Más contenido relacionado La actualidad más candente (20) Similar a Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research Inc. (20) Más de CA API Management (20) Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research Inc.1. The IAM-as-an-API Era Has Arrived
And You Can Blame/Thank Mobility
Eve Maler, Principal Analyst, Security & Risk
Mobile Security Workshop
February 7, 2013
2. Agenda
! Consumerization of IT and its
cousins are challenging IAM
traditions
! Apply Zero Trust to your identity,
security, and agility problems in
"bring-your-own" environments
! Leverage emerging technologies to
provide identity services that are
mobile-cloud ready
© 2012 Forrester Research, Inc. Reproduction Prohibited 3
4. The future of IT is bring-your-own
everything
App sourcing and hosting
SaaS apps
Apps in public clouds
Partner apps
Apps in private clouds
On-premises enterprise apps
Enterprise computers Employees
Contractors
Enterprise-issued devices
Partners
Public computers Members
Personal devices Customers
App access channels User populations
Source: March 22, 2012, Forrester report
© 2012 Forrester Research, Inc. Reproduction Prohibited 5
“Navigate The Future Of Identity And Access Management”
5. Genentech’s Salesforce app trumps
native Salesforce.com
Source: Genentech webinar
© 2012 Forrester Research, Inc. Reproduction Prohibited
6. Steve Yegge describes why
… and the next challenge
[Jeff Bezos] issued a mandate that was so out there, so huge and
eye-bulgingly ponderous, that it made all of his other mandates look
like unsolicited peer bonuses. … “1) All teams will henceforth
expose their data and functionality through service interfaces.” …
Like anything else big and important in life, Accessibility has an evil
twin who, jilted by the unbalanced affection displayed by their parents
in their youth, has grown into an equally powerful Arch-Nemesis (yes,
there's more than one nemesis to accessibility) named Security. And
boy howdy are the two ever at odds.
But I'll argue that Accessibility is actually more important than Security
because dialing Accessibility to zero means you have no product at
all, whereas dialing Security to zero can still get you a reasonably
successful product such as the Playstation Network.
© 2012 Forrester Research, Inc. Reproduction Prohibited Source: Rip Rowan on Google Plus 7
7. Now many APIs have direct business
models, all enabling mobile
Source: John Musser of ProgrammableWeb.com
© 2012 Forrester Research, Inc. Reproduction Prohibited 8
9. Didn’t we already solve the web
services security problem?
Transport-layer
solutions
Platform-specific
solutions
XML signature, XML
encryption, XML
canonicalization
WS-Security, WS-Trust,
WS-I Basic Security
Profile
SAML
ID-WSF
© 2012 Forrester Research, Inc. Reproduction Prohibited 10
10. The API economy forces you to
confront the webdevification of IT
friction Y
value X
© 2012 Forrester Research, Inc. Reproduction Prohibited 11
11. Agenda
! Consumerization of IT and its
cousins are challenging IAM
traditions
! Apply Zero Trust to your identity,
security, and agility problems in
"bring-your-own" environments
! Leverage emerging technologies to
provide identity services that are
mobile-cloud ready
© 2012 Forrester Research, Inc. Reproduction Prohibited 12
12. In Zero Trust, all interfaces are treated
as untrusted
Apply Zero Trust all the way up the stack,
including – most particularly – identity and
access management functions.
Source: November 15, 2012, “No More Chewy Centers: Introducing The Zero Trust Model Of Information Security” Forrester report
© 2012 Forrester Research, Inc. Reproduction Prohibited 13
13. Internal to the
organization
Staff
user store
Organization serves as
an identity server for At external
business functions partners
Consumer
user store
Plan for Exposed to
customers
inward,
outward, A security token service (STS)
and circular
handles token issuance, translation,
and consumption.
identity Staff
propagation user store
Organization serves as
an identity client of Institutional
user stores user store
For functions internal
to the organization
Consumer
user store
© 2012 Forrester Research, Inc. Reproduction Prohibited Source: March 22, 2012 “Navigate The Future of IAM” Forrester report 14
14. Go from IDaaS to IAM-as-an-API
The business app’s
own API determines
access control
Back-end apps, web apps, mobile apps . . . granularity Business apps
API client API client IAM API client IAM API client
Internet Robustly protect all Internet
interfaces, regardless
of their sourcing
model
Web service and app APIs APIs for authentication,
authorization, provisioning . . .
