CHECKING SECURITY PROPERTIES OF CLOUD SERVICE

Abstract

Cloud computing has emerged as a fundamental technology for delivering scalable, flexible, and costefficient services, with REST (Representational State Transfer) APIs acting as the primary communication interface between clients and cloud platforms. Despite their advantages, REST APIs are increasingly targeted by cyber threats such as unauthorized access, data breaches, injection attacks, and denial-of-service attacks. These vulnerabilities are often caused by improper implementation of security mechanisms, lack of standardization, and the dynamic nature of cloud environments. This paper focuses on evaluating and checking the security properties of cloud service REST APIs to ensure secure data exchange and reliable system performance. The key security properties analyzed include authentication, authorization, confidentiality, integrity, and availability. The study reviews existing systems and identifies critical limitations such as weak authentication methods, insufficient monitoring, and lack of automated security testing. To overcome these challenges, a comprehensive security framework is proposed that integrates modern security techniques such as OAuth 2.0, JSON Web Tokens (JWT), HTTPS/TLS encryption, API gateways, and automated vulnerability assessment tools. Additionally, machine learning-based anomaly detection is incorporated to identify suspicious activities and potential threats in real time. This multi-layered approach enhances the overall security posture of REST APIs in cloud environments.