SlideShare a Scribd company logo

WebAPI Whitepaper

Shetal Patel
Shetal Patel

This document discusses how organizations can extend their business and technology beyond their internal systems through new external engagements like APIs, apps, and services. It recommends taking a service-oriented approach to manage new engagements while still ensuring transactions are processed with integrity, scale, and speed. Key aspects include extending applications and services for external use, transacting securely at internet scale, optimizing operations through insights, and using SOA principles to connect internal and external systems in a flexible way.

Technology
1 of 12
1
2
3
4
5
6
7
8
9
10
11
12
IBM Software WebSphere Thought Leadership White Paper The new business of technology: extend, transact and optimize
2 The new business of technology: extend, transact and optimize The principles that have helped organiza- tional leaders break down application and departmental silos are the same principles that will guide the development of new engagements outside the enterprise. Executive summary New engagements and extensions of your business bring in new channels of profit—but these new engagements also present new requirements to traditional workloads. With today’s tech- nologies, you can use the design principles of service-oriented architecture to meet both imperatives. Technology is reshaping industries Ten years from now, we will look back upon today as the beginning of a new era of business and technology. Similar to the way e-business was formed by the advent of the web, this new era is being formed by the convergence of mobile, software-as-a-service, social networking and “big data.” These technologies are making it possible for business leaders to establish new engagements far beyond the boundaries of the enterprise, enabling them to reach to customers in near-real time, where and when customers are ready to do business. Liberating a business to extend beyond its enterprise walls opens up new avenues to innovation by leveraging the world at large. These new engagements, combined with the instrumented, interconnected and intelligent technologies that are powering a Smarter Planetℱ, enable business leaders to acquire data from connected devices to expand insights into new opportunities and new business models. Also, bold leaders are gaining an economic advantage for their organizations by off-loading IT capabilities to public services providers, which helps these leaders to focus their efforts on innovation that matters. To reap the benefits and opportunities presented by these scenarios, leaders at progressive enterprises are figuring out how to responsibly extend their business beyond the fortress of their data centers, so that they can directly and dynamically engage customers, independent software vendors (ISVs), partners and suppliers. This paper outlines an approach and a set of key considerations for organizational leaders who seek to establish new engage- ments beyond the enterprise. This approach consists of three key tenants: extending applications, processes and services, transacting with integrity, scale and speed, and optimizing business operations. All three tenants are critical elements of a successful technology strategy for the new era. In addition, this paper will examine some broader business considerations and will discuss the evolution of service-oriented architecture (SOA) and how SOA is at the core of the ability to embrace new business engagements. Extend applications, processes, and services A well-designed system can present a simple and intuitive interface to what often are complex inner workings. Have you ever opened up your iPod? The external interface is easy and initiative to use, yet the inner workings are appropriately complex. Your enterprise is no different.
IBM Software 3 The inner workings of your enterprise contain mission-critical services, business processes, business behavior (rules and decisions) and core transactional systems. Service-oriented archi- tectures do a fine job of organizing your business assets in a flex- ible way, which helps you to create new innovative services and solutions quickly. But your internal services are not likely archi- tected to engage an extended ecosystem of innovators and new markets. By applying SOA at the core of mobile, cloud and social business, the same service-oriented principles that shaped your internal interfaces can evolve and guide directly the extended reach of processes, services and solutions in a dynamic, multichannel environment. The external view of your enterprise must be easy to consume and manage. This external view needs to provide a filter and buffer between the extended external network and the transac- tional backbone of the internal enterprise. SOA will aid in con- necting “the world,” delivering qualitative answers to external questions and queries. And SOA will support a collaborative ecosystem that includes, for example, third-party app stores, application programming interface (API) catalogs or software- as-a-service partners. Three key concepts that enable an enterprise to extend its external reach are services, APIs and apps. Internal Services. These are your mission-critical business processes, business decisions and transactional services that run in your data center and form the transactional backbone of your enterprise. In a well-architected environment, access to business information is controlled through published service interfaces, service interfaces that in turn are orchestrated by thorough, wide-ranging business processes. Organizational leaders should not shy away from utilizing external service providers. This is specifically true when the services in question are not a mission- critical aspect of business operations (for example, postage and billing), or when the services are offered at a price (or at a location) that cannot be matched internally because of the economies of scale that the shared-service provider gains. However, most enterprise teams are required to manage their systems under the “lock and key” of their data center. Hence it is often the case that externally provided services need to be coordinated with the internal systems, and in fact need to be managed as part of the internal service fabric. APIs. An API is a recycled term that is currently being used to represent a “public” persona for your business—a persona that can be consumed by ISVs and business partners. A successful public persona is typically: ●● Simple in scope (for example, a small number of unique APIs) ●● Pervasive throughout multiple architectures (for example, supports multiple protocols and programming models for service and data access) ●● Presented as a simple data model (for example, Java Script Object Notation) ●● Provides controls in the form of policies (for example, a quota, which limits the number of calls to this API from a given user over a specific time period) APIs are the externalized aspect of services and as such should not be viewed as an “alternative” to service-oriented-architecture, but rather a part of a well-architected service-oriented enter- prise. However, APIs are a specific genre of services with a lifecycle that is focused on “external” consumption. This is more than just a nuance. It drives a focus on simplicity, security and compatibility with standards-based external systems.
4 The new business of technology: extend, transact and optimize Managing business APIs is key to extending enterprise “reach” to the new channels presented by mobile and software-as-a- service and is key for those who wish to utilize big data for insights. In essence, this transformation is replicating what e-business did in the late 1990s. E-business placed web platforms in front of mainframe-based applications as a way to externalize the mainframe applications to the web without destabilizing core business transactions. Now people are expanding beyond the walls of the enterprise by using APIs to externalize internal services responsibly to mobile and software-as-a-service environments. Apps. APIs enable apps. In this context, an app is a component of a distributed application that can reside outside the boundar- ies of your enterprise. A common example is a mobile phone app that resides in an external “app store.” However, an app can be much more. Apps can run on any device (for example, in a car or a set-top box), be a transmitter of data gathered from a sensor network (for example, a smart electric meter or a pacemaker), or represents an application running in an external software-as-a- service provider. An app is ultimately any piece of external code that interacts with your published APIs, and APIs can be devel- oped by anyone from corporate developers to mobile customers. When you enable apps, you enable innovation. While you are the sole creator of your own “public” persona (API), you want to encourage the world at large to extend this persona by building apps and making it possible for you to reach markets that you would not be able to reach on your own. Thus apps are another key element in the foundation for extending enterprise services to external stakeholders. While published business APIs need to be relatively stable, apps vary much more rapidly and significantly. The rapid lifecycle of apps is exacerbated by the fact that apps are typically fine- grained, built to purpose and updated frequently to multiple target environments (for example, devices or software-as-a- service providers). To foster the proper creation of apps, you need a first-class app software development kit that enables app developers to create a variety of external applications (especially mobile) rapidly, throughout a variety of “device” platforms. Publishing apps and APIs Responsibly publishing your enter- prise apps and APIs to key places outside your enterprise make it possible for these assets to be discovered and properly used. For example, apps are published to app stores, which can be public services like the Apple App Store or the Android Market, or enterprise leaders may choose to manage their own app store for use by partners, customers and employees. Similarly, APIs need to be published to an external API portal, which can be an exter- nal web site, a portal erected by the enterprise or a public API directory like ProgrammableWeb.com. There is also an element of marketing in the publishing process. Capabilities are needed to alert, track, rate, and monitor assets within communities of interest. For example, after updating an API, a Twitter alert can be made to a hashtag “ACME-API” informing developers that a new version of the “Acme” API or app is available.
