To see the other types of publications on this topic, follow the link: API gateway.
Journal articles on the topic 'API gateway'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'API gateway.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Chirumamilla, Sai Krishna. "Designing Cloud-Native APIs: Using AWS API Gateway for Scalable, Secure, and Developer-Friendly Solutions." International Scientific Journal of Engineering and Management 02, no. 11 (2023): 1–8. https://doi.org/10.55041/isjem01285.
Full textAbstract:
Continuous cloud development is becoming a major success in the technological field as businesses seek competitive solutions that meet the dynamic need for digital solutions. AWS API Gateway is quite extensive in providing full coverage of API management needs and several tools that will help developers with scalability, security, and convenience. This article focuses on how AWS API Gateway can be employed in creating API services that are properly secure and user-first experiences for the cloud. We dig deeper into the pillar of cloud-native architectures, review API Gateway’s features, and provide a detailed overview of its influence on today’s API evolution. Features such as the deployment operation models, security recommendations, and integration with Lambda and DynamoDB are also stressed. Pictures and diagrams help to explain API design and deployment steps, and tables contain API performance indicators. Keywords: Cloud-native, AWS API Gateway, Scalability, Security, API management, Lambda, Serverless.
2
Sitorus, Riama Santy, B. Junedi Hutagaol, and Dita Madonna Simanjuntak. "Capability-Based API Gateway Technology Selection Analysis for Banking Cybersecurity Solution Using AHP Method." sinkron 9, no. 1 (2025): 338–47. https://doi.org/10.33395/sinkron.v9i1.14328.
Full textAbstract:
The growing reliance on APIs in the banking sector, driven by digital transformation, necessitates robust API Gateways that balance performance with strong security measures to address risks like API abuse, man-in-the-middle attacks, and data scraping, while ensuring compliance with regulations such as PCI-DSS, GDPR, and OJK standards. This study bridges the gap in technical guidance by developing a comprehensive evaluation framework using the Analytic Hierarchy Process (AHP) to determine the most suitable API Gateway for banking. The findings identify Apigee as the optimal choice, scoring 1.4277 for its superior authentication, traffic encryption, threat detection, deployment flexibility, cloud integration, and API management. IBM API Connect, scoring 0.6186, is a strong alternative with excellent security and management features but limited scalability and deployment flexibility. Kong and Axway API Gateway follow with scores of 0.4215 and 0.4627, excelling in deployment and integration but lacking critical security features for banking. This research emphasizes the strategic importance of selecting the right API Gateway to bolster cybersecurity and API management in banking, recommending Apigee as the primary solution and IBM API Connect for complex IT infrastructures. It also contributes to the literature by providing a structured, quantitative approach to API Gateway selection and suggests future research exploring AI integration, advanced analytics, and cost-benefit analyses for informed decision-making in the financial sector.
3
Ochuba, Nneka Adaobi, Denis Kisina, Samuel Owoade, Abel Chukwuemeke Uzoka, Toluwase Peter Gbenle, and Oluwasanmi Segun Adanigbo. "Systematic Review of API Gateway Patterns for Scalable and Secure Application Architecture." Journal of Frontiers in Multidisciplinary Research 2, no. 1 (2021): 94–100. https://doi.org/10.54660/.ijfmr.2021.2.1.94-100.
Full textAbstract:
In modern software architecture, the API gateway has become a foundational component for enabling scalable, secure, and resilient distributed systems. This paper presents a systematic review of API gateway patterns, synthesizing insights from academic literature and industry documentation to develop a comprehensive understanding of their evolution, design, and application. Beginning with the historical transition from monolithic APIs to gateway-centric microservices, the study contextualizes the rise of gateways within the broader movements toward cloud-native development, DevOps, and serverless computing. The paper introduces a pattern classification schema encompassing roles such as Aggregator, Proxy, Adapter, and Facade, while also distinguishing between scalability-oriented and security-centric design strategies. Patterns like Backend-for-Frontend, Edge Caching, Token Exchange, and Policy Enforcement are examined in depth to evaluate their impact on throughput, service isolation, identity management, and regulatory compliance. Challenges related to deployment, observability, and fault tolerance are also explored, alongside best practices and tooling insights from leading gateway platforms. The findings underscore the strategic importance of API gateways in modern software design, offering actionable guidance for architects and developers. The study concludes with recommendations for future research on hybrid gateway-mesh models, AI-driven traffic management, and gateway integration in edge and Internet-of-Things environments. This review aims to bridge the gap between theoretical constructs and practical implementations, contributing a structured foundation for the next generation of scalable and secure application architectures.
4
Denis, Zolotariov. "About One Approach to Deploying an API Gateway Development Environment." International Journal of Mathematics And Computer Research 10, no. 04 (2022): 2655–61. https://doi.org/10.5281/zenodo.6490777.
Full textAbstract:
The article outlines the problem of an integral approach to building an API gateway that includes the API gateway itself, the development of documentation for the API, sandbox for API end users, and automated testing. This problem is divided into tasks, each of which is solved. As a result, a general approach has been developed for deploying an environment for developing and executing API gateway, which takes into account: convenient configuration and launch of the gateway server, flexible development of APIs’ documentation and its convenient viewing by end users, as well as end-to-end and performance testing developed APIs. A demo example is given and its implementation features are described. The ways of its further development are proposed.
5
Konde, Samruddhi. "API Gateway-Based Microservices In Java." International Journal of Advance and Applied Research S6, no. 23 (2025): 305–10. https://doi.org/10.5281/zenodo.15227249.
Full textAbstract:
<em>API Gateway-based micro services are an important design pattern in modern applications. They provide a single entry point for all client requests, simplifying how clients interact with multiple micro services. The API Gateway handles various tasks such as routing requests to the correct service, managing security, limiting the number of requests, and balancing the load across services. By using an API Gateway, developers can make their system more secure, scalable, and easier to maintain. In Java, tools like Spring Cloud Gateway, Zulu, and Kong help build API Gateway-based micro services. In the help of these tools, developers may implement policies like authentication, logging, and monitoring, control routing, and deal with service discovery. Micro services can be made more flexible by employing an API Gateway, which makes it simpler to introduce new services or alter existing ones without disrupting client applications.</em> <em>The main benefits of using an API Gateway in Java micro services include:</em> <em>Centralized Routing: Customers don't need to be aware of the specific services because the API Gateway routes requests to the appropriate micro service. Managing Common Tasks: Things like logging, security, caching, and controlling traffic can be handled by the Gateway, avoiding repetition in each micro service.</em> <em>Security: By controlling user authentication and authorisation and making sure that only authorised users can access the services, the API Gateway contributes to service security.</em> <em>Simplified Communication: The Gateway can combine responses from multiple services into one, making it easier for the client to get the information they need.</em> <em>Scalability and Reliability: The application is more dependable since the API Gateway can manage system faults and divide the load among services.</em>
6
Shivam and Mukti Gupta. "Secure API Gateway with Rate Limiting and JWT Authentication." International Journal for Research in Applied Science and Engineering Technology 13, no. 4 (2025): 3559–62. https://doi.org/10.22214/ijraset.2025.68953.
Full textAbstract:
Abstract: APIs form the foundation of modern applications, yet they remain highly vulnerable to various attacks such as brute force, token abuse, and DDoS. In this paper, we present a layered approach to secure APIs using API gateways, JWT-based authentication, and rate limiting. Through comparative analysis of tools like AWS API Gateway, Kong, Apigee, and NGINX, we highlight key features, strengths, and trade-offs. Our findings suggest that integrating JWT with rate limiting significantly improves API security and scalability across architectures
7
Julio, Erry, and Magdalena A. Ineke Pakereng. "Implementasi API Payment Gateway Menggunakan Arsitektur Microservice." Jurnal Informatika 8, no. 2 (2021): 123–30. http://dx.doi.org/10.31294/ji.v8i2.10590.
