IBM SoftwareWebSphereThought Leadership White PaperThe new business of technology:extend, transact and optimize
2 The new business of technology: extend, transact and optimizeThe principles that have helped organiza-tional leaders break down application anddepartmental silos are the same principlesthat will guide the development of newengagements outside the enterprise.Executive summaryNew engagements and extensions of your business bring innew channels of profit—but these new engagements also presentnew requirements to traditional workloads. With today’s tech-nologies, you can use the design principles of service-orientedarchitecture to meet both imperatives.Technology is reshaping industriesTen years from now, we will look back upon today as thebeginning of a new era of business and technology. Similar tothe way e-business was formed by the advent of the web,this new era is being formed by the convergence of mobile,software-as-a-service, social networking and “big data.”These technologies are making it possible for business leadersto establish new engagements far beyond the boundaries of theenterprise, enabling them to reach to customers in near-realtime, where and when customers are ready to do business.Liberating a business to extend beyond its enterprise walls opensup new avenues to innovation by leveraging the world at large.These new engagements, combined with the instrumented,interconnected and intelligent technologies that are powering aSmarter Planet™, enable business leaders to acquire data fromconnected devices to expand insights into new opportunities andnew business models. Also, bold leaders are gaining an economicadvantage for their organizations by off-loading IT capabilitiesto public services providers, which helps these leaders to focustheir efforts on innovation that matters.To reap the benefits and opportunities presented by thesescenarios, leaders at progressive enterprises are figuring out howto responsibly extend their business beyond the fortress of theirdata centers, so that they can directly and dynamically engagecustomers, independent software vendors (ISVs), partners andsuppliers.This paper outlines an approach and a set of key considerationsfor organizational leaders who seek to establish new engage-ments beyond the enterprise. This approach consists of threekey tenants: extending applications, processes and services,transacting with integrity, scale and speed, and optimizingbusiness operations. All three tenants are critical elements of asuccessful technology strategy for the new era. In addition, thispaper will examine some broader business considerations andwill discuss the evolution of service-oriented architecture (SOA)and how SOA is at the core of the ability to embrace newbusiness engagements.Extend applications, processes, andservicesA well-designed system can present a simple and intuitiveinterface to what often are complex inner workings. Have youever opened up your iPod? The external interface is easy andinitiative to use, yet the inner workings are appropriatelycomplex. Your enterprise is no different.
IBM Software 3The inner workings of your enterprise contain mission-criticalservices, business processes, business behavior (rules anddecisions) and core transactional systems. Service-oriented archi-tectures do a fine job of organizing your business assets in a flex-ible way, which helps you to create new innovative services andsolutions quickly. But your internal services are not likely archi-tected to engage an extended ecosystem of innovators and newmarkets. By applying SOA at the core of mobile, cloud andsocial business, the same service-oriented principles that shapedyour internal interfaces can evolve and guide directly theextended reach of processes, services and solutions in a dynamic,multichannel environment.The external view of your enterprise must be easy to consumeand manage. This external view needs to provide a filter andbuffer between the extended external network and the transac-tional backbone of the internal enterprise. SOA will aid in con-necting “the world,” delivering qualitative answers to externalquestions and queries. And SOA will support a collaborativeecosystem that includes, for example, third-party app stores,application programming interface (API) catalogs or software-as-a-service partners.Three key concepts that enable an enterprise to extend itsexternal reach are services, APIs and apps.Internal Services. These are your mission-critical businessprocesses, business decisions and transactional services that runin your data center and form the transactional backbone of yourenterprise. In a well-architected environment, access to businessinformation is controlled through published service interfaces,service interfaces that in turn are orchestrated by thorough,wide-ranging business processes.Organizational leaders should not shy away from utilizingexternal service providers. This is specifically true when theservices in question are not a mission- critical aspect of businessoperations (for example, postage and billing), or when theservices are offered at a price (or at a location) that cannot bematched internally because of the economies of scale that theshared-service provider gains. However, most enterprise teamsare required to manage their systems under the “lock and key”of their data center. Hence it is often the case that externallyprovided services need to be coordinated with the internalsystems, and in fact need to be managed as part of the internalservice fabric.APIs. An API is a recycled term that is currently being used torepresent a “public” persona for your business—a persona thatcan be consumed by ISVs and business partners. A successfulpublic persona is typically:●● Simple in scope (for example, a small number of unique APIs)●● Pervasive throughout multiple architectures (for example,supports multiple protocols and programming models forservice and data access)●● Presented as a simple data model (for example, Java ScriptObject Notation)●● Provides controls in the form of policies (for example, a quota,which limits the number of calls to this API from a given userover a specific time period)APIs are the externalized aspect of services and as such shouldnot be viewed as an “alternative” to service-oriented-architecture,but rather a part of a well-architected service-oriented enter-prise. However, APIs are a specific genre of services witha lifecycle that is focused on “external” consumption. This ismore than just a nuance. It drives a focus on simplicity, securityand compatibility with standards-based external systems.