Scale-out IAM
infrastructure infrastructure
Applying the pattern
API façade pattern
to IAM functions
© 2012 Forrester Research, Inc. Reproduction Prohibited Source: March 22, 2012 “Navigate The Future of IAM” Forrester report 15
15. Who’s already
doing it?
© 2012 Forrester Research, Inc. Reproduction Prohibited 16
16. Agenda
! Consumerization of IT and its
cousins are challenging IAM
traditions
! Apply Zero Trust to your identity,
security, and agility problems in
"bring-your-own" environments
! Leverage emerging technologies to
provide identity services that are
mobile-cloud ready
© 2012 Forrester Research, Inc. Reproduction Prohibited 17
17. New identity solutions disrupt…but attract.
Or, The good thing about reinventing the wheel is that
you can get a round one.*
*Douglas Crockford, inventor of JavaScript Object Notation (JSON)
Source: tom-margie | CC BY-SA 2.0 | flickr.com
18. Emerging IAM standards have an edge over traditional ones for Zero Trust
Key features:
• Agility
• Mobile/cloud friendliness
• Robustness
Key features:
• “Solving the right problem”
• Enterprise-only scope
Key features:
• Governance
• Hubris
© 2012 Forrester Research, Inc. Reproduction Prohibited Source: October 2012 “TechRadar™ For Security Pros: Zero Trust Identity Standards, Q3 2012” 19
19. The new Venn of access control for the
API economy
© 2012 Forrester Research, Inc. Reproduction Prohibited 20
20. Web 2.0 players invented OAuth just to
solve the “password anti-pattern”
© 2012 Forrester Research, Inc. Reproduction Prohibited 21
21. What it really does is let a resource
owner delegate constrained access
WS-SECURITY IN THE MODERN ERA IS PRONOUNCED “OAUTH”
© 2012 Forrester Research, Inc. Reproduction Prohibited 22
22. OAuth can help manage risk, cost, and
complexity
FOR INTERNET-SCALE ZERO TRUST, YOU NEED IT ALL
Gets client apps out of the business of storing passwords
Friendly to a variety of user authentication methods and
user devices, including smartphones and tablets
Allows app access to be tracked and revoked on a per-
client basis
Allows for least-privilege access to API features
Can capture explicit user authorization for access
Lowers the cost of secure app development
Bonus: provides plumbing for a much larger class of
needs around security, identity, access, and privacy
© 2012 Forrester Research, Inc. Reproduction Prohibited 23
23. Use case: consumer-facing web and
mobile apps
EBAY HAS “CHANNEL PARTNERS” THAT CREATE APPS FOR SELLERS
Third parties offer eBay seller
productivity apps to eBay (in resource owner role)
sellers who list items and do eBay
(in authorization server
other tasks through the and resource server roles)
eBay API.
These apps never see the Third-party seller app
seller’s eBay credentials. (in client role)
They don’t merely
“impersonate” the seller.
The app can take action
even if the user is offline.
© 2012 Forrester Research, Inc. Reproduction Prohibited 24
24. Use case: B2B and business SaaS app
integration through SAML SSO
CONSTRUCTION FIRM LETS PROJECT PARTNERS “SSO IN” TO APIS USING
NATIVE APPS
Partner workforce member
Partner apps integrate with
(in resource owner role)
Construction firm
the construction firm’s
(in authorization server
resource server,
valve-design service.
and SP (RP) roles)
On-site partner engineers
log in to their home systems
through a company-issued
tablet.
Partner app
(in client and IdP roles)
They can then use special
apps that call the valve-
design service, bootstrapped
by SAML.
