Scalable Reliable Secure REST

G
guestb2ed5f
Scalable, Reliable, and Secure RESTful HTTP A practical guide to building to HTTP based services
Today’s talk ,[object Object]
What this talk is NOT
What is REST? ,[object Object],[object Object]
 
Resources, resources, resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Uniform Interface
Hypertext and linkability ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
REST & HTTP ,[object Object],[object Object],[object Object],[object Object],[object Object]
Our Starting Point
Reliability through Idempotency
Idempotent Operations
Some Basic Scenarios: ,[object Object],[object Object],[object Object],[object Object]
Getting a resource ,[object Object],[object Object]
Updating a resource Server Client
Deleting a resource Server Client
Creating Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],Server Client Client Server HTTP/1.1 200 OK … POST /entries Host: acme.com … PUT /entries/1 Host: acme.com Content-Type: … Content-Length: … Some data…
Creating Resources ,[object Object],[object Object],[object Object],[object Object],[object Object]
Problem: Firewalls ,[object Object],[object Object],[object Object],[object Object]
Scalability ,[object Object]
Scaling HTTP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Stateless client/server approach ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ETag Header ,[object Object],[object Object],[object Object],[object Object]
ETag Example ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Server Client Client Server HTTP/1.1 304 Not Modified Date: … ETag: "3e86-410-3596fbbc" Content-Length: 0… GET /feed.atom Host: www.acme.com … GET /feed.atom If-None-Match: "3e86-410-3596fbbc" Host: www.acme.com …
LastModified Example ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Client Server HTTP/1.1 304 Not Modified Date: … Last-Modified: Sat, 29 Oct 1994 19:43:31 GMT Content-Length: 0 GET /feed.atom Host: www.acme.com … GET /feed.atom If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT Host: www.acme.com …
Scalability through Caching ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
How Caching Works ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Is your cache fresh? ,[object Object],[object Object],[object Object],[object Object]
Scalability through URLs and Content-Types ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
HEAD ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
100 Continue ,[object Object],[object Object]
100 Continue
Transactions ,[object Object],[object Object],[object Object],[object Object],[object Object]
So you really want transactions… ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Batch Operations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security
Question #1 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Tools at our disposal ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
HTTP Authentication Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SSL and Public Key Cryptography ,[object Object]
How SSL works Client Server Sends random number encrypted with server’s public key.
How SSL works Client Server Server sends random number to client. Can be unencrypted since Client may not have public key.
How SSL works Client Server Server and Client compute a shared secret using the negotiated hash algorithm. 94AB134… 94AB134…
How SSL works Client Server Communication is encrypted using the new shared secret & symmetric cryptography
Client Authentication ,[object Object],[object Object],[object Object]
Limitations of SSL ,[object Object],[object Object],[object Object],[object Object],[object Object]
OpenID ,[object Object],[object Object],[object Object]
XML Signature & Encryption ,[object Object],[object Object],[object Object],[object Object]
An XML digital signature ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
HTTP Security Limitations ,[object Object],[object Object],[object Object],[object Object],[object Object]
Other Thoughts
Consider using Atom Publishing Protocol ,[object Object],[object Object],[object Object],[object Object],[object Object]
Atom Publishing Protocol ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why you should use APP for your app ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What other tools are available for building RESTful applications? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Limitations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions? ,[object Object],[object Object],[object Object],[object Object],[object Object]
1 of 58

Scalable Reliable Secure REST

Download to read offline
Technology
G
guestb2ed5f

Recommended

Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service DesignLorna Mitchell
40.5K views38 slides
RESTful servicesRESTful services
RESTful servicesgouthamrv
4.5K views57 slides
GraphQL SecurityGraphQL Security
GraphQL SecurityShiu-Fun Poon
263 views6 slides
Elegant Rest Design WebinarElegant Rest Design Webinar
Elegant Rest Design WebinarStormpath
3.7K views104 slides
Rest api design by george reeseRest api design by george reese
Rest api design by george reesebuildacloud
105.5K views24 slides
REST API Design for JAX-RS And JerseyREST API Design for JAX-RS And Jersey
REST API Design for JAX-RS And JerseyStormpath
12.6K views79 slides

More Related Content

What's hot

What's hot(20)

