Transforming organizations into platforms

The document discusses API design choices and trends. It covers the history of APIs from early CGI and COM/CORBA standards to modern RESTful approaches. It also discusses targeting the right audience for an API and whether to focus on aggregation by combining multiple APIs or allowing mashups. The document advocates for RESTful design using hypermedia and HTTP verbs at higher levels of the Richardson maturity model. It notes that as an API grows more advanced, aggregation of other APIs becomes necessary but also very challenging.

Incorporating OAuth

Neo-security Stack

Nordic APIs - Building a Secure API

This document discusses techniques for building a secure API, including OAuth, OpenID Connect, SCIM, JSON Web Tokens, and other standards. It provides an overview of key concepts like the OAuth authorization framework with clients, authorization servers, and resource servers. Identity management is central, and protocols like SCIM and SAML can be used to provision and manage user accounts. The document also summarizes standards like JWTs and how pieces like OAuth, OpenID Connect, and SCIM can be combined to securely access APIs and manage user identities.

Launching a Successful and Secure API

Secure your APIs using OAuth 2 and OpenID Connect

Session held by Travis Spencer at PayEx and Nordic APIs event "Secure, flexible and modern APIs for Payments" event in Oslo, May 10th. Description: When opening up secure APIs, OAuth 2 and OpenID Connect are the primary standards being used today. Implementing and using these standards can be challenging. In this session, Travis Spencer, CEO of Twobo Technologies, will provide an in-depth overview of these standards and explain how they can be integrated into financial services apps. The overview will include information on: The actors involved in OAuth and OpenID Connect The flows used in the standards What grant types are, which are defined, and the message exchanges of each What scopes are and examples of their use Different classes of tokens and how they are used Overview of the OpenID Foundation’s work in the Financial API WG Attendees will leave with: An overview of OAuth 2 and OpenID Connect Knowledge of the basics necessary to using these standards Resources and information sources where more information can be found

OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)

This is a session given by Jacob Ideskog at Nordic APIs 2016 Platform Summit on October 25th, in Stockholm Sweden. Description: In this talk Jacob Ideskog (Identity Expert at Twobo Technologies) address the growing need to secure the emerging devices accessible over the Internet. The Internet of Things has many interpretations, but the common denominator is that there will be a vast number of connected devices, and nobody (almost) want’s those hacked.

The document discusses the JSON-based Identity Protocol Suite, which defines standards for JSON Web Tokens (JWTs), JSON Web Encryption (JWE), JSON Web Keys (JWK), and JSON Web Signatures (JWS). JWTs are compact tokens passed in HTTP that contain claims and can be signed or encrypted. JWE defines how to encrypt JWTs using symmetric or asymmetric encryption. JWK defines public key representations in JSON. JWS defines how to digitally sign JWTs using symmetric or asymmetric signatures. These standards are defined by the IETF and provide a common way to securely transmit identity and authorization data.

Interoperability in a B2B Word (NordicAPIS April 2014)

The document discusses how B2B integration is evolving from traditional methods like EDI and FTP to use of APIs and web services. It notes that B2B objectives of securely transacting with partners hasn't changed, but the technologies used are modernizing from SOA, SOAP, and REST to focus on APIs. It emphasizes that B2B strategy should include an API strategy and consider both developers and humans. Whiteboarding APIs and dealing with integration challenges are also discussed.

Integrated social solutions, the power and pitfalls of mashups

Azure Virtual Network Tutorial | Azure Virtual Machine Tutorial | Azure Train...

Best practices for privileged access & secrets management in the cloud - DEM0...

In this session, you learn from real-world scenarios related to privileged access security in cloud environments. Experts from TOTVS and CyberArk provide insights from lessons learned while securing commercial SaaS applications, cloud infrastructure, and internal applications deployed in the cloud. Topics covered include privilege and cloud scenarios (e.g., human access models, support for automation, proactive controls, and programmatic deployment), as well as best practices and augmentation of existing security controls for privilege and secrets management on the AWS Cloud. We also cover limited use of root accounts, considerations for human administrator access in the cloud, and success with hybrid cloud environments.

Open hours greengrass_ep71

Robert Wolff

Deploying End to End Website on Azure

Intellipaat

The document describes how a startup founder deployed his website on Azure cloud services. As traffic to his application increased rapidly, he initially bought more servers manually but found it time-consuming. A friend introduced him to Azure, where he migrated the application and Azure automatically provisioned more servers as needed to handle traffic fluctuations in a cost-effective and availability-ensuring manner. The document then outlines some key Azure services like virtual machines, app services, storage, and networking and provides pricing examples for some free services to get started with Azure. It ends by providing contact details to learn more about Azure training from professionals.

