Tagged articles

AK/SK

6 articles · Page 1 of 1
Top Architect
Top Architect
Oct 5, 2025 · Information Security

Securing Third‑Party APIs: AK/SK Generation, Signature Rules, and Anti‑Replay Strategies

This guide explains how to secure third‑party APIs by generating unique Access Key/Secret Key pairs, designing signature processes with timestamps and nonces, implementing permission division, creating robust API endpoints, and applying best‑practice security measures such as HTTPS, token handling, rate limiting, and idempotency.

AK/SKAPI SecurityAnti-replay
0 likes · 33 min read
Securing Third‑Party APIs: AK/SK Generation, Signature Rules, and Anti‑Replay Strategies
Architect
Architect
Oct 1, 2025 · Information Security

How to Secure Third‑Party APIs with AK/SK, Signatures, Tokens and Anti‑Replay Measures

This article presents a comprehensive guide to designing secure third‑party APIs, covering the generation and management of Access Key/Secret Key pairs, signature creation, timestamp and nonce anti‑replay techniques, token handling, request throttling, IP whitelisting, idempotency, versioning, response standards, and practical code examples in Java and SQL.

AK/SKAPI SecurityToken
0 likes · 32 min read
How to Secure Third‑Party APIs with AK/SK, Signatures, Tokens and Anti‑Replay Measures
Top Architect
Top Architect
Jan 22, 2025 · Information Security

Designing Secure Third‑Party API Authentication with AK/SK, Signatures and Token Management

This article presents a comprehensive design for securing third‑party API calls by generating unique Access Key/Secret Key pairs, defining permission granularity, implementing signature generation with timestamps and nonces, handling token lifecycle, and providing concrete Java and SQL code examples for practical deployment.

AK/SKAPI SecurityJava
0 likes · 31 min read
Designing Secure Third‑Party API Authentication with AK/SK, Signatures and Token Management
Top Architect
Top Architect
Dec 6, 2024 · Information Security

Design and Implementation of Secure Third‑Party API Authentication Using AK/SK, Signatures, and Tokens

This article presents a comprehensive design for securing third‑party APIs, covering permission segmentation, AK/SK generation, signature workflow and rules, anti‑replay mechanisms, token handling, detailed API endpoint specifications, and best‑practice security measures with illustrative Java code examples.

AK/SKAPI SecurityToken
0 likes · 32 min read
Design and Implementation of Secure Third‑Party API Authentication Using AK/SK, Signatures, and Tokens
Programmer XiaoFu
Programmer XiaoFu
Dec 4, 2024 · Information Security

Designing Elegant and Secure Third‑Party APIs: Key Practices and Pitfalls

The article presents a comprehensive design for third‑party APIs that protects against data tampering, replay attacks, and unauthorized access by using AK/SK key pairs, timestamp and nonce signatures, TLS encryption, fine‑grained permission models, rate limiting, idempotency handling, versioning, standardized response formats, and detailed implementation examples in Java.

AK/SKAPI SecurityREST API
0 likes · 32 min read
Designing Elegant and Secure Third‑Party APIs: Key Practices and Pitfalls
MaGe Linux Operations
MaGe Linux Operations
Aug 4, 2023 · Information Security

How to Detect and Exploit Cloud Access Key (AK/SK) Leaks

This article explains why cloud platforms rely on access keys, describes common scenarios where AK/SK credentials are exposed, provides practical examples such as heapdump and JavaScript leaks, and shows how attackers can hijack storage buckets or execute commands on compromised cloud hosts.

AK/SKVulnerability Exploitationaccess key leakage
0 likes · 7 min read
How to Detect and Exploit Cloud Access Key (AK/SK) Leaks