Microsoft shares SaaS architecture insights

As I mentioned yesterday, there are some smart people at Microsoft who really understand what SaaS and on-demand is all about, which is just as well considering how much buzz surrounds the whole concept of service-oriented computing, from SaaS to SOA to Web 2.0. Some of the most actionable insights are coming from Gianpaolo Carraro and Fred Chong of Microsoft's Architecture Strategy team, who are currently writing a series of white papers about the nature of SaaS. They just published their latest, which looks at SaaS from an enterprise point of view. More on that in a moment.

First, I want to mention one of the insights I specially liked from their earlier work,So much of what's written about SaaS is empty navel-gazing by vendors which they presented in a session at September's SaaScon conference [for which I am on the advisory board — see disclosure page].

I often find it difficult to persuade people how much is involved in delivering software as a service — and by extension any Web 2.0 API or application service — so it was a real joy when they displayed this powerpoint slide.

This slide gives the lie to the idea that moving to SaaS is a simple operation. It's a succinct summary of all the service delivery management infrastructure that's required to successfully host service-oriented software:

• Access control and security
• Order management and provisioning
• Management and SLA monitoring
• Metering and billing
• Customer support

Note how many of these headings relate to commercial considerations — taking orders, meeting contractual commitments, billing for usage and providing after-sales service — not in the siloed batch mentality of delivering a shrink-wrapped product, but as an integrated runtime platform. It underlines how much investment in infrastructure it takes to start delivering software as a service — without even mentioning the need to rearchitect the application itself, which Carraro and Chong deal with elsewhere in their white paper series.

Knowing that I was about to write about this, I was delighted to read yesterday Dan Farber's blog item about the launch of Mashery, which applies exactly this kind of rigor to Web 2.0 APIs (although I see Eric Norlin has some doubts about Mashery's grasp of the all-important role of identity management, which I'm glad to say has a prime position in the above slide). I've long been critical of the lack of commercial thinking in the Web 2.0 world. If Web 2.0 startups want to get taken seriously in the enterprise market, or indeed in any business market anywhere, they're going to have to start applying some commercial rigor to their offerings. Mashery provides a simple way to start doing that, covering off many of the functions of the service delivery platform outlined in Carraro and Chong's slide, as applied to API services.

I'm looking forward to hearing more from Gianpaolo tomorrow at SIIA's OnDemand Summit in San Jose, where he will be sitting on a panel I'm moderating. It has the rather grand title of Integration using SOA and Web Services — Engineering Products for the Business Web, and it's really all about the interaction of SaaS, SOA and Web 2.0. I'll be posting more from the conference tomorrowand will be in the Bay area until next Tuesday.

Returning finally to the latest white paper from the Microsoft team, Software as a Service (SaaS): An Enterprise Perspective. When so much of what's written about SaaS is empty navel-gazing by vendors, it's refreshing to come across a white paper that takes a proper look from the point of view of enterprise IT. It sets out in clear, objective terms why an enterprise might want to take advantage of SaaS and what considerations it ought to bear in mind when evaluating SaaS options. Here's a key summary:

"... SaaS influences an enterprise's allocation of resources through a variety of licensing, operation, and management models. The smart enterprise will be able to trade direct control (over service-implementation details) for the additional flexibility to optimize the strategy and execution of its core mission. However, the extent to which an enterprise can expoit SaaS is directly related to its ability to transfer and mitigate risks, and getting a good handle on service-level agreement is a key part of the risk-management game."

The paper also sets out a useful framework for thinking about how to integrate SaaS into the enterprise application infrastructure in a way that best serves user business needs. It then finishes up raising a point that I've always found a very intriguing and likely prospect in the evolution of SaaS — the potential for businesses themselves to become specialized SaaS providers (indeed it's already an emerging phenomenon, as I mentioned recently in another posting). They conclude:

"The same principles that make it feasible for an enterprise to consume services from the Internet cloud can make it possible to offer services to the cloud, too ... we believe that the future of enterprise computing is not going to be purely on-premise or in-the-cloud. Instead, like the yin and yang, they will exist in symbiotic harmony."

I would add that it doesn't much matter whether you label those services as SaaS, SOA or Web 2.0 — or alternatively forswear the use of today's trendy buzzwords entirely — the future of enterprise IT is all about managing and marshaling services, wherever they originate and whatever you choose to call them.