Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Priya, Shriti, Stephen, Julian James, Natarajan, Arjun
Format: Preprint
Veröffentlicht: 2026
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2603.10228
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866915851796480000
author Priya, Shriti
Stephen, Julian James
Natarajan, Arjun
author_facet Priya, Shriti
Stephen, Julian James
Natarajan, Arjun
contents Enterprises and organizations today increasingly deploy in-house, cloud based applications and APIs for internal operations or external customers. These deployments deal with increasing number of threats, despite security features offered by cloud service providers. This work focus on threats that exploit application layer vulnerabilities of cloud workloads. Prevention and mitigation measures against such threats need to be cognizant of application semantics, posing a hurdle to existing solutions. In this work, we design and implement a security framework that allow cloud workload administrators to easily define and enforce policies capable of preventing (i) unrestricted resource consumption, (ii) unrestricted access to sensitive business flows, and (iii) broken authentication. Our framework, Paladin, leverages large language models to extract sufficient semantic meaning from API requests to provide cloud administrators with an application agnostic policy definition interface. Once defined, requests are automatically matched with relevant policies and enforced by high performance proxies. Evaluations with our prototype show that such a framework has broad applicability across applications, good policy identification accuracy, and reasonable overheads, making it substantially easier to define and enforce cross application policies.
format Preprint
id arxiv_https___arxiv_org_abs_2603_10228
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Paladin: A Policy Framework for Securing Cloud APIs by Combining Application Context with Generative AI
Priya, Shriti
Stephen, Julian James
Natarajan, Arjun
Cryptography and Security
Enterprises and organizations today increasingly deploy in-house, cloud based applications and APIs for internal operations or external customers. These deployments deal with increasing number of threats, despite security features offered by cloud service providers. This work focus on threats that exploit application layer vulnerabilities of cloud workloads. Prevention and mitigation measures against such threats need to be cognizant of application semantics, posing a hurdle to existing solutions. In this work, we design and implement a security framework that allow cloud workload administrators to easily define and enforce policies capable of preventing (i) unrestricted resource consumption, (ii) unrestricted access to sensitive business flows, and (iii) broken authentication. Our framework, Paladin, leverages large language models to extract sufficient semantic meaning from API requests to provide cloud administrators with an application agnostic policy definition interface. Once defined, requests are automatically matched with relevant policies and enforced by high performance proxies. Evaluations with our prototype show that such a framework has broad applicability across applications, good policy identification accuracy, and reasonable overheads, making it substantially easier to define and enforce cross application policies.
title Paladin: A Policy Framework for Securing Cloud APIs by Combining Application Context with Generative AI
topic Cryptography and Security
url https://arxiv.org/abs/2603.10228