Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

API Gateway - OFM Canberra October 2014

696 views

Published on

Slides from the October Oracle Middleware Forum held in Canberra, Australia. Covers API Gateway and how it can be used in an organisation. For more information, check out our blog at http://ofmcanberra.wordpress.com

Published in: Software
  • Be the first to comment

API Gateway - OFM Canberra October 2014

  1. 1. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle API Gateway Damien McAullay Oracle Fusion Middleware October 2014
  2. 2. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Defining APIs … • APIs are the face of enterprise applications and processes • From the APIs’ consumers’ perspective, they are the applications • Organizations can use different APIs to create optimized applications for customers, partners & employees • It is imperative that organizations apply the same rigor to applications lifecycle management to API lifecycle management 2
  3. 3. What is an API Gateway or API Management? • Every API requires a supporting infrastructure to make sure the APIs are properly managed, delivered & secured • OAG provides an enterprise platform for API delivery removing the needs for APIs owners to build repeatedly one-off support infrastructure • APIs enable enterprises to deliver business services via Cloud, mobile or partners channels Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 3
  4. 4. Oracle API Gateway – What/How? • API transformation and protocol switch • API control & runtime governance • API scalability and reliability • API security – AAA and Threats mitigation • API monitoring – routing and throttling • API development lifecycle • API administration Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 4
  5. 5. Fine Grained AuthZ and Data Redaction Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 5 Response • Name & Contact Info • Masked SSN • Primary Physician • Insurance Response • Name & Contact Info • Masked SSN • Primary Physician • Insurance •Payment History Response • Name & Contact Info • Primary Physician • Health History Legacy Patient Record Application Existing API Returns Name & Contact Info SSN Physician Info Existing Conditions Prescriptions Health Records Insurance Payment History Entitlements Server Help desk Accounting Doctor PEP PDP Oracle API Gateway
  6. 6. Client Oriented Requests & Throttling • Client-based policies for the same web service end-point – Policy A for Client 1 and Policy B for Client 2 • Client-based throttling – Allow 100 transactions per second (TPS) for Client 1 and 250 TPS for Client 2 • Client-based service-level agreement (SLA) alarms • Hiding service operations from certain clients • Client can be identified through – IP address, SAML attributes, SOAP/transport headers – Identity attribute lookup after authentication – Device IDs / IDContext Attributes Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 6
  7. 7. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | API Key Management 7 Corporate DMZ Unified Agent SOAP/REST and Legacy Web Services Security Gateway CRM HR Talent APIKey_AWS APIKey_Salesforce API Key + Web Service Request
  8. 8. Oracle API Gateway – Where? Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 8 First Line Of Defense Shared Services Layer End Point HTTP, Security SOAP, REST, XML, JMS HTTP, SOAP, REST, XML, JMS Service Bus OWSM Agent DMZ WS-Security, Basic Auth, Digest, X509, UNT, SAML, Kerberos Sign & Encrypt OWSM Agent OWSM Agent WS-Security, Basic Auth, Digest, X509, UNT, SAML, Kerberos Sign & Encrypt OAG Intranet Applications
  9. 9. Concepts and Architecture – Logical Components Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 9
  10. 10. Concepts and Architecture – Policy Studio and OAG Manager ADMIN NODE MANAGER NODE MANAGER STOCK CONTROL APIs GROUP PAYMENT APIs Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 10 OAG INSTANCE 1 OAG INSTANCE 3 OAG INSTANCE 2 OAG INSTANCE 4 GROUP PHYSICAL / VIRTUAL MACHINE 1 PHYSICAL / VIRTUAL MACHINE 2 DOMAIN OAG MANAGER POLICY STUDIO MANAGES MANAGES
  11. 11. Concepts and Architecture – Configuration Parts Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 11
  12. 12. Concepts and Architecture – Lifecycle Management Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 12
  13. 13. Concepts and Architecture – Lifecycle Management Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 13
  14. 14. Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Demo 14

×