Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Distinguished Engineer, CA

520

Published on

Scott Morrison, SVP & Distinguished Engineer, CA Technologies presents on Mobile Strategy during the Wavefront Wireless Summits

Scott Morrison, SVP & Distinguished Engineer, CA Technologies presents on Mobile Strategy during the Wavefront Wireless Summits

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
520
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • APIs come with their own problems. You never have just one API. So quickly the issue is scaling access and management.
  • APIs come with their own problems. You never have just one API. So quickly the issue is scaling access and management.
  • Transcript

    • 1. 5 Reasons Why APIs Must Be A Part Of Your Mobile Strategy K. Scott Morrison Senior Vice President and Distinguished Engineer February 2014 © 2014 CA. All rights reserved.
    • 2. 5 reasons why APIs must be part of your mobile strategy
    • 3. Layer 7 SecureSpan Gateway Secure and Manage Enterprise APIs Gateway Cluster at Edge of Network API/Service Servers  DMZ deployment  Hardware appliance, virtual appliance or software Firewall 2 Firewall 1 … Enterprise Network Cloud SSG Cluster Mobile Devices API/Service Client Partners 3 Directory Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 4. The MAG SDK 4 Copyright © 2013 CA. All 2013 CA. All rights reserved. © rights reserved. No unauthorized copying or distribution permitted
    • 5. The Essence of the Problem: Secure Mobile Access to Apps and Data API/Service Servers How Do We Make APIs Available?  Firewall mazes Firewall 2  Diversity of clients and back end systems  Clients and servers change at different rates Firewall 1 Directory Enterprise Network Internet Of Particular Interest:  Authentication, Authorization & SSO  Secure Transmission API/Service Client 5 Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 6. We Want Classic SSO In An Active Profile For REST API/Service Servers Could leverage WS-Fed here  SAML’s second act? Directory Internet Apps making RESTful API calls 6 Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 7. But We Also Want Local App SSO API/Service Servers “Like a VPN… but without all of the negatives” Single Sign On App Group (these apps will share sign-on sessions) A B C So now it’s getting interesting… 7 Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 8. Mobile OS Isolation is an issue App layer Persistence layer Silos 8 Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 9. Self Service: User should be able to log out if device is lost or stolen 9 Copyright 2013 CA. CA. reserved. No unauthorized copying or Copyright ©©2012All rights All rights reserved. distribution permitted
    • 10. Solution: Native Single Sign-On SDK For Mobile Developers Strong Security for Mobile Apps API Servers  Cross-platform and built for a consumer or BYOD world  100% Standards-based using OAuth+OpenID Connect  X-app SSO with multi-factor auth & secure channel  X.509 Certificate provisioning for strong auth and transaction signing One time PIN SMS, APNS, call Enterprise Network iPhone App-sharable Secure Key Store Android 10 iPad Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 11. Client Deployment Strategy  Don’t make me work hard – But give me a strong and extensible security model  Transfer of security responsibility – Let developers do what they do best  Simple SDK – Align with common development time environments  iOS, Android, Javascript, etc  Mirror REST frameworks  Future – Aspects, wrapping, etc. 11 Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 12. Three Important Entities All three are managed by the SDK+MAG User Apps Devices 12 Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 13. Protocol Strategy OAuth + OpenID Connect  Profiled for mobile  Clear distinction between device, user and app Authorization Server username/password A B ID Token C Per app 13 Access Token/Refresh Token Copyright © 2013 CA. All rights reserved. No unauthorized copying or distribution permitted
    • 14. Questions?
    • 15. K. Scott Morrison Distinguished Engineer Scott.Morrison@ca.com @KScottMorrison slideshare.net/CAinc linkedin.com/KScottMorrison ca.com

    ×