This session was Delivered at API Strat 2018. The session covered considerations for why you would want to expose External Services as internal APIs in your business.
This deck is an a joining of ideas from numerous visits to clients around the wound. Here we show the three most common design patterns and explain the pros and cons
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...Natalia Kataoka
See how, using custom policies, iSOA Group migrated DataPower to API Connect with a client in the insurance industry. iSOA will share the value, from a recent migration, that enabled our client to realize more value from their DataPower deployment through improved analytics, broader use of DataPower services through API’s, and custom policies in API Connect that enable developers to access specific custom developed policies within DataPower.
This session also covered:
- Scenarios and client motivations to migrate DataPower to API Connect
- How API Connect helps improve standardization of DataPower deployed services
- Lower cost of DataPower Operational support while enabling agility of developers
This covers security with APIc/gateway. It goes over high-level concepts and what IBM APIc can offer, this covers 2018, and v10 of the product
Note: this is from a presentation from a year or so ago, with some updates to the link
HAM 1032 Combining the Power of IBM API Management and IBM Integration BusKaren Broughton-Mabbitt
Presented at InterConnect 2016 by Carsten Bornert and Ulas Cubuk. This session will discuss the power of combining IBM API Management and IBM Integration Bus together to expose core backend systems in a controlled, managed and secured manner. It will also explore common use cases where these technologies are used together to provide a compelling solution.
This deck is an a joining of ideas from numerous visits to clients around the wound. Here we show the three most common design patterns and explain the pros and cons
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...Natalia Kataoka
See how, using custom policies, iSOA Group migrated DataPower to API Connect with a client in the insurance industry. iSOA will share the value, from a recent migration, that enabled our client to realize more value from their DataPower deployment through improved analytics, broader use of DataPower services through API’s, and custom policies in API Connect that enable developers to access specific custom developed policies within DataPower.
This session also covered:
- Scenarios and client motivations to migrate DataPower to API Connect
- How API Connect helps improve standardization of DataPower deployed services
- Lower cost of DataPower Operational support while enabling agility of developers
This covers security with APIc/gateway. It goes over high-level concepts and what IBM APIc can offer, this covers 2018, and v10 of the product
Note: this is from a presentation from a year or so ago, with some updates to the link
HAM 1032 Combining the Power of IBM API Management and IBM Integration BusKaren Broughton-Mabbitt
Presented at InterConnect 2016 by Carsten Bornert and Ulas Cubuk. This session will discuss the power of combining IBM API Management and IBM Integration Bus together to expose core backend systems in a controlled, managed and secured manner. It will also explore common use cases where these technologies are used together to provide a compelling solution.
INTERFACE, by apidays - Building contextualized API specifications by Boris ...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
Building contextualized API specifications
Boris Vernoff, Chief Achitect at ADP
In this deck, I cover all the new exciting security feature we have in both gateway and APIC.
We are excited about the new features, and how they can be used to help protect the customer's deployment environment.
Taming the FHIR of Healthcare with IBM's API ConnectNatalia Kataoka
Unlike the Wizard of OZ, there are no illusions being produced behind the curtain; with the FHIR standard these will be real. FHIR enables these levels of integration because it is based on API’s, making the company in the healthcare food-chain able to seamlessly integrate healthcare information into their business applications. FHIR also documents the necessary infrastructure and authentication standard to make sure that the integration is both seamless and secured.
[WSO2Con EU 2018] Hybrid Cloud API Management - API Microgateways AnywhereWSO2
This presentation takes an in-depth look at the following topics:
- The benefits of a hybrid deployment model for managing APIs
- Whether hybrid API management is the right option for you
- Role of microgateway in hybrid API Management solution
- How the WSO2 hybrid API management solution works
Overview of API Management ArchitecturesNordic APIs
APIs are fueling innovation and digital transformation initiatives. With the explosive growth in APIs, developers and architects are employing different kinds of architectures to process API calls. Attend this session to learn about commonly deployed API Management architectures to process API traffic.
