DEMO OKRUŽENJE ZA ANALIZU NAJČEŠĆIH SLABOSTI APLIKATIVNIH PROGRAMABILNIH INTERFEJSA (API)

Milica Simeunović

doi:10.24867/29OI02Simeunovic

Information Systems Engineering

Vol. 40 No. 01 (2025): Proceedings of the Faculty of Technical Sciences

DEMO ENVIRONMENT FOR ANALYZING THE MOST COMMON WEAKNESSES OF APPLICATION PROGRAMMING INTERFACES (API)

Milica Simeunović

29OI02Simeunovic.PDF (Serbian)

DOI:: https://doi.org/10.24867/29OI02Simeunovic
Submitted: December 25, 2024
Published: 2024-12-25

Abstract

The non-profit organization OWASP regularly publishes a list of the ten most common application programming interface (API) weaknesses. The goal of this work is the development of a demo environment for the practical presentation of those weaknesses, that is, the presentation of optimal security measures to eliminate them. The demo environment consists of a weak and protected version of the API developed using the NodeJS framework. This paper presents the first five weaknesses and describes the optimal security measures for solving them.

References

[1] OWASP. (2023). OWASP Top 10 API Security Risks - 2023. Preuzeto iz https://owasp.org/API-Security/editions/2023/en/0x00-header/ (pristupljeno u februaru 2024.)
[2] NestJS. (2024). Dokumentacija. Preuzeto iz https://docs.nestjs.com/ (pristupljeno u februaru 2024.)
[3] PostreSQL. (2024, Februar 8). About. Preuzeto iz https://www.postgresql.org/about/ (pristupljeno u februaru 2024.)
[4] Postman. (2024). What is Postman? Preuzeto iz https://www.postman.com/product/what-is-postman/ (pristupljeno u februaru 2024.)
[5] NestJS. (2024). Dokumentacija. Preuzeto iz https://docs.nestjs.com/guards (pristupljeno u