OWASP O2 Platform Blog

The need of supporting REST Services on top of OWASP O2 Platform

I have been talking to Dinis Cruz   about the importance of supporting REST Services on top of OWASP O2 Platform. Web Services, now a days, are a strong platform in software engineering and looking at the future, it is going to be even stronger than now.

But, what is REST and why should we embrace it?

REST stands for Representational State Transfer, a term coined by Roy Thomas Fielding  in 2000 as a part of his dissertation. So as you can see this is not a new topic, but I would say it has been  broadly embraced during the last years by the industry. REST is not an architecture, but it is an architectural style to build services on top of the Web, it is basically a set of constraints based on the core principles of the WEB. REST uses all the strengths of the WEB that have made it the most distributable and interoperable system.

Web Services are not a new topic, people (even those outside of the computing world) have been using this word to refer themselves to interoperability and accessibility, specifically in business, where this topic as been adopted as a platform to provide information around the world.

But we are always looking for a better approach,  a best way to provide solutions, with low-cost and with reasonable responses times to the end-user and of course we are also concerned about security

Interoperatibility, Scalability , Performance and Security :A combination of topics that we would like to achieve.

REST Services  take advantage of the WEB , using the principles defined to make it the most  distributed system, rather than focus on actions (like SOAP), it uses all the HTTP verbs to interact with resources  and it does not relay only in HTTP POST. The need of creating more scalable  services is a challenge everyday, specifically because we are moving to the mobile world and we have some limitations that force us to use a better approach to improve the user experience.

But we are not just concern about performance, we are also concerned about security. If you are thinking why a person would attack a web services, then I would say that due to the interoperability and the data exchange performed in Web Services, the attacker would expect to find any way to get into the back-end system or steal any kind of information.  Having said that, we would like a mechanism  add value with O2 Platform into the REST world.

How could we integrate REST Services on top of O2 Platform?

I’m happy to say that we are currently supporting OData Services in O2 Platform . OData is short for The Open Data Protocol and is consistent with the way the Web works.  Dinis  added support for OData in O2. This is an important step because we are able to work not only with SOAP based Web Services but also with REST Services which increase all our coverage in the Web Services world.

The  next steps would be to write use cases and probably some automation work and  Unit Testings that increases the support of REST in  O2 Platform.

May 12, 2012 - Posted by | Uncategorized | , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: