Enterprises Seek Ways to Exploit Web Application Mashups and Lightweight Data Presentation Techniques

Transcript of BriefingsDirect podcast on data mashups with IBM and Kapow.

Listen to the podcast here. Sponsor: Kapow Technologies.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to BriefingsDirect. Today, a sponsored podcast discussion about the state of choice in the modern enterprise around development and deployment technologies.

These days, developers, architects and even line-of-business managers have many choices. This includes things like Web applications, software-as-a-service (SaaS), Services Oriented Architecture (SOA), RESTful applications, mashups, pure services off the Web, and pure services from within an Intranet or even the extended enterprise. We’re talking about RSS and Atom feeds, and, of course, there is a traditional .NET and Java going on.

We also see people experimenting with Ruby and a lot of use around PHP and scripting. The good news is that there are a lot of choices. The bad news is also that there are a lot of choices.

Some of these activities are taking place outside the purview of IT managers. People are being innovative and creative, which is good, but perhaps not always in the way that IT would like in terms of security and access control. These newer activities may not align with some of the larger activities that IT needs to manage -- which many times these days includes consolidation, unification, and modernization of legacy applications.

To help us weed through some of the agony and ecstasy of the choices facing application development and deployment in the enterprise, we have on the call, Rod Smith. Rod is Vice President of Internet Emerging Technologies at IBM. Welcome to the show, Rod.

Rod Smith: Thank you very much. It’s nice to be here.

Gardner: We also have Stefan Andreasen, the Founder and CTO of Kapow Technologies. Welcome to the show, Stefan.

Stefan Andreasen: Thank you.

Gardner: Let’s go first to Rod. We spoke last spring about these choices and how there are, in effect, myriad cultures that are now involved with development. In past years, development was more in a closed environment, where people were under control … white coats, raised floors, and glass rooms come to mind. But now it’s more like the Wild West. What have you been finding in the field, and do you see this as chaos or opportunity?

Smith: A little of both. In times of innovation you get some definite chaos coming through, but IT, in particular, and line of businesses see this as a big opportunity. Because of SOA and the other technologies you mentioned, information is available, and line of business is very interested in capturing new business opportunities.

Time to market is getting shorter, and getting squeezed all the time. So you’re seeing line of business and IT coming together around what they have to do to drive more innovation and move it up a couple of notches, from a business perspective.

Open standards now are very important to IT. Line of business, with mashups in particular, can use those types of services to get the information and create solutions they couldn’t do in the labs, when the propeller heads and others had to be involved five or 10 years ago.

Gardner: So we have dual or maybe multiple tracks going on. I suppose what’s missing is methodological and technical management. That’s an area where IBM has been involved for some time. Does IBM look at this as an opportunity?

Smith: A big opportunity. And you hit it on the head. The methodology here is very different from the development methodology we’ve been brought up to do. It’s much more collaborative, if you’re line of business, and it’s much more than a set of specifications.

Here is where we’re seeing people talk about building mashups. Usually they have a really good idea that comes to mind or something that they think will help with a new business opportunity.

Often the second question -- and we’ve seen a pattern with this -- is “Where is the data? How do we get to the data? Can IT open it up for us? Do line-of-business people have it in spreadsheets?” Typically, when it’s valuable to the business, they want to catalog it and put it together, so other people can share it. Finally, they do a mashup.

So methodology is one of the things we call a self-service business pattern. It starts with the idea, from a developer standpoint. "I really need to understand the business. I need to understand the time to market and the partnerships, and how information can be exposed." Then, they get down into some of the details. "I've got to do it quickly."

What we are seeing from an opportunity standpoint is that many businesses, when they see an opportunity, want a vendor to respond in 30 days or less, [and do more] within six months down the road. So that’s a challenge, and it is an opportunity. We think about tooling and middleware and services. How can we help the customer?

Gardner: Let’s go to Stefan. When you see these activities in the enterprise around mashups, SOAP, REST, HTML and XML, there’s an opportunity for bridging the chaos, but I suppose there’s also a whole new type of development around situational applications.

That is to say that, an opportunity exists to access content that hadn’t really been brought into an application development activity in the past. Can you tell us a little bit about what you’re seeing in the enterprise and how these new types of development are manifesting themselves?

Andreasen: Let me comment on the chaos thing a little bit. It’s important to understand the history here. At first, central IT worked with all their big systems. Line of business really didn’t have any access to IT or tools themselves, until recently when they got desktop tools like Excel.

This current wave is really driven by line of business getting IT in their own hands. They’ve started using it, and that’s created the chaos, but chaos is created because there is a need.

Now, with the Web 2.0 and the mashup wave, there is an acknowledgement of a big need here, as Rod also said. So it’s necessary to understand why this is happening and why it is something that’s very important.

Gardner: These end-users, power users, these line of business folks, they’ve been using whatever tools have been available to them, even if it’s an Excel spreadsheet. I suppose that gives them some productivity, but it also leaves these assets, data and content, lying around on hard drives in a fairly unmanaged perspective.

Can we knock two birds down with one stone in terms of managing this chaos in terms of the data, but also bring together some interface and application development benefits?

Andreasen: The worst thing would be to shut it down, of course. The best thing that’s happening now is acknowledging that line-of-business people need to do their own thing. We need to give them the tools, environments and infrastructure so they can do it in a controlled way -- in an acceptable, secured way -- so that your laptop with all of your customer data doesn't get stolen at the airport.

When we talk about customer data, we leap back to your earlier question about data. What are line-of-business people working with? Well, they’re working with data, analyzing data, and finding intelligence in that data, drawing conclusions out of the data, or inventing new products with the data. So the center of the universe here for this IT work is really dealing with data.

Gardner: SOA is one of the things that sits in the middle between the traditional IT approaches and IT development and then these newer activities around data, access, and UIs and using Web protocols.

I wonder if you think that that’s where these things meet. Is there a way to use an enterprise service bus (ESB) for checking in and out of provisioned or governed services? Is there a way that mashups and the ERP applications meet up?

Smith: The answer is yes. Without SOA we probably wouldn't have gotten to a place where we can think about mashable content or remixable content.

What you are seeing from customers is the need to take internal information and transform it into XML or RESTful services. There’s a good match between ESB things … [and] thinking about security and other pieces of it, and then building the Rich Internet Application (RIA) type of applications.

The part you touched on before is interesting, too. And I think Stefan would agree with me. One thing we learned as we opened up this content is that it isn't just about IT managing or controlling it. It’s really a partnership now.

One thing Stefan has with Kapow that really got us talking early was the fact that for Stefan’s content they have a freshness style. We found that same thing is very important. The line of business wants to be involved when information is available and published. That’s a very different blending of responsibility than we've seen before on this.

So thinking forward you can imagine that while you are publishing this, you might be putting it into a catalog repository or into services. But it also has to available for line of business now to be able to look at those assets and work with IT on when they should be available to business partners, customers and others.

Gardner: It’s interesting you mentioned the word "publish," and it’s almost as if we are interchanging the words "publishing" and "application development" in the sense that they are munging or overlapping.

Does that fit with what Kapow has been seeing, Stefan, that publishing and syndication are now a function of application development?

Andreasen: There are several sides to this question of which data you need, how to access it, how it is published, etc. One thing you are talking about is line of business publishing their data so other people can use it.

I split data into several groups. One is what I call core data, the data that is generally available to everybody in the company and probably sits in your big systems. It’s something everybody has. It’s probably something that's service-oriented or is going to be very soon.

Then there is the more specialized data that’s sitting out in line of business. There's a tendency now to publish those in standard formats like RSS, RESTful services, etc.

There's is a third group, which I call intelligence data. That's hard to find, but gives you that extra insight, extra intelligence, to let you draw a conclusion which is different from -- and hopefully better than -- your competitors’.

That’s data that’s probably not accessible in any standard way, but will be accessible on the Web in a browser. This is exactly what our product does. It allows you to turn any Web-based data into standard format, so you can access what I call intelligence data in a standard fashion.

Gardner: This is the type of data that had not been brought into use with applications in the past?

Andreasen: That is correct. There is a lot of information that’s out there, both on the public Web and on the private Web, which is really meant to be human-readable information. You can just think about something as simple as going to U.S. Geological Service and looking at fault lines of earthquakes and there isn't any programmatic API to access this data.

This kind of data might be very important. If I am building a factory in an earthquake area, I don’t want to buy a lot that is right on the top of a fault line. So I can turn this data into a standard API, and then use that as part of my intelligence to find the best property for my new factory.

Smith: When we talk of line of business, it’s just not internal information they want. It's external information, and we really are empowering these content developers now. The types of applications that people are putting together are much more like dashboards of information, both internally and externally over the Internet, that businesses use to really drive their business. Before, the access costs were high.

Now the access costs are continuing to drop very low, and people do say, "Let’s go ahead and publish this information, so it can be consumed and remixed by business partners and others,” rather than thinking about just a set of APIs at a low level, like we did in the past with Java.

Gardner: How do we bring these differing orbits into alignment? We've got people who are focused on content and the human knowledge dimension -- recognizing that more and more great information is being made available openly through the Web.

At the same time, we have this group that is API-minded. I guess we need to find a way of bringing an API to those folks who need that sort of interface to work with this data, but we also need for these people to take this data and make it available in such a way that a developer might agree with it or use it.

How does Kapow work between these constituencies and make one amenable to the other? We're looking for a way to bind together traditional IT development with some of these “mashupable” services, be it internal content or data or external services off of the Web.

I wonder what Kapow brings to the table in terms of helping these two different types of data and content to come together -- APIs versus content?

Andreasen: If you want to have automatic access to data or content, you need to be able to access it in a standard way. What is happening now with Web Oriented Architecture (WOA) is that we're focusing on a few standard formats like RESTful services and on feeds like RSS and Atom.

So first you need to be able to access your data that way. This is exactly what we do. Our customers turn data they work with in an application into these standard APIs and feeds, so they can work with them in an automated way.

