Methods for analyzing, limiting, and enhancing access to an internet API, web service, and data

US 20080209451A1
Filed: 01/29/2008
Published: 08/28/2008
Est. Priority Date: 01/29/2007
Status: Active Grant

First Claim

Patent Images

1. An application program interface (API) gateway server comprising:

an API source interface for i) sending a request for one or more API elements to an API source, and ii) receiving the one or more API elements from the API source,a processor for controlling the distribution of the one or more API elements based on a distribution rule set, anda developer interface for i) receiving a request for the one or more API elements from a developer client and ii) sending the one or more API elements to the developer client in response to the processor.

View all claims

15 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention includes an API gateway server that monitors and controls the distribution of API elements from API sources to application developers based on a distribution rule set.

152 Citations

26 Claims

1. An application program interface (API) gateway server comprising:
- an API source interface for i) sending a request for one or more API elements to an API source, and ii) receiving the one or more API elements from the API source,a processor for controlling the distribution of the one or more API elements based on a distribution rule set, anda developer interface for i) receiving a request for the one or more API elements from a developer client and ii) sending the one or more API elements to the developer client in response to the processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The server of claim 1, wherein the processor monitors the distribution of the one or more API elements.
  - 3. The server of claim 2, wherein the processor monitors at least one of the number of API requests made by the developer client over a period of time, the identity of the developer client, usage trends by the developer client, and usage trends based on IP address.
  - 4. The server of claim 3, comprising a monitor interface for sending API distribution information to a user interface, the user interface being remote from the gateway server.
  - 5. The server of claim 4, wherein the user interface includes a web browser.
  - 6. The server of claim 1, wherein the API source interface and the developer interface are included in the same network interface unit or in different network interface units.
  - 7. The server of claim 1, wherein controlling includes determining whether the developer client is authorized to access the one or more API elements and, if authorized, allowing the developer interface unit to send the one or more API elements to the developer client or, if not authorized, preventing the developer interface unit from sending the one or more API elements to the developer client.
  - 8. The server of claim 7, wherein determining includes validating an API developer key associated with the request from the developer client.
  - 9. The server of claim 1, wherein the developer client includes a network-based application operating at run-time and the one or more API elements are run-time API elements.
  - 10. The server of claim 1, wherein the request for the one or more API elements from the developer client is substantially the same as the request for the one or more API elements to the API source.

11. A method for controlling web-based application access to one or more application programmer interface elements comprising:
- receiving, at an intermediate server, a request for the one or more API elements from a developer client,sending a request to an API source for one or more API elements,receiving, at the intermediate server, the one or more API elements from the API source,controlling, at the intermediate server, the distribution of the one or more API elements based on a distribution rule set, andsending the one or more API elements to the developer client in response to the controlling.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11 comprising monitoring, at the intermediate server, the distribution of the one or more API elements.
  - 13. The method of claim 12, wherein the monitoring includes monitoring at least one or the number of API requests made by the developer client over a period of time, the identity of the developer client, usage trends by the developer client, and usage trends based on IP address.
  - 14. The method of claim 13 comprising sending API distribution information to a user interface, the user interface being remote from the intermediate server.
  - 15. The method of claim 14, wherein the user interface includes a web browser.
  - 16. The method of claim 11, wherein the sending and receiving are performed by the same network interface unit or by different network interface units.
  - 17. The method of claim 11, wherein controlling includes determining whether the developer client is authorized to access the one or more API elements and, if authorized, allowing the sending of the one or more API elements to the developer client or, if not authorized, preventing the sending of the one or more API elements to the developer client.
  - 18. The method of claim 17, wherein determining includes validating an API developer key associated with the request from the developer client.
  - 19. The method of claim 11, wherein the developer client includes a network-based application operating at run-time and the one or more API elements are run-time API elements.
  - 20. The method of claim 11, wherein the request for the one or more API elements from the developer client is substantially the same as the request for the one or more API elements to the API source.

21. An intermediate server for controlling the exchange of data in a network comprising:
- a transceiver,a processor in communication with the transceiver, anda computer readable medium configured for enabling the processor to i) receive a request for the one or more API elements from a developer client, ii) send a request to an API source for one or more API elements, iii) receive the one or more API elements from the API source, iv) control the distribution of the one or more API elements based on a distribution rule set, and v) send the one or more API elements to the developer client based on the distribution rule set.
- View Dependent Claims (22, 23, 24, 25, 26)
- - 22. The server of claim 21, wherein control includes determining whether the developer client is authorized to access the one or more API elements and, if authorized, allowing the sending of the one or more API elements to the developer client or, if not authorized, preventing the sending of the one or more API elements to the developer client.
  - 23. The server of claim 22, wherein determining includes validating an API developer key associated with the request from the developer client.
  - 24. The server of claim 21, wherein the developer client includes an application operating at run-time and the one or more API elements are run-time API elements.
  - 25. The server of claim 21, wherein the request for the one or more API elements from the developer client is substantially the same as the request for the one or more API elements to the API source.
  - 26. The server of claim 21, wherein the distribution rule set includes rules associated with at least one of a limit on the number of API calls over a select period of time, a limit of API calls for the developer client, a limit of API calls for a select IP address, whether a received identity of the developer client matches a stored identity of the developer client, whether a received API developer key matches a stored API developer key, whether a received developer client password matches a stored developer client password, and whether a cryptographic authentication process has been satisfied by the developer client to validate the developer client'"'"'s identity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cloud Software Group
Original Assignee
Mashery, Inc. (Intel Corporation)
Inventors
Michels, Oren, Loveless, Clay

Granted Patent

US 9,027,039 B2
Time in Patent Office

Days
Field of Search
US Class Current

719/328
CPC Class Codes

G06F 15/16 Combinations of two or more...

G06F 9/54 Interprogram communication

Methods for analyzing, limiting, and enhancing access to an internet API, web service, and data

First Claim

15 Assignments

0 Petitions

Accused Products

Abstract

152 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Methods for analyzing, limiting, and enhancing access to an internet API, web service, and data

First Claim

15 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

152 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links