Category Archives: Enterprise Architecture

New Initiative: API Bar

We would like to introduce our new initiative, namely API Bar, in relation with business APIs that are getting released/published day in day out as part of business strategy by companies of every size (large, medium, small). The reason we have named the initiative as API Bar is that the way APIs (making the business competitive) are coming up every day seems like APIs presented in bottles with different labels  with developers trying to figure out which APIs to use and why? 🙂  As part of this initiative, we shall be doing following activities and publish our findings appropriately from time-to-time: Evaluate the APIs from technical perspective while exploring different …

Continue reading

Posted in API Development, News. Tagged with .

Samsung Fingerprint Scanning API & Mobile Wallet Security?

This article explores the recently released Samsung fingerprint scanning API also termed as “Pass API” in light of security for mobile wallets. Pass API is released as part of the Samsung Mobile SDK 1.5 beta1 during the launch of Samsung Galaxy S5 mobile phone. One of the key feature of Samsung galaxy S5 is fingerprint reader. The application could use fingerprint reader to scan user fingerprints and verify against the users’ stored fingerprints on the device. This article presents an overview on the PASS API and, then, talks about how it could be used for mobile wallets’ security. What is Pass API? As mentioned on Samsung Developers Page for Pass API, …

Continue reading

Posted in API Development, Application Security. Tagged with , .

List of Handy Architecture & Design Patterns for Developers & Architects

[adsenseyu2] If you are a newbie developer. experienced developer, aspiring to be architect or an architect, you may want to keep following architecture & design patterns handy with you to solve day-to-day software architecture and design problems at your work place. These patterns can be applied for developers/architects of varied experience level, having expertise with various different technologies (programming languages). Please feel free to suggest additional patterns as if I may have missed some of them. Application Architecture Patterns: These patterns primarily are related with topics such as how to layer an enterprise application, how to organize domain logic, how to tie that logic to a relational database, how to design a …

Continue reading

Posted in Architecture, Enterprise Architecture, Software Engg. Tagged with , , .

Top Architecture & Governance Principles for 2014

architecture governance

Following are some of the key architecture and governance principles that you could adopt for your project for this year 2014. The architecture principles could be seen as “guiding principles” based on which team would want to design, develop and test the applications. Key Architecture Principles (Guiding Principles) Holistic approach to application security: Given that applications could be accessed from different channels including web and mobile devices, the attack vectors for hacker has increased to a great extent. Thus, traditional approach of applying perimeter level security and doing security penetration testing may not suffice. Instead, it may be a good idea to take a holistic approach towards application security as …

Continue reading

Posted in Architecture, Software Engg. Tagged with , .

Top 7 Secured Practices for Securing Your Partner APIs

security threat partner API

If you are planning to publish partner APIs for exposing your business services or data to your partners and customers, you may want to consider following top 7 secured best practices to ensure application level security: [adsenseyu2] Access-token based Authentication: Have your partners’ applications authenticate itself (and its users) using access-tokens rather than actual passwords. This is because access-tokens may be easily time-boxed and can be enforced to be renewed at the regular time-intervals. And the theft of access token can not really compromise the actual users’ password with the parent application. In this relation, you may consider using OAuth based authentication technique. In addition to usage of access-token for …

Continue reading

Posted in API Development, Application Security. Tagged with , .

API Economy & Rich Dad, Poor Dad

API Economy Rich Dad Poor Dad

In recent times, as I have been hearing about and, reading a lot on API related articles including topics such as application programming interfaces (APIs) economy, API-First, API-driven development etc, I got extremely fascinated with this API thing. This is where I decided to put my findings around when, why and how to go for API adoption and whether it would be fruitful for business to go for APIs from strategy perspective. Interestingly enough, I found some connection between API thing, and the central theme of the book, Rich Dad, Poor Dad. This is where I thought to use key themes from the book Rich Dad, Poor Dad to present …

Continue reading

Posted in API Development. Tagged with .

May Your Application R.I.P – Part 1

rest in peace

[adsenseyu2] Didn’t really mean that (R.I.P) way, Indeed. 🙂 The objective behind this series of blogs is to represent some of the best practices, the how-tos and the whats/whys in relation with REST based integration of applications. Before we shall talk on any related aspects of REST and how to design great RESTful services and, why go for RESTful design in the very first place, lets try and understand a little bit on what is REST and,  “Resource Oriented Architecture (ROA)”. What is REST? REST is an architectural style for distributed hypermedia systems like WWW. REST stands for REpresentational State Transfer. The term first originated in 2000 doctoral dissertation of …

Continue reading

Posted in Integration. Tagged with , .

Tips for Designing Security for Your Public APIs

securing an api

[adsenseyu2] Before we look into tips & techniques to design security for your Public APIs, lets understand what do we mean by Public APIs? Public APIs are APIs that are published to the world including developers, or partners’ developers to create their custom application by making use of APIs. These APIs can be used by another program, mobile apps or web applications (Web UI), desktop client etc. Following are some tips/techniques for designing security for your Public APIs: IP Address Restrictions: To be able to control access to APIs based on IP address from which request arrived, the IP address restrictions policy should be imposed. This is very handy when …

Continue reading

Posted in API Development, Application Security. Tagged with , .

