BestHub
Sign in
Tagged articles
5 articles
Page 1 of 1
Top Architect
Top Architect
Oct 5, 2025 · Information Security

Securing Third‑Party APIs: AK/SK Generation, Signature Rules, and Anti‑Replay Strategies

This guide explains how to secure third‑party APIs by generating unique Access Key/Secret Key pairs, designing signature processes with timestamps and nonces, implementing permission division, creating robust API endpoints, and applying best‑practice security measures such as HTTPS, token handling, rate limiting, and idempotency.

AK/SKAPI SecurityAnti-replay
0 likes · 33 min read
Securing Third‑Party APIs: AK/SK Generation, Signature Rules, and Anti‑Replay Strategies
Architect
Architect
Oct 1, 2025 · Information Security

How to Secure Third‑Party APIs with AK/SK, Signatures, Tokens and Anti‑Replay Measures

This article presents a comprehensive guide to designing secure third‑party APIs, covering the generation and management of Access Key/Secret Key pairs, signature creation, timestamp and nonce anti‑replay techniques, token handling, request throttling, IP whitelisting, idempotency, versioning, response standards, and practical code examples in Java and SQL.

AK/SKAPI SecurityAuthentication
0 likes · 32 min read
How to Secure Third‑Party APIs with AK/SK, Signatures, Tokens and Anti‑Replay Measures
Top Architect
Top Architect
Jan 22, 2025 · Information Security

Designing Secure Third‑Party API Authentication with AK/SK, Signatures and Token Management

This article presents a comprehensive design for securing third‑party API calls by generating unique Access Key/Secret Key pairs, defining permission granularity, implementing signature generation with timestamps and nonces, handling token lifecycle, and providing concrete Java and SQL code examples for practical deployment.

AK/SKAPI SecurityAuthentication
0 likes · 31 min read
Designing Secure Third‑Party API Authentication with AK/SK, Signatures and Token Management
Top Architect
Top Architect
Dec 6, 2024 · Information Security

Design and Implementation of Secure Third‑Party API Authentication Using AK/SK, Signatures, and Tokens

This article presents a comprehensive design for securing third‑party APIs, covering permission segmentation, AK/SK generation, signature workflow and rules, anti‑replay mechanisms, token handling, detailed API endpoint specifications, and best‑practice security measures with illustrative Java code examples.

AK/SKAPI SecurityAuthentication
0 likes · 32 min read
Design and Implementation of Secure Third‑Party API Authentication Using AK/SK, Signatures, and Tokens
MaGe Linux Operations
MaGe Linux Operations
Aug 4, 2023 · Information Security

How to Detect and Exploit Cloud Access Key (AK/SK) Leaks

This article explains why cloud platforms rely on access keys, describes common scenarios where AK/SK credentials are exposed, provides practical examples such as heapdump and JavaScript leaks, and shows how attackers can hijack storage buckets or execute commands on compromised cloud hosts.

AK/SKaccess key leakagecloud security
0 likes · 7 min read
How to Detect and Exploit Cloud Access Key (AK/SK) Leaks