AWS IoT - from Cloud to Edge | AWS Floor28

AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices and with AWS Greengrass you can extends AWS IoT Core onto your devices at the edge, so they can act locally on the data they generate. In this session we discuss the challenges of running IoT devices and how we solve them with AWS IoT that let you build powerful IoT and edge compute applications. In this tech talk, we will discuss how constrained devices can leverage AWS IoT and use AWS IoT Button to demonstrate building a real connected product, securely connect with AWS IoT.

Blockchain Ethereum Solutions with AWS & ConsenSys

The document discusses building Ethereum solutions with AWS and ConsenSys. It provides an overview of blockchain and Ethereum, case studies of ConsenSys projects in trade finance and supply chain, and solutions for infrastructure with AWS blockchain templates and Kaleido, smart contract development with Truffle and MetaMask, and applications involving token standards and CodeFi. The presentation concludes with a summary and information on upcoming AWS and ConsenSys offerings and communities.

Security Cas And Open Id

ConSanFrancisco123

The document discusses security and identity for web applications. It introduces Ruby CAS and OpenID as solutions for centralized authentication. CAS is described as a private, Java-based central authentication service, while OpenID is a public standard for decentralized authentication using vendors. Ruby gems like ruby-openid and rubycas-client allow integrating OpenID and CAS into Rails applications. Other authentication options like LDAP and NTLM are also mentioned briefly.

Kubernetes on AWS 實作工作坊

在這個workshop裡，您將會學到： - 在 AWS 上創建 Kubernetes Cluster - 使用 kubectl 操作 Kubernetes 服務 - 將 Kubernetes 上的應用部署到 AWS 上 - 熟悉 Kubernetes 的主要組成，包括 Cluster, Nodes, Pods, Deployments, Services, Ingress, ReplicaSets 等 - 伸縮擴展你的 Kubernetes 應用 - 配置 Ingress 結合 ALB (Application Load Balancer) 與NLB (Network Load Balancer)

Windows azure media services overview

Guada Casuso

This document outlines various media partners that work with a company to either build technology into their platform or build additional solutions on top of the platform. It lists categories of partners including those for ingestion, encoding, content protection, origin, CDN, ISVs, broadcasters, and clients/devices. It also distinguishes between partners that offer do-it-yourself options versus third party solutions.

Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018

Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...

CA API Management

The Essentials of AWS IoT Device Management (IOT326-R1) - AWS re:Invent 2018

AWS_IPC_EUC_Webinar_Deck_Final.pdf

This document discusses improving productivity through secure digital workspaces using Amazon Web Services (AWS) and Citrix solutions. It notes that the workplace is increasingly mobile and users expect quality experiences from any device. Meeting these demands can be difficult due to risks of exposing corporate data and the costs and complexity of on-premises solutions. AWS and Citrix together can accelerate delivering high-performance applications, desktops, and data globally through AWS's global footprint and breadth of services, while Citrix solutions simplify deployment and management of resources. This allows providing secure digital workspaces that deliver any application or desktop to any device through a unified management plane.

Cloud Computing Tutorial For Beginners | What is Cloud Computing | AWS Traini...

(NET202) Connectivity Using Software-Defined Networking & Advanced API

- AT&T NetBond provides virtual private connectivity between a customer's on-premises network and Amazon Web Services (AWS) using software-defined networking and advanced APIs. - It allows customers to access AWS services in a secure, private manner with consistent performance while gaining the flexibility and cost benefits of public cloud. - The document discusses industry trends driving hybrid cloud adoption, AT&T's global network capabilities, how NetBond connectivity to AWS works, example customer use cases, and AT&T's roadmap to expand the solution.

Bonding Your Private Network to Salesforce Clouds

Salesforce Developers

The document describes AT&T NetBond, a cloud networking solution that enables secure and high-performance connectivity between an organization's AT&T MPLS VPN network and multiple cloud applications and services. It discusses how NetBond provides private, redundant connections to clouds like Salesforce while avoiding the public internet, improving security, performance and simplicity over traditional internet connections. The document also outlines NetBond's advantages in security, performance and manageability compared to accessing clouds directly over the public internet.

AWS re:Inforce 2019 re:Cap Opening and Closing

Hayato Kiriyama

Beveiliging en REST services

Maurice De Beijer [MVP]

Synergies of Cloud Identity: Putting it All Together

What's hot

The JSON-based Identity Protocol Suite

Interoperability in a B2B Word (NordicAPIS April 2014)

Integrated social solutions, the power and pitfalls of mashups

Azure Virtual Network Tutorial | Azure Virtual Machine Tutorial | Azure Train...

