mobile web and apps world new orleans- session 9 vordel mobile apimanagement

Download Mobile Web and Apps World New Orleans- Session 9 Vordel Mobile APIManagement

Post on 18-Dec-2014




0 download

Embed Size (px)


What is Feeding Your Mobile Apps? How to Deliver and Secure Mobile Enabled APIs. Enterprises are building mobile applications for customers, partners, employees, and vendors. Whether the applications are for Apple, Android or Windows powered devices, these applications increasingly need to communicate with enterprise applications, transmit sensitive data and perform business transactions. To enable rich capabilities for mobile applications, the backend APIs supporting these applications must be delivered in a secured and scalable manner. In this session we will discuss how to deliver mobile enabled APIs for enterprise applications in a way that is secure, scalable and manageable. Ed King, Vice President of Product Marketing- Vordel


  • 1. What Is Feeding Your Mobile Apps?How to Deliver and Secure Mobile Enabled APIs Ed King Vice President, Product Marke>ng Vordel
  • 2. APIs Power Mobile Applications 2
  • 3. Which Type of API Do You Have?Consumer APIs Enterprise APIs Social media, content delivery, Business or consumer transactions shopping, public service Transmit sensitive data Do not transmit sensitive data Covered by compliance mandates User has data ownership Contract-binding quality obligations No service quality obligations National security or public safety Commodity, low switching cost implications No/low barrier for access Authorized access only Differentiate on ease of adoption Strong security & audit Minimal security & audit Meet compliance requirements Minimal integrations Support existing systems, Business usage statistics processes, & integration Operational support 3
  • 4. All-In-One Consumer API PortalDevelopers Applications API Owners Simple solution for limited consumer APIs distribution API Self-Service Business ownership without Configuration much IT support Application Documentation Registration Forum & 24x7 self-service without Credentials Community internal process API Proxy Business dependencies Lite Transformation Reporting Good standard user experience out-of-the-box Own APIs 3rd-Party APIs 4
  • 5. Two-Tier Enterprise API Delivery Platform Partners API Owners Applications Leverage existing systems, processes, & relationships Partner Internal Support multiple portalsDeveloper Developer Portal Portal from a single infrastructure Convert backend interfaces into usable external APIs API Gateway Meet enterprise security, compliance, & operational requirementsOwn APIs 3rd-Party APIs 5
  • 6. API Aggregation Aggregate APIs across multiple sources Virtualize & create branded APIs Simplify adoption of APIs 6
  • 7. API Orchestration Mash-up APIs to create differentiated services Leverage third-party APIs, i.e. GoogleMaps, Twitter, FedEx Tracking Make use of existing B2B and A2A web services 7
  • 8. API Transformation Transform enterprise applications legacy interfaces to REST / JSON / OAuth Leverage decade of Service Oriented Architecture (SOA) investment Keep up with the evolution of mobile & web API technologies 8
  • 9. API Security Secure communication channel with signing & encryption Protect against API & device vulnerabilities, poor mobile app design Monitor & prevent data leakage 9
  • 10. API Authentication & Authorization Extend identity management platforms to handle user, application, & device level authentications Enable Bring-Your-Own- Identity customers with federation Leverage pre-built integrations with leading identity management platforms & identity provider services 10
  • 11. API Traffic Control Set quota & meter usage, route traffic & APIs Uphold service quality & offer different service levels Protect against friendly fire & noisy neighbor problems 11
  • 12. API Monitoring & Audit Audit end-to-end transactions Provide audit trail for compliance, billing, & service audit Analyze API usage statistics 12
  • 13. Business Process Integration Integrate with partner on- boarding, billing, & other business processes Integrate with sales & marketing automation, CRM, ERP, commerce, & logistics systems Manage APIs as products & channels 13
  • 14. API Gateway CapabilitiesExternal Virtualized Transformed Aggregated Mash-up APIs API Gateway Traffic Management Security Request & response routing API key & certificate mgmt. Throttling & metering OAuth & SAML federation Quota management AuthN, authZ, & audit SLA management Content firewalling Caching Service Mediation Reporting & Monitoring External API virtualization Transaction logging Protocol translation Service statistics reporting Data transformation SLA monitoring & alerting Data redaction & enrichment Real-time monitoring Internal APIs, Services,Interfaces 14
  • 15.