book

Securing Microservice APIs

by Matt McLarty, Rob Wilson, Scott Morrison

March 2018

Intermediate to advanced

49 pages

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
Who Should Read This ReportWhat’s in This ReportWhat’s Not in This ReportConventions Used in This BookO’Reilly SafariHow to Contact UsAcknowledgments
1. Microservice Architecture
The Microservice API LandscapeAPI Access Control for MicroservicesIdentificationAuthenticationAuthorizationAccountabilityMicroservice Architecture QualitiesManageability/OperabilityPerformanceUsability
2. Access Control for Microservices
Establishing TrustNetwork-Level ControlsLocalhost IsolationNetwork SegmentationThe Bottom Line for MicroservicesApplication-Level ControlsThe Problem with Traditional Web TokensModern Tokens For APIsThe Bottom Line for MicroservicesInfrastructureProxy/GatewayNetwork OverlaysPaaSEmerging ApproachesService MeshServerless Computing
3. A General Approach to Microservice API Security
Common Patterns in Microservice API Security SolutionsDomain Hierarchy Access Regulation for Microservice Architecture (DHARMA)DHARMA Design MethodologyA Platform-Independent DHARMA ImplementationDomain HierarchyTrust and Access MechanismsImplementation ConsiderationsSummary of the Platform-Independent DHARMA ImplementationDeveloper Experience in DHARMAEnabling Access Control for a Service/APIPublishing and Discovering API Access Control PoliciesAccess Control Policy Change Management
4. Conclusion: The Microservice API Security Frontier
Standardizing the Language of MicroservicesApplying DHARMAExtending DHARMA
A. Helpful Resources
API and Microservices PracticesEmerging Microservice Technologies

Overview

There are several techniques for controlling access to web APIs in microservice architectures, ranging from network controls to cryptographic methods and platform-based capabilities. This short ebook introduces an API access control model that you can implement on a single platform or across multiple platforms to provide cohesive security across your network of microservices.

Until now, speed of delivery rather than security has motivated organizations to adopt a microservices architecture. Authors Matt McLarty and Rob Wilson propose a vocabulary and model for logical and physical systems of microservices, review current practices for web API access control in a microservice architecture, and present DHARMA—a comprehensive, platform independent approach to API access control.

This ebook is ideal for architects, product owners, development leaders, platform teams, and operational managers.

This ebook includes:

A platform-neutral overview of the microservices landscape
Current network-, trust-, and platform-based security technologies and solutions that apply to microservice APIs
The proposed DHARMA cross-platform model for securing microservice API access control
A word on the future direction of microservice API security

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781492027140

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills