Service Delivery Broker - Digital Services Management
1. Service Delivery Broker
Digital Services Management
Direção de Internet e Tecnologia
June 2015
António Cruz
+351 962 041 948
antonio.j.cruz@telecom.pt
This document is confidential. Unauthorized use or disclosure of the included information is strictly prohibited.
3. EXECUTIVE
SUMMARY
Service Delivery Broker (SDB), a Cloud product
developed at PT/SAPO, drastically reduces
development effort and time-to-market of
innovative multi-channel apps and services.
SDB is a proven, reliable, multi-tenant and
cloud-scalable SOA platform, architected to
support end-to-end services lifecycle
management, and standards-based integration
in mission-critical environments.
5. Packaged application vendors and SaaS providers are
taking service orientation for granted, and, more and more,
are publishing the functionality they sell as Web APIs.
Mobile applications increasingly use private and public APIs
to access enterprise systems of record, necessitating
adequate governance and oversight.
“
The Case for APIs
6. Whether it is technology or service providers offering their
functionality, or private companies giving access to some of
their data according to different charging models, the
number of APIs available publicly grows by the day. Their
usage is multiplied by a growing population of mobile
devices and computing platforms (Web, tablets,
smartphones, TVs, video game consoles, cars and more,
such as "things" in the Internet of Things [IoT]) ”
Source: Gartner Magic Quadrant for Application Services Governance, April 2015
The Case for APIs
7. API Business Ecosystem
Historically, the front, middle
and back offices of an
enterprise were integrated
point to point by tight coupling,
suitable only for a small
number of integrations.
1
Front office
Business ecosystem
Middleoffice
Backoffice
EDI
8. API Business Ecosystem
With SOA, enterprises adopted
an architecture using a service
bus for integration, creating
loose coupling and the
potential for reuse and
flexibility. The complexity of
integration meant use
remained largely internal to the
enterprise.
2
Enterprise
service bus
(SOA)
Business ecosystem
EDIEDI
9. API Business Ecosystem
The new architectural principle
and programming model based
on RESTful APIs reduces
integration cost and
complexity, so integrations can
scale for many internal as well
as external.
Source: PwC Technology
Forecast 2012, Issue 2 – The
Business Value of APIs
3
Business ecosystem
API
10. Project Background
In order to sustain its Web Ads business, PT/SAPO’s network of over
required managing and
integrating a lot of
heterogenous APIs,
capabilities and
content.
business partners
and providers200
11. Project Background
The main business drivers were:
Faster
time-to-market
to build and launch
innovative services.
Multichannel apps
development
agility
(Mobile, Web,
and TV)
12. Project Background
The main business drivers were:
A standardized
catalog, made of
agnostic and
reusable APIs.
Developers should
not have to worry
about transversal
aspects such as
authentication,
authorization,
access policies,
transformations,
caching, etc., on
every project, over
and over again.
13. SDB Today
SDB is a multi-tenant, carrier-grade, high-performance and
high-available cloud solution, developed by PT/SAPO.
Today it delivers:
40million
requests/day
7000
APIs endpoints
13TB
data traffic/month
23%
GROWTH
YoY
14. SDB Today
Enabling API lifecycle
management,
authentication,
authorization, E2E tracing,
intermediate routing, data
format and data model
transformations, policy
enforcement, validation,
caching, etc.
Based on Service
Orientation principles, ITSM
best practices and
implementing industry
standards:
W3C/OASIS/IETF, ITIL,
OAuth 2.0, OpenID
Connect, etc.
SDB is a multi-tenant, carrier-grade, high-performance and high-available cloud
solution, developed by PT/SAPO.
18. Use Cases and Awards
In extensive use since 2006,
SDB became a key enabler
for building a
service-oriented architecture
at PT Group.
It currently manages
thousands of APIs endpoints,
enabling application
capabilities across online,
IPTV and telco services.
SDB was recognised by
TMForum as “a proven,
reliable and cloud-scalable
platform that enables
end-to-end service lifecycle
management and
standards-based integration
for mission critical,
service-oriented
environments”.
Pipeline Innovation Awards
recognized SDB as “a top
innovator for advancements
in the following
communications technology
categories: Cloud and
Product Innovation”.
Deployed at Oi since May
2014, SDB manages and
provides secure access to Oi
APIs and applications to
partners and integrators,
providing insight on product
usage and reducing
customer complaints by
easing diagnostics with its
extensive tracing facilities.
