API

API
	academic discipline (en) , field of study (en) da field of study (en)
Bayanai
Ƙaramin ɓangare na	computer interface (en) , computing platform (en) da communication protocol (en)
Amfani	encapsulation (en)
Facet of (en)	computer science (en) da Injiniyan software
Name (en)	Application Programming Interface
Gajeren suna	API
Filin aiki	computer science (en) , computer programming (en) da software development (en)
Amfani wajen	Furogirama

A cikin aikace-aikacen gini, API yana sauƙaƙa shirye-shirye ta hanyar cire ainihin aiwatarwa da kuma fallasa abubuwa ko ayyukan da mai haɓakawa ke buƙata. Duk da yake ƙirar hoto don Abokin ciniki na imel na iya samar da mai amfani da maɓallin da ke aiwatar da duk matakai don ɗaukarwa da kuma haskaka sabbin imel, API don shigar da fayil / fitarwa na iya ba mai haɓakawa aiki da ke kwafin fayil daga wuri ɗaya zuwa wani ba tare da buƙatar mai haɓakawa ya fahimci ayyukan tsarin fayil ɗin da ke faruwa a bayan al'amuran ba.

^[1]

Ya bambanta da mai amfani, wanda ke haɗa kwamfuta zuwa mutum, aikace-aikacen shirye-shiryen aikace-aikace yana haɗa kwamfutoci ko ɓangarorin software zuwa juna. Ba a yi niyyar amfani da shi kai tsaye ta mutum (mai amfani na ƙarshe) ban da mai tsara shirye-shiryen kwamfuta wanda ke haɗa shi cikin software. API sau da yawa ya ƙunshi sassa daban-daban waɗanda ke aiki a matsayin kayan aiki ko ayyuka waɗanda ke samuwa ga mai tsarawa. Shirin ko mai tsara shirye-shiryen da ke amfani da ɗayan waɗannan ɓangarorin ana cewa yana kira wannan ɓangaren API. Kira da ke cikin API an kuma san su da subroutines, hanyoyi, buƙatun, ko ƙayyadaddun bayanai. Bayani na API ya bayyana waɗannan kira, ma'ana cewa yana bayyana yadda za a yi amfani da su ko aiwatarwa.

Akwai APIs don harsunan shirye-shirye, ɗakunan karatu na software, tsarin aiki na kwamfuta, da kayan aikin kwamfuta. APIs sun samo asali ne a cikin shekarun 1940, kodayake kalmar ba ta fito ba har zuwa shekarun 1960 da 1970. Amfani da kalmar API na zamani sau da yawa yana nufin API na yanar gizo, wanda ke ba da damar sadarwa tsakanin kwamfutocin da Intanet ta shiga. Abubuwan da suka faru a baya-bayan nan a cikin APIs sun haifar da hauhawar shahararren microservices, waɗanda ke da sabis da ba a haɗa su ba ta hanyar APIs na jama'a. ^[2] ^[3]

Ya kamata a canza APIs. Akwai dabarun fassara guda biyu:

^[4]

Ƙarin dabarun canji: ana ƙara sabbin fasalulluka ba tare da canza waɗanda ke akwai ba. Duk wani sabuntawa dole ne ya dace da baya. Wannan dabarar ta dace da ƙananan ayyukan da ke da ƙarancin canji.

Shirye-shiryen fassarar bayyane: wannan dabarar tana ba da damar yin duk wani canji ciki har da karya canje-canje. Wannan dabarar ta dace da aikace-aikace masu rikitarwa da canje-canje masu rikitarwe

Manufar

A cikin aikace-aikacen gini, API yana sauƙaƙa shirye-shirye ta hanyar cire ainihin aiwatarwa da kuma fallasa abubuwa ko ayyukan da mai haɓakawa ke buƙata. Duk da yake ƙirar hoto don Abokin ciniki na imel na iya samar da mai amfani da maɓallin da ke aiwatar da duk matakai don ɗaukarwa da kuma haskaka sabbin imel, API don shigar da fayil / fitarwa na iya ba mai haɓakawa aiki da ke kwafin fayil daga wuri ɗaya zuwa wani ba tare da buƙatar mai haɓakawa ya fahimci ayyukan tsarin fayil ɗin da ke faruwa a bayan al'amuran ba. ^[5]

Tarihin

Kalmar API da farko ta bayyana dubawa ne kawai don shirye-shiryen mai amfani na ƙarshe, wanda aka sani da shirye-shirye na aikace-aikace. Wannan asalin har yanzu yana nunawa a cikin sunan "tsarin shirye-shiryen aikace-aikace. " A yau, kalmar ta fi girma, gami da software mai amfani har ma da kayan aiki kayan aiki. ^[6]

Tsaron API da Barazanar Da Ke Fadada

A cikin shekarun nan, Application Programming Interfaces (APIs) sun zama muhimman bangare na tsarin dijital na zamani, suna ba da damar sadarwa mara tangarda tsakanin aikace-aikace.^[7] Duk da haka, yayin da APIs ke samun shahara, haka nan suke zama manyan wuraren kai hare-haren yanar gizo.

Sauyawar Yanayin Barazanar API

A da, tsaron API ya fi mayar da hankali ne kan hana hare-haren da aka saka a ciki, kamar SQL injection (SQLi), cross-site scripting (XSS), da kauce wa tantancewar shiga.^[8] Waɗannan hare-haren na amfani da raunuka na fasaha kuma ana dakile su ta amfani da garkuwar yanar gizo (WAFs) da API gateways.^[9]

Duk da haka, masu hare-hare sun sauya hanyoyinsu, lamarin da ya haifar da fitowar Business Logic Attacks (BLAs).^[10] Sabanin hare-haren da aka saka, BLAs suna amfani da ainihin ayyukan API ne don samun izinin shiga ba bisa ka’ida ba ko kuma don samun riba ta kudi.

Nau’ikan Hare-Haren API

Hare-Haren da Aka Saka: Hare-hare da ke amfani da raunukan fasaha da aka sani, wanda ake iya ganowa da kayan aikin tsaro na gargajiya.
Business Logic Attacks (BLAs): Hare-haren da ke amfani da kurakurai a cikin tsarin aiki na API, wanda yawanci ke kauce wa tsaro na gargajiya.

Misalan Business Logic Attacks

Canza Farashi: Sauya sigogin API don amfani da kurakurai a cikin tsarin farashi.
Kauce wa Iyakar Yawan Bukatu: Samun manyan bayanai ta hanyar kauce wa iyakokin API.
Ma’amaloli na Bogi: Amfani da hanyoyin tantancewa don samun damar da ba bisa ka’ida ba.

Dabarun Tsaron API

Don dakile barazanar tsaron API, kungiyoyi suna aiwatar da matakan tsaro na zamani, ciki har da:

Bayyananniyar API – Gano da sa ido kan dukkan APIs, har da waɗanda ba a tantance su ba.
Nazarin Halayya – Amfani da sa-ido mai amfani da AI don gano abubuwan da ba su dace ba a amfani da API.
Taswirar Tsarin Kasuwanci – Gano raunuka a cikin hanyoyin aiki na API.
Hana Barazana a Lokaci Na Gaskiya – Dakile hare-haren API a cikin lokaci na ainihi.
Hada Tsaro – Haɗa tsaron API da sarrafa bots da kariya daga DDoS.

Yayin da APIs ke ci gaba da haɓaka, dabarun tsaro dole ne su canza daga kariyar tsaye zuwa kariya mai amfani da nazarin halayya don tunkarar barazanar da ke kara inganci.

