Click here to close now.




















Welcome!

@CloudExpo Authors: Liz McMillan, Srinivasan Sundara Rajan, Dan Koloski, Pat Romanski, Elizabeth White

Related Topics: @ThingsExpo, Microservices Expo, @CloudExpo, @BigDataExpo

@ThingsExpo: Blog Feed Post

Rise of the Thing - Internet of Things

The Internet of Things (IoT) is giving rise to a whole new set of protocols for API access

Here are some predictions for the API space for 2014:

Rise of the Client
It's generally agreed that an API is only as good as the clients which use it. An unused API is a failure. So that's why it's odd that so much attention has focused on the server side of APIs, with comparatively little attention paid to the client side (there are exceptions though, like Runscope's handy Request Editor and hurl.it, to help developer API clients).

If you ask an API provider about how their API is going to be called by clients, often you are met with a hand-wavy answer along the lines of "It's REST, so it's easy". While it may be true that it's easy to hack together a client to call the API that "just works", the problem is that that's all it does. It "just works", but doesn't provide the high-level benefits such as:
- Ensuring the API is responding according to your expected service level
- A broker layer so that you're not locked into any particular API provider, or:
- API orchestration

At Axway we've seen that our API Gateway is frequently used at the Client Side, adding a layer of visibility and control to API usage from the client's point of view, as well as providing an independent audit log of API usage, separate from the logs provided by the API provider. All of this points to the rise of the client.

Another major factor involving the rise of the important of the API client is raft of new protocols associated with Machine-to-Machine API access, used in smart-meter or "connected car" environments for example. Which leads us nicely on to the next prediction...

Rise of the Thing
(hat-tip to Zahid Ghadialy from EE for this title, taken from his excellent recent presentation)

The Internet of Things (IoT) is giving rise to a whole new set of protocols for API access. Until recently, it was taken for granted that JSON is all-conquering and predominant. In my view, the popularly of JSON for APIs is as much to do with the widespread usage of dynamic languages on the client side (JavaScript in particular, of course) as it is to do with the smaller size of JSON relative to XML.

In the word of IoT, with embedded devices on the client and greater bandwidth constraints, it's not the case that clients will always be JavaScript based and expecting JSON. In IoT, we see MQTT, CoAP, and AMQP. All different, but all existing to deal with the low-latency and message size constraints of IoT devices. In this case, it isn't possible to simply throw together a REST client with JavaScript on the client - the result would be hopelessly inefficient since even JSON is too verbose. Ironically, with the IoT standards we are back to binary encoding, something I wrote about (BER encoding for XML) way back in 2002.

I would also watch Google's Protocol Buffer, which with protobuf.js provides JavaScript without the JSON size overhead.

Going Meta
In the world of SOA, we saw that each Web Service could be associated with metadata expressed using WS-PolicyAttachment with WSDL. The mention of any WS-* specification is enough to make anyone cringe, but in the case of SOA, at least there were standards for attaching meta-data to services.

In the case of APIs, we have sites such as ProgrammableWeb which provide human-readable information about APIs. But this is not the same as machine-readable information which a client can consume, conveying information how to call the API, security tokens (e.g. OAuth 2.0 Access Token) required, and expected response times.

Ole Lensmar wrote a great round-up of the API metadata options, back in the summer (now you would add RAML to this list). For Enterprise APIs, with security and quality-of-service requirements, I expect API metadata to grow in importance in 2014.

Traditional and API-based Integration continue to converge
Axway got a jump on this trend back in late 2012, with the acquisition of Vordel. In fact, at the time of the Vordel acquisition, Kin Lane foretold that "I predict in 2013-2015 we are going to see more of these types of acquisitions occurring. Large software companies are going to need a robust set of API tools to bring legacy systems into the modern, API driven economy." And how right he was! 2013 saw a slew of further acquisitions. I would hope that my predictions could be as accurate as Kin's.

There is clearly a need to take advantage of API-based integration, but in tandem with more traditional integration technologies. It's not a case of "either/or". Here at Axway, with API-based integration incorporated into our portfolio, we provide customers with a single suite solution covering B2B, APIs, managed file transfer, and even email security. In 2014, APIs will not be an isolated "new new thing", but will be working in tandem with traditional integration technologies.

SOA and APIs no longer adversarial
Paolo Malinverno from Gartner likes to say that "When people talk about APIs and Services, 99% of the time they are talking about the same thing". One of the big take-aways of the recent Gartner AADI conference was that we've gotten over the adversarial talk of "SOA versus APIs" and now there is a realization that they are linked. The linkage goes both ways. For example, APIs can be built on SOA principles (loosely-coupled, abstracting underlying implementation details), and SOA architecture itself can be used to manage APIs. Ideas from SOA, such as management of service meta-data in a repository, find new life in API Management with customizable API Catalogs in API Developer Portals.

In 2014, I expect to see more healthy realization that SOA principles are complimentary to API Management,

More API Breaches
Finally, on a less positive note, I believe we will see more successful attacks on APIs. In 2013 we had the attack on Buffer's API and, just last week, the attack on Snapchat's API. Earlier in the year we saw DoS attacks on banking websites which also brought down Web APIs (resulting in some banking mobile apps becoming unusable). One of the key things which API Gateways do is to protect APIs from attack. Of course, they also provide more positive advantages like API Quota Management, caching, and REST-SOAP transformation. But, with growing awareness of API breaches, the security factor will grow in 2014.

Happy 2014 everyone!

More Stories By Mark O'Neill

Mark O'Neill is VP Innovation at Axway - API and Identity. Previously he was CTO and co-founder at Vordel, which was acquired by Axway. A regular speaker at industry conferences and a contributor to SOA World Magazine and Cloud Computing Journal, Mark holds a degree in mathematics and psychology from Trinity College Dublin and graduate qualifications in neural network programming from Oxford University.

@CloudExpo Stories
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Chuck Piluso presented a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Prior to Secure Infrastructure and Services, Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Te...
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society-changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his session at @ThingsExpo, Jason Mondanaro, Director, Product Management at Metanga, discussed how you can plan to cooperate, partner, and form lasting all-star teams to change the world...
Public Cloud IaaS started its life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in adop...
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists addressed this very serious issue of pro...
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to tran...
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at DevOps Summit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Countless business models have spawned from the IaaS industry. Resell Web hosting, blogs, public cloud, and on and on. With the overwhelming amount of tools available to us, it's sometimes easy to overlook that many of them are just new skins of resources we've had for a long time. In his General Session at 16th Cloud Expo, Phil Jackson, Lead Technology Evangelist at SoftLayer, broke down what we've got to work with and discuss the benefits and pitfalls to discover how we can best use them to d...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
SYS-CON Events announced today that Agema Systems will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Agema Systems is the leading provider of critical white-box rack solutions to data centers through the major integrators and value added distribution channels.
"Our biggest growth area has been the security services, the managed services - the things that differentiate us in the market that there is no client that's too small and there's no client that's too big," explained Paul Mazzucco, Chief Security Officer at TierPoint, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Converging digital disruptions is creating a major sea change - Cisco calls this the Internet of Everything (IoE). IoE is the network connection of People, Process, Data and Things, fueled by Cloud, Mobile, Social, Analytics and Security, and it represents a $19Trillion value-at-stake over the next 10 years. In her keynote at @ThingsExpo, Manjula Talreja, VP of Cisco Consulting Services, discussed IoE and the enormous opportunities it provides to public and private firms alike. She will share w...
"Alert Logic is a managed security service provider that basically deploys technologies, but we support those technologies with the people and process behind it," stated Stephen Coty, Chief Security Evangelist at Alert Logic, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
"We specialize in testing. DevOps is all about continuous delivery and accelerating the delivery pipeline and there is no continuous delivery without testing," noted Marc Hornbeek, Sr. Solutions Architect at Spirent Communications, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.