© 2012 Forrester Research, Inc. Reproduction Prohibited 25
25. Use case: “Two-legged” userless
protection of low-level web service calls
EBAY SECURES INTERNAL SERVICES TO MEET AUDITING AND COMPLIANCE
GOALS
Includes services such as
sales tax calculation,
eBay service shipping label formatting,
(in resource server role)
credit card number
verification, and HTML
code checking.
eBay STS
(in authorization server role) eBay calling app In all use cases: The two
(in client role)
servers are typically
separate but communicate
in a proprietary fashion.
© 2012 Forrester Research, Inc. Reproduction Prohibited 26
26. OpenID Connect turns SSO into a
standard OAuth-protected identity API
SAML 2.0, OpenID 2.0 OAuth 2.0 OpenID Connect
Initiating user’s login
session X Not responsible for
session initiation
Initiating user’s login
session
Not responsible for
X
Collecting user’s Collecting user’s
collecting user consent to share consent to share
consent attributes attributes
High-security identity
X
High-security identity No identity tokens tokens (using JSON
tokens (SAML only) per se Web Tokens)
X X
Distributed and No claims per se; Distributed and
aggregated claims protects arbitrary APIs aggregated claims
X
Dynamic introduction Client onboarding is Dynamic introduction
(OpenID only) static
X X
Session timeout (in
Session timeout No sessions per se
the works)
© 2012 Forrester Research, Inc. Reproduction Prohibited 27
27. Where SAML is “rich,” OpenID Connect
holds promise for “reach”
Already exposing customer identities using a draft
OpenID Connect-style API
Working to expose workforce identities through
OpenID Connect
LOB apps and smaller partners can get into the federation game more
easily; complex SAML solutions will see price pressure over time
© 2012 Forrester Research, Inc. Reproduction Prohibited 28
28. The classic OAuth scenarios enable
lightweight web services security
Same user assumed
on both sides of the
equation
Proprietary
communication
between the
servers*
© 2012 Forrester Research, Inc. Reproduction Prohibited 29
29. OpenID Connect also has limitations
The IdP/AP split
requires
brokering
Same user on both sides
of the equation
© 2012 Forrester Research, Inc. Reproduction Prohibited 30
30. UMA turns online sharing, with arbitrary
other parties, into a “privacy by design”
solution I want to share this stuff
selectively, in an efficient way
• Among my own apps
• With family and friends
• With organizations
Historical
Biographical
Reputation
Vocational
I want to protect this stuff from
User-generated
being seen by everyone in the
Social world, from a central location
Geolocation
Computational
Biological/health
Legal
Corporate
...
© 2012 Forrester Research, Inc. Reproduction Prohibited 31
31. What about config-time synchronization?
“I DON’T ALWAYS SYNCHRONIZE, BUT WHEN I DO, I PREFER SCIM”
Maximum PII
disclosure,
brittleness, and Synch solution
authorization proposed by
latency: software vendors in
the last decade: The winner:
Nightly secure FTP
Service Provisioning A RESTful identity
sessions to transfer
Markup Language synch API,
CSV files containing
(SPML) protectable by
employee records
OAuth, endorsed by
cloud providers:
System for Cross-
domain Identity
Management (SCIM)
HR, auditors
© 2012 Forrester Research, Inc. Reproduction Prohibited
32. So, what should you do next?
Get ready: Zero Trust is pulling along new
Security solutions to meet Accessibility needs
© 2012 Forrester Research, Inc. Reproduction Prohibited 33
33. Expose accessible identity
APIs for (all and only) what
you’re authoritative for
© 2012 Forrester Research, Inc. Reproduction Prohibited 34
34. Assist your smaller partners
in exposing identity APIs you
can begin relying on
© 2012 Forrester Research, Inc. Reproduction Prohibited 35
35. Count on mobility to disrupt
old security paradigms and
pull API security to the fore
© 2012 Forrester Research, Inc. Reproduction Prohibited 36
38. Agenda
Transformational Power of Mobility
New Mobile Risks
Mobile Security Framework
CA Secure Mobility Solutions
2 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
39. Mobility Transforms the Customer Experience
How do you plan to leverage mobile customer engagement?
Mobile is the New Face of Customer Engagement
“Business spending on mobile projects will grow 100% by 2015.
