WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Brokerage Technology Delivery Systems Using WSO2 Integration Platform and SOA Design Patterns
Fidelity Brokerage Technologies (FBT) operates a high volume 24X7 brokerage delivery platform, noted in the industry for its availability and uptime during extremely turbulent times in the market. FBT has integrated its delivery channels over a multi-tier SOA delivery model via SOAP and legacy mainframe interfaces using proprietary and open architectures.
This session will discuss FBT’s objectives to evolve is proprietary delivery system to a Brokerage as a Service (BaaS) platform by leveraging the WSO2 integration platform and other products in the middleware stack.
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
Similar to WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Brokerage Technology Delivery Systems Using WSO2 Integration Platform and SOA Design Patterns
Similar to WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Brokerage Technology Delivery Systems Using WSO2 Integration Platform and SOA Design Patterns (20)
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Brokerage Technology Delivery Systems Using WSO2 Integration Platform and SOA Design Patterns
1. Fidelity Brokerage Technology (FBT)
- a Technology Division of Fidelity Investments
Transforming API Delivery Systems using WSO2 APIM
and ESB Technology
David P. Bonaccorsi Sr. John Marcotte
Director, Architecture Director, Architecture
Fidelity Brokerage Technology Fidelity Brokerage Technology
2. Agenda
• Who is Fidelity
• Our values, business units and history of technology innovation
• Leading Brokerage Transformation towards the new API Economy
• Evolving to BaaS - to an API Strategy with WSO2 technology
• Integrating WSO2 Components into Fidelity’s API solution
• Benefits and lessons learned
3. Who is Fidelity?
• One of the most diversified financial services companies in the world
• A full range of products and solutions for individual investors, employers,
institutions and intermediaries
• $4.3 trillion in assets under administration
• Our clients:
– 20 million individuals and institutions
– 5,000+ financial intermediary firms
• Over 42,000 employees:
– Technology staff in Boston, Raleigh, Dallas, NH, RI, NJ
5. History of Innovation
Fidelity installs a mainframe
computer—one of the first
investment companies to do so
1965
Fidelity is the first to sell funds
directly to individual investors
over the phone
1974
Fidelity launches the first voice-activated
computer response system for price and
yield quotes 24 hours a day
1979 Fidelity is the first mutual fund
company to launch a public
website
1995
Fidelity Labs creates the first
investing app for a smartwatch
2014
VR
Block Chain
Digital $
Fin-Tech
Robo-Advisors
6. Fidelity’s API Evolution
1999-today
Plain Old XML
to/from Cobol
Mapping
Engine
Internal Only
First External
Gateway POX
2004
2009
External SOAP
with 2nd
Gen
API Gateway
External REST API
Enterprise Governance
Registry
Internet-facing API Store
7. API Ecosystem
• Build
• Govern
• Publish
• Discover
• Examine
• Prototype
• Consume
• Evaluate
• Manage
• Run
• Report
• React
8. Registry: SOA Meta-Data Repository
Governance Registry Artifact Types
Allows Customer Feedback on APIs
▪ “APIs are inconsistent”
▪ “Need Improved Documentation”
Build Govern Publish
• Business & Utility Contracts
• Service/API Change Notifications
• Lifecycle Management
• Policy descriptions
• Quality/Consistency scans
10. Service Life Cycle
Business Driven
Service Contracts
✓ Business Capabilities
✓ Negotiation
✓ Context Levels
✓ Policy Definitions
✓ Business Architects
✓ Service Analysts
Service Registry
•Business Capability Inventory
•Brokerage Web Services Inventory
•Services linked to capabilities & components
•Reporting by components – track usage & legacy transition
•Service code quality via Sonar integration
•Service discovery APIs
Service Governance
✓ Service Contract Reviews
✓ Service Architecture Reviews
✓ Service Inventory
✓ SOA driven design
✓ Version Control
✓ SOA Governance Board
Evolve Components
✓ Evolve legacy functions
✓ Improve SLAs
✓ Improve TCO
✓ Measure reuse
✓ Measure quality
✓ Integrate into culture
11. Enterprise Publisher – Supports all Environments
1. API artifact published/copied from
Enterprise Publisher to
Team-managed environment (“push”
model)
2. Environment can be on premise or
cloud hosted
3. API Store per environment to manage
app provisioning and API Subscriptions
4. Dedicated Gateway instances with
SVN deploy synchronization that can
be scaled independently
5. Dedicated Key Manager instances for
token handling that can be scaled
independently
6. Dedicated database to store API
policy, subscription, and permission
metadata
Enterprise
Store
Local
Config
Enterprise
Publisher
APIGWIDServer
APIGWIDServer
DEV
UAT , SIT ,
Perf
APIGWIDServer PRODAPIPUB
APIPUB
APIPUB
https://apipub :9443 /services
https ://apipub :9443 /services
https://apipub:9443/services
APIStore
APIStore
APIStore
Internal
External
https://apipub:9443/services
APIGWIDServerAPIPUB APIStore
SVN
SVN
SVN
SVN
APIGW
APIGW
APIGW
APIGW
Local
Config
Local
Config
Local
Config
Local
Config
Cloud
APIGWIDServerAPIPUB APIStore
Local
Config
https://apipub:9443/services
*
* 1 Per ENV
Ext UAT
12. API Store
Internet-Facing Web API Catalog for
Developers who work for our business clients
Ex. Customer Management
• Account Setup & Maintenance
• User Management
• Account Maintenance
Contract
Swagger
WSDL
Policy
API Store → ‘Brokerage as a Service’
Discover Examine Prototype
Search by Filters and Tags
13. Solution Context Diagram (details to follow)
GW
IDS
ESB
OAuth
Token
BaaS
Client
SSLDMZGateway
Publisher
Internal-facin
g Store
DAS
Services
SSL
Internet-faci
ng Store
Client Tech
Users
14. API Gateway = Traffic Manager for APIs
• Traffic Shaping from Analytics / Policy
• Security
• Mediation (e.g. SOAP to REST)
• Consistency
• Analytics Source
API Gateway→ Runtime Management
Consume EvaluateManage
15. API Gateway / Identity Server – Overview
Ex. Token
67befe161d98ca2cfd991f481ac18289
API Store
SSL
OAuth
Token WSO2 Creates OAuth Token for
interactive testing in Store
Client Engineer deploys Key + Secret from
Store UI to Servers
Internal or
External User
Baas
Client
SSL
DMZGateway
17. API Gateway / End Point Abstraction
SSL
67befe161d98ca2cfd991f481ac1828
Oauth
Token
DMZGateway
BaaS
Client
https://host.intranet.com:9999/common/BrokerageAcctBal/2017/02
21. Data Analytics Server (DAS) Capabilities
A rich set of OOTB Analytics
captures Operational and
Historical Information using
Hbase / Hadoop and Spark
technologies
24. How WSO2 is helping Fidelity
•Buy (Licensing) vs. Build
•Thought Leadership
•Open Source
•Container / Cloud ready
•Expert Support and Consulting
Tips
• Automate early to limit time on
environment engineering
• Think through the needs of different
groups and roles needed
• Explore and understand the
subscription process for internal and
external applications