In the world of mobile, cloud and APIs, how do you assert control at the edge of the enterprise, the boundary between the unpredictable external environment and the internal managed systems? And, perhaps even more importantly, how do you gain insight into customer behavior and preferences so that you can advance the customer relationship with every action you take? Resolving such questions is dependent on "insight at the edge" - the idea that by applying service-oriented principles to interactions between external systems of engagement and internal systems of record, you not only protect against undesired external influences, but can tap into the stream of consciousness that already flows through the business. This content is part of the IBM Business Process Management Journal.


Claus Torp Jensen (, Senior Technical Staff Member, IBM

Claus JensenClaus Torp Jensen is a Senior Technical Staff Member and Chief Architect for SOA-BPM-EA Technical Strategy at IBM in Somers, NY. He leads IBM's SOA Foundation team, working on the convergence of different architectural disciplines. Claus is a member of the WebSphere Foundation Architecture Board.

Prior to joining IBM, Claus had ten years of experience as a Chief Architect and SOA Evangelist.

developerWorks Contributing author

13 February 2013

Also available in Chinese

Loss of control or grand opportunity?

When asked, people almost invariably mention mobile, social, cloud or big data as "the next cool thing." While everybody agrees these are an integral part of the agenda for a modern enterprise, there is much less clarity around their impact on building, operating and evolving business and IT solutions.

Historically IT organizations have attempted to control integration by providing a managed development environment, and deploying solutions onto approved middleware and runtimes. The problem is that this approach will no longer work. Developers (unless prevented) now download and use any library or open source tool that is recommended by their social network peers. Businesses outsource the creation of mobile apps to agencies. Partners provide more and more of the backbone for business operations. Teenagers want to build their own mashups on smartphones. Businesses want to sell information and insight as a marketable commodity. In other words, centralized IT has lost control of both the development environment and the runtime environment!

Figure 1. Loss of control - a blessing or a curse?
Loss of control - a blessing or a curse?

So now what? Do we moan about the past, or do we choose to see this as an opportunity to act and influence in a larger and more important context? Personally I choose the latter, and I firmly believe that we can build the future based on a foundation of tried and true engineering and design principles. The good design principles of service-oriented architecture (SOA), the idea that you can control interactions through well-defined services and interfaces is certainly applicable to mobile, social, cloud and big data -- even, or perhaps especially, in an environment where neither development nor operations is fully under enterprise control.

Applying SOA at the edge of the enterprise

The enterprise service bus (ESB) pattern is the basis for the loosely-coupled nature of SOA-based systems, and mediation is key to the ESB pattern. Classically, most ESB mediations have been mediations of message formats, protocols, and other IT characteristics in an IT transactional context. In a modern enterprise, mediation can and should be based on skills, availability, location, and so on. It is still SOA, still based on the ESB pattern, but now applied in the context of say mobile and social.

In the world of tomorrow, the control point is not a user interface framework, nor an internal IT system, rather it is the edge of the enterprise, the point where the uncontrolled meets the somewhat controlled. So how do we push the design principles of SOA beyond the walls of the enterprise? The answer is web APIs.

Figure 2. Web APIs are the external face of an enterprise
Web APIs are the external face of an enterprise

Business APIs are the external face of an enterprise

A web API is a public face for an enterprise. It exposes defined assets, data or services for public consumption, for instance product catalogs, phone listings, order status or even twitter feeds. A web API is simple for application developers to use, access and understand. It can be easily invoked via a browser, mobile device, and so on. In this way, web APIs extend an enterprise and open new markets by allowing external developers to easily leverage, publicize and aggregate a company's assets for broad-based consumption -- which is exactly what service orientation is all about, providing well-defined interfaces (services) with clear business semantics and runtime-enforced security and workload policies.

Web APIs are a specific genre of services with a lifecycle that is focused on "external" consumption. This is more than just a nuance. It drives a focus on simplicity, security and compatibility with standards-based external systems. Managing business APIs is key to extending enterprise reach to the new channels presented by mobile and software as a service. In essence, this transformation is replicating what e-business did in the late 1990s. E-business placed web platforms in front of mainframe-based applications as a way to externalize the mainframe applications to the web without destabilizing core business transactions. Now people are expanding beyond the enterprise by using APIs to responsibly externalize internal services.

Gain insight from business interactions

Through web APIs you can take control of the interactions between systems of engagement (outside the enterprise) and systems of record (inside the enterprise). But taking control is not sufficient to stay competitive; modern enterprises need to be smart, aware and ensure that the best action is always taken to promote the relationship with a customer, partner or supplier.

How do you gain the necessary insight? How do you tap into the data already flowing through the business? How do you instrument applications to provide a "stream of consciousness" in a non-intrusive fashion, especially when many of those applications are developed outside your control? The answer in many cases is simply to instrument the Edge Gateway and the ESB middleware that carries all interactions between systems of engagement and systems of record, siphoning off information from any interaction that includes an endpoint inside the enterprise.

Figure 3. Tap into data already flowing through the business – instrument the ESB middleware
Tap into data already flowing through the business – instrument the ESB middleware

Tap into data already flowing through the business by instrumenting the ESB middleware

While this approach doesn't cover all relevant information (such as everything happening in a social community), it does address the majority of the visibility challenge. What results is a big data challenge. There will be a lot of data coming off the instrumentation of the Gateways and ESBs, and you will likely want to use it in many different ways, such as:

Know your client better
Know their location, reach them now, use authoritative information as part of any interaction. Customers expect you to know who and where they are. Have you ever had to repeat the information on who you are and why you are calling?
Determine the next best action
Determine the right thing to do here and now, and leverage strategic insight from information collected over time. Customers expect you to be smart about what you suggest as the next interaction, or they won't give you the time of day. Have you ever had someone propose a solution that you already rejected last week?
Adapt now
Make deployed solutions adaptive, instrument processes to react to current situations and locations. Customers have no patience with processes that were clearly not created with their circumstances in mind> Have you ever been on the phone with someone who is following a script that includes five steps you have already been through?
Have better compliance
Check qualifications and policies on the fly, handle exceptions in a structured fashion, apply risk management to the information collected. Authorities, internal as well as external, expect you to comply with policies and regulations at all times, and be able to prove it. Have you ever been in a situation where you were not able to prove with documented certainty that you were in compliance with the relevant legislation?

A common thread through all of these is the desire to become progressively more predictive, which in turn requires giving up the notion of certain rigid truths and accepting that the same information can and should be used for different kinds of insight. These are the characteristics of big data solutions, so look for technology capabilities that mix big data and SOA rather than always relying on traditional data warehouse approaches.


Applying SOA at the edge of the enterprise provides broad-based control of the interaction between systems of engagement and systems of record. This does not in and of itself create new business insight, but SOA helps apply insight in the right way, at the right time and in the right place. Furthermore SOA helps collect evidence about what's going on in the operational environment and can event help capture business outcomes. Supplement that with business analytics and big data for collating and reconciling information, maybe even predicting likely outcomes of certain actions, and you have a powerful cocktail that produces and leverages advanced insight as a natural part of business operations.



developerWorks: Sign in

Required fields are indicated with an asterisk (*).

Need an IBM ID?
Forgot your IBM ID?

Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.


All information submitted is secure.

Dig deeper into Business process management on developerWorks

Zone=Business process management, WebSphere, Mobile development
ArticleTitle=BPM Voices: Insight at the edge