api gateway - ofm canberra october 2014
Post on 25-May-2015
129 Views
Preview:
DESCRIPTION
TRANSCRIPT
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle API Gateway
Damien McAullayOracle Fusion MiddlewareOctober 2014
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 2
Defining APIs …
• APIs are the face of enterprise applications and processes• From the APIs’ consumers’ perspective, they are the applications• Organizations can use different APIs to create optimized applications for
customers, partners & employees• It is imperative that organizations apply the same rigor to applications
lifecycle management to API lifecycle management
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 3
What is an API Gateway or API Management?
• Every API requires a supporting infrastructure to make sure the APIs are properly managed, delivered & secured
• OAG provides an enterprise platform for API delivery removing the needs for APIs owners to build repeatedly one-off support infrastructure
• APIs enable enterprises to deliver business services via Cloud, mobile or partners channels
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 4
Oracle API Gateway – What/How?
• API transformation and protocol switch• API control & runtime governance• API scalability and reliability• API security – AAA and Threats mitigation• API monitoring – routing and throttling• API development lifecycle• API administration
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 5
Fine Grained AuthZ and Data Redaction
• Name & Contact Info
• Masked SSN
• Primary Physician
• Insurance
Response
• Name & Contact Info
• Masked SSN
• Primary Physician
• Insurance
•Payment History
Response
• Name & Contact Info
• Primary Physician
• Health History
Response
Legacy
Patient Record
Application
Legacy
Patient Record
Application
Existing API ReturnsName & Contact Info
SSN
Physician Info
Existing Conditions
Prescriptions
Health Records
Insurance
Payment History
Existing API ReturnsName & Contact Info
SSN
Physician Info
Existing Conditions
Prescriptions
Health Records
Insurance
Payment History
Entitlements Server
Help desk
Doctor
AccountingPEPPEP
PDPPDP
Oracle APIGateway
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 6
Client Oriented Requests & Throttling• Client-based policies for the same web service end-point– Policy A for Client 1 and Policy B for Client 2
• Client-based throttling– Allow 100 transactions per second (TPS) for Client 1 and 250 TPS for Client 2
• Client-based service-level agreement (SLA) alarms• Hiding service operations from certain clients• Client can be identified through– IP address, SAML attributes, SOAP/transport headers– Identity attribute lookup after authentication– Device IDs / IDContext Attributes
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 7
API Key Management
Corporate DMZ
Unified Agent
SOAP/REST and Legacy Web Services
Security Gateway
HR
CRM
Talent
APIKey_AWS APIKey_Salesforce
API Key + Web Service Request
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 8
Oracle API Gateway – Where?
First Line Of Defense
Shared Services Layer
End PointSecurityHTTP,
SOAP, REST,XML, JMS
HTTP, SOAP, REST, XML, JMS
Service BusOWSM Agent
OWSM Agent
DMZ
WS-Security,Basic Auth,Digest,X509, UNT,SAML, KerberosSign & Encrypt
OWSM Agent
OWSM Agent
OWSM Agent
OWSM Agent
WS-Security,Basic Auth,Digest,X509, UNT,SAML, KerberosSign & Encrypt
OAG
Intranet
Applications
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 9
Concepts and Architecture – Logical Components
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 10
Concepts and Architecture – Policy Studio and OAG Manager
OAG INSTANCE 1 OAG INSTANCE 3STOCK CONTROL APIs GROUP
OAG INSTANCE 2 OAG INSTANCE 4PAYMENT APIs
GROUP
PHYSICAL / VIRTUAL MACHINE 1 PHYSICAL / VIRTUAL MACHINE 2
DOMAIN
ADMIN NODE MANAGER NODE MANAGER
OAGMANAGER
POLICY STUDIO
MANAGESMANAGES
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 11
Concepts and Architecture – Configuration Parts
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 12
Concepts and Architecture – Lifecycle Management
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 13
Concepts and Architecture – Lifecycle Management
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 14
Demo
top related