| Autor: |
Juan Pablo Perata, Gustavo Betarte |
| Jazyk: |
angličtina |
| Rok vydání: |
2024 |
| Předmět: |
|
| Zdroj: |
CLEI Electronic Journal, Vol 27, Iss 4 (2024) |
| Druh dokumentu: |
article |
| ISSN: |
0717-5000 |
| DOI: |
10.19153/cleiej.27.4.2 |
| Popis: |
This paper presents the results of a security assessment of FIWARE technology. We adopted an offensive perspective to identify vulnerabilities in deploying FIWARE components in specific architecture configurations. We identify security issues by experimenting in a locally controlled environment and propose a threat model following the OWASP methodology. We implemented attacks for three of the identified attack goals and validated our approach with an exploratory analysis of an actual working and productive FIWARE platform. This analysis helped us distinguish different types of attacks, and we ended up with recommendations for components, architecture, and access control. |
| Databáze: |
Directory of Open Access Journals |
| Externí odkaz: |
|
