Modern web applications (single-page applications), smartphones and tablets as well as household appliances and heating systems often communicate via web-based application programming interfaces (APIs) with back-end systems that are responsible for data management. Web applications and back-end systems also often call further APIs. In order to ensure end-to-end security, identities need to be propagated to such APIs in a standardized way (e.g., OAuth / OpenID Connect).
Effective protection of such APIs is achieved by a combination of security measures at different levels:
- Identity and credential management for users, applications and devices
- Adaptive authentication, i.e., authentication that is in line with the sensitivity of content and data, from social login to strong two-factor authentication
- Support of OAuth and OpenID Connect for secure propagation / federation of identities
- Authorization of API calls based on identity attributes (roles, OAuth scopes)
- Content inspection for JSON and XML
Regardless of whether your API is used by business applications, mobile devices (smartphones, tablets) or other devices (Internet of Things), NEVIS provides the modules and functionalities required to protect it. The special strength of NEVIS is the unique combination of web content filtering with identity management and an extremely flexible authentication engine:
- The content filtering engine effectively protects APIs against (D)DoS attacks as well as attacks on content level.
- Nevis identity management enables efficient management of identities, attributes and credentials.
- The authentication engine allows combining OAuth and OpenID Connect with any desired authentication method.