August 29th, 2014

360 Reasons to Attend API360 Summit in DC on Sept. 12

API360 SpeakersWe are two weeks away from the API360 Summit in Washington, DC. This event will examine the state of the industry in APIs, with a particular focus on the impact of open data and open APIs in the public sector.

We have a phenomenal lineup of participants, including:

  • Gray Brooks, who will describe the importance of APIs to the groundbreaking efforts of the federal government’s digital services delivery program, 18F
  • The API Evangelist himself, Kin Lane, who will moderate panels on open APIs and open data
  • Sanjay Motwani, who will tell the story of the API program at The Advisory Board Company, a leading healthcare research and consulting firm
  • Michael Prichard, Co-Founder & CTO at WillowTree Apps, who will give a client-side perspective on the importance of APIs and good API design

All the panelists are equally excellent and we hope to provide as many API perspectives as possible, while giving you – the attendee – the opportunity to interact and share your views in real time. We still have a few seats left and would love to see you there.

P.S. I would also like to let you know that our second API360 Summit will take place in London on November 18. Expect to see an announcement in mid-September.

May 10th, 2013

Making Government Data “Easy to Find, Accessible & Usable”

On May 9, 2013 the White House released an executive order with the title Making Open & Machine Readable the New Default for Government Information. My favorite line in the entire document is:

“Government information shall be managed as an asset throughout its life cycle to promote interoperability and openness, and, wherever possible and legally permissible, to ensure that data are released to the public in ways that make the data easy to find, accessible, and usable” (emphasis mine).

No Dumping
The usual approach to this type of work is to simply publish raw data in a directory or repository and then create some fencing around the data that helps track usage and distribution. Essentially, making government data “open” becomes a data dumping operation. This practice fails on all of President Obama’s three key points. First, data dumps make finding valuable information not at all easy. Second, even though the content might appear in a standard format like XML, CSV or JSON, it is hardly accessible (except for to geeks, who love this kind of stuff). And finally, raw data is hardly ever usable. Instead, it’s a mind-numbing pile of characters and quote marks that must be massaged and re-interpreted before it comes close to usability.

So, while this new directive offers an opportunity to make available a vast amount of the data the government collects on our behalf, the devil is in the details. And the details are in the interface – the API. As with poorly-designed kitchen appliances and cryptic entertainment center remote controls, when it takes extensive documentation to explain how to use something, the design has failed. There’s a simple principle here. Poor API design results in unusable data.

Affordable Data
It doesn’t have to be this way, of course. Government departments have the opportunity to implement designs that meet the goals set forth in the executive order. They can make it easy for people to find, access and use the data. They can publish not just data but APIs that afford searching, filtering and exploring the data in a meaningful and helpful manner; APIs that empower both users and developers to successfully interact with the data, without resorting to a dashboard featuring dozens of options or mind-numbing explanations.

In the (likely) event that the initial open data release consists of mere data, companies and individuals would be well advised to resist the temptation to build a multitude of “one-off” applications, each of which solves a single problem or answers a narrow set of questions for some subset of the data. Instead, work should be put into converting the raw data into usable API formats such as Atom, OData, HAL, Collection+JSON and HTML (to name just a few). APIs should be designed with the same care that would be given to any interactive experience.  Investment in tools and technologies that can properly represent the data in multiple formats while supporting various use cases and access requirements will yield great results.

Open Data APIs
In the end, organizations that know the importance of a good interface, the power of choice and the freedom of flexible representations will be able to convert raw data into valuable information, which can be consumed by a wide range of users, platforms and devices. These considerations are essential to building and supporting open data APIs.

Because – ultimately – data isn’t open, unless it’s “easy to find, accessible, and usable”.

June 8th, 2012

Layer 7 at Gartner Security & Risk Management Summit

Gartner Security and Risk ManagementNext week (June 11-14), Layer 7 will be exhibiting at the Gartner Security & Risk Management Summit near Washington, DC (in National Harbor, MD). Speakers will run the gamut from Michael Dell to the Cybersecurity Coordinator for the White House, because enterprises and governmental organizations share a serious interest in securing data and applications.

The combination of security and risk management is particularly interesting these days, as rapid migration to Cloud and Mobile has introduced a new set of risks. These new platforms raise issues around compliance, information security and identity management, which can only be addressed with a comprehensive approach to security, using proven technology.

If you’re at the show, stop by and visit Layer 7 at Booth 92. We’d love to demonstrate how our SOA Governance and API Management solutions can counteract the risks involved with adopting these new technologies. Our solutions – flexibly deployed on-premise or in the Cloud – provide control over data and applications being exposed to partners, Cloud and Mobile.

And our industry-leading technology has been certified at the highest levels for use in both corporate and governmental organizations – PCI-DSS compliance for retail, STIG vulnerability testing for the DoD, FIPS 140-2 for cryptographic functionality and Common Criteria certification for overall security.