REST and ASP.NET Web API (Milan)REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)
Jef Claes4.9K views
Rest & RESTful WebServicesRest & RESTful WebServices
Rest & RESTful WebServices
Prateek Tandon5.8K views
REST Easy with AngularJS - ng-grid CRUD EXAMPLEREST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
reneechemel10.7K views
The never-ending REST API design debateThe never-ending REST API design debate
The never-ending REST API design debate
Restlet10.1K views
Architecture Best PracticesArchitecture Best Practices
Architecture Best Practices
AWS Germany5.8K views
Overview of RESTful web servicesOverview of RESTful web services
Overview of RESTful web services
nbuddharaju4.2K views
ASP.NET WEB API TrainingASP.NET WEB API Training
ASP.NET WEB API Training
Chalermpon Areepong3.4K views
Implementation advantages of restImplementation advantages of rest
Implementation advantages of rest
Balamurugan Easwaran4.4K views
Web ArchitectureWeb Architecture
Web Architecture
sudip pudasaini452 views
REST & RESTful Web ServiceREST & RESTful Web Service
REST & RESTful Web Service
Hoan Vu Tran1.1K views
Restful webservicesRestful webservices
Restful webservices
Luqman Shareef2.1K views
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
Halil Burak Cetinkaya43.9K views
Restful web services pptRestful web services ppt
Restful web services ppt
OECLIB Odisha Electronics Control Library4K views
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
Anna Morrison19.2K views
The ASP.NET Web API for BeginnersThe ASP.NET Web API for Beginners
The ASP.NET Web API for Beginners
Kevin Hazzard4.4K views
Design Beautiful REST + JSON APIsDesign Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIs
Stormpath225.9K views
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWT
Tuyen Vuong3.9K views
The never-ending REST API design debate -- Devoxx France 2016The never-ending REST API design debate -- Devoxx France 2016
The never-ending REST API design debate -- Devoxx France 2016
Restlet2.2K views
Json-based Service Oriented Architecture for the webJson-based Service Oriented Architecture for the web
Json-based Service Oriented Architecture for the web
kriszyp5.2K views
Excellent rest using asp.net web apiExcellent rest using asp.net web api
Excellent rest using asp.net web api
Maurice De Beijer [MVP]11.4K views

Viewers also liked

REST vs SOAPREST vs SOAP
REST vs SOAPJuan Luis Pérez
5.4K views9 slides

Viewers also liked(15)

Understanding REST-Based Services: Simple, Scalable, and Platform IndependentUnderstanding REST-Based Services: Simple, Scalable, and Platform Independent
Understanding REST-Based Services: Simple, Scalable, and Platform Independent
Charles Knight2.7K views
CrimsonHacks Keynote Presentation March 2017CrimsonHacks Keynote Presentation March 2017
CrimsonHacks Keynote Presentation March 2017
Charles Knight504 views
API Reliability GuideAPI Reliability Guide
API Reliability Guide
Nick DeNardis3.4K views
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web API
SHAKIL AKHTAR2.7K views
REST vs SOAPREST vs SOAP
REST vs SOAP
Juan Luis Pérez5.4K views
API Security from the DevOps and CSO Perspectives (Webcast)API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)
Apigee | Google Cloud6.7K views
Mari Memahami PSR (PHP Standards Recommendation)Mari Memahami PSR (PHP Standards Recommendation)
Mari Memahami PSR (PHP Standards Recommendation)
Mizan Riqzia7K views
SOAP vs RESTSOAP vs REST
SOAP vs REST
Mário Almeida12.5K views
REST vs. SOAPREST vs. SOAP
REST vs. SOAP
Murat Çakal11.8K views
Scalability and Reliability in the CloudScalability and Reliability in the Cloud
Scalability and Reliability in the Cloud
gmthomps7.4K views
Spring Web Services: SOAP vs. RESTSpring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. REST
Sam Brannen22.4K views
Open Standards for the Semantic Web: XML / RDF(S) / OWL / SOAPOpen Standards for the Semantic Web: XML / RDF(S) / OWL / SOAP
Open Standards for the Semantic Web: XML / RDF(S) / OWL / SOAP
Pieter De Leenheer5.2K views
29 Essential AngularJS Interview Questions29 Essential AngularJS Interview Questions
29 Essential AngularJS Interview Questions
Arc & Codementor487.6K views
Secure Your REST API (The Right Way)Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)
Stormpath218.8K views
Webservices Overview : XML RPC, SOAP and RESTWebservices Overview : XML RPC, SOAP and REST
Webservices Overview : XML RPC, SOAP and REST
Pradeep Kumar28.7K views

Similar to Scalable Reliable Secure REST

HTTPHTTP
HTTPspacecharge
1.2K views15 slides
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
34K views16 slides

Similar to Scalable Reliable Secure REST(20)

