B2B Integration : A Practical Guide to Collaborative E-commerce
B2B Integration : A Practical Guide to Collaborative E-commerce
B2B Integration : A Practical Guide to Collaborative E-commerce
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
nioioimuc;./!<br />
1011<br />
1<br />
1<br />
.«.•.«!<br />
^,J/MiiW«S«|<br />
'01101100 M!<br />
-J<br />
Gunjan Samtani<br />
edi<strong>to</strong>rs<br />
Marcus Hcaley<br />
Shyam Samtani<br />
'llOlOioilOIlOL<br />
JlOOO)<br />
fOllPOl<br />
<strong>B2B</strong> <strong>Integration</strong><br />
A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong><br />
<strong>Collaborative</strong> E-<strong>commerce</strong><br />
Imperial College Press
<strong>B2B</strong> <strong>Integration</strong><br />
A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong><br />
<strong>Collaborative</strong> E-<strong>commerce</strong>
This page is intentionally left blank
<strong>B2B</strong> <strong>Integration</strong><br />
A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong><br />
<strong>Collaborative</strong> E-<strong>commerce</strong><br />
Gunjan Samtani<br />
Divisional Vice President<br />
Information Technology Group UBS PaineWebber<br />
edi<strong>to</strong>rs<br />
Marcus Healey & Shyam Samtani<br />
Imperial College Press
Published by<br />
Imperial College Press<br />
57 Shel<strong>to</strong>n Street<br />
Covent Garden<br />
London WC2H 9HE<br />
Distributed by<br />
World Scientific Publishing Co. Pte. Ltd.<br />
P O Box 128, Farrer Road, Singapore 912805<br />
USA office: Suite 202, 1060 Main Street, River Edge, NJ 07661<br />
UK office: 57 Shel<strong>to</strong>n Street, Covent Garden, London WC2H 9HE<br />
British Library Cataloguing-in-Publication Data<br />
A catalogue record for this book is available from the British Library.<br />
<strong>B2B</strong> INTEGRATON: A PRACTICAL GUIDE TO COLLABORATIVE E-COMMERCE<br />
Copyright © 2002 by Imperial College Press<br />
All rights reserved. This book, or parts thereof, may not be reproduced in any form or by any means,<br />
electronic or mechanical, including pho<strong>to</strong>copying, recording or any information s<strong>to</strong>rage and retrieval<br />
system now known or <strong>to</strong> be invented, without written permission from the Publisher.<br />
For pho<strong>to</strong>copying of material in this volume, please pay a copying fee through the Copyright<br />
Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, USA. In this case permission <strong>to</strong><br />
pho<strong>to</strong>copy is not required from the publisher.<br />
ISBN 1-86094-323-3<br />
ISBN 1-86094-326-8 (pbk)<br />
This book is printed on acid-free paper.<br />
Printed in Singapore by U<strong>to</strong>Print
Dedications<br />
I would like <strong>to</strong> dedicate my work <strong>to</strong> my parents — Dr. Shyam Samtani<br />
and Kaushlya Samtani, my parents-in-law — the late Ashok Sadhwani<br />
and Neeta Sadhwani and my loving wife Dimple. Thank you for your<br />
prayers, encouragement, love and care, I could not have made it without<br />
you all. It is great <strong>to</strong> know I am where I belong.<br />
V
This page is intentionally left blank
Acknowledgements<br />
The journey from mental conception <strong>to</strong> ultimate execution in black and<br />
white is arduous, hurdled with various set backs. At such moments,<br />
one's kith and kin inspire and encourage; colleagues cooperate and<br />
sometimes collaborate; friends motivate and lend helping hands. I am<br />
indeed fortunate enough <strong>to</strong> have such a galaxy of well wishers <strong>to</strong> whom<br />
I owe my gratitude.<br />
I express my sincere thanks <strong>to</strong> Mrs. Dimple Samtani, my spouse,<br />
who ran errands for me, gathering material, formatting the chapters,<br />
designing the graphics and showing remarkable patience while I was<br />
busy authoring the book.<br />
I owe my gratitude <strong>to</strong> my parents Dr. Shyam Samtani and Mrs. Kaushi<br />
Samtani, who came all the way from India <strong>to</strong> help and inspire me when<br />
I worked both ends of the clock. My dad, who is himself a professor of<br />
English Literature and has worked as an edi<strong>to</strong>r and author of several<br />
publications, was of immense help in language editing of the book.<br />
I thank Dr. Marcus Healey for his seasoned suggestions, experienced<br />
contribution and guidance that have gone in<strong>to</strong> the shaping of this book.<br />
I thank Mr. Evan Schwartzman and Mr. Kenneth Tamburello, my<br />
dear colleagues, with whom I frequently discussed the lay out, contents<br />
of and approach <strong>to</strong> the book. They were ready with ideas and insightful<br />
comments when I was sometimes low.<br />
I can hardly overemphasize the role of Mr. Aran Sharma, Mr. Abhay<br />
Singh and Mr. Soumya Mawane whose invaluable graphics and images<br />
substantiate the points made by me in the book. I owe my thanks <strong>to</strong> all<br />
of them for their time and efforts.<br />
I am indebted <strong>to</strong> Ms. Geetha Nair of Imperial College Press and<br />
Mr. Loo King Boon of World Scientific for publishing this book. Without<br />
their cooperation the book could not have gone <strong>to</strong> print and thereby <strong>to</strong><br />
the readers.<br />
vu
This page is intentionally left blank
About the Author<br />
Gunjan Samtani is Divisional Vice President, Information Technology<br />
at UBS PaineWebber, one of the world's leading financial services<br />
firms. Prior <strong>to</strong> joining UBS PaineWebber, Gunjan was Associate Direc<strong>to</strong>r,<br />
Global Information Technology, Bear Stearns and Company, the 4th<br />
largest U.S. brokerage and financial firm with more than $30 billion in<br />
assets. In this capacity, he was responsible in pioneering, managing and<br />
directing several critical, multi-million dollar business applications. Prior<br />
<strong>to</strong> Bear Stearns, Gunjan worked as a Senior Business Analyst with<br />
Amdahl (a Fujitsu Company), one of the largest companies of the world<br />
specializing in integrated computing solutions. At Amdahl, Gunjan was<br />
responsible for managing the design and delivery of multiple projects for<br />
financial industry. Before joining Amdahl, Gunjan was working as Senior<br />
Systems Analyst and Webmaster at New Jersey Technical Assistance<br />
Program. Gunjan has also worked as an interim CIO of India's first online<br />
investment portal EquityMaster.com and Personalfn.com.<br />
Gunjan brings <strong>to</strong>gether a very strong technical and business experience<br />
in various industries. He has several years of experience in the management,<br />
design, architecture, and implementation of large-scale EAI and<br />
<strong>B2B</strong> integration projects. Gunjan has an M.S. in Computer Science, M.S.<br />
in Management Information Systems and M.S. in Computational Finance<br />
from Carnegie Melon University (on-going). He has been involved in<br />
business and technical writing for several years and is the author of<br />
more than 100 articles and research publications in the field of finance<br />
and technology. He has also presented papers and given guest lectures<br />
at several national and international conferences. His email address is<br />
gsamtani@ubspw.com.<br />
IX
This page is intentionally left blank
Preface<br />
Changing Business Landscape<br />
In the present day digital economy, business values and competitive<br />
advantages lie beyond the boundaries of the enterprise, focusing on the<br />
relationships with business partners. The changing business landscape<br />
not only affects how enterprises conduct business with their suppliers,<br />
cus<strong>to</strong>mers, distribu<strong>to</strong>rs and other trading partners, but also how they<br />
must manage their businesses internally.<br />
<strong>Collaborative</strong> e-<strong>commerce</strong>, which is the wave of the future, requires<br />
dynamic creation of trading relationships with new partners, public and<br />
private business process au<strong>to</strong>mation and increased adaptability and<br />
flexibility delivered by open architecture based integration middleware.<br />
In order <strong>to</strong> truly au<strong>to</strong>mate external trading partner interactions, the<br />
back-end internal business systems of the enterprises need <strong>to</strong> be<br />
seamlessly integrated in<strong>to</strong> the same process.<br />
Transforming an organization <strong>to</strong> compete in this environment mandates<br />
enterprise application integration (EAI) and business-<strong>to</strong>-business<br />
integration (<strong>B2B</strong>i). They are the pervasive enablers of most current<br />
business strategies, such as collaborative e-<strong>commerce</strong>, collaborative<br />
networks, supply chain management (SCM) and cus<strong>to</strong>mer relationship<br />
management (CRM) across multiple channels of delivery, including<br />
wireless devices and the Internet.<br />
<strong>B2B</strong>i strategy should be laid out and executed in such a way so as<br />
