Presentation is loading. Please wait.

Presentation is loading. Please wait.

The ERA of API in the World of IoT Jing Zhang-Lee November, 2015.

Published byBaldric Henry Modified over 8 years ago

Similar presentations

Presentation on theme: "The ERA of API in the World of IoT Jing Zhang-Lee November, 2015."— Presentation transcript:

1 The ERA of API in the World of IoT Jing Zhang-Lee November, 2015

2 API: The Nerve of Internet of Things Network Transportation Smart Home Healthcare Industrial SurveillanceWearable API Services

3 Taste of IoT APIs Connect devices and cloud/web-based services 3 Evrythng Digital identity & profile for physical object Make products smart, interactive & traceable Crypto-secure API tokens Fitbit Wireless wearable sensors Health tracking and trending OAuth2 for API authentication & user authorization Grove Streams Environmental monitoring sensor technology Data stream analytics RESTful API Zatar IaaS detects and connects devices to internet Enable social media functions on IoT devices REST and JSON-based API Xively PaaS integrates physical devices with business systems to gain business insights RESTful API Thing Speak Open data platform for IoT data collection, processing and analysis Open API

4 A Paradigm Shift: API-Centric Organization 4 Governance API Lifecycle Mgmt Cloud Integration Activity Analytics Developer Experience Multi- channel Delivery Secure Services SLA & Usage Throttling

5 Enabling API-Centric: Processes & Tools 5 Agility, Responsiveness & Convenience Secure Testing Integration Service Developer Portal API Gateway API Curate DevOp

6 Top 5 API Security Considerations 6 API design patterns Security reference architecture & design patterns Design Pattern Authentication & granular authorization Access policy governance Adaptive access control Access Control Input validation & output encoding Content filtering & exception handling Data sanitization Secure Coding Session identifiers protection Session lifecycle – instantiation, usage, timeout, etc. Secure token service Session Management API access request logging Access attempt monitoring for brute force & lateral attacks Analytics & actions Monitoring

7 API Security Model At a Glance 7 Integration Service API Orchestration Data transformation Access Management Authentication Authorization Access Policy Mgmt API Gateway API creation, virtualization & adminitration API firewall SLA & Usage monitoring Secure session management Monitoring Activity logging Monitoring alerts Intelligence Access intelligence Threat intelligence Adaptive Access Behavior analysis Risk profiling Services Mobile Client Web Client Developer

Download ppt "The ERA of API in the World of IoT Jing Zhang-Lee November, 2015."

Similar presentations

Oracle IDM at First National Bank

Oracle IDM at First National Bank
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
Internet of Things Security Architecture

Internet of Things Security Architecture
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,

NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,
World’s Most Accurate Location-base mobile application platform.

World’s Most Accurate Location-base mobile application platform.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
1 3 rd SG13 Regional Workshop for Africa on “ITU-T Standardization Challenges for Developing Countries Working for a Connected Africa” (Livingstone, Zambia,

1 3 rd SG13 Regional Workshop for Africa on “ITU-T Standardization Challenges for Developing Countries Working for a Connected Africa” (Livingstone, Zambia,
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Practical Steps to Secure your APIs for Mobile Mark O’Neill VP Innovation, Axway.

Practical Steps to Secure your APIs for Mobile Mark O’Neill VP Innovation, Axway.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
© Copyright 2011 Hewlett-Packard Development Company, L.P. 1 Sundara Nagarajan (“SN”) CLOUD SYSTEMS AUTOMATION.

© Copyright 2011 Hewlett-Packard Development Company, L.P. 1 Sundara Nagarajan (“SN”) CLOUD SYSTEMS AUTOMATION.
4G-LTE: Enhancing Efficiency in Organizations. Factors Impacting Digitization Processes and Systems January-20142 Powerful Platforms and Devices Storage.

4G-LTE: Enhancing Efficiency in Organizations. Factors Impacting Digitization Processes and Systems January Powerful Platforms and Devices Storage.
Geneva, Switzerland, 17 October 2011 SDP Components for Converged Telecom-Internet Applications Changsup Keum, Principal Researcher ITU Workshop on “Service.

Geneva, Switzerland, 17 October 2011 SDP Components for Converged Telecom-Internet Applications Changsup Keum, Principal Researcher ITU Workshop on “Service.
Copyright ©2012 Ping Identity Corporation. All rights reserved.1.

Copyright ©2012 Ping Identity Corporation. All rights reserved.1.
IoT, Big Data and Emerging Technologies

IoT, Big Data and Emerging Technologies
Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.

Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.
1 MIKE MARCELLIN VP PRODUCT MARKETING. THE NEW NETWORK ENABLES CLOUD SERVICES, SECURITY, MOBILITY AND CONTENT DELIVERY NETWORKS.

1 MIKE MARCELLIN VP PRODUCT MARKETING. THE NEW NETWORK ENABLES CLOUD SERVICES, SECURITY, MOBILITY AND CONTENT DELIVERY NETWORKS.
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.

Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.

Similar presentations

Ads by Google