Full textAbstract:
Untuk melakukan integrasi pembayaran online, PT. Emporia Digital Raya perlu membuat aplikasi Payment Gateway yang dapat meneruskan pembayaran ke bank tujuan. Arsitektur microservice dapat diterapkan untuk mengatasi masalah yang ada pada arsitektur monolithic dimana pengembangan aplikasi dilakukan dalam bentuk web service kecil yang saling berkomunikasi satu dengan yang lain. Dengan menggunakan konsep routing, payment gateway memiliki tanggung jawab seperti router dimana payment gateway berperan mencari rute ke bank mana data akan dikirimkan. Payment gateway akan memproses request dan membaca fields beneficiaryBankCode untuk menacari rute. Jika bank tujuan tidak ditemukan maka payment gateway akan menjalankan query dan mencari rute berdasarkan prioritas yang telah ditentukan oleh PT. Emporia Digital Raya.
8
Летов, Никита Кириллович. "Эффективность применения паттерна API Gateway при разработке коммерческого ПО". Актуальные исследования, № 2-2 (237) (17 січня 2025): 12–16. https://doi.org/10.5281/zenodo.14679523.
Full textAbstract:
<em>Данная работа представляет собой комплексный анализ использования паттерна API Gateway в контексте разработки коммерческого программного обеспечения. В работе рассматриваются ключевые аспекты применения API Gateway, включая его роль в микросервисной архитектуре, влияние на безопасность и производительность систем. В работе демонстрируется применение теоретических концепций в реальных сценариях разработки. Исследование направлено на предоставление разработчикам и архитекторам программного обеспечения глубокого понимания преимуществ и потенциальных проблем, связанных с внедрением API Gateway в коммерческих проектах.</em>
9
Lim, Chanuk, Hee-Seok Choi, and Seok-Hyoung Lee. "API Gateway Design for Sharing Science and Technology Knowledge Infrastructure." Journal of Digital Contents Society 22, no. 4 (2021): 719–25. http://dx.doi.org/10.9728/dcs.2021.22.4.719.
Full text
10
Sujeeth Reddy Pasham. "Optimizing API Gateway Performance with Serverless Architectures: A Comprehensive Analysis." International Journal of Scientific Research in Computer Science, Engineering and Information Technology 11, no. 1 (2025): 2756–65. https://doi.org/10.32628/cseit251112276.
Full textAbstract:
This article explores the optimization of API gateway performance through the implementation of serverless architectures. It delves into the fundamental concepts of serverless computing and its integration with API gateways, examining how this combination addresses key challenges in scalability, cost-efficiency, and security. The article discusses various strategies for performance optimization, including minimizing latency, implementing dynamic scaling, and reducing costs through efficient resource utilization. It also addresses critical security concerns and solutions specific to serverless environments. The article further explores the integration of cloud-native features and database strategies to enhance reliability and scalability. Through a series of real-world case studies, the article demonstrates the practical applications and benefits of serverless API gateways across different industries. While acknowledging the challenges and limitations of this approach, such as cold start issues and vendor lock-in concerns, the article also looks ahead to future developments in the field, including potential advancements in security, performance, and integration with emerging technologies like edge computing and 5G networks. Overall, this comprehensive article analysis provides valuable insights for developers, architects, and decision-makers looking to leverage serverless architectures for API management in modern, distributed applications.
11
Ravinder Ramidi. "Cloud-Based API Gateways for Seamless Multi-Platform Integration." International Journal of Scientific Research in Computer Science, Engineering and Information Technology 11, no. 2 (2025): 2466–503. https://doi.org/10.32628/cseit25112723.
Full textAbstract:
Cloud-based API gateways offer vital solutions for integrating systems across diverse environments in today's multi-cloud landscape. These gateways provide centralized control for managing, securing, and optimizing API traffic across distributed systems, addressing challenges organizations face when operating across multiple platforms. Key gateway functions include request routing, protocol translation, authentication, rate limiting, caching, lifecycle management, and monitoring capabilities. Major providers—AWS, Azure, and Google Cloud—offer solutions with unique strengths suitable for different business scenarios. Effective integration patterns for customer data, payment processing, and analytics implementations complement optimization techniques spanning performance, security, and fault tolerance. Advanced approaches including serverless functions, microservices patterns, and edge computing enhancements receive particular attention, while a phased implementation roadmap ensures successful adoption across enterprises seeking to modernize their integration infrastructure.
12
Laksito, Arif Dwi. "API Gateway Menggunakan SlimPHP pada Aplikasi Kantin Amikom (API Gateway using SlimPHP on Cafetaria Application in Amikom )." JURNAL IPTEKKOM : Jurnal Ilmu Pengetahuan & Teknologi Informasi 21, no. 1 (2019): 31. http://dx.doi.org/10.33164/iptekkom.21.1.2019.31-42.
Full text
13
Laksono, Muhammad Agung, Irwan Alnarus Kautsar, and Hamzah Setiawan. "Implementasi Payment Gateway pada Platform Freelance Digital Menggunakan Rest API." SMATIKA JURNAL 14, no. 01 (2024): 135–45. http://dx.doi.org/10.32664/smatika.v14i01.1227.
Full textAbstract:
Pada era digital yang terus berkembang, penggunaan payment gateway telah menjadi unsur penting dalam transaksi bisnis online. Payment gateway adalah teknologi atau layanan yang memungkinkan perusahaan atau instansi dan aplikasi untuk menerima pembayaran elektronik atau metode pembayaran digital lainnya. Penelitian ini menggunakan pendekatan Agile Development untuk mengimplementasikan payment gateway pada platform freelance digital. Agile Development dipilih karena fleksibilitas dan pendekatannya yang iteratif, memungkinkan penyesuaian cepat terhadap kebutuhan yang berubah. Kesimpulannya payment gateway pada platform freelance ini sudah berjalan dengan cukup baik, pada platform freelance ini sudah dilakukan pengujian dengan keterangan hasil pengujian sukses dan juga hasil prosentase sebesar 87%. Hasil penelitian ini menunjukkan bahwa integrasi payment gateway melalui REST API tidak hanya meningkatkan efisiensi operasional platform freelance, tetapi juga memperkuat kepercayaan pengguna terhadap sistem pembayaran digital, sehingga dapat mendukung pertumbuhan dan keberlanjutan bisnis platform freelance tersebut.
14
Macy, Jason. "How to build a secure API gateway." Network Security 2018, no. 6 (2018): 12–14. http://dx.doi.org/10.1016/s1353-4858(18)30056-4.
Full text
15
Arta, Ketut Nila, A. A. Kompiang Oka Sudana, and Gusti Agung Ayu Putri. "Workshop Marketplace System Using Rajaongkir API, Leaflet API and Midtrans Payment Gateway." International Journal of Natural Science and Engineering 6, no. 1 (2022): 1–7. http://dx.doi.org/10.23887/ijnse.v6i1.44033.
