Search Mailing List Archives
[bioontology-support] API Security
Lore, Michelle H
lore at illinois.edu
Mon Feb 8 06:35:56 PST 2021
Thank you, John! I appreciate your response.
From: John Graybeal <jgraybeal at stanford.edu>
Sent: Friday, February 5, 2021 9:39 PM
To: Lore, Michelle H <lore at illinois.edu>
Cc: support at bioontology.org
Subject: Re: [bioontology-support] API Security
I'm sorry, but despite some awareness of security concerns, I'm not familiar with the precise meaning of the term "API security". The top few references on the web indicate it is a bit of an abstract concept, e.g., "the application of any security best practice applied to web APIs."
So that doesn't help you too much, but I can give you a few pieces of information you can pass along to your campus security. We use REST API services with per-user API keys, TLS encryption (https) and rate limits. (There are some public services that do not require API keys.) We do not additionally encrypt our message packets, since the TLS encryption provides encryption for them (and also enforces appropriately secure signatures on the transaction).
I hope that is enough information for you and them. We are used by upwards of 75 university and similar installations, and we have not had concerns expressed or security questions asked (to my knowledge), so I hope but can not promise that is some indication of the suitability of our security for this heavily accessed research system.
On Feb 5, 2021, at 2:55 PM, Lore, Michelle H <lore at illinois.edu<mailto:lore at illinois.edu>> wrote:
I’m a REDCap administrator at University of Illinois at Urbana-Champaign. We’re looking to enable the biomedical ontology auto-suggest functionality that REDCap provides, and our campus security is requesting information about the API security of the BioPortal API. I looked on the API documentation page and throughout the NCBO website and could not find anything explicitly about API security. Any additional information you can provide is appreciated.
Michelle Lore, MS (she/her)
REDCap Application Specialist
Interdisciplinary Health Sciences Institute
University of Illinois | Urbana-Champaign
901 W. University Avenue, Suite 201 | MC-261 | Urbana, IL 61801
Phone: (217) 244-9666 | Email: lore at illinois.edu<mailto:lore at illinois.edu>
bioontology-support mailing list
bioontology-support at lists.stanford.edu<mailto:bioontology-support at lists.stanford.edu>
Technical Program Manager
Center for Expanded Data Annotation and Retrieval /+/ NCBO BioPortal
Stanford Center for Biomedical Informatics Research
650-736-1632 | ORCID 0000-0001-6875-5360
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bioontology-support