| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Palonen, Teija", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Frisk, Sami", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2019-06-04T12:13:46Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2019-06-04T12:13:46Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2019", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/64334", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Nykyaikaiset web-pohjaiset rajapinnat ovat k\u00e4yt\u00f6ss\u00e4 digitaalisessa maailmassa kaikkialla. Rajapintoja on niin pilvipalveluiden takana, esineiden internetiss\u00e4, mobiilisovelluksissa, kuin j\u00e4rjestelmien v\u00e4lisiss\u00e4 integraatioissa. Rajapintojen hallinta ja niiden tietoturva ovat nousseet esille viime vuosina julkisessa kes-kustelussa tietoturvahy\u00f6kk\u00e4ysten my\u00f6t\u00e4. Organisaatioissa on my\u00f6s havaittu ongelmia sen suhteen, miten API-rajapintoja voidaan hallita niiden elinkaaren eri vaiheissa. Tutkielmassa tutustuttiin web pohjaisten rajapintojen taustoihin ja t\u00e4m\u00e4n hetkiseen yleisimmin k\u00e4ytettyyn arkkitehtuurimalliin, joka on REST. API-rajapintojen hallinnan eri haasteita esiteltiin yleisell\u00e4 tasolla ja kuvattiin hallintaohjelmistojen eri ominaisuuksia. Tietoturvan osalta tunnistettiin ylei-simpi\u00e4 haavoittuvuustyyppej\u00e4, jotka teknisess\u00e4 mieless\u00e4 ovat hyvin yhtenev\u00e4i-si\u00e4 web-sovellusten haavoittuvuuksien kanssa. Teknisen n\u00e4k\u00f6kulman lis\u00e4ksi API-rajapintojen haavoittuvuuksiin voidaan lukea inhimillisemm\u00e4t seikat, ku-ten turvallisuudentunne tai huolimattomuus. Ratkaisut rajapintojen haavoittu-vuuksilta suojautumiseksi ovat teknisess\u00e4 mieless\u00e4 samoja web sovellusten suojautumisten kanssa. Tutkielmassa esiteltiin my\u00f6s API-tietoturvakerrokseen liittyv\u00e4 arkkitehtuuriehdotus, joka koostuu kolmesta eri API-tietoturvatasosta malliratkaisuineen.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "API\u2019s are used everywhere in our digital world. API\u2019s are used in cloud services, internet of things, mobile apps, enterprise application integrations and so forth. API management and API security are topics which are popular in public discussions after successful exploitation of API vulnerabilities. Organizations have also realized challenges on how API\u2019s can be managed throughout the whole lifecycle. Web service history and background was introduced and currently dominant architectural model, REST introduced. Challenges regarding API management were identified, also study describes how common API management software functionalities can resolve these API management challenges. API security has a lot of common with web applications vulnerabilities. In addition to technical point of view, there are a lot of other human vulnerabilities like false sense of security or negligence. Technical solutions for securing API\u2019s are mostly similar what comes to web applications. Also architectural model for API security layer, with three different protection levels, was described in this study", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Miia Hakanen (mihakane@jyu.fi) on 2019-06-04T12:13:45Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2019-06-04T12:13:46Z (GMT). No. of bitstreams: 0\n Previous issue date: 2019", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "29", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "rajapintojen hallinta", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "rajapintojen tietoturva", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "API-rajapintojen hallinta ja tietoturva", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "bachelor thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-201906042942", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Bachelor's thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Kandidaatinty\u00f6", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_7a1f", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "bachelorThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "j\u00e4rjestelm\u00e4t", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "rajapinnat (tietokoneohjelmat)", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
|