It hadn’t been so much of a problem earlier, maybe because there wasn’t so much data, and people could basically cut and paste the data. But with the explosion of information out there, there's a realization that having the right data at the right time is getting more and more important. There is a huge need for getting access in an automated way.

How do line-of-business people work with the data? Well, they work with the data in the application interface. What if the application interface today is your browser?

Kapow allows the line-of-business people to automatically access data the way they worked with it in their Web browser.

That’s a very powerful way of accessing data, because you don't have to have an extra level of IT personnel. You don't have to first explain, "Well, this is the data I need. Go find it for me." And then, maybe you get the wrong data. Now, you are actually getting the data that you see the way you want.

Gardner: Another aspect to this is the popularity of social networking and what's known as the "wisdom of crowds" and wikis. A lot of contributions can be brought into play with this sort of gray area between content and publishing, different content feeds, and exposure and access and the traditional IT function.

Wikis have come into play, and they have quite a bit of exposure. Maybe you have a sense of how these worlds can be bridged, using some of what's been known as social networking?

Smith: Software development now is much more of a social networking activity than an engineering activity. At IBM, we have Blog and Wiki Central, where people use wikis to get their thoughts down and collectively bring an idea about.

Also at IBM, we have Innovation Jam, which we hold every year, and which brings in hundreds of thousands of people now. It used to be just IBM, but we’ve opened it up this last year to everyone, friends and family alike, to come up with ideas.

That part is great on the front end. You then can have a much better idea of what the expectations are, and what a user group wants. They're usually very motivated to stay in the loop to give you feedback as you do development.

The big part here is when it comes to doing mashups. It's the idea that you can produce something relatively quickly. With IBM’s QEDWiki, we like the idea that someone could assemble an application, wire it together in the browser, and it has the wiki characteristics. That is, it's stored on the server, it’s versioned as to enterprise characteristics, and it’s sharable.

It’s a key aspect that it has to be immediately deployable and immediately accessible by the folks that you are networking with.

That relates to what Stefan was saying and what you were asking about on how to bridge the two worlds of APIs and content. We're seeing now that as you think about the social networking side, people want the apps built into dashboards.

The more forward-thinking people in IT departments realize that the faster they can put together publishable data content, they can get a deeper understanding in a very short time about what their customers want.

They can then go back and decide the best way to open up that data. Is it through syndication feeds, XML, or programmatic API? Before, IT had to guess usage and how many folks might be touching it, and then build it once and make it scalable.

We’re doing things much more Agile-wise and building it that way, and then, as a flip, building the app that’s probably 80 percent there. Then IT can figure out how they could open up the right interfaces and content to make it available broadly.

Gardner: Stefan, could you give us some examples of user scenarios, where Kapow has been brought in and has helped mitigate some of the issues of access to content and then made it available to traditional development? Is there a way for those folks who are perhaps SOA-minded, to become a bit more open to what some people refer to as Web-Oriented Architecture?

Andreasen: One example that was mentioned in The Wall Street Journal recently in an article on mashups. It was on Audi in Germany. They are using our product to allow line of business to repurpose existing Intranets.

Let’s say that a group of people want to take what’s already there, but tweak it, combine it, and maybe expose it as a mobile application. With our tool, they can now do that in a self-service way, and then, of course, they can share that. What’s important is that they published this mini-mashup into their WebSphere portal and shared it with other people.

Some of them might just be for individual use. One important thing about a mashup is that an individual often creates it. Then it either stops there, because only that individual needs it – or it can also grow into company-wide use and eventually be taken over by central IT, as a great new way to improve performance in the entire company. So that shows one of the benefits.

Other examples have a lot to do with external data -- for example, in pricing comparisons. Let’s say I'm an online retailer and suddenly Amazon enters the market and starts taking a lot of market share, and I really don’t understand why. You can use our product to go out and harvest, let’s say, all the data from digital cameras from Amazon and from your own website.

You can quickly find out that whenever I have the lowest price, my product is out of stock -- and whenever I have a price that's too high, I don’t sell anything. Being able to constantly monitor that and optimize my prices is another example.

Another very interesting piece of information you can get is vendor pricing. You can know your own profit margin. Maybe it’s very low on Nikon cameras. You see that eBay is offering the Nikon cameras below even your cost as the vendor. You know for sure that buyers are getting a better deal with Nikon than you can offer. I call this using data to create intelligence and improve your business.

Gardner: All this real-time, updated content and data on the Web can be brought into many aspects of what enterprises do -- business processes, purchasing, evaluation, and research.

I suppose a small amount of effort from a mashup could end up saving a significant amount of money, because you’re bringing real-time information to those people making decisions.

How about you on your side, Rod? Any examples of how these two worlds -- the peanut butter and chocolate, if you will -- come together for a little better snack?

Smith: I’ll give you a good one. It’s an interesting one we did as a technology preview with Reuters and AccuWeather. Think about this again from the business perspective, where two business folks met at a conference and chit-chatted a bit.

AccuWeather was talking about how they offer different types of services, and the Reuters CTO said, "You know, we have this commodity-shipping dashboard, and folks can watch the cargo go from one place to another. It’s odd that we don’t have any weather information in there.” And the question came up very quickly: "I wonder how hard it would be to mash in some weather information."

We took one of their folks, one of mine, and the person from AccuWeather. They sat down over about three or four hours, figured out the scenario that Reuters was interested in and where the data came from, and they put it together. It took them about two weeks, but altogether 17 hours -- and that’s over a beer.

So it was chocolate and nuts and beer. I was in pretty good shape at that point. The interesting thing came after that. When we showed it to Reuters, they were very thrilled with the idea that you have that re-mixibility of content. They said that weather probably would be interesting, but piracy is a lot more interesting. "And, by the way" -- and this is from the line of business person -- "I know where to get that information."

Gardner: Now when you say "piracy," you mean the high seas and the Jolly Roger flying up on the mast -- that kind of thing?

Smith: That’s it. I didn’t even know it existed anymore. In 2006, there were 6,000 piracy events.

Gardner: Hijackings at sea?

Smith: Yes.

Gardner: Wow!

Smith: I had no idea. It turned out that the information was a syndication feed. So we pulled it in and could put it on a map, so you could look at the different events.

It took about two hours, but that’s that kind of dynamic now. The line-of-business person says, "Boy, if that only took you that much time, then I have a lot of ideas, which I’ve really not talked about before. I always knew that if I mentioned one more feature or function, IT would tell me, it takes six more months to do."

We've seen a huge flip now. Work is commensurate with some results that come quickly. Now we will see more collaboration coming from IT on information and partnerships.

Gardner: This networking-collaboration or social interaction is really what’s crafting the new level of requirements. Instead of getting in line behind 18 six-month projects, 12 to 20 hours can be devoted by people who are perhaps on the periphery of IT.

They're still under the auspices of what’s condoned under IT and make these mashups happen, so that it’s users close to the issues, close to where the creativity can begin that create a requirement, and then binds these two worlds together.

Smith: That’s correct, and what is interesting about it is, if you think about what I just described -- where we mashed in some data with AccuWeather -- if that had been an old SOA project of nine or 18 months, that would have been a significant investment for us, and would have been hard to justify.

Now, if that takes a couple of weeks and hours to do -- even if it fails or doesn’t hit the right spot -- it was a great tool for learning what the other requirements were, and other things that we try as a business.

That’s what a lot of this Web 2.0 and mashups are about -- new avenues for communication, where you can be engaged and you can look at information and how you can put things together. And it has the right costs associated with it -- inexpensive.

If I were going to sum up a lot of Web 2.0 and mashups, the magnitude of drop in “customization cost” is phenomenal.

Gardner: And that spells high return on value, right?

Smith: That’s right.

Gardner: How do you see this panning out in the future? Let’s look in our crystal ball. How do you see this ability of taking intelligence, as you call it, around the content, and then the line-of-business people coming in and making decisions about requirements, and how they want to tune or see the freshness of the content?

What’s going to happen in two or three years, now that we are bringing these things together?

Andreasen: There will be a lot more of what Rod just described. What Rod just mentioned is an early move, and a lot of companies aren't even thinking along these lines yet. Over the next one or two years, more people will realize the opportunity and the possibility here, and start doing it more. Eventually, it’s going to explode.

People will realize that getting the right data and the right content at the right time, and using that to create more intelligence is one thing. The other thing they’ll realize is that by networking with peers and colleagues, they'll get ideas and references to new data. All of these aspects -- the social aspects, the data aspect and the mashup aspect -- will be much more realized. I think it’s going to explode in usage.

Gardner: Any last thoughts, Rod, from where you see these things going?

Smith: Well, as we see in other technologies moving through from an SOA perspective, this is a great deal about cultural change within companies, and the technology barriers are coming down dramatically.

You don’t have to be a Java expert or a C# expert. I'm scary enough to be able to put together or find solutions for my own needs. It’s creating a way that line-of-business people are empowered and they can see business results quickly.

That also helps IT, because if the line of business is happy, then IT can justify the necessary middleware. That’s a fundamental shift. It's no longer an IT world, where they can promise a solution to the line of business 12 to 18 months down the road.

It’s much more of, "Show me something quickly. When I’ve got the results in my hand -- the dashboard -- then you can explain what I need to do for IT investments and other things."

It’s more collaboration at that point, and makes a lot of sense on governance, security, and other things. I can see the value of my app, and I can actually start using that to bring value to my company.

Gardner: I suppose another important aspect culturally is that part of SOA’s value is around reuse. These mashups and using this content in association with other different activities, in a sense promotes the notion of reuse.

You're thinking about, "How can I reuse this mashup? How can I extend this content, either off the Web or internally, into new activities?" That, in a sense, greases the skids toward more SOA, which I think is probably where IT is going to be heading anyway.

Smith: Well, what’s fun about this, and I think Stefan will agree, is that when I go to a customer, I don’t take PowerPoint charts anymore. I look on their website and I see if they have some syndication feeds or some REST interfaces or something.

