Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Securing API Using API Gateway


Affiliations
1 Department of CS, Institute of Engineering & Technology, DAVV University, Khandwa Road, Indore-452001, India
2 Department of IT, Institute of Engineering & Technology, DAVV University, Khandwa Road, Indore-452001, India
     

   Subscribe/Renew Journal


Like traditional local APIs, web service APIs (web APIs for short) evolve, bringing new and improved functionality as well as insecurities. The Application Programming Interface (API) may be longstanding theory but it’s the one that is going through transformations. Enterprises have a decent impact on the line, including reputation, guideline and the concurrent needs of partners, customers, shareholders, and employees. As driven by cloud and mobile hungers, everyday organizations are opening their information assets to external developers. API publishing must be dealt with excessive care by enterprises. In this paper, we report an approach to provide security to API to address this issue. We analyzed the three popular attack vectors which act as threat to APIs and carefully studied how API Gateway can be used to secure the existing APIs. Our findings are threefold: 1) We examine the major vulnerabilities in an API; 2) We identify the Security solution by the means of API Gateway; 3) We examine the different tools used for API Management, to give Web and IT managers and enterprise architects vital facts and figures for selecting an API Management solution.


Keywords

API Security, Web Application Security, Web Service API Evolution.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 293

PDF Views: 3




  • Securing API Using API Gateway

Abstract Views: 293  |  PDF Views: 3

Authors

Arpita Gangrade
Department of CS, Institute of Engineering & Technology, DAVV University, Khandwa Road, Indore-452001, India
Bhawna Nigam
Department of IT, Institute of Engineering & Technology, DAVV University, Khandwa Road, Indore-452001, India

Abstract


Like traditional local APIs, web service APIs (web APIs for short) evolve, bringing new and improved functionality as well as insecurities. The Application Programming Interface (API) may be longstanding theory but it’s the one that is going through transformations. Enterprises have a decent impact on the line, including reputation, guideline and the concurrent needs of partners, customers, shareholders, and employees. As driven by cloud and mobile hungers, everyday organizations are opening their information assets to external developers. API publishing must be dealt with excessive care by enterprises. In this paper, we report an approach to provide security to API to address this issue. We analyzed the three popular attack vectors which act as threat to APIs and carefully studied how API Gateway can be used to secure the existing APIs. Our findings are threefold: 1) We examine the major vulnerabilities in an API; 2) We identify the Security solution by the means of API Gateway; 3) We examine the different tools used for API Management, to give Web and IT managers and enterprise architects vital facts and figures for selecting an API Management solution.


Keywords


API Security, Web Application Security, Web Service API Evolution.