Book description
With the growth of cloud native applications, developers increasingly rely on APIs to make everything work. But security often lags behind, making APIs an attractive target for bad actors looking to access valuable business data. OAuth is a popular way to address this issue, but this open standard doesn't provide sufficient guidelines for using API tokens to protect business data. That alone can lead to vulnerabilities and invite data breaches.
By using cloud native components in Kubernetes or similar platforms, organizations can implement a scalable, future-proof security architecture for their systems that follows a zero-trust approach to protect business data. You'll access tokens, claims, and token design with an emphasis on an API-first approach. This book takes readers through an end-to-end security architecture that scales to many components in a cloud native environment, while only requiring simple security code in applications and APIs.
You'll learn:
- Why user identity must be part of your cloud native security stack
- How to integrate user identity into APIs
- How to externalize security, secure data access, and authenticate clients using OAuth
- Methods for running security components in a Kubernetes cluster
- How to use claims to protect business data in APIs
- How to follow security best practices for client applications and APIs
Publisher resources
Table of contents
- Brief Table of Contents (Not Yet Final)
- I. Introducing Cloud Native OAuth
- 1. Why Do You Need OAuth?
- 2. OAuth 2.0 Distilled
-
3. Security Architecture
- What is an API Security Architecture?
- Functions in the API Security Architecture
- The Role of the Client
- The Role of the Access Token
- What Security Components do you Need?
- The Role of the Authorization Server
- The Role of the API Gateway
- The Role of the Policy Engine
- API Responsibilities
- Client Responsibilities
- Operating Security Components
- Summary
- 4. OAuth Data Design
- 5. Secure API Development
- II. Securing APIs with Tokens
- 6. Access Token Design
- About the Authors
Product information
- Title: Cloud Native Data Security with OAuth
- Author(s):
- Release date: April 2025
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781098164881
You might also like
book
Cloud Native Security Cookbook
With the rise of the cloud, every aspect of IT has been shaken to its core. …
book
Advanced API Security: OAuth 2.0 and Beyond
Prepare for the next wave of challenges in enterprise security. Learn to better protect, monitor, and …
book
Security and Microservice Architecture on AWS
Security is usually an afterthought when organizations design microservices for cloud systems. Most companies today are …
book
Microservices Security in Action
Unlike traditional enterprise applications, Microservices applications are collections of independent components that function as a system. …