Intel® Expressway Service Gateway - Use Cases - REST Security

REST Security Today

When enterprises expose services, a common challenge that arises is the ability to build a simple yet secure interface. In fact, most enterprises want to perform REST to SOAP mapping. This approach permits external interfaces to remain simple, but challenges present themselves when internal web services utilize SOAP across different identity management systems and middleware platforms.

Intel's Comprehensive Gateway Security

Our XML Gateway provides a critical enforcement point for REST web services messages. Furthermore, it can delegate authentication and authorization to identity management and PKI systems, such as Active Directory and CA SiteMinder. It also provides a secure point of entry to defend against denial of service (DOS) threats, code injection, and other malicious traffic.

REST Web Services Security Capabilities

• Security Token Service credential mapping or validation
• REST API security and management
• Throttling and SLA management, by REST service
• Extension of enterprise audit and compliance capabilities to include WOA and REST
• Comprehensive XML threat prevention and payload inspection
• Service virtualization, proxy, and abstraction as policy enforcement points

Additional Information

Visit our companion Dynamic Perimeter site for additional information on:

REST API

REST Security

REST Web Services

For further information, please click on the links below:

· Intel Expressway Service Gateway Expert Blog: "Usage Scenarios 101: Securing SOAP & REST Services"

· White Paper: "XML Threat Model for REST, SOA & Web 2.0"

If you have any questions, please contact us.