5IBM Software Information Consistency. As an enterprise team publishes apps and APIs, they need to ensure information consistency between external assets and back-end systems. For example, an app that engages customers on mobile devices to purchase a retailer’s product must stay consistent with the information in that retail- er’s order management system so that the selected product is ultimately shipped and delivered to the customer. In particular, an enterprise that uses an external provider must ensure that the services delivered in through that provider are services that can access information in the appropriate back-end systems, either directly or through a near-real-time information cache. Transact with integrity, scale, and speed As an enterprise gains success by extending services through APIs and apps, those who operate within the enterprise must be prepared to deal with this success. New external engagements require you to support a proliferation of application end points, along with wildly fluctuating request and data volumes at inter- net scale. You must be prepared to operate with business integ- rity throughout the extended enterprise, ensuring that all transactions that are initiated through new external channels complete with the same quality of service as those transactions that are initiated and processed in a more traditional fashion. Four key concepts that help address the transactional demands placed on the enterprise are elastic services, Internet-scale messaging, quality of service and accounting. Elastic services. An elastic service is a service written in a way that makes it possible for the service to run securely and economically within an external or internal hosted environment. Elastic services abide to a set of rules that strongly promote resource sharing (for example, multi-tenant using shared-nothing architectures), use of elastic data (for example, data grids and non-SQL data stores) and flexible transaction models (for exam- ple, eventual consistency). These services can be written in any language, provided that the service abides to the aforementioned rules. As with any service-oriented architecture, these elastic ser- vices can be combined and composed into new elastic services more easily. Using an elastic service as the implementation for an API creates a very scalable, economically managed solution that can manage the most demanding apps. Internet-scale messaging. “Internet-scale” messaging makes it possible for massive amounts of messages to enter your enterprise from a massive number of devices. An internet-scale messaging system can process standardized messaging protocols including Web Sockets or MQ Telemetry Transport in the mil- lions of messages (per second, stored persistently), which enables a variety of use cases involving mobile and sensor networks. Transformation enables data to be converted from one format to another, including binary formats. Also, data can be efficiently compressed over the network to future optimized interactions with external environments. And finally, caching can help opti- mize operational efficiencies (acting as a fluctuation absorber) between the app and API (front end) or the API and the elastic or internal-services (back end). Quality of service. Security is almost inevitably the most important quality of service aspect for any enterprise that extends transactions beyond its own boundaries. Security covers a broad range of topics including the authentication of users invoking transactions using APIs and users’ operational authori- zation to access a particular API. Security standards such as OAuth are important for interoperability outside the confines of your enterprise without spreading passwords around the web in readable form.
6 The new business of technology: extend, transact and optimize Resilience is the second-most important quality of service aspect to consider. Resilience ensures an API interaction’s availability in the face of operational instability in back end transaction systems or underlying networks. As an example, a resilient solution is able to reroute around failed networks and provides active disas- ter recovery. Published APIs, through the clean separation of API from underlying implementation, help mitigate the cascad- ing effect of failures by providing compensation for service- provider failure or even dynamic substitution of the service provider itself. Finally, still under quality of service, control describes mecha- nisms to alter the interaction flow corresponding to business or IT traffic management policies. For example, classes of interac- tions could be prioritized lower, or even dropped entirely, under low resource conditions. Operational throttling policies ensure that the inbound call rates do not exceed the certified rating, or quotas, of a specific API. Intelligent routing mechanisms can discriminate incoming transactions and can exert admission con- trol over them. Application-aware routing is employed to utilize intelligence from elastic and internal services, providing the most efficient and robust routing workload management. Accounting. Accounting deals with metering and billing. Once security aspects have ascertained the identity of app developers and of the end users of apps and have ensured that only duly- authenticated and authorized users have access to appropriate information, those developers and users can be metered and billed according to established service level agreements (SLAs) and quotas. Based on the metering information, billing for paid apps, APIs and elastic services is a necessary component of the business model. Optimize business operations There are a number of operational considerations that come into play as the enterprise creates and extends new engagements. These considerations concern not only the day-to-day opera- tions of business activities and decisions, but also the develop- ment and delivery of software capabilities that support published APIs. As organizations extend and engage more broadly, there are many new insights to be gleaned that can help improve opera- tional efficiency. Having thorough, wide-ranging insight helps you to optimize and improve your business continually and creates the ability to react to new business opportunities in near-real-time. This is part of the reward for those who can extend and transact business effectively. Monitoring key points of interest and generating usage statistics and trend data forms the foundation of the system’s ability to “learn.” Near-real-time events, generated from mobile apps or APIs usage, trigger actions that make it possible for organizational teams to gain business insight immediately and to respond to opportunities or threats. Insight tracking should be a foundational part of any new engagements that the enterprise creates, and these engagements should be continuously monitored. Information gained from engagements is relevant to three key roles in the organization: business operations, DevOps and app developers. Business operations. Business operations are the caretakers of the external persona of an enterprise. They are responsible for growing the business through an external community and they need real-time insights into how their ecosystem is functioning and performing—because that knowledge helps them respond
7IBM Software and “course correct” rapidly. Questions that business operations personnel may ask are: Which app is generating the most amount of revenue for the business, what is unique about this app, and what APIs does it leverage? Which APIs are generating the highest number of questions in the developer community, which APIs have the most number of open tickets against them, how much interest and discussion are my APIs generating on social networking sites? DevOps. In this combined role, an individual who is responsible for development and systems administration can learn about usage-demand, can perform problem-determination, or can understand the impact analysis of an upcoming change. Focused searches can be done to show API response times and drift, cor- relate multiple problems in a fixed time window and track the progress of a deployment of multiple assets to an external app store or to software-as-a-service providers. App developers. App developers (often external to your enter- prise) who use your APIs or elastic services need to understand whether they are using your capabilities in an appropriate and effective fashion. Their role includes statistical analysis similar to the DevOps role, but also includes focused searches to provide insights into what might be going wrong, including the ability to debug current or future problems. There is economy and efficiency in thinking about all of these operational elements throughout the three roles as a coherent design pattern. Such a design pattern produces an integrated experience throughout development, management (for example, security and control), optimization (for example, scale and per- formance) and accounting (for example, identity and billing). Becoming an engaging enterprise is not just about innovating internally with developers on staff. You must find ways to profit from the innovation that exists within external communities—communities that you do not directly control and can only influence. The foundation of new business engagements: service-oriented design For the last ten years, SOA principles were the foundation for the evolution of transactional systems to web applications, e-business and thorough business process integration. Now, the same SOA principles are at the core of cloud, mobile, social business and big data as these new-era business engagements transact at scale throughout locations, devices, people, processes and information. The “SOA manifesto” contains six key design principles, each of which is fundamental to an engaging enterprise. Service orientation at the core. Service orientation does not begin with technology; it begins with the mind-set of thinking about your business and the world around you in terms of func- tional components. Thinking in terms of services and processes transcends any particular channel or business unit and provides a uniform mediated architecture that can connect the key stake- holders inside and outside the enterprise.
8 The new business of technology: extend, transact and optimize Service orientation does not begin with technology; it begins with the mind-set of thinking about your business and the world around you in terms of functional components. —Steve Mills, Senior VP and Group Executive, IBM Software and Systems Process integrity at internet scale. For the extended enter- prise, transacting with integrity means managing carefully the integrity of business processes. Thorough, wide-ranging business processes are not limited to what happens inside the walls of the enterprise. Furthermore, these business processes happen at internet scale in terms of number of nodes and variability of workload. Thus process integrity at internet scale requires a transition from “database-centric” transaction principles (for example, two-phase commit) to more-loosely coupled transac- tion models that include compensation and recovery models, which are better suited for long-running or asynchronous busi- ness transactions (for example, those that are conducted using systems management services). Integration with enterprise capabilities and back end systems. IT teams have learned time and again that tightly coupled systems do not scale well in a dynamic, ever-changing environment. Nevertheless, integration with the transactional backbone of the enterprise remains an important capability for those who wish to support new business models and extended ecosystems. The basic SOA design principle (service consumer, service mediator, and service provider) is an excellent basis for loosely coupling external and internal participants. The media- tion part of the pattern is often overlooked and undervalued, yet it is exactly this part of the pattern that makes possible the medi- ating between externally published business APIs and internal transactional services, thus providing virtualized external services in a way that does not require recoding or extension of the transactional backbone itself. Based on industry standards. This is the perhaps most obvious SOA principle, and in reality not restricted to, or specific for, a service oriented environment. Having said that, there are certain characteristics of a service oriented environment which require industry standards beyond protocols and message schemas. Think about a situation in which a partner consumes an external API, provided and published by the enterprise, but the service provider in turn requires the capabilities of four internal services. In this situation, not only must there be an explicit service con- tract between consumer and service provider, but that service provider in turn needs service contracts with the four “sub- providers” that are part of the transactional backbone. Thus the notion of “wire by contract” (for example, embodied by Service Component Architecture or Service-oriented architecture Modeling Language), in which service consumers and providers are recursively (and potentially dynamically) matched based upon their declared external dependencies. This reality becomes a fundamental tenet of the extended enterprise and must be standardized in the same fashion as protocols and message schemas have already been standardized. Furthermore, advanced service contracts will include policies and SLAs that guide and govern the interaction according to established agreements throughout the extended ecosystem. Leveraging and extending open source technologies. Most Chief Information Officers will tell you that open source is a consideration for the strategic evolution of tools and middle- ware. While most often not on par with vendor provided capa- bilities, open source is often “good enough” for the more stan- dardized aspects of the IT infrastructure. Furthermore, in the context of the extended enterprise, apps may often be created by
9IBM Software third-party stakeholders (for example, customers and partners), who in turn may apply open source technology to create those apps. Consequently a good IT strategy needs to embrace and extend open source technologies rather than keep open source as a separate, disconnected environment. Providing the platform for a growing ecosystem. The notion of APIs and API management—the idea that external business interfaces can be codified and published—is a critical enabler for an extended and growing ecosystem. APIs are business services that provide a managed interface for interaction throughout the corporate boundary. As such, the full power of SOA can and should be applied to the creation and management of business APIs, importantly including the notion of API registries (often called API catalogs) for publication and externalized Enterprise Service Bus capabilities for integration and mediation. An example of the new business of technology in action Here is an example of how these pieces come together to create an engaging enterprise. Imagine an airline company called “Acme Airlines.” Acme Airlines has two major business goals that they are trying to achieve. One goal is to increase sales, and the other goal is to increase customer satisfaction. Acme leaders believe they can help achieve these goals by engaging directly with customers and external developers using mobile and social technologies. The first step in the process is to create external APIs for several core services: price quotes, booking, baggage tracking and flight information. All of these services are typically used by third- party travel aggregators, and will provide Acme with new reve- nue streams if they can convince developers to begin using their APIs. Acme implements the APIs as REST services that can be easily identified and called using URLs. The APIs map directly to internal services running on-premise in their data center. Acme also creates documentation and several sample use cases for the APIs. Acme then publishes their APIs to a hosted catalog where they can easily create a landing page for their content, and link to popular social networks. The next step is to improve Acme Airline’s mobile application. Currently the airline has a mobile version of their website, but functions are limited. Acme moves to a hybrid app model, in which the mobile app runs natively on multiple operating sys- tems (and making it possible for the mobile app to be distributed through third-party app stores), and the main content is served directly from Acme where it is controlled and maintained. The main content for the app is written in HTML5, making the most of Acme Airline’s public APIs with added details for each supported platform. For flight status and baggage alerts, Acme Airlines adds push notifications to their application. This outreach updates customers immediately of any issues or changes to their flights. Although most of the content is served directly from Acme, the hybrid approach makes it possible for content such as travel itin- eraries to be encrypted and stored directly on mobile devices. This is an important business advantage, since Acme customers can access important information in a secure manner even when the App is disconnected. Acme has successfully created new external interfaces for their business, but the airline still must be able to transact business successfully through these channels. In the past, the team at Acme had struggled to cope with “flash loads,” which occurs when many travelers attempt to re-book at once during inclem- ent weather. With several new customer channels now available, scalability becomes an even more critical issue. To help mitigate the problem, the Acme Airlines team adds a dynamic scaling policy to their virtualized web application patterns. This makes it possible for the team to scale-up automatically as load increases.
10 The new business of technology: extend, transact and optimize To further improve functions, Acme leaders added a caching function for user sessions, because the function helps prevent multiple calls to back end systems to fetch user data. In addition to scale, the Acme Airlines team needs to ensure that new mobile transactions are as secure as possible. The team at Acme implements centralized management over their mobile app. This action gives them control over which versions of the app are executed, and the team gains the ability to check the integrity of the apps that are running on customers’ mobile phones. The Acme Airlines team has added scale and security to ensure the availability and reliability of transactions in new external channels. But the team must still ensure that customer engage- ments through these new channels increase loyalty and customer satisfaction. To make this a reality, the team at Acme attaches business rules to their APIs. The price quote API and the booking API are associated with rules that evaluate transaction volume and frequent-flier status. Different discounts are auto- matically applied depending on each customer’s status and frequency of travel. The team implements another rule that responds to flight-related and baggage-related events. This provides a competitive advantage for the airline, because now when an Acme flight is delayed, customers automatically receive a free pass to the airline lounge. The same attachment of rules and APIs can also be used to encourage external developers to leverage their APIs for third- party Apps. Developers in their affiliate program receive cash rewards based on the volume of transactions generated through their Apps that use Acme’s APIs. The fact that this example is somewhat simplistic does not dilute in any way the power of the possibilities before you. The story of Acme Airlines illustrates how new technologies can improve business outcomes more quickly and more easily when leaders extend, transact and optimize their businesses. The future of business growth is within your grasp. This is how your company can become a truly engaging enterprise. The new business of technology: business considerations As you go down the path of realizing the vision of an engaging enterprise, recognize that this is not just a technology initiative. It is also a fundamental shift in the way you think about your business. Becoming a more engaging enterprise is not just about innovating internally with developers on staff. You must find ways to employ the innovation that exists within external communities—communities that you do not directly control and can only influence. In the course of engaging with new customers in new markets, you will need to add a practice to your business. This new prac- tice will include professionals who understand the economics of APIs and apps. These professionals understand how to engage with communities of developers outside your organization to help them succeed—and through their success, to help you suc- ceed. Prepare to listen to (and respond to) groups of developers who spend time in social and other communities that you do not normally monitor and to which you do not normally respond. Prepare to come up with interesting new ways to continue to be “top-of-the-mind” with developers by creating relevant APIs and
11IBM Software socializing them appropriately. Prepare to reach out to develop- ers on a regular basis, going beyond online interaction. For example, you might organize app events and contests to the benefit of your business. As you externalize your enterprise you must think about partner- ships in a different way. You may find that you begin to generate significant business through your APIs compared to your exist- ing business model—a shift to selling through other businesses versus selling directly to customers. You must become very sophisticated in terms of creating tiers of APIs that you can offer to the market, so that you are able to continuously provide low-cost entry points, but you are able also to charge premiums for differentiated high-value services. Next steps New engagements and extensions of your business bring in new channels of profit—but these new engagements also present new requirements to traditional workloads. The IBM team can help you use the design principles of SOA to meet both imperatives. Engage professionals who know how to help you generate results quickly. In April 2012, based on analyst firm Gartner’s definition of middleware, IBM was once again named the overall marketshare leader in middleware software. According to the Gartner report1, IBM was the leading software vendor, extend- ing its lead to nearly double that of its closest competitor. With IBM, you can expect strong performance, a smaller footprint and faster startup. Many IBM clients see positive results within six to twelve months. For more information To learn more about becoming an engaging enterprise, contact your IBM marketing representative or IBM Business Partner, or visit the following website: ibm.com/business-agility Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost- effective and strategic way possible. We'll partner with credit- qualified clients to customize a financing solution to suit your business and development goals, enable effective cash manage- ment, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing
© Copyright IBM Corporation 2012 IBM Corporation Software Group Route 100 Somers, NY 10589 USA Produced in the United States of America July 2012 IBM, the IBM logo, and ibm.com, and Smarter Planet are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. It is the user’s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious, and any similarity to the names and addresses used by a real business enterprise is entirely coincidental. 1 http://www-03.ibm.com/press/uk/en/pressrelease/37390.wss WSW14191-USEN-00 Please Recycle

More Related Content

What's hot (20)

PPTX
The API Economy: API Provider Perspective / European Identity Summit 2012
3scale
 
PDF
API: Extracting Value
TrustRobin
 
PDF
Ibm white paper_harnessing_ap_is_and_platforms_0
Diego Alberto Tamayo
 
PDF
Enterprise API New Features and Roadmap
Salesforce Developers
 
PPT
SaaS Metrics That Matter | MuleSoft
MuleSoft
 
PDF
Service Delivery Broker - Digital Services Management
Ant Cruz
 
PDF
Hybrid cloud-cloud-services-white-paper-external-apw12358usen-20180516
Tanjina Prema
 
PPT
API Management architect presentation
sflynn073
 
PDF
Designing Usable APIs featuring Forrester Research, Inc.
CA API Management
 
PPTX
Hybrid IT: The Importance of Integration to Salesforce Success
Darren Cunningham
 
PPT
Soa 101
David Linthicum
 
PDF
Communication Service Providers (CSP) and the Telecom API Ecosystem
Alan Quayle
 
PDF
Digital Platfrom 4 Summary
Ian Thomas
 
PDF
Melbourne API Management Seminar
CA API Management
 
PDF
Oracle Sales Cloud Release 9 by Ventana Research
Laurent Pacalin
 
PDF
Expert Hour: Salesforce integration tools - why, what & how?
Geraldine Gray
 
PDF
Whitepaper the application network
BeatEggli
 
PDF
Welcome to the API Economy
Nino Guarnacci
 
PPTX
MuleSoft London Community - May 2017 RAML
Pace Integration
 
PDF
APIs: State of the Union - Ross Garrett @ AppsWorld 2014
CA API Management
 
The API Economy: API Provider Perspective / European Identity Summit 2012
3scale
 
API: Extracting Value
TrustRobin
 
Ibm white paper_harnessing_ap_is_and_platforms_0
Diego Alberto Tamayo
 
Enterprise API New Features and Roadmap
Salesforce Developers
 
SaaS Metrics That Matter | MuleSoft
MuleSoft
 
Service Delivery Broker - Digital Services Management
Ant Cruz
 
Hybrid cloud-cloud-services-white-paper-external-apw12358usen-20180516
Tanjina Prema
 
API Management architect presentation
sflynn073
 
Designing Usable APIs featuring Forrester Research, Inc.
CA API Management
 
Hybrid IT: The Importance of Integration to Salesforce Success
Darren Cunningham
 
Soa 101
David Linthicum
 
Communication Service Providers (CSP) and the Telecom API Ecosystem
Alan Quayle
 
Digital Platfrom 4 Summary
Ian Thomas
 
Melbourne API Management Seminar
CA API Management
 
Oracle Sales Cloud Release 9 by Ventana Research
Laurent Pacalin
 
Expert Hour: Salesforce integration tools - why, what & how?
Geraldine Gray
 
Whitepaper the application network
BeatEggli
 
Welcome to the API Economy
Nino Guarnacci
 
MuleSoft London Community - May 2017 RAML
Pace Integration
 
APIs: State of the Union - Ross Garrett @ AppsWorld 2014
CA API Management
 

Viewers also liked (15)

PPT
Ibmmobilefirstdevopsdc 140311164526-phpapp02
Shetal Patel
 
PPTX
IKNO regionalisatie
Jakob de Vries
 
PPTX
Job Place Training & Placement
Adeela Hasnain
 
PPTX
Neptune software sitNL 2013
Njal Stabell
 
DOCX
Slow the flow_2011[1]
Shaunna Goldberry
 
PDF
BPM and SAP Whitepaper
Shetal Patel
 
PDF
Resume rushabh
Rushabh Shah
 
DOCX
Slow the Flow_2012[1]
Shaunna Goldberry
 
PPTX
Nutrition and MS
Nick W.
 
PPT
Borstkanker umcg
Jakob de Vries
 
PDF
IBM Mobile devices Whitepaper
Shetal Patel
 
PDF
WebSphere Application Server JBoss TCO analysis
Shetal Patel
 
PPTX
ASP.NET Web API
habib_786
 
PPT
Smooth Sort
habib_786
 
PPT
Voice Over IP (VoIP)
habib_786
 
Ibmmobilefirstdevopsdc 140311164526-phpapp02
Shetal Patel
 
IKNO regionalisatie
Jakob de Vries
 
Job Place Training & Placement
Adeela Hasnain
 
Neptune software sitNL 2013
Njal Stabell
 
Slow the flow_2011[1]
Shaunna Goldberry
 
BPM and SAP Whitepaper
Shetal Patel
 
Resume rushabh
Rushabh Shah
 
Slow the Flow_2012[1]
Shaunna Goldberry
 
Nutrition and MS
Nick W.
 
Borstkanker umcg
Jakob de Vries
 
IBM Mobile devices Whitepaper
Shetal Patel
 
WebSphere Application Server JBoss TCO analysis
Shetal Patel
 
ASP.NET Web API
habib_786
 
Smooth Sort
habib_786
 
Voice Over IP (VoIP)
habib_786
 
Ad

Similar to WebAPI Whitepaper (20)

PPT
Api management introduction and product overview v1.0 2014.08.28
floridawusergroup
 
PDF
Business Value of APIs - TFG 2012 Issue2 (Webcast)
Apigee | Google Cloud
 
PDF
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
CA Technologies
 
PDF
What is an api, why should you care + the curse of knowledge
Alec Coughlin
 
PPSX
APIs as a Product Strategy
Ravi Kumar
 
PDF
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
apidays
 
PDF
How to Win in the New API Economy
Sachi Sawamura
 
PPTX
Why an Innovative Mobile Strategy Requires a Robust API
Software AG
 
PPTX
Why an innovative mobile strategy needs a robust API
Manmohan Gupta
 
PDF
APIdays 2019 - The API mindset for IT and Business Tom Cully, BlackRaven
apidays
 
PDF
Journey to APIs and Microservices: Best Practices
Deepak Nadig
 
PDF
Microservices meetupnz dec16
Alex Wilson (CISSP)
 
PDF
APIs +Micro services technology for Computing
wismoyo92
 
PDF
Unleashing IT Magazine, Summer 2013
UnleashingIT
 
PPT
Iag api management architect presentation
sflynn073
 
PDF
The Future of Enterprise Software - How Software Companies can Achieve High P...
Philipp Stauffer
 
PPT
Social World
prasadpawaskar
 
PPT
Social Media, Cloud Computing and architecture
Rick Mans
 
PPTX
Era of APIs: Why do we need an API Strategy
Bala Iyer
 
PDF
Meetup 2022 - API Gateway landscape.pdf
Red Hat
 
Api management introduction and product overview v1.0 2014.08.28
floridawusergroup
 
Business Value of APIs - TFG 2012 Issue2 (Webcast)
Apigee | Google Cloud
 
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
CA Technologies
 
What is an api, why should you care + the curse of knowledge
Alec Coughlin
 
APIs as a Product Strategy
Ravi Kumar
 
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
apidays
 
How to Win in the New API Economy
Sachi Sawamura
 
Why an Innovative Mobile Strategy Requires a Robust API
Software AG
 
Why an innovative mobile strategy needs a robust API
Manmohan Gupta
 
APIdays 2019 - The API mindset for IT and Business Tom Cully, BlackRaven
apidays
 
Journey to APIs and Microservices: Best Practices
Deepak Nadig
 
Microservices meetupnz dec16
Alex Wilson (CISSP)
 
APIs +Micro services technology for Computing
wismoyo92
 
Unleashing IT Magazine, Summer 2013
UnleashingIT
 
Iag api management architect presentation
sflynn073
 
The Future of Enterprise Software - How Software Companies can Achieve High P...
Philipp Stauffer
 
Social World
prasadpawaskar
 
Social Media, Cloud Computing and architecture
Rick Mans
 
Era of APIs: Why do we need an API Strategy
Bala Iyer
 
Meetup 2022 - API Gateway landscape.pdf
Red Hat
 
Ad

Recently uploaded (20)

PDF
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
PDF
"Beyond English: Navigating the Challenges of Building a Ukrainian-language R...
Fwdays
 
PDF
Jak MƚP w Europie ƚrodkowo-Wschodniej odnajdują się w ƛwiecie AI
dominikamizerska1
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PDF
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
PDF
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
July Patch Tuesday
Ivanti
 
PDF
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
PDF
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PDF
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
PDF
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Log-Based Anomaly Detection: Enhancing System Reliability with Machine Learning
Mohammed BEKKOUCHE
 
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
"Beyond English: Navigating the Challenges of Building a Ukrainian-language R...
Fwdays
 
Jak MƚP w Europie ƚrodkowo-Wschodniej odnajdują się w ƛwiecie AI
dominikamizerska1
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
July Patch Tuesday
Ivanti
 
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Log-Based Anomaly Detection: Enhancing System Reliability with Machine Learning
Mohammed BEKKOUCHE
 

