5 Pillars of API Management

API Academy Manage security and performance risks created by opening enterprise systems via APIs Traditional enterprise are blurring, as organizations open their on-premise data and application functionality for use in new internal and external applications. APIs form the foundation of this open enterprise, allowing enterprises to reuse their existing information assets across organizational boundaries. To…

5 OAuth Essentials for API Access Control

API Academy Create a framework to address the complex challenges associated with implementing OAuth There are a number of important access-related challenges for API publishers. However, deploying OAuth as an authorization mechanism for enterprise APIs raises challenges around scalability, correct usage and integration. To make matters worse, OAuth is not supported by existing infrastructure and…

How Can You Prove Your Digital You is You?

George Bernard Shaw was witty and fun.  He was famous for being quotable – very much like Oscar Wilde.  One of the quotes I love, and I thought was perfect for this blog: “The single biggest problem in communication is the illusion that it has taken place.” In the real world, communication is an illusion.  People talk but they don’t listen. …

Applying and Extending DHARMA

This post gives some practical examples of the DHARMA method for API Security in a Microservice Architecture, and also shares some opportunities for extending the model. This article shares concepts from the O’Reilly book Securing Microservice APIs. If you’re attending OSCON next week, Rob Wilson and Matt McLarty will be signing and giving away print copies during lunch…

Securing Microservice APIs

Matt McLarty, Rob Wilson & Scott Morrison Sustainable and Scalable Access Control There are several techniques for controlling access to web APIs in microservice architectures, ranging from network controls to cryptographic methods and platform-based capabilities. This short ebook introduces an API access control model that you can implement on a single platform or across multiple…

A Microservices Primer

The technical definition is….microservices are design patterns to turn complex applications into simple, fine-grained, reusable, and interoperable processes that can be modified and deployed independently of each other. Ok, a bit heavy…so let’s translate that, using some mental visuals.  Imagine you’re 30 years in the future and you have a great family home, Jetson’s style…