lessons learned from four years of api management implementation success at unum
TRANSCRIPT
Lessons Learned From Four Years of API Management Implementation Success at Unum
Tom Porterfield
DevOps: API Management and Application Development
Unum
Senior Software Engineer
DO3X98S
@TwitterHandle
#CAWorld
2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
© 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.
The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type
of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.
For Informational Purposes Only
Terms of this Presentation
3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Agenda
ABOUT UNUM
WHERE IT STARTED
PROTECTING CRITICAL ASSETS
THE ROLE OF A MEDIATOR
WHAT IS AN API
PUTTING IT ALL TOGETHER
1
2
3
4
5
6
4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
About UNUM
Who is Unum?
Unum is a leading provider of employee benefits, including disability, life and voluntary insurance. Nearly one in five U.S. employers who provide group long term disability benefits and more than 42 percent of the Fortune 500 do business with Unum.
With operations in the United States and the United Kingdom, Unum is a diverse family of businesses with a 160-year history.
Our family of businesses
Unum Group consists of Unum US and Colonial Life in the United States and Unum UK in the United Kingdom. With primary offices in Chattanooga, Tenn., and Portland, Maine, Unum employs about 10,000 people worldwide.
Unum US is a market leader in group and individual disability benefits in the United States, and is one of the largest providers of group life and voluntary workplace benefits.
Colonial Life is one of the leading providers of voluntary worksite benefits, including disability, life, accident and critical illness coverage, in the United States.
Unum UK is the leading provider of income protection and critical illness coverage in the United Kingdom, and also offers dual benefit and life products and services.
Unum's vision and values
Unum's vision is to be the leading provider of employee benefits products and services that help employers manage their businesses and employees protect their families and livelihoods.
7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
What is SOA
Service Oriented Architecture (SOA) is driven by business agility need, not technical advancements
SOA is an architectural style– Contrary to some vendors, you cannot buy a SOA
– It is about approaches and principles, not fixed technical solutions or patterns
Focuses on reuse, agility, integration, interoperability, standards…
SOA is about the principles of constructing loosely-coupled, reusable, application-agnostic business services
SOA is about focusing on building services that map to business capabilities
8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Unum’s Approach
Business Capability Mapping:
The enterprise Domain Model AKA Business Object Model is a conceptual model, which defines the business objects of interest to the enterprise and how they relate to one another
It may also define critical attributes associated with a given business object, especially if they are needed for business rules; however, this model is not a fully attributed model
This model sets the stage for driving out the enterprise vocabulary that is then expanded upon once the fully attributed data objects are built out in the Enterprise Data and Message Models
9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Unum Enterprise SOA
Service Model (Service Interfaces and Contracts)
Enterprise Data Model, used to drive message entities and contracts
Business Services
Message Based
Workflow
Orchestration
RulesBusiness ServicesRules
Workflow
Orchestration
10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Enterprise Models
IT Owned:
Business Object Model
(aka Domain Model)
Enterprise Data Model
(logical view)
Enterprise Message Model
(physical view) Drives generation of entity schemas
EnterpriseGlossary of
Terms
Central source of all business concepts/objects and terms
identified through project initiatives and used in development of rules.
Provides for an enterprise wide common language and meaning of
terms used in the business.
Database ImplementationData Models
e.g., DB2, SQL Server, Teradata
Logical Data
Model
Physical Data Model
LEGEND:
Green = Enterprise Models
Blue = Database Models (application level)
Pink = Enterprise Glossary
Enterprise Service Model(Service Interfaces
& Contracts)
12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
What is Service Mediation
An intermediate layer between service clients and physical service– Provides a unified interface to service clients
aka virtual service, compared to physical service
– Service clients no longer communicate directly with physical service
– Service mediation can interpret message requests from service clients and decide how to communicate the request to the physical service
– Service mediation is fully trusted by physical service
– From a client perspective, the service response only comes from the mediated (virtual) service. Client is unaware of physical implementation
13 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Benefits of Service Mediation
Separate physical service technical implementation from service clients to allow more flexible service implementation, such as versioning, physical server location and set up, service technology selection and so on– Service mediation exposes virtual service interface with service contract that can be accessed with
industry standard way of communication, but not a particular service communication requirement
– Physical service selects a particular vendor product or technology that fits best with the physical service logic implementation
– Physical Service clients will only care about service contract and use the standard way to access service
Physical service focuses on implementing service logic to deliver business requirements and leaves service mediation to handle additional service requirements, such as security, exception formatting, message validation, etc.
