18056977. Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization simplified abstract (Cisco Technology, Inc.)
Contents
- 1 Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Original Abstract Submitted
Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization
Organization Name
Inventor(s)
Rami Haddad of Assendelft (NL)
Rim El Malki of Palaiseau (FR)
Daniel-Serban Cozma of Braila (RO)
Hendrikus G. P. Bosch of Aalsmeer (NL)
Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization - A simplified explanation of the abstract
This abstract first appeared for US patent application 18056977 titled 'Extended Security Scheme for Reducing the Prevalence of Broken Object Level Authorization
Simplified Explanation
The abstract describes a system and method for an extended security scheme to reduce broken object level authorization in API code.
- Parsing code for keywords related to the extended security scheme
- Generating API server stub or definition based on keywords found in the code
- Enhancing security in API code to prevent broken object level authorization
Potential Applications
The technology can be applied in software development, particularly in API design and implementation, to enhance security measures and prevent unauthorized access.
Problems Solved
This technology addresses the issue of broken object level authorization in API code, which can lead to security vulnerabilities and unauthorized access to sensitive data.
Benefits
- Improved security in API code - Prevention of broken object level authorization - Enhanced protection of sensitive data
Potential Commercial Applications
The technology can be utilized by software development companies, cybersecurity firms, and any organization that relies on APIs to ensure secure and reliable access to their systems and data.
Possible Prior Art
One possible prior art could be the use of access control lists (ACLs) in software development to manage permissions and prevent unauthorized access to resources.
Unanswered Questions
How does this technology compare to existing security measures in API development?
This article does not provide a direct comparison to existing security measures in API development, such as OAuth or JWT authentication. It would be helpful to understand how this extended security scheme differs or complements these existing methods.
What impact could this technology have on overall system performance and efficiency?
The article does not address the potential impact of implementing this extended security scheme on system performance and efficiency. It would be valuable to know if there are any trade-offs in terms of speed or resource usage when enhancing security in API code.
Original Abstract Submitted
A system and method for an extended security scheme for reducing the prevalence of broken object level authorization. In one embodiment, a method includes receiving code associated with an application programming interface (API), wherein the code includes one of an API definition and an API server stub, and parsing the code for one or more keywords associated with an extended security scheme. If the code includes the API definition, the method further includes generating an associated API server stub based on at least one of the one or more keywords and the API definition. If the code includes the API server stub, the method further includes generating an associated API definition based on at least one of the one or more keywords and the API server stub.