<strong>to</strong>: have an integrated, real-time application-<strong>to</strong>-application, system-<strong>to</strong>system<br />
interaction with all the existing and new trading partners;<br />
eliminate all manual steps in business processes; conduct secure and<br />
real-time <strong>commerce</strong> transactions over the Internet; have the flexibility<br />
<strong>to</strong> accommodate the different mode of interactions of each partner; and,<br />
finally, have the ability <strong>to</strong> adapt <strong>to</strong> change — quickly and easily in this<br />
XI
xii <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
dynamic age of <strong>B2B</strong> collaborative e-<strong>commerce</strong>. This is what <strong>B2B</strong>i is all<br />
about — the end-<strong>to</strong>-end au<strong>to</strong>mation and integration of cross-organization<br />
business processes, data, applications and systems.<br />
Description of the Book<br />
<strong>B2B</strong> <strong>Integration</strong> (<strong>B2B</strong>i) provides a comprehensive guide <strong>to</strong> the key<br />
elements of successful <strong>B2B</strong> integration and collaborative e-<strong>commerce</strong><br />
by highlighting business needs, technologies and development strategies.<br />
It clarifies and demystifies the intricate dependencies among all the<br />
components of <strong>B2B</strong>i, including integration patterns, enterprise application<br />
integration (EAI), business process management (BPM), internet security,<br />
extensible markup language (XML), XML standards, Web services,<br />
middleware technologies and integration brokers. The book includes<br />
future technologies that will have a significant impact on <strong>B2B</strong>i architectures,<br />
such as intelligent software agents, wireless technologies and<br />
peer-<strong>to</strong>-peer (P2P) computing. Furthermore, it includes in-depth discussion<br />
of <strong>B2B</strong>i-enabled applications such as supply chain management,<br />
e-procurement, e-marketplaces and collaborative networks. Finally, the<br />
book provides a suitable framework for the design, development and<br />
implementation of <strong>B2B</strong> integration, along with several real world case<br />
studies. This framework is based on the latest XML standards defined<br />
in the <strong>B2B</strong> domain, such as RosettaNet, ebXML and Web services, <strong>to</strong><br />
support cross-organization business processes, data, applications and<br />
systems.<br />
In crux, the book provides practical guidelines <strong>to</strong> companies so as <strong>to</strong><br />
rapidly implement a successful <strong>B2B</strong>i strategy and prepare them for the<br />
next wave of <strong>B2B</strong> integration and collaborative e-<strong>commerce</strong>.<br />
Why This Book?<br />
There are several books on the shelves, which cover just one or the<br />
other aspect of <strong>B2B</strong>i. But I dare say there are none that discuss all the<br />
technical and business components, <strong>to</strong>ols and frameworks of <strong>B2B</strong>i<br />
and illustrate how <strong>to</strong> conceptualize and implement a successful <strong>B2B</strong><br />
integration solution, all in one single binding.
Preface xiii<br />
In this book, I ventured <strong>to</strong> take a unique and systematic approach of<br />
combining the technical and business aspects of all the components of<br />
<strong>B2B</strong> integration. I have endeavored <strong>to</strong> show where and how the individual<br />
components link with one another and in the whole chain of <strong>B2B</strong>i.<br />
The book covers a mix of business management and technology<br />
trend issues, presented with examples, general conclusions and recommendations.<br />
The book discusses how companies can speak the same<br />
language when doing business with companies spread around the globe.<br />
It presents business integration models, which would enable companies<br />
<strong>to</strong> integrate their enterprise systems with digital markets and strategic<br />
business partners. It also prompts one <strong>to</strong> "imagine the future" through<br />
an in-depth analysis of possible scenarios for future business-<strong>to</strong>-business<br />
integration models.<br />
Who Should Read This Book?<br />
This book will be useful for business executives, MBA students, IT<br />
managers and programmers looking for a clear, detailed explanation of<br />
the whole landscape of <strong>B2B</strong> integration, insightful review of the current<br />
technologies being used in <strong>B2B</strong>i and knowledge of the future trends in<br />
<strong>B2B</strong>i domain. It will be equally appealing <strong>to</strong> the senior management in<br />
the industrial-age companies, Internet services companies and entrepreneurs<br />
who are heading for <strong>B2B</strong>i, which is still largely undefined and<br />
cryptic. This book will be useful <strong>to</strong> CIOs and decision-makers keen <strong>to</strong><br />
improve productivity using <strong>B2B</strong>i, while building upon prior investments,<br />
and prepare them for the next wave of collaborative e-<strong>commerce</strong>.<br />
In short, this book is useful <strong>to</strong> everyone who is seeking a clear<br />
understanding of how <strong>to</strong> leverage the convergence of IT with business<br />
processes <strong>to</strong> attain the much sought-after strategic advantage, greater<br />
revenue, greater profit and more-competitive market positioning.<br />
How is This Book Organized?<br />
This book is modeled on an architectural design, laying the foundation<br />
first and then building the structure with distinct elevation features.
xiv <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
The organization of chapters is as follows:<br />
Chapter 1 — Introduction<br />
This chapter introduces the subject of <strong>B2B</strong>i and collaborative e-<strong>commerce</strong>,<br />
providing a roadmap for a successful <strong>B2B</strong>i implementation. It covers<br />
the key features required in a <strong>B2B</strong>i solution and its return on investment<br />
(ROI).<br />
Chapter 2 — Components, Benefits, Challenges and<br />
Applications of <strong>B2B</strong> <strong>Integration</strong><br />
This chapter provides an overview of all the major components of<br />
<strong>B2B</strong>i. It discusses the benefits enterprises would reap and the obstacles<br />
they may be confronted with during the process of implementation of<br />
<strong>B2B</strong>i. Furthermore, it introduces some of the most important <strong>B2B</strong>ienabled<br />
applications <strong>to</strong> the readers.<br />
Chapter 3 — <strong>Integration</strong> Patterns<br />
This chapter explains the different types of <strong>B2B</strong> integration patterns:<br />
data oriented integration (data replication; extract, load and transform<br />
solution; data warehousing; and data federations), portal oriented<br />
integration, direct application integration (API, RPC processes) and<br />
business process oriented integration (closed and open processes). It<br />
discusses the right <strong>B2B</strong>i implementation pattern for individual companies.<br />
Chapter 4 — Enterprise Application <strong>Integration</strong> (EAI)<br />
This chapter describes the integration of internal systems, such as<br />
legacy applications, CRM, SCM and ERP, which constitute the backbone<br />
of <strong>B2B</strong>i implementation. It also provides an introduction of the leading<br />
commercial EAI brokers and convergence and divergence of EAI and<br />
<strong>B2B</strong>L
Preface xv<br />
Chapter 5 — Business Process Management (BPM)<br />
This chapter discusses the fundamentals of business process management<br />
(BPM) as they relate <strong>to</strong> <strong>B2B</strong>i. It provides an in-depth discussion on<br />
process modeling, workflows, workflow management and leading BPM<br />
software solutions.<br />
Chapter 6 — Extensible Markup Language (XML)<br />
This chapter provides an introduction <strong>to</strong> extensible markup language<br />
(XML) and its components. It also discusses the traditional mode of<br />
communication electronic data interchange (EDI), its coexistence with<br />
XML and features of XML/EDI servers.<br />
Chapter 7 — XML Standards For E-business<br />
This chapter is devoted <strong>to</strong> the description of different XML standards<br />
that enable XML-based, cross-organization business process integration.<br />
It covers RosettaNet, ebXML, cXML, SOAP and BizTalk with elaborate<br />
examples.<br />
Chapter 8 — Middleware Technologies<br />
This chapter reveals all the major middleware technologies, using which<br />
<strong>B2B</strong>i solutions are implemented. It specifically discusses TP moni<strong>to</strong>rs,<br />
message oriented middleware (JMS, MQSeries) and distributed objects<br />
and components (J2EE, COM+, CORBA).<br />
Chapter 9 — <strong>Integration</strong> Brokers<br />
This chapter explains all the components, architectures and services of<br />
integration brokers. It also introduces all the major commercial integration<br />
brokers enabling <strong>B2B</strong>i from BEA Systems, IBM, Vitria and webMethods.
