Anypoint platform security components

Emerging Tech Series E: Knowledge Management automation of impacts

MULESOFT Anypoint platform security components

Anypoint Enterprise Security

API Security Manager

Virtual Private Cloud (VPC)

MULESOFT Enterprise Security Modules

Mule Secure Token Service (STS) OAuth 2.0a Provider (Its part of Enterprise edition)

Security for REST service provider/consumer (for API which we developing using MULE API led connectivity)

Ensure that the API is properly protectedby right authentication / authorizationschemesAutherization & AuthenticationSAML

OAuth 2

WS-Security

Ping federate


Each layer has specific security requirements in API approach

Experience: This layer needs to be protected by inbound security

Process: In this layer, fine grain security is applied as to who has access to which process API

System Connectivity: This layer need to be protected by outbound security


Process APIsProcess Level Fine Grained SecurityExperience APIsInbound Security(Authentication, Authorization and Data Security)API Manager Security policiesSystem APIsOutbound Security(Authentication, Authorization and Data Security)WEB/Mobile/DesktopOn premise /Cloud applications

API Led Connectivity

API should expose this specific fine-grained functionality so it can be invoked independently. If the underlying service it accesses is coarse-grained and you anticipate building additional APIs on that service to address additional use cases, consider a tiered approach

API led connectivity approach-


System Layer - System APIs provide a means of accessing underlying systems of record and exposing that data.

These APIs will also change more infrequently and will be governed by Central IT given the importance of the underlying systems.

Process Layer

The underlying business processes that interact and shape this data should be strictly encapsulated independent of the source systems from which that data originates, as well as the target channels through which that data is to be delivered.

Experience Layer-

Now data will be accessed/consumed by various set of channels, so each of which want to access the same data but in different form.

MULESOFT : API +SOA + Cloud


What did we do for the implementation

API Designer used to design the API, controls total API life cycle.

What were the benefits

Design for great user experience

Optimize for use case

Provide easy access

Build a community

Single platform to manage your total APIs -Any point platform : Supports hybrid cloud i:e Deploy your services in cloud + on premises with in the same project.


What did we do for the implementation

API Designer used to design the API, controls total API life cycle.

What were the benefits

Design for great user experience

Optimize for use case

Provide easy access

Build a community

Single platform to manage your total APIs -Any point platform : Supports hybrid cloud i:e Deploy your services in cloud + on premises with in the same project.

Click to edit Master title style

Click to edit Master text styles

Second level

Third level

Fourth level

Fifth level

12/20/2016


Click to edit Master subtitle style

12/20/2016



Second level

Third level

Fourth level

Fifth level

12/20/2016



12/20/2016



Second level

Third level

Fourth level

Fifth level


Second level

Third level

Fourth level

Fifth level

12/20/2016




Second level

Third level

Fourth level

Fifth level



Second level

Third level

Fourth level

Fifth level

12/20/2016


12/20/2016

12/20/2016



Second level

Third level

Fourth level

Fifth level


12/20/2016


Click icon to add picture


12/20/2016



12/20/2016




12/20/2016



12/20/2016




12/20/2016




12/20/2016



Second level

Third level

Fourth level

Fifth level

12/20/2016



Second level

Third level

Fourth level

Fifth level

12/20/2016

Technology

Anypoint platform security components