Then I look around and I see if I can create a mashup of their material with other material that hadn’t been built with before. That’s compelling.

People look and they start to get excited because, as you just said, they see business patterns in that. "If you could do that, could you grab this other information from so-and-so?"

It’s almost like a jam session at that point, where people come up with ideas. That’s where we will see more of these examples. Actually, a lot of our stuff is on YouTube, where we had a retail store that wanted to see their stores on Google Maps and then see the weather, because weather is an important factor in terms of their businesses.

In fact, it’s one of the most important factors. What we didn’t realize is that very simple pattern -- from a technology standpoint it didn’t take much -- held up over and over again. If it wasn’t a store, it was banking location. If it wasn’t banking locations, it was ships. There were combinations in here that you could talk to your businessperson about.

Then you could say to the technologist or a developer, "What do I have to do to help them achieve that?" They don’t have to learn XML, Web objects, or anything else, because you have these SOA interfaces. It helps IT expand that whole nature of SOA into their enterprise.

Andreasen: One thing that's going to happen is that line-of-business people are getting a lot of great ideas. If I am working with business problems, I constantly get ideas about how to solve things. Usually, I just brush it away and say, "Well, it will be cool to have this, but it’s impossible."

They just don’t understand that the time from idea to implementation is dramatically going to go down. When they start realizing this, there is hidden potential out on the edge of the business that will now be cut loose and create a lot of value. It’s going to be extremely interesting to see.

Smith: One of the insights we have from customers is that mashups and this type of technology help them to visualize their SOA investments. You can’t see middleware. Your IT shop tells you what’s good, they tell you they get flexibility, but they want to be shown results -- and mashups help do that.

The second part is people say it completes the "last mile" for SOA. It starts to make a lot of sense for your IT shop to be able to show how the middleware can be used in ways it wasn’t necessarily planned for.

The big comment we hear is, "I want my content to be mashable or re-mixable." We figured out that it’s very much a SOA value. They want things to be used in ways they weren't planned for originally. Show me that aggressive new business opportunity, and you make me a very happy person.

Andreasen: Probably one thing we will see in companies is some resistance from the technologists, from central IT, because they are afraid they will lose control. They are afraid of the security issues etc., but it will probably be like what we've seen with company wikis.

They're coming in the back door in line of business and eventually the companies buy the company-wide wiki. I think we'll see the same thing with mashups. It will be starting out in line of business, and eventually the whole company understands, "Well, we have to have infrastructure that solves this problem in a controlled way."

Some companies have very strict policy today. They don’t even allow their line-of-business pros to write macros in Excel. Those companies are probably the ones that will be the last ones discovering the huge potential in mashups.

I really hope they also start opening their eyes that there are other roles for IT, rather than just the big, central system that run your business.

Gardner: Well, great -- thanks very much for your insights. This has really helped me understand better how these things relate and really what the payoff is. It sounds compelling from the examples that you provided.

To help us understand how enterprises are using Web applications, mashups, and lightweight data presentation, we’ve been chatting today with Rod Smith, Vice President of Internet Emerging Technologies at IBM. I really appreciate your time, Rod.

Smith: Thank you.

Gardner: And Stefan Andreasen, the Founder and CTO of Kapow Technologies. Thanks for joining, Stefan.

Andreasen: It’s been a pleasure, Dana.

Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions, and you've been listening to a BriefingsDirect. Thanks for listening and come back next time.

Listen to the podcast here. Sponsor: Kapow Technologies.

Transcript of BriefingsDirect podcast on data mashups with IBM and Kapow. Copyright Interarbor Solutions, LLC, 2005-2008. All rights reserved.

Transcript of BriefingsDirect Podcast on the Emergence of 'Integration-as-a-Service' for SOA

Edited transcript of BriefingsDirect[tm/sm] podcast with Dana Gardner, recorded June 20, 2007.

Listen to the podcast here. Podcast sponsor: Cape Clear Software.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you're listening to a sponsored BriefingsDirect podcast. Today’s discussion is about an intriguing concept, that of hosted Services Oriented Architecture (SOA), looking at integration as functionality and process that can be accessed on demand, moved off of your enterprise infrastructure, and onto someone else’s. This, I suppose, looks at services and compositing-as-a-service as well.

Here to explain these concepts and how they’re being used practically today -- and the implications for the future -- is Annrai O'Toole, CEO of Cape Clear Software. Welcome back to the show, Annrai.

Annrai O'Toole: Thanks, Dana.

Gardner: The notions of integration and hosting have been bounced around for a while. I recall a company named Grand Central that got quite a bit of funding and had a 1,001 different ways of mixing together services, components, and objects. Maybe it was a little ahead of its time. Why you think that the time is right for something like hosted integration?

O'Toole: You’re right. It is a somewhat back-to-the-future position, and clearly a lot of the ideas we’re talking about are things that Grand Central spoke about -- it must be six years ago. A couple of factors are driving this. First, it’s the whole technology maturity thing. Six or seven years ago, the standards around Web services were in their infancy, and people didn’t have a lot of experience with them. Because they were young, unproven, untested, and lacking in key bits of functionality, people didn’t really want to go there. Technology is one element of it, but there are a few more important elements driving it as well.

One is a secular trend toward simplicity and flexibility. At some levels, this has been driven by teams through virtualization. Storage and processing power are being very quickly virtualized. Applications are being virtualized, with software-as-a-service on demand. There is a long-term shift by customers, who are saying, “We don’t want to own complex infrastructure anymore. We’ve been there, and done that. We want something else.”

Gardner: So, you’re saying that enterprises have gotten a whiff of the notion that they can have complexity removed? They can have consolidation and cost reduction at the same time, and they kind of like that?

O'Toole: They do like that, and they’re willing to pay for it. They’re paying on a subscription basis, but we see many people not wanting to own, or get involved in, large initiatives, rolling out complexity. Before I got on this call, I did a quick refresh of some of the Websites. If you look at the SOA offerings from Oracle, IBM and BEA, they range from a minimum of 13 products to the top of the range, with IBM at 31 products. These are 31 simple products with easy to remember names like “IBM Tivoli Composite Application Manager for WebSphere.” People don’t want to own this stuff anymore.

I’ll give you another data point on the complexity that’s involved here. Recently, we looked at some RFPs. We had an RFP come in – and this isn’t all that unusual – from someone looking to do a big SOA initiative. It was – and I’m not joking -- a 111-page RFP.

Gardner: RFP is a request for proposal. That’s how companies go out and say, “We would like to start a bidding process around that acquisition of a large IT capability of some kind.”

O'Toole: Customers look at the choices available to them, and say, “Do we want to do all this big SOA integration on our own by buying these complex things, or are we prepared to look at alternatives? And, do those alternatives have any reality?” They do, and many companies are shying away from these big, complex initiatives.

Gardner: We’re certainly seeing that. Companies readily grok the notion that SOA is designed to make heterogeneity an asset rather than a liability. If that’s the case, then they certainly seem less interested in going to a single large stack, single portfolio, or even platform approach to that. So, that’s clearly in the market. On the other hand, they want this stuff to work, and they don’t want to be caught with their pants down in six months or a year, due to reliability or performance issues. Perhaps you could help take us to the notion of hosted integration from the perspective of “Does it work?”

O'Toole: This is a critical point. You can sit in a room with a bunch of executives, both from the business and IT segments and, say, “Hosted integration is a good idea,” and they’ll know that. We’ve got some proof points around it. Most notably, one of our marquee customers in the software-as-a-service base is Workday. The PeopleSoft founders got together to rebuild an ERP application, but this time on a hosted basis.

Gardner: Dave Duffield was the founder. Right?

O'Toole: Yes. Today they’re doing hosted integration, and, if you go to the Workday site, you can navigate into what they call the Web services networks. You can see the type of services that they are hosting on behalf of their customers. The whole idea is that they’re taking the integration burden off the customers, so that the customers can integrate their applications with Workday, without having to do any work on the customer end of the connection.

This is a huge portion of the unfolding software-as-a-service story. All application trends, be they 10 years ago when it was big ERP or now with software-as-a-service, have to address the integration problem, because none of these large applications live in isolation.

Workday has taken a novel approach to that around a hosted integration solution, and that works. They have large customers today. They’re handling integrations for their customers and hosting integration into things like ADP. Workday handles the integration between the customer’s data and ADP, which is actually doing the payroll and running checks, making sure that check runs get done at the end of the month and that people get paid. So, that’s a pretty important integration service to be hosting, because if it doesn’t work, and if it’s not reliable, then people don’t get paid.

Gardner: That tends to be top-of-mind for many people.

O'Toole: These aren’t trivial integrations. So, hosting is a big thing.

Gardner: If I could just pause you for a moment. As I understand it, Workday wanted to create some on-demand business applications, but in order for them to create a subscription business model around business applications, they had to conquer this integration issue in order for their application to be accepted. Is that correct?

O'Toole: That’s correct. If you think about it, the work they’re doing is all around handling human resources, the human resources (HR) application. That’s somewhat different from the type of application that SalesForce offers. SalesForce is a stand-alone box. You can use Salesforce.com to do customer relationship management, and it’s not essential that it integrate with other aspects of your business.

HR is very different. It must be integrated with your existing payroll systems, and must be integrated with third parties, such as people who manage benefits or people like ADP, which actually does payroll processing. So, it’s not possible to roll out an HR solution with Workday, unless you’ve got the integration problem solved.

Gardner: Sure, companies use an ecology of providers to help them support their employees in a variety of ways, whether it’s benefits, insurance, or future earnings and stock trading, and a whole bevy of different services.

O'Toole: Exactly. It’s a very complex ecosystem, and integration is one of the things that’s a sine qua non. They don’t have a business, unless they have the integration problem licked. So, it’s very different from CRM. And, as Salesforce.com expands its footprint, it too is running into this integration problem. They have now realized that they’ve got to offer better integration solutions for their customers as well, and they are working their way through those issues too.

