ASC-Hosting Services (ASC-HS) fully supports the official REST-API provided by Archibus-Serraview in Archibus v25. Our hosting architecture is already designed to provide secure infrastructure for this type of solution.
However, we have an additional option that provides the highest levels of security for connecting systems: BRUCE Platform.
ASC-HS provides a secure infrastructure for the new v25 REST-API
In our current architecture for hosting ARCHIBUS, every project has its own separated, isolated, protected, and secured hosting layers: Integration, Application, and Back-End (Database).
Since 2017, we have been offering a REST-API to interact with ARCHIBUS instances or projects hosted by ASC-HS as an option in our price list. It can be found in our Customer Portal (requires signing in with your ASC-HS account) under HOSTING – Integration & Security (Cloud Ecosystem) and the item’s concept is Gateway with third party Web Services.
- We charge the additional infrastructure required to isolate the API from the Application Server and secure access to the ARCHIBUS application by keeping them separated (API & Application) from outside Internet access.
- For older versions than v25, we have been offering solutions (REST-APIs) made by us in collaboration with other ARCHIBUS Business Partners. We are really excited to have an official version with v25.
For new prospects:
- We do it as always. In the case of v25, you will also need to check the option Gateway with third party Web Services when you make your quotation/order with us.
- The REST-API still requires specific separated resources for security to permit secure access to ARCHIBUS On-Demand (ASC-HS hosted version of ARCHIBUS Enterprise), like SSL, additional Bandwidth, and optionally SSO (Single Sign-On).
However, we have an additional option that provides the highest levels of security for connecting systems.
Why BRUCE Platform when we have an official REST-API?
REST-API is an API ready to work with specific protocols optimized for Internet access. A REST-API is like a Cloud-ready API.
A REST-API is in essence “a door with a lock” to access (extract) or provide (upload) data from external sources. Mostly other systems. REST-API just enables the connection with/from other external systems, which can also be in the Cloud. But the REST-API is not the connection by itself, and it does not have full control over the connection. It is just enabling or disabling access.
Connections with REST-APIs
The rules of APIs are open and similar for every system / external access.
The connection “API to API” or “user/system to API” that is created by a web-service http or https protocols:
- a) It is not fully secured – the connection can be compromised and decrypted
- b) The information packages are not standardized or orchestrated regarding what type of information can be exchanged and who can access it. Anybody who has access credentials to the API can request information openly just based on the API’s syntax. The data packages’ origin-destination can’t be traced, and even worse – the requestor cannot be accurately identified.
The case of a bad agent
- Your connection might be compromised and your information stolen
- Exchanged information might be manipulated
- You might never know that your have fallen victim of a cybercrime
- If you do find out the bad agent can never be traced
Making fully controlled connections with BRUCE Platform
REST-API enables the connection, BRUCE Platform creates and controls the connection.
There is no way for a bad agent to act because the connection is secured, immutable & accurate end to end.
Connecting systems with Bruce Platform
- BRUCE Platform establishes connections between BRUCE Platform’s gateways forming an immutable shield over the end to end connection.
- The Certification Authority (CA) embedded in the BRUCE Gateway accurately identifies the sender and requestor.
- Blockchain hashing provides timestamps and a universal identification for the transaction, making it secured on the public Internet.
- BRUCE Platform has predefined Data-Sets and Services that encapsulate the necessary data for every requested Service or Data-Exchange.
- BRUCE Platform’s transactions (connections) are driven by Smart Contracts. Every Smart-Contract defines the parties, the element (asset, work, etc.) and the Service (scope of the contract).
- BRUCE Platform does not retain data or information, but just the tokens that timestamp and determine the transactions done by parties, and which regulation (Smart-Contract) was used.
The connection is much more secure and flexible than a VPN.
A REST-API and BRUCE Platform are different things. Both are synergic and combined they make the most accurate, secured and efficient way to exchange data between related systems in the Built Environment Management.
We are part of ARCHIBUS family since 2000. We are the ARCHIBUS Cloud since 2007. We have more than twenty years of experience and successful provision of our ARCHIBUS On Demand or ARCHIBUS Enterprise Cloud. Now we put all this knowledge and experience together to provide the most accurate and reliable Hosting Service for ARCHIBUS in the Cloud.