4 The new business of technology: extend, transact and optimizeManaging business APIs is key to extending enterprise “reach”to the new channels presented by mobile and software-as-a-service and is key for those who wish to utilize big data forinsights. In essence, this transformation is replicating whate-business did in the late 1990s. E-business placed web platformsin front of mainframe-based applications as a way to externalizethe mainframe applications to the web without destabilizing corebusiness transactions. Now people are expanding beyond thewalls of the enterprise by using APIs to externalize internalservices responsibly to mobile and software-as-a-serviceenvironments.Apps. APIs enable apps. In this context, an app is a componentof a distributed application that can reside outside the boundar-ies of your enterprise. A common example is a mobile phone appthat resides in an external “app store.” However, an app can bemuch more. Apps can run on any device (for example, in a car ora set-top box), be a transmitter of data gathered from a sensornetwork (for example, a smart electric meter or a pacemaker), orrepresents an application running in an external software-as-a-service provider. An app is ultimately any piece of external codethat interacts with your published APIs, and APIs can be devel-oped by anyone from corporate developers to mobile customers.When you enable apps, you enable innovation. While you arethe sole creator of your own “public” persona (API), you want toencourage the world at large to extend this persona by buildingapps and making it possible for you to reach markets that youwould not be able to reach on your own. Thus apps are anotherkey element in the foundation for extending enterprise servicesto external stakeholders.While published business APIs need to be relatively stable, appsvary much more rapidly and significantly. The rapid lifecycleof apps is exacerbated by the fact that apps are typically fine-grained, built to purpose and updated frequently to multipletarget environments (for example, devices or software-as-a-service providers). To foster the proper creation of apps, youneed a first-class app software development kit that enables appdevelopers to create a variety of external applications (especiallymobile) rapidly, throughout a variety of “device” platforms.Publishing apps and APIs Responsibly publishing your enter-prise apps and APIs to key places outside your enterprise make itpossible for these assets to be discovered and properly used. Forexample, apps are published to app stores, which can be publicservices like the Apple App Store or the Android Market, orenterprise leaders may choose to manage their own app store foruse by partners, customers and employees. Similarly, APIs needto be published to an external API portal, which can be an exter-nal web site, a portal erected by the enterprise or a public APIdirectory like ProgrammableWeb.com.There is also an element of marketing in the publishing process.Capabilities are needed to alert, track, rate, and monitor assetswithin communities of interest. For example, after updating anAPI, a Twitter alert can be made to a hashtag “ACME-API”informing developers that a new version of the “Acme” API orapp is available.
