Date post: | 08-May-2015 |
Category: |
Technology |
Upload: | nordic-apis |
View: | 380 times |
Download: | 3 times |
Open APIs - Risks & Rewards
Hampus BrynolfAndreas Krohn
Travis Spencer
Open APIs - Risks & Rewards
Andreas Krohndopter
Application Programming
Interface
API
API
‣ HTTP Request
‣ Machine readable response
‣ JSON
‣ XML
API
‣ HTTP Methods
‣ GET, POST etc
‣ HTTP Headers
‣ URI
‣ Query Parameters
‣ Body
Open API‣ “Not closed”
‣ Anyone can use it
‣ Free or paid
https://api.stackexchange.com/2.1/questions?order=desc&sort=activity&tagged=api&site=stackoverflow
https://api.stackexchange.com/2.1/questions?order=desc&sort=activity&tagged=api&site=stackoverflow
https://api.stackexchange.com/2.1/questions?order=desc&sort=activity&tagged=api&site=stackoverflow
https://api.stackexchange.com/2.1/questions?order=desc&sort=activity&tagged=api&site=stackoverflow
https://api.stackexchange.com/2.1/questions?order=desc&sort=activity&tagged=api&site=stackoverflow
Open APIs - Risks & Rewards
Hampus Brynolfintellecta
TWITTER IN SWEDEN
Not
Fin
nish
?
Method
Finnish? 2. Check language
3. Save
1. Get from
queueBlock
4. Add friends
and followers
Language analysis
• N-gram-based text-categorization– Searches for three letter combinations in
words– Considered stable–Worse result with few tweets
– http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.53.9367
Some data…
• 6,171,929 accounts analyzed• < 100 tweets per account analyzed• 15,410,436 swedish tweets identified
and downloaded
600 000
46%active
17%very active
Registrations per month
Words in description
Force atlas graph
Danmark
Sweden
Finland
celebs
sport
teens
IT/techmedia & politics
education
manga/anime
sports
entertainment
IT/business/media
media & politics
churches
librarians
celebs
sport
entertainment
IT/tech
media & politics
Gamers
nationalist
Hiphop
regional clusters
TACK @dreadnallen // Christofer Laurin
10.000+ available
Open APIs
‣ Salesforce
‣ Paypal
‣ Amazon
‣ ProgrammableWeb
why?
Open APIs
‣ External Innovation
‣ Enable Partnerships
‣ Make Money
‣ Save Money
‣ Marketing
Internal APIs
‣ More common than Open APIs
‣ System Architecture
‣ Partnerships
‣ Speed to Market
‣ Mobile Applications
more than just http
Package an API
‣ Security concerns
‣ Statistics
‣ Developer Portal
‣ Documentation
‣ Community
‣ Pricing & Legal
all but the data
API Management
‣ Security
‣ Developer Portal
‣ Monetization
‣ Statistics
‣ Layer 7, 3scale, Apigee, Mashery...
Open APIs - Risks & Rewards
Travis Spencertwobo technologies
Agenda
Problem: the risks & security challenges
Solution: the “Neo-security Stack” Result: a secure platform for data access
Copyright © 2013 Twobo Technologies AB. All rights reserved
Threats, Dangers & Challenges
Copyright © 2013 Twobo Technologies AB. All rights reserved
Identity is Central to a Solution
Copyright © 2013 Twobo Technologies AB. All rights reserved
Mobile Security
API Security
Enterprise Security
Identity
Venn diagram by Gunnar Peterson
SAML / OpenID Connect
SCIM
JSON Identity Suite
OAuth
XACML
Federation
Provisioning
Identity
Delegated Access
Authorization
The Neo-security Stack
Copyright © 2013 Twobo Technologies AB. All rights reserved
SAML / OpenID Connect
SCIM
JSON Identity Suite
OAuth
XACML
The Neo-security Stack
Copyright © 2013 Twobo Technologies AB. All rights reserved
SAML
SAML: proven technology for identity federation and Web SSO
Profiles, bindings, protocols, assertions & metadata
V. 2.1 in the works
Copyright © 2013 Twobo Technologies AB. All rights reserved
Service Provider (SP)
Identity Provider (IdP)
OpenID Connect
New federation protocol that builds on OAuth 2 Adds identity inputs/outputs to OAuth messages Related to prior OpenID versions in name only Compact messages for mobile scenerios RP / client can determine info about end user Tokens are JWTs UserInfo endpoint to get user data
Copyright © 2013 Twobo Technologies AB. All rights reserved
Grandpa SAML & junior
SCIM
Defines RESTful API to manage users & groups Specifies core user & group schemas Supports bulk updates for ingest Binding for SAML and eventually OpenID Connect
Copyright © 2013 Twobo Technologies AB. All rights reserved
OAuth
OAuth 2 is the new protocol of protocols
Composed in useful ways Addresses old requirements and
solves new ones Delegated access No password sharing Revocation of access
Copyright © 2013 Twobo Technologies AB. All rights reserved
JSON Identity Protocol Suite
Suite of JSON-based identity protocols Tokens (JWT) ▪ Encryption (JWE) Keys (JWK) ▪ Signatures (JWS) Algorithms (JWA)
Lightweight tokens passed in HTTP headers & query strings
Akin to SAML tokens
Copyright © 2013 Twobo Technologies AB. All rights reserved
The Neo-security Platform
Identity Management
System
API Management
System
Entitlement Management
System
Copyright © 2013 Twobo Technologies AB. All rights reserved
SAML / OpenID Connect
SCIM JSON Identity Suite
OAuth XACML
Building on the Platform
Copyright © 2013 Twobo Technologies AB. All rights reserved
Identity Management
System
API Management
System
Entitlement Management
System
Solutions must be ”baked”
Copyright © 2013 Twobo Technologies AB. All rights reserved
Solutions must be ”baked”
Web SSO Account
Management & Provisioning
Authorization Social Media Aggregation
API Security
Copyright © 2013 Twobo Technologies AB. All rights reserved
using open apis
Get Started
‣ Use API without authentication
‣ Nobel Prize API
‣ Make request
‣ Parse response
using open apis
Get Started
‣ cURL
‣ Postman
‣ Unirest
‣ Java, .NET, Python...
publishing open apis
Get Started
‣ Identify source
‣ Design based on external reqs.
‣ Do NOT mimic internal structures
‣ Mashape
‣ Use your own API!
publishing open apis
Get Started
Pro
‣ Business case, marketing plan etc
‣ Analyze requirements
‣ What to build & what to buy
‣ Build a community!
Thank younordicapis.com/oredev2013