NS (Dutch Railways) has about 5 fairly autonomous development groups that use api’s to deliver data to personnel on the train and to passengers. The first thought when going for a api-security-architecture was to define security controls/measures top-down and roll them out to the groups. Act like an information Security Officer.
After a visit to nearly all the groups I found that we were just starting with API’s: maturity was relatively low; when in need: find the solution on internet; we had few documented/shared standards.
Hence an exchange of knowledge and developing standards together would possibly be more important than an ill-fitting top-down security architecture. A vulnerable approach and the success factors is what I would like to share.
High impact blog posts and eBooks on API business models, and tech advice
Connect with market leading platform creators at our events
Join a helpful community of API practitioners
Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High
impact blog posts on API business models and tech advice.
Become a part of the world’s largest community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.