative research data; a case study of codebook development. BMC Medical Research Methodology, 19(66), 1–8. Retrieved from <a href="https://bmcmedresmethodol.biomedcentral.com/articles/10.1186/s12874-019-0707-y#citeas">https://bmcmedresmethodol.biomedcentral.com/articles/10.1186/s12874-019-0707-y#citeas</a> </p> <p>Bowen, G. A. (2006). Grounded theory and sensitizing concepts. International Journal of Qualitative Methods, 5(3), 12–23. Retrieved from <a href="http://scholar.google.com/scholar_url">http://scholar.google.com/scholar_url</a> url=<a href="https://journals.sagepub.com/doi/pdf/10.1177/160940690600500304&amp;hl=en&amp;sa=X&amp;ei=TQ6YMKBNMbPmAGYsb6gDA&amp;scisig=AAGBfm37Y2E4rSEPt3olmfOam9E-XH1BcA&amp;nossl=1&amp;oi=scholar">https://journals.sagepub.com/doi/pdf/10.1177/160940690600500304&amp;hl=en&amp;sa=X&amp;ei=TQ6YMKBNMbPmAGYsb6gDA&amp;scisig=AAGBfm37Y2E4rSEPt3olmfOam9E-XH1BcA&amp;nossl=1&amp;oi=scholar</a> </p> <p>Lewins, A., &amp; Silver, C. (2020). Using software in qualitative research: A step-by-step guide (2nd ed.). Thousand Oaks, California: SAGE. </p> <p>Green, M., &amp; Smith, M. (2016) Developers are not the enemy: The need for usable security APIs. URL <a href="http://mattsmith.de/pdfs/DevelopersAreNotTheEnemy.pdf">http://mattsmith.de/pdfs/DevelopersAreNotTheEnemy.pdf</a>. </p> <p>Yin, R.K. (2014) Case study research design and methods (5th ed.), Thousand Oaks, CA: SAGE. </p> <p>Patton, M.Q. (2014) Qualitative research &amp; evaluation methods: Integrating theory and practice (4th ed.), Thousand Oaks, CA: Sage Publications. </p> <p>O’Neill, M., S. Heidbrink, J. Whitehead, T. Perdue, L. Dickinson, T. Collett, N. Bonner, and D. Zappala, “The secure socket API: TLS as an operating system service.” 27th USENIX Security Symposium, 799–816, URL <a href="https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-o_neill.pdf">https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-o_neill.pdf</a>. </p> <p>National Institute of Standards and Technology. (2019) “Security strategies for microservices-based application systems,” (Special Publication 800-204), Gaithersburg, MD: U.S. Government Printing Office. </p> <p>Swanner, N. (2017) Build: What ‘intelligent cloud, intelligent edge’ means. URL <a href="https://insights.dice.com/2017/05/11/build-intelligent-cloud-intelligent-edge/">https://insights.dice.com/2017/05/11/build-intelligent-cloud-intelligent-edge/</a>. </p> <p>Dadhich., P. (2020) Top 10 cybersecurity incidents in 2020. URL <a href="https://www.znetlive.com/blog/top-10-cybersecurity-incidents-in-2020/">https://www.znetlive.com/blog/top-10-cybersecurity-incidents-in-2020/</a>. </p> <p>Drake, N. &amp; Turner, B. (2021) Best cloud log management services of 2021. URL <a href="https://www.techradar.com/best/best-cloud-logging-services">https://www.techradar.com/best/best-cloud-logging-services</a>. </p> <p>Jon. (2021) Cyber-attacks and data breaches list from 2014 to 2021, 2021, URL <a href="https://www.51sec.org/2021/02/16/security-events-and-data-breaches-in-2018-2017-2016-2015-2014/">https://www.51sec.org/2021/02/16/security-events-and-data-breaches-in-2018-2017-2016-2015-2014/</a>, </p> <p>Gaurav, S. (2017) Machine learning impact on cloud computing. URL <a href="https://www.botmetric.com/blog/machine-">https://www.botmetric.com/blog/machine-</a> learning-impact-on-cloud-computing. </p> <p>Gander, M., B. Katt, B. M. Felderer, A. Tolbaru, R. Breu, R., &amp; A. Moschitti. (2012). Anomaly detection in the cloud: detecting security incidents via machine learning. URL <a href="http://disi.unitn.it/moschitti/articles/2012/JIMSE2012-UIBK.pdf">http://disi.unitn.it/moschitti/articles/2012/JIMSE2012-UIBK.pdf</a>. </p> <p>Drinkwater, D. (2016) How to get more from your security budget. URL <a href="https://www.infoworld.com/article/3152153/how-to-get-more-from-your-security-budget.html">https://www.infoworld.com/article/3152153/how-to-get-more-from-your-security-budget.html</a>. </p> <p>Stoltzfus, J. (2019) How cloud computing is changing cybersecurity. URL <a