Service mediation applies runtime policy and capabilities to filter message traffic, validate messages, control traffic, route traffic and so on
14 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
CA API Gateway
Used as a mediation gateway for all of our enterprise services (and a number of tactical services) for internal consumers
Provides additional flexibility by decoupling the consumer service endpoint from the physical implementation
– Allowing for split routing
Send message to different physical service based on service version
– Control service availability
Prevent messages from being routed to physical service when that service is scheduled to be unavailable
– Throttle consumer traffic
Prevent a high volume consumer from impacting overall service performance by restricting the amount of traffic that consumer is allowed to send to a service
Optimized for XML
– Very fast schema validation
Prevents invalid messages from ever reaching the physical service
And more…
Role in Unum’s SOA Architecture
18 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Web API and SOA
Web API is one of the masks of SOA service
SOA is not dead
SOA service is from capability provider’s view
Web API is from capability consumer’s view
Web API’s success relies on SOA
service’s maturity
19 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
API Categories
Private– SOAP
– URI Style
Public – URI Style
– Hypermedia Style
Partner– SOAP
– URI Style
20 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
ESB Technology at Unum
ESB = CA API Gateway + IBM Integration Bus
21 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
CA API Gateway as Part of Enterprise Service Bus
Protection– No unauthorized access to services
– Invalid messages stopped at the perimeter
Reliability– Throttle high volume consumers
(BizTalk) to prevent impact to customers
– Enforce usage metrics (Salesforce)
Flexibility– Decouple consumer
from implementation
– Routing based on version or other message content
Securing the Perimeter of the Web Service/API Boundary
CA API Gateway
Service Client
HTTP
IBM Integration Bus
Enterprise Identity
Provider
Management Console
Application Servers
MQ
Mainframe
MDM Server
Informatica
22 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
CA API Gateway in DMZ
Authentication/Authorization
– SAML 2.0 Single Sign-on
Unum EE’s securely access cloud providers
– Workday, Box, Salesforce, BrightIdea, ServiceNow
Partners securely access Unum services
– WS-Security
– OAuth 2.0
Mobile
– Mutual SSL
Lightweight Message Transformation
– SOAP 1.1 to 1.2
– XML to JSON and back
Protection
– Protect against Denial of Service (DoS)
– Protect against replay attack
Securely enable access to Unum resources for partners
Cloud Application
Enterprise Service Bus
Firewal
Admin Portal
Tablet
Web Application
Smart Phone
or PDA
CA API Gateway
Enterprise Identity
Provider
Firewal
24 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Recommended Sessions
SESSION # TITLE DATE/TIME
DO3X102S
Case Study: American Family Insurance Shifts to a
Mobile-First Development Strategy with CA
API Management
Thu Nov 19 at 3:00 pm
DO3T30TTechTalk: Unlock the Value of APIs through Direct and
Indirect Business Models with CA API ManagementThu Nov 19 at 4:30 pm
25 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Must See Demos
Unlock the Value of APIs
API Developer Portal
Theater 3
Simplify API Design & Creation
Live API Creator
Theater 3
Accelerate Mobile/IoTDevelopment
Mobile App Services
Theater 3
Extend Existing Architectures
API Gateway
Theater 3
26 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
For More Information
To learn more, please visit:
http://cainc.to/Nv2VOe
CA World ’15