Best practices for privileged access & secrets management in the cloud - DEM0...

Open hours greengrass_ep71

Robert Wolff

Deploying End to End Website on Azure

Intellipaat

AWS IoT - from Cloud to Edge | AWS Floor28

Blockchain Ethereum Solutions with AWS & ConsenSys

Security Cas And Open Id

ConSanFrancisco123

Kubernetes on AWS 實作工作坊

Windows azure media services overview

Guada Casuso

Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018

Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...

CA API Management

The Essentials of AWS IoT Device Management (IOT326-R1) - AWS re:Invent 2018

AWS_IPC_EUC_Webinar_Deck_Final.pdf

Cloud Computing Tutorial For Beginners | What is Cloud Computing | AWS Traini...

(NET202) Connectivity Using Software-Defined Networking & Advanced API

Bonding Your Private Network to Salesforce Clouds

Salesforce Developers

AWS re:Inforce 2019 re:Cap Opening and Closing

Hayato Kiriyama

What's hot (20)

The JSON-based Identity Protocol Suite

Interoperability in a B2B Word (NordicAPIS April 2014)

Integrated social solutions, the power and pitfalls of mashups

Azure Virtual Network Tutorial | Azure Virtual Machine Tutorial | Azure Train...

Best practices for privileged access & secrets management in the cloud - DEM0...

Open hours greengrass_ep71

Deploying End to End Website on Azure

AWS IoT - from Cloud to Edge | AWS Floor28

Blockchain Ethereum Solutions with AWS & ConsenSys

Security Cas And Open Id

Kubernetes on AWS 實作工作坊

Windows azure media services overview

Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018

Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...

The Essentials of AWS IoT Device Management (IOT326-R1) - AWS re:Invent 2018

AWS_IPC_EUC_Webinar_Deck_Final.pdf

Cloud Computing Tutorial For Beginners | What is Cloud Computing | AWS Traini...

(NET202) Connectivity Using Software-Defined Networking & Advanced API

Bonding Your Private Network to Salesforce Clouds

AWS re:Inforce 2019 re:Cap Opening and Closing

Viewers also liked

Beveiliging en REST services

Maurice De Beijer [MVP]

Synergies of Cloud Identity: Putting it All Together

Dominopoint - Italian Lotus User Group

#dd12 OAuth for Domino Developers

OAuth allows users to log in to websites using existing credentials from other sites rather than creating new usernames and passwords. It works by using tokens that are signed by the authenticating site to verify the user's identity without sharing the actual login credentials. The XPages Extension Library provides plugins and examples to enable OAuth authentication for common services like Dropbox, Facebook, and Twitter from XPages applications using Domino.

Twobo LDAP Attribute Store for ADFS

The document discusses the limitations of using non-Windows LDAP servers with ADFS and introduces the Twobo LDAP Attribute Store as an alternative. It allows ADFS to authenticate to and retrieve attributes from LDAP directories without Windows authentication by supporting simple and anonymous binding. The Twobo store is open source but also commercially supported. The document provides instructions for configuring and using the Twobo store within ADFS rules and policies.

SCIM presentation from CIS 2012

Introduction to OAuth2.0

Oracle Corporation

This document provides an overview of OAuth 2.0 including key terms, grant types, and workflows. It describes OAuth as an authorization framework that allows clients to access protected resources from an API without sharing the user's credentials. The document explains the roles of clients, resource owners, resource servers, and authorization servers. It also summarizes the authorization code grant flow, refresh tokens, and different OAuth grant types.

Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...

CA API Management

Identity on the Internet is changing. Social networking has kicked off a massive change in how we integrate identity across applications. This is much more than a simple redesign of security tokens and protocols; instead it is a radical redistribution of power and control over entitlements, shifting it away from the centralized control of a cabal of directory engineers and out to the users themselves. There are compelling reasons for this shift: it enables scaling of identity administration, and it promotes rapid and agile integration of applications. These are goals shared by the enterprise, but this change has significant implications on infrastructure, people and process. Join us to learn how you can bring modern identity management into the enterprise.

OAuth and OpenID Connect for Microservices

The document discusses using OAuth and OpenID Connect to secure microservices. It describes how OAuth allows for scalable delegation of access across services. OpenID Connect builds on OAuth to also return identity information to clients in a JSON Web Token (JWT), allowing for single sign-on. The document recommends using OAuth/OIDC to authenticate users centrally and issuing JWTs to microservices, translating tokens through an API gateway for service-to-service communication.