href="https://www.techopedia.com/how-cloud-computing-is-changing-cybersecurity/2/3394">https://www.techopedia.com/how-cloud-computing-is-changing-cybersecurity/2/3394</a>. </p> <p>Fiala, J. (2015) A Survey of Machine Learning Applications to Cloud Computing. URL <a href="https://www.cse.wustl.edu/~jain/cse570-15/ftp/cld_ml/index.html">https://www.cse.wustl.edu/~jain/cse570-15/ftp/cld_ml/index.html</a>. </p> <p>Hoadley, D.S. &amp; N.J. Lucas, N.J. AI and national security,” 2018, Library of Congress Congressional Research Service, URL <a href="https://www.hsdl.org/?abstract&amp;did=810166">https://www.hsdl.org/?abstract&amp;did=810166</a> </p> <p>Canner, B. (2018) Ping identity releases survey on the perils of enterprise APIs. URL <a href="https://solutionsreview.com/identity-management/ping-identity-releases-">https://solutionsreview.com/identity-management/ping-identity-releases-</a> survey-on-the-perils-of-enterprise-apis/. </p> <p>Jason Kent (March 2023) Using ChatGPT to Improve API Security: Open AI &amp; Security , Security Boulevard <a href="https://securityboulevard.com/2023/03/using-chatgpt-to-improve-api-security-open-ai-security/)">https://securityboulevard.com/2023/03/using-chatgpt-to-improve-api-security-open-ai-security/)</a> </p> </div> </section> </div><!-- .main_entry --> <div class="entry_details"> <div class="item galleys"> <h2 class="pkp_screen_reader"> Downloads </h2> <ul class="value galleys_links"> <li> <a class="obj_galley_link pdf" href="https://publications.eai.eu/index.php/cs/article/view/3011/2609"> PDF </a> </li> </ul> </div> <div class="item published"> <section class="sub_item"> <h2 class="label"> Published </h2> <div class="value"> <span>17-10-2023</span> </div> </section> </div> <div class="item citation"> <section class="sub_item citation_display"> <h2 class="label"> How to Cite </h2> <div class="value"> <div id="citationOutput" role="region" aria-live="polite"> <div class="csl-bib-body"> <div class="csl-entry"><div class="csl-left-margin">[1]</div><div class="csl-right-inline">F. Qazi, “Application Programming Interface (API) Security in Cloud Applications ”, <i>EAI Endorsed Trans Cloud Sys</i>, vol. 7, no. 23, p. e1, Oct. 2023.</div></div> </div> </div> <div class="citation_formats"> <button class="cmp_button citation_formats_button" aria-controls="cslCitationFormats" aria-expanded="false" data-csl-dropdown="true"> More Citation Formats </button> <div id="cslCitationFormats" class="citation_formats_list" aria-hidden="true"> <ul class="citation_formats_styles"> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/acm-sig-proceedings?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/acm-sig-proceedings?submissionId=3011&amp;publicationId=3013&amp;return=json" > ACM </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/acs-nano?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/acs-nano?submissionId=3011&amp;publicationId=3013&amp;return=json" > ACS </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/apa?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/apa?submissionId=3011&amp;publicationId=3013&amp;return=json" > APA </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/associacao-brasileira-de-normas-tecnicas?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/associacao-brasileira-de-normas-tecnicas?submissionId=3011&amp;publicationId=3013&amp;return=json" > ABNT </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/chicago-author-date?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/chicago-author-date?submissionId=3011&amp;publicationId=3013&amp;return=json" > Chicago </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/harvard-cite-them-right?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/harvard-cite-them-right?submissionId=3011&amp;publicationId=3013&amp;return=json" > Harvard </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/ieee?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/ieee?submissionId=3011&amp;publicationId=3013&amp;return=json" > IEEE </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/modern-language-association?