xvi <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Chapter 10 — Internet Security<br />
This chapter dwells upon the security aspects of <strong>B2B</strong>i. It explains the<br />
different types of security solutions for <strong>B2B</strong> transactions over the<br />
Internet, along with real world case studies.<br />
Chapter 11 — Web Services<br />
This chapter brings in the latest concept in the <strong>B2B</strong> world — Web<br />
services. It explains the subject with supporting technologies — UDDI,<br />
WSDL, WSFL and SOA with adequate examples.<br />
Chapter 12 — Wireless Technologies<br />
This chapter focuses on the explosive growth of wireless technologies<br />
for <strong>B2B</strong> e-<strong>commerce</strong> and its impact on <strong>B2B</strong>i architectures. It also<br />
details technologies such as WAP, WML and WMLScript, along with<br />
explanations of security aspects involved in mobile systems.<br />
Chapter 13 — Software Agents<br />
This chapter describes the fundamentals of software agents and how<br />
they au<strong>to</strong>mate the manual processes that are involved <strong>to</strong>day in <strong>B2B</strong><br />
e-<strong>commerce</strong>.<br />
Chapter 14 — Supply Chain Management (SCM)<br />
This chapter deals with the fundamentals of supply chain management<br />
(SCM), e-procurement, e-logistics, SCM systems and how SCM enables<br />
collaborative e-<strong>commerce</strong>.<br />
Chapter 15 — E-marketplaces and<br />
<strong>Collaborative</strong> Networks<br />
This chapter brings under focal analysis the different types of <strong>B2B</strong><br />
e-marketplaces along with services offered by them. It discusses the<br />
integration challenges that crop up while participating in e-marketplaces.
Preface xvii<br />
It also introduces the need, concepts and examples of collaborative<br />
networks.<br />
Chapter 16 — <strong>B2B</strong> <strong>to</strong> P2P Evolution<br />
This chapter deals with the evolution of peer-<strong>to</strong>-peer-based applications<br />
and architectures that would play a prominent role for <strong>B2B</strong>i in the future.<br />
Features of the Book<br />
Some of the key features of the book include:<br />
Key concepts<br />
Each chapter begins with a discussion of the key concepts related <strong>to</strong> the<br />
subject under study. Readers will find this very useful as it introduces<br />
the ensuing chapters.<br />
Discussion of leading software solutions<br />
The book provides in-depth coverage of the latest commercial softwares<br />
available in the market. This will acquaint readers with the developments<br />
in the software industry as far as <strong>B2B</strong> integration solutions are concerned.<br />
It will also be extremely helpful <strong>to</strong> the decision-makers <strong>to</strong> have a<br />
review of various solutions for <strong>B2B</strong>i out there.<br />
Case studies<br />
There are several real world case studies cited in each chapter. They<br />
have been chosen very carefully <strong>to</strong> illustrate practical usage of the<br />
concepts under focus.<br />
Graphics/Images<br />
The book contains a lot of relevant images, which provide a pic<strong>to</strong>rial<br />
view of the text concerned. Readers will find the images very illustrative<br />
and useful in grasping the theory presented therein.
xviii <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Acronyms<br />
The book contains acronyms of technical and business terms that are<br />
relevant <strong>to</strong> the subject of <strong>B2B</strong> integration.<br />
References/Bibliography<br />
The book acknowledges various sources used by giving references and<br />
a bibliography. This will help readers <strong>to</strong> plumb the originals if they so<br />
desire.<br />
Edi<strong>to</strong>rs and Contribu<strong>to</strong>rs<br />
I consider myself extremely fortunate in having got the invaluable<br />
support and able guidance of several persons from different walks of<br />
life. They are distinguished professionals who have carved a niche for<br />
themselves in their respective fields. Undoubtedly, their contribution<br />
has embellished this book. It is my privilege <strong>to</strong> give hereunder a pen<br />
portrait of these contribu<strong>to</strong>rs.<br />
Dr. Marcus Healey<br />
Dr. Marcus J. Healey is the Strategy Consultant for InfoFirst Inc., USA.<br />
Before joining InfoFirst, Dr. Healey was the Direc<strong>to</strong>r of Engineering<br />
Implementation at Mobilocity, Inc., U.S., a thought leader in wireless<br />
services. Prior <strong>to</strong> Mobilocity, Dr. Healey was a Project Engineer at<br />
Organic, Inc., a prominent web integra<strong>to</strong>r in New York City. While at<br />
Organic, Marcus managed client projects from an implementation<br />
perspective and acted as a technical liaison <strong>to</strong> the Strategic Services and<br />
Business Development groups. Prior <strong>to</strong> Organic, Dr. Healey was a<br />
Program Direc<strong>to</strong>r and Adjunct Professor at the New lersey Institute<br />
of Technology where he pioneered the Envirolnformatics program as<br />
the Direc<strong>to</strong>r of the New Jersey Program for Information Ecology and<br />
Sustainability.<br />
Dr. Healey has six years of direct IT experience, possesses multiple<br />
MS degrees in science and engineering, an MBA and a Ph.D. He brings<br />
a diverse technical and business background, broad public and private
Preface xix<br />
sec<strong>to</strong>r experience and extensive editing skills. He is the primary author<br />
of one book in Environmental Science (Pollution Prevention Opportunity<br />
Assessments, John Wiley & Sons © 1998) and one of four co-authors<br />
on a soon <strong>to</strong> be published book (Information Mining on the World Wide<br />
Web, Kluwer Publishers © 2001). Dr. Healey is the author of over fifty<br />
publications and presentations in the fields of Environmental Science<br />
and Information Technology.<br />
Dr. Shyam Samtani<br />
Dr. Shyam Samtani is presently Head of the Department, P.G. Department<br />
of English, Indore Christian College, Indore (India). He is also on the<br />
visiting faculty of Devi Ahilaya University, Indore. He has been in the<br />
teaching profession for the last 35 years. During this period he has<br />
supervised scores of dissertations both at M.A. and M.Phil levels. He<br />
has presented papers at various national seminars and also published<br />
many research papers and supervised Ph.D candidates. He has coauthored<br />
books for use by university students. He has also been a<br />
Resource Person for the Refreshers/Orientation courses conducted by<br />
different universities. Dr. Shyam Samtani has done the language editing<br />
of this book.<br />
Pawan Samtani<br />
Pawan Samtani has over eleven years of IT, MIS and Finance experience.<br />
He has extensive experience in different industries like E-<strong>commerce</strong><br />
Consulting, Oil and Gas, Manufacturing and Finance. He is currently<br />
working as Country Operations Manager, India, with Oracle Corporation,<br />
overlooking the implementation of various multi-million dollar projects.<br />
Prior <strong>to</strong> joining Oracle, Pawan was the Senior Vice President with<br />
Petrogas LLC where he was overseeing the implementations of Ariba<br />
e-Marketplace and Oracle Financials in several offices of the company<br />
all around the world. His responsibilities include project management,<br />
strategic planning and supervising finance operations.<br />
Prior <strong>to</strong> Petrogas, he was working as a Senior Consultant with<br />
Whittman Hart, U.S., supervising several SAP implementations world<br />
over. He has worked with Premira Fashions Limited, Onida Finance
xx <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Limited, Analysis Finance Limited and M. Mehta & Company, Chartered<br />
Accountants, in various capacities.<br />
He has extensive experience with the re-engineering of business<br />
practices for various departments. He also specializes in implementing<br />
and cus<strong>to</strong>mizing ERP packages <strong>to</strong> integrate with the business process,<br />
workflow and existing IT applications of the company. He possesses indepth<br />
knowledge of data modeling and database schema designing,<br />
supply chain management, logistics systems and their integration with<br />
e-<strong>commerce</strong>. He has worked with reputed concerns in different parts of<br />
the world (United States of America, India and The Middle East) with<br />
different business practices and cultures.<br />
He is an Associate Member of Chartered Accountants of India. He<br />
also has an MBA from Baruch College, New York, U.S.<br />
Kenneth Tamburello<br />
Ken Tamburello is a Senior Consultant Specialist at Bluesphere (an<br />
EDS company), U.S., the industry's largest interactive integra<strong>to</strong>r and<br />
e-business consulting firm. Ken is the e.Design and e.Marketing delivery<br />
manager for the New York Metro region, responsible for delivering<br />
solutions in the areas of Enterprise Application <strong>Integration</strong> (EAI),<br />
workflow au<strong>to</strong>mation, security and enterprise portals.<br />
Prior <strong>to</strong> Bluesphere, Ken was an Associate Direc<strong>to</strong>r at Bear Stearns<br />
& Co., NY, where he was responsible for the delivery, support and<br />
enhancement of a mission-critical, multi-million dollar Web-based account<br />
portfolio database system. Prior <strong>to</strong> Bear Stearns, Ken was a freelance<br />
consultant designing and developing client-server solutions.<br />
Ken has over 6 years IT experience, having worked in the past with<br />
PowerBuilder, Sybase, Oracle, UNIX, Java, UML and database design and<br />
modeling. He received his MS in Engineering from Stevens Institute of<br />
Technology, U.S., and his BS in Engineering from Rutgers University, U.S.<br />
Deepak Bajaj<br />
Dr. Deepak Bajaj is the Course Coordina<strong>to</strong>r of Project Management at<br />
the University of Technology Sydney (UTS). Dr. Bajaj served as Direc<strong>to</strong>r<br />
of the Project Management Program prior <strong>to</strong> his present role.
Preface xxi<br />
Dr. Bajaj has fifteen years of combined experience in contracting,<br />
consulting and academia. Dr. Bajaj has a PhD in the area of strategic<br />
risk management and the <strong>to</strong>pic of 'The Development of a Risk Averse<br />
Business Strategy in the Procurement of Constructed Facilities' and a<br />
Masters in Construction Management. He brings a diverse technical,<br />
research and business background. He has published extensively in the<br />
area of project risk management and has been author and co-author of<br />
book chapters in the past. He has been edi<strong>to</strong>r of the AIQS Refereed<br />
Journal and referee <strong>to</strong> a number of journals in the area of project<br />
management and economics. Dr. Bajaj is the author of over forty<br />
publications and presentations in the field of project management, risk<br />
management and information technology in the construction industry.<br />
Dimple Sadhwani<br />
Dimple Sadhwani is Senior Software Engineer at Island ECN based in<br />
New Work, USA. Prior <strong>to</strong> joining Island, Dimple worked as a Senior<br />
E-<strong>commerce</strong> Consultant with BusinessEdge Solutions, a next-generation<br />
consulting firm providing industry-specific e-business solutions. She was<br />
a project manager for several eCRM, <strong>B2B</strong> integration and EAI projects.<br />
Prior <strong>to</strong> that she worked with Citicorp Information Technology Industries<br />
Ltd. (CITIL), based in New Jersey, USA, and Bombay, India. She has a<br />
Bachelors in Computer Science from VJTI, Bombay. She has worked<br />
on and evaluated the latest <strong>to</strong>ols and solutions in the <strong>B2B</strong>, EAI and<br />
Internet security fields.<br />
Not the Final Word<br />
Justice can hardly be done <strong>to</strong> such an elaborate subject with all its<br />
dimensions and ramifications, on an intensive or extensive scale, in a<br />
book of this length. It would require more than one volume <strong>to</strong> cover the<br />
subject exhaustively. The endeavor is <strong>to</strong> acquaint the readers with the<br />
concepts in a nutshell in one place without having <strong>to</strong> wander about <strong>to</strong><br />
different sources for various <strong>to</strong>pics related <strong>to</strong> <strong>B2B</strong>i.<br />
I wish I could promise you a book perfect in every way. There are<br />
bound <strong>to</strong> be some errors, omissions and typographical errors. I am open
xxii <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
<strong>to</strong> corrections and modifications. I shall appreciate critical opinions and<br />
objective suggestions from the esteemed knowledgeable readers, which<br />
would shed light my future undertakings. The suggestions can be sent<br />
<strong>to</strong> me via e-mail at:<br />
gunjan_samtani@yahoo.com or gsamtani@ubspainewebber.com<br />
I will respond immediately. Well, that's it for now. I would like <strong>to</strong><br />
welcome you <strong>to</strong> the exciting world of <strong>B2B</strong> integration. Good luck!<br />
Gunjan Samtani<br />
New Jersey, USA<br />
April 2002
Contents<br />
Dedications v<br />
Acknowledgements vii<br />
About the Author ix<br />
Preface xi<br />
Part I The Big Picture 1<br />
Chapter 1 Introduction 3<br />
1.1. Evolution of Next Generation Enterprises 4<br />
1.2. New Rules of Engagement 4<br />
1.3. <strong>B2B</strong> E-Commerce 5<br />
1.3.1. What is <strong>B2B</strong> e-<strong>commerce</strong>? 5<br />
1.3.2. <strong>B2B</strong> vs. B2C: Differing strategies 6<br />
1.3.3. Explosive growth in <strong>B2B</strong><br />
e-<strong>commerce</strong> 6<br />
1.3.4. What is collaborative e-<strong>commerce</strong>? 8<br />
1.4. <strong>B2B</strong> <strong>Integration</strong> (<strong>B2B</strong>i) 9<br />
1.4.1. <strong>Integration</strong>: The <strong>to</strong>p priority 10<br />
1.4.2. A daunting effort 12<br />
1.4.3. Getting beyond the starting line 13<br />
1.4.4. Selecting the right <strong>B2B</strong>i solution 17<br />
1.5. What is the Return on Investment (ROI) on<br />
<strong>B2B</strong>i? 20<br />
1.6. Conclusion 23<br />
Chapter 2 Components, Benefits, Challenges and<br />
Applications of <strong>B2B</strong> <strong>Integration</strong> 24<br />
2.1. The Word is Out 25<br />
2.2. <strong>B2B</strong>i Components 25
xxiv <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
2.2.1. <strong>Integration</strong> patterns<br />
2.2.2. Enterprise Application <strong>Integration</strong><br />
(EAI)<br />
2.2.3. Business Process Management<br />
(BPM)<br />
2.2.4. Extensible Markup Language<br />
(XML)<br />
2.2.5. XML standards for e-business<br />
2.2.6. Web services<br />
2.2.7. Middleware technologies<br />
2.2.8. <strong>Integration</strong> brokers<br />
2.2.9. Internet security<br />
2.2.10. Wireless technologies<br />
2.2.11. Software agents<br />
2.3. Benefits of <strong>B2B</strong> <strong>Integration</strong><br />
2.3.1. Dynamic business relationships<br />
2.3.2. Real-time information<br />
2.3.3. Lower transaction costs<br />
2.3.4. Participation in online<br />
marketplaces<br />
2.3.5. Streamline business operations<br />
2.3.6. XML-based integration<br />
2.3.7. Increased cus<strong>to</strong>mer service and<br />
retention<br />
2.3.8. Opportunity <strong>to</strong> re-architect<br />
internal systems<br />
2.4. <strong>B2B</strong>i Challenges<br />
2.4.1. Internal application integration<br />
2.4.2. Disparate internal corporate data<br />
2.4.3. System heterogeneity<br />
2.4.4. Data security<br />
2.4.5. Transaction integrity<br />
2.4.6. Internal business process<br />
management<br />
2.4.7. Inter-enterprise business process<br />
integration<br />
2.4.8. Internal resistance<br />
25<br />
26<br />
27<br />
27<br />
29<br />
29<br />
30<br />
30<br />
30<br />
31<br />
32<br />
32<br />
32<br />
33<br />
33<br />
34<br />
34<br />
34<br />
34<br />
35<br />
35<br />
36<br />
37<br />
38<br />
38<br />
38<br />
39<br />
39<br />
39
Contents xxv<br />
2.4.9. Standards and industry issues 40<br />
2.4.10. Distributed control 40<br />
2.4.11. Performance and scalability 40<br />
2.4.12. Expensive 41<br />
2.4.13. 24/7 availability of the system 41<br />
2.5. <strong>B2B</strong>i-Enabled Applications 41<br />
2.5.1. Supply Chain Management (SCM) 41<br />
2.5.2. E-marketplaces and collaborative<br />
networks 42<br />
2.6. Conclusion 43<br />
Part II Established <strong>Integration</strong> Components 45<br />
Chapter 3 <strong>Integration</strong> Patterns 47<br />
3.1. Types of <strong>Integration</strong> 48<br />
3.2. Data Oriented <strong>B2B</strong> <strong>Integration</strong> 49<br />
3.2.1. Data replication 50<br />
3.2.2. Extract, Transform and Load<br />
(ETL) solution 54<br />
3.2.3. Data warehouses and data marts 59<br />
3.2.4. Multi-database server 60<br />
3.2.5. XML and databases 65<br />
3.2.6. Data oriented integration and <strong>B2B</strong>i 67<br />
3.3. Portal Oriented <strong>Integration</strong> 68<br />
3.3.1. Types of portals 69<br />
3.3.2. Components of a portal server<br />
