Saturday, January 16, 2010

All the Web’s an API

I've written a "guest view" article for SD Times about the usage of API Keys in Web/Cloud APIs. API keys seem like a simple way to manage access to a Web API, but if the authentication scheme is not secure then they are dangerously simple (or simply dangerous). A key part of Cloud security is effective management of API key based authentication.

The article is here:

http://www.sdtimes.com/GUEST_VIEW_ALL_THE_WEB_S_AN_API/By_MARK_O_NEILL/About_APIS_and_CLOUDCOMPUTING_and_SECURITY/34049