Full textAbstract:
The automotive shop is a business engaged in the automotive sector that serves vehicle repairs and sales of various kinds of vehicle spare parts. A marketplace is a place for buying and selling or a market that uses internet media. The current marketplace is still very common, making it difficult to find a marketplace that focuses on the automotive sector and difficult to find information about available automotive shops around. The automotive shop marketplace system can help to carry out the process of buying and selling vehicle spare parts and assist in finding various spare parts and information about available automotive shops based on the user's location. This system was developed on a web-based basis using the PHP programming language with the Laravel framework and integrated with the Leaflet API, RajaOngkir API, and Midtrans Payment Gateway as additional features in creating a marketplace. The leaflet API displays a map containing the location of the automotive shop listed on the marketplace. RajaOngkir API provides information about shipping costs to the buyer's place from the seller's place. Midtrans Payment Gateway bridges the payment process carried out by both parties so that it can take place properly. The method used in this research is to use the System Development Life Cycle (SDLC) waterfall method. The results of the research conducted were tested using the black-box method.
16
Surbhi, Kanthed. "Improving Performance with API Gateway Caching and Throttling." International Journal of Innovative Research in Engineering & Multidisciplinary Physical Sciences 11, no. 6 (2023): 1–10. https://doi.org/10.5281/zenodo.15086802.
Full textAbstract:
API gateways serve as a unified entry point for client requests in microservices and distributed systems. They enforce cross-cutting concerns, such as authentication and routing, while regulating resource usage. Two primary mechanisms for improving performance and resource efficiency are caching—which stores frequently requested data—and throttling, which limits request rates to avoid overload. This paper provides a comprehensive survey of caching and throttling techniques in API gateways, emphasizing their technical underpinnings, existing literature, real world case studies and a reference framework that outlines how these mechanisms can be integrated. Additionally, it presents a overview of popular API gateways that implement caching and throttling features. The paper concludes with a discussion of security considerations, open research questions, and future directions in this domain.
17
Rasmi A, Dr. "Serverless Application Deployment Using AWS Lambda and API Gateway." INTERNATIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 09, no. 05 (2025): 1–9. https://doi.org/10.55041/ijsrem48752.
Full textAbstract:
Abstract - Serverless computing is transforming the way applications are developed and deployed by abstracting the complexities of server management. This paper presents the design and implementation of a serverless application using AWS Lambda and API Gateway. The application demonstrates how cloud-native features like scalability, reduced operational overhead, and cost efficiency can be achieved through serverless architecture. The methodology focuses on event-driven function deployment, RESTful API exposure, and integration with AWS services such as DynamoDB. The paper includes system architecture, implementation strategies, sequence and activity diagrams, testing results, and a discussion on performance. We conclude with future directions to improve serverless applications in terms of latency and observability. As enterprises seek to accelerate application development cycles while minimizing infrastructure concerns, serverless computing emerges as a viable solution. This study explores the design, development, and deployment of a serverless application using Amazon Web Services (AWS) Lambda and API Gateway. The solution demonstrates a real-world use case—a task management REST API—integrated with AWS services to offer seamless, on-demand execution of backend logic without server maintenance. Emphasis is placed on architectural design, cloud integration, performance analysis, and deployment best practices. Key Words: Serverless computing, AWS lambda, Amazon API gateway, Cloud-Native Architecture, Cloud deployment
18
Chirumamilla, Sai Krishna. "The Serverless Revolution: Transforming Traditional Software Engineering with AWS Lambda and API Gateway." International Scientific Journal of Engineering and Management 02, no. 06 (2023): 1–7. https://doi.org/10.55041/isjem01211.
Full textAbstract:
Serverless computing has easily brought about changes in software engineering practices by reducing infrastructure requirements and bringing about flexibility. When integrated with API Gateway, AWS Lambda has led this shift towards the new standard of highly efficient, scalable and cost-effective software solutions. This paper compares serverless architecture, based on event-triggered computation and fine-grained functional service execution, with conventional server-intensive architectures. To identify the potential impact of the implementation of AWS Lambda and API Gateway in different sectors, the paper provides literature on the topic and describes its methodology in detail. Such outcomes include improved simplification of the development procedure characterizing the product, better cost regulation, and solution scalability. The discussion also expands the understanding of those concepts, bringing arguments regarding the possibilities and challenges of serverless. Finally, this paper reviews the study’s findings in presenting the current ideal practices in serverless technology and the future directions in using the technology. Keywords: Serverless Computing, AWS Lambda, API Gateway, Cloud Computing, Software Engineering.
19
Huang, Chih-Yuan, and Hsin-Hsien Chen. "An Automatic Embedded Device Registration Procedure Based on the OGC SensorThings API." Sensors 19, no. 3 (2019): 495. http://dx.doi.org/10.3390/s19030495.
Full textAbstract:
Sensor Web and Internet of Things (IoT) (SW-IoT) have been attracting attention from various fields. Both of them deploy networks of embedded devices to monitor physical properties (i.e., sensing capability) or to be controlled (i.e., tasking capability). One of the most important tasks to realize the SW-IoT vision is to establish an open and interoperable architecture, across the device layer, gateway layer, service layer, and application layer. To achieve this objective, many organizations and alliances propose standards for different layers. Among the standards, Open Geospatial Consortium (OGC) SensorThings API is arguably one of the most complete and flexible service standards. However, the SensorThings API only address heterogeneity issues in the service layer. Embedded devices following proprietary protocols need to join closed ecosystems and then link to the SensorThings API ecosystem via customized connectors. To address this issue, one could first follow another device layer and gateway layer open standards and then perform data model mapping with the SensorThings API. However, the data model mapping is not always straightforward as the standards were designed independently. Therefore, this research tries to propose a more direct solution to unify the entire SW-IoT architecture by extending the SensorThings API ecosystem to the gateway layer and the device layer. To be specific, this research proposes SW-IoT Plug and Play (IoT-PNP) to achieve an automatic registration procedure for embedded devices. The IoT-PNP contains three main components: (1) A description file describing device metadata and capabilities, (2) a communication protocol between the gateway layer and the device layer for establishing connections, and (3) an automatic registration procedure for both sensing and tasking capabilities. Overall, we believe the proposed solution could help achieve an open and interoperable SW-IoT end-to-end architecture based on the OGC SensorThings API.
20
Laxmana Kumar Bhavandla. "Development of Secure API Gateways for Cloud Services." Journal of Sustainable Solutions 2, no. 1 (2025): 1–10. https://doi.org/10.36676/j.sust.sol.v2.i1.53.
Full textAbstract:
This paper proposes an approach to design a secure API gateway for cloud services to improve the security, scalability and performance of cloud-based applications. These components include: authentication component, role-based access control component, data validation component, encryption component and real time monitoring component. Since the use of a Zero Trust model and the application of threat detection at a much higher level the framework provides secure protection from threats, such as unauthorized access, data leakage, and DoS. The research also involves gap identification evaluation of API gateway tools and implementation strategies and testing protocols with a view of making a detailed solution to security threats in today’s complex cloud infrastructure.
21
Zikky, Moh, Rizky Yuniar Hakkun, and Buchori Rafsanjani. "Indonesian Sign Language API (OpenSIBI API) as The Gateway Services for Myo Armband." International Journal of Artificial Intelligence & Robotics (IJAIR) 1, no. 1 (2019): 16. http://dx.doi.org/10.25139/ijair.v1i1.2026.