Type 1: Centralized data plane and control plane.
Type 2: “Hybrid” architectural approach that involves some processing at the edge by microgateways to process API calls between microservices.
Type 3: Decoupled data plane and control plane resulting in no need for microgateways or databases to process API calls.
APIs have revolutionized how companies build new marketing channels, access new customers, and create ecosystems. Enabling all this requires the exposure of APIs to a broad range of partners and developers—and potential threats.
Learn more about the latest API security issues.
HIA 1015 Speed the Development of Robust Integrations with IBM Integration Bu...Karen Broughton-Mabbitt
Presented at InterConnect 2016 by Carsten Bornert and Emanuel Stanciu.
IBM Integration Bus (IIB) is IBM's strategic software integration product. Rational Integration Tester provides powerful capabilities to discover, simulate and test the solutions built on IBM Integration Bus. This session will demonstrate how integrations can be built on IBM Integration Bus and benefit from the simulation and discovery capabilities of Rational Integration Tester to accelerate and harden the integration.
Cloud Foundry Summit 2014: Introducing Cloud Foundry Integration for Eclipsedmbtr3
From the June 2014 Cloud Foundry Summit:
Title: BUSINESS TRACK: INTRODUCING CLOUD FOUNDRY INTEGRATION FOR ECLIPSE
Speaker: Adam Gunther
Abstract: Are you a developer who uses Eclipse? Do you want to get involved in a project with the goal to provide a first-class Cloud Foundry development environment for Eclipse? If so, then come learn about the Cloud Foundry Integration for Eclipse project. The Cloud Foundry eclipse plug-in allows developers to perform such tasks as deploy applications to Cloud Foundry and view and manage deployed applications and services. Come learn more about the current tools and community, what is planned for the future, and ways you can contribute.
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Building Contextualized API Specifications
Boris Vernoff, API Governance & Chief Data Architect at ADP
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation at Enterpris...MuleSoft
In a world where companies must disrupt, or be disrupted, Cisco is leveraging MuleSoft to drive innovation that accelerates operational efficiencies and business value. Join us in this session to hear insights and lessons learnt from a selection of use cases across API Management, SaaS Integration and Big Data domains.
This slide deck will discuss WSO2 Stream Processor, and stream processing use-cases in a few industries,
Watch webinar here: https://wso2.com/library/webinars/2018/11/stream-processing-in-action/
API Gateways are the well suited service for microservices architecture. It provides many security and performance related features along with reliability of the system. These slides explains what is API Gateway. What is microservices architecture, its benefits and how API Gateway empower this architecture. Further more API Gateway aggregation is explained with an example.
apidays LIVE JAKARTA - 10 commandments for scalable microservices by Archanaa...apidays
apidays LIVE JAKARTA - Connecting the Digital Stack
10 commandments for scalable microservices
Archanaa Ravikumar, Lead Engineer at BCG Digital Ventures & Pooja Subramanian, Office Tech Principal, Lead Consultant at ThoughtWorks Technologies
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
The future of API Management in a hybrid, multi-cloud world
Shaun Clowes, SVP of Product at Mulesoft
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...apidays
apidays LIVE India 2021 - Connecting 1.3 billion digital innovators
May 20, 2021
Asynchronous and Broadcasting APIs using Kafka
Rohit Saxena, Software Development Consultant at Guardian Life
API monetization extends beyond the simple selling of an API to realize new revenue streams. Monetization enables multi-pronged business relationships, for example, a SaaS provider, an industry focused ISV and a SaaS customer. Learn more about how Oracle is helping customers in the Hospitality industry realize the true value of APIs. In this talk, we will also cover some future capabilities that will help enterprises monetize their APIs for both revenue streams, and insights into the value all their APIs provide
How to migrate an application in IBM APIc, and preserve its client credentialShiu-Fun Poon
This provides the rest and toolkit command on how to migrate an application from one environment to another without know the client_secret in the plaintext format.
apidays LIVE Australia 2020 - Building a scalable API platform for an IoT eco...apidays
apidays LIVE Australia 2020 - Building Business Ecosystems
Building a scalable API platform for an IoT ecosystem
Pooja Subramanian, Lead Consultant at ThoughtWorks & Archanaa Ravikumar, Lead Engineer at BCG Digital Ventures
The API Economy is exploding, and this presentation explains how to extend your brand, accelerate new channel adoption and operate with API best practices.