As we wind the clock forward, we’re going to see more customers wanting to use on-demand style applications, and wanting integration to be solved in an on-demand way. They don’t want to build all these integrations again. You can also take this one step further. We’ve seen a lot of our enterprise customers, as they think about rolling out big SOA initiatives, are saying, “Maybe, we should really model ourselves as a mini software-as-a-service to our own internal organizations.”

Large enterprise IT departments are essentially rolling out hosted solutions and integrations. We’ve got many examples. We cite JP Morgan pretty frequently as a large enterprise customer that is hosting integrations centrally inside JP Morgan, so that it’s easy for different divisions and some external customers to access application functionality. The point we would make about our vision of how this hosted integration goes forward is that it’s not just for software-as-a-service companies like Workday or SalesForce. This is actually a model that’s good for internal IT as well.

Gardner: So, if we are an internal IT department moving towards SOA, and we access various services, assets and resources -- some internal, some external, some to partnerships -- we’re going to find ourselves in the role of doing integrations as a service anyway. That’s their point. If that’s going to be the case, then why not look for various other organizations that can follow that same beat of logic, and therefore you’ll have a federation approach toward integration as a service.

O'Toole: Another way to think about it is that if we are going to virtualize storage and processing power, we want to virtualize integration. It’s not something that is being rebuilt again and again and again by different companies or different departments within different companies. Let’s really start to move to a hosted model for us, and, as you say, these can be federated in a very coherent way. What’s new now is that the underlying technologies and standards can actually support that model. So, while this model might have been a pipe dream five or six years ago, today it’s reality, and the technologies and capabilities are there to do it.

Gardner: It seems to me that you are offering these enterprises the opportunity to get out of being in the middleware business, or to at least reduce the role that middleware plays for them as a provider and a host themselves. They can offload more of the function that middleware plays.

O'Toole: One of the things that we discovered in our interaction with Workday was that there is a neat concept that we can borrow from the software-as-a-service companies, and that’s a notion of multi-tenanting. You’ll hear us talk about more multi-tenanted integration, where I can take standard integrations -- such as to Workday, ADP, SAP, or SalesForce – and host those core integrations in a central spot. Once I’ve got that core integration built, I can make small changes to make it unique for all the different people who want it.

Everybody will have exactly the same data formats, but I take that core thing and then allow many slight variations that co-exist, and you get this notion of multi-tenanted integration. As I said, you’ll hear us talk about it more, and this is another piece of the puzzle that starts to make this a better, different way for companies to get out of the middleware business, or at least radically reduce and centralize all that’s happening in one virtual spot, and not scattered everywhere.

Gardner: Just to step back a moment. We’re not just talking about loosely coupled interoperability here, right? We’re talking about integration across a variety of different needs that organizations would have, depending on their unique legacy, applications, and platform environments. So, when we talk about integration and hosting, we are going to give them a quite a long check list. Is this is going to be the binary, object, and component level, or we are just talking loosely coupled XML and mashup types of activities, or all of the above? How do we make this into a list that could be managed from the provider perspective as well as from the customer’s perspective?

O'Toole: We’ve seen two fundamental preferences here, and there are two options for what you want to host. The first option we would broadly categorize as very loosely coupled data transformation. A lot of the things that people need to solve in terms of integration problems are really data transformation. How do I take payroll information from one provider, transform it, and send it down to another provider? Most people can deal with that. Most people can wrap their head around how that can be done in a hosted manner. What’s involved there is that it’s loosely coupled and it’s data. It’s ultimately some kind of XML or it gets converted into XML somewhere along the line.

The next thing is a step up from that. Now that I can get information between these things, do I want to have some orchestrations or some kind of inter-company business processes? It’s not just getting data from A to B, but it’s, “I want to get data from A to B, and then I want to call C, and when C has completed its job, then I want to call D, and when that’s complete, the whole thing is done.”

That’s next level of complexity, and it involves a more sophisticated approach. But, both of them are possible and both are in operation today. As far as what customers are going to go for, I think they’ll be happy to do data transformation initially, and when that’s really working for them, they might be prepared to take the next step and host business processes in the cloud.

Gardner: I suppose another trend in the field these days, Annrai, is that the very notion of an application is up for grabs. We used to have applications as packaged applications of functionality, and they had logic, data, and presentation, but we are moving away from that.

It’s coming down more to who understands vertical business issues and can assemble components and assets and services to create advantage, efficiency, and productivity benefit by combining human knowledge, understanding, and relationships. That’s different than just plopping down an application and then rallying everyone around it to work within its requirements and definitions of productivity. It seems to me that what you are doing, even if it’s on the loosely coupled basis alone, is allowing for that redefinition of business applications and processes to accelerate as a catalyst to that. Do you agree?

O'Toole: Absolutely. We’re already well past the definition of applications as monolithic, stand-alone entities, and we are already into a more federated, loosely coupled environment. Look at the things that SalesForce is trying to do, for example, with AppExchange, and their desire to host more and different applications, but all in the same SalesForce portal.

You’re going to see that model applied in a very generic way across a whole range of different applications, and it’s really going to break down the barriers between applications. In some sense, it’s taking mashups to the next logical conclusion. That process has already started. We’ve already seen the first inklings that it’s coming to every large enterprise on the planet over the next several years. The alternatives to it just don’t make economic sense anymore.

Gardner: It could happen to these enterprises, whether they want it to or not. The line-of-business people and those who are aggressive about seeking out productivity on their own are going to do that.

O'Toole: A good analogy is what really drove client-server or the Internet as big computing waves. The line-of-business people could sit at a desktop and see something in action. You had color, and it wasn’t a green-screen mainframe application, and you could get them tailored really quickly. Business people got that very readily.

Gardner: They really increased the universe of participants in computing.

O'Toole: Correct. With the Internet, you could show people a browser and they got it really quickly. For the longest time, a lot of concepts around SOA have been inexplicable. You can’t explain them to a business person. You think you might get there, but then you start talking about governance and you are just down the weeds. You can’t sit them at a laptop and show them SOA, but you can sit down and show them mashups. You can show them hosted applications. I believe that you can even show them hosted integrations.

We can show our customers ADP runs, on which they’d have to do nothing in terms of getting them to work. You can show those to business people, and they get it. That’s what’s changing the definition of what an application is, because business people can actually see these mashups and all the stuff running for themselves, and they say, “This is really interesting. Now, I know what this stuff is all about.”

Gardner: You’ve mentioned SalesForce several times, and you’ve mentioned Workday. Is there going to be an opportunity for other types of organizations? I’m thinking about Amazon, Google, and Microsoft recognizing that there’s an opportunity for them to come in and provide more subscription-based services, these loosely coupled integration points and mashup points.

Is that how you see this evolving, that there will be a handful of large generic players? Or, will this be something that needs to be done on a more specific basis closer to the individual organizations, closer to individual departments, or perhaps both. Will we have a grassroots ecology of small providers as well as some large mega providers?

O'Toole: Yeah, that’s a very interesting question. I don’t have the answer, but there are a few trends that you can see. Undeniably, a lot of the bigger players are actively trying to muscle into this space already, Amazon, in particular, with their accessories stuff. They’re great. So, you’re going to see more of that. However, the other people who are going to make a huge contribution are the whole open-source community.

Over the next several years we’re going see a different set of development tools emerge around wikis. I was looking at some of this QEDWiki stuff from IBM and some from Oracle, and I think you are going to start to see a different way for people to build enterprise applications along enterprise mashup sever concepts. That hasn’t really begun yet.

There are leaves blowing in the wind, but there’s nothing concrete there just yet. If we conquer that one, then that’s going to put really flexible composite application construction into the hand of every size organization. That means we wouldn’t end up with this thing owned by just the big players, such as, “You are just going to get what Amazon wants to give you and nothing else.” It will create a new world for organizations of different shapes and sizes to have easy-to-use tools to build their own stuff.

Gardner: So, perhaps it will be a very fertile period, in which the number of people that can participate in development – who have a role in how to exploit information technology for their business purposes – expands. They don’t have to go through a keyhole, pushing requirements in and waiting for something come back through the door six months later. We will increase the number of people that can directly participate in shaping how IT helps them.

At the same time, we’re also compressing the time it takes for them to recognize some value from this. That is to say, if they can start doing mashups, if they can relate their knowledge of business issues and problems directly into a hosted environment or mashup interface of some kind, then we increase the number of people, but we compress the time before those people can enjoy the benefits of their labor.

That sounds like a very powerful combination that will -- perhaps even more than what we saw in client-server and Web browsing -- accelerate adoption and drive people to want to have a role in this. This goes especially for the younger people today who are used to driving their own destiny online.

O'Toole: As the Web 2.0 generation gets into the enterprise, they’re going to have a very different view of how things should be done. They want it done the way that they have experienced this medium as teenagers. They’ll say, “What do you mean you can’t do it the way I want to do it?” I certainly hope that that’s the way it turns out, because we are just about due for another major innovation in the app development life-cycle.

Gardner: For some of these interesting possibilities to occur, we also have to get back to the pragmatic notion that it needs to make business sense. For an organization like Workday, SalesForce, or Amazon, given the resources that they are going to need to pull this off, there’s going to be a lot of translation and semantic traffic, as you get close to the orchestration that you described. A series of events has to happen in a certain of pattern and be published and subscribed.

A complexity comes up about different requirements being fired off before the other set can be attempted. They’re going to have to have quite a bit of infrastructure and resources. Is there a business model that makes sense for them be able to fund their needs, provide the reliability and speed that people are accustomed to, and still make a profit? How does this work in dollars and cents terms?

O'Toole: There are two aspects to this. As we practice this multi-tenanted integration, what that’s going to enable us to do is dramatically driving down the cost of integration. If I am a customer in a large enterprise, on Amazon, or whatever, and I go and build an integration, I’ve got to build it uniquely for every single app and version of the app that it touches. So, I’ve got to kit out this huge infrastructure and code this unique piece of integration. That’s really expensive.

If we can move away from that to a different infrastructure, even though it’s still a pretty complex infrastructure, what it supports is the notion of building the integration once, and then making minor modifications to customize it for lots of different users. That can amortize that infrastructure cost over many different customers. If I can move to that model, that changes the economics for the provider. It enables them to offer more flexible pricing models to their customers.

The obvious ones are in the subscription-based models for the integrations that they host for you. That’s how I see the economics of it working. I really believe that because of the innovations that have been taking place in both the standards and in the underlying infrastructure for SOA around the ESBs, this multi-tenanted integration is here and is going to be a big driver in the current equation.

Gardner: So, at a basic level, we’re talking the 80-20 rule again, where 80 percent of the functionality is recurring and common. Its reuse can be paid for over a period of time, and then the 20 percent is dealt with case by case, and that can be managed as a cost, because of the efficiencies of the other 80 percent.

O'Toole: Correct.

Gardner: What is it about the technologies today that’s going to make that possible? Obviously, infrastructure, virtualization, and the storage prices have come down significantly. I suppose there’s another issue we haven’t talked about, and that’s the ability to get the highly specialized people to do these things. Each company, if they try to hire them individually to build this, might find, despite their great intentions and ability to invest, that they just can’t find the people.

Therefore, they might be forced to recognize that, given the scarcity of resources, there has to be a more cooperative approach. Let’s let those skilled people who are fundamentally ready to attempt these things do it, but more in a more centralized way. Then, we can all enjoy that common 80 percent benefit. Two questions. One, does it make sense, given the human resources issues, that we centralize? And is that another factor in the cost equation?

O'Toole: One business that’s there waiting to be created is a universal hosting business for integration, pretty much along the lines of what Grand Central had in mind.

Gardner: And what Google has done when it comes to search. No one can touch them, because of their expertise in that.

O'Toole: It’s absolutely possible for someone to own the data centers, and the expertise to offer this virtualized integration. Someone – in fact several people -- are going to try to own that over time. For a lot of small- to medium-sized businesses, that’s going to be hugely attractive. I can well imagine this small- to medium-sized business coming along and seeing a palette of available hosted integration – from SalesForce to all the different desktop CRM applications and SAP integration -- sitting out there, ready for them. If it doesn’t exactly support what they need, there’s a simple model, where they can send in the data format, state the business processes they need to support, and they’ll get a quote back saying, “This is what it’s going to cost you on a monthly basis.” I see that as a very viable option.

Gardner: Okay. If I’m an enterprise, and I’m intrigued by some of these notions and believe that this is the future, although I can’t readily predict at what pace and where things will happen, how do I get started? How should I rationalize this to my CFO? Is there a formula in terms of, “We can reduce our capital expenditures by blank percent, but we’re going to have to increase our subscription payments or recurring predictable expenditures by another?” How do we help companies understand how to get started, and then how to explain why this would make sense financially? Are they going to be paying by transaction, by user, by application, by service? It’s pretty hard to put a meter on this. Where do you attach the meter on how to build for these things?

O'Toole: They’re all good questions, so let me break them off one by one. For a lot of our enterprise customers, what we say to get them started is that as they think about their SOA initiatives and building internal SOA applications, they should be planning, building, and hosting the integration to those services at the same time. What we say to them is, “Okay, this great hosted integration vision doesn’t quite exist today, but you can create a mini version of it for yourself inside your own organization. So, when you build a service that you’re going to offer to either internal customers or to external ones, don’t only build up service, but find out who’s going to need to use that service, and build the integrations for them.

That gets them going down a path, where they’re at least containing all their own internal integrations in one spot. Maybe some time in the future, they’ll be able to hand that off to someone else, but that’s another day’s work. So we say to them, “That’s a good starting point.”

Alternatively, if they’re a smaller businesses, and they’re not interested in doing SOA things, we then encourage them to look at companies like SalesForce and Workday and see how they are approaching these integration problems.

Gardner: Go at it through the software-as-a-service applications approach.

O'Toole: Exactly. Go down that road. So, there are two starting paths, depending on whether you’re going to build stuff yourself or you don’t want to be in the development business at all.

In terms of cost justification and how you price for this, right now I don’t think you can charge on a per transaction basis. Our thinking is that you’re still going to charge for this just in terms of the overall volume that you need for CPU-based pricing, because we don’t think that pricing them on an individual transaction basis or an individual integration point basis make sense. People don’t really want to go there yet. We just say, “Okay, the services you’re going to need to create are going to need two or four CPUs, so that bounds your price and you can either pay on a subscription base or you can do it a one-off payment.”

Gardner: Does the per-employee model work in this respect?

O'Toole: No. Certainly, we haven’t seen them working well, because for most organizations, they start off doing something pretty simple that isn’t critical to the business. So, you can’t turn around and say, “You are JP Morgan. You’ve got 150,000 employees, so this simple thing is going to cost you ... blah.” This is still an evolving area, but I think the point that we’d make is: this is being done now, so whether you’re doing it on an internal basis or you’re someone like Workday and you are doing this on a pure hosted basis, this is the model.

People are already going with this model now, and they’re increasingly not going with the model of buying complex SOA suites and three years worth consulting. They’re adopting approaches that are much more on-demand and hosted from the get go. So, the future is now. This stuff is happening at the moment as we speak.

Gardner: It’s very exciting. As people process the notion of SOA and recognize the benefits, particularly the small- and medium-sized businesses, these light bulbs start to go off, and things fall into place.

I’m glad we’ve had a chance to explore this a little more deeply. It’s a very interesting adjunct to the SOA discussion, as well as that discussion around how applications, by definition, are changing. We might soon have some examples of how the cost benefits are real and compelling.

So, thank you, Annrai, for joining us in this discussion about hosted SOA, hosted integration and interoperability, and eventually getting to the notion of services compositing as a service.

This is Dana Gardner, principal analyst at Interarbor Solutions. We’ve been joined by Annrai O'Toole, CEO of Cape Clear Software. Any parting thoughts, Annrai?

O'Toole: No, I think I’ve said all that I needed to say on this one. So, as usual, it’s a pleasure, thanks for having me on the show.

Gardner: Sure. I think it’s a subject we should probably revisit every six months or so, because it’s bound to have some twists and turns in the journey, no doubt. Thanks for listening.

Listen to the podcast here. Podcast sponsor: Cape Clear Software.

Transcript of Dana Gardner’s BriefingsDirect podcast on the emergence of integration as a service for SOA. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.

BriefingsDirect SOA Insights Analysts on SOA Mashups and the Oracle-Hyperion Deal

Edited transcript of weekly BriefingsDirect[TM/SM] SOA Insights Edition, recorded March 2, 2007.

Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Interarbor Solutions at 603-528-2435.

Dana Gardner: Hello, and welcome to the latest BriefingsDirect SOA Insights Edition, Vol. 13, a weekly discussion and dissection of Services Oriented Architecture (SOA) related news and events with a panel of industry analysts and guests. I am your host and moderator Dana Gardner, principal analyst at Interarbor Solutions, ZDNet blogger and Redmond Developer News magazine columnist.

Our panel this week -- and that is the week of Feb. 26 2007 -- consists of Steve Garone, a former IDC group vice president, founder of the AlignIT Group, and an independent industry analyst. Welcome back to the show, Steve.

Steve Garone: Thanks, Dana. Great to be here.

Gardner: Also, joining us once again, Joe McKendrick, a research consultant, columnist at Database Trends and a blogger at ZDNet and ebizQ. Welcome back, Joe.

Joe McKendrick: Good morning, Dana.

Gardner: Also joining us, Tony Baer, principal at OnStrategies, and blogger at Sandhill.com and ebizQ. Thanks for joining, Tony

Tony Baer: Hi, Dana.

Gardner: And also once again, joining us is Jim Kobielus. He is a principal analyst at Current Analysis.

Jim Kobielus: Hi, Dana. Hi, everybody

Gardner: Joining us for the first time, and we welcome him, Dave Linthicum. He is CEO at the Linthicum Group, an SOA advisory consulting firm. Dave also writes the Real World SOA blog for InfoWorld and is the host of the SOA Report podcast, now in its third year. He is also a software as a service (SaaS) blogger for Intelligent Enterprise, and has a column on SOA topics for Web Services Journal. Welcome, Dave.

Dave Linthicum: It is great to be here.

Gardner: We are going to have a couple of meaty, beefy topics today on the SOA and, interestingly enough, Enterprise 2.0 arena. We are going to be discussing and defining the concept around "mashup governance." We are also going to discuss some merger and acquisition news this week, with a deal announced between Hyperion and Oracle, whereby Oracle will acquire Hyperion for $3.3 billion.

First off, let's go to this subject of "mashup governance." Dave, I believe you defined this to a certain extent in a recent blog, and I wanted to give you the opportunity to help us understand what you mean by "mashup governance" -- and why it’s important in an Enterprise 2.0 environment, and perhaps what the larger implications may be for SOA.

Linthicum: Sure. Thank you very much. That was a feature article, by the way, that InfoWorld sponsored, and it’s still up on their website. It basically talked about how mashups and SOA are coming together, since they are mashing up. As people are becoming very active in creating these ad-hoc applications within the enterprise, using their core systems as well as things like Google Maps and the Google APIs, some of the things that are being sent up by Yahoo!, Salesforce.com, and all these other things that are mashable. There's a vacuum and a need to create a governance infrastructure to not only monitor-track, but also learn to use them as a legitimate resource within the enterprise.

Right now, there doesn’t seem to be a lot of thinking or products in that space. The mashup seems to be very much like a Wild West, almost like rapid application development (RAD) was 15 years ago. As people are mashing these things up, the SOA guys, the enterprise architecture guys within these organizations are coming behind them and trying to figure out how to control it.

Gardner: An element of control to an otherwise ad hoc and loosey-goosey approach to creating Web services-based UIs and portal interfaces?

