Enterprise API Security and GDPR Compliance: Design and Implementation Perspective

Fatima Hussain, Rasheed Hussain, Brett Noye, Salah Sharieh

Research output: Contribution to journalReview article (Academic Journal)peer-review

14 Citations (Scopus)
94 Downloads (Pure)


With the advancements in enterprise-level business development, the demand for new applications and services is overwhelming. For the development and delivery of such applications and services, enterprise businesses rely on Application Programming Interfaces (APIs). APIs provide interface to enable the communication among different applications. In essence, API is a double-edged sword; on one hand, API helps in expanding the business through sharing value and utility, but on the other hand, it raises security and privacy issues. Since the applications usually use APIs to retrieve important and critical data, it is extremely important to make sure that effective access control and security mechanisms are in place so that the data do not fall into wrong hands. In this context, in this article, we discuss the current state of the enterprise API security and the role of Machine Learning (ML) in an API security. We also discuss the General Data Protection Regulation (GDPR) Compliance and its effect on the API security.

Original languageEnglish
Article number9194432
Pages (from-to)81-89
Number of pages9
JournalIT Professional
Issue number5
Publication statusPublished - 10 Sept 2020

Bibliographical note

Publisher Copyright:
© 1999-2012 IEEE.


  • cs.CR
  • cs.NI


Dive into the research topics of 'Enterprise API Security and GDPR Compliance: Design and Implementation Perspective'. Together they form a unique fingerprint.

Cite this