This hands on workshop explores implementing various microservices patterns using 1) Pure Netflix OSS 2) Docker with Netflix and Prometheus 3) Docker & Kubernetes with Prometheus
INTERFACE, by apidays - Building contextualized API specifications by Boris ...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
Building contextualized API specifications
Boris Vernoff, Chief Achitect at ADP
In this deck, I cover all the new exciting security feature we have in both gateway and APIC.
We are excited about the new features, and how they can be used to help protect the customer's deployment environment.
Taming the FHIR of Healthcare with IBM's API ConnectNatalia Kataoka
Unlike the Wizard of OZ, there are no illusions being produced behind the curtain; with the FHIR standard these will be real. FHIR enables these levels of integration because it is based on API’s, making the company in the healthcare food-chain able to seamlessly integrate healthcare information into their business applications. FHIR also documents the necessary infrastructure and authentication standard to make sure that the integration is both seamless and secured.
[WSO2Con EU 2018] Hybrid Cloud API Management - API Microgateways AnywhereWSO2
This presentation takes an in-depth look at the following topics:
- The benefits of a hybrid deployment model for managing APIs
- Whether hybrid API management is the right option for you
- Role of microgateway in hybrid API Management solution
- How the WSO2 hybrid API management solution works
Overview of API Management ArchitecturesNordic APIs
APIs are fueling innovation and digital transformation initiatives. With the explosive growth in APIs, developers and architects are employing different kinds of architectures to process API calls. Attend this session to learn about commonly deployed API Management architectures to process API traffic.
Type 1: Centralized data plane and control plane.
Type 2: “Hybrid” architectural approach that involves some processing at the edge by microgateways to process API calls between microservices.
Type 3: Decoupled data plane and control plane resulting in no need for microgateways or databases to process API calls.
APIs have revolutionized how companies build new marketing channels, access new customers, and create ecosystems. Enabling all this requires the exposure of APIs to a broad range of partners and developers—and potential threats.
Learn more about the latest API security issues.
HIA 1015 Speed the Development of Robust Integrations with IBM Integration Bu...Karen Broughton-Mabbitt
Presented at InterConnect 2016 by Carsten Bornert and Emanuel Stanciu.
IBM Integration Bus (IIB) is IBM's strategic software integration product. Rational Integration Tester provides powerful capabilities to discover, simulate and test the solutions built on IBM Integration Bus. This session will demonstrate how integrations can be built on IBM Integration Bus and benefit from the simulation and discovery capabilities of Rational Integration Tester to accelerate and harden the integration.
Cloud Foundry Summit 2014: Introducing Cloud Foundry Integration for Eclipsedmbtr3
From the June 2014 Cloud Foundry Summit:
Title: BUSINESS TRACK: INTRODUCING CLOUD FOUNDRY INTEGRATION FOR ECLIPSE
Speaker: Adam Gunther
Abstract: Are you a developer who uses Eclipse? Do you want to get involved in a project with the goal to provide a first-class Cloud Foundry development environment for Eclipse? If so, then come learn about the Cloud Foundry Integration for Eclipse project. The Cloud Foundry eclipse plug-in allows developers to perform such tasks as deploy applications to Cloud Foundry and view and manage deployed applications and services. Come learn more about the current tools and community, what is planned for the future, and ways you can contribute.
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Building Contextualized API Specifications
Boris Vernoff, API Governance & Chief Data Architect at ADP
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation at Enterpris...MuleSoft
In a world where companies must disrupt, or be disrupted, Cisco is leveraging MuleSoft to drive innovation that accelerates operational efficiencies and business value. Join us in this session to hear insights and lessons learnt from a selection of use cases across API Management, SaaS Integration and Big Data domains.
