Risk-based control of application interface transactions

The invention claimed is: 1. An application programming interface (API) equipment comprising: a policy enforcement point (PEP) computer host; and a policy decision point (PDP) computer host communicatively connected to the PEP computer host through a data network, wherein the PEP computer host has a different network address on the data network than the PDP computer host; the PEP computer host comprising processor circuitry and a memory coupled to the processor circuitry of the PEP computer host and comprising computer readable program code that when executed by the processor circuitry of the PEP computer host causes the processor circuitry of the PEP computer host to perform operations comprising: receiving a first API request through the data network from an application processed by a source node; transmitting the first API request to the PDP computer host through the data network; receiving a first assessment score from the PDP computer host through the data network; determining that the first assessment score satisfies a threshold value; based on the first assessment score satisfying the threshold value, controlling deliverability of the first API request through the data network to the destination node for processing based on the first assessment score by transmitting the first API request through the data network to the destination node; receiving a second API request through the data network from the application processed by the source node; indicates a level of trustworthiness of the second API request for processing by the application on the destination node; and transmitting the second API request to the PDP computer host through the data network; receiving a second assessment score from the PDP computer host through the data network; determining that the second assessment score does not satisfy the threshold value; controlling deliverability of the second API request through the data network to the destination node for processing based on the second assessment score not satisfying the threshold value by modifying an amount of data that is requested by the second API request; and transmitting the modified second API request through the data network to the destination node; and the PDP computer host comprising processor circuitry and a memory coupled to the processor circuitry of the PDP computer host and comprising computer readable program code that when executed by the processor circuitry of the PDP computer host causes the processor circuitry of the PDP computer host to perform operations comprising: receiving the first API request from the PEP computer host through the data network; generating the first assessment score based on context information that characterizes the first API request, wherein the first assessment score indicates a level of trustworthiness of the first API request for processing by the application on the destination node, and transmitting the first assessment score to the PEP computer host through the data network; receiving the second API request from the PEP computer host through the data network; and generating the second assessment score based on context information that characterizes the second API request, wherein the second assessment score indicates a level of trustworthiness of the second API request for processing by the application on the destination node, and transmitting the second assessment score to the PEP computer host through the data network. 2. The API equipment of claim 1 , wherein the computer readable program code, when executed by the processor circuitry of the PEP computer host, causes the processor circuitry of the PEP computer host to perform operations further comprising: storing in a buffer memory a sequence of API requests received from the application processed by the source node; and receiving a series of assessment scores generated by the PDP computer host based on context information that characterizes the sequence of API requests, wherein the series of assessment scores indicate levels of trustworthiness of the sequence of API requests for processing by the application on the destination node; and increasing a time delay between the storing of individual ones of the sequence of API requests in the buffer memory and transmitting of the individual ones of the sequence of API requests from the buffer memory to the destination node based on the assessment scores not satisfying a threshold value. 3. The API equipment of claim 1 , wherein controlling deliverability of the second API request to the destination node for processing based on the second assessment score, comprises: determining whether the source node supports an authentication challenge process, in response to the second assessment score not satisfying the threshold value; and based on determining that the source node does not support the authentication challenge process and the second assessment score not satisfying the threshold value, performing the modifying the amount of data that is requested by the second API request, and transmitting the modified second API request to the destination node. 4. The API equipment of claim 1 , wherein generating the first and second assessment scores based on the context information that characterizes the first and second API requests, respectively, comprises: identifying one of a plurality of known API protocols that is being used by the respective API request; and generating the respective assessment score based on whether the identified one of the plurality of known API protocols that is being used by the respective API request matches an API protocol that is expected to be used by the application processed by the source node. 5. The API equipment of claim 1 , wherein generating the first and second assessment scores based on the context information that characterizes the first and second API requests, respectively, comprises: generating the respective assessment score based on whether the source node has a network address that is within a list of known network addresses of source nodes that are known to be sources of untrustworthy API requests and/or based on whether the source node has a network address that is within a list of known network addresses of source nodes that are known to be sources of trustworthy API requests. 6. The API equipment of claim 1 , wherein generating the first and second assessment scores based on the context information that characterizes the first and second API requests, respectively, comprises: determining a routing address pathway through the data network from the source node to the API equipment; and generating the respective assessment score based on whether the routing address pathway includes a network address that is within a list of known network addresses of anonymizing servers and/or based on whether a network address of the source node cannot be determined from the routing address pathway. 7. The API equipment of claim 1 , wherein generating the first and second assessment scores based on the context information that characterizes the first and second API requests, respectively, comprises: identifying a characteristic of the application processed by the source node; and generating the respective assessment score based on whether content of a sequence of API requests received from the application processed by the source node satisfies a rule that defines what content is acceptable to be received in a sequence of API requests from an application having the characteristic. 8. The API equipment of claim 7 , wherein generating the first and second assessment scores based on whether content of the sequence of API requests received from the application processed by the source node satisfies the rule that defines what