5IBM SoftwareInformation Consistency. As an enterprise team publishes appsand APIs, they need to ensure information consistency betweenexternal assets and back-end systems. For example, an app thatengages customers on mobile devices to purchase a retailer’sproduct must stay consistent with the information in that retail-er’s order management system so that the selected product isultimately shipped and delivered to the customer. In particular,an enterprise that uses an external provider must ensure that theservices delivered in through that provider are services that canaccess information in the appropriate back-end systems, eitherdirectly or through a near-real-time information cache.Transact with integrity, scale, and speedAs an enterprise gains success by extending services throughAPIs and apps, those who operate within the enterprise must beprepared to deal with this success. New external engagementsrequire you to support a proliferation of application end points,along with wildly fluctuating request and data volumes at inter-net scale. You must be prepared to operate with business integ-rity throughout the extended enterprise, ensuring that alltransactions that are initiated through new external channelscomplete with the same quality of service as those transactionsthat are initiated and processed in a more traditional fashion.Four key concepts that help address the transactional demandsplaced on the enterprise are elastic services, Internet-scalemessaging, quality of service and accounting.Elastic services. An elastic service is a service written in away that makes it possible for the service to run securely andeconomically within an external or internal hosted environment.Elastic services abide to a set of rules that strongly promoteresource sharing (for example, multi-tenant using shared-nothingarchitectures), use of elastic data (for example, data grids andnon-SQL data stores) and flexible transaction models (for exam-ple, eventual consistency). These services can be written in anylanguage, provided that the service abides to the aforementionedrules. As with any service-oriented architecture, these elastic ser-vices can be combined and composed into new elastic servicesmore easily. Using an elastic service as the implementation foran API creates a very scalable, economically managed solutionthat can manage the most demanding apps.Internet-scale messaging. “Internet-scale” messaging makesit possible for massive amounts of messages to enter yourenterprise from a massive number of devices. An internet-scalemessaging system can process standardized messaging protocolsincluding Web Sockets or MQ Telemetry Transport in the mil-lions of messages (per second, stored persistently), which enablesa variety of use cases involving mobile and sensor networks.Transformation enables data to be converted from one format toanother, including binary formats. Also, data can be efficientlycompressed over the network to future optimized interactionswith external environments. And finally, caching can help opti-mize operational efficiencies (acting as a fluctuation absorber)between the app and API (front end) or the API and the elasticor internal-services (back end).Quality of service. Security is almost inevitably the mostimportant quality of service aspect for any enterprise thatextends transactions beyond its own boundaries. Security coversa broad range of topics including the authentication of usersinvoking transactions using APIs and users’ operational authori-zation to access a particular API. Security standards such asOAuth are important for interoperability outside the confines ofyour enterprise without spreading passwords around the web inreadable form.
6 The new business of technology: extend, transact and optimizeResilience is the second-most important quality of service aspectto consider. Resilience ensures an API interaction’s availability inthe face of operational instability in back end transaction systemsor underlying networks. As an example, a resilient solution isable to reroute around failed networks and provides active disas-ter recovery. Published APIs, through the clean separation ofAPI from underlying implementation, help mitigate the cascad-ing effect of failures by providing compensation for service-provider failure or even dynamic substitution of the serviceprovider itself.Finally, still under quality of service, control describes mecha-nisms to alter the interaction flow corresponding to business orIT traffic management policies. For example, classes of interac-tions could be prioritized lower, or even dropped entirely, underlow resource conditions. Operational throttling policies ensurethat the inbound call rates do not exceed the certified rating, orquotas, of a specific API. Intelligent routing mechanisms candiscriminate incoming transactions and can exert admission con-trol over them. Application-aware routing is employed to utilizeintelligence from elastic and internal services, providing the mostefficient and robust routing workload management.Accounting. Accounting deals with metering and billing. Oncesecurity aspects have ascertained the identity of app developersand of the end users of apps and have ensured that only duly-authenticated and authorized users have access to appropriateinformation, those developers and users can be metered andbilled according to established service level agreements (SLAs)and quotas. Based on the metering information, billing for paidapps, APIs and elastic services is a necessary component of thebusiness model.Optimize business operationsThere are a number of operational considerations that come intoplay as the enterprise creates and extends new engagements.These considerations concern not only the day-to-day opera-tions of business activities and decisions, but also the develop-ment and delivery of software capabilities that supportpublished APIs.As organizations extend