Apps, APIs, and the End of the Internet
"That's a great web app you built, but does it have an API?" APIs have become an essential part of modern web applications. They let us connect applications, automate actions, combine information, and repurpose tools to meet our needs. APIs seem a natural outgrowth of the fundamental openness of the Internet, but they have a darker side. Site-specific APIs give the illusion of openness while locking users and software into a specific site. Many sites from Twitter to Netflix to Google are pulling what feels like a bait-and-switch with their APIs, leaving developers and users hanging with apps and mashups that no longer work. We can send email from anywhere to anywhere, but we can only tweet through twitter.com. Twitter controls what we can do via their API, and Twitter can change it at any time. Our email clients work with any email account. Our web browsers work with any web site. Why are web apps different? In this semi-technical session, Faulkner will examine why the world of APIs is shifting. He'll talk about the differences between APIs and their more flexible cousin, protocols, and why we might use one over the other. Finally, Faulkner will look at the risks that web developers take when we rely too much on third-party APIs. The World Wide Web of today was crafted decades ago by thoughtful developers who chose a protocol over an API. We face choices today that will shape the web for decades to come.
Chief Information Security Officer, University of Arkansas
Don Faulkner is CISO at the University of Arkansas where he is challenged daily to find elegant solutions to interesting problems ranging from identity and access management to cloud security to policy development. Before coming to higher education, he worked as a professional security consulting for over 15 years, with many clients in the Fortune 500 and the public sector. A proponent of open systems, he's interested in emerging technologies dealing with how information flows between people and computers, and how individuals stay in control. Faulkner holds a B.S. in Computer Engineering from the University of Arkansas and a CISSP certification.