Linthicum: That’s absolutely right. Ultimately these things can become legitimate and very valuable applications within the enterprise. I have a client, for example, that has done a really good job in mashing up their existing sales tracking system, inventory control system, and also delivery system with the Google Maps API. Of course everybody and their brother uses that as a mashup example, but it's extremely valuable.

We are able to not only provide maps to do the best routing for delivery, but also Google Maps right now has traffic reports. So, they can give these to the truck drivers and delivery agents at beginning of the day, and productivity has gone up 25 percent. Over a year, that is going to save them more than $1.5 million. And, that’s just a simple mashup that was done in a week by a junior developer there. Now, they are trying to legitimize that and put it back into their SOA project, as well as other external API’s. They are in there trying to figure it out.

Gardner: So perhaps through this notion of combining what is available on an internal basis -- either as a Web service or moving toward SOA -- the enterprises can also start tapping into what is available on the Web, perhaps even through a software-as-a-service relationship or license, and put together the best of internal data content process as well as some of these assets coming off of the Web, whether it is a map, an API, or even some communications, groupware, or messaging types of functions.

Linthicum: I think you put it best that I have ever heard it. Absolutely. That’s the way it’s coming forward, as we are building these SOAs within these enterprises today. We have the added value of being able to see these remote services, deal with these remote APIs, and bring that value into the organization -- and that’s typically free stuff. So, we are using applications that we are gaining access to, either through a subscription basis in the case of Salesforce.com -- and they are, by the way, hugely into the mashups that are coming down the pipe -- free services that we are getting from Google, or even services that cost very little.

Putting those together with the existing enterprise systems breathes new life into them, and we can basically do a lot of things faster and get applications up and running much faster than we could in the past. Ultimately, there is a tremendous amount of value for people who are using the applications within these environments. Typically, it’s the mid-market or the mid-sized companies that are doing this.

Gardner: Or even department levels in larger companies that don’t need to go through IT to do this, right?

Linthicum: That’s right. Absolutely. That’s how Salesforce.com got started. In other words, people were buying Saleforce.com with their credit cards and expensing it, and they were wiring it around IT. We are seeing the same movement here. It's happening at the grassroots level within the department and it's moving up strategically within the IT hierarchy.

Gardner: Okay, so it sounds straightforward: a good productivity boost, moving toward the paradigm of mashable services. Why do we need governance?

Linthicum: Well, you really need a rudimentary notion of governance when you deal with any kind of application or service that works within the organization. Governance is a loaded word. If you go to the Enterprise Architecture Conference -- and I am speaking at it the end of this month in New Orleans -- they consider governance as a management practice. It’s running around knocking people on their heads, if they are not using the correct operating systems, databases, those sorts of things. In the SOA world, as Joe McKendrick can tell you, it's about a technical infrastructure to monitor-control the use of services. Not only is it about control, but it is about productivity. I can find services. I can leverage services, and they are managed and controlled on my behalf. So, I know I am not using something that’s going to hurt me.

The same thing needs to occur within the mashup environment. For mashing up, there are lots of services that we don’t control or that exist outside on the Internet. It's extremely important that we monitor these services in a governance environment, that we catalogue them, understand when they are changed, and have security systems around them, so they don’t end up hurting productivity or our existing IT infrastructure. We don’t want to take one step forward and two steps back.

Gardner: I read your blog in response to this, Jim Kobielus, and you seem to think that bringing too much governance to this might short-circuit its value -- that it’s the loosey-goosey, ad-hoc nature that brings innovation and productivity. Do you think that what we think of as traditional SOA governance is too rigid and strict and requires some interaction with IT? Or are we talking about some other kind of governance, when it comes to mashups?

Kobielus: Well, Dave made that same point in his article, which is that the whole notion of mashups is half-way to anarchy, as it were, creative anarchy. In other words, empowering end-users, subject-matter experts, or those who simply have a great idea. They typically slap together something from found resources, both internal and external, and provision it out so that others can use it -- the creative synthesis.

This implies that governance in the command-and-control sense of the term might strangle the loosey-goosey that laid the golden egg. So, there is that danger of over-structuring the design-time side of mashups to the point where it becomes yet another professional discipline that needs to be rigidly controlled. You want to encourage creativity, but you don’t want the mashers to color too far outside the lines.

Dave hit the important points here. When you look at mashup governance, you consider both the design-time governance and the run-time governance. Both are very important. In other words, if these mashups are business assets, then yes, there needs to be a degree of control, oversight, or monitoring. At the design-time level, how do you empower the end-users, the creative people, and those who are motivated to build these mashups without alienating them by saying, "Well, you've got to go to a three-week course, you've got to use these tools, and you've got to read this book and follow these exact procedures in order to mashup something that you want to do?" That would have clearly stifled creativity.

I did a special section on SOA for Network World back in late 2005. I talked to lots of best practice or use cases of SOA governance on design time, and the ones that I found most interesting were companies like Standard Life Assurance of Scotland. What they do is provide typical command-and-control governance on design time, but they also provide and disseminate through the development teams a standard SOA development framework, a set of tools and templates, that their developers are instructed to use. It's simply the broad framework within which they will then develop SOA applications.

What I am getting at here is that when you are dealing with the end users who build the mashups, you need to think in terms of, “Okay. Tell them in your organization that we want you to very much be creative in putting things together, but here is a tool, an environment, or enabling technology that you can use to quickly get up to speed and begin to do mashing up of various resources. We, the organization that employs you, want you, and strongly urge you, to use these particular tools if you wish your mashups to be used far and wide within the organization.

"If you wish to freelance it internally, go ahead, but doesn’t mean we are necessarily going to publish out those mashups so that anybody can see them. It means we are not necessarily going to support those mashups over time. So, you may build something really cool and stick it out there, but nobody will use it and ultimately it won’t be supported. Ultimately, it will be a failure, unless you use this general framework that we are providing."

Gardner: I think we need to re-examine some of these definitions. I'm not sure what we are talking about with mashup governance is either "run time" or "design time." It strikes me as "aggregation time." Perhaps we don’t even need to use existing governance and/or even federate to existing governance. Perhaps it's something in the spirit of Web 2.0 and Enterprise 2.0, as simple as a wiki that everyone can see and contribute to, saying, “Here is how we are going to do our mashups for this particular process."

Let’s say, it is a transportation process, "Here are the outside services that we think are worthwhile. Here are the APIs, and here is a quick tutorial on how to bring them into this UI." Wouldn’t that be sufficient? Let us take that over to Steve Garone.

Garone: I am going to push back on that a little bit. What we are wrestling with here is achieving a balance between encouraging creativity and creating new and interesting functionality that can benefit business, and keeping things under control. The best way to look at that balance is to understand what the true risks are.

The way I see it, there are several major areas. The first has to do with what I call external liability, meaning that if you, for example, publish a mashup to a customer base that has a piece of functionality you got off the web, and for some reason that has wrong information and does the customers some harm, who is responsible for that? How are you going to control whether that happens or not? The second has to do with what I call internal risk, which has to do with making available to the outside world information that is sensitive to your organization. In that case, a little more than what you described is going to be necessary, and can also leverage some of the governance infrastructure that people are building generally and relative to SOA.

Gardner: So, you are thinking that these mashups would be available not only to an internal constituency in the organization but across its users, its visitors, and the public?

Garone: Absolutely. Well, I think they can be, and I think there will be organizations and groups within organizations who will want to do that, driven primarily by the business opportunities that it can afford.

Gardner: But, if this is the general public accessing some of these mashups, wouldn’t the risk that they would take accessing the individual services on the web on their own be sufficient? Why would you need to be concerned about liability or other risk issues when these are already publicly facing APIs and services and so forth?

Garone: Conceptually, you wouldn’t, but we all know that in this world anybody can sue for anything, and the reality is that if I go to a company’s website and use a function that incorporates something that they grabbed off the web, and it does me harm, the first place I am going to look is the site that I went to in the first place.

Gardner: Well, you might have stumbled upon the category here that will warm the cockles of many lawyers’ hearts -- mashup risk and assessment.

Garone: Exactly. And, it's one of the problems that governance in general attempts to solve. So, it is relevant here. My bottom-line point is that achieving balance is going to involve some careful consideration of what the true risks are. Maybe resolving that involves a combination of the kinds of solution that you just talked about in some cases. In other cases, they are going to have to leverage the governance infrastructure that exists in other areas within a company.

Gardner: Your point is well taken. This is business, it is serious, and it needs to be considered and vetted seriously -- if it is going to be something that you are using for your internal employees’ use, as well as if it becomes public-facing. How would you come down on this, Joe McKendrick? Do you see the balance between something as unstructured as a blog or wiki being sufficient, or do we need to bake this into IT, get policies and governance, and take six years to get a best practices manifesto on it?

Garone: I did not recommend that, Dana.

Gardner: I know. I'm going from one extreme to the other.

McKendrick: If we do it in two years, that would be fine. But what I’d love to know is, what exactly is the difference between a mashup and a composite application that we have been addressing these past few years within the SOA sphere? The composite application is a service-level application or component that draws in data from various sources, usually internal to the organization, and presents that through a dashboard, a portal, or some type of an environment. It could be drawn from eight mainframes running across the organization.

Obviously, the governance that we have been working so hard on in recent years to achieve in SOA is being applied very thoroughly to the idea of composite applications. Now, what is the difference between that and a mashup? Other than the fact that mashups may be introducing external sources of data, I really don’t see a difference. Therefore, it may be inconsistent to "let a thousand flowers bloom" on the mashup side and have these strict controls on the composite application as we have defined in recent years.

Linthicum: The reality is that there is no difference. You are correct, Joe, and I point that out in the article as well. There are really two kinds of mashups out there: the visual mashups, which are what we are seeing today, where people are taking basically all of these interface APIs and using the notions of AJAX and other rich, dynamic clients, and then binding them together to form something that is new.

The emerging mashups are non-visual. It's basically analogous, and is not exactly the same, as traditional composite applications that are -- if you can call them traditional -- in the SOA realm today. They have to be controlled, managed, governed, and developed in much the same way.

Kobielus: There is a difference here. I agree with what Dave just said that mashups are not qualitatively different from composite apps, but there is a sort of difference in emphasis, in the sense that a mashup is regarded as being more of a user-centric paradigm. The end-user is empowered to mash these things up from found resources.

It relates to this notion that I am developing for a piece on user-centric identity as a theme in the identity management space. The whole Web 2.0 paradigm is user-centric -- users reaching out to each other and building communities, and sharing the files and so on. Mashing up stuff and then posting that all to their personal sites is very much a user-centric paradigm.

There's another observation I want to make. I agree that the intellectual property lawyers are starting to salivate by mashups invading their clients or encroaching on their clients’ rights. Actionable mashups are good from a litigator’s point of view. In terms of governance then, organizations need to define different mashup realms that they will allow. There might be intra-mashes within their Intranet -- "Hey, employee, you can mash up all manner of internal resources that we own to your heart’s delight. We will allow intra-mashes, even extra-mashes within the extranet, with our trusted partners. You can mash up some of their resources as well, whatever they choose to expose within the extranet. And then, in terms of inter-mash or Internet wide mashing, we’ll allow some of it. You can mash Google. You can mash the other stuff of the folks who are more than happy to let you mash. But, as an organization, your employer, we will monitor and block and keep you from mashing up stuff that conceivably we might be sued for."

Gardner: So you could take six years and require a manifesto. Thank you, Jim Kobielus. Tony Baer, let's take it to you. Do you see this as a problem in terms of the governance, or should we keep it loosey-goosey? Should we not get into the structure, and do you think that -- to Jim’s point -- a mashup is conceptually different from a composite application because of the user-centric, user-driven, keep-IT-out-of-it aspect?

Baer: We've got a couple of questions there. I’ll deal first with the technical one, which is that composite apps and mashups are basically trying to do the same thing, but they're doing it in different ways. Composite apps, at least as I've understood the definition, came out of an SOA environment. That implies some structure there, whereas mashups essentially merged to Web 2.0 with the emergence of AJAX-style programming, which lets anybody do anything anywhere with this very loosely structured scripting language. There are practically no standards in terms of any type of vocabulary.

So, there is a bit of a "Wild West" atmosphere there. As somebody else said, you really need to take a two-tiered approach. On one hand, you don’t want to stifle the base of innovation, a kind of a skunk works approach. Having a walled garden there, where you're not going to be doing any damage to the outside but you are going to promote collaboration internally, probably makes some sense. On the other hand, even if the information did not originate from your site, if you're retransmitting it there is going to be some implication that you are endorsing it, at least by virtue of it coming under your logo or your website.

Gardner: Yeah, the perception of the user is going to be on you, regardless of the origins of the service.

Baer: Exactly. So, you need a tiered approach. I was taking a note here earlier. You really need to exert control on the sources of information. Therefore, for the types of information that are exposed internally -- for example something from an internal financial statement -- you need to start applying some of the rules that you've already developed around internal databases. Different classes of users have a right to know and to see it and, in some cases, some read-write privileges.

You need to apply similar types of principles at the source of information. Therefore, if I have access to this, this means implicitly that I can then mash it up, but you have to really govern it at the original point of access to that information, at least with regard to internal information. With external information, it probably needs to go to the same type to clearance that you would exert for anything that goes out on the corporate website, the external website.

Gardner: So, your existing policies and access privileges, your federated ID management brought up into a policy level, that will all play into this and it could help mitigate this concern around the right balance.

Baer: Well, put it this way, it’s a step toward that direction.

Gardner: I want to offer another possibility here. I was thinking about the adage that nobody was fired for using IBM, which was a common saying not that long ago. What if we were to take that same mentality and apply it here -- that if you're going to do mashups, make sure they are Windows Live mashups, or Google mashup services for mashup; or maybe Salesforce.com? So, is there is an opportunity on the service provider side to come up with a trusted set of brands that the IT people and the loosey-goosey ad-hoc mashup developers could agree on to use widely? They could all rally around a particular set of de-facto industry standard services? That would be perhaps the balance we're looking for.

What do you think about that, Steve?

Garone: That can certainly be a realistic part of how it’s done, and it gets back to something someone mentioned earlier about composite applications. We talked about the similarities and the differences. One of the differences I see is when I think back to when people started building applications from software components. There was a flood of products put on the market to manage that process in terms of cataloguing and putting into libraries trusted components with descriptions and APIs that conform to standards, to try to sort of reign in people’s ability to go all over the place and pick software from the sky to build into an application that could be used in a business context.

What you're saying sort of conforms to that, in that you come up with a trusted set of applications or a trusted set of vendors or sources from where you can get application functionality, and an attempt to enforce that.

Gardner: It strikes me that this is a slippery slope, if people start using mashups. That includes the more defined and traditional developer using it through governance and vetting it properly with command and control, as well as across a spectrum of project-level, third-party developers, and even into department-level folks who are not developers per se. The slippery slope is that, suddenly more of the functionality of what we consider an application would be coming through these mashups and services, and perhaps increasingly from outside the organization.

Therefore, the people who are providing the current set of internal services and/or traditional application functionality need to be thinking, "Shouldn’t I be out there on the wire with a trusted set?" We're already seeing Microsoft move in this direction with its Windows Live. We're seeing Google now putting packaging around business-level functionality for services. Salesforce.com is building an ecology, not only of its own services, but creating the opportunity for many others to get involved -- you could call them SaaS ISV’s, I suppose.

And I don’t think it’s beyond the realm of guesswork that Oracle and SAP might need to come up with similar levels of business application services that create what would be used as mashups that can be trusted to be used in conjunction with their more on-premises, traditional business applications. Does anyone else see any likelihood in this sort of a progression? I’ll throw it out.

Linthicum: There's a huge likelihood of that coming up. People are moving to use interface-based applications through software-as-a-service. All you have to do is look at the sales of Salesforce.com to monitor how that thing is exploding. And, they are migrating over to leveraging services to basically mix-and-match things at a more granular level, instead of taking the whole application interface and leveraging those within your enterprise. This is what I call "outside-in" services. I wrote about that three years ago.

People are going to focus on that going forward, because it just makes sense from an economic standpoint that we leverage the best-of-breed services, which typically aren’t going to be built within our firewall. We don’t want to pay for those services to be built, but they're going to be built by the larger guys like Salesforce.com, Google, and Microsoft. It's going to be a slow evolution over time, but I think we are going to hit that inflection point, where suddenly people see the value. It’s very much like we saw the value in the web in the early '90s -- that it really makes sense not only to distribute content that way, but distribute functional application behavior that way.

Gardner: Thanks, Dave. Any contrarians out there? Does anyone think that this back-to-the-future, in terms of the major players stepping up and providing best-of-breed services, is not likely?

Kobielus: Well, I think it's likely. But the fact is that, given the accessibility of this technology, it will encourage independence to startups, and provide unique new services too that may fall between the cracks. It’s the classic long tail here.

Gardner: I’ll be contrarian in this, because I don’t think that these sets of players, with the possible exception of Google and Salesforce.com, are going to be interested in having this occur sooner. They would rather have it come later, because their on-premises, licensed software businesses are far more profitable, and it gives them a more entrenched position with the client and the account than these mashups. Those can be switched in or out quite easily, and are either free or monetized through advertising or in a subscription fee format that is still not nearly as profitable for them in the long run as an on-premises, licensed affair.

Does this notion of the business model, rather than the technology model or the branding model, change anyone’s opinion on the speed in which this happens? Do we need to have a small group of interlopers that comes in and actually forces the hands of the larger players into this mode?

Garone: Dana, I’ll take that. There clearly has to be a business reason for these major players to do it, and the two that I see are, one, that the functionality that they're making lots of money off of is suddenly available as a mashup at little or no cost, in which case they have got to deal with that. The other is to be able to add interesting functionality to their existing products in order to be more competitive with the other enterprise app players out there. Other than that, you're right. There has to be a stimulus from the business standpoint to get them to actually jump into this.

Gardner: Any other thoughts on the pressure in the marketplace and in terms of business and cost?

Linthicum: If they don’t do it, somebody else is going to come up and do it for them. Look at the pressures that Salesforce.com has put on the CRM players in the marketplace. It’s a similar type of market transition. Salesforce.com was never an internal enterprise player, and yet look at their revenues in contrast to the other CRM guys that are out there. The same thing is going to occur in this space. They are either going to step up and provide the new model, or they're just going to get stomped as people run over them to get to the players that will do it.

Gardner: Yeah, Dave, I agree, especially with Google. They’ve got a market cap of $144 billion, and a portion of that market cap depends on how well Google can sell business services to businesses. That’s going to put pressure on the traditional players, right?

Linthicum: Yeah. Google is moving aggressively in that space, and I think they're going to not only provide their own services, but they're going to broker services that they validate and basically recast.

Gardner: And that’s governance isn’t it?

Linthicum: It is going to be governance. You are going to see some aggregators out there. Right now, you’re seeing guys like StrikeIron, which is a small company, but they aggregate services. They are basically a brokerage house for services they control, validate, and make sure they are not malicious. Then, you rent the services from them, and they in turn pay the service provider for providing the service. I think Google is going to go for the same model.

Gardner: It’s about trust ultimately, right?

Linthicum: It’s about trust ultimately. If I were a consultant with an organization and my career was dependent on this thing being a success, I'd be more likely to trust StrikeIron and Google than some kind of a one-off player who has a single service which is maintained in someone’s garage.

Gardner: So that notion of a cottage industry for some little developer out there creating their own widget probably still isn’t going to happen, huh?

