Thursday, October 29, 2020
There is no easy way to connect to vehicles without hardware. It is difficult because of how the mobility landscape is structured. Innovation is getting faster and at Smartcar we are opening the gates with our APIs for developers building mobility applications and companies. During this session, we will show how we can now and forever connect to cars with a live demo of Smartcar’s API.
PRO SESSION (API): Enhanced Platform Protection for API Gateways Through Cognitively Assorted ML AlgorithmsJoin on Hopin
Most API gateways, as the first line of defense and policy enforcement point, are responsible for a variety of tasks including security validations, run-time governance and contract enforcements. Besides authentication, authorization and token validations, they must be able to protect enterprise systems from a multitude of security threats like DDoS/XDoS, Code Injection, protocol threats, XML injections and others. Most gateways use static policies that are applied on the inbound API messages to detect these threats. Gateways also use static policies to enforce any user contracts and SLA.
All these static policy-based methods need to be updated periodically to reflect the ever-changing threat vectors. This becomes a hard and cumbersome management activity and always tend to be reactive. Although the existing gateways collect a huge amount of transaction metrics, they surprisingly lack robust analytics to dynamically analyze API consumption behavior and patterns. They also act as a mere pass-through layer in most situations and don’t provide much assistance with managing the behavior of the back-end applications. This is where Artificial Intelligence and Machine Learning can play a crucial role to provide deep insight into how APIs are used, detect anomalies and thereby help prevent bad incidents before they happen. It can produce comprehensive information for cybersecurity, helping with compliance, governance reports and forensics, to uniquely enhance protection of platforms within IT ecosystems. It can augment the capability gaps in the existing API gateways and provide more important analytics on API consumer behavioral patterns and detect anomalies both from consumption as well as API execution perspective.
The entire paper to be submitted later will detail a multitude of supervised and unsupervised learning algorithms that can be used and trained with the metrics already being collected from the API gateway and logging frameworks. Some of the metrics used by the machine learning models include API usage rate patterns, error patterns, payload patterns etc. These machine learning models can then provide a variety of classification operations for rate limiting decisions and SLA enforcements. They can also detect and predict API consumption anomalies like DDoS and other security threats, back-end application behavior anomalies, predictive analysis on performance of backend applications etc. These models can then work in conjunction with robotic process automation systems to take actions on some of these anomalies detected or predicted to perform self-healing before errors occur.
According to Security Boulevard, the industry definition of open banking is the practice of sharing financial data with competitors and third parties via open APIs. But in reality, open banking should go beyond this and be an innovative and secure platform for delivering consumers and businesses a better financial data experience.
By putting consumers in control of their financial data, open banking transforms the way the world experiences money — everything from budgeting, payments, investing and lending, while improving financial literacy and expanding financial inclusion. This ultimately leads to better financial outcomes.
To provide increased insight into how open banking will accelerate innovation in the fintech market, Finicity co-founder Nick Thomas will delve into the core industry principles of financial data and the importance of each of these attributes in product design: control, access, transparency, traceability and security. He will also cover the latest information on regulations around financial data, identity and consumer protections, as well as the latest and greatest within the standards group of the Financial Data Exchange and the Trust over IP Foundation.
As we build more and more APIs, we're bound to run into more and more API changes. And as each API changes, all the client applications need to adapt, too. Even when your client app consumes only one API changes can be a challenge. But when your client app consumes dozens of APIs the rate and impact of change can be daunting.
For the last 20+ years there has been one client app that consistently exhibits the ability to adapt to change and the resilience to keep running even when some things are broken -- that's the HTML browser client. API developers don't need another HTML browser. Instead we need a new API browser. One that exhibits the positive features of the web and steers clear of the problematic features of bespoke API servers. What we need is more Hypermedia APIs
Through a series of working examples, this talk illustrates the advantages of well-crafted hypermedia APIs using standardized hypermedia formats and formalized domain vocabularies to power autonomous and resilient client applications.
Whether you are an API designer, architect, or developer, this talk can help you get autonomy and resilience for free with Hypermedia APis.
Imagine an application that has a web and a mobile, IOS and Android, or that your API is consumed by similar frontends from totally different teams. The functionalities they provide are distinct, hence the need for distinct sets of data and functions. You might think that the solution for this is having an “as generic as possible” backend for all UI’s. From my experience, this kind of backend leads to big issues in matters of performance, entangled user experience as well as extra and unnecessary communication for the development teams in order to align and meet their needs. Fortunately, there is a promising set of approaches taking the stage as they are created with the intention to optimize how front-end applications collaborate with back-ends: BFF (Backend-For-Frontend) pattern and GraphQL. Given these two approaches, which one is the right to consider? Join me in a talk where we will discuss the two approaches, underline both their good and bad sides, and determine which you should consider as the backend technology for your frontend application.
Embedded SIM (eSIM) is expected to connect 2.5 billion smartphones by 2025. eSIM and programmable cellular data API's are offering online businesses new ways to better activate and engage with their customers. After an introduction to eSIM and how it is digitizing access to cellular networks, few use cases will be presented to illustrate how programmable cellular data can help businesses expand online.
As digital resources -- compute, storage, bandwidth, etc. -- increasingly become tokenized and trade-able on tomorrow’s blockchain networks, managing these tokenized resources will become vitally important. This talk outlines this future, characterized by greater composability of applications and the financialization of digital resources.