Manazarta

↑ [edit source] ^ Reddy, Martin (2011). API Design for C++. Elsevier Science. p. 1. ISBN 9780123850041. Archived from the original on 2023-04-15. Retrieved 2023-03-21.
↑ Lane, Kin (October 10, 2019). "Intro to APIs: History of APIs". Postman. Archived from the original on September 11, 2020. Retrieved September 18, 2020. When you hear the acronym "API" or its expanded version "Application Programming Interface", it is almost always in reference to our modern approach, in that we use HTTP to provide access to machine readable data in a JSON or XML format, often simply referred to as "web APIs." APIs have been around almost as long as computing, but modern web APIs began taking shape in the early 2000s.
↑ Wood, Laura (2021-08-25). "Global Cloud Microservices Market (2021 to 2026)". businesswire.com. Archived from the original on 2022-04-08. Retrieved 2022-03-29.
↑ Designing Web APIs Building APIs That Developers Love. O'Reilly Media. 2018. ISBN 9781492026877.
↑ Clarke, Steven (2004). "Measuring API Usability". Dr. Dobb's. Archived from the original on 3 March 2022. Retrieved 29 July 2016.
↑ Bloch, Joshua (August 8, 2018). A Brief, Opinionated History of the API (Speech). QCon. San Francisco: InfoQ. Archived from the original on September 22, 2020. Retrieved September 18, 2020
↑ "Protecting APIs in the Age of Business Logic Attacks". www.radware.com. Retrieved 2025-03-01.
↑ "The Silent API Threat: How Business Logic Attacks Are Changing Cybersecurity – Zero Defend Security" (in Turanci). 2025-03-01. Retrieved 2025-03-01.
↑ Marić, Nedim (2022-04-04). "What Is API security? The Complete Guide" (in Turanci). Retrieved 2025-03-01.
↑ Richardson, Luke (2023-06-23). "Business Logic Attacks: Why Should You Care? | Understanding Business Logic Attacks & Their Impact | Imperva". Blog (in Turanci). Retrieved 2025-03-01.

[1] [edit source] ^ Reddy, Martin (2011). API Design for C++. Elsevier Science. p. 1. ISBN 9780123850041. Archived from the original on 2023-04-15. Retrieved 2023-03-21.

[2] Lane, Kin (October 10, 2019). "Intro to APIs: History of APIs". Postman. Archived from the original on September 11, 2020. Retrieved September 18, 2020. When you hear the acronym "API" or its expanded version "Application Programming Interface", it is almost always in reference to our modern approach, in that we use HTTP to provide access to machine readable data in a JSON or XML format, often simply referred to as "web APIs." APIs have been around almost as long as computing, but modern web APIs began taking shape in the early 2000s.

[3] Wood, Laura (2021-08-25). "Global Cloud Microservices Market (2021 to 2026)". businesswire.com. Archived from the original on 2022-04-08. Retrieved 2022-03-29.

[4] Designing Web APIs Building APIs That Developers Love. O'Reilly Media. 2018. ISBN 9781492026877.

[5] Clarke, Steven (2004). "Measuring API Usability". Dr. Dobb's. Archived from the original on 3 March 2022. Retrieved 29 July 2016.

[6] Bloch, Joshua (August 8, 2018). A Brief, Opinionated History of the API (Speech). QCon. San Francisco: InfoQ. Archived from the original on September 22, 2020. Retrieved September 18, 2020

[7] "Protecting APIs in the Age of Business Logic Attacks". www.radware.com. Retrieved 2025-03-01.

[8] "The Silent API Threat: How Business Logic Attacks Are Changing Cybersecurity – Zero Defend Security" (in Turanci). 2025-03-01. Retrieved 2025-03-01.

[9] Marić, Nedim (2022-04-04). "What Is API security? The Complete Guide" (in Turanci). Retrieved 2025-03-01.

[10] Richardson, Luke (2023-06-23). "Business Logic Attacks: Why Should You Care? | Understanding Business Logic Attacks & Their Impact | Imperva". Blog (in Turanci). Retrieved 2025-03-01.

[1]