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/modern-language-association?submissionId=3011&amp;publicationId=3013&amp;return=json" > MLA </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/turabian-fullnote-bibliography?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/turabian-fullnote-bibliography?submissionId=3011&amp;publicationId=3013&amp;return=json" > Turabian </a> </li> <li> <a aria-controls="citationOutput" href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/vancouver?submissionId=3011&amp;publicationId=3013" data-load-citation data-json-href="https://publications.eai.eu/index.php/cs/citationstylelanguage/get/vancouver?submissionId=3011&amp;publicationId=3013&amp;return=json" > Vancouver </a> </li> </ul> <div class="label"> Download Citation </div> <ul class="citation_formats_styles"> <li> <a href="https://publications.eai.eu/index.php/cs/citationstylelanguage/download/ris?submissionId=3011&amp;publicationId=3013"> <span class="fa fa-download"></span> Endnote/Zotero/Mendeley (RIS) </a> </li> <li> <a href="https://publications.eai.eu/index.php/cs/citationstylelanguage/download/bibtex?submissionId=3011&amp;publicationId=3013"> <span class="fa fa-download"></span> BibTeX </a> </li> </ul> </div> </div> </div> </section> </div> <div class="item issue"> <section class="sub_item"> <h2 class="label"> Issue </h2> <div class="value"> <a class="title" href="https://publications.eai.eu/index.php/cs/issue/view/408"> Vol. 7 No. 23 (2022): EAI Endorsed Transactions on Cloud Systems </a> </div> </section> <section class="sub_item"> <h2 class="label"> Section </h2> <div class="value"> Commentary </div> </section> </div> <div class="item copyright"> <h2 class="label"> License </h2> <p>Copyright (c) 2023 Farhan Qazi</p> <a rel="license" href="https://creativecommons.org/licenses/by-nc-sa/4.0/"><img alt="Creative Commons License" src="//i.creativecommons.org/l/by-nc-sa/4.0/88x31.png" /></a><p>This work is licensed under a <a rel="license" href="https://creativecommons.org/licenses/by-nc-sa/4.0/">Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License</a>.</p> <p>This is an open access article distributed under the terms of the <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/">CC BY-NC-SA 4.0</a>, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.</p> </div> <div class="item addthis"> <div class="value"> <!-- AddThis Button BEGIN --> <div class="addthis_toolbox addthis_default_style "> <a class="addthis_button_preferred_1"></a> <a class="addthis_button_preferred_2"></a> <a class="addthis_button_preferred_3"></a> <a class="addthis_button_preferred_4"></a> <a class="addthis_button_compact"></a> <a class="addthis_counter addthis_bubble_style"></a> </div> <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid="></script> <!-- AddThis Button END --> </div> </div> <div class="item citations-container" data-image-path="https://publications.eai.eu/plugins/generic/citations/images/" data-citations-url="https://publications.eai.eu/index.php/cs/citations/get?citationsId=10.4108%2Feetcs.v7i23.3011&amp;citationsShowList=1&amp;citationsProvider=crossref" data-citations-provider="crossref" data-citations-total="1" data-citations-list="1" data-show-google="1" data-show-pmc="1"> <div id="citations-loader"></div> <div class="citations-count"> <div class="citations-count-crossref"> <img class="img-fluid" src="https://publications.eai.eu/plugins/generic/citations/images/crossref.png" alt="Crossref"/> <div class="badge_total"></div> </div> <div class="citations-count-scopus"> <img src="https://publications.eai.eu/plugins/generic/citations/images/scopus.png" alt="Scopus"/> <br/> <span class="badge_total"></span> </div> <div class="citations-count-google"> <a href="https://scholar.google.com/scholar?q=10.4108/eetcs.v7i23.3011" target="_blank" rel="noreferrer"> <img src="https://publications.eai.eu/plugins/generic/citations/images/scholar.png" alt="Google Scholar"/> </a> </div> <div class="citations-count-pmc"> <a href="http://europepmc.org/search?scope=fulltext&query=(REF:10.4108/eetcs.v7i23.3011)" target="_blank" rel="noreferrer"> <img src="https://publications.eai.eu/plugins/generic/citations/images/pmc.png" alt="Europe PMC"/> <br/> <span class="badge_total"></span> </a> </div> </div> <div class="citations-list"></div> </div> </div><!