Full textAbstract:
We create an API (Application Programming Interface) for Indonesian Sign Language (Sistem Isyarat Bahasa Indonesia/SIBI) which is called OpenSIBI. In this case study, we use the Myo Armband device to capture hand gesture data movement. It uses five sensors: Accelerometer, Gyroscope, Orientation, Orientation-Euler, and EMG. First, we record, convert and save those data into JSON dataset in the server as data learning. Then, every data request (trial data) from the client will compare them using k-NN Normalization process. OpenSIBI API works as the middleware which integrated to RabbitMQ as the queue request arranger. Every service request from the client will automatically spread to the server with the queue process. As the media observation, we create a client data request by SIBI Words and Alphabeth Game, which allows the user to answer several stages of puzzle-game with Indonesian Sign Language hand gesture. Game-player must use the Myo armband as an interactive device that reads the hand movement and its fingers for answering the questions given. Thus, the data will be classified and normalized by the k-NN algorithm, which will be processed on the server. In this process, data will pass OpenAPI SIBI (which connected to RabbitMQ) to queue every incoming data-request. So, the obtained data will be processed one by one and sent it back to the client as the answer.
22
Pan, Yunfei, Hongyong Jia, Wenhe Liu, He Sun, Mingyang Xu, and Cen Chen. "Mimicry API Gateway Decision Algorithm Based on Trust Distribution." Journal of Physics: Conference Series 2424, no. 1 (2023): 012004. http://dx.doi.org/10.1088/1742-6596/2424/1/012004.
Full textAbstract:
Abstract Aiming at the lack of dynamic and comprehensiveness of trust evaluation methods in current adjudication algorithms, an adjudication algorithm for mimic API gateway based on trust distribution is proposed. The algorithm comprehensively considers the direct and indirect trust relationships between equipment executives from the perspective of trust distribution, and on this basis introduces a dynamic penalty strategy, which greatly improves the dynamics and effectiveness of the algorithm. In addition, the algorithm is simulated and tested in the simulated API gateway environment, and the simulation results show that the proposed algorithm has significantly improved the reliability and security of trust evaluation compared with the previous adjudication algorithms.
23
Raju, Dachepally. "Developing Scalable REST APIs for Enterprise Applications." International Journal on Science and Technology 14, no. 1 (2023): 1–6. https://doi.org/10.5281/zenodo.14866176.
Full textAbstract:
REST APIs are the backbone of modern enterprise applications, enabling seamless communication between distributed systems. However, as applications scale, REST API performance and reliability become critical concerns. This paper explores best practices for designing scalable REST APIs, including stateless architecture, caching, load balancing, and API gateway integration. We discussstrategies for optimizing request handling, managing security, and implementing API versioning. The paper also presents performance benchmarking and real-world case studies to illustrate the impact of scalable API design.
24
Nariswari, Arinda Inansya, Sumiati, Riyan Naufal Hay’s, and Viktor Vekky Ronald Repi. "RANCANG BANGUN SISTEM E-TICKET BERBASIS PAYMENT GATEWAY." JSiI (Jurnal Sistem Informasi) 10, no. 2 (2023): 137–41. http://dx.doi.org/10.30656/jsii.v10i2.8183.
Full textAbstract:
DAN Tiket adalah agen penjualan tiket wisata dan booking hotel. Penjualan dan pemasaran di DAN Tiket saat ini menggunakan media sosial. Transaksi jual beli tiket dan reservasi melalui media social, yaitu pelanggan mengirimkan foto bukti pembayaran transfer. Penelitian ini menggunakan metode waterfall. Dalam menghadapi tingginya persaingan dunia e-ticketing pada era saat ini dibutuhkan sebuah sistem website untuk memperluas media promosi dan metode pembayaran yang dapat memudahkan pengguna dalam melakukan transaksi pembayaran yaitu dengan payment gateway. Payment gateway memberikan layanan transaksi secara mudah, efisien, dan aman. Salah satu layanan payment gateway yang digunakan adalah API midtrans. API Midtrans adalah sistem pembayaran yang dapat memfasilitasi penjual dan pembeli untuk melakukan transaksi. Dalam membangun aplikasi ini, peneliti menggunakan metode penelitian terapan. Hasil dari penelitian yang telah dilakukan, diperoleh analisis kebutuhan, rancangan, dan pengujian sistem. Metode pengujian yang digunakan adalah blackbox. Hasil pengujian pada sistem ini dapat membantu dalam proses transaksi pelanggan dan memudahkan admin dalam mengelola pesanan yang masuk.
 Kata kunci: Blackbox, DAN Tiket, Payment Gateway Midtrans, Reservasi, Website
25
Listyanto, Tunggal, and Wahyu Sri Utami. "Optimalisasi Aplikasi Toko Bangunan Melalui Integrasi Rest Api Dan Whatsapp Gateway." INTECOMS: Journal of Information Technology and Computer Science 7, no. 6 (2024): 1957–65. https://doi.org/10.31539/intecoms.v7i6.12792.
Full textAbstract:
Manajemen aplikasi toko bangunan menjadi tantangan kompleks karena kurangnya integrasi sistem internal, otomatisasi manajemen stok, dan konektivitas dengan konsumen. Tujuan penelitian ini adalah mengembangkan sistem berbasis Rest API untuk meningkatkan efisiensi operasional toko. Metode yang digunakan meliputi analisis kebutuhan sistem dan pengembangan REST API yang mengintegrasikan fungsi-fungsi utama seperti manajemen stok, pemesanan, pembayaran, dan pelacakan pengiriman. Hasil menunjukkan peningkatan efisiensi dalam manajemen stok, peningkatan konektivitas antara aplikasi dengan konsumen melalui integrasi e-commerce, serta peningkatan pengalaman konsumen dengan pelacakan pengiriman secara real-time. Simpulan yang diperoleh adalah sistem berbasis REST API mampu memberikan solusi efektif untuk meningkatkan efisiensi operasional toko bangunan.
26
Zhao, J. T., S. Y. Jing, and L. Z. Jiang. "Management of API Gateway Based on Micro-service Architecture." Journal of Physics: Conference Series 1087 (September 2018): 032032. http://dx.doi.org/10.1088/1742-6596/1087/3/032032.
Full text
27
Chintale, Pradeep, Laxminarayana Korada, Rajesh Kumar Malviya, Gopi Desaboyina, and Rajashekhar Reddy Kethireddy. "Evolving Kubernetes Networking An Overview of the Gateway API." International Journal on Recent and Innovation Trends in Computing and Communication 8, no. 5 (2020): 30–34. https://doi.org/10.5281/zenodo.14058194.
Full text
28
Pranatawijaya, Viktor Handrianus, and Hendra Yulianto. "Penerapan API (Application Programming Interface) MIDTRANS Sebagai Payment Gateway Pada Indekos Berbasis Website." Journal of Information Technology and Computer Science 2, no. 4 (2022): 254–62. http://dx.doi.org/10.47111/jointecoms.v2i4.8877.
Full textAbstract:
In the Big Indonesian Dictionary (KBBI), boarding house is staying at someone else's house with or without food (by paying monthly). The emergence of new technologies in the industrial revolution will fundamentally change the way people work and live. In the industrial era 4.0, internet technology facilitates communication between humans and humans with machines that are no longer limited by space and time. One technology that is a key aspect of competitiveness in the industrial era 4.0, namely financial technology (fintech), especially in the online payment gateway sector (payment gateway) which, if applied to the boarding house business, will be very helpful in making the rental payment process more efficient and practical. compared to conventional payments. The research methodology used in implementing the Midtrans API (Application Programming Interface) as a Payment Gateway in this website-based boarding house is the waterfall method. In this methodology, several steps are taken to build software, namely: Analysis, Design, Coding, Testing and Maintenance. Testing this website using Blackbox testing. As a result of implementing a payment gateway using the Midtrans API, now boarding house payments can be made online via bank transfer or e-wallet in real time without the need to confirm payments manually again.