Don’t let the risk outweigh the reward – come talk to us!

June 7th, 2012

Platform Comes to Washington

Digital GovernmentEveryone wants his or her government to be better. We want more services, better services and we want them delivered cheaper. Politicians come and go, policies change, new budgets are tabled but in the end we are left with a haunting and largely unanswerable question: Are things better or worse than they were before?

One thing that is encouraging and has the potential to trigger disruptive change to the delivery of government services in the US is the recent publication Digital Government: Building a 21st-Century Platform to Better Serve the American People. The word to note here is platform –  it seems that government has taken a page from Facebook, Twitter and the others and embraced the idea that efficient information delivery is not about a carefully-rendered Web page but instead is really a logical consequence of developing an open platform.

I confess to some dread on my first encounter with this report. These publications are usually disheartening products of weaselly management consultant speak refined through the cloudy lens of a professional bureaucrat (“we will be more agile”). But in this instance, the reverse was true: this report is accessible and surprisingly insightful. The authors understand that Mobile+Cloud+Web API+decentralized identity is an equation of highly interrelated parts that, in summation, is the catalyst for the new Internet renaissance. The work is not without its platitudes but even these it bolsters with a pragmatic road map identifying actions, parties responsible and (gasp) even deadlines. It’s actually better than most business plans I’ve read.

Consider this paragraph clarifying just what the report means when it calls for an information-centric approach to architecture:

An information-centric approach decouples information from its presentation. It means beginning with the data or content, describing that information clearly, and then exposing it to other computers in a machine-readable format—commonly known as providing web APIs. In describing the information, we need to ensure it has sound taxonomy (making it searchable) and adequate metadata (making it authoritative). Once the structure of the information is sound, various mechanisms can be built to present it to customers (e g websites, mobile applications, and internal tools) or raw data can be released directly to developers and entrepreneurs outside the organization. This approach to opening data and content means organizations can consume the same web APIs to conduct their day-to-day business and operations as they do to provide services to their customers.

See what I mean? It’s well done.

The overall goal is to outline an information delivery strategy that is fundamentally device agnostic. Its authors fully recognize the growing importance of mobility and concede that mobility means much more than the mobile platforms — iOS and Android, among others — that have commandeered the word today. Tomorrow’s mobility will describe a significant shift in the interaction pattern between producers and consumers of information. Mobility is not a technological instance in time (and in particular, today).

But what really distinguishes this report from being just a well-researched paper echoing the zeitgeist of computing’s cool kids is how prescriptive it is in declaring how government will achieve these goals. The demand that agencies adopt Web APIs is a move that echos Jeff Bezos’ directives a decade ago within eBay (as relayed in Steve Yegge’s now infamous rant):

  1. All teams will henceforth expose their data and functionality through service interfaces.

It was visionary advice then and it is even more valid now. It recognizes that the commercial successes attributed to the Web API approach suggest that just maybe we have finally hit upon a truth in how system integration should occur.

Of course, memos are easy to ignore — unless they demand concrete actions within limited time frames. Here, the time frames are aggressive (and that’s a good thing). Within six months, the Office of Management & Budget must “Issue government-wide open data, content, and web API policy and identify standards and best practices for improved interoperability.” Within 12 months, each government agency must “Ensure all new IT systems follow the open data, content, and web API policy and operationalize agency gov/developer pages” and also “optimize at least two existing priority customer-facing services for mobile use and publish a plan for improving additional existing services.”

If the recent allegations regarding the origins of the Stuxnet worm are accurate, then the President clearly understands the strategic potential of the modern Internet. I would say this report is a sign his administration also clearly understands the transformational potential of APIs and mobility, when applied to government.

March 23rd, 2012

Layer 7 at the 2012 DoDIIS Worldwide Conference

2012 DoDIIS Worldwide ConferenceLayer 7 is proud to be exhibiting at the 2012 Department of Defense Intelligence Information Systems (DoDIIS) Worldwide Conference, which will be taking place in Denver this April 1-4. The show will be focusing on the Defense Intelligence Agency’s goal of unifying defense intelligence infrastructure and information sharing initiatives.

Never before has so much intelligence data been collected and never has the challenge of securely sharing these valuable assets been greater. As new intelligence systems come online, issues inevitably arise around the need to make data and security credentials interoperable between these new systems and existing capabilities.

As the leading provider of secure messaging and security Gateway solutions to the US Federal Intelligence Community, Layer 7 will be at the show, demonstrating its solutions for data and security interoperability within the enterprise and the Cloud. If you’re attending the DoDIIS conference, stop by Booth 917 to see first-hand how you can resolve interoperability and fine-grained access challenges with a Common Criteria EAL 4+ certified solution from Layer 7.