lessons learned from four years of api management implementation success at unum

Lessons Learned From Four Years of API Management Implementation Success at Unum

Tom Porterfield

DevOps: API Management and Application Development

Unum

Senior Software Engineer

DO3X98S

@TwitterHandle

#CAWorld

2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

© 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.

The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type

of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.

For Informational Purposes Only

Terms of this Presentation


Agenda

ABOUT UNUM

WHERE IT STARTED

PROTECTING CRITICAL ASSETS

THE ROLE OF A MEDIATOR

WHAT IS AN API

PUTTING IT ALL TOGETHER

1

2

3

4

5

6


About UNUM

Who is Unum?

Unum is a leading provider of employee benefits, including disability, life and voluntary insurance. Nearly one in five U.S. employers who provide group long term disability benefits and more than 42 percent of the Fortune 500 do business with Unum.

With operations in the United States and the United Kingdom, Unum is a diverse family of businesses with a 160-year history.

Our family of businesses

Unum Group consists of Unum US and Colonial Life in the United States and Unum UK in the United Kingdom. With primary offices in Chattanooga, Tenn., and Portland, Maine, Unum employs about 10,000 people worldwide.

Unum US is a market leader in group and individual disability benefits in the United States, and is one of the largest providers of group life and voluntary workplace benefits.

Colonial Life is one of the leading providers of voluntary worksite benefits, including disability, life, accident and critical illness coverage, in the United States.

Unum UK is the leading provider of income protection and critical illness coverage in the United Kingdom, and also offers dual benefit and life products and services.

Unum's vision and values

Unum's vision is to be the leading provider of employee benefits products and services that help employers manage their businesses and employees protect their families and livelihoods.

It Started With SOA


What is SOA

Service Oriented Architecture (SOA) is driven by business agility need, not technical advancements

SOA is an architectural style– Contrary to some vendors, you cannot buy a SOA

– It is about approaches and principles, not fixed technical solutions or patterns

Focuses on reuse, agility, integration, interoperability, standards…

SOA is about the principles of constructing loosely-coupled, reusable, application-agnostic business services

SOA is about focusing on building services that map to business capabilities


Unum’s Approach

Business Capability Mapping:

The enterprise Domain Model AKA Business Object Model is a conceptual model, which defines the business objects of interest to the enterprise and how they relate to one another

It may also define critical attributes associated with a given business object, especially if they are needed for business rules; however, this model is not a fully attributed model

This model sets the stage for driving out the enterprise vocabulary that is then expanded upon once the fully attributed data objects are built out in the Enterprise Data and Message Models


Unum Enterprise SOA

Service Model (Service Interfaces and Contracts)

Enterprise Data Model, used to drive message entities and contracts

Business Services

Message Based

Workflow

Orchestration

RulesBusiness ServicesRules

Workflow

Orchestration


Enterprise Models

IT Owned:

Business Object Model

(aka Domain Model)

Enterprise Data Model

(logical view)

Enterprise Message Model

(physical view) Drives generation of entity schemas

EnterpriseGlossary of

Terms

Central source of all business concepts/objects and terms

identified through project initiatives and used in development of rules.

Provides for an enterprise wide common language and meaning of

terms used in the business.

Database ImplementationData Models

e.g., DB2, SQL Server, Teradata

Logical Data

Model

Physical Data Model

LEGEND:

Green = Enterprise Models

Blue = Database Models (application level)

Pink = Enterprise Glossary

Enterprise Service Model(Service Interfaces

& Contracts)

Mediation’s Role


What is Service Mediation

An intermediate layer between service clients and physical service– Provides a unified interface to service clients

aka virtual service, compared to physical service

– Service clients no longer communicate directly with physical service

– Service mediation can interpret message requests from service clients and decide how to communicate the request to the physical service

– Service mediation is fully trusted by physical service

– From a client perspective, the service response only comes from the mediated (virtual) service. Client is unaware of physical implementation


Benefits of Service Mediation

Separate physical service technical implementation from service clients to allow more flexible service implementation, such as versioning, physical server location and set up, service technology selection and so on– Service mediation exposes virtual service interface with service contract that can be accessed with

industry standard way of communication, but not a particular service communication requirement

– Physical service selects a particular vendor product or technology that fits best with the physical service logic implementation

– Physical Service clients will only care about service contract and use the standard way to access service

Physical service focuses on implementing service logic to deliver business requirements and leaves service mediation to handle additional service requirements, such as security, exception formatting, message validation, etc.

