API Connect

Principles for API Security - White Paper 

Thu March 19, 2020 09:48 AM

APIs allow fast and easy access to corporate assets. If you are focused on security this may be a scary thought! But the value obtained using business APIs – easing consumption of corporate assets enabling speed to market, allowing the business to reach more potential customers, and helping drive faster innovation – is significant.  It is the foundation of the “API Economy” and a core component in enabling digital transformation and building digital ecosystems. Because the value provided by APIs is so high, APIs are a target for exploitation by those wishing to inappropriately access your business assets or cause damage to your enterprise. Therefore, API security is of paramount importance in gaining the promised benefits without exposure to negative consequences.


Focus on security is an ongoing effort as hackers continue to try new techniques to break into systems. It is not possible to declare security tasks completed nor should you assume your APIs are ever 100% secure. But there are principles, technologies, and techniques that can minimize the risk and provide the highest probability of success in stopping both intentional and inadvertent misuse of business assets.


But how is this accomplished?  To address this topic, we have published a white paper titled, “Principles for API Security”.  The goal of this paper is to focus on a set of security principles to drive the highest possible level of API protection.  Covered topics include:

  • Strategic API Economy Security Principles
  • Basic API Security Principles
  • API Exposure, Scope, and Positioning Principles
  • API Gateway Security Principles
  • Recommendations


Security discussions are often very technical, delving into how to deliver a desired

security capability. Rather than focus on how, this paper focuses on why - highlighting

the objectives that need to be achieved to have a more secure posture, and why not

meeting the principle is a potential security issue. Technology is ever evolving with

new technologies emerging all the time. Security principles are longer lasting. While

the technical implementation of a principle may change, the principle should remain


Entry Details

0 Favorited
1 Files
pdf file
Principles for API Security   2.21 MB   1 version
Uploaded - Thu March 19, 2020
#Security #API

Tags and Keywords

Related Entries and Links

No Related Resource entered.