platform 70<br />
3.3.3. Portal oriented integration and<br />
<strong>B2B</strong>i 74<br />
3.4. Application Oriented <strong>Integration</strong> 74<br />
3.4.1. Application Programming<br />
Interfaces (APIs) 75<br />
3.4.2. Remote Procedure Calls (RPCs) 82<br />
3.4.3. Application oriented integration<br />
and <strong>B2B</strong>i 88<br />
3.5. Business Process <strong>Integration</strong> (BPI) 89<br />
3.5.1. Business process integration<br />
patterns 89
xxvi <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
3.5.2. Business process integration<br />
and <strong>B2B</strong>i 91<br />
3.6. Which Approach <strong>to</strong> Use for Your <strong>B2B</strong>i<br />
Implementation? 93<br />
3.6.1. Agreement among the trading<br />
partners 93<br />
3.6.2. Your integration goals 93<br />
3.7. Conclusion 95<br />
Chapter 4 Enterprise Application <strong>Integration</strong> (EAI) 96<br />
4.1. Today's Enterprise 97<br />
4.2. What is EAI? 97<br />
4.3. Where Did Things Go Wrong? 98<br />
4.4. Benefits of EAI 100<br />
4.4.1. A word of caution 101<br />
4.5. Types of EAI 102<br />
4.5.1. User interface integration<br />
(Refacing) 102<br />
4.5.2. Data integration 103<br />
4.5.3. Function or method integration 103<br />
4.5.4. Business process integration 104<br />
4.6. Types of Enterprise Systems 105<br />
4.6.1. Legacy systems 105<br />
4.6.2. Client/server systems 106<br />
4.6.3. Enterprise Resource Planning (ERP) 106<br />
4.6.4. Cus<strong>to</strong>mer Relationship<br />
Management (CRM) 111<br />
4.6.5. eCRM 113<br />
4.6.6. CRM and EAI 115<br />
4.6.7. Supply Chain Management (SCM) 115<br />
4.7. Leading EAI Solutions 115<br />
4.7.1. BEA eLink 115<br />
4.7.2. TIBCO ActiveEnterprise 116<br />
4.7.3. IBM — WebSphere MQ integra<strong>to</strong>r 118<br />
4.8. Convergence of EAI and <strong>B2B</strong>i 121<br />
4.9. Divergence of EAI and <strong>B2B</strong>i 122<br />
4.10. Conclusion 123
Contents xxvii<br />
Chapter 5 Business Process Management (BPM) 125<br />
5.1. Existence of 'Organization Silos' 126<br />
5.2. Fundamentals of BPM 126<br />
5.2.1. Business processes 126<br />
5.2.2. Participants 130<br />
5.2.3. Activities 130<br />
5.2.4. Business transactions 130<br />
5.2.5. What is BPM? 132<br />
5.2.6. Workflow 133<br />
5.2.7. Roadmap <strong>to</strong> BPM 134<br />
5.3. BPM Systems 139<br />
5.3.1. BEA WebLogic integration 142<br />
5.3.2. Vitria BusinessWare 143<br />
5.3.3. Extricity <strong>B2B</strong> Alliance Manager 144<br />
5.4. Universal Language for BPM 147<br />
5.4.1. Business Process Management<br />
Initiative (BPMI) 148<br />
5.4.2. XLANG 149<br />
5.5. Standard Business Processes 149<br />
5.6. Conclusion 150<br />
Chapter 6 Extensible Markup Language (XML) 152<br />
6.1. The Need for a Universal Language 153<br />
6.2. What is Electronic Data Interchange<br />
(EDI)? 154<br />
6.2.1. How does it work? 154<br />
6.2.2. Limitations of traditional EDI 155<br />
6.3. What's Wrong with the First Language of<br />
the Internet — HTML? 157<br />
6.4. XML: The Universal Language of Data<br />
Interchange 158<br />
6.4.1. The power <strong>to</strong> know 159<br />
6.4.2. What is XML? 160<br />
6.4.3. XML: A derivative of SGML 161<br />
6.4.4. Sample XML files 161<br />
6.4.5. XML strengths 163<br />
6.4.6. XML limitations 166
xxviii <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
6.4.7. XML namespaces 167<br />
6.4.8. Brief introduction <strong>to</strong> the<br />
components of XML 168<br />
6.4.9. Advantages of XML over<br />
traditional EDI 174<br />
6.5. XSL — Extensible Stylesheet Language 175<br />
6.6. Coexistence of XML and EDI 178<br />
6.6.1. EDI is here <strong>to</strong> stay 178<br />
6.6.2. EDI based on XML 179<br />
6.6.3. Characteristics of XML/EDI 180<br />
6.6.4. Benefits of XML/EDI over<br />
traditional batch EDI 181<br />
6.6.5. Key features of XML/EDI server 182<br />
6.7. Conclusion 186<br />
Chapter 7 XML Standards for E-business 187<br />
7.1. Standards Imperative for <strong>B2B</strong> Application<br />
<strong>Integration</strong> 188<br />
7.2. RosettaNet's Solution 189<br />
7.2.1. What is RosettaNet? 189<br />
7.2.2. Components of RosettaNet's<br />
e-business solution 190<br />
7.2.3. Benefits of using RosettaNet<br />
solution 196<br />
7.2.4. RosettaNet embraced by software<br />
vendors 197<br />
7.2.5. What's the ROI (Return on<br />
Investment) in implementing<br />
RosettaNet solution? 198<br />
7.3. FpML — Financial Products Markup<br />
Language 200<br />
7.3.1. What is FpML? 200<br />
7.3.2. Benefits of FpML 200<br />
7.4. Commerce XML (cXML) 202<br />
7.5. Electronic Business XML (ebXML) 204<br />
7.6. Simple Object Access Pro<strong>to</strong>col (SOAP) 205<br />
7.6.1. SOAP messages 205
Contents xxix<br />
7.7. BizTalk Framework 207<br />
7.7.1. Components of the BizTalk<br />
Framework 207<br />
7.7.2. The envelope 208<br />
7.8. Conclusion 212<br />
Chapter 8 Middleware Technologies 213<br />
8.1. What is Middleware? 214<br />
8.2. Transaction Processing (TP) Moni<strong>to</strong>rs 216<br />
8.2.1. How they work? 217<br />
8.2.2. Benefits of TP moni<strong>to</strong>rs 218<br />
8.3. Message Oriented Middleware (MOM) 219<br />
8.3.1. Why use message queues? 221<br />
8.3.2. Types of communication 222<br />
8.3.3. MOM frameworks 224<br />
8.3.4. MOM middleware 226<br />
8.4. Distributed Objects and Components 231<br />
8.4.1. Distributed components 233<br />
8.4.2. Distributed object frameworks 234<br />
8.4.3. OMA — CORBA 3 235<br />
8.4.4. Windows DNA — COM+ 239<br />
8.4.5. J2EE — EJB 244<br />
8.4.6. J2EE application servers 249<br />
8.5. Conclusion 253<br />
Chapter 9 <strong>Integration</strong> Brokers 254<br />
9.1. Introduction 255<br />
9.1.1. <strong>Integration</strong> brokers enable<br />
(best-of-breed) BOB approach 256<br />
9.2. Architecture of <strong>Integration</strong> Brokers 256<br />
9.2.1. Hub-and-spoke architecture 256<br />
9.2.2. Message bus architecture 257<br />
9.2.3. Multi-hub architecture 258<br />
9.3. Components of <strong>Integration</strong> Brokers 259<br />
9.3.1. Messaging services 260<br />
9.3.2. Application adapters 262<br />
9.3.3. Data transformation component 264<br />
9.3.4. Workflow manager 266
xxx <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
9.3.5. Metadata reposi<strong>to</strong>ry<br />
9.3.6. Administration <strong>to</strong>ol<br />
9.4. Services of <strong>Integration</strong> Brokers<br />
9.4.1. Enable all types of integration<br />
9.4.2. Web services<br />
9.4.3. Interoperability<br />
9.4.4. Open architecture<br />
9.4.5. Support for all communication<br />
pro<strong>to</strong>cols<br />
9.4.6. Direc<strong>to</strong>ry services<br />
9.4.7. Trading partner management and<br />
personalization<br />
9.4.8. Security<br />
9.4.9. Scalability<br />
9.4.10. Transactional integrity<br />
9.4.11. <strong>Integration</strong> broker connectivity<br />
9.5. Selecting an <strong>Integration</strong> Broker for Your<br />
Company<br />
9.6. Leading <strong>Integration</strong> Brokers<br />
9.6.1. Microsoft BizTalk Server Suite<br />
9.6.2. SeeBeyond eBusiness <strong>Integration</strong><br />
