This is the eighth part of ProgrammableWeb’s series on Understanding the Realities of API Security based on testimony by ProgrammableWeb’s editor-in-chief David Berlind to the ONC’s API Security and Privacy Task Force. This part looks at how to mitigate the security risks associated with APIs.
The promise of sharing our data from one site with another raises plenty of privacy concerns. While not all of these worries can be solved by technology, one definitely can. You should not have to share your password in order for services to access your content on other sites. That's where OAuth comes in. It's "an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications."
Question: How did a company that is essentially an API raise $8.2 million? Answer: by smartly targeting a fat market (identity access management in the cloud) that has great need, according to the press release,