API Security in Action API Security in Action

API Security in Action

Neil Madden
    • $52.99
    • $52.99

Publisher Description

"A comprehensive guide to designing and implementing secure services. A must-read book for all API practitioners who manage security." - Gilberto Taccari, Penta

API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography.

A web API is an efficient way to communicate with an application or service. However, this convenience opens your systems to new security risks. API Security in Action gives you the skills to build strong, safe APIs you can confidently expose to the world. Inside, you’ll learn to construct secure and scalable REST APIs, deliver machine-to-machine interaction in a microservices architecture, and provide protection in resource-constrained IoT (Internet of Things) environments.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
APIs control data sharing in every service, server, data store, and web client. Modern data-centric designs—including microservices and cloud-native applications—demand a comprehensive, multi-layered approach to security for both private and public-facing APIs.

About the book
API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. When you’re done, you’ll be able to create APIs that stand up to complex threat models and hostile environments.

What's inside

    Authentication
    Authorization
    Audit logging
    Rate limiting
    Encryption

About the reader
For developers with experience building RESTful APIs. Examples are in Java.

About the author
Neil Madden has in-depth knowledge of applied cryptography, application security, and current API security technologies. He holds a Ph.D. in Computer Science.

Table of Contents

PART 1 - FOUNDATIONS

1 What is API security?

2 Secure API development

3 Securing the Natter API

PART 2 - TOKEN-BASED AUTHENTICATION

4 Session cookie authentication

5 Modern token-based authentication

6 Self-contained tokens and JWTs

PART 3 - AUTHORIZATION

7 OAuth2 and OpenID Connect

8 Identity-based access control

9 Capability-based security and macaroons

PART 4 - MICROSERVICE APIs IN KUBERNETES

10 Microservice APIs in Kubernetes

11 Securing service-to-service APIs

PART 5 - APIs FOR THE INTERNET OF THINGS

12 Securing IoT communications

13 Securing IoT APIs

GENRE
Computers & Internet
RELEASED
2020
November 20
LANGUAGE
EN
English
LENGTH
576
Pages
PUBLISHER
Manning
SELLER
Simon & Schuster Digital Sales LLC
SIZE
9.6
MB

More Books Like This

Advanced API Security Advanced API Security
Advanced API Security
2019
The Definitive Guide to Security in Jakarta EE The Definitive Guide to Security in Jakarta EE
The Definitive Guide to Security in Jakarta EE
2022
Secure Web Application Development Secure Web Application Development
Secure Web Application Development
2022
Advanced API Security Advanced API Security
Advanced API Security
2014
Integrating Web Services with OAuth and PHP Integrating Web Services with OAuth and PHP
Integrating Web Services with OAuth and PHP
2016
Securing the Perimeter Securing the Perimeter
Securing the Perimeter
2018