Building Enterprise Grade APIs

Transcript

1. 1 1 Building Enterprise Grade APIs Andy Thurai, Group CTO

   ASIP, Big Data group Data Center Software Division Service/API Gateway > > Data Center Apps API @AndyThurai Thurai.net/securityblog

2. 2 My session tomorrow 2 Day 2 – Track 1:

   Mobile Time : 11 to 12 Topic: Mobile APIs

3. 3 What does it take for an Enterprise to participate

   in the API Economy? Work Unit Solution Build: A way to turn existing business assets into APIs, suitable for partner or public consumption Options: Service Gateway, Middleware, App Servers/Custom-code Harden: A way to secure these APIs Options: Custom-code, Security Gateway, Cloud Service Advertise: A way to advertise these APIs to a community or a partner. Options: API Developer Portal, Hackathons, Consulting Services, Marketing Outreach

4. 4 Building Enterprise API – Platform independent Work Unit Solution

   Strategize Figure out what, when and how first Identify & Classify Data, Process, Application, Users Secure/ Protect Identify, Authenticate, Authorize, Protect Protect the Data Transit, Storage, In process, Life duration – Policies, Govern Manage traffic SLA based usage (identity/ location/ metrics)/ QOS Integrate Keep the back ends as is, expose the front end as needed Monetize Figure out a way to make money $$$$

5. 5 Integrate, Mediate, Govern and Publish Integrate and mediate legacy

   applications that were written for different protocols and data formats. Current State Action Architectural Solution RESTful façade exposed at the enterprise perimeter Govern services with throttling, message level security, tokenization/fpe, content attack prevention, and authentication, authorization and audit controls Security gateway proxy model for centralized control Publish APIs and manage internal or external developers SaaS Developer Portal

6. 6 The Enterprise Backend Challenge SOAP XML-RPC REST SQL MQ

   Systems Of Record Integration/ Data Transformation Layer REST JSON OAUTH Mobile, API and other Partner Channels LOB Apps Directory CMS CRM ? ? ? ? ? ? Legacy

7. 7 Intel Security & Integration • On-premise traffic processing •

   Service composition and orchestration • Authentication and Access Control • Authorization • Data format Mediation • Protocol Mediation • Content Attack Prevention • SLA Management, Rate Limiting • Lightweight ESB A world class gateway and industry leading SaaS API Management brings the best of both worlds to the customer Best of Breed Players for API Lifecycle Management Mashery API Management • SaaS Developer Portal • API Product Management • Developer On-boarding • Portal Administration • Reporting and Analytics • Monetization Data • Developer Facing Service Catalog • Developer Enablement Tools • Admin Tools, Community Tools POWER BY Service Gateway

8. 8 Composite API Management Enterprise On-prem or Cloud API Sharing

   with Integrated Run-time Enforcement & Mediation

9. 9 MGT API Partner API Security & Integration Brokerage Technology

   • ID Token Mapping • SSL Termination • Metering & Monitoring • Data Transform • Protocol Mediation Use Case: Internal Cloud Service Brokerage/ Internal API management API Sharing with Integrated Run-time Enforcement & Mediation SOAP, JSON, XML Medical Information Service Provider On-prem 3rd Party Info Providers 3rd Party Cloud Info Providers Doctor Information Peer Reviews, Awards BCBSA Plan A BCBSA Plan B BCBSA Plan C Dev Dev Dev Internal Dev Community API Descriptions and Enablement Tools API Sharing Portal • Developer On-boarding • Portal Administration • Developer Facing Service Catalog • Developer Enablement Tools • API and Method Packaging POWER BY API Lifecycle Management JSON/REST Flat File SOAP/XML REST EDI JSON BCBSA CSB Platform

10. 10 Mobile Middleware White Paper www.cloudsecurity.intel.com API Portal Demo Joint

    Solution Brief View API Management & Mobile Solutions