in the API Economy? Work Unit Solution Build: A way to turn existing business assets into APIs, suitable for partner or public consumption Options: Service Gateway, Middleware, App Servers/Custom-code Harden: A way to secure these APIs Options: Custom-code, Security Gateway, Cloud Service Advertise: A way to advertise these APIs to a community or a partner. Options: API Developer Portal, Hackathons, Consulting Services, Marketing Outreach
Strategize Figure out what, when and how first Identify & Classify Data, Process, Application, Users Secure/ Protect Identify, Authenticate, Authorize, Protect Protect the Data Transit, Storage, In process, Life duration – Policies, Govern Manage traffic SLA based usage (identity/ location/ metrics)/ QOS Integrate Keep the back ends as is, expose the front end as needed Monetize Figure out a way to make money $$$$
applications that were written for different protocols and data formats. Current State Action Architectural Solution RESTful façade exposed at the enterprise perimeter Govern services with throttling, message level security, tokenization/fpe, content attack prevention, and authentication, authorization and audit controls Security gateway proxy model for centralized control Publish APIs and manage internal or external developers SaaS Developer Portal
Systems Of Record Integration/ Data Transformation Layer REST JSON OAUTH Mobile, API and other Partner Channels LOB Apps Directory CMS CRM ? ? ? ? ? ? Legacy
Service composition and orchestration • Authentication and Access Control • Authorization • Data format Mediation • Protocol Mediation • Content Attack Prevention • SLA Management, Rate Limiting • Lightweight ESB A world class gateway and industry leading SaaS API Management brings the best of both worlds to the customer Best of Breed Players for API Lifecycle Management Mashery API Management • SaaS Developer Portal • API Product Management • Developer On-boarding • Portal Administration • Reporting and Analytics • Monetization Data • Developer Facing Service Catalog • Developer Enablement Tools • Admin Tools, Community Tools POWER BY Service Gateway
• ID Token Mapping • SSL Termination • Metering & Monitoring • Data Transform • Protocol Mediation Use Case: Internal Cloud Service Brokerage/ Internal API management API Sharing with Integrated Run-time Enforcement & Mediation SOAP, JSON, XML Medical Information Service Provider On-prem 3rd Party Info Providers 3rd Party Cloud Info Providers Doctor Information Peer Reviews, Awards BCBSA Plan A BCBSA Plan B BCBSA Plan C Dev Dev Dev Internal Dev Community API Descriptions and Enablement Tools API Sharing Portal • Developer On-boarding • Portal Administration • Developer Facing Service Catalog • Developer Enablement Tools • API and Method Packaging POWER BY API Lifecycle Management JSON/REST Flat File SOAP/XML REST EDI JSON BCBSA CSB Platform