Service mediation applies runtime policy and capabilities to filter message traffic, validate messages, control traffic, route traffic and so on


CA API Gateway

Used as a mediation gateway for all of our enterprise services (and a number of tactical services) for internal consumers

Provides additional flexibility by decoupling the consumer service endpoint from the physical implementation

– Allowing for split routing

Send message to different physical service based on service version

– Control service availability

Prevent messages from being routed to physical service when that service is scheduled to be unavailable

– Throttle consumer traffic

Prevent a high volume consumer from impacting overall service performance by restricting the amount of traffic that consumer is allowed to send to a service

Optimized for XML

– Very fast schema validation

Prevents invalid messages from ever reaching the physical service

And more…

Role in Unum’s SOA Architecture

What is an API


Web API and SOA

Web API is one of the masks of SOA service

SOA is not dead

SOA service is from capability provider’s view

Web API is from capability consumer’s view

Web API’s success relies on SOA

service’s maturity


API Categories

Private– SOAP

– URI Style

Public – URI Style

– Hypermedia Style

Partner– SOAP

– URI Style


ESB Technology at Unum

ESB = CA API Gateway + IBM Integration Bus


CA API Gateway as Part of Enterprise Service Bus

Protection– No unauthorized access to services

– Invalid messages stopped at the perimeter

Reliability– Throttle high volume consumers

(BizTalk) to prevent impact to customers

– Enforce usage metrics (Salesforce)

Flexibility– Decouple consumer

from implementation

– Routing based on version or other message content

Securing the Perimeter of the Web Service/API Boundary

CA API Gateway

Service Client

HTTP

IBM Integration Bus

Enterprise Identity

Provider

Management Console

Application Servers

MQ

Mainframe

MDM Server

Informatica


CA API Gateway in DMZ

Authentication/Authorization

– SAML 2.0 Single Sign-on

Unum EE’s securely access cloud providers

– Workday, Box, Salesforce, BrightIdea, ServiceNow

Partners securely access Unum services

– WS-Security

– OAuth 2.0

Mobile

– Mutual SSL

Lightweight Message Transformation

– SOAP 1.1 to 1.2

– XML to JSON and back

Protection

– Protect against Denial of Service (DoS)

– Protect against replay attack

Securely enable access to Unum resources for partners

Cloud Application

Enterprise Service Bus

Firewal

Admin Portal

Tablet

Web Application

Smart Phone

or PDA

CA API Gateway

Enterprise Identity

Provider

Firewal


Q & A


Recommended Sessions

SESSION # TITLE DATE/TIME

DO3X102S

Case Study: American Family Insurance Shifts to a

Mobile-First Development Strategy with CA

API Management

Thu Nov 19 at 3:00 pm

DO3T30TTechTalk: Unlock the Value of APIs through Direct and

Indirect Business Models with CA API ManagementThu Nov 19 at 4:30 pm


Must See Demos

Unlock the Value of APIs

API Developer Portal

Theater 3

Simplify API Design & Creation

Live API Creator

Theater 3

Accelerate Mobile/IoTDevelopment

Mobile App Services

Theater 3

Extend Existing Architectures

API Gateway

Theater 3


For More Information

To learn more, please visit:

http://cainc.to/Nv2VOe

CA World ’15

http://cainc.to/Nv2VOe

http://bit.ly/1wbjjqX