This slide deck will discuss WSO2 Stream Processor, and stream processing use-cases in a few industries,
Watch webinar here: https://wso2.com/library/webinars/2018/11/stream-processing-in-action/
API Gateways are the well suited service for microservices architecture. It provides many security and performance related features along with reliability of the system. These slides explains what is API Gateway. What is microservices architecture, its benefits and how API Gateway empower this architecture. Further more API Gateway aggregation is explained with an example.
apidays LIVE JAKARTA - 10 commandments for scalable microservices by Archanaa...apidays
apidays LIVE JAKARTA - Connecting the Digital Stack
10 commandments for scalable microservices
Archanaa Ravikumar, Lead Engineer at BCG Digital Ventures & Pooja Subramanian, Office Tech Principal, Lead Consultant at ThoughtWorks Technologies
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
The future of API Management in a hybrid, multi-cloud world
Shaun Clowes, SVP of Product at Mulesoft
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...apidays
apidays LIVE India 2021 - Connecting 1.3 billion digital innovators
May 20, 2021
Asynchronous and Broadcasting APIs using Kafka
Rohit Saxena, Software Development Consultant at Guardian Life
API monetization extends beyond the simple selling of an API to realize new revenue streams. Monetization enables multi-pronged business relationships, for example, a SaaS provider, an industry focused ISV and a SaaS customer. Learn more about how Oracle is helping customers in the Hospitality industry realize the true value of APIs. In this talk, we will also cover some future capabilities that will help enterprises monetize their APIs for both revenue streams, and insights into the value all their APIs provide
How to migrate an application in IBM APIc, and preserve its client credentialShiu-Fun Poon
This provides the rest and toolkit command on how to migrate an application from one environment to another without know the client_secret in the plaintext format.
apidays LIVE Australia 2020 - Building a scalable API platform for an IoT eco...apidays
apidays LIVE Australia 2020 - Building Business Ecosystems
Building a scalable API platform for an IoT ecosystem
Pooja Subramanian, Lead Consultant at ThoughtWorks & Archanaa Ravikumar, Lead Engineer at BCG Digital Ventures
The API Economy is exploding, and this presentation explains how to extend your brand, accelerate new channel adoption and operate with API best practices.
This hands on workshop explores implementing various microservices patterns using 1) Pure Netflix OSS 2) Docker with Netflix and Prometheus 3) Docker & Kubernetes with Prometheus
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Simplify Open Policy Agent with Styra DAS
Tim Hinrichs, Co-Founder & CTO at Styra
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Microservice Authorization with Open Policy Agent
Tim Hinrichs, Co-Founder and CTO at Styra
Covered in this webinar:
- Perfecto 101
- Core Diffs for Insurance
- Insurance Case Studies
- Open Discussion
By the end of this webinar, you'll be chomping at the bit for your next opportunity to work with an insurance customer and Perfecto.
Speaker:
Amir Rozenberg
Director of Product Management
Perfecto
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data Spain
This talk gives a technical and innovative overview of how companies can face the challenge of protecting the data and services that are in their data-centric platform, focusing on three main aspects: implementing network segmentation, managing AAA and securing data processing.
https://www.bigdataspain.org/2017/talk/big-data-security-facing-the-challenge
Big Data Spain 2017
16th - 17th November Kinépolis Madrid
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google CloudRobb Boyd
Cisco and Google Cloud experts join TechWiseTV to demonstrate how you can use the Cisco Hybrid Cloud Platform for Google Cloud as a DevOps platform that works consistently across data center and public cloud environments. You’ll learn how to take advantage of containers, microservices, public cloud toolsets, and other modern cloud development innovations while having the flexibility to deploy your applications wherever they run best.
With integrated connectivity, security, management, and control, your applications will operate consistently from prem to cloud and back again.