More than half of business decision-makers will increase their mobile
apps budget in 2012 as they look for better ways to engage with
customers and partners.”*
“Mobile spend will reach $1.3 trillion
as the mobile apps market reaches
$55 billion in 2016.”*
$1.3 trillion
*Mobile is the New Face of Engagement, Forrester Research, Inc., Feb 13, 2012
3 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
40. Mobility Enables the Workforce
How do you plan to leverage mobility to enable the workforce?
CISO Market Survey
How significant are the following security concerns
to your organization for individually-owned mobile
devices being used by employees for work?
Security Concerns - % of “Very Significant”
Device may be stolen
61%
and corporate data exposed
Malware could be introduced
58%
to corporate network
Compliance requirements 48%
Data on device will go with
41%
employee to next employer
Legal data ownership issues 35%
Lack of integration
with traditional IT systems 29%
Cost of providing
26%
technical support
*Source: Info Workers Using Mobile And Personal Devices For Work Will Transform
n = 353
Personal Tech Markets, Forrester Research, Inc. February 22, 2012,
4 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
42. Engage Mobile Users
Multi-channel support
PC / Laptop
Browsers Security
Policy
Phone / Tablet
Browsers Web
Non- API
Traditional
Devices
Mobile
Phone / Tablet
Native Mobile Apps
Multi-Channel 360 Degree View Scale with Volume
6
Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
44. New Mobile Risks
BYOD
• Consumerization
• Privacy expectations
• Personal and corporate data
• Legal liability
8 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
45. New Mobile Risks
Lost Devices
Size, mobility and
business impact of
data increases risk
9 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
46. New Mobile Risks
Disappearing Perimeter
Lack of visibility and
Persistent sync of sensitive control of sensitive
information information
Inhibits visibility and
10 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying data
control of or distribution permitted
47. New Mobile Risks
Mobile Usage Threats
Personal
download of
vulnerable apps
Users sharing
data between
apps
Exposed APIs to
threats
11 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
48. Identity is the new network perimeter
Partner
User
Cloud Apps/Platforms
& Web Services
Centralized
identity service
Customer to control access
to all enterprise GOOGLE
applications SaaS
(SaaS & on-
Mobile premise)
employee
Enterprise
Apps
Internal
Employee On Premise
12 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
49. The “new balance” of security
SECURELY
GROW THE BUSINESS ENABLE PROTECT THE
+ PURPOSE ONLINE BUSINESS
Improve customer BUSINESS
experience Reduce risk
Increase customer Enable control &
loyalty compliance
IMPROVE EFFICIENCY
Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution
13 permitted
50. Market Shift
Mobile Device to Mobile Apps & Data Solutions
Data-Centric IT
Security Data Device Management
(Encryption, DLP) (MDM)
Apps
Business Service
Innovation
(MEAP, IAM, MAM)
14 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
51. Market Shift
CA Security Focus on Mobile Apps & Data Solutions
Data-Centric IT
Security Data Device Management
(Encryption, DLP) (MDM)
Apps
Business Service
Innovation
(MEAP, IAM, MAM)
15 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
52. Market Shift
CA Security Focus on Mobile Apps & Data Solutions
Data-Centric IT
Security Data Device Management
(Encryption, DLP) (MDM)
Data Protection
Apps
Access API
Management Management
Business Service
Advanced Innovation
App Wrapping
Authentication (MEAP, IAM, MAM)
16 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
53. Mobile Security Framework
Balancing security with business enablement
Access
Management
Advanced
Authentication
Containerization
Data
Protection
API
Management
17 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
55. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
1 Access Management
• AuthN, AuthZ
Mobile
19 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
56. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
1 Access Management
• AuthN, AuthZ
API Web • Multi-channel support
• Central policies
• 360 degree view of users
Mobile
20 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
57. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
1 Access Management
• AuthN, AuthZ
API Web • Multi-channel support