Suite<br />
9.6.3. webMethods <strong>B2B</strong> platform<br />
9.6.4. BEA WebLogic integration<br />
9.6.5. ROI on integration brokers<br />
9.7 Conclusion<br />
266<br />
266<br />
267<br />
267<br />
268<br />
268<br />
268<br />
268<br />
269<br />
269<br />
270<br />
270<br />
270<br />
271<br />
273<br />
274<br />
274<br />
278<br />
279<br />
283<br />
285<br />
285<br />
Chapter 10 Internet Security 287<br />
10.1. Internet Security (E-Security) Critical<br />
for <strong>B2B</strong>i 288<br />
10.2. <strong>B2B</strong>i — Makes a Company Highly<br />
Vulnerable <strong>to</strong> Security Risks 289<br />
10.2.1. Complex nature of applications 289<br />
10.2.2. Anonymous relationships in <strong>B2B</strong><br />
e-<strong>commerce</strong> 289<br />
10.2.3. Software undergoing frequent<br />
change 289<br />
10.2.4. Human fac<strong>to</strong>r involved 290
Contents xxxi<br />
10.3. Employees and Other Insiders Pose the<br />
Biggest Threat 290<br />
10.4. E-Security Strategy 291<br />
10.5. Basic Security Services in <strong>B2B</strong>i 291<br />
10.5.1. The strength of the chain is as<br />
strong as its weakest link 292<br />
10.6. Key Concepts in E-Security Solutions 293<br />
10.6.1. Cryp<strong>to</strong>graphy 293<br />
10.6.2. Private key encryption 294<br />
10.6.3. Public key encryption 295<br />
10.6.4. Best of both worlds — The digital<br />
envelope 296<br />
10.6.5. Digital signature 296<br />
10.6.6. Digital certificates and role of<br />
Certificate Authorities (CAs) 300<br />
10.6.7. Using SSL (Secure Sockets Layer)<br />
<strong>to</strong> establish secure sessions 301<br />
10.7. Shielding an Organization from the<br />
Outside World 302<br />
10.7.1. Firewalls 302<br />
10.7.2. Functions performed by firewalls 303<br />
10.7.3. Types of firewalls 304<br />
10.7.4. Considerations in choosing a<br />
firewall 306<br />
10.7.5. Enterprise firewall appliance 306<br />
10.7.6. Virtual Private Networks (VPNs) 308<br />
10.7.7. Check Point's VPN solution 310<br />
10.8. <strong>B2B</strong>i and E-Security 311<br />
10.8.1. Revamp your security 311<br />
10.8.2. <strong>B2B</strong>i software 312<br />
10.8.3. Security features in the leading<br />
<strong>B2B</strong> integration servers 313<br />
10.8.4. E-security tailored <strong>to</strong> XML 314<br />
10.9. Secure Payments Over the Internet 315<br />
10.9.1. Need for trusted third party entities 316<br />
10.10. Security Trends for the Future 317<br />
10.11. Conclusion 322
xxxii <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Part III Evolving <strong>Integration</strong> Components 323<br />
Chapter 11 Web Services 325<br />
11.1. Service Oriented Architecture (SOA) 326<br />
11.1.1. Components and operations<br />
of SOA 326<br />
11.2. What are Web Services? 327<br />
11.2.1. Application of SOA-based<br />
framework <strong>to</strong> <strong>B2B</strong>i 328<br />
11.3. Essential Features of a Web Services<br />
Environment 329<br />
11.4. Universal Description, Discovery and<br />
<strong>Integration</strong> (UDDI) 330<br />
11.4.1. What is UDDI? 330<br />
11.4.2. UDDI built on SOAP 331<br />
11.4.3. UDDI data structure 331<br />
11.4.4. UDDI APIs 333<br />
11.5. Web Services Description Language<br />
(WSDL) 333<br />
11.5.1. WSDL schema 334<br />
11.5.2. WSDL and UDDI 334<br />
11.6. Web Services Flow Language (WSFL) 335<br />
11.7. Putting Everything Together 335<br />
11.8. Essential Features of a Web Services<br />
Framework 336<br />
11.9. Security Requirements for Web Services 337<br />
11.9.1. Authentication 338<br />
11.9.2. Authorization 338<br />
11.9.3. Data protection 338<br />
11.9.4. Non-repudiation 338<br />
11.10. Where <strong>to</strong> Start? 339<br />
11.10.1. Leverage existing assets 339<br />
11.10.2. Build an internal reposi<strong>to</strong>ry for<br />
web services 340<br />
11.10.3. Bot<strong>to</strong>m line 340<br />
11.11. Web Services Networks 340<br />
11.12. Conclusion 341
Contents xxxiii<br />
Chapter 12 Wireless Technologies 342<br />
12.1. Introduction 343<br />
12.2. The Wireless Internet Today 344<br />
12.2.1. Definition and growth 344<br />
12.2.2. Mobile benefits 345<br />
12.3. Wireless Application Architecture and<br />
Components 347<br />
12.3.1. Wireless Access Pro<strong>to</strong>col (WAP) 350<br />
12.3.2. Wireless Markup Language<br />
(WML) 351<br />
12.3.3. WMLScript 352<br />
12.4. Wireless Security Issues 353<br />
12.4.1. Security of mobile systems 353<br />
12.4.2. Security issues in WAP 355<br />
12.4.3. Generic mobile solutions 358<br />
12.5. <strong>B2B</strong> Wireless Applications 360<br />
12.5.1. Business uses of the mobile<br />
Internet 360<br />
12.5.2. <strong>B2B</strong> wireless portals 362<br />
12.5.3. On-demand trading 363<br />
12.5.4. Business-<strong>to</strong>-Employee (B2E)<br />
connections 363<br />
12.5.5. <strong>B2B</strong>, B2C, B2E and wireless 365<br />
12.6. Enterprise <strong>Integration</strong> Issues for<br />
M-<strong>commerce</strong> 366<br />
12.7. Leading M-<strong>commerce</strong> Solution Providers 369<br />
12.7.1. BEA WebLogic m-<strong>commerce</strong><br />
solution 369<br />
12.7.2. IBM's WebSphere everyplace<br />
suite 372<br />
12.8. To be or not <strong>to</strong> be... Wireless: Pertinent<br />
Strategic Considerations 372<br />
12.8.1. Goal and business definition 372<br />
12.8.2. Formulation of technology<br />
strategy 374<br />
12.9. Conclusion 379
xxxiv <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Chapter 13 Software Agents 381<br />
13.1. Software Agents Enabling the Formation<br />
of Virtual Organizations 382<br />
13.2. What are Intelligent Software Agents? 382<br />
13.3. What are Agent Systems? 384<br />
13.4. Agent Classification 384<br />
13.5. Agents and Au<strong>to</strong>nomy 387<br />
13.6. Multi-Agent Environment 387<br />
13.6.1. The 3 Cs of prime importance 388<br />
13.6.2. Advantages of a multi-agent<br />
environment 388<br />
13.6.3. Disadvantages of a multi-agent<br />
environment 388<br />
13.7. Agents and Negotiation 389<br />
13.7.1. Types of negotiation strategies 390<br />
13.7.2. Not revealing negotiation strategy<br />
paramount 390<br />
13.8. Agents and Mobility 391<br />
13.8.1. Benefits of using mobile agents 391<br />
13.8.2. Potential risks involved in use<br />
of mobile agents 392<br />
13.9. Agents' Role in <strong>B2B</strong> E-Commerce<br />
and <strong>B2B</strong>i 393<br />
13.9.1. Information gathering and filtering 394<br />
13.9.2. Uncovering quality sales prospects 395<br />
13.9.3. Value chain integration 395<br />
13.9.4. Optimization of business processes<br />
in light of <strong>B2B</strong>i 396<br />
13.9.5. Efficient e-marketplaces 397<br />
13.9.6. Maintaining cus<strong>to</strong>mer relationships 399<br />
13.9.7. Effective e-procurement 399<br />
13.9.8. <strong>Integration</strong> with legacy systems 400<br />
13.9.9. Enable privacy in <strong>B2B</strong> transactions 400<br />
13.10. Need for a Universal Language 402<br />
13.10.1. XNS: A dictionary and address<br />
book for web agents 404<br />
13.11. Conclusion 405
Contents xxxv<br />
