BB-23: Secure service gateway
(
)
Protects APIs against common attacks, and evaluations (coarse-grained) authorization policies
ID
BB-23
Latest Sync Date
12/12/25 17:52:02
Status
Proposed
Overview
[WIP] 2. API inbound security pattern [Control Realization] - improvement proposal
BB-23: Secure service gateway
AC-4: Information Flow Enforcement
BB-23: Secure service gateway
SI-3: Malicious Code Protection
BB-23: Secure service gateway
SI-10: Information Input Validation
BB-23: Secure service gateway
AC-3: Access Enforcement
BB-23: Secure service gateway
CM-7: Least Functionality
BB-23: Secure service gateway
API endpoint
BB-23: Secure service gateway
BB-03: Identity provider service
NORA-2: DMZ (Demilitarized Zone)
BB-23: Secure service gateway
BB-13: Security information and event management service
BB-23: Secure service gateway
BB-17: Web application firewall service
BB-23: Secure service gateway