EAGER: Deployment-Time API Governance for Modern PaaS Clouds

Jayathilaka, Hiranya; Krintz, Chandra; Wolski, Rich

doi:10.1109/ic2e.2015.69

Cited by 3 publications

(7 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The last group of literature in which no definition for API Management was found, consists of papers which focus on a domain that is closely related to API management or may be regarded to be within the scope of this topic. For example, in their work, Jayathilaka et al [29] investigate a new approach to API governance, which the authors of this SLR have identified to be a subtopic within the field of API management. Additionally, Jayathilka et al's paper contains practices and capabilities related to the API gateway and versioning.…”

Section: Defining Api Managementmentioning

confidence: 99%

“…Therefore, security for APIs is of utmost importance to protect the underlying assets from unauthenticated and unauthorized access. [18] [ 18,21,25,29,34,35,40,48,50] Service Discovery…”

Section: Key and Certificate Managementmentioning

confidence: 99%

“…If EAGER detects that an API which is already deployed in the cloud is being redeployed, it performs a comparison between the old and latest specifications of the API to make sure that the developer is not introducing a backward incompatible change to the API. [29] [29]…”

Section: Transformationmentioning

confidence: 99%

“…Those beyond the limit are rejected. [18] [ 18,21,22,25,28,29,32,42,45] Reference Documentation Provide reference documentation that may be auto-generated for completeness; it should document every API call,every parameter, and every result so that developers can be 100 percent clear on how the API functions. [28] [ 28,34] Refresh Token Authorization Refresh tokens represent a limited right to reauthorize the granted access by obtaining new access tokens.…”

Section: Provide Source Code Examplementioning

confidence: 99%

See 3 more Smart Citations

Identification of Practices and Capabilities in API Management: A Systematic Literature Review

Mathijssen,

Overeem,

Jansen

2020

Preprint

View full text Add to dashboard Cite

Traditional organizations are increasingly becoming software producing organizations. This software is enabling them to integrate business processes between different departments and with other organizations through Application Programming Interfaces (APIs). The main task of managing APIs is to ensure that the APIs are easy to use by third parties, such as providing helpful documentation, monitoring API performance, and even monetizing API usage. The knowledge on API management is scattered across academic literature. In this document, we describe a Systematic Literature Review (SLR) that has the goal of collecting API Management practices and capabilities related to API Management, as well as proposing a comprehensive definition of the topic. In the scope of this work, a practice is defined as any practice that has the express goal to improve, encourage and manage the usage of APIs. Capabilities are defined as the ability to achieve a certain goal related to API Management, through the execution of two or more interrelated practices.We follow a standard method for SLRs in software engineering. We managed to collect 24 unique definitions for the topic, 114 practices and 39 capabilities.

show abstract

Section: Defining Api Managementmentioning

confidence: 99%

“…Therefore, security for APIs is of utmost importance to protect the underlying assets from unauthenticated and unauthorized access. [18] [ 18,21,25,29,34,35,40,48,50] Service Discovery…”

Section: Key and Certificate Managementmentioning

confidence: 99%

Section: Transformationmentioning

confidence: 99%

Section: Provide Source Code Examplementioning

confidence: 99%

See 2 more Smart Citations

Identification of Practices and Capabilities in API Management: A Systematic Literature Review

Mathijssen,

Overeem,

Jansen

2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Finally, we have developed Cerebro for use with EA-GER (Enforced API Governance Engine for REST) [24] -an API governance system for PaaS clouds. EAGER attempts to enforce governance policies at the deploymenttime of cloud applications.…”

Section: Introductionmentioning

confidence: 99%

Response time service level agreements for cloud-hosted web applications

Jayathilaka

Krintz

Wolski

2015

Proceedings of the Sixth ACM Symposium on Cloud Computing

Self Cite

View full text Add to dashboard Cite

Cloud computing is a successful model for hosting webfacing applications that are accessed by their users as services. While clouds currently offer Service Level Agreements (SLAs) containing guarantees of availability, they do not make performance guarantees for deployed applications.In this work we present Cerebro -a system for establishing statistical guarantees of application response time in cloud settings. Cerebro combines off-line static analysis of application control structure with on-line cloud performance monitoring and statistical forecasting to predict bounds on the response time of web-facing application programming interfaces (APIs). Because Cerebro does not require application instrumentation or per-application cloud benchmarking, it does not impose any runtime overhead, and is suitable for use at cloud scales. Also, because the bounds are statistical, they are appropriate for use as the basis for SLAs between cloud-hosted applications and their users.We investigate the correctness of Cerebro predictions, the tightness of their bounds, and the duration over which the bounds persist in both Google App Engine and AppScale (public and private cloud platforms respectively). We also detail the effectiveness of our SLA prediction methodology compared to other performance bound estimation methods based on simple statistical analysis.

show abstract

Source Data for the Focus Area Maturity Model for API Management

Mathijssen,

Overeem,

Jansen

2020

Preprint

View full text Add to dashboard Cite

We define API Management as an activity that enables organizations to design, publish and deploy their APIs for (external) developers to consume. API Management capabilities such as controlling API lifecycles, access and authentication to APIs, monitoring, throttling and analyzing API usage, as well as providing security and documentation. These capabilities are often implemented through an integrated platform. This data set describes the API Management Focus Area Maturity Model (API-m-FAMM). In a structured manner, this model aims to support organizations that expose their API(s) to third-party developers in their API management activities. Through a thorough Systematic Literature Review (SLR) [66], 114 practices and 39 capabilities were collected. Subsequently, these practices and capabilities were categorized into 6 focus areas. Next, the practices and capabilities were analyzed and verified through inter-rater agreement and four validation sessions with all involved researchers. Then, the collection of practices and capabilities was verified by using information gathered from supplemental literature, online blog posts, websites, commercial API management platform documentation and third-party tooling. As a result, the initial body of practices and capabilities was narrowed down to 87 practices and 23 capabilities. These practices are described by a practice code, name, description, conditions for implementation, the role responsible for the practice, and the associated literature in which the practice was originally identified. Capabilities and focus areas are described by a code, description and, optionally, the associated literature in which it was originally identified. Using the API-m-FAMM, organizations may evaluate, improve upon and assess the degree of maturity their business processes regarding the topic of API management have.

show abstract

EAGER: Deployment-Time API Governance for Modern PaaS Clouds

Cited by 3 publications

References 9 publications

Identification of Practices and Capabilities in API Management: A Systematic Literature Review

Identification of Practices and Capabilities in API Management: A Systematic Literature Review

Response time service level agreements for cloud-hosted web applications

Source Data for the Focus Area Maturity Model for API Management

Contact Info

Product

Resources

About