WebAPI Whitepaper

  • 1. IBM Software WebSphere Thought Leadership White Paper The new business of technology: extend, transact and optimize
  • 2. 2 The new business of technology: extend, transact and optimize The principles that have helped organiza- tional leaders break down application and departmental silos are the same principles that will guide the development of new engagements outside the enterprise. Executive summary New engagements and extensions of your business bring in new channels of profit—but these new engagements also present new requirements to traditional workloads. With today’s tech- nologies, you can use the design principles of service-oriented architecture to meet both imperatives. Technology is reshaping industries Ten years from now, we will look back upon today as the beginning of a new era of business and technology. Similar to the way e-business was formed by the advent of the web, this new era is being formed by the convergence of mobile, software-as-a-service, social networking and “big data.” These technologies are making it possible for business leaders to establish new engagements far beyond the boundaries of the enterprise, enabling them to reach to customers in near-real time, where and when customers are ready to do business. Liberating a business to extend beyond its enterprise walls opens up new avenues to innovation by leveraging the world at large. These new engagements, combined with the instrumented, interconnected and intelligent technologies that are powering a Smarter Planetℱ, enable business leaders to acquire data from connected devices to expand insights into new opportunities and new business models. Also, bold leaders are gaining an economic advantage for their organizations by off-loading IT capabilities to public services providers, which helps these leaders to focus their efforts on innovation that matters. To reap the benefits and opportunities presented by these scenarios, leaders at progressive enterprises are figuring out how to responsibly extend their business beyond the fortress of their data centers, so that they can directly and dynamically engage customers, independent software vendors (ISVs), partners and suppliers. This paper outlines an approach and a set of key considerations for organizational leaders who seek to establish new engage- ments beyond the enterprise. This approach consists of three key tenants: extending applications, processes and services, transacting with integrity, scale and speed, and optimizing business operations. All three tenants are critical elements of a successful technology strategy for the new era. In addition, this paper will examine some broader business considerations and will discuss the evolution of service-oriented architecture (SOA) and how SOA is at the core of the ability to embrace new business engagements. Extend applications, processes, and services A well-designed system can present a simple and intuitive interface to what often are complex inner workings. Have you ever opened up your iPod? The external interface is easy and initiative to use, yet the inner workings are appropriately complex. Your enterprise is no different.
  • 3. IBM Software 3 The inner workings of your enterprise contain mission-critical services, business processes, business behavior (rules and decisions) and core transactional systems. Service-oriented archi- tectures do a fine job of organizing your business assets in a flex- ible way, which helps you to create new innovative services and solutions quickly. But your internal services are not likely archi- tected to engage an extended ecosystem of innovators and new markets. By applying SOA at the core of mobile, cloud and social business, the same service-oriented principles that shaped your internal interfaces can evolve and guide directly the extended reach of processes, services and solutions in a dynamic, multichannel environment. The external view of your enterprise must be easy to consume and manage. This external view needs to provide a filter and buffer between the extended external network and the transac- tional backbone of the internal enterprise. SOA will aid in con- necting “the world,” delivering qualitative answers to external questions and queries. And SOA will support a collaborative ecosystem that includes, for example, third-party app stores, application programming interface (API) catalogs or software- as-a-service partners. Three key concepts that enable an enterprise to extend its external reach are services, APIs and apps. Internal Services. These are your mission-critical business processes, business decisions and transactional services that run in your data center and form the transactional backbone of your enterprise. In a well-architected environment, access to business information is controlled through published service interfaces, service interfaces that in turn are orchestrated by thorough, wide-ranging business processes. Organizational leaders should not shy away from utilizing external service providers. This is specifically true when the services in question are not a mission- critical aspect of business operations (for example, postage and billing), or when the services are offered at a price (or at a location) that cannot be matched internally because of the economies of scale that the shared-service provider gains. However, most enterprise teams are required to manage their systems under the “lock and key” of their data center. Hence it is often the case that externally provided services need to be coordinated with the internal systems, and in fact need to be managed as part of the internal service fabric. APIs. An API is a recycled term that is currently being used to represent a “public” persona for your business—a persona that can be consumed by ISVs and business partners. A successful public persona is typically: ●● Simple in scope (for example, a small number of unique APIs) ●● Pervasive throughout multiple architectures (for example, supports multiple protocols and programming models for service and data access) ●● Presented as a simple data model (for example, Java Script Object Notation) ●● Provides controls in the form of policies (for example, a quota, which limits the number of calls to this API from a given user over a specific time period) APIs are the externalized aspect of services and as such should not be viewed as an “alternative” to service-oriented-architecture, but rather a part of a well-architected service-oriented enter- prise. However, APIs are a specific genre of services with a lifecycle that is focused on “external” consumption. This is more than just a nuance. It drives a focus on simplicity, security and compatibility with standards-based external systems.
  • 4. 4 The new business of technology: extend, transact and optimize Managing business APIs is key to extending enterprise “reach” to the new channels presented by mobile and software-as-a- service and is key for those who wish to utilize big data for insights. In essence, this transformation is replicating what e-business did in the late 1990s. E-business placed web platforms in front of mainframe-based applications as a way to externalize the mainframe applications to the web without destabilizing core business transactions. Now people are expanding beyond the walls of the enterprise by using APIs to externalize internal services responsibly to mobile and software-as-a-service environments. Apps. APIs enable apps. In this context, an app is a component of a distributed application that can reside outside the boundar- ies of your enterprise. A common example is a mobile phone app that resides in an external “app store.” However, an app can be much more. Apps can run on any device (for example, in a car or a set-top box), be a transmitter of data gathered from a sensor network (for example, a smart electric meter or a pacemaker), or represents an application running in an external software-as-a- service provider. An app is ultimately any piece of external code that interacts with your published APIs, and APIs can be devel- oped by anyone from corporate developers to mobile customers. When you enable apps, you enable innovation. While you are the sole creator of your own “public” persona (API), you want to encourage the world at large to extend this persona by building apps and making it possible for you to reach markets that you would not be able to reach on your own. Thus apps are another key element in the foundation for extending enterprise services to external stakeholders. While published business APIs need to be relatively stable, apps vary much more rapidly and significantly. The rapid lifecycle of apps is exacerbated by the fact that apps are typically fine- grained, built to purpose and updated frequently to multiple target environments (for example, devices or software-as-a- service providers). To foster the proper creation of apps, you need a first-class app software development kit that enables app developers to create a variety of external applications (especially mobile) rapidly, throughout a variety of “device” platforms. Publishing apps and APIs Responsibly publishing your enter- prise apps and APIs to key places outside your enterprise make it possible for these assets to be discovered and properly used. For example, apps are published to app stores, which can be public services like the Apple App Store or the Android Market, or enterprise leaders may choose to manage their own app store for use by partners, customers and employees. Similarly, APIs need to be published to an external API portal, which can be an exter- nal web site, a portal erected by the enterprise or a public API directory like ProgrammableWeb.com. There is also an element of marketing in the publishing process. Capabilities are needed to alert, track, rate, and monitor assets within communities of interest. For example, after updating an API, a Twitter alert can be made to a hashtag “ACME-API” informing developers that a new version of the “Acme” API or app is available.
