English
Related papers

Related papers: Keys on Doormats: Exposed API Credentials on the W…

200 papers

Increasing number of cyber-attacks demotivate people to use Information and Communication Technology (ICT) for industrial as well as day to day work. A main reason for the increasing number of cyber-attacks is mistakes that programmers make…

Cryptography and Security · Computer Science 2018-10-12 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…

Cryptography and Security · Computer Science 2025-07-24 Senthilkumar Gopal

Every organisation today wants to adopt cloud computing paradigm and leverage its various advantages. Today everyone is aware of its characteristics which have made it so popular and how it can help the organisations focus on their core…

Distributed, Parallel, and Cluster Computing · Computer Science 2013-07-26 Kumar Gunjan , R. K. Tiwari , G. Sahoo

Modern Web APIs allow developers to provide extensively customized experiences for website visitors, but the richness of the device information they provide also make them vulnerable to being abused to construct browser fingerprints,…

Cryptography and Security · Computer Science 2024-03-26 Enrico Bacis , Igor Bilogrevic , Robert Busa-Fekete , Asanka Herath , Antonio Sartori , Umar Syed

Access to frontier large language models (LLMs), such as GPT-5 and Gemini-2.5, is often hindered by high pricing, payment barriers, and regional restrictions. These limitations drive the proliferation of $\textit{shadow APIs}$, third-party…

Cryptography and Security · Computer Science 2026-03-06 Yage Zhang , Yukun Jiang , Zeyuan Chen , Michael Backes , Xinyue Shen , Yang Zhang

Online services like Google provide a variety of application programming interfaces (APIs). These online APIs enable authenticated third-party services and applications (apps) to access a user's account data for tasks such as single sign-on…

Cryptography and Security · Computer Science 2021-11-08 David G. Balash , Xiaoyuan Wu , Miles Grant , Irwin Reyes , Adam J. Aviv

Version control systems for source code, such as Git, are key tools in modern software development environments. Many developers use online services, such as GitHub or GitLab, for collaborative software development. While software projects…

Cryptography and Security · Computer Science 2022-11-15 Alexander Krause , Jan H. Klemmer , Nicolas Huaman , Dominik Wermke , Yasemin Acar , Sascha Fahl

Third-party skills extend LLM agents with powerful capabilities but often handle sensitive credentials in privileged environments, making leakage risks poorly understood. We present the first large-scale empirical study of this problem,…

Cryptography and Security · Computer Science 2026-04-06 Zhihao Chen , Ying Zhang , Yi Liu , Gelei Deng , Yuekang Li , Yanjun Zhang , Jianting Ning , Leo Yu Zhang , Lei Ma , Zhiqiang Li

Producing secure software is challenging. The poor usability of security APIs makes this even harder. Many recommendations have been proposed to support developers by improving the usability of cryptography libraries and APIs; rooted in…

Cryptography and Security · Computer Science 2021-05-06 Nikhil Patnaik , Andrew C. Dwyer , Joseph Hallett , Awais Rashid

Web communication has become an indispensable characteristic of mobile apps. However, it is not clear what data the apps transmit, to whom, and what consequences such transmissions have. We analyzed the web communications found in mobile…

Cryptography and Security · Computer Science 2020-06-03 Pascal Gadient , Mohammad Ghafari , Marc-Andrea Tarnutzer , Oscar Nierstrasz

Developers rely on third-party library Application Programming Interfaces (APIs) when developing software. However, libraries typically come with assumptions and API usage constraints, whose violation results in API misuse. API misuses may…

Software Engineering · Computer Science 2026-04-17 Akalanka Galappaththi , Sarah Nadi , Christoph Treude

The use of passwords and the need to protect passwords are not going away. The majority of websites that require authentication continue to support password authentication. Even high-security applications such as Internet Banking portals,…

Networking and Internet Architecture · Computer Science 2020-11-13 Teik Guan Tan , Pawel Szalachowski , Jianying Zhou

Modern applications increasingly interact with web APIs -- reusable components, deployed and operated outside the application, and accessed over the network. Their existence, arguably, spurs application innovations, making it easy to…

Software Engineering · Computer Science 2020-07-07 David Bermbach , Erik Wittern

Choosing authentication schemes for a specific purpose is challenging for service providers, developers, and researchers. Previous ratings of technical and objective aspects showed that available schemes all have strengths and limitations.…

Human-Computer Interaction · Computer Science 2022-09-29 Verena Zimmermann , Paul Gerber , Alina Stöver

Cryptographic API misuse represents a critical vulnerability class that undermines the security foundations of modern software. Yet, it remains largely unexplored in Go despite its dominance in security-critical infrastructure. This paper…

Cryptography and Security · Computer Science 2026-04-28 Vivi Andersson , Martin Monperrus

Currently, Application Programming Interfaces (APIs) are becoming increasingly popular to facilitate data transfer in a variety of mobile applications. These APIs often process sensitive user information through their endpoints, which are…

Cryptography and Security · Computer Science 2023-10-24 Nate Haris , Kendree Chen , Ann Song , Benjamin Pou

Machine Learning software systems are frequently used in our day-to-day lives. Some of these systems are used in various sensitive environments to make life-changing decisions. Therefore, it is crucial to ensure that these AI/ML systems do…

Machine Learning · Computer Science 2025-08-25 Ajoy Das , Gias Uddin , Shaiful Chowdhury , Mostafijur Rahman Akhond , Hadi Hemmati

With the advancements in the enterprise-level business development, the demand for new applications and services is overwhelming. For the development and delivery of such applications and services, enterprise businesses rely on Application…

Cryptography and Security · Computer Science 2019-09-19 Fatima Hussain , Rasheed Hussain , Brett Noye , Salah Sharieh

We present AuthREST, an open-source security testing tool targeting broken authentication, one of the most prevalent API security risks in the wild. AuthREST automatically tests web APIs for credential stuffing, password brute forcing, and…

Cryptography and Security · Computer Science 2025-09-15 Davide Corradini , Mariano Ceccato , Mohammad Ghafari
‹ Prev 1 2 3 10 Next ›