But We Need Secure LEGOs

I stumbled across  this great blog post from Robin Vasan on the API-fication of software, where his essential claim is that the next generation of software will be solutions constructed from lightweight, RESTful services offered by market disruptors.

This type of lightweight RESTful integration can be done by the Enterprise, or to borrow a Gartner term, by a cloud service brokerage (CSB) that adds additional value by combining and remixing RESTful APIs into value-added services that are then purchased by Enterprises.

Overall, the LEGO analogy is very apt, but the problem is that we have seen it before with the SOA/WS-* religious movement. The difference now is that market disruptors are exposing their value from the cloud and building on the developer appeal of lighter-weight RESTful APIs, that, despite their lack of formal standardization, have significant de facto standardization.

We have quite an array of LEGOs, but the Enterprise world is full of things like look like LEGOS but aren’t fully compatible, like SOAP and XML and then things that are category errors, like on-premise databases, JMS, FTP, and mainframes. These things are more like Playmobil, GI Joe, and Tinker-Toys.

Integration of protocols and data-formats through mediation can solve this LEGO to anything else incompatibility, but we also need security as well.

Security for RESTful APIs is often equated with OAuth, but this is only for authorization. As data moves from the Enterprise to the cloud and back we need the full breadth of data-centric security mechanisms such as encryption, digital signatures, format-preserving encryption, data tokenization, data leak prevention, anti-virus and anti-malware scanning as well as support for “old” standards like SAML and WS-Security, which are generally written off by RESTful converts as too XML-heavy.

I completely agree with Robin that next-gen software will require integration of RESTful LEGOs, but in order to take full advantage, large Enterprises will need a secure, lightweight mediation engine that layers Enterprise security controls on top of these LEGOS and allows Enterprises or Cloud Service Brokers to create these hybrid composite applications that simultaneously live in two-worlds, both on-premise and in the cloud.

 

 

 

Blake Dournaee

About Blake Dournaee

Passionate, energetic product manager that lives at the intersection of business, innovation and technology. I currently work at Intel in the Datacenter Software Division working on products and technologies relating to mobile, APIs, cloud services and big data.

Comments are closed.