The document discusses security components and modules in MuleSoft's Anypoint platform. It describes Anypoint Enterprise Security, API Security Manager, and Virtual Private Cloud. It also outlines security requirements at different layers of an API approach - experience, process, and system connectivity layers. Fine-grained security is applied at the process layer. Inbound, outbound, authentication, authorization and data security are addressed. The document also discusses implementing API-led connectivity using MuleSoft's API Designer and managing APIs across hybrid cloud using the Anypoint platform.

1. MULESOFT –Anypoint platform security
components Anypoint Enterprise Security
 API Security Manager
 Virtual Private Cloud (VPC)
1

2. MULESOFT –Enterprise Security Modules
Mule Secure Token Service (STS) OAuth 2.0a Provider (Its part of Enterprise edition)
Security for REST service provider/consumer (for API which we developing using MULE API
led connectivity)
2
Ensure that the API is properly
protected
by right authentication / authorization
schemes
Autherization &
Authentication
• SAML
• OAuth 2
• WS-Security
• Ping federate

3. MULESOFT –Enterprise Security Modules
Each layer has specific security requirements in API approach
Experience: This layer needs to be protected by inbound security
Process: In this layer, fine grain security is applied as to who has access to which process
API
System Connectivity: This layer need to be protected by outbound security
3

4. MULESOFT –Enterprise Security Modules
4
Process APIs
Process Level Fine Grained Security
Experience APIs
Inbound Security
(Authentication, Authorization and Data Security)
API Manager Security policies
System APIs
Outbound Security
(Authentication, Authorization and Data Security)
WEB/Mobile/Des
ktop
On premise /Cloud applications

5. API Led Connectivity
API should expose this specific fine-grained functionality so it can be invoked
independently. If the underlying service it accesses is coarse-grained and you
anticipate building additional APIs on that service to address additional use cases,
consider a tiered approach
API led connectivity approach-
5

6. API Led Connectivity
System Layer - System APIs provide a means of accessing underlying systems of record
and exposing that data.
These APIs will also change more infrequently and will be governed by Central IT given
the importance of the underlying systems.
Process Layer –
The underlying business processes that interact and shape this data should be strictly
encapsulated independent of the source systems from which that data originates, as
well as the target channels through which that data is to be delivered.
Experience Layer-
Now data will be accessed/consumed by various set of channels, so each of which want
to access the same data but in different form.
6

7. MULESOFT : API +SOA + Cloud
7

8. API Led Connectivity
What did we do for the implementation
API Designer used to design the API, controls total API life cycle.
What were the benefits
Design for great user experience
Optimize for use case
Provide easy access
Build a community
Single platform to manage your total API’s -Any point platform : Supports hybrid cloud
i:e Deploy your services in cloud + on premises with in the same project.
8

9. API Led Connectivity
What did we do for the implementation
API Designer used to design the API, controls total API life cycle.
What were the benefits
Design for great user experience
Optimize for use case
Provide easy access
Build a community
Single platform to manage your total API’s -Any point platform : Supports hybrid cloud
i:e Deploy your services in cloud + on premises with in the same project.
9

10. API Led Connectivity
What did we do for the implementation
API Designer used to design the API, controls total API life cycle.
What were the benefits
Design for great user experience
Optimize for use case
Provide easy access
Build a community
Single platform to manage your total API’s -Any point platform : Supports hybrid cloud
i:e Deploy your services in cloud + on premises with in the same project.
9