Engineering the Future of Software
29–31 Oct 2018: Tutorials & Conference
31 Oct–1 Nov 2018: Training
London, UK

Securing APIs in a Microservice Architecture

Rob Wilson (CA Technologies)
16:5017:40 Monday, 29 October 2018
Location: King's Suite - Sandringham Level: Intermediate
Secondary topics:  Best Practice

Who is this presentation for?

Enterprise Architects, Software Architects, Security Architects

Prerequisite knowledge

Basic understanding of APIs, OAuth, and JSON Web Tokens.

What you'll learn

A practical model for securing microservice APIs.


In this session Rob Wilson will discuss the DHARMA model for microservice APIs security from the O’Reilly report Securing Microservice APIs he co-authored with Matt McLarty and Scott Morrison.

There are a number of techniques for controlling access to web APIs in a microservice architecture, including network controls, cryptographic methods, and platform-based capabilities. After reviewing current approaches to securing microservices, this session will present the DHARMA API access control model for microservices. The DHARMA model can be implemented on any platform, or across multiple platforms in order to provide cohesive security over a network of microservices. The session will conclude with a look at extending the DHARMA model to include other types of microservice APIs.

Rob Wilson

CA Technologies

Rob has been working in the field of information technology for over 20 years. He enjoys working on complex and diverse issues where the analysis of situations requires an in-depth evaluation of numerous factors, as well as ingenuity and originality to solve. Today much of his time is spent working with clients on their API and Microservices strategies. Rob holds a Bachelor of Technology Management from Memorial University, and Master of Science in Information Technology from the University of Liverpool. When not working with clients Rob enjoys outdoor activities with family, gaming, and having lively & engaging conversations.

He recently coauthored Securing Microservice APIs with Matt McLarty and Scott Morrison.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)