Viewers also liked (8)

Beveiliging en REST services

Synergies of Cloud Identity: Putting it All Together

#dd12 OAuth for Domino Developers

Twobo LDAP Attribute Store for ADFS

SCIM presentation from CIS 2012

Introduction to OAuth2.0

Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...

OAuth and OpenID Connect for Microservices

Similar to Transforming organizations into platforms

Keynote Ouverture Plénière - Sébastien Verger

RSD

The document discusses how digital technologies are transforming the world, with billions of connected people and devices generating zettabytes of data by 2020. It outlines EMC's dual innovation model of research/development and acquisitions to develop solutions across information storage, protection, intelligence, cloud platforms, and services. EMC aims to help organizations address challenges of agility, cost, and risk management through software-defined infrastructure, open cloud platforms, big data analytics, and intelligence-driven security.

Meet Jan Baan @ Coimbatore

kovaitechstart

This document discusses the history and future of Vanenburg Software over 35 years, including investments in other companies. It focuses on the transition to third platform technologies like mobile, cloud, big data and IoT. Mature enterprise platform as a service (PaaS) solutions are said to increase agility and reduce costs, allowing businesses to develop applications and launch new products faster. The rise of mobility and third platform approaches will drive most future IT developments.

[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018

The document discusses AWS IoT Things Graph, a visual tool for building automation applications using devices connected to AWS IoT. It describes how Things Graph allows non-programmers to visually create workflows by connecting device models and defining interactions without code. It also discusses how Things Graph applications can be deployed to AWS Greengrass devices and monitored using CloudWatch metrics. Two examples of using Things Graph for smart home applications are provided.

Tips for Building IoT Applications Faster (IOT366) - AWS re:Invent 2018

AWS IoT services help you connect devices to AWS services and other devices, secure data, interactions, and process, act on device data, and enable applications to interact with devices, even when they are offline. In this session, we provide tips for using the portfolio to create applications faster and deploying applications at the edge. We show you how to save time when adding new kinds of devices to your applications.

ServiceNow ecosystem - True Blue Partners - Review of key investment and mer...

Sunil Grover

Connecting the New Enterprise | MuleSoft

MuleSoft

Watch an on-demand recording of this presentation: http://www.mulesoft.com/webinars/esb/connecting-the-new-enterprise The mega-trends of SaaS, mobile and Big Data are converging, generating a new wave of business opportunity for enterprises. The convergence demands a new kind of platform – one that connects and takes advantage of the explosion of endpoints and data caused by organizations each choosing a uniquely diverse set of best-of-breed applications to power their business. Ross Mason discusses his vision for this new platform and demonstrate how MuleSoft’s solutions are making it a reality. Discussions include: How will SaaS and mobility impact my business? Is SOA really dead? Does my business need an API strategy? Where should we start? Can the Anypoint platform help me secure a competitive advantage?

Social World

prasadpawaskar

Social Media, Cloud Computing and architecture

Rick Mans

Marketing in the Age of Mobile

Adobe Experience Cloud

Mobile usage is growing rapidly, with people checking their phones hundreds of times per day. Many companies have rushed to create mobile apps but struggle with user acquisition, analytics, and iteration. Adobe's Project Fast Track created a unified solution across its mobile apps and Creative Cloud to gather usage data and enable data-driven product improvements. The project team integrated Adobe's Mobile SDK and Analytics to provide insights from nine apps in just nine weeks. This system allows Adobe to better understand user behavior and quickly iterate apps to increase engagement and subscriptions.

Starting your Cloud Journey - AWSomeDay Israel

Starting your cloud journey - AWSomeDay Israel

Boaz Ziniman

Starting your Cloud Transformation Journey - Tel Aviv Summit 2018

Starting your Cloud Transformation Journey - Tel Aviv Summit 2018

Boaz Ziniman

CWIN17 Rome / The sas platform for the new generation of ai and ml

Capgemini

The document discusses the SAS analytics platform and how it helps enterprises maximize the value of their data. It describes key trends shaping IT like human-machine interaction, big data, cloud computing, and artificial intelligence. The SAS platform provides a unified environment for accessing, preparing, governing, deploying, discovering, reporting on, exploring, forecasting, predicting, and optimizing data across multiple cloud and on-premise environments using a variety of interfaces. It also discusses how the platform supports new data types and analytics for artificial intelligence using techniques like machine learning, deep learning, and natural language processing.

AWS 預測性維護與智慧物聯應用