• Complain

Neil Madden - API Security in Action

Here you can read online Neil Madden - API Security in Action full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2021, publisher: Manning Publications Co., genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Neil Madden API Security in Action
  • Book:
    API Security in Action
  • Author:
  • Publisher:
    Manning Publications Co.
  • Genre:
  • Year:
    2021
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

API Security in Action: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "API Security in Action" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

A comprehensive guide to designing and implementing secure services. A must-read book for all API practitioners who manage security. - Gilberto Taccari, PentaAPI Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide youll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography.A web API is an efficient way to communicate with an application or service. However, this convenience opens your systems to new security risks. API Security in Action gives you the skills to build strong, safe APIs you can confidently expose to the world. Inside, youll learn to construct secure and scalable REST APIs, deliver machine-to-machine interaction in a microservices architecture, and provide protection in resource-constrained IoT (Internet of Things) environments.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the technologyAPIs control data sharing in every service, server, data store, and web client. Modern data-centric designsincluding microservices and cloud-native applicationsdemand a comprehensive, multi-layered approach to security for both private and public-facing APIs.About the bookAPI Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide youll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. When youre done, youll be able to create APIs that stand up to complex threat models and hostile environments.Whats insideAuthenticationAuthorizationAudit loggingRate limitingEncryptionAbout the readerFor developers with experience building RESTful APIs. Examples are in Java.About the authorNeil Madden has in-depth knowledge of applied cryptography, application security, and current API security technologies. He holds a Ph.D. in Computer Science.

Neil Madden: author's other books


Who wrote API Security in Action? Find out the surname, the name of the author of the book and a list of all author's works by series.

API Security in Action — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "API Security in Action" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

API Security in Action - image 1

API Security in Action

Neil Madden

To comment go to liveBook

API Security in Action - image 2

Manning

Shelter Island

For more information on this and other Manning titles go to

manning.com

Copyright

For online information and ordering of these and other Manning books, please visit manning.com. The publisher offers discounts on these books when ordered in quantity.

For more information, please contact

Special Sales Department

Manning Publications Co.

20 Baldwin Road

PO Box 761

Shelter Island, NY 11964

Email: orders@manning.com

2020 by Manning Publications Co. All rights reserved.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps.

Recognizing the importance of preserving what has been written, it is Mannings policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine.

API Security in Action - image 3

Manning Publications Co.

20 Baldwin Road Technical

PO Box 761

Shelter Island, NY 11964

Development editor:

Toni Arritola

Technical development editor:

Joshua White

Review editor:

Ivan Martinovi

Production editor:

Deirdre S. Hiam

Copy editor:

Katie Petito

Proofreader:

Keri Hales

Technical proofreader:

Ubaldo Pescatore

Typesetter:

Dennis Dalinnik

Cover designer:

Marija Tudor

ISBN: 9781617296024

front matter
preface

I have been a professional software developer, off and on, for about 20 years now, and Ive worked with a wide variety of APIs over those years. My youth was spent hacking together adventure games in BASIC and a little Z80 machine code, with no concern that anyone else would ever use my code, let alone need to interface with it. It wasnt until I joined IBM in 1999 as a pre-university employee (affectionately known as pooeys) that I first encountered code that was written to be used by others. I remember a summer spent valiantly trying to integrate a C++ networking library into a testing framework with only a terse email from the author to guide me. In those days I was more concerned with deciphering inscrutable compiler error messages than thinking about security.

Over time the notion of API has changed to encompass remotely accessed interfaces where security is no longer so easily dismissed. Running scared from C++, I found myself in a world of Enterprise Java Beans, with their own flavor of remote API calls and enormous weight of interfaces and boilerplate code. I could never quite remember what it was I was building in those days, but whatever it was must be tremendously important to need all this code. Later we added a lot of XML in the form of SOAP and XML-RPC. It didnt help. I remember the arrival of RESTful APIs and then JSON as a breath of fresh air: at last the API was simple enough that you could stop and think about what you were exposing to the world. It was around this time that I became seriously interested in security.

In 2013, I joined ForgeRock, then a startup recently risen from the ashes of Sun Microsystems. They were busy writing modern REST APIs for their identity and access management products, and I dived right in. Along the way, I got a crash course in modern token-based authentication and authorization techniques that have transformed API security in recent years and form a large part of this book. When I was approached by Manning about writing a book, I knew immediately that API security would be the subject.

The outline of the book has changed many times during the course of writing it, but Ive stayed firm to the principle that details matter in security. You cant achieve security purely at an architectural level, by adding boxes labelled authentication or access control. You must understand exactly what you are protecting and the guarantees those boxes can and cant provide. On the other hand, security is not the place to reinvent everything from scratch. In this book, I hope that Ive successfully trodden a middle ground: explaining why things are the way they are while also providing lots of pointers to modern, off-the-shelf solutions to common security problems.

A second guiding principle has been to emphasize that security techniques are rarely one-size-fits-all. What works for a web application may be completely inappropriate for use in a microservices architecture. Drawing on my direct experience, Ive included chapters on securing APIs for web and mobile clients, for microservices in Kubernetes environments, and APIs for the Internet of Things. Each environment brings its own challenges and solutions.

acknowledgments

I knew writing a book would be a lot of hard work, but I didnt know that starting it would coincide with some of the hardest moments of my life personally, and that I would be ending it in the midst of a global pandemic. I couldnt have got through it all without the unending support and love of my wife, Johanna. Id also like to thank our daughter, Eliza (the littlest art director), and all our friends and family.

Next, Id like to thank everyone at Manning whove helped turn this book into a reality. Id particularly like to thank my development editor, Toni Arritola, who has patiently guided my teaching style, corrected my errors, and reminded me who I am writing for. Id also like to thank my technical editor, Josh White, for keeping me honest with a lot of great feedback. A big thank you to everybody else at Manning who has helped me along the way. Deirdre Hiam, my project editor; Katie Petito, my copyeditor; Keri Hales, my proofreader; and Ivan Martinovic, my review editor. Its been a pleasure working with you all.

Id like to thank my colleagues at ForgeRock for their support and encouragement. Id particularly like to thank Jamie Nelson and Jonathan Scudder for encouraging me to work on the book, and to everyone who reviewed early drafts, in particular Simon Moffatt, Andy Forrest, Craig McDonnell, David Luna, Jaco Jooste, and Robert Wapshott.

Finally, Id like to thank Jean-Philippe Aumasson, Flavien Binet, and Anthony Vennard at Teserakt for their expert review of chapters 12 and 13, and the anonymous reviewers of the book who provided many detailed comments.

To all the reviewers, Aditya Kaushik, Alexander Danilov, Andres Sacco, Arnaldo Gabriel, Ayala Meyer, Bobby Lin, Daniel Varga, David Pardo, Gilberto Taccari, Harinath Kuntamukkala, John Guthrie, Jorge Ezequiel Bo, Marc Roulleau, Michael Stringham, Ruben Vandeginste, Ryan Pulling, Sanjeev Kumar Jaiswal (Jassi), Satej Sahu, Steve Atchue, Stuart Perks, Teddy Hagos, Ubaldo Pescatore, Vishal Singh, Willhelm Lehman, and Zoheb Ainapore: your suggestions helped make this a better book.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «API Security in Action»

Look at similar books to API Security in Action. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «API Security in Action»

Discussion, reviews of the book API Security in Action and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.