  • 5. 5IBM Software Information Consistency. As an enterprise team publishes apps and APIs, they need to ensure information consistency between external assets and back-end systems. For example, an app that engages customers on mobile devices to purchase a retailer’s product must stay consistent with the information in that retail- er’s order management system so that the selected product is ultimately shipped and delivered to the customer. In particular, an enterprise that uses an external provider must ensure that the services delivered in through that provider are services that can access information in the appropriate back-end systems, either directly or through a near-real-time information cache. Transact with integrity, scale, and speed As an enterprise gains success by extending services through APIs and apps, those who operate within the enterprise must be prepared to deal with this success. New external engagements require you to support a proliferation of application end points, along with wildly fluctuating request and data volumes at inter- net scale. You must be prepared to operate with business integ- rity throughout the extended enterprise, ensuring that all transactions that are initiated through new external channels complete with the same quality of service as those transactions that are initiated and processed in a more traditional fashion. Four key concepts that help address the transactional demands placed on the enterprise are elastic services, Internet-scale messaging, quality of service and accounting. Elastic services. An elastic service is a service written in a way that makes it possible for the service to run securely and economically within an external or internal hosted environment. Elastic services abide to a set of rules that strongly promote resource sharing (for example, multi-tenant using shared-nothing architectures), use of elastic data (for example, data grids and non-SQL data stores) and flexible transaction models (for exam- ple, eventual consistency). These services can be written in any language, provided that the service abides to the aforementioned rules. As with any service-oriented architecture, these elastic ser- vices can be combined and composed into new elastic services more easily. Using an elastic service as the implementation for an API creates a very scalable, economically managed solution that can manage the most demanding apps. Internet-scale messaging. “Internet-scale” messaging makes it possible for massive amounts of messages to enter your enterprise from a massive number of devices. An internet-scale messaging system can process standardized messaging protocols including Web Sockets or MQ Telemetry Transport in the mil- lions of messages (per second, stored persistently), which enables a variety of use cases involving mobile and sensor networks. Transformation enables data to be converted from one format to another, including binary formats. Also, data can be efficiently compressed over the network to future optimized interactions with external environments. And finally, caching can help opti- mize operational efficiencies (acting as a fluctuation absorber) between the app and API (front end) or the API and the elastic or internal-services (back end). Quality of service. Security is almost inevitably the most important quality of service aspect for any enterprise that extends transactions beyond its own boundaries. Security covers a broad range of topics including the authentication of users invoking transactions using APIs and users’ operational authori- zation to access a particular API. Security standards such as OAuth are important for interoperability outside the confines of your enterprise without spreading passwords around the web in readable form.
  • 6. 6 The new business of technology: extend, transact and optimize Resilience is the second-most important quality of service aspect to consider. Resilience ensures an API interaction’s availability in the face of operational instability in back end transaction systems or underlying networks. As an example, a resilient solution is able to reroute around failed networks and provides active disas- ter recovery. Published APIs, through the clean separation of API from underlying implementation, help mitigate the cascad- ing effect of failures by providing compensation for service- provider failure or even dynamic substitution of the service provider itself. Finally, still under quality of service, control describes mecha- nisms to alter the interaction flow corresponding to business or IT traffic management policies. For example, classes of interac- tions could be prioritized lower, or even dropped entirely, under low resource conditions. Operational throttling policies ensure that the inbound call rates do not exceed the certified rating, or quotas, of a specific API. Intelligent routing mechanisms can discriminate incoming transactions and can exert admission con- trol over them. Application-aware routing is employed to utilize intelligence from elastic and internal services, providing the most efficient and robust routing workload management. Accounting. Accounting deals with metering and billing. Once security aspects have ascertained the identity of app developers and of the end users of apps and have ensured that only duly- authenticated and authorized users have access to appropriate information, those developers and users can be metered and billed according to established service level agreements (SLAs) and quotas. Based on the metering information, billing for paid apps, APIs and elastic services is a necessary component of the business model. Optimize business operations There are a number of operational considerations that come into play as the enterprise creates and extends new engagements. These considerations concern not only the day-to-day opera- tions of business activities and decisions, but also the develop- ment and delivery of software capabilities that support published APIs. As organizations extend and engage more broadly, there are many new insights to be gleaned that can help improve opera- tional efficiency. Having thorough, wide-ranging insight helps you to optimize and improve your business continually and creates the ability to react to new business opportunities in near-real-time. This is part of the reward for those who can extend and transact business effectively. Monitoring key points of interest and generating usage statistics and trend data forms the foundation of the system’s ability to “learn.” Near-real-time events, generated from mobile apps or APIs usage, trigger actions that make it possible for organizational teams to gain business insight immediately and to respond to opportunities or threats. Insight tracking should be a foundational part of any new engagements that the enterprise creates, and these engagements should be continuously monitored. Information gained from engagements is relevant to three key roles in the organization: business operations, DevOps and app developers. Business operations. Business operations are the caretakers of the external persona of an enterprise. They are responsible for growing the business through an external community and they need real-time insights into how their ecosystem is functioning and performing—because that knowledge helps them respond
  • 7. 7IBM Software and “course correct” rapidly. Questions that business operations personnel may ask are: Which app is generating the most amount of revenue for the business, what is unique about this app, and what APIs does it leverage? Which APIs are generating the highest number of questions in the developer community, which APIs have the most number of open tickets against them, how much interest and discussion are my APIs generating on social networking sites? DevOps. In this combined role, an individual who is responsible for development and systems administration can learn about usage-demand, can perform problem-determination, or can understand the impact analysis of an upcoming change. Focused searches can be done to show API response times and drift, cor- relate multiple problems in a fixed time window and track the progress of a deployment of multiple assets to an external app store or to software-as-a-service providers. App developers. App developers (often external to your enter- prise) who use your APIs or elastic services need to understand whether they are using your capabilities in an appropriate and effective fashion. Their role includes statistical analysis similar to the DevOps role, but also includes focused searches to provide insights into what might be going wrong, including the ability to debug current or future problems. There is economy and efficiency in thinking about all of these operational elements throughout the three roles as a coherent design pattern. Such a design pattern produces an integrated experience throughout development, management (for example, security and control), optimization (for example, scale and per- formance) and accounting (for example, identity and billing). Becoming an engaging enterprise is not just about innovating internally with developers on staff. You must find ways to profit from the innovation that exists within external communities—communities that you do not directly control and can only influence. The foundation of new business engagements: service-oriented design For the last ten years, SOA principles were the foundation for the evolution of transactional systems to web applications, e-business and thorough business process integration. Now, the same SOA principles are at the core of cloud, mobile, social business and big data as these new-era business engagements transact at scale throughout locations, devices, people, processes and information. The “SOA manifesto” contains six key design principles, each of which is fundamental to an engaging enterprise. Service orientation at the core. Service orientation does not begin with technology; it begins with the mind-set of thinking about your business and the world around you in terms of func- tional components. Thinking in terms of services and processes transcends any particular channel or business unit and provides a uniform mediated architecture that can connect the key stake- holders inside and outside the enterprise.
  • 8. 8 The new business of technology: extend, transact and optimize Service orientation does not begin with technology; it begins with the mind-set of thinking about your business and the world around you in terms of functional components. —Steve Mills, Senior VP and Group Executive, IBM Software and Systems Process integrity at internet scale. For the extended enter- prise, transacting with integrity means managing carefully the integrity of business processes. Thorough, wide-ranging business processes are not limited to what happens inside the walls of the enterprise. Furthermore, these business processes happen at internet scale in terms of number of nodes and variability of workload. Thus process integrity at internet scale requires a transition from “database-centric” transaction principles (for example, two-phase commit) to more-loosely coupled transac- tion models that include compensation and recovery models, which are better suited for long-running or asynchronous busi- ness transactions (for example, those that are conducted using systems management services). Integration with enterprise capabilities and back end systems. IT teams have learned time and again that tightly coupled systems do not scale well in a dynamic, ever-changing environment. Nevertheless, integration with the transactional backbone of the enterprise remains an important capability for those who wish to support new business models and extended ecosystems. The basic SOA design principle (service consumer, service mediator, and service provider) is an excellent basis for loosely coupling external and internal participants. The media- tion part of the pattern is often overlooked and undervalued, yet it is exactly this part of the pattern that makes possible the medi- ating between externally published business APIs and internal transactional services, thus providing virtualized external services in a way that does not require recoding or extension of the transactional backbone itself. Based on industry standards. This is the perhaps most obvious SOA principle, and in reality not restricted to, or specific for, a service oriented environment. Having said that, there are certain characteristics of a service oriented environment which require industry standards beyond protocols and message schemas. Think about a situation in which a partner consumes an external API, provided and published by the enterprise, but the service provider in turn requires the capabilities of four internal services. In this situation, not only must there be an explicit service con- tract between consumer and service provider, but that service provider in turn needs service contracts with the four “sub- providers” that are part of the transactional backbone. Thus the notion of “wire by contract” (for example, embodied by Service Component Architecture or Service-oriented architecture Modeling Language), in which service consumers and providers are recursively (and potentially dynamically) matched based upon their declared external dependencies. This reality becomes a fundamental tenet of the extended enterprise and must be standardized in the same fashion as protocols and message schemas have already been standardized. Furthermore, advanced service contracts will include policies and SLAs that guide and govern the interaction according to established agreements throughout the extended ecosystem. Leveraging and extending open source technologies. Most Chief Information Officers will tell you that open source is a consideration for the strategic evolution of tools and middle- ware. While most often not on par with vendor provided capa- bilities, open source is often “good enough” for the more stan- dardized aspects of the IT infrastructure. Furthermore, in the context of the extended enterprise, apps may often be created by