• Central policies
• 360 degree view of users
• SSO
• OpenID,OAuth2.0
Mobile
21 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
58. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
2 Advanced
1 Access Management Authentication
• AuthN, AuthZ • Multi-factor AuthN
API Web • Multi-channel support • ID, Geographic
• Central policies • Risk-based Auth
• 360 degree view of users • Soft tokens
• SSO
• OpenID,OAuth2.0
Mobile
22 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
59. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
2 Advanced
1 Access Management Authentication
• AuthN, AuthZ • Multi-factor AuthN
API Web • Multi-channel support • ID, Geographic
• Central policies • Risk-based Auth
• 360 degree view of users • Soft tokens
• SSO
• OpenID,OAuth2.0
Mobile
3
App Wrapping
• App AuthN, AuthZ &
Audit
• Support for custom
and 3rd party apps
• Connected and
offline security
23 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
60. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
2 Advanced
1 Access Management Authentication
• AuthN, AuthZ • Multi-factor AuthN
API Web • Multi-channel support • ID, Geographic
• Central policies • Risk-based Auth
• 360 degree view of users • Soft tokens
• SSO
• OpenID,OAuth2.0
Mobile
3
App Wrapping
• App AuthN, AuthZ &
Audit
Email 4 • Support for custom
Data Protection and 3rd party apps
• In-motion & at-rest • Connected and
• Classification offline security
• Encryption
• Intelligent data-centric
security
Files
24 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
61. Mobile Security Framework
Balancing security with business enablement
Inside Organization Cloud Services
2 Advanced
1 Access Management Authentication
• AuthN, AuthZ • Multi-factor AuthN
API Web • Multi-channel support • ID, Geographic
• Central policies • Risk-based Auth
• 360 degree view of users • Soft tokens
• SSO
• OpenID,OAuth2.0
Mobile
3
App Wrapping
• App AuthN, AuthZ &
Audit
Email 4 • Support for custom
Data Protection and 3rd party apps
• In-motion & at-rest • Connected and
• Classification offline security
• Encryption
• Intelligent data-centric
security
Files
5 Web Service Protection
• Secure API
• Audit integration
• Threat Protection
Web Applications
25 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
62. Mobile Security Framework
Balancing security with business enablement
Inside Organization CA AuthMinder Cloud Services
& RiskMinder
CA SiteMinder 2 Advanced
1 Access Management Authentication
• AuthN, AuthZ • Multi-factor AuthN
API Web • Multi-channel support • ID, Geographic
• Central policies • Risk-based Auth
• 360 degree view of users • Soft tokens
• SSO
• OpenID,OAuth2.0
Mobile
3 Future
CA DataMinder App Wrapping
• App AuthN, AuthZ &
Audit
Email 4 • Support for custom
Data Protection and 3rd party apps
• In-motion & at-rest • Connected and
• Classification offline security
• Encryption
• Intelligent data-centric
security
Files
5 Web Service Protection
• Secure API
• Audit integration
CA SiteMinder • Threat Protection
Web Applications
26 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
63. Benefits
ENABLE MOBILE ENGAGEMENT REDUCE RISKS
• Support access across range of • Mitigate the risk of physical access
channels: platforms, OS, apps • Enable secure access to cloud
• 360° view of the user enhances each services
moment of engagement • Intelligent data-centric security
• Seamless and convenient experience reduces human error
• End-to-end security stays through life
of the data
BYOD
• Separate corp. & personal apps and
data
• Support corp. data investigation, user
privacy expectations and reduction in
corp. liability
27 Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
65. legal notice
© Copyright CA 2012. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their
respective companies. No unauthorized use, copying or distribution permitted.
THIS MEDIA IS FOR YOUR INFORMATIONAL PURPOSES ONLY. CA assumes no responsibility for the accuracy or completeness of the
information. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS MEDIA “AS IS” WITHOUT WARRANTY OF ANY
KIND, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
OR NONINFRINGEMENT. In no event will CA be liable for any loss or damage, direct or indirect, in connection with this
presentation, including, without limitation, lost profits, lost investment, business interruption, goodwill, or lost data, even if CA is
expressly advised of the possibility of such damages.