Part IV <strong>B2B</strong>i-Enabled Applications 407<br />
Chapter 14 Supply Chain Management (SCM) 409<br />
14.1. Introduction 410<br />
14.2. Fundamentals of Supply Chain<br />
Management 410<br />
14.2.1. A few definitions of SCM 410<br />
14.2.2. What is a supply chain? 411<br />
14.2.3. A typical business process flow<br />
in a supply chain 412<br />
14.2.4. Activities in a supply chain 413<br />
14.3. Legacy Supply Chain 415<br />
14.3.1. Push-based supply network 415<br />
14.3.2. What's wrong in a legacy supply<br />
chain? 416<br />
14.4. <strong>B2B</strong>i-Enabled Supply Chain 417<br />
14.4.1. Principles of SCM 418<br />
14.4.2. Pull-based supply network 419<br />
14.4.3. ROI in moving from pull-based<br />
<strong>to</strong> push-based supply network 420<br />
14.4.4. Features of <strong>B2B</strong>i-enabled supply<br />
chain 420<br />
14.5. Supply Chain Planning and Execution 422<br />
14.5.1. Supply Chain Planning (SCP) 422<br />
14.5.2. Supply Chain Execution (SCE) 423<br />
14.5.3. E-procurement — The<br />
transformation of corporate<br />
purchasing 424<br />
14.5.4. E-logistics: Integrating warehouses,<br />
distribution centers and cus<strong>to</strong>mer<br />
interaction processes 427<br />
14.6. SCM Challenges 428<br />
14.6.1. Synchronization in supply chain 428<br />
14.6.2. Building trust through supply<br />
chain 428<br />
14.6.3. Operational stability 428<br />
14.6.4. Inertia for change 429
xxxvi <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
14.6.5. Supply chain complexity 429<br />
14.6.6. Managing supply chain for short<br />
lifecycle products 429<br />
14.6.7. <strong>Integration</strong> challenge within the<br />
organization 429<br />
14.6.8. <strong>Integration</strong> challenge with supply<br />
chain partners 430<br />
14.6.9. Inter-company business process<br />
synchronization 430<br />
14.7. SCM Techniques 430<br />
14.7.1. Vendor Managed Inven<strong>to</strong>ry<br />
(VMI) 431<br />
14.7.2. Just-in-Time (JIT) 431<br />
14.7.3. <strong>Collaborative</strong> Planning,<br />
Forecasting and Replenishment<br />
(CPFR) 431<br />
14.8. SCM Systems 434<br />
14.9. Conclusion 437<br />
Chapter 15 E-Marketplaces and <strong>Collaborative</strong> Networks 438<br />
15.1. What are E-Marketplaces? 439<br />
15.2. Basics of <strong>B2B</strong> E-Marketplaces 440<br />
15.2.1. Pre e-marketplace era 440<br />
15.2.2. E-marketplace era 440<br />
15.2.3. Classification of e-marketplaces 441<br />
15.2.4. Market makers 444<br />
15.2.5. Dynamic trading through <strong>B2B</strong><br />
e-marketplaces 444<br />
15.2.6. Governance of e-marketplaces 445<br />
15.2.7. Benefits of <strong>B2B</strong> e-marketplaces 445<br />
15.2.8. Which e-marketplace <strong>to</strong> join? 449<br />
15.2.9. <strong>B2B</strong> e-marketplaces services 453<br />
15.3. How E-Marketplaces Fit in<strong>to</strong> a Company's<br />
<strong>B2B</strong>i Plans 457<br />
15.3.1. Catalog publishing 457<br />
15.3.2. Receiving and processing orders 458<br />
15.3.3. Data transformation 459
Contents xxxvii<br />
15.3.4. Integrating credit, financing and<br />
collection system with ERP 460<br />
15.4. Emergence of <strong>B2B</strong> <strong>Collaborative</strong> Networks 460<br />
15.4.1. Just another point of connection 460<br />
15.4.2. Lack of support for collaborative<br />
<strong>commerce</strong> 462<br />
15.4.3. <strong>B2B</strong> collaborative networks 462<br />
15.5. Conclusion 466<br />
PartV Conclusion 467<br />
Chapter 16 <strong>B2B</strong> <strong>to</strong> P2P Evolution 469<br />
16.1. Why Peer-<strong>to</strong>-Peer? 470<br />
16.1.1. Let your imagination run wild 470<br />
16.1.2. What is P2P? 471<br />
16.1.3. What is a peer group? 471<br />
16.1.4. Features of a P2P application 471<br />
16.2. Leading P2P Pro<strong>to</strong>cols 473<br />
16.2.1. Jabber 473<br />
16.2.2. Juxtapose — JXTA 474<br />
16.3. Examples of P2P Applications 477<br />
16.3.1. NextPage — NXT 3 477<br />
16.3.2. FirstPeer — Professional servant 478<br />
16.3.3. Groove networks — Groove 1.0 478<br />
16.3.4. Gnuetella 478<br />
16.3.5. Applied MetaComputing —<br />
Legion 478<br />
16.4. Benefits of P2P-Based Applications in<br />
<strong>B2B</strong> <strong>Integration</strong> 479<br />
16.4.1. Collaboration 479<br />
16.4.2. Enhanced performance 479<br />
16.4.3. Intelligent agents 481<br />
16.4.4. P2P marketplaces 481<br />
16.4.5. Information discovery using<br />
search engines 483<br />
16.4.6. Eliminate the need for cataloging<br />
in multiple formats 483
xxxviii <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Acronyms<br />
16.5. But the Road is Winding<br />
16.5.1. Network bandwidth<br />
16.5.2. Security<br />
16.5.3. Complex architectures and<br />
difficult maintenance<br />
16.6. Conclusion<br />
Appendix<br />
A. PIP2A1: Distribute New Product Information<br />
B. UDDI Technical White Paper<br />
Bibliography<br />
Index<br />
484<br />
484<br />
484<br />
485<br />
485<br />
487<br />
493<br />
519<br />
531<br />
541
Part I<br />
The Big Picture<br />
i
This page is intentionally left blank
Chapter \<br />
Introduction<br />
The focus of this chapter<br />
With <strong>B2B</strong> integration, collaborative e-<strong>commerce</strong> will truly come <strong>to</strong> life<br />
— moving from the phase of revolutionary idea <strong>to</strong> becoming a common<br />
aspect of business operations.<br />
In this chapter, we will introduce the subject of <strong>B2B</strong> collaborative<br />
e-<strong>commerce</strong>, differences between <strong>B2B</strong> and B2C, concepts of <strong>B2B</strong><br />
integration, formulation of <strong>B2B</strong>i strategy, the roadmap <strong>to</strong> a successful<br />
<strong>B2B</strong> integration strategy and implementation, features of a good <strong>B2B</strong><br />
integration solution and return on investment on <strong>B2B</strong>i implementation.<br />
3
4 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
1.1. Evolution of Next Generation Enterprises<br />
The Center for Research in Electronic Commerce (CREC), at the<br />
University of Texas-Austin recently conducted a large study <strong>to</strong> assess<br />
collaborative e-business value in small, medium and large companies<br />
across the U.S. and Europe. The study, which included leading manufacturers,<br />
retailers, distribu<strong>to</strong>rs and wholesalers, identified a strong<br />
link between e-business drivers such as system integration, cus<strong>to</strong>mer<br />
and supplier oriented processes, financial indica<strong>to</strong>rs and operational<br />
excellence measures. It reveals that many companies have either not<br />
engaged in <strong>B2B</strong> collaborative e-<strong>commerce</strong> or just started <strong>to</strong> move<br />
<strong>to</strong>wards it. The study indicates that most companies have only scratched<br />
the surface of e-business and have yet <strong>to</strong> realize the gains in efficiency<br />
and productivity that can be achieved through using the Internet.<br />
But a few companies are going through a phase of Internet revolution<br />