  • 9. 9IBM Software third-party stakeholders (for example, customers and partners), who in turn may apply open source technology to create those apps. Consequently a good IT strategy needs to embrace and extend open source technologies rather than keep open source as a separate, disconnected environment. Providing the platform for a growing ecosystem. The notion of APIs and API management—the idea that external business interfaces can be codified and published—is a critical enabler for an extended and growing ecosystem. APIs are business services that provide a managed interface for interaction throughout the corporate boundary. As such, the full power of SOA can and should be applied to the creation and management of business APIs, importantly including the notion of API registries (often called API catalogs) for publication and externalized Enterprise Service Bus capabilities for integration and mediation. An example of the new business of technology in action Here is an example of how these pieces come together to create an engaging enterprise. Imagine an airline company called “Acme Airlines.” Acme Airlines has two major business goals that they are trying to achieve. One goal is to increase sales, and the other goal is to increase customer satisfaction. Acme leaders believe they can help achieve these goals by engaging directly with customers and external developers using mobile and social technologies. The first step in the process is to create external APIs for several core services: price quotes, booking, baggage tracking and flight information. All of these services are typically used by third- party travel aggregators, and will provide Acme with new reve- nue streams if they can convince developers to begin using their APIs. Acme implements the APIs as REST services that can be easily identified and called using URLs. The APIs map directly to internal services running on-premise in their data center. Acme also creates documentation and several sample use cases for the APIs. Acme then publishes their APIs to a hosted catalog where they can easily create a landing page for their content, and link to popular social networks. The next step is to improve Acme Airline’s mobile application. Currently the airline has a mobile version of their website, but functions are limited. Acme moves to a hybrid app model, in which the mobile app runs natively on multiple operating sys- tems (and making it possible for the mobile app to be distributed through third-party app stores), and the main content is served directly from Acme where it is controlled and maintained. The main content for the app is written in HTML5, making the most of Acme Airline’s public APIs with added details for each supported platform. For flight status and baggage alerts, Acme Airlines adds push notifications to their application. This outreach updates customers immediately of any issues or changes to their flights. Although most of the content is served directly from Acme, the hybrid approach makes it possible for content such as travel itin- eraries to be encrypted and stored directly on mobile devices. This is an important business advantage, since Acme customers can access important information in a secure manner even when the App is disconnected. Acme has successfully created new external interfaces for their business, but the airline still must be able to transact business successfully through these channels. In the past, the team at Acme had struggled to cope with “flash loads,” which occurs when many travelers attempt to re-book at once during inclem- ent weather. With several new customer channels now available, scalability becomes an even more critical issue. To help mitigate the problem, the Acme Airlines team adds a dynamic scaling policy to their virtualized web application patterns. This makes it possible for the team to scale-up automatically as load increases.
  • 10. 10 The new business of technology: extend, transact and optimize To further improve functions, Acme leaders added a caching function for user sessions, because the function helps prevent multiple calls to back end systems to fetch user data. In addition to scale, the Acme Airlines team needs to ensure that new mobile transactions are as secure as possible. The team at Acme implements centralized management over their mobile app. This action gives them control over which versions of the app are executed, and the team gains the ability to check the integrity of the apps that are running on customers’ mobile phones. The Acme Airlines team has added scale and security to ensure the availability and reliability of transactions in new external channels. But the team must still ensure that customer engage- ments through these new channels increase loyalty and customer satisfaction. To make this a reality, the team at Acme attaches business rules to their APIs. The price quote API and the booking API are associated with rules that evaluate transaction volume and frequent-flier status. Different discounts are auto- matically applied depending on each customer’s status and frequency of travel. The team implements another rule that responds to flight-related and baggage-related events. This provides a competitive advantage for the airline, because now when an Acme flight is delayed, customers automatically receive a free pass to the airline lounge. The same attachment of rules and APIs can also be used to encourage external developers to leverage their APIs for third- party Apps. Developers in their affiliate program receive cash rewards based on the volume of transactions generated through their Apps that use Acme’s APIs. The fact that this example is somewhat simplistic does not dilute in any way the power of the possibilities before you. The story of Acme Airlines illustrates how new technologies can improve business outcomes more quickly and more easily when leaders extend, transact and optimize their businesses. The future of business growth is within your grasp. This is how your company can become a truly engaging enterprise. The new business of technology: business considerations As you go down the path of realizing the vision of an engaging enterprise, recognize that this is not just a technology initiative. It is also a fundamental shift in the way you think about your business. Becoming a more engaging enterprise is not just about innovating internally with developers on staff. You must find ways to employ the innovation that exists within external communities—communities that you do not directly control and can only influence. In the course of engaging with new customers in new markets, you will need to add a practice to your business. This new prac- tice will include professionals who understand the economics of APIs and apps. These professionals understand how to engage with communities of developers outside your organization to help them succeed—and through their success, to help you suc- ceed. Prepare to listen to (and respond to) groups of developers who spend time in social and other communities that you do not normally monitor and to which you do not normally respond. Prepare to come up with interesting new ways to continue to be “top-of-the-mind” with developers by creating relevant APIs and
  • 11. 11IBM Software socializing them appropriately. Prepare to reach out to develop- ers on a regular basis, going beyond online interaction. For example, you might organize app events and contests to the benefit of your business. As you externalize your enterprise you must think about partner- ships in a different way. You may find that you begin to generate significant business through your APIs compared to your exist- ing business model—a shift to selling through other businesses versus selling directly to customers. You must become very sophisticated in terms of creating tiers of APIs that you can offer to the market, so that you are able to continuously provide low-cost entry points, but you are able also to charge premiums for differentiated high-value services. Next steps New engagements and extensions of your business bring in new channels of profit—but these new engagements also present new requirements to traditional workloads. The IBM team can help you use the design principles of SOA to meet both imperatives. Engage professionals who know how to help you generate results quickly. In April 2012, based on analyst firm Gartner’s definition of middleware, IBM was once again named the overall marketshare leader in middleware software. According to the Gartner report1, IBM was the leading software vendor, extend- ing its lead to nearly double that of its closest competitor. With IBM, you can expect strong performance, a smaller footprint and faster startup. Many IBM clients see positive results within six to twelve months. For more information To learn more about becoming an engaging enterprise, contact your IBM marketing representative or IBM Business Partner, or visit the following website: ibm.com/business-agility Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost- effective and strategic way possible. We'll partner with credit- qualified clients to customize a financing solution to suit your business and development goals, enable effective cash manage- ment, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing
  • 12. © Copyright IBM Corporation 2012 IBM Corporation Software Group Route 100 Somers, NY 10589 USA Produced in the United States of America July 2012 IBM, the IBM logo, and ibm.com, and Smarter Planet are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. It is the user’s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious, and any similarity to the names and addresses used by a real business enterprise is entirely coincidental. 1 http://www-03.ibm.com/press/uk/en/pressrelease/37390.wss WSW14191-USEN-00 Please Recycle