Certain information in this presentation may outline CA’s general product direction. This presentation shall not serve to (i) affect
the rights and/or obligations of CA or its licensees under any existing or future written license agreement or services agreement
relating to any CA software product; or (ii) amend any product documentationor specifications for any CA software product. The
development, release and timing of any features or functionality described in this presentation remain at CA’s sole discretion.
Notwithstanding anything in this media to the contrary, upon the general availability of any future CA product release referenced in
this media, CA may make such release available (i) for sale to new licensees of such product; and (ii) in the form of a regularly
scheduled major product release. Such releases may be made available to current licensees of such product who are current
subscribers to CA maintenance and support on a when and if-available basis.
Copyright © 2013 CA Technologies. All rights reserved. No unauthorized copying or distribution permitted
29
67. Democracy
is
the
worst
form
of
government,
except
for
all
those
other
forms
that
have
been
tried
from
9me
to
9me.
Sir Winston Churchill
70. Yet there is an imbalance between!
run time and design time governance!
71. Vendors are
happy to provide
tooling
Firewall
Trading
Partner
Directory
PEP
Application
Servers
Workflow
Registry DMZ
Repository
Secure
Zone Enterprise
Network
82. The New Roles!
API Client API Server
Developers External Internal Developers
84. Marketing is taking control!
Product API
CMO
Manager Developer
Business Security
Manager Officer
94. The Client!
Discovery
Search
Sign
up
CMS
Learning
Wiki
Experimen9ng
Browser/Explorer
Social
Forum
Promo9on
Blog
This
is
SDLC,
21st
century-‐style
97. The Challenge
API
Client
Phone
User
Firewall 1
Firewall 2 iPhone
Developer
API
Server
Enterprise
Network
98. First We Need Identity
API
Client
Firewall 1
Firewall 2 iPhone
Developer
API
Server
Enterprise
SiteMinder Network
99. We could try this to
deal with firewalls…
API
Client
Firewall 1
Firewall 2 iPhone
Developer
API
Server
Enterprise
SiteMinder Network
100. An API Gateway Is
A Better Solution
API
Client
Firewall 1
API
Proxy
Firewall 2 iPhone
Developer
API
Server
Enterprise
SiteMinder Network
101. Now Add Client
Developer Libraries
For Authentication API
Client
Firewall 1
API
Proxy
Firewall 2 iPhone
Developer
API
Server
Enterprise
SiteMinder Network
102. Finally, Add In An API
Portal To Enable The
New Governance API
Client
Firewall 1
API
Proxy
Firewall 2 iPhone
Developer
API
Server
API
Portal
Enterprise
SiteMinder Network
106. The New Governance!
Old
New
Documenta9on
WSDL
Wiki/Blog
Discovery
Reg/Rep
Search
Approval
G10
PlaQorm
Email
Enforcement
Gateway
Gateway
User
Provisioning
IAM
Portal
Community
What’s
that?
Forum
109. The Forrester Wave™: API Management Platforms, Q1 2013
By Eve Maler and Jeffrey S.
Hammond, February 5, 2013
Free Copy for all Attendees!
Everyone who has attended
today’s workshop will receive a
free copy of this report in a
follow up email from Layer 7.
Keep an eye on your inbox.
The Forrester Wave is copyrighted by Forrester Research, Inc.
Forrester and Forrester Wave are trademarks of Forrester Research,
Inc. The Forrester Wave is a graphical representation of Forrester's
call on a market and is plotted using a detailed spreadsheet with
exposed scores, weightings, and comments. Forrester does not
endorse any vendor, product, or service depicted in the Forrester
Wave. Information is based on best available resources. Opinions
reflect judgment at the time and are subject to change.
Layer 7 Confidential 44
110. Picture
Credits
² Antelope
Canyon
4
by
klsmith–
stock.exchg
² Band
silhoue=es
by
mr_basmt–
stock.exchg
111. For further information:
K. Scott Morrison
Chief Technology Officer
Layer 7 Technologies
1100 Melville St, Suite 405
Vancouver, B.C. V6E 4A6
Canada
(800) 681-9377
scott@layer7.com
http://www.layer7.com
September 2012