Archibus Hosting Services (AHS) fully supports the official REST-APIs provided by Eptura in current Archibus versions. Specifically, our hosting architecture is already designed to provide secure infrastructure for this type of solution.
However, we have an additional option that provides the highest levels of security for connecting systems: BRUCE Platform.
AHS provides a secure infrastructure for the Archibus REST-APIs
In our current architecture for hosting Archibus, every project has its own separated, isolated, protected, and secured hosting layers: Integration, Application, and Back-End (Database).
Moreover, we have offered a REST-API to interact with Archibus instances or projects hosted by AHS as an option in our price list since 2007. In fact it can be found in our Customer Portal (requires signing in with your ASC-HS account) under HOSTING – Integration & Security (Cloud Ecosystem) and the item’s concept is Gateway with third party Web Services.
Current procedure:
- We charge the additional infrastructure required to isolate the API from the Application Server and secure access to the Archibus application by keeping them separated (API & Application) from outside Internet access.
- Previously, we offered solutions (REST-APIs) made by us in collaboration with other Archibus Business Partners, for older versions. Thereafter, our process became standardised with the release of official Archibus APIs in 2020.
For new prospects:
- We do it as always. Also, for current versions, you will also need to check the option Gateway with third party Web Services when you make your quotation/order with us.
- However, the REST-API still requires specific separated resources for security to permit secure access to Archibus Enterprise SaaS (AHS hosted version of Archibus Enterprise), like SSL, additional Bandwidth, and optionally SSO (Single Sign-On).
In addition, we have an elegant solution that provides the highest levels of security for connecting systems.
Why BRUCE Platform when we have an official REST-API?
REST-API is an API ready to work with specific protocols optimized for Internet access. A REST-API is like a Cloud-ready API.
A REST-API is in essence “a door with a lock” to access (extract) or provide (upload) data from external sources; markedly for other systems. REST-API just enables the connection with/from other external systems, which can also be in the Cloud. But, the REST-API is not the connection by itself, and it does not have full control over the connection. It is just enabling or disabling access.
Connections with REST-APIs
The rules of APIs are open and similar for every system / external access.
The connection “API to API” or “user/system to API” that is created by a web-service http or https protocols:
- a) It is not fully secured – the connection can be compromised and decrypted
- b) The information packages are not standardized or orchestrated regarding what type of information can be exchanged and who can access it. Furthermore, anybody who has access credentials to the API can request information openly just based on the API’s syntax. Moreover, the data packages’ origin-destination can’t be traced, and even worse – the requestor cannot be accurately identified.
The case of a bad agent
- Your connection might be compromised and your information stolen
- Exchanged information might be manipulated
- You might never know that your have fallen victim of a cybercrime
- If you do find out the bad agent can never be traced
Making fully controlled connections with BRUCE Platform
REST-API enables the connection, BRUCE Platform creates and controls the connection.
Accordingly, there is no way for a bad agent to act because the connection is secured, immutable & accurate end to end.
Connecting systems with Bruce Platform
Secured
- BRUCE Platform establishes connections between BRUCE Platform’s gateways forming an immutable shield over the end to end connection.
- The Certification Authority (CA) embedded in the BRUCE Gateway accurately identifies the sender and requestor.
- Blockchain hashing provides timestamps and a universal identification for the transaction, making it secured on the public Internet.
Standardized
- BRUCE Platform has predefined Data-Sets and Services that encapsulate the necessary data for every requested Service or Data-Exchange.
Orchestrated
- The Platform’s transactions (connections) are driven by Smart Contracts. Consequently, every Smart-Contract defines the parties, the element (asset, work, etc.) and the Service (scope of the contract).
- BRUCE Platform does not retain data or information, but just the tokens that timestamp and determine the transactions done by parties, and which regulation (Smart-Contract) was used.
Indeed, the connection is much more secure and flexible than a VPN.
A REST-API and BRUCE Platform are different things. Both are synergic and combined they make the most accurate, secured and efficient way to exchange data between related systems in the Built Environment Management.
We have been part of Archibus family since 2000. AHS has provided the Archibus Enterprise Cloud since 2007. Consequently, we have more than twenty years of experience and successful provision of our Archibus Enterprise SaaS or ARCHIBUS Enterprise Cloud. Accordingly, we put all this knowledge and experience together to provide the most accurate and reliable Hosting Service for Archibus in the Cloud.
If you have any questions
Contact us at contact@asc-hs.com