Enterprise mashups need certified standards before organisations will place their data 'and trust' in them, reports E&T.
The trickiest transition for any new generation of computer application is that from nascency to immaturity. For mash-up developers the potential for significant market take-up seems evident - mash-up plus-points carry much force in the context of business IT - yet even as the factors for success fall into place, the 'tipping point' still seems a way off. The mash-up proposition holds attractions for enterprise IT, especially the potential to enable task-specific browser-based applications (relatively) quickly and cheaply, that energise existing corporate information by combining it with external data sources and other resources online.
The mash-ups model is also claimed to be adept at integrating data already 'siloed' inside an organisation, and enterprise IT strategists will like the fact that mash-ups applications are scalable. But these qualities are for nothing if no standards exist to validate them.
Mash-ups are not, of course, completely dissociated from industry standards. They work on standard browsers and are based on open-source software elements; this may or may not be a good thing, depending on an organisation's stance toward open-source. Some IT leaders recognise the benefits of open-source and embrace it; others think that the compatibility problems it can cause make it more trouble than it's worth.
The mash-up ethos is strongly predicated on 'openness', both in respect to code accessibility and toward data ownership, but even very open-minded open-sourcers may want to see standards-driven controls. The focus here centres around user demand driving better standards and this encouraging adoption.
According to mash-up standards doyen Dion Hinchcliffe, founder of Enterprise 2.0 firm Hinchcliffe & Co, demand-driven interest is pressuring the standards process. 'As business conditions increase the internal demand to leverage untapped corporate knowledge, mash-ups offer a model that aligns to the needs of the business by connecting workers to resources they need,' he says. '[They] allow for the easy creation of inexpensive, 'situational' applications that can now fall inside resource, budget and time [targets] that were difficult to meet with older generation techniques.'
Lash-ups and hash-ups
Industry standards for mash-ups are evolving; however, the mash-up ideal also seems to be developing 'organically' outside of governed enterprise computing and the impression given by unregulated circles is that because the definition of a mash-up is somewhat amorphous, it is therefore hyperbolic. This may not be entirely accurate, but neither is it entirely incorrect. There's also the spectre of 'lash-ups' - mash-up-like applications, thrown together more for show and effect, that lack solid functional integrity.
Before regulatory-compliant organisations will countenance any new IT proposition, agreed industry standards need to be well established; and this is where mash-ups are playing catch-up. Even though mash-ups have been around for a while, for the business world defining requirements is among the initial steps on the path toward standardisation.
Standardised service-oriented architecture (SOA) initiatives can help to lend assurance to the mash-up proposition by offering many of the raw ingredients (or services) to provide access to necessary business data and information systems, Hinchcliffe points out. As such, mash-ups can proactively help SOA achieve improved adoption and alignment with an organisation's business lines by directly engaging customers in creating the solutions they need, and business partners in creating the affiliations that they seek.
Open mash-up alliance
Realising the importance of an industry body to co-ordinate the evolution of industry initiatives and provide direction for industry players seeking to enfranchise the enterprise mash-ups marker, the Open Mash-up Alliance - OMA - formed last September with a membership list comprising of both industry and end-user organisations - but membership is open to any organisations or individuals.
Founding members include leading software vendors, consulting companies, technology service providers and industry leaders. Charter members include Adobe, Bank of America, Capgemini, HP and Intel, along with mash-up-centric players like Convertigo, JackBe, Kapow, Programmable Web, Synteractive, Xignite and Hinchcliffe & Co.
The OMA's inception was generally welcomed by the IT industry. For enterprise mash-ups to 'take hold', vendor lock-in concerns raised by proprietary build environments need to be addressed, says Michael Ogrinz, principal architect at Bank of America and the author of 'Mash-up Patterns: Designs and Examples for the Modern Enterprise'. 'We need to inspire the innovative minds of the open-source community to start working in this space,' he says. 'By establishing an open standard for mash-ups, the OMA and EMML addresses both of these issues.'
The EMML that Ogrinz refers to is Enterprise Mash-up Mark-up Language. This standard was first published by Raj Krishnamurthy and Deepak Alur in 2006. The aim of their work was to enable user-oriented and user-enabled mash-ups by developing a (at the time) new middleware called an 'Enterprise Mash-up Platform'. Krishnamurthy became the chief language designer and implementer of EMML; he also led the team to create an Eclipse-based EMML integrated development environment called Mash-up Studio. This evolved into the EMML reference implementation that was donated to the Open Mash-up Alliance; Krishnamurthy still contributes to EMML through the OMA.
EMML is an extensible mark- up language designed specifically for creating advanced enterprise mash-ups that sometimes perform logical or mathematical operations as well as pure data species. Enterprise mash-up outputs are presented in graphical user interfaces as mashlets (user-oriented micro-applications), widgets (a portable chunk of code that can be installed and executed within any separate HTML-based Web page by an end-user without requiring additional compilation), or gadgets (programs that provide services without needing an independent application to be launched for each one).
According to some, EMML can be considered as a declarative mash-up Domain Specific Language - a programming language or specification language dedicated to a problem domain, a problem representation technique and/or a solution technique. EMML also provides a declarative language for creating visual tools for enterprise mash-ups. EMML is an open language specification that is promoted by the Open Mash-up Alliance, with the eventual objective of submitting the specification to a recognised industry standards body. EMML is free-to-use, including technologies that embed or use it.
The fact the EMML is predicated on established and standardised software build tools and techniques lends it credibility. It has attracted software developers excited by both the opportunities the mash-up model offers and the market opportunities to enable enterprises to rework their existing data assets into additional applications.
But EMML has its detractors. A Software Development Times editorial declared that it is 'too soon to even begin thinking about calling [EMML] a standard', and added: 'Premature standardisation kills innovation' An attempt to lock in an early set of protocols stifles creativity. This is certainly the case with EMML.'
A stern appraisal, perhaps; but the EMML specification will be governed under the Creative Commons License and supported by a free-to-use EMML reference run-time engine. The Open Mash-up Alliance will steward and enhance the EMML v1.0 specification for future contribution to a standards body. While EMML has been around for a while, the OMA is less than a year old and its influence has yet to be felt.
'If you didn't create the service, then it might or might not do exactly what you wanted - and it takes too long to get the originator of the service to change it to your needs,' observes Microsoft 'architect evangelist' Josh Holmes. This so-called 'Not-Invented-Here (NIH)' mentality is anathema to mash-ups, he maintains: 'This also manifests itself in trust. If you don't trust the provider of the service, then you will not rely on that service in your critical application.' The necessity to manage against rogue information entering a key business process through an enterprise mash-up is one that any CIO will want to see demonstrated in EMML before they are willing to trust part of their employer's data assets in it.
Another standards-based 'roadblock' to corporate mash-up adoption highlighted by a 2008 Microsoft White Paper is Component Lifecycle Management. As mash-ups become adopted across an enterprise, challenging issues across their lifecycle will become manifest. Mash-ups will have dependencies on their components and these can be broken. Components and mash-ups will also change, making it difficult to keep track of what versions of components work with what mash-ups. Locating a specific mash-up may be difficult once multiple versions are available.
Allied to this is the fact that SOA and Web services generic attributes also change. Mash- ups have a dependency on the definition of the underlying Web services being used. If the external interfaces of these services change, then the mash- up will not function as properly or cease working altogether. Web Services Management and SOA Management and Governance solutions exist to address these challenges. Not all enterprises have adopted them, however, and the OMA would do well to concentrate its available efforts toward this area.