HTTPHTTP
HTTP
spacecharge1.2K views
Pentesting web applicationsPentesting web applications
Pentesting web applications
Satish b12.4K views
HTTP BasicsHTTP Basics
HTTP Basics
sanjoysanyal34K views
HTTP Basics DemoHTTP Basics Demo
HTTP Basics Demo
InMobi Technology450 views
Http_Protocol.pptxHttp_Protocol.pptx
Http_Protocol.pptx
Abshar Fatima20 views
UserCentric Identity based Service InvocationUserCentric Identity based Service Invocation
UserCentric Identity based Service Invocation
guestd5dde61.2K views
01. http basics v2701. http basics v27
01. http basics v27
Eoin Keary549 views
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injava
tanujagrawal725 views
Lecture17Lecture17
Lecture17
Châu Thanh Chương466 views
Secure Content Delivery Using Amazon CloudFrontSecure Content Delivery Using Amazon CloudFront
Secure Content Delivery Using Amazon CloudFront
Amazon Web Services2K views
Starting With PhpStarting With Php
Starting With Php
Harit Kothari787 views
Securing RESTful APISecuring RESTful API
Securing RESTful API
Muhammad Zbeedat271 views
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
Brian Ritchie3.3K views
PHP Training: Module 1PHP Training: Module 1
PHP Training: Module 1
hussulinux2.8K views
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services4.2K views
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services3.2K views
KMUTNB - Internet Programming 2/7KMUTNB - Internet Programming 2/7
KMUTNB - Internet Programming 2/7
phuphax870 views
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!
Wilco Alsemgeest733 views
WebbasicsWebbasics
Webbasics
patinijava698 views
Http Vs Https . Http Vs Https .
Http Vs Https .
simplyharshad34.2K views

Recently uploaded

CXL at OCPCXL at OCP
CXL at OCPCXL Forum
183 views66 slides

Recently uploaded(20)

ThroughputThroughput
Throughput
Moisés Armani Ramírez28 views
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...
BookNet Canada97 views
The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)
CSUC - Consorci de Serveis Universitaris de Catalunya51 views
CXL at OCPCXL at OCP
CXL at OCP
CXL Forum183 views
"Thriving Culture in a Product Company — Practical Story", Volodymyr Tsukur"Thriving Culture in a Product Company — Practical Story", Volodymyr Tsukur
"Thriving Culture in a Product Company — Practical Story", Volodymyr Tsukur
Fwdays35 views
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk170 views
GigaIO: The March of Composability Onward to Memory with CXLGigaIO: The March of Composability Onward to Memory with CXL
GigaIO: The March of Composability Onward to Memory with CXL
CXL Forum118 views
Transcript: The Details of Description Techniques tips and tangents on altern...Transcript: The Details of Description Techniques tips and tangents on altern...
Transcript: The Details of Description Techniques tips and tangents on altern...
BookNet Canada99 views
MemVerge: Past Present and Future of CXLMemVerge: Past Present and Future of CXL
MemVerge: Past Present and Future of CXL
CXL Forum105 views
"Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad..."Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad...
"Ukrainian Mobile Banking Scaling in Practice. From 0 to 100 and beyond", Vad...
Fwdays33 views
"How we switched to Kanban and how it integrates with product planning", Vady..."How we switched to Kanban and how it integrates with product planning", Vady...
"How we switched to Kanban and how it integrates with product planning", Vady...
Fwdays59 views
Micron CXL product and architecture updateMicron CXL product and architecture update
Micron CXL product and architecture update
CXL Forum23 views
JCon Live 2023 - Lice coding some integration problemsJCon Live 2023 - Lice coding some integration problems
JCon Live 2023 - Lice coding some integration problems
Bernd Ruecker61 views
Business Analyst Series 2023 - Week 3 Session 5Business Analyst Series 2023 - Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5
DianaGray1042 views
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
"AI Startup Growth from Idea to 1M ARR", Oleksandr Uspenskyi
Fwdays23 views
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman20 views
AMD: 4th Generation EPYC CXL DemoAMD: 4th Generation EPYC CXL Demo
AMD: 4th Generation EPYC CXL Demo
CXL Forum117 views
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
Vadym Kazulkin45 views
ChatGPT and AI for Web DevelopersChatGPT and AI for Web Developers
ChatGPT and AI for Web Developers
Maximiliano Firtman152 views
PharoJS - Zürich Smalltalk Group Meetup November 2023PharoJS - Zürich Smalltalk Group Meetup November 2023
PharoJS - Zürich Smalltalk Group Meetup November 2023
Noury Bouraqadi77 views

Scalable Reliable Secure REST

Editor's Notes

  1. - Intro to self - Ask questions! 10 mins for questions at the end (may be a bit much, I know you norwegians are a talkative bunch)