Enhancing API Security in Guidewire PolicyCenter Cloud: Zero Trust with OAuth 2.0, JWT, Keycloak & OpenID Connect

Authors

  • Shanmugasundaram Senathipathi Manager, Capgemini, Financial Services, Woodland Hills, California, United States. Author

DOI:

https://doi.org/10.63397/ISCSITR-IJCA_03_01_001

Keywords:

API Security, Guidewire PolicyCenter, Zero Trust, OAuth 2.0, JSON Web Token (JWT), Keycloak, OpenID Connect, Cloud Security, Identity and Access Management (IAM), Authentication, Authorization

Abstract

With the increasing adoption of cloud-based insurance platforms, securing APIs in Guidewire PolicyCenter has become a critical concern. Traditional perimeter-based security models are inadequate in protecting against sophisticated cyber threats, necessitating a Zero Trust approach. This research presents an API security framework for Guidewire PolicyCenter Cloud, leveraging OAuth 2.0, JSON Web Tokens (JWT), Keycloak, and OpenID Connect (OIDC). The proposed framework enforces strong authentication, fine-grained authorization, and continuous verification of API requests. We evaluate the security effectiveness of this approach through a comparative analysis of access control mechanisms, token-based authentication methods, and threat mitigation strategies. Findings demonstrate that integrating Zero Trust principles with OAuth 2.0 and OIDC significantly enhances API security, reducing risks such as unauthorized access, token leakage, and API abuse. This study provides a robust security model for insurers adopting cloud-native PolicyCenter deployments, ensuring compliance with industry standards and regulatory requirements.

References

Golasowski, M., Hayek, M., & García-Hernández, R. J. (2021). A transnational data system for HPC/Cloud-Computing Workflows based on iRODS/EUDAT. Available at: irods.org (PDF)

Bröring, A., Samarakoon, R. S., Mendez, N. I., Lesche, M. (2021). Trust mechanisms for access control using OpenID Connect and Keycloak. Available at: intelliot.eu (PDF)

CNR Lead. (2021). Cooperation with Threat Intelligence Services for deploying adaptive honeypots. Available at: CyberSec4Europe (PDF)

Deshmukh, R. A., Jayakody, D., & Schneider, A. (2021). Data spine: a federated interoperability enabler for heterogeneous IoT platform ecosystems. Sensors Journal. Available at: MDPI

D'Silva, D., & Ambawade, D. D. (2021). Building a Zero Trust Architecture using Kubernetes. IEEE International Conference on Cyber Security. Available at: IEEE Xplore

Komulainen, A. (2021). Developing a web API with .NET Core on an AWS Lambda platform. Theseus.fi. Available at: Theseus (PDF)

Melton, R. (2021). Securing a Cloud-Native C2 Architecture using SSO and JWT. IEEE Aerospace Conference. Available at: IEEE Xplore

da Silva, S. B. T. (2021). A Framework for Supporting Privacy in the Computation of Biosignals. University of Lisbon. Available at: ULisboa Repository (PDF)

Angelogianni, A., Politis, I., & Xenakis, C. (2021). How many FIDO protocols are needed? Surveying the design, security, and market perspectives. arXiv preprint. Available at: arXiv (PDF)

Esposito, C., Ficco, M., & Gupta, B. B. (2021). Blockchain-based authentication and authorization for smart city applications. Information Processing & Management, Elsevier. Available at: ScienceDirect

Downloads

Published

2022-03-05

Issue

Vol. 3 No. 01 (2022): ISCSITR- INTERNATIONAL JOURNAL OF COMPUTER APPLICATIONS (ISCSITR-IJCA)

Section

Articles

License

Copyright (c) 2022 Shanmugasundaram Senathipathi (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

Shanmugasundaram Senathipathi. (2022). Enhancing API Security in Guidewire PolicyCenter Cloud: Zero Trust with OAuth 2.0, JWT, Keycloak & OpenID Connect. ISCSITR- INTERNATIONAL JOURNAL OF COMPUTER APPLICATIONS (ISCSITR-IJCA), 3(01), 1-22. https://doi.org/10.63397/ISCSITR-IJCA_03_01_001