and engage more broadly, there aremany new insights to be gleaned that can help improve opera-tional efficiency. Having thorough, wide-ranging insight helpsyou to optimize and improve your business continually andcreates the ability to react to new business opportunities innear-real-time. This is part of the reward for those who canextend and transact business effectively. Monitoring key pointsof interest and generating usage statistics and trend data formsthe foundation of the system’s ability to “learn.” Near-real-timeevents, generated from mobile apps or APIs usage, triggeractions that make it possible for organizational teams to gainbusiness insight immediately and to respond to opportunitiesor threats.Insight tracking should be a foundational part of any newengagements that the enterprise creates, and these engagementsshould be continuously monitored. Information gained fromengagements is relevant to three key roles in the organization:business operations, DevOps and app developers.Business operations. Business operations are the caretakers ofthe external persona of an enterprise. They are responsible forgrowing the business through an external community and theyneed real-time insights into how their ecosystem is functioningand performing—because that knowledge helps them respond
7IBM Softwareand “course correct” rapidly. Questions that business operationspersonnel may ask are: Which app is generating the mostamount of revenue for the business, what is unique about thisapp, and what APIs does it leverage? Which APIs are generatingthe highest number of questions in the developer community,which APIs have the most number of open tickets against them,how much interest and discussion are my APIs generating onsocial networking sites?DevOps. In this combined role, an individual who is responsiblefor development and systems administration can learn aboutusage-demand, can perform problem-determination, or canunderstand the impact analysis of an upcoming change. Focusedsearches can be done to show API response times and drift, cor-relate multiple problems in a fixed time window and track theprogress of a deployment of multiple assets to an external appstore or to software-as-a-service providers.App developers. App developers (often external to your enter-prise) who use your APIs or elastic services need to understandwhether they are using your capabilities in an appropriate andeffective fashion. Their role includes statistical analysis similar tothe DevOps role, but also includes focused searches to provideinsights into what might be going wrong, including the ability todebug current or future problems.There is economy and efficiency in thinking about all of theseoperational elements throughout the three roles as a coherentdesign pattern. Such a design pattern produces an integratedexperience throughout development, management (for example,security and control), optimization (for example, scale and per-formance) and accounting (for example, identity and billing).Becoming an engaging enterprise is not justabout innovating internally with developerson staff. You must find ways to profit fromthe innovation that exists within externalcommunities—communities that you do notdirectly control and can only influence.The foundation of new businessengagements: service-oriented designFor the last ten years, SOA principles were the foundation forthe evolution of transactional systems to web applications,e-business and thorough business process integration. Now, thesame SOA principles are at the core of cloud, mobile, socialbusiness and big data as these new-era business engagementstransact at scale throughout locations, devices, people, processesand information. The “SOA manifesto” contains six key designprinciples, each of which is fundamental to an engagingenterprise.Service orientation at the core. Service orientation does notbegin with technology; it begins with the mind-set of thinkingabout your business and the world around you in terms of func-tional components. Thinking in terms of services and processestranscends any particular channel or business unit and provides auniform mediated architecture that can connect the key stake-holders inside and outside the enterprise.
8 The new business of technology: extend, transact and optimizeService orientation does not begin withtechnology; it begins with the mind-set ofthinking about your business and the worldaround you in terms of functionalcomponents.—Steve Mills, Senior VP and Group Executive, IBM Software and SystemsProcess integrity at internet scale. For the extended enter-prise, transacting with integrity means managing carefully theintegrity of business processes. Thorough, wide-ranging businessprocesses are not limited to what happens inside the walls of theenterprise. Furthermore, these business processes happen atinternet scale in terms of number of nodes and variability ofworkload. Thus process integrity at internet scale requires atransition from “database-centric” transaction principles (forexample, two-phase commit) to more-loosely coupled transac-tion models that include compensation and recovery models,which are better suited for long-running or asynchronous busi-ness transactions (for example, those that are conducted usingsystems management services).Integration with enterprise capabilities and back endsystems. IT teams have learned time and again that tightlycoupled systems do not scale well in a dynamic, ever-changingenvironment. Nevertheless, integration with the transactionalbackbone of the enterprise remains an important capability forthose who wish to support new business models and extendedecosystems. The basic SOA design principle (service consumer,service mediator, and service provider) is an excellent basis forloosely coupling external and internal participants. The media-tion part of the pattern is often overlooked and undervalued, yetit is exactly this