Open Caching API Security
Working Group:
In Collaboration With:
Project Status:
Working
The project is actively being worked on.
Start:
Target End:
Problem Statement
Project Description
Project Type
Project Leads
Advisors
There are no SMEs associated with this project.
Draft Documents
(DRAFT) SVTA2074: Open Caching API Security
Machine-to-machine communication between different systems and roles in an Open Caching architecture requires the use of multiple APIs to facilitate the provisioning of services, the sharing of critical information or content management, and other functions.
These activities are typically based on relationships that are associated with contractual agreements and are not publicly available. Thus, Service Level Agreements (SLAs) are applied to ensure the continuous operation of all systems, and only authorized entities have the capability to use the APIs.
The document provides guidelines for using a security framework that permits the components of an Open Caching system to interoperate securely and consistently, ensuring that only authenticated and authorized entities can access the OC APIs.
Goals and Objectives
- Completion of the Open Caching API Security document for publication
Project Scope
- Security recommendations for the general use of the Open Caching APIs
- Specification of one or more Security Profiles for secure communication between Open Caching Controllers using the OC APIs. This includes gathering already defined state-of-the-art mechanisms including transport protocols, methods for issuing tokens and their types, which are recommended for use.
- Enforcement of Security mechanisms beyond the scope defined in the Open Caching Architecture document
- Specification of new mechanisms for issuing tokens, or the token itself
Contributors
The following members have contributed to this project. Click on their name to visit their profile. If they have not published their profile, the link will redirect to their LinkedIn profile.