29
Lis, Karol, and Jakub Smołka. "Examination of the performance and scalability of a web application in a reactive and imperative approach using the Spring Framework." Journal of Computer Sciences Institute 32 (September 30, 2024): 210–16. http://dx.doi.org/10.35784/jcsi.6291.
Full textAbstract:
The purpose of this paper was to test the performance and scalability of a web application written in reactive and imperative approaches using the Spring Framework, in order to understand the differences between these approaches and choose the technology that best meets the requirements and provides optimal performance. Two test applications were compared in terms of query processing times and CPU/RAM usage. The effect of Api Gateway microservices on application performance was analyzed. The tests showed that the reactive application processed I/O operations faster, used less RAM but more CPU. The imperative approach was faster for transactional operations performed sequentially. The reactive variant reacted with less latency to the presence of Api Gateway than the imperative approach.
30
Gadia, Riddham, Rushank Shah, Shashank Varshney, and Vinaya Sawant. "A System on Automated Database and API (Application Programming Interface) Management." International Journal for Research in Applied Science and Engineering Technology 10, no. 4 (2022): 3226–34. http://dx.doi.org/10.22214/ijraset.2022.41827.
Full textAbstract:
Abstract: Web development is a skill that is high in demand, but acquiring it requires a lot of hard work and experience. Managing the frontend is easy but managing the backend and the database is highly daunting. It requires lots of practice. Hence this makes web development complicated. So, a brief analysis has been done on the existing system like Amazon API Gateway, Firebase, and Google Apigee. Also, this paper shows a comparative study of various data transfer formats and techniques. This paper mainly focuses on a novel approach for automated database and API management that resolves the drawbacks in the existing systems. This system will ensure ease of use and a faster development process in terms of front-end and back-end connectivity. The new system focuses on building an architecture that is both scalable and secure from a backend and database perspective. Keywords: Cloud Computing, Firebase, Amazon API Gateway, Google Apigee, REST, SOAP, XML, JSON, Automated Database Management System.
31
Indra Yadi, Suhaili Alifuddin, and Hadi Purwanto. "RANCANG BANGUN PEMBUANGAN ASAP DAN PEMADAM KEBAKARAN RUANGAN DENGAN SENSOR THERMAL ARRAY TPA 81 DAN SMS GATEWAY (Design and Construction of Smoke Exhaust and Fire Extinguishing with TPA 81 Thermal Array Sensor and SMS Gateway)." Majalah Iptek Politeknik Negeri Medan Polimedia 24, no. 3 (2022): 33–40. http://dx.doi.org/10.51510/polimedia.v24i3.710.
Full textAbstract:
Biasanya salah satu sistem pemadaman kebakaran suatu ruangan besar pada kantor atau bangunan menggunakan sensor asap/api dan sistem pemadaman menggunakan sejumlah saklar kran air berputar diatas ruangan yang memancarkan air serentak ke seluruh ruangan. Hal ini kurang efektif, karena tidak memancarkan air fokus ke titik api. Dengan aplikasi simulasi pemanfaatan fungsi monitor dan kontrol dari beberapa input/output berbeda. Input mikrokontroler menggunakan 4 sensor api TPA 81 dan 1 sensor asap disusun secara thermal array. Kedua sensor tersebut dibandingkan, menurut peluang muncul api dan asap, maka output mikrokontroler menggerakkan pompa air pemadaman dengan pengaturan debit air sesuai ukuran besaran api dan apabila muncul asap dan kondisi api dirasa aman, maka mikrokontroler menggerakkan kipas untuk pembuangan asap. Sistem ini dapat dimonitor oleh alarm dan SMS gateway. 
 Hasil penelitian menunjukkan jarak deteksi titik api/panas maksimal 25 cm, memiliki peluang aktifnya sistem pemadanan kebakaran adalah 71,5 % dan error 10 %,, respons waktu sistem adalah 1,185 s. Sedangkan sistem pembuangan asap adalah 74,7 % dan faktor error adalah 8 %.. Error sistem keseluruhan adalah 9%.
32
NURYASIN, MUHAMMAD FAUZI, BAMBANG MUKTI WIBAWA, and MOHAMMAD TAUFIK. "Wireless Sensor Network (WSN) untuk Predictive Maintenance Lampu Sinyal Kereta Api." ELKOMIKA: Jurnal Teknik Energi Elektrik, Teknik Telekomunikasi, & Teknik Elektronika 8, no. 2 (2020): 418. http://dx.doi.org/10.26760/elkomika.v8i2.418.
Full textAbstract:
ABSTRAKLampu sinyal memiliki peranan yang penting dalam persinyalan kereta api. Pemeliharaan lampu sinyal perlu diperhatikan agar kondisi lampu sinyal tetap sesuai standar. Penelitian ini merancang Wireless Sensor Network (WSN) untuk mengakuisisi parameter lampu sinyal agar dapat dipantau, dianalisis, dan disimpan. Parameter yang diakuisisi berdasarkan dari standar peraturan Menteri Perhubungan Indonesia mengenai lampu sinyal kereta api antara lain intensitas cahaya, tegangan, suhu, dan kelembapan lingkungan lampu sinyal. Sistem tersusun dari tiga subsistem, yaitu sensor node, gateway, dan server. Sistem dapat melakukan pemantauan intensitas lampu sinyal, suhu dan kelembapan lingkungan lampu sinyal, serta tegangan lampu sinyal yang dikirim secara nirkabel yang dapat mencapai jarak hingga 200 m memanfaatkan spektrum radio frekuensi 433 Mhz. Pada saat ada gangguan terhadap lampu sinyal, sistem telah mampu melakukan predictive maintenance berdasarkan standarisasi lampu sinyal.Kata kunci: lampu sinyal, sensor node, gateway, server, wireless sensor network ABSTRACTSignal lights has an important role in railway signaling. Proper maintenance must be taken to maintain signal lights so that signal lights condition remain in accordance with the standard. This study designed the Wireless Sensor Network (WSN) to acquire signal lights parameter information so that it can be monitored, analyzed and stored. The parameters acquired are based on the Indonesian Minister of Transportation's regulatory standards regarding railway signal lights such as light intensity, voltage, temperature, and humidity of signal lights. System consists of three subsystems, namely sensor node, gateway, and server. System can monitor signal lights intensity, ambient temperature, ambient humidity, and voltage of signal lights then send those parameters which can reach distances of up to 200 m utilizing the radio frequency spectrum 433 Mhz. When there are interferences with signal lights, system has been able to perform predictive maintenance based on the signal lights standardization.Keywords: signal lights, sensor node, gateway, server, wireless sensor network
33
Idris, A. Sogunle. "Securing Serverless Application Built with Lambda Function and API Gateway." Securing Serverless Application Built with Lambda Function and API Gateway 8, no. 11 (2023): 7. https://doi.org/10.5281/zenodo.10250591.
Full textAbstract:
The proliferation of serverless computing has transformed the landscape of application development, ushering in an era of increased scalability and reduced operational overhead. Serverless platforms, exemplified by AWS Lambda and API Gateway, provide an agile and cost-effective framework for deploying web services and applications. However, the shift to serverless architecture introduces new security challenges and risks. This article investigates the multifaceted aspects of securing serverless applications built with Lambda functions and API Gateway, recognizing the need for a comprehensive security framework to address the unique threats faced in this paradigm. The research encompasses a thorough analysis of the security implications within serverless environments, encompassing authentication and authorization, data protection, and runtime security. In addition, it delves into the intricacies of securing API Gateway endpoints and Lambda functions to thwart potential vulnerabilities and safeguard sensitive data. A comparative study of existing security tools, practices, and AWS-native security features is conducted to evaluate their efficacy in mitigating serverless security risks. Moreover, this article explores novel approaches to serverless security, such as the integration of automated security testing and the application of the principle of least privilege to Lambda functions. These innovative measures aim to provide a proactive and dynamic security model that adapts to evolving threats. The articles is expected to contribute to the development of a comprehensive security blueprint for serverless applications, ensuring the protection of critical data and maintaining the integrity and availability of serverless systems. As serverless computing continues to redefine the future of cloud-based applications, this article offers valuable insights and practical solutions to address the security challenges of this emerging technology.
