{"id":"https://openalex.org/W7135064956","doi":"https://doi.org/10.48550/arxiv.2603.10228","title":"Paladin: A Policy Framework for Securing Cloud APIs by Combining Application Context with Generative AI","display_name":"Paladin: A Policy Framework for Securing Cloud APIs by Combining Application Context with Generative AI","publication_year":2026,"publication_date":"2026-03-10","ids":{"openalex":"https://openalex.org/W7135064956","doi":"https://doi.org/10.48550/arxiv.2603.10228"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.10228","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.10228","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.10228","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5128827712","display_name":"Shriti Priya","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Priya, Shriti","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037106943","display_name":"Julian James Stephen","orcid":"https://orcid.org/0000-0003-2613-531X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Stephen, Julian James","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5028757945","display_name":"Arjun Natarajan","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Natarajan, Arjun","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5128827712"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.5217000246047974,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.5217000246047974,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.10830000042915344,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.05849999934434891,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.8364999890327454},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6251000165939331},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.512499988079071},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.5005999803543091},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.46050000190734863},{"id":"https://openalex.org/keywords/workload","display_name":"Workload","score":0.4007999897003174},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.3984000086784363},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.3935000002384186}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.8364999890327454},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7961000204086304},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6251000165939331},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5875999927520752},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.512499988079071},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.5005999803543091},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.46050000190734863},{"id":"https://openalex.org/C2778476105","wikidata":"https://www.wikidata.org/wiki/Q628539","display_name":"Workload","level":2,"score":0.4007999897003174},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.3984000086784363},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.3935000002384186},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.3382999897003174},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.3294000029563904},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.29829999804496765},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.29739999771118164},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.2944999933242798},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.27239999175071716},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.26339998841285706},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2632000148296356},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.2506999969482422}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.10228","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.10228","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.10228","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.10228","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/8","display_name":"Decent work and economic growth","score":0.5898029208183289}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Enterprises":[0],"and":[1,10,48,72,85,102,141,165,174],"organizations":[2],"today":[3],"increasingly":[4],"deploy":[5],"in-house,":[6],"cloud":[7,31,45,79,123],"based":[8],"applications":[9],"APIs":[11],"for":[12],"internal":[13],"operations":[14],"or":[15],"external":[16],"customers.":[17],"These":[18],"deployments":[19],"deal":[20],"with":[21,125,138,148],"increasing":[22],"number":[23],"of":[24,44,58,89],"threats,":[25],"despite":[26],"security":[27,75],"features":[28],"offered":[29],"by":[30,143],"service":[32],"providers.":[33],"This":[34],"work":[35],"focus":[36],"on":[37],"threats":[38,53],"that":[39,77,152],"exploit":[40],"application":[41,59,127,177],"layer":[42],"vulnerabilities":[43],"workloads.":[46],"Prevention":[47],"mitigation":[49],"measures":[50],"against":[51],"such":[52,153],"need":[54],"to":[55,64,82,98,113,121,172],"be":[56],"cognizant":[57],"semantics,":[60],"posing":[61],"a":[62,74,154],"hurdle":[63],"existing":[65],"solutions.":[66],"In":[67],"this":[68],"work,":[69],"we":[70],"design":[71],"implement":[73],"framework":[76,155],"allow":[78],"workload":[80],"administrators":[81,124],"easily":[83],"define":[84,173],"enforce":[86,175],"policies":[87,140],"capable":[88],"preventing":[90],"(i)":[91],"unrestricted":[92,96],"resource":[93],"consumption,":[94],"(ii)":[95],"access":[97],"sensitive":[99],"business":[100],"flows,":[101],"(iii)":[103],"broken":[104],"authentication.":[105],"Our":[106],"framework,":[107],"Paladin,":[108],"leverages":[109],"large":[110],"language":[111],"models":[112],"extract":[114],"sufficient":[115],"semantic":[116],"meaning":[117],"from":[118],"API":[119],"requests":[120,134],"provide":[122],"an":[126],"agnostic":[128],"policy":[129,162],"definition":[130],"interface.":[131],"Once":[132],"defined,":[133],"are":[135],"automatically":[136],"matched":[137],"relevant":[139],"enforced":[142],"high":[144],"performance":[145],"proxies.":[146],"Evaluations":[147],"our":[149],"prototype":[150],"show":[151],"has":[156],"broad":[157],"applicability":[158],"across":[159],"applications,":[160],"good":[161],"identification":[163],"accuracy,":[164],"reasonable":[166],"overheads,":[167],"making":[168],"it":[169],"substantially":[170],"easier":[171],"cross":[176],"policies.":[178]},"counts_by_year":[],"updated_date":"2026-03-13T14:25:03.468858","created_date":"2026-03-13T00:00:00"}