part of the pattern that makes possible the medi-ating between externally published business APIs and internaltransactional services, thus providing virtualized external servicesin a way that does not require recoding or extension of thetransactional backbone itself.Based on industry standards. This is the perhaps most obviousSOA principle, and in reality not restricted to, or specific for, aservice oriented environment. Having said that, there are certaincharacteristics of a service oriented environment which requireindustry standards beyond protocols and message schemas.Think about a situation in which a partner consumes an externalAPI, provided and published by the enterprise, but the serviceprovider in turn requires the capabilities of four internal services.In this situation, not only must there be an explicit service con-tract between consumer and service provider, but that serviceprovider in turn needs service contracts with the four “sub-providers” that are part of the transactional backbone. Thus thenotion of “wire by contract” (for example, embodied by ServiceComponent Architecture or Service-oriented architectureModeling Language), in which service consumers and providersare recursively (and potentially dynamically) matched basedupon their declared external dependencies. This reality becomesa fundamental tenet of the extended enterprise and must bestandardized in the same fashion as protocols and messageschemas have already been standardized. Furthermore, advancedservice contracts will include policies and SLAs that guide andgovern the interaction according to established agreementsthroughout the extended ecosystem.Leveraging and extending open source technologies. MostChief Information Officers will tell you that open source is aconsideration for the strategic evolution of tools and middle-ware. While most often not on par with vendor provided capa-bilities, open source is often “good enough” for the more stan-dardized aspects of the IT infrastructure. Furthermore, in thecontext of the extended enterprise, apps may often be created by
9IBM Softwarethird-party stakeholders (for example, customers and partners),who in turn may apply open source technology to create thoseapps. Consequently a good IT strategy needs to embrace andextend open source technologies rather than keep open source asa separate, disconnected environment.Providing the platform for a growing ecosystem. The notionof APIs and API management—the idea that external businessinterfaces can be codified and published—is a critical enabler foran extended and growing ecosystem. APIs are business servicesthat provide a managed interface for interaction throughout thecorporate boundary. As such, the full power of SOA can andshould be applied to the creation and management of businessAPIs, importantly including the notion of API registries (oftencalled API catalogs) for publication and externalized EnterpriseService Bus capabilities for integration and mediation.An example of the new business oftechnology in actionHere is an example of how these pieces come together to createan engaging enterprise. Imagine an airline company called“Acme Airlines.” Acme Airlines has two major business goalsthat they are trying to achieve. One goal is to increase sales, andthe other goal is to increase customer satisfaction. Acme leadersbelieve they can help achieve these goals by engaging directlywith customers and external developers using mobile and socialtechnologies.The first step in the process is to create external APIs for severalcore services: price quotes, booking, baggage tracking and flightinformation. All of these services are typically used by third-party travel aggregators, and will provide Acme with new reve-nue streams if they can convince developers to begin using theirAPIs. Acme implements the APIs as REST services that can beeasily identified and called using URLs. The APIs map directlyto internal services running on-premise in their data center.Acme also creates documentation and several sample use casesfor the APIs. Acme then publishes their APIs to a hosted catalogwhere they can easily create a landing page for their content, andlink to popular social networks.The next step is to improve Acme Airline’s mobile application.Currently the airline has a mobile version of their website, butfunctions are limited. Acme moves to a hybrid app model, inwhich the mobile app runs natively on multiple operating sys-tems (and making it possible for the mobile app to be distributedthrough third-party app stores), and the main content is serveddirectly from Acme where it is controlled and maintained. Themain content for the app is written in HTML5, making themost of Acme Airline’s public APIs with added details for eachsupported platform.For flight status and baggage alerts, Acme Airlines adds pushnotifications to their application. This outreach updatescustomers immediately of any issues or changes to their flights.Although most of the content is served directly from Acme, thehybrid approach makes it possible for content such as travel itin-eraries to be encrypted and stored directly on mobile devices.This is an important business advantage, since Acme customerscan access important information in a secure manner even whenthe App is disconnected.Acme has successfully created new external interfaces for theirbusiness, but the airline still must be able to transact businesssuccessfully through these channels. In the past, the team atAcme had struggled to cope with “flash loads,” which occurswhen many travelers attempt to re-book at once during inclem-ent weather. With several new customer channels now available,scalability becomes an even more critical issue. To help mitigatethe problem, the Acme Airlines team adds a dynamic scalingpolicy to their virtualized web application patterns. This makes itpossible for the team to scale-up automatically as load increases.