19. The PT Service Delivery Broker solution
is particularly noteworthy as it fulfils
many of the requirements for a Cloud
Service Broker while adding robust
tools and industry standards based
governance to effectuate compliance
with SOA Best Practices and efficient
Product and Service Lifecycle
Management.
Eric G Troup
CTO, WW Communications and Media Industry
Microsoft Corporation
Portugal Telecom/SAPO’s Service
Delivery Broker will solve and speed up
current monetization challenges
Telcos’s industry faces nowadays,
optimizing their opportunities, reducing
their time-to-market and development
effort in a more quick and inexpensive
way.
Sérgio Martins
Home Entertainment Product Manager
LG Portugal
Web services by INE's statistical
information, available through the
Service Delivery Broker, enables the
diffusion of statistical indicators in a
simple, efficient and responsive way
that adapts to the needs of Internet
users in Portugal.
Maria Manuela Martins
Chief of the Communications and Image
Services
Instituto Nacional de Estatística
References
22. Service Orientation is not Optional
SOA drastically reduces complexity associated to multi-platform, multi-vendors, multi-programming environments.
GOING FROM...
Similar apps requiring multiple connections to each resource.
Knowledge of the source code
for each resource is necessary
Forcing usage of specific
programming languages
Consumer applications are
coupled with underlying
technology ContentIT ResourcesNetwork Resources
23. SOA drastically reduces complexity associated to multi-platform, multi-vendors, multi-programming environments.
...TO
Similar app interfaces will be developed in specific languages
but standard resource interfaces are already available.
Knowledge of underlying
resources technology is not
necessary
Developers code in their most
proficient language against
standardized interfaces
Most common infrastructure
aspects are abstracted and
standardized ContentIT ResourcesNetwork Resources
Enterprise APIs Catalog
Domain APIs
Service Delivery Broker
Service Orientation is not Optional
24. Agile Development and Delivery
Most common features are enabled through a configuration.
APIs
Marketplaces
TV
Web
MobileDomain-Specific
APIs
Enterprise APIs
Catalog
Messaging
Content
TV
BSS/OSS
IaaS
PaaS
Service Delivery Broker
Concept
Design
Develop
Deploy
Operate
Retire
25. Users and apps authentication
Resources access authorization
Access policies (e.g. throttling)
Data & format transformations
Content-based routing
Web caching
Load-balancing
API compositions
Stateless workflows
Payment/billing/provisioning
integration
Agile Development and Delivery
Most common features are enabled through a configuration.
26. Solution Logical Architecture
SDB Marketplace
SDB Runtime
SDB Support Services
Service Enablers
Network Data/IT External
SDB Connect SDB Backoffice
APIs
Identity Gateway Product Lifecycle Management
Token Manager
Application Manager
Apps
Catalog
Authenticate
Transform
Cache
Validate
Route
Throttle
...
Transaction Trade Configuration Metadata Notification Usage Metric Incident Import/Export ...
API Lifecycle Management
Run as a
Cloud Service
AND / OR
Run on
Premises
Define a Concept Create a Product Offer In Business
Concept Design Develop Deploy Operate Change
TVWebMobile 3 PartiesOthers
30. GROWTH
YoY
API Lifecycle Management
Process-driven activities that must be done in collaboration.
Based on best practices and industry standards:
CONCEPT
Service Manager
DESIGN
Service Designer
DEVELOP
Service Developer
DEPLOY
Service Transition
Manager
OPERATE
Service Operator
RETIRE
Change Manager
31. Role-Based Access Control
Granular profiles
and access authorizations
to all configuration items.
Product
Manager
API/App
Developer
Transition
Manager
Partner
Service
Operator
32. Real-Time End-To-End Tracing
Visibility on what apps Users accessed, what APIs those apps accessed,
and what resources those APIs accessed.
APP
“VOD App on iOS”
USER
“john@gmail.com”
RESOURCE
“Server A on Farm X”
API
“SubscriberManagement API”
35. Event Management
Real-time notifications on interesting events, thresholds violations, and abnormal conditions.
Client App SDB Runtime
ServiceHitBegin
OutboundRequestBegin
OutboundRequestEnd
ServiceHitEnd
Service Enabler
Complex Event
Processor Engine
Notifications
Subscribers
Output
DB
Event Streams
Aggregate, Filter, and Correlate
Store
Notify
36. Complex Event Processing (CEP)
SDB Runtime
ServiceHitBegin
Output
CEP Statement
Running inside
the CEP engine
Event Stream
select current_time() as Time, count(*) as Value
from ServiceHitBegin(Service="XPTO").win:time_batch(1 second)
Deploying of new metrics through a configuration
Results can be sent to a database, URL, email, Role, etc.
• Filters events of XPTO service from ServiceHitBeginstream
• Sums all filtered events
• Executes every 1 second
• Notifies other interested parties and/or services
39. OAuth Protocol
OAuth is a open standard for authorization.
It provides... a method for clients to access server
resources on behalf of a resource owner
(such as a different client or an end-user).
a process for end-users to authorize
third-party access to their server resources
without sharing their credentials (typically,
a username and password pair), using
user-agent redirections.
40. Old Enterprise
Identity management is
centralized and internal
Service provider controls
users access to resources
UsersResources
The OAuth Shift
(Hybrid)
New Enterprise
Identity management is
decentralized and external
Users control apps access
to resources
Apps
UsersResources
Apps
41. OpenID Connect Protocol
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
It allows... clients to verify the identity of the End-User
based on the authentication performed by an
Authorization Server, as well as to obtain basic
profile information about the End-User in an
interoperable and REST-like manner.
clients of all types, including Web-based,
mobile, and JavaScript clients, to request and
receive information about authenticated
sessions and end-users.
42. SERVICE DELIVERY BROKER BACKENDFRONTEND
Security Model for Apps and APIs
SDB Tenant
Administrator
SDB Runtime
SDBSupport
Services
SDB
Backoffice
Social Identity AdaptersFacebook, Google,
Twitter, LinkedIn, etc...
Web-based
App
App User
Corporate IdPs WS-Federation Adapter
Token
Manager
Identity
Gateway
Apps
Auth
Config
SDB Connect
APIs
6
2
3
4
OAuth 2.0
OpenID Connect
Tokens
5
1
7
48. Product Differentiation
Several SDB differentiating aspects make it a best choice, when comparing to
other proposals:
Lightweight and standards-based, SDB integrates existing processes, securing,
extending and evolving systems and applications in an incremental, non-intrusive way
that adjusts to any kind of business.
Closely following TM Forum and ITSM best practices, SDB ensures that governance
and best practices are followed and validated by automating the service
management lifecycle, from Service Design through Development, Transition, and
Operation.
Offering a natural, easy-to-follow experience for each service management role, SDB
drastically minimizes the effort needed to use, create, configure, test, publish and
monitor well-designed services in multi-channel, multi-platform environments.
Delivered as a multi-tenant cloud service, and supporting pay-as-you-go models for
both service providers and consumers, SDB is able to offer the best cost/value
relationship.
49. Target Audience
...looking for a functionally
complete application
services governance
technology and services
set.
...looking to enforce
governance through
everyday decisions, and
devising several policies
that must be adhered to.
...trying to adopt a digital
operating model, powered
by Web APIs and supported
by API management
platforms.
In the process, they also
want to open new business
opportunities for their
enterprises in permeable
digital ecosystems.
...looking for application
services governance
functionality, developer
portals, API metering and
billing.
Project Teams
Enterprise
Architects CIOs / CTOs Companies
50. Take-Aways
SDB Runtime & Backoffice
Drastically accelerate launch of multi-channel application and services.
Reduce capital and operational expenditure on integration effort.
Standard policies and guidelines for application and services development.
API management lifecycle based on TM Forum/ITSM best practices.
SDB Connect
Agile integration between applications and internal/external identity providers.
Standards-based user login and application access to services on web, mobile and TV applications.
Integrated multi-channel application access management for user, developer and service provider roles.
SDB Marketplace & Backoffice
Fast time-to-market and monetization of API-based product offers.
Flexible configuration of both subscription and pay-per-use business models.
Self-service portals for managing offers, subscriptions, access and metering.
51. Service Delivery Broker Facets
Service
Delivery
Broker
ITSM
Practices
IAM
as a
Service
API
Marketplace
SOA
Governance
52. Service Delivery Broker
Digital Services Management
Direção de Internet e Tecnologia
June 2015
António Cruz
+351 962 041 948
antonio.j.cruz@telecom.pt
This document is confidential. Unauthorized use or disclosure of the included information is strictly prohibited.