34
Kim, Yeong-Deuk, and Dong Yoon Lee. "The Development of REST API Gateway Application Using Unified CNC Interface Platform." International Journal of Precision Engineering and Manufacturing-Smart Technology 3, no. 1 (2025): 97–105. https://doi.org/10.57062/ijpem-st.2024.00171.
Full textAbstract:
As the manufacturing industry adopts smart technologies, the demand for industrial applications that can interact with various manufacturing equipment has increased. CNCs are the core units that control machine tools, which make up the majority of manufacturing sites. Therefore, communication with CNCs is essential for collecting machine tool status information. However, since each CNC manufacturer uses a different communication interface, implementing mutually exclusive CNC communication methods is necessary when developing industrial applications. To allow application developers to focus on functionality without having to consider heterogeneous CNC communications, a unified CNC interface platform called TORUS was developed and publicly released. However, because TORUS operates only on Windows OS, there are limitations to its integration with existing systems at manufacturing sites. To address this issue, a TORUS-based gateway application has been proposed. This paper explains the necessity and role of the gateway application and demonstrates how it can effectively lower entry barriers to research and development related to smart factories. It also presents an example of how TORUS can be utilized through the REST API, which is widely used in modern manufacturing environments. Additionally, it provides guidelines for developing TORUS gateway applications that support interfaces or protocols beyond the REST API.
35
Garcia-Alonso, Jose, Javier Rojo, David Valencia, Enrique Moguel, Javier Berrocal, and Juan Manuel Murillo. "Quantum Software as a Service Through a Quantum API Gateway." IEEE Internet Computing 26, no. 1 (2022): 34–41. http://dx.doi.org/10.1109/mic.2021.3132688.
Full text
36
Zuo, Xianyu, Yuehan Su, Qianqian Wang, and Yi Xie. "An API gateway design strategy optimized for persistence and coupling." Advances in Engineering Software 148 (October 2020): 102878. http://dx.doi.org/10.1016/j.advengsoft.2020.102878.
Full text
37
Xu, Rongxu, Wenquan Jin, and Dohyeun Kim. "Microservice Security Agent Based On API Gateway in Edge Computing." Sensors 19, no. 22 (2019): 4905. http://dx.doi.org/10.3390/s19224905.
Full textAbstract:
Internet of Things (IoT) devices are embedded with software, electronics, and sensors, and feature connectivity with constrained resources. They require the edge computing paradigm, with modular characteristics relying on microservices, to provide an extensible and lightweight computing framework at the edge of the network. Edge computing can relieve the burden of centralized cloud computing by performing certain operations, such as data storage and task computation, at the edge of the network. Despite the benefits of edge computing, it can lead to many challenges in terms of security and privacy issues. Thus, services that protect privacy and secure data are essential functions in edge computing. For example, the end user’s ownership and privacy information and control are separated, which can easily lead to data leakage, unauthorized data manipulation, and other data security concerns. Thus, the confidentiality and integrity of the data cannot be guaranteed and, so, more secure authentication and access mechanisms are required to ensure that the microservices are exposed only to authorized users. In this paper, we propose a microservice security agent to integrate the edge computing platform with the API gateway technology for presenting a secure authentication mechanism. The aim of this platform is to afford edge computing clients a practical application which provides user authentication and allows JSON Web Token (JWT)-based secure access to the services of edge computing. To integrate the edge computing platform with the API gateway, we implement a microservice security agent based on the open-source Kong in the EdgeX Foundry framework. Also to provide an easy-to-use approach with Kong, we implement REST APIs for generating new consumers, registering services, configuring access controls. Finally, the usability of the proposed approach is demonstrated by evaluating the round trip time (RTT). The results demonstrate the efficiency of the system and its suitability for real-world applications.
38
Nagaraj, Rathod, Akkala Abhilasha, and seekoli Avinash. "Amazon virtual private cloud experimental and application." IJRSET MAY Volume 10 Issue 5 10, no. 5 (2023): 10–18. https://doi.org/10.5281/zenodo.8382910.
Full textAbstract:
Amazon Virtual Private Cloud lets you create a secure, private network utilising Amazon VPC. Using AWS' scalable architecture, this virtual network is almost identical to one you would find in your own data centre. To create, access, and manage VPCs, you may make use of any of the following APIs: Using the AWS Management Console, you may manage your virtual private networks . Using the CLI, you may access all of AWS's services, including VPC. Many of the complexities of a connection, such as calculating signatures, retrying requests, and fixing issues, are handled by the AWS SDKs. As the name suggests, the Query API is designed for accessing low-level API operations through HTTPS requests. Since VPC can only be accessed via its own application, low-level tasks like generating the hash for signing the request and handling errors must be handled by your programme. A wide range of VPC concepts were addressed in this article, including the creation of a VPC, as well as subnets, routes, security groups, and gateways.
39
Pradeesh, Ashokan, and Kumar Ravi. "Exploring API Security Protocols in ML-Powered Mobile Apps: A Study on IOS and Android Platforms." Sarcouncil Journal of Engineering and Computer Sciences 3, no. 7 (2024): 1–7. https://doi.org/10.5281/zenodo.14423517.
Full textAbstract:
The proliferation of machine learning (ML)-powered mobile applications has revolutionized user experiences but also introduced significant security challenges, particularly in Application Programming Interfaces (APIs). This study investigates API security protocols in ML-powered apps on iOS and Android platforms, analyzing common vulnerabilities such as insecure data transmission, improper authentication, and API key exposure. Through a comparative analysis, iOS is shown to benefit from stricter development controls, while Android's open ecosystem presents unique risks. The research highlights effective security measures, including OAuth 2.0, HTTPS/TLS enforcement, and API gateway integration, and provides actionable recommendations for enhancing API resilience. These findings aim to guide developers in mitigating risks and safeguarding the integrity of ML-powered applications
40
Qazi, Farhan. "Application Programming Interface (API) Security in Cloud Applications." EAI Endorsed Transactions on Cloud Systems 7, no. 23 (2023): e1. http://dx.doi.org/10.4108/eetcs.v7i23.3011.
Full textAbstract:
Many cloud services utilize an API gateway, which enables them to be offered to users through API platforms such as Platform as a Service (PaaS), Software as a service (SaaS), Infrastructure as a Service (IaaS) and cross-platforms APIs. APIs are designed for functionality and speed by developers who write a small portion of code, which has visibility and is secure. The code that is created from third-party software or libraries has no visibility, which makes it insecure. APIs are the most vulnerable points of attack, and many users are not aware of their insecurity. This paper reviews API security in cloud applications and discusses details of API vulnerabilities, existing security tools for API security to mitigate API attacks. The author’s study showed that most users are unaware of API insecurity, organizations lack resources and training to educate users about APIs, and organizations depend on the overall security of the network instead of the security of standalone APIs.
41
Kamble, Vaibhav. "Location Based Blood Donor Finding System." International Journal for Research in Applied Science and Engineering Technology 12, no. 6 (2024): 2494–501. http://dx.doi.org/10.22214/ijraset.2024.63514.