Linthicum: It will. What’s going to happen is that they are going to do so through brokerage -- guys like Google. I don’t think Google is going to take a whole lot of money. They're going to take the normal pennies per transaction, and you will see millionaires that are made in a few months -- people who are able to send up killer services that Google and guys like StrikeIron are able to broker out to those who are setting up SOAs. Then, suddenly, they are going to find themselves a hit, very much like we’re seeing the Web 2.0 hits today.

Gardner: We have Google AdWords and AdSense. So, soon we should have "ServicesSense"?

Linthicum: Right, and everybody in that space, whether they say it or not, is building that in the back room right now. They know that’s coming.

Baer: I was just going to add that StrikeIron really has an interesting business model. I have spoken with Bob Brauer, the CEO of StrikeIron, several times. Their message is that there is going to be this marketplace out there. They are looking at SOA and services, perhaps Web 2.0 and mashups may come into play as well, but it’s a notion that rather having corporations worry about building their own internal functionality, they can go out to some kind of marketplace and get the best deal for the functions they need and the types of services they need. Your typical corporation may be run on a combination of internally built services and externally brokered services.

Linthicum: When I was CTO at Grand Central, we had a few companies that were run entirely on external services -- these new startups. They did all their accounting, their sales management, and everything else through external services. That’s probably too much for the larger Global 2000 to bite off right now, but there is going to be a functional changeover. As time goes on, they are going to use more external services than ever before.

Gardner: "Free" is a compelling rationale. All you have to do is look at a little text ad associated with the service and that page for the service and the provisioning and governance of the service becomes fairly compelling, right?

Linthicum: Absolutely.

Gardner: Well, thanks very much. That was an interesting discourse on this whole notion of mashups, SOA, and how it might evolve in the marketplace. For the last 10 minutes today, let’s discuss the deal announced this week whereby Oracle is going to acquire Hyperion for $3.3 billion, bringing the possibility of more analytics and business dashboard functionality into the growing Oracle stable. I believe this must be their tenth or twelfth acquisition since 2002.

Jim Kobielus, you’re data-centric in your studies and research. Does the fit between Hyperion and Oracle make sense to you?

Kobielus: It makes sense knowing Oracle. First of all, because [Oracle Chairman and CEO] Larry Ellison has been very willing in the past to grab huge amounts of market share by buying direct competitors like PeopleSoft, Siebel, and so forth, and managing multiple competing brands under the same umbrella -- and he is doing it here. A lot of the announcement from Oracle regarding this acquisition glossed over the fact that there are huge overlaps between Oracle’s existing product lines and Hyperion’s in pretty much every category, including the core area that Hyperion is best known for, which is financial analytics or Corporate Performance Management (CPM). Oracle itself provides CPM products for CFOs that do planning, budgeting, consolidation, the whole thing.

Hyperion is a big business intelligence (BI) vendor as well, and Oracle has just released an upgrade to its BI suite. You can go down the line. They compete in master data management (MDM) and data integration, and so forth. The thing that Oracle is buying here first and foremost is market share to keep on catapulting itself up into one of the unchallenged best-of-breed players in business intelligence, CPM and so forth. Oracle bought the number one player in that particular strategic niche, financial CPM , which is really the core of CPM -- the CFOs managing the money and the profitability.

It’s a great move for Oracle, and it definitely was an inevitable move. There will be continuing consolidation between the best-of-breed, pure-play data management players, such as Hyperion and a few others in this space, which are Business Objects and Cognos. They will increasingly be acquired by the leading SOA vendors. Look at the SOA vendors right now that don’t have strong BI or strong CPM, and look at the pure-plays that have those tools. The SOA vendors that definitely need to make some strategic fill-in acquisitions are IBM, Microsoft to a lesser degree, BEA definitely, and a few others, possibly webMethods. And, look at the leading candidates. In terms of CPM and BI and a comprehensive offering, they are down to three: Business Objects, Cognos, and SAS.

Now, SAS's Jim Goodnight has been doing it for over 30 years. It’s a great company, growing fast, with very loyal customers. Those product lines are very private, very stubbornly private, and I think they want to stay that way. So, I don’t think they are on the blocks in terms of being an acquisition candidate. But Business Objects and Cognos definitely are in play. So, it’s just a matter of time before both of those vendors are scooped up by some of the leading SOA vendors.

Gardner: So, Oracle has created a little bit of an auction atmosphere? Joe McKendrick, what's your take on this? You’re also a data personage.

McKendrick: Either Neil Macehiter or Neil Ward-Dutton, one of the Neil’s, mentioned on a couple of occasions that Oracle really isn’t playing up its database strengths. Lately, a lot of the activity, a lot of its announcements, and a lot of its acquisitions have been focused on the fusion, the middleware. And this [Hyperion buy] is definitely a play to its strength in the database market. Jim made some great observations, and there are a lot of overlaps. My sense is that Oracle is buying a huge, prominent customer base as part of the acquisition.

Gardner: Even though there is overlap in customer base and in some functionality, isn’t there the ability to integrate on an analytics basis by extracting value from data, rather than providing the data services themselves and/or a business application set? Doesn’t that make for an integrated approach that they could bring these two perhaps overlapping product categories together easier in this category, than they would either in database or business applications?

Garone: Yeah, Dana, I think that’s correct; and I also agree that this is less about database and more about middleware and fusion and building up that software stack. Oracle has clearly got an eye on doing that. This kind of an acquisition in the short term is always a double-edged sword, for Oracle especially. If any of you have been to some of their events as an analyst, you've seen what they’ve gone through in convincing the analyst community that they're going be able to both support all the customer bases of representing the products they acquire and integrate things well into their stack ...

Gardner: And they did seem to do a pretty good job at that between J.D. Edwards, PeopleSoft and Siebel, right? There wasn’t the big brouhaha in the installed base that some people were expecting.

Garone: Right. And that turned out to be true in those cases. It remains to be seen, of course, what will happen here, but it’s always a short-term hurdle that Oracle has to get over, both in terms of perception as well as the actual integration process and business model process. Again, this is really very promising, if Oracle pulls it off. But to me it’s really about their bigger picture of taking what they call Fusion middleware out beyond just middleware to the applications themselves, and essentially creating an entire integrated stack of software.

Gardner: How about you, Dave Linthicum? Do you believe that these services and analytics and creating business insight into operations are an essential part of SOA, as Jim Kobielus believes?

Linthicum: Absolutely. In fact, if you look at my stack, which is actually on Wikipedia right now, one of the things I have on top is Business Activity Monitoring (BAM) and analysis, because once you have those points of service -- both the behavioral visibility and also information visibility into all these different points, and you create these abstraction layers on top of it -- you have a great opportunity to actually monitor your business in real-time. And you have the ability not only to monitor it in real-time, but you can actually go back historically to see how what you are doing now relates to what you did in the past.

A lot of businesses can benefit from that. It's key technology. Oracle did the right thing strategically, and I think this stuff is going to be a necessity going forward for SOA, and it’s a necessity for business going forward as well. It’s one of the things where, if you look at the business, it’s just so huge, but you just don’t hear about it anymore.

Gardner: So, we're saying that the feedback loop becomes more essential for SOA, and that these BI tools are essential ingredients in creating a near real-time feedback loop, as well as a historical perspective feedback opportunity to then fine-tune your SOA, perhaps through a policy-driven governance capability?

Linthicum: Right. Fine-tune your SOA by fine-tuning your processes. I can imagine the potential here. I can see not only the health of my business, but also how my business produced things in the past, or how things were done in the past and how that relates to what I'm doing right now. I even have a rules engine, which is part of my SOA to make adjustments automatically to things that I know will have a positive effect on my business processes. You can get this automatic state which is hugely valuable for these large-product-intensive companies.

Gardner: The last word from Tony Baer, Do you see the analytics as important as some of our other guests?

Baer: Well, put it this way. Analytics is the necessary icing on the cake. All the other pieces tell you what you are doing, and the classic question of analytics tells you why. A lot of folks look at this as an extension to the database business. I see this as an extension of the applications business.

SAP, for example, has had BI for a number of years. Oracle has had some limited analytics starting back with the acquisition almost a decade ago of, I think it was, IRI Express as an OLAP database. Now, that was merely an extension to the database business, but if you look at how this is really going to end up playing out, it’s not that customers are looking for another database to just slice-and-dice their data. They are looking for a way to look at their business processes, which are represented through their application stacks and think, "How are we doing?" So, it’s a logical add-on to that.

In terms of worries about or concerns about a customer -- I guess customers getting dissatisfied when Oracle comes in -- the fact is that in ERP, just as in database, it’s a foundation buy. The fact is that regardless of what your personal feelings are about Larry Ellison, that technology is entrenched in the organization. The pain of migrating from it is greater than just sticking with it. Oracle has also improved its track record in terms of trying to be a little more customer friendly. It still has plenty of work to do. So, in the long run, I don’t see a lot of migration here, and I see this as being a very logical add-on in the apps business.

Gardner: Yeah, I agree. Strategically, this has a lot to do with the business applications. Do you think that this puts significant pressure on SAP?

Baer: It puts some pressure on SAP. I wouldn’t be surprised to see them make the play for one or the other two big ones. I also expect IBM to play in there, because even though IBM says it’s not in the apps business, the fact is that they do have products like master data management.

Gardner: And a lot of BI, too.

Baer: Exactly. And actually what's really ironic about all this is that years ago, IBM and Hyperion had actually had a very close relationship, and it was bordering almost on acquisition. I'm surprised that IBM actually never went the last mile and acquired them. It would make sense for them to make a move with one of the other players today.

Gardner: Interesting. Well, thanks very much. I want to go through our group for today, and we appreciate all your input. There’s Steve Garone, Joe McKendrick, Jim Kobielus, Tony Baer, and Dave Linthicum. We appreciate your joining us. I hope you come back. This is Dana Gardner, your producer, host and moderator here at BriefingsDirect SOA Insights Edition. Please come back and join us again next week.

If any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact Interarbor Solutions at 603-528-2435.

Listen to the podcast here.

Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 13. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.