Resources:
Watch the replay: http://cs.co/9007DawLd
TechWiseTV: http://cs.co/9009DzrjN
Istio ambient mesh uses a sidecar-less data plane that focuses on ease of operations, incremental adoption, and separation of security boundaries for applications and mesh infrastructure.
In this webinar, we'll explore:
- The forces of modernization and compliance pressures,
- How Zero Trust Architecture (ZTA) can help, and
- How Istio ambient mesh lowers the barrier for establishing the properties necessary to achieve Zero Trust and compliance
ADRecon BH ASIA 2018 : Arsenal Presentationprashant3535
Updated version of the Arsenal Demo of ADRecon presented on 22nd and 23rd March at BlackHat Asia 2018.
https://www.blackhat.com/asia-18/arsenal.html#adrecon-active-directory-recon
Pedro Fortuna - Protecting Crypto Exchanges From a New Wave of Man-in-the-Bro...Hacken_Ecosystem
HackIT is an annual cybersecurity conference that gathers the best technical researchers and top players in the cybersecurity industry to explore cutting-edge technologies together. In 2018, HackIT focused on the use of blockchain technology.
Join our community:
Website - https://hacken.live/hackit-slideshare
Twitter - https://hacken.live/twitter_hackit
Facebook - https://hacken.live/facebook_hackit
Instagram - https://hacken.live/instagram_hackit
Reddit - https://hacken.live/reddit
Telegram community - https://hacken.live/tg-hackit
#hackit #cybersecurity #blockchain #hacking
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsSBWebinars
Research shows that 25% of organizations have cryptojacking activity in their AWS, Azure, and GCP environments. Is yours one of them? While S3 buckets continue to dominate headlines, cryptojacking and other threats lay quietly behind the scenes. Learn about the latest cloud threats and arm yourself with effective countermeasures.
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIsRobb Boyd
Learn more on getting hands-on with Cisco DNA Center Platform APIs. Join us as we go over the brand new DNA Center Platform and show you how to start integrating and developing your own applications on DNA Center. The possibilities are endless!
Similar to Api Strat 2018 Turning External Services into Internal APIs (20)
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
This 7-second Brain Wave Ritual Attracts Money To You.!
Api Strat 2018 Turning External Services into Internal APIs
1. September 24-26, 2018
Music City Center
Nashville, Tennessee
#apistrat
Turning External Services
into Internal APIs -
Strategies to consider
Chris Phillips
1 10/2/2018
2. 2 10/2/2018
Chris Phillips
• IBM Master Inventor
• 12 Patents (ish)
• IBM SWAT Integration
Architect
• Wife & Two Kids
https://medium.com/@cminion/
https://www.linkedin.com/in/chrisjphillips/
https://github.com/ChrisPhillips-cminion
14. 14 10/2/2018
A N Other MicroService
Username: Fred
Password: *****
Pays For
Security
MicroService for Mobile
Username: Fred
Password: *****
15. 15 10/2/2018
MicroService for Mobile
Username: Fred
Password: *****
A N Other MicroService
Username: Fred
Password: *****
Pays For
Security
Unauthorized
MicroService
Username: Fred
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
16. 16 10/2/2018
MicroService for Mobile
Username: Fred
Password: *****
A N Other MicroService
Username: Fred
Password: *****
Security
Unauthorized
MicroService
Username: Fred
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
17. 17 10/2/2018
MicroService for Mobile
Username: Mia
Password: *****
A N Other MicroService
Username: Fred
Password: *****
Security
Unauthorized
MicroService
Username: Fred
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
18. 18 10/2/2018
MicroService for Mobile
Username: Mia
Password: *****
A N Other MicroService
Username: Mia
Password: *****
Security
Unauthorized
MicroService
Username: Fred
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
19. 19 10/2/2018
MicroService for Mobile
Username: Mia
Password: *****
A N Other MicroService
Username: Mia
Password: *****
Security
Unauthorized
MicroService
Username: Mia
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
20. 20 10/2/2018
MicroService for Mobile
Username: MS4Mob
Security Type: OIDC
A N Other MicroService
Username: ANOMS
SecurityType: User/Password
Security
Unauthorized
MicroService
Username:
ANOMS
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
API
Gateway
Contains the
Credentials for the
Weather Company
21. MicroService for Mobile
Username: MS4Mob
Security Type: OIDC
A N Other MicroService
Username: ANOMS
SecurityType: User/Password21 10/2/2018
Security
API Gateway
Manages Credentials
to the Weather
Company
Each MicroService can
consumption can be
tracked individually
Unauthorized
MicroService
Username:
ANOMS
Password: *****
https://www.freepik.com/free-vector/young-
anonymous-hacker-with-flat-design_2753360.htm
API
Gateway
Each MicroService has
its own credentials to
the API Gateway
22. 22 10/2/2018
Security
By exposing External Services as APIs
• One username and password to change if it is
compromised
• Can block access to specific MicroServices if
credentials are compromised.