Full textAbstract:
Abstract: This research paper delineates the creation and execution of an application based on serverless architecture, aimed at simplifying blood donation by enabling location-based donor searches. The system primarily uses cloud services such as API Gateway, Lambda Functions, and DynamoDB on popular cloud platforms. Google Maps API integration provides a dynamic mapping solution for a better user experience. This application allows a donor and blood bank to register their details including her GPS coordinates, thus providing users with an efficient and real-time way to find a donor nearby. Serverless architecture ensures cost efficiency, scalability, and seamless management of resources. API Gateway and Lambda functions are us ed to create RESTful APIs and facilitate communication between applications and databases. The DynamoDB database is used to store donor information, ensuring data persistence, reliability, and easy retrieval. Users can use the application to search for donors based on their current location and view the results on an interactive map. The system optimizes the blood donation process by calculating and displaying important information such as distance to the donor’s location, direction, and estimated time of arrival.
42
Vamsi Krishna Reddy Munnangi. "Cloud-Native Design Principles for Scalable Enterprise Systems." International Journal of Scientific Research in Computer Science, Engineering and Information Technology 11, no. 2 (2025): 2049–56. https://doi.org/10.32628/cseit23112568.
Full textAbstract:
This article presents a comprehensive overview of cloud-native design principles for enterprise systems, focusing on the fundamental aspects that drive modern digital infrastructure transformation. It addresses the evolution from traditional architectures to cloud-native solutions, highlighting the critical components of microservices, containerization, and API-first development. The discussion encompasses essential patterns for managing stateless and stateful services, distributed data management strategies, and effective API gateway implementations. The article demonstrates how cloud-native architectures enhance system resilience, scalability, and maintainability through real-world implementation examples and performance metrics. The content illustrates the significance of proper service boundary design, state management techniques, and data consistency patterns in building robust enterprise applications. It also examines how API-first development and gateway patterns contribute to improved system integration and operational efficiency. The article also explores the organizational impact of cloud-native adoption, including cultural shifts in development practices and operational procedures. It provides insights into the practical considerations of implementing cloud-native architectures, addressing common challenges and success factors. The discussion extends to emerging trends and best practices in cloud-native computing, offering guidance for organizations embarking on their digital transformation journey.
43
КИРИЧЕНКО, Олександр, та Оксана КИРИЧЕНКО. "КЕШУВАННЯ ДАНИХ У ДОДАТКАХ З ВИКОРИСТАННЯМ БЕЗСЕРВЕРНОЇ АРХІТЕКТУРИ". Information Technology: Computer Science, Software Engineering and Cyber Security, № 2 (31 липня 2024): 42–49. http://dx.doi.org/10.32782/it/2024-2-6.
Full textAbstract:
Час відповіді сучасного вебсервісу є дуже важливою характеристикою, яка має велике значення для задоволення потреб користувачів. Користувачі, які отримують миттєві відповіді від вебсервісу, сприймають його як більш зручний та привабливий для використання. В той самий час, для розробників важливо швидко та ефективно впроваджувати та масштабувати свої додатки з мінімальними витратами на обслуговування та інфраструктуру. Саме тому, широкої популярності набуває використання хмарних технологій для розробки та розгортання різноманітних додатків, а можливість кешувати дані дозволяє значно покращити швидкодію розробленого програмного забезпечення. Метою роботи є розгляд різноманітних наявних опцій кешування даних у хмарному середовищі на прикладі AWS та обґрунтування використання безсерверної архітектури, яка стала новим підходом для розгортання вебсервісів у хмарному середовищі. Методологія проведеного порівняльного аналізу полягає у наведенні основних принципів роботи, особливостей та обмежень для FaaS (функції як сервісу) на AWS, огляді наявних інструментів для реалізації кешування даних, таких яких Amazon ElastiCache for Redis, API Gateway Caching, CloudFront in front of API Gateway. Розглянуто використання простого вебсервісу для отримання розкладу занять у навчальному закладі на вказаний день тижня, який складається з безсерверних компонент таких як Amazon API Gateway, AWS Lambda, Amazon DynamoDB. Здійснено порівняння швидкодії створеного вебсервісу з використанням різних підходів до кешування даних, для чого розгорнуто чотири різних варіанти додатка з використанням зазначених опцій для кешування даних та підготовлено тести для проведення тестування під навантаженням з використанням фреймворку Locust. Наукова новизна отриманих у роботі результатів полягає в формулюванні можливих стратегій реалізації кешування для вебсервісів розгорнутих у хмарному середовищі. Висновки. Застосування кешування даних показало його ефективність для збільшення швидкодії веб-сервісу. В подальшому актуальним є обґрунтування вибору безсерверних компонент для реалізації кешування даних.
44
Gbenle, Toluwase Peter, Abraham Ayodeji Abayomi, Abel Chukwuemeke Uzoka, Jeffrey Chidera Ogeawuchi, Oluwasanmi Segun Adanigbo, and Oyejide Timothy Odofin. "Applying OAuth2 and JWT Protocols in Securing Distributed API Gateways: Best Practices and Case Review." International Journal of Multidisciplinary Research and Growth Evaluation 3, no. 5 (2022): 628–34. https://doi.org/10.54660/.ijmrge.2022.3.5.628-634.
Full textAbstract:
The security of distributed systems, particularly in cloud-based environments and microservices architectures, is paramount as organizations increasingly rely on these systems for scalable and efficient operations. This paper explores the implementation of OAuth2 and JWT (JSON Web Tokens) protocols as fundamental components in securing distributed API gateways. OAuth2 offers a robust framework for authorization by decoupling user authentication from application logic, while JWT provides a lightweight and secure method of transmitting authentication information across services. The paper discusses the core components of OAuth2 and JWT, their roles in API security, and the implementation best practices that ensure secure token management, scalability, and fault tolerance. Case studies from cloud-based systems and microservices architectures illustrate real-world applications, highlighting both successes and challenges encountered during deployment. Key findings indicate that while OAuth2 and JWT significantly improve security, challenges such as token expiration management and service-to-service token validation persist. Finally, the paper identifies areas for future research, particularly in the development of enhanced token revocation mechanisms and the adaptation of OAuth2 and JWT for emerging technologies like serverless architectures. The study underscores the importance of these protocols in the evolving landscape of secure API gateway management and their potential to drive secure, scalable digital transformation.
45
Zhao, Chenchen. "API Common Security Threats and Security Protection Strategies." Frontiers in Computing and Intelligent Systems 10, no. 2 (2024): 29–33. http://dx.doi.org/10.54097/k5djs164.
Full textAbstract:
This study analyzes the core role of APIs in modern digital ecology and the security threats they face, such as information leakage and overstepping access, and explores their security risks for technologies such as RESTful and GraphQL. It proposes to use OAuth/JWT authentication mechanism to strengthen access control, adopt HTTPS/TLS to secure data transmission, and combine with API gateway to defend against DDoS attacks. It also emphasizes the importance of fine-grained privilege management and log auditing. The study provides strategic guidance for improving API security protection and looks forward to the trend of intelligent protection.
46
Hussain, Shaik Jakeer, and Gudapati Ramyasri. "Security Enhancement for Devices using REST-API, Middleware & IoT Gateway." International Journal of Engineering and Advanced Technology 9, no. 1s5 (2019): 20–23. http://dx.doi.org/10.35940/ijeat.a1005.1291s519.
