Omejevanje dostopa pri obvladovanju API-jev

With ever growing usage of World Wide Web, number of requests to web APIs is increasing rapidly. DoS attacks and service abuses are becoming easier to execute, and more common every day. Quality of service is becoming more important as competition is rising. To build robust and reliable services, software engineers have to take this into account when designing web APIs, to deliver end users with a pleasant and reliable experience. In this thesis we delve into rate limiting in web API management to deal with those problems on scale. We propose an approach to rate limiting when request weighting is key, and cannot be estimated/calculated upfront. We show how integration of such approach into a real working system can help in achieving high stability and performance improvements, while unlocking some advanced API monetisation opportunities.Strma rast uporabe svetovnega spleta je silovito povečala število spletnih zahtevkov, ki jih morajo procesirati zaledni sistemi. Napadi za zavrnitev storitev in zlorabe le-teh so vse bolj pogosti in enostavni za izvedbo. Kvaliteta in zanesljivost sistemov sta ključnega pomena za ohranjanje konkurenčnosti. Naloga razvijalcev programske opreme je, da z upoštevanjem teh zahtev načrtujejo robustne sisteme, ki bodo uporabnikom omogočili prijetno in zane-sljivo uporabniško izkušnjo. V tej diplomski nalogi raziščemo pristop omejevanja dostopa pri obvladovanju API-jev za reševanje omenjenih problemov. Predlagamo pristop pri katerem je obteževanje spletnih zahtevkov ključnega pomena in ne more biti ocenjeno/izračunano pred procesiranjem zahtevka. Pokažemo kako lahko integracija takšnega pristopa v delujoč sistem občutno izboljša stabilnost in učinkovitost storitev ter odpre možnosti za nove načine trženja API-jev

Rate limiting in API management

With ever growing usage of World Wide Web, number of requests to web APIs is increasing rapidly. DoS attacks and service abuses are becoming easier to execute, and more common every day. Quality of service is becoming more important as competition is rising. To build robust and reliable services, software engineers have to take this into account when designing web APIs, to deliver end users with a pleasant and reliable experience. In this thesis we delve into rate limiting in web API management to deal with those problems on scale. We propose an approach to rate limiting when request weighting is key, and cannot be estimated/calculated upfront. We show how integration of such approach into a real working system can help in achieving high stability and performance improvements, while unlocking some advanced API monetisation opportunities

Rate limiting in API management

With ever growing usage of World Wide Web, number of requests to web APIs is increasing rapidly. DoS attacks and service abuses are becoming easier to execute, and more common every day. Quality of service is becoming more important as competition is rising. To build robust and reliable services, software engineers have to take this into account when designing web APIs, to deliver end users with a pleasant and reliable experience. In this thesis we delve into rate limiting in web API management to deal with those problems on scale. We propose an approach to rate limiting when request weighting is key, and cannot be estimated/calculated upfront. We show how integration of such approach into a real working system can help in achieving high stability and performance improvements, while unlocking some advanced API monetisation opportunities