Cloud Computing Patterns, Mechanisms > Cloud Service and Storage Security Patterns > Secure Cloud Interfaces and APIs
Secure Cloud Interfaces and APIs (Cope, Erl)
How can APIs be secured against unauthorized access?
Problem
On-premise and cloud-based resource interfaces and APIs are, by default, vulnerable to attacks through a number of vectors and methods.
Solution
A cloud identity and access management (IAM) system is instituted to differentiate intruders from legitimate consumers.
Application
An authentication gateway service (AGS) and an IAM system are implemented to identify and authenticate legitimate consumers and grant them access, while denying access to intruders.
Compound Patterns
Burst In, Burst Out to Private Cloud, Burst Out to Public Cloud, Cloud Authentication, Cloud Balancing, Elastic Environment, Infrastructure-as-a-Service (IaaS), Isolated Trust Boundary, Multitenant Environment, Platform-as-a-Service (PaaS), Private Cloud, Public Cloud, Resilient Environment, Resource Workload Management, Secure Burst Out to Private Cloud/Public Cloud, Software-as-a-Service (SaaS)
The AGS authenticates cloud consumers for access to APIs.
This mechanism is covered in CCP Module 7: Fundamental Cloud Security and
in Module 8: Advanced Cloud Security.
For more information regarding the Cloud Certified Professional (CCP) curriculum, visit www.arcitura.com/ccp.
The architectural model upon which this design pattern is based is further covered in:
Cloud Computing Design Patterns by Thomas Erl, Robert Cope, Amin Naserpour
(ISBN: 9780133858563, Hardcover, ~ 528 pages)
For more information about this book, visit www.arcitura.com/books.