-- .entry_details --> </div><!-- .row --> </article> <div id="articlesBySameAuthorList"> </div> <div id="articlesBySimilarityList"> </div> <!-- Plum Analytics --> <script type="text/javascript" src="//cdn.plu.mx/widget-all.js"></script> <!-- /Plum Analytics --> </div><!-- .page --> </div><!-- pkp_structure_main --> <div class="pkp_structure_sidebar left" role="complementary" aria-label="Sidebar"> <div class="pkp_block block_make_submission"> <h2 class="pkp_screen_reader"> Make a Submission </h2> <div class="content"> <a class="block_make_submission_link" href="https://publications.eai.eu/index.php/cs/about/submissions"> Make a Submission </a> </div> </div> <div class="pkp_block block_web_feed"> <h2 class="title">Current Issue</h2> <div class="content"> <ul> <li> <a href="https://publications.eai.eu/index.php/cs/gateway/plugin/WebFeedGatewayPlugin/atom"> <img src="https://publications.eai.eu/lib/pkp/templates/images/atom.svg" alt="Atom logo"> </a> </li> <li> <a href="https://publications.eai.eu/index.php/cs/gateway/plugin/WebFeedGatewayPlugin/rss2"> <img src="https://publications.eai.eu/lib/pkp/templates/images/rss20_logo.svg" alt="RSS2 logo"> </a> </li> <li> <a href="https://publications.eai.eu/index.php/cs/gateway/plugin/WebFeedGatewayPlugin/rss"> <img src="https://publications.eai.eu/lib/pkp/templates/images/rss10_logo.svg" alt="RSS1 logo"> </a> </li> </ul> </div> </div> <div class="pkp_block block_Keywordcloud"> <h2 class="title">Keywords</h2> <div class="content" id='wordcloud'></div> <script> function randomColor() { var cores = ['#1f77b4', '#ff7f0e', '#2ca02c', '#d62728', '#9467bd', '#8c564b', '#e377c2', '#7f7f7f', '#bcbd22', '#17becf']; return cores[Math.floor(Math.random()*cores.length)]; } document.addEventListener("DOMContentLoaded", function() { var keywords = [{"text":"cloud api","size":1},{"text":"rfic","size":1},{"text":"rdc","size":1},{"text":"cdc","size":1},{"text":"soc","size":1},{"text":"eda tool","size":1},{"text":"mcu","size":1},{"text":"third party ip","size":1},{"text":"safe brake control","size":1},{"text":"safe torque off","size":1},{"text":"functional safety","size":1},{"text":"video","size":1},{"text":"plr","size":1},{"text":"sim","size":1},{"text":"dsds","size":1},{"text":"kpi (key power indicators)","size":1},{"text":"mbms","size":1},{"text":"deep packet inspection","size":1},{"text":"ack","size":1},{"text":"mac","size":1},{"text":"tcp\/ip","size":1},{"text":"cross layer","size":1},{"text":"hardware acceleration","size":1},{"text":"ocr","size":1},{"text":"fpga","size":1},{"text":"industrial automation","size":1},{"text":"computer vision","size":1},{"text":"opencl","size":1},{"text":"cnn","size":1},{"text":"dv","size":1},{"text":"soc (system on chip)","size":1},{"text":"buffer occupancy","size":1},{"text":"meta-heuristic techniques","size":1},{"text":"flop","size":1},{"text":"repeater","size":1},{"text":"optimized repeater flop structure","size":1},{"text":"digital mixed-signal","size":1},{"text":"analog mixed-signal","size":1},{"text":"dms co-simulation","size":1},{"text":"ams co-simulation","size":1},{"text":"sdf","size":1},{"text":"gls","size":1},{"text":"glitch filter","size":1},{"text":"glitch","size":1},{"text":"pulse-width sensitivity","size":1},{"text":"task scheduling","size":1},{"text":"scheduling","size":1},{"text":"ultra low power (ulp)","size":1},{"text":"optimization criteria","size":1},{"text":"resource scheduling","size":1}]; var totalWeight = 0; var width = 300; var height = 200; var transitionDuration = 200; var length_keywords = keywords.length; var layout = d3.layout.cloud(); layout.size([width, height]) .words(keywords) .fontSize(function(d) { return fontSize(+d.size); }) .on('end', draw); var svg = d3.select("#wordcloud").append("svg") .attr("viewBox", "0 0 " + width + " " + height) .attr("width", '100%'); function update() { var words = layout.words(); fontSize = d3.scaleLinear().range([16, 34]); if (words.length) { fontSize.domain([+words[words.length - 1].size || 1, +words[0].size]); } } keywords.forEach(function(item,index){totalWeight += item.size;}); update(); function draw(words, bounds) { var w = layout.size()[0], h = layout.size()[1]; scaling = bounds ? Math.min( w / Math.abs(bounds[1].x - w / 2), w / Math.abs(bounds[0].x - w / 2), h / Math.abs(bounds[1].y - h / 2), h / Math.abs(bounds[0].y - h / 2), ) / 2 : 1; svg .append("g") .attr( "transform", "translate(" + [w >> 1, h >> 1] + ")scale(" + scaling + ")", ) .selectAll("text") .data(words) .enter().append("text") .style("font-size", function(d) { return d.size + "px"; }) .style("font-family", 'serif') .style("fill", randomColor) .style('cursor', 'pointer') .style('opacity', 0.7) .attr('class', 'keyword') .attr("text-anchor", "middle") .attr("transform", function(d) { return "translate(" + [d.x, d.y] + ")rotate(" + d.rotate + ")"; }) .text(function(d) { return d.text; }) .on("click", function(d, i){ window.location = "https://publications.eai.eu/index.php/cs/search?query=QUERY_SLUG".replace(/QUERY_SLUG/, encodeURIComponent(''+d.text+'')); }) .on("mouseover", function(d, i) { d3.select(this).transition() .duration(transitionDuration) .style('font-size',function(d) { return (d.size + 3) + "px"; }) .style('opacity', 1); }) .on("mouseout", function(d, i) { d3.select(this).transition() .duration(transitionDuration) .style('font-size',function(d) { return d.size + "px"; }) .style('opacity', 0.7); }) .on('resize', function() { update() }); } layout.start(); }); </script> </div> <div class="pkp_block block_twitter"> <span class="title">Tweets by @EAIPublishing</span> <div class="content" style="max-height: 500px; overflow-y: auto;"> <a class="twitter-timeline" data-height="500" data-link-color="#8283c6" href="https://twitter.com/EAIPublishing" data-dnt="true" data-chrome="" data-tweet-limit="3"></a> <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script> </div> </div> </div><!-- pkp_sidebar.left --> </div><!-- pkp_structure_content --> <div class="pkp_structure_footer_wrapper" role="contentinfo"> <a id="pkp_content_footer"></a> <div class="pkp_structure_footer"> <div class="pkp_footer_content"> <p><a href="https://eai.eu/" target="_blank" rel="noopener"><strong>European Alliance for Innovation (EAI)</strong></a> is a non-profit organization and a professional community empowering the global research and innovation, promoting cooperation between European and International ICT communities around the globe.</p> </div> <div class="pkp_brand_footer" role="complementary"> <a href="https://publications.eai.eu/index.php/cs/about/aboutThisPublishingSystem"> <img alt="More information about the publishing system, Platform and Workflow by OJS/PKP." src="https://publications.eai.eu/templates/images/ojs_brand.png"> </a> </div> </div> </div><!-- pkp_structure_footer_wrapper --> </div><!-- pkp_structure_page --> <script src="https://publications.eai.eu/lib/pkp/lib/vendor/components/jquery/jquery.min.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/lib/pkp/lib/vendor/components/jqueryui/jquery-ui.min.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/plugins/themes/default/js/lib/popper/popper.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/plugins/themes/default/js/lib/bootstrap/util.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/plugins/themes/default/js/lib/bootstrap/dropdown.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/plugins/themes/default/js/main.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/plugins/generic/citationStyleLanguage/js/articleCitation.js?v=3.3.0.18" type="text/javascript"></script><script src="https://publications.eai.eu/plugins/generic/citations/js/citations.js?v=3.3.0.18" type="text/javascript"></script><script src="https://d3js.org/d3.v4.js?v=3.3.0.18" type="text/javascript"></script><script src="https://cdn.jsdelivr.net/gh/holtzy/D3-graph-gallery@master/LIB/d3.layout.cloud.js?v=3.3.0.18" type="text/javascript"></script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10