managing sensitive information in an api and microservices world
Post on 08-Jan-2017
167 Views
Preview:
TRANSCRIPT
Presented by Joshua Norrid, Apigee and Peter Miron, Apcera
Managing Sensitive Information in an API and Microservices World
Innovation, Meet Trust.+
©2016 Apigee Corp. All Rights Reserved.
• Customers/Consumers want CONVENIENCE.• All parties desire CONTROL of sensitive data.• All parties demand CONSISTENCY of experience and process.• Sensitive Data Providers must apply CONSTRAINTS to
CONSUMPTION.• Sensitive Data Providers must achieve and maintain
COMPLIANCE.
3
A “Chain of Custody” is required for managing sensitiveinformation with APIs in the digital world.
Why Are We Talking About This?
4
Any Application๏ Cloud Native Applications๏ Legacy x86 Applications๏ Containerized Applications and more!
Any Infrastructure
Composition, Orchestration & Deployment
Networking + Nano-Segmentation
Application Service Management
Policy & Enforcement
etc.
Apcera: A Trusted Application Management Platform
Composition, Orchestration & Deployment
Networking + Nano-Segmentation
Application Service Management
WorkloadComposition
WorkloadResource Management
WorkloadScheduling and Placement
WorkloadCommunication and Connectivity
Policy and Automated Enforcement
©2016 Apigee Corp. All Rights Reserved. 5
The Digital Value Chain
©2016 Apigee Corp. All Rights Reserved. 6
The Extended Digital Value Chain
Apigee + Apcera: Capabilities Magnified
©2016 Apigee Corp. All Rights Reserved.
ReportingService
Report
Request Report
Service ConsumersA. Business PartnersB. Regulatory AgenciesC. ComplianceD. Legal Requests
Report Information ClassificationA. Customer Privacy RelatedB. Business CriticalC. Trade Secret
Trace Data Requests and Fulfillment at Each System / Application Handoff• Who requested what data? When?• Who else has access to that data?• What services participated in the transaction to produce the report?• What policies enabled that participation in the transaction?• Are we certain no one and no other services have access to that data?
General Use Case
Trusted3rd PartyConsumer
Example
©2016 Apigee Corp. All Rights Reserved.
©2016 Apigee Corp. All Rights Reserved. 11
©2016 Apigee Corp. All Rights Reserved. 12
©2016 Apigee Corp. All Rights Reserved. 13
©2016 Apigee Corp. All Rights Reserved.
©2016 Apigee Corp. All Rights Reserved.
©2016 Apigee Corp. All Rights Reserved.
©2016 Apigee Corp. All Rights Reserved. 17
The Extended Digital Value Chain
Learn More at
www.apcera.com
Thank You!Joshua Norrid
@JoshuaNorridjnorrid@apigee.com
Peter Miron@PeterMiron
peter.miron@apcera.com
top related