10 The new business of technology: extend, transact and optimizeTo further improve functions, Acme leaders added a cachingfunction for user sessions, because the function helps preventmultiple calls to back end systems to fetch user data.In addition to scale, the Acme Airlines team needs to ensure thatnew mobile transactions are as secure as possible. The team atAcme implements centralized management over their mobileapp. This action gives them control over which versions of theapp are executed, and the team gains the ability to check theintegrity of the apps that are running on customers’ mobilephones.The Acme Airlines team has added scale and security to ensurethe availability and reliability of transactions in new externalchannels. But the team must still ensure that customer engage-ments through these new channels increase loyalty and customersatisfaction. To make this a reality, the team at Acme attachesbusiness rules to their APIs. The price quote API and thebooking API are associated with rules that evaluate transactionvolume and frequent-flier status. Different discounts are auto-matically applied depending on each customer’s status andfrequency of travel. The team implements another rule thatresponds to flight-related and baggage-related events. Thisprovides a competitive advantage for the airline, because nowwhen an Acme flight is delayed, customers automatically receivea free pass to the airline lounge.The same attachment of rules and APIs can also be used toencourage external developers to leverage their APIs for third-party Apps. Developers in their affiliate program receive cashrewards based on the volume of transactions generated throughtheir Apps that use Acme’s APIs.The fact that this example is somewhat simplistic does not dilutein any way the power of the possibilities before you. The storyof Acme Airlines illustrates how new technologies can improvebusiness outcomes more quickly and more easily when leadersextend, transact and optimize their businesses. The future ofbusiness growth is within your grasp. This is how your companycan become a truly engaging enterprise.The new business of technology: businessconsiderationsAs you go down the path of realizing the vision of an engagingenterprise, recognize that this is not just a technology initiative.It is also a fundamental shift in the way you think about yourbusiness. Becoming a more engaging enterprise is not just aboutinnovating internally with developers on staff. You must findways to employ the innovation that exists within externalcommunities—communities that you do not directly controland can only influence.In the course of engaging with new customers in new markets,you will need to add a practice to your business. This new prac-tice will include professionals who understand the economics ofAPIs and apps. These professionals understand how to engagewith communities of developers outside your organization tohelp them succeed—and through their success, to help you suc-ceed. Prepare to listen to (and respond to) groups of developerswho spend time in social and other communities that you do notnormally monitor and to which you do not normally respond.Prepare to come up with interesting new ways to continue to be“top-of-the-mind” with developers by creating relevant APIs and
11IBM Softwaresocializing them appropriately. Prepare to reach out to develop-ers on a regular basis, going beyond online interaction. Forexample, you might organize app events and contests to thebenefit of your business.As you externalize your enterprise you must think about partner-ships in a different way. You may find that you begin to generatesignificant business through your APIs compared to your exist-ing business model—a shift to selling through other businessesversus selling directly to customers. You must become verysophisticated in terms of creating tiers of APIs that you can offerto the market, so that you are able to continuously providelow-cost entry points, but you are able also to charge premiumsfor differentiated high-value services.Next stepsNew engagements and extensions of your business bring in newchannels of profit—but these new engagements also present newrequirements to traditional workloads. The IBM team can helpyou use the design principles of SOA to meet both imperatives.Engage professionals who know how to help you generateresults quickly. In April 2012, based on analyst firm Gartner’sdefinition of middleware, IBM was once again named the overallmarketshare leader in middleware software. According to theGartner report1, IBM was the leading software vendor, extend-ing its lead to nearly double that of its closest competitor.With IBM, you can expect strong performance, a smallerfootprint and faster startup. Many IBM clients see positiveresults within six to twelve months.For more informationTo learn more about becoming an engaging enterprise, contactyour IBM marketing representative or IBM Business Partner, orvisit the following website: ibm.com/business-agilityAdditionally, IBM Global Financing can help you acquire thesoftware capabilities that your business needs in the most cost-effective and strategic way possible. Well partner with credit-qualified clients to customize a financing solution to suit yourbusiness and development goals, enable effective cash manage-ment, and improve your total cost of ownership. Fund yourcritical IT investment and propel your business forward withIBM Global Financing. For more information, visit:ibm.com/financing