List of Great Videos on API Design & Development

Following are some of the videos I could gather which presents talks on API design & development. How to Design a Good API and Why it Matters?: A great video by Joshua Bloch done some 6 years back.  Great one for those looking to understand what API design & development look like and how to get started? How to Design Good APIs: This video focus on some of the key aspects such as intuitiveness, documentation of API. Life of a Google API Developer: This video presents different aspect of API development.

Posted in API Development. Tagged with .

What makes an API, a great API?

Great API

[adsenseyu2] Before I start on this blog, lets take a look at the quote, “Being complex is easy, being simple is hard”. Do you agree? Well, I have experienced it and agree in totality. This is what it takes in creating a simple-to-understand-and-use API, a complex task. 🙂 Whenever I start writing about API, I do clarify what am I meaning for API? Most of the programmers would think if API is not same as interfaces to the classes that they write. Well, I would say that yes, they are same. However, we usually do not pay attention to write, what is called as “Great API”, as we write the …

Continue reading

Posted in API Development. Tagged with .

A Great API should act as a Building Block!

api

[adsenseyu2] Following are characteristics of a great API: Building Blocks: APIs consisting of one or more methods should act like building blocks that could be assembled in more than one unique ways to create newer applications or apps. This could thus lead to innovation where developers can take up these APIs and create some creative and unique applications serving different functionality and creating substantial value for the end users. For example, look at facebook apps or salesforce apps. Developers worldwide have created several innovative applications by using facebook APIs. Distinct & Stateless: APIs should be distinct in terms of its service offerings and stateless in nature. Thus, invocation of an …

Continue reading

Posted in API Development. Tagged with .

APIs is the Way to Go, You bet!

[adsenseyu2] Not sure if you are aware or not, but the world is waking up to keywords such as API-First, API-Driven Development (ADD) etc. And, this is creating confusion in application developers mind when they hear counter argument against their expression that they have always been doing API driven development where they use to write proper interfaces to their implementations. What is different from then to now? And, what do they need to do differently? But the more important thing to ask is what has led to everyone talking about API driven development? Following are some of the reasons (also, key technology trends of 2014) why APIs has been getting …

Continue reading

Posted in API Development. Tagged with .

Bonita REST API & Application Architecture

Bonita REST API Integration

[adsenseyu2] I have been working on BonitaSoft REST API in order to meet following customers’ requirements: The customer has multiple line of business (LOB) applications. The customer has decided to make a strategic move to offer solutions to their existing and new customers rather than one or more products from their multiple LOBs which can be accessed by a web application dashboard. These solution span across multiple LOB applications and is envisioned to leverage functionality offered by these applications using service API. In this regard, one key fundamental architectural component that got introduced is workflow tool, BonitaSoft. The workflow tool is used to execute one or more workflows which forms …

Continue reading

Posted in API Development, BPM. Tagged with , , .

Are Days Counted for MVC-based Web Applications?

Overkill to maintain two versions for MVC & API

Today, if I am tasked to lay down the architecture for web application, I would no longer be blindly choosing MVC based architecture. Additionally, if this is a migration project from legacy to web application, I would no longer be blindly going for MVC based architecture and choose related MVC frameworks. Not sure if you would agree with me or not. But please read the following and share your thoughts. I would be happy to hear from you. Why am I getting paranoid regarding MVC for web applications? Following are criteria for my considerations for deciding on whether I would select MVC architecture for delivering business functionality on the web: …

Continue reading

Posted in API Development, Web. Tagged with , .

Tips for Newbies to Create Architecture Diagrams – Part 1

Wondering How to Create Architecture Diagrams

In the initial years of application development, I have found several junior or mid-level developers show up blank faces when asked about architecture of application. This is primarily because that they have been involved mainly in coding or low level design aspect of application development till that point of time in their career. Thus, these developers look up to architects to help them come up with various different architectural viewpoints. Not only this, project managers also look up to architects to come up with architecture and help the team get started.   Before I go ahead and write on a series of articles on how newbies could come with the …

Continue reading

Posted in Enterprise Architecture, Freshers. Tagged with .

Journey from Technical Lead to Technical Architect

What is road to becoming a technical architect is a tricky topic, many wants to know. Especially, this is of interest largely to senior developers and technology leads. Let me give a shot at this. I would love to hear your comments in this regard: Technology vs Thought Leadership: Technical lead is primarily responsible for exploration and implementation of technology (tools & frameworks) to solve a particular set of problem in hand. He also plays a crucial role in doing proof-of-concept in related with adoption of newer technologies. The person on this role also acts as a mentor and guide to individual team members in terms of adoption of technology. However, …

Continue reading

Posted in Architecture, Software Engg. Tagged with , , .