• Tracks usage to ensure everyone pays their
share
• Tracks where passwords may have been
exposed
• Allows for different security mechanisms then
those on offer
24. 24 10/2/2018
50 000 Calls free
Each additional 10 000 Calls $1000
MicroService for Mobile
Username: Fred
Password: *****
Performance
Test
25. 25 10/2/2018
50 000 Calls free
Each additional 10 000 Calls $1000
MicroService for Mobile
Username: Fred
Password: *****
Performance
Test
STUB
26. STUB
26 10/2/2018
50 000 Calls free
Each additional 10 000 Calls $1000
MicroService for Mobile
Username: Fred
Password: *****
Performance
Test
Performance Test Started
27. 8 Hour Soak Run, What does it cost?
𝑇𝑃𝑆 = 100
LoT = 8 hours
No of Transactions = 100 * 60 * 60 * 8
= 2 880 000
Cost = (2 880 000 – 50 000) / 10 000 * $1 000
= $283 000
28. 28 10/2/2018
50 000 Calls free
Each additional 10 000 Calls $1000
MicroService for Mobile
Username: Fred
Password: *****
Performance
Test
STUB
29. 29 10/2/2018
50 000 Calls free
Each additional 10 000 Calls $1000
MicroService for Mobile
Username: Fred
Password: *****
Performance
Test
Routing can be
controlled by the API
Gateway
API
Gateway
API Gateway Rate
Limits all traffic to the
Weather Company
STUB
31. 31 10/2/2018
Performance Test
By exposing External Services as APIs
• Reduce the risk of performance testing
against an expensive API
• Control the routing from outside the
MicroService
• Removes the responsibility form the
Developer for selecting which endpoint to use
35. 35 10/2/2018
MicroService for Mobile
Username: Fred
Password: *****
Caching Strategy
API
Gateway
Caching Is not a
responsibility of the
Micro Service developer
When it is enabled for
one API it is used by all
Consumers
36. 36 10/2/2018
Caching Strategy
By exposing External Services as APIs
• Abstracts caching away from the microservice
• Allows all external calls to follow the same
caching strategy
46. 46 10/2/2018
Migration
In the event of a Major
Change interface can be
transposed in the API
GatewayMicroService
for Mobile
MicroService
for Desktop
MicroService
for Other
Interface do not need to
change at the API
Gateway until new
function is desired
API
Gateway
The API in the Gateway
can select which Version
to route to.
47. 47 10/2/2018
Migration Summary
• MicroServices do not need to be upgraded
when the interface changes
• Version Change can be seemless to the
MicroService layer
• Reduces the evergreening risk
48. 48 10/2/2018
Other Reasons
• Developer Portal for sharing documentation
• Controlling the interface to reduce complexity
of the microservice
• Many others….
49. 49 10/2/2018
Summary – Take Away
Just about every reason to have an API Layer
for exposing internal services externally can
be applied to having an API Layer for
exposing external services
Treat All APIs Equally