RestSep: Towards a Test-Oriented Privilege Partitioning Approach for RESTful APIs

At present, a growing number of web applications especially cloud computing systems employ representational state transfer (REST) API as the interface to expose their services for simplicity and clarity. For security purposes, service providers prefer to control the access to the provided interface based on the principle of least privilege. However, how to divide the administrative privileges remains a difficulty in practice. In this work, we simplify the privilege partitioning problem into a classification problem of RESTful functions, so the permission to call a category of functions can be granted to a specific administrator. We propose a RESTful API classification approach called RestSep based on genetic algorithm. A classification is represented as a 2-dimensional matrix, which is used as the chromosome. Customized operators of selection, mutation and crossover are designed. The fitness function is designed to balance parameters such as number of categories, test case coverage, function overlapping, etc. Experiments on popular clouds like OpenStack and Kubernetes indicate RestSep can generate a self-explanatory classification result, which can serve as a guideline for privilege partitioning. The overhead of test generation is at most 13.1% and the overhead of genetic algorithm is at most 183.29s, which are acceptable for practical use.