Project Abstract

As smart cities continue to evolve, integrating vast digital infrastructures and interconnected services, the urgency to address cybersecurity risks has never been greater. The increased reliance on APIs for data exchange across systems such as transportation, traffic management, and weather monitoring presents new vulnerabilities that, if left unaddressed, could compromise public safety and service reliability. This project aims to explore how secure API key management can mitigate these risks and ensure the resilience of smart city systems. This research uniquely focuses on API key security as a critical, yet often overlooked, element in smart city cybersecurity. The central research question is: *How can API keys be managed securely in smart city applications to prevent unauthorized access, data breaches, and service disruptions?* By targeting a specific vulnerability within a broader urban technology landscape, the work contributes a focused and practical solution to a pressing issue. The project employs a design-and-test methodology, beginning with threat modeling using the Microsoft Threat Modelling Tool (MTMT), followed by secure implementation in a Laravel-based smart city dashboard. Tools such as Docker and DBeaver are integrated for deployment and database management. STRIDE threat modeling and secure development lifecycle principles guide the overall design. Though the project is still underway, the anticipated findings include a fully functioning, securely designed dashboard demonstrating best practices in API key storage, usage, and rotation. Expected insights include the identification of common API-related vulnerabilities and the practical effectiveness of applying secure design patterns within a smart city context. If successful, this project will contribute a repeatable approach for securing API communications in smart city systems, offering practical insights for developers and urban planners. It aims to fill a gap in current cybersecurity practices by emphasizing proactive key management, ultimately improving the trustworthiness and resilience of digital urban infrastructure.

Keywords: Smart City Security, API Key Management, Threat Modelling Tools

 Conference Details

Session: B

Location: Sir Stanley Clarke Auditorium at 13:30 15:30

Markers: Markus Roggenbach, Oliver Kullmann

Course: BSc Software Engineering 3yr FT

Future Plans: I’m looking for work