In applications where security is a concern, measures should be taken to safeguard the authentication credentials. The simplest, and most basic, measure is to use encrypted SSL connections to prevent disclosure of authentication information to attackers who can observe the network traffic. Failure to take this very simple precaution will largely invalidate any other attempts at maintaining security.
Note: Unlike Ground Traffic Control, the API does not force SSL connections. It is up to the implementor to specify a secure connection.
Developers should take care that their client SSL implementation is robust, use the highest grade of encryption practical and validate the HTTP server’s certificate.
Proxies, web caching systems, or ‘web accelerators’ between the client and API server may store information including authentication material. This may be more likely in situations where the authentication credentials are included in the request URL such as 1 and 2 above. This can be avoided by using a secure, encrypted connection from the client all the way to the server.
The client application itself should be designed and implemented in a secure manner. Any automated applications will need to store it’s authentication credentials securely. If external software components are used in the implementation, they need to have their security examined. Care should be taken that HTTP engines do not cache or log requests. Finally basic user security measures should be applied. The user that the API client application uses should only have those permissions it needs assigned to it.
Multiple applications, or the same application used from multiple locations, should have different users if practical.
Choose passwords wisely and update them often. Update passwords immediately if it is suspected that they may have been compromised.
If practical, impose address restrictions on the API user(s). Logins may be restricted to one or more IP addresses or networks.