With the advent of APIs in the enterprise comes the need for a new security model. An effective runtime security strategy for the type of open integration environment created by APIs requires the deployment of three intertwined elements – a policy enforcement point, a policy decision point and an attribute service.
Layer 7’s SecureSpan API Proxy fits into this strategy as the policy enforcement point. The API Proxy verifies/authenticates any incoming message before assembling a standard XACML request, which is then sent to the policy decision point. Layer 7 offers easy integration with leading policy decision point technologies from Axiomatics and Radiant Logic.
To help enterprise architects understand how XACML is used for this kind of integration, we’ve been organizing a series of workshops in collaboration with our friends at Axiomatics, Radiant Logic and SailPoint. Coming up, we’ve got events at the Mikrotek Training Facilities in San Francisco, Chicago and New York. Here are the details:
- San Francisco
February 27, 9am-5pm
March 5-6, 9am-5pm
- New York
March 8, 9am-5pm