saas software container
DESCRIPTION
SaaS Software Container. By Brian Moore Paul Kopacz. Overview. SaaS Issues Interoperability The Container Framework Major Components Interfaces Sample Flow Future Work. SaaS Issues. Trust - PowerPoint PPT PresentationTRANSCRIPT
SaaS Software Container SaaS Software Container
ByBy
Brian MooreBrian Moore
Paul KopaczPaul Kopacz
OverviewOverview
SaaS IssuesSaaS Issues InteroperabilityInteroperability The Container FrameworkThe Container Framework Major ComponentsMajor Components InterfacesInterfaces Sample FlowSample Flow Future WorkFuture Work
SaaS IssuesSaaS Issues TrustTrust
Users must trust that provider of the SaaS application is Users must trust that provider of the SaaS application is reputable, experienced, will secure and not abuse data, has reputable, experienced, will secure and not abuse data, has good support systemgood support system
InteroperabilityInteroperability Can SaaS applications communicate and exchange data Can SaaS applications communicate and exchange data
with each other as seamless as cutting and pasting in with each other as seamless as cutting and pasting in windows?windows?
Can SaaS applications interact with non SaaS applications Can SaaS applications interact with non SaaS applications in the enterprise or on a desktop?in the enterprise or on a desktop?
OwnershipOwnership Who owns the applications? What does this look like on Who owns the applications? What does this look like on
the balance sheet?the balance sheet?
InteroperabilityInteroperabilityWeb Services Interoperability Organization (WS-I)Web Services Interoperability Organization (WS-I)
Address the interoperability issues with core web services standardsAddress the interoperability issues with core web services standards
““Interoperability refers to the ability of software and hardware on multiple Interoperability refers to the ability of software and hardware on multiple machines from multiple vendors to communicate with each other without machines from multiple vendors to communicate with each other without significant changes on either side.”significant changes on either side.”
Web services as a solutionWeb services as a solution The standards for web services are messaging (SOAP), description The standards for web services are messaging (SOAP), description (WSDL) and discovery and registry (UDDI)(WSDL) and discovery and registry (UDDI)
Interoperability issues arise when individual vendors (Microsoft, Interoperability issues arise when individual vendors (Microsoft, Sun, etc) implement their own custom implementing of these Sun, etc) implement their own custom implementing of these protocols.protocols.Realistically a web service implemented using JAVA on a UNIX Realistically a web service implemented using JAVA on a UNIX machine should be able to be used by a client service on .NET machine should be able to be used by a client service on .NET technology.technology.
The Container FrameworkThe Container FrameworkThe container is a one stop shop for managing different SaaS The container is a one stop shop for managing different SaaS applications from a variety of different vendors all under the applications from a variety of different vendors all under the same roof. This app will:same roof. This app will:
Manage user preferencesManage user preferences Manage user configurationsManage user configurations Allow users to find compatible SaaS applications from registered Allow users to find compatible SaaS applications from registered
UDDI Servers and register for their service.UDDI Servers and register for their service. Monitor the status and health of active SaaS solutionsMonitor the status and health of active SaaS solutions
Two possible methods of controlling the interactions between Two possible methods of controlling the interactions between SaaS applications within the containerSaaS applications within the container
1.1. We could create some kind of protocol that would sit on top of the We could create some kind of protocol that would sit on top of the Service Transportation layer to allow services to communication Service Transportation layer to allow services to communication with each other directly.with each other directly.
Transportation Layer
Communication Layer
Application Layer
Transportation Layer
Communication Layer
Application Layer
SaaS App1 SaaS App2
2. We could create a browser based application to 2. We could create a browser based application to facilitate and monitor communications between facilitate and monitor communications between applicationsapplications
The Container FrameworkThe Container Framework
container
Transportation Layer
Application Layer
SaaS App1
Communication Layer
Transportation Layer
Application Layer
SaaS App2
Communication Layer
Container Communication TypesContainer Communication Types Operator methodOperator method
Container would be the initial contact point for both applications. Container would be the initial contact point for both applications. Container would do negotiations, contracting, monitoringContainer would do negotiations, contracting, monitoring If conditions are meet the container would put two apps in touch If conditions are meet the container would put two apps in touch
with each other with each other
Broker methodBroker method The container would not only be the initial contact point for both The container would not only be the initial contact point for both
applications but the only contact point. applications but the only contact point. All requests and responses go through the container.All requests and responses go through the container.
Second method good for Second method good for security security monitoring monitoring data transfers ( transfer rates, ensuring connections, quality of data transfers ( transfer rates, ensuring connections, quality of
data)data)
Container FrameworkContainer Framework
UDDI
UDDI::
UDDI
SAASUDDIBrowser
Clients
User Interface
Security Engine
CustomersData
Repository
CustomerCare
SaaSProvider
SaaS Provider
SaaSProvider
::
Monitor E
ngine
SaaS AppSaaS App
SaaS App
::
Data Integration Manager
Web S
ervices M
anager
Major ComponentsMajor Components Customer managementCustomer management
Mangers the customers preferences and habits. Such things Mangers the customers preferences and habits. Such things like passwords, preferred applications, personal like passwords, preferred applications, personal information and financial info for registering and paying information and financial info for registering and paying for SaaS appsfor SaaS apps
Register once, use many timesRegister once, use many times The container will take care of negotiations with vendors The container will take care of negotiations with vendors
on behalf of the client on behalf of the client options for options for Automatic negotiation, contract time, EtcAutomatic negotiation, contract time, Etc A recent SearchSecurity.com poll of over 200 people found A recent SearchSecurity.com poll of over 200 people found
that 77% of respondents had six or more passwordsthat 77% of respondents had six or more passwords
Major ComponentsMajor Components User InterfaceUser Interface
Browser based interfaceBrowser based interface Login to containerLogin to container Search options for SaaS applications based on criteria such Search options for SaaS applications based on criteria such
as functionality, price, duration, rating, etcas functionality, price, duration, rating, etc Ability to launch all registered SaaS apps Ability to launch all registered SaaS apps
SaaS apps open in new browser window controlled by the providerSaaS apps open in new browser window controlled by the provider Container will still have reference to browser window to monitor Container will still have reference to browser window to monitor
performance and detect problemsperformance and detect problems
User can see what data is in “Holding” and where it came User can see what data is in “Holding” and where it came fromfrom
User preferences for automating negotiations, time User preferences for automating negotiations, time warnings for usage, connection options, etcwarnings for usage, connection options, etc
Major ComponentsMajor Components SaaS UDDI BrowserSaaS UDDI Browser
Maintain a list of registered SaaS applicationsMaintain a list of registered SaaS applications Proactively search know UDDI registries for SaaS Proactively search know UDDI registries for SaaS
applications (services) that conform to the applications (services) that conform to the container standards for communicationcontainer standards for communication
SaaS applications would register a conforming SaaS applications would register a conforming services with UDDI for us to findservices with UDDI for us to find
The component will also maintain a rating scale The component will also maintain a rating scale for all registered apps in case a decision need to be for all registered apps in case a decision need to be made between multiple same function appsmade between multiple same function apps
Major ComponentsMajor Components
Web Services ManagerWeb Services Manager Manages interactions between exposed web services of the Manages interactions between exposed web services of the
providers as well as requests from the provider to our providers as well as requests from the provider to our exposed web servicesexposed web services
There should also be a “smart service engine” within this There should also be a “smart service engine” within this component that would detect and convert any abstractions component that would detect and convert any abstractions in the providers services that are platform or language in the providers services that are platform or language dependentdependent
Interacts with the Data Integration Manager to retrieve of Interacts with the Data Integration Manager to retrieve of deposit data.deposit data.
Monitor and control the performance of web services Monitor and control the performance of web services
Major ComponentsMajor Components
Data Integration ManagerData Integration Manager Takes all requests from the Web Services Manager for Takes all requests from the Web Services Manager for
depositing data or retrieving data. depositing data or retrieving data. Interacts with the database in order to store the data in the Interacts with the database in order to store the data in the
correct form (Tabular, image, text, etc)correct form (Tabular, image, text, etc) Makes data available through a “Clipboard” type system Makes data available through a “Clipboard” type system
that has an ID and description associated with the data so that has an ID and description associated with the data so the retrieving app can distinguish from other datathe retrieving app can distinguish from other data
Transfer data from one app to the other without Transfer data from one app to the other without
compromising the integrity of the datacompromising the integrity of the data
Interfaces – SaaS AppsInterfaces – SaaS Apps SaaS apps must implement the following interfaces in order to SaaS apps must implement the following interfaces in order to
be compatible with the container system.be compatible with the container system. Signup Service - Container provides the user's name and billing Signup Service - Container provides the user's name and billing
information. An authentication token is returned.information. An authentication token is returned. Terms Service - get the current terms of service for the vendor's Terms Service - get the current terms of service for the vendor's
application (price, durations, security)application (price, durations, security) Login Service - the authentication token is sent along with the Login Service - the authentication token is sent along with the
user's name. A URL to an authenticated session is returned.user's name. A URL to an authenticated session is returned. Authorize Service - sets up a trust between the vendor and the Authorize Service - sets up a trust between the vendor and the
container when the app is first discovered by the container. container when the app is first discovered by the container. Ideally would plug into a WS-Security module (e.g. Rampart)Ideally would plug into a WS-Security module (e.g. Rampart)
Interfaces – ContainerInterfaces – Container Provided by the Container for SaaS applications to access.Provided by the Container for SaaS applications to access. For Data Exchange, status querying, negotiations and contractingFor Data Exchange, status querying, negotiations and contracting Set Formats - An application wants to control which data formats Set Formats - An application wants to control which data formats
it receives. This allows it to set the formats it accepts. Clipboard it receives. This allows it to set the formats it accepts. Clipboard items in formats other than these will not be sent.items in formats other than these will not be sent.
Get Clipboard - returns the contents of the clipboard (restricted by Get Clipboard - returns the contents of the clipboard (restricted by format) of that user.format) of that user.
Put Clipboard Item - Add an item of data to the clipboardPut Clipboard Item - Add an item of data to the clipboard Automatic Data Exchange would have data "channels" instead of Automatic Data Exchange would have data "channels" instead of
items.items. Use a publish-subscribe model. Applications would publish data. Use a publish-subscribe model. Applications would publish data.
Whenever this data changed, the application would send the Whenever this data changed, the application would send the change to the container.change to the container.
Application could subscribe to channels. When the container Application could subscribe to channels. When the container receives new data, it sends it along to any subscribed applications. receives new data, it sends it along to any subscribed applications.
Platform and ImplementationPlatform and Implementation Two real choices: Java or .NETTwo real choices: Java or .NET We chose Java. We chose Java.
Familiarity. Familiarity. Microsoft has public specifications for the core components of the Microsoft has public specifications for the core components of the
framework but will be the only provider of complete .NET framework but will be the only provider of complete .NET development and runtime environments development and runtime environments
"Freeness" of available tools."Freeness" of available tools. Excellent support for Web Services and multiple servlet container Excellent support for Web Services and multiple servlet container
vendors.vendors.
Apache project:Apache project: Tomcat - Application ServerTomcat - Application Server Juddi - UDDI serverJuddi - UDDI server
runs in Tomcatruns in Tomcat Axis/Axis2 - SOAP services and clientsAxis/Axis2 - SOAP services and clients
services run in Tomcatservices run in Tomcat OJB - persistenceOJB - persistence Plus the dozens of dependenciesPlus the dozens of dependencies
Sample FlowSample Flow
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
The container publishes the Management WSDL asa service interface
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
ManagementWSDL
Implementation
SaaS vendors publish Management implementation WSDL
references
Implementation Scope
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
1) Query for implementors
3) Save data
4) List of available applications
5) Presented to user
2) Establish trust
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
1) Sign up
2) Transfer user information,receive login token
3) Save data
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
1) Login3) Send user and token,receive URL
2) Get token
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
4) Open URL
5) User interacts with SaaS application
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
2) Request clipboard items for user
3) Fetch items
4) Return items
1) User requests “paste” from SaaS app
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
1) User requests a copy to clipboard from SaaS app
2) Put data to clipboard
3) Store in database
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
SaaS Vendors
Container
UDDI Database
UDDI Daemon
ManagementWSDL
Data ExchangeWSDL
Implementation Scope
Set acceptable formats
Manage clipboard
Future WorkFuture Work A more user friendly user interfaceA more user friendly user interface
Windows type look and feelWindows type look and feel GraphicalGraphical ConfigurableConfigurable Maintain stateMaintain state
Implement more data exchange optionsImplement more data exchange options Base it on conditionsBase it on conditions Depending on application and size of data an operator type Depending on application and size of data an operator type
method might work better.method might work better. More automated features acting on behalf of the userMore automated features acting on behalf of the user
An introduction of an agent type implementation might An introduction of an agent type implementation might work well herework well here