Full textAbstract:
Internet of things plays the major innovative role in the enhancement and optimization of habitual behavior by the collaborative usage of smart objects and smart sensors. One of the major challenges that is being faced is secure interconnection of iot devices, sensors, actuators to the cloud. As most of the IoT devices and cloud usage is done using the third party, it is required to provide IoT security such that the attackers cant disturb the communication path through the devies and also to provide secure data transmission from devices to cloud. This paper mainly displays the use of middleware along with Gateway and REST API Technologies for the secure interface between the devices, sensors and storage applications.
47
Rakesh Sinha, Akash. "Optimizing API Project Efficiency: Agile Configurations, Advanced Design Patterns, and Testing Strategies." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 11 (2024): 1–6. http://dx.doi.org/10.55041/ijsrem16054.
Full textAbstract:
In the rapidly evolving digital era, Application Programming Interfaces (APIs) have emerged as the cornerstone of modern software development, enabling seamless communication and data exchange between disparate systems. Optimizing API project efficiency is paramount for organizations aiming to stay competitive and agile in response to market demands. This paper explores strategies for enhancing API efficiency through agile configurations, advanced design patterns, and comprehensive testing methodologies. We delve into the significance of decoupling configurations to achieve agile adaptability, discuss various API design paradigms like RESTful APIs and GraphQL, and examine their specific use cases and benefits. Additionally, we emphasize the importance of robust testing and security practices, highlighting industry-standard tools and technologies that facilitate these processes. Real-world case studies are presented to illustrate practical implementations, and the tangible improvements achieved. By integrating these advanced strategies, organizations can enhance their API performance, scalability, and maintainability, thereby delivering superior value to users and stakeholders in an increasingly interconnected world. Keywords: API efficiency, agile adaptability, decoupling configurations, RESTful API, GraphQL, API testing, microservices, API gateway, performance optimization, configuration management, API security, authentication, automated testing, real-world case studies
48
Adnyana, I. Ketut Widhi, I. Gede Made Yudi Antara, and Dewa Ayu Putri Wulandari. "Pemanfaatan Application Programming Interface Midtrans dan Raja Ongkir Untuk Membangun Enterprise Application Integration." Jutisi : Jurnal Ilmiah Teknik Informatika dan Sistem Informasi 10, no. 1 (2021): 13. http://dx.doi.org/10.35889/jutisi.v10i1.576.
Full textAbstract:
<p>Abstrak. E-Commerce dapat menghubungkan penjual dan pembeli yang berbeda tempat yang tidak mengharuskan penjual dan pembeli bertemu secara langsung layaknya transaksi tradisional. Masalah yang biasa terjadi pada sisi pemilik yaitu menghitung biaya kirim dan melakukan pengecekan secara manual untuk memastikan barang yang dipesan sudah di bayar. Perlu adanya pengembangan suatu aplikasi e-commerce yang terintegrasi dengan sistem penghitungan biaya kirim dan payment gateway yang dapat mempermudah konsumen untuk mendapatkan informasi tentang produk yang diinginkan, serta dapat melakukan transaksi dari mana saja secara online. Dengan menerapkan Appication Programming Interface (API) Midtrans sebagai payment gateway diharapkan pemilik usaha tidak perlu lagi melakukan pengecekan biaya kirim dan melakukan pengecekan pembayaran secara manual untuk menghitung biaya kirim ke berbagai wilayah di Indonesia. Metode yang digunakan dalam pengembangan aplikasi adalah metode prototyping, sebuah metode yang dikembangkan dengan berkomunikasi kepada client agar aplikasi yang dihasilkan sesuai dengan keinginan client. Hasil uji pencocokan biaya pengiriman dan total biaya yang harus dibayar oleh pelanggan menunjukkan API dari midtrans dapat membantu pelanggan melakukan pembayaran melalui channel yang bekerjasama dengan midtrans. Kata kunci: E-commerce, Appication Programming Interface, Midtrans, Raja Ongkir <br /> <br />Abstract. E-Commerce can connect sellers and buyers from different places that do not require sellers and buyers to meet in person like traditional transactions. The problem that usually occurs on the owner's side is calculating shipping costs and checking manually to make sure the goods ordered have been paid for. It is necessary to develop an e-commerce application that is integrated with a shipping cost calculation system and a payment gateway that can make it easier for consumers to get information about the desired product, and can make transactions from anywhere online. By implementing Midtrans Appication Programming Interface (API) as a payment gateway, it is hoped that business owners will no longer need to check shipping costs and check payments manually to calculate shipping costs to various regions in Indonesia. The method used in application development is the prototype method, a method developed by communicating to the client so that the resulting application is in accordance with the client's wishes. The test results of matching shipping costs and total costs to be paid by customers show that Midtrans API can help customers make payments through channels that work with Midtrans. Keywords: E-commerce, Appication Programming Interface, Midtrans, Raja Ongkir</p>
49
Azizah, Azzukhrufi Jannatul, and I. Gusti Lanang Putra Eka Prismana. "Implementasi WhatsApp Gateway pada Apikasi Manajemen Keuangan Pondok Pesantren Tanwirul Qulub Lamongan." Journal of Informatics and Computer Science (JINACS) 3, no. 04 (2022): 403–10. http://dx.doi.org/10.26740/jinacs.v3n04.p403-410.
Full textAbstract:
Manjemen keuangan merupakan salah satu hal substansi yang berperan penting dalam proses penyelenggaraan pembelajaran di pondok pesantren, termasuk pondok pesantren Tanwirul Qulub Lamongan. Namun, dengan sistem manajemen keuangan yang masih dilakukan secara konvesional menyebabkan permasalahan pada pengelolaan keuangan yaitu pembayaran iuran santri yang tidak disiplin, sehingga perencanaan keuangan untuk kebutuhan menjadi terhambat. Aplikasi manajemen keuangan berbasis website dengan fitur notification reminder menggunakan WhatsApp gateway menjadi solusi untuk membantu bendahara pondok pesantren dalam mengelola keuangan. Aplikasi manajemen keuangan berbasis website pondok pesantren Tanwirul Qulub ini dibangun menggunakan metode Rapid Application Development (RAD), sedangkan proses pengiriman pesan tagihan dengan WhatsApp gateway menggunakan metode broadcast. API WhatsApp Node.js dibangun dengan menggunakan module whatsapp-web.js yang mana di dalamnya terdapat library Puppeteer. Selain itu, juga membutuhkan library socket.io, express-validator, express-upload, axios, qrcode dan http pada proses pembuatannya. Dengan fitur notification reminder menggunakan WhatsApp gateway ini bendahara pondok pesantren dapat mengirimkan pesan tagihan pembayaran santri kepada wali santri melalui WhatsApp.
 Kata Kunci— Aplikasi Manajemen Keuangan, WhatsApp Gateway, Notification Reminder.
50
Burr, Chris, and Ben Couturier. "A gateway between GitLab CI and DIRAC." EPJ Web of Conferences 245 (2020): 05026. http://dx.doi.org/10.1051/epjconf/202024505026.
Full textAbstract:
GitLab’s Continuous Integration has proven to be an efficient tool to manage the lifecycle of experimental software. This has sparked interest in uses that exceed simple unit tests, and therefore require more resources, such as production data configuration and physics data analysis. The default GitLab CI runner software is not appropriate for such tasks, and we show that it is possible to use the GitLab API and modern container orchestration technologies to build a custom CI runner that integrates with DIRAC, the middleware used by the LHCb experiment to run its job on the Worldwide LHC Computing Grid. This system allows for excellent utilisation of computing resources while also providing additional flexibility for defining jobs and providing authentication.