in terms of restructuring their business processes, providing real-time<br />
cus<strong>to</strong>mer service, integrating their internal applications and supply chain.<br />
They are increasing their profitability through digitization and integration<br />
of business processes — especially in business-<strong>to</strong>-business transactions.<br />
They are flexible, adaptable and eager <strong>to</strong> change, and have an unprecedented<br />
global market access of 24/7/365. They are utilizing their<br />
investments in e-business initiatives <strong>to</strong> achieve operational excellence.<br />
These are a new class of companies, known as Next Generation<br />
Enterprises (NGEs) that will dominate <strong>to</strong>morrow's markets.<br />
Companies that are not participating in this revolution may not<br />
remain competitive and profitable in the future. Becoming the next<br />
generation enterprise is not a matter of choice anymore. No modern<br />
business, regardless of its size, can survive without digitizing business.<br />
Your company can join the race, or get ousted by the competition. It is<br />
still not <strong>to</strong>o late — the long-term race has just begun.<br />
1.2. New Rules of Engagement<br />
The e-business world is growing at an unprecedented pace. Businesses<br />
all over the world are realizing that future survival and success are<br />
dependent upon the collaborative <strong>commerce</strong> capabilities of the<br />
organization and its ability <strong>to</strong> act at Internet speeds. The new dimensions
Introduction 5<br />
of business will involve robot shopping agents, business process<br />
coordination, business-<strong>to</strong>-business exchanges, collaborative networks,<br />
online billing, auctions, digital cash, mass cus<strong>to</strong>mization, markets for<br />
trust, cyberization of markets and concepts yet <strong>to</strong> be invented. Companies<br />
in many sec<strong>to</strong>rs of the economy will be forced <strong>to</strong> adapt <strong>to</strong> these new<br />
market realities with improved information technology infrastructures<br />
as well as au<strong>to</strong>mated and re-engineered business processes.<br />
The new rules of engagement, enforced by the new online economy,<br />
require a complete transformation of a legacy company <strong>to</strong> an e-business<br />
driven company. Technology plays a vital role in this transition and<br />
transformation and it is changing from a cost of doing business <strong>to</strong> a<br />
way of doing business.<br />
However, companies cannot, and should not abandon the classic<br />
concepts of successful business: product, price, promotion and place —<br />
or channel synergy — as well as cus<strong>to</strong>mer service and fulfillment. What<br />
is required for survival in the new economy is an appropriate balance<br />
between established business practices and the implementation of <strong>to</strong>day's<br />
information technology. The next generation enterprises will be successful<br />
only through the right integration of technology and business processes.<br />
1.3. <strong>B2B</strong> E-Commerce<br />
<strong>B2B</strong> e-<strong>commerce</strong> is being talked about everywhere. And it is not just<br />
jargon — it is the next level in the e-business revolution, when businesses<br />
collaborate with business partners in real-time and put management of<br />
all their processes online — from supply chain and purchasing <strong>to</strong><br />
manufacturing and product development — for increased control, rapid<br />
response, improved efficiency, global intelligence and unprecedented<br />
cost savings. <strong>B2B</strong> e-<strong>commerce</strong> is a revolution, similar in magnitude <strong>to</strong><br />
the Industrial Revolution, that will fundamentally change relationships<br />
among business partners — how they exchange information, collaborate,<br />
communicate and close transactions.<br />
1.3.1. What is <strong>B2B</strong> e-<strong>commerce</strong>?<br />
<strong>B2B</strong> e-<strong>commerce</strong> is an acronym for business-<strong>to</strong>-business, a type of<br />
e-<strong>commerce</strong> involving a transaction from one business <strong>to</strong> another via
6 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
the Internet. Thus, it occurs when systems of two or more businesses<br />
exchange information electronically that, directly or indirectly, results<br />
in a transaction. Multiple organizations can exchange information as<br />
part of a single transaction. A transaction in <strong>B2B</strong> e-<strong>commerce</strong> can<br />
involve traditional purchases and other related business activities such<br />
as request for a quote, setup of new accounts, order management and<br />
status information. A transaction generally is real-time, but based on the<br />
transaction requirement, the aggregation and distribution of data across<br />
companies may not be real-time.<br />
<strong>B2B</strong> e-<strong>commerce</strong> can be as basic as a manufacturer putting up a<br />
bare-bones Internet site <strong>to</strong> let distribu<strong>to</strong>rs securely order a handful of<br />
products, or it can be as complex as a distribu<strong>to</strong>r offering companyspecific<br />
pricing and content, complex product configurations and realtime<br />
access <strong>to</strong> inven<strong>to</strong>ry levels for its entire product line <strong>to</strong> thousands<br />
of cus<strong>to</strong>mers.<br />
1.3.2. <strong>B2B</strong> vs. B2C: Differing strategies<br />
Table 1.1 shows the major differences between <strong>B2B</strong> and B2C.<br />
1.3.3. Explosive growth in <strong>B2B</strong> e-<strong>commerce</strong><br />
Several fundamental forces have driven the explosive growth of <strong>B2B</strong><br />
e-<strong>commerce</strong>. Some of these forces arise from the need for global trade,<br />
dynamic business relationships, elimination of price differences, collaboration<br />
in new products development, forecasts and replenishments and<br />
movement <strong>to</strong> market-driven economies. Though price and functionality<br />
remain critical, cus<strong>to</strong>mer service and value-added relation-ships have<br />
become the new drivers of <strong>commerce</strong> and competitive advantage.<br />
Forrester Research has estimated that in the U.S. <strong>B2B</strong> e-<strong>commerce</strong><br />
will grow <strong>to</strong> more than $2 trillion by 2003, about 10% of business<br />
sales overall. According <strong>to</strong> the Gartner Group, the <strong>B2B</strong> e-<strong>commerce</strong><br />
marketplace will exceed $7 trillion in 2004. North America's share<br />
will approach $2.8 trillion of market revenue; Europe will grow <strong>to</strong><br />
$2.3 trillion; Asia will account for $900 billion; and Latin America will<br />
reach $124 billion.
Commerce<br />
Activities<br />
Business<br />
Models<br />
Nature of<br />
Transactions<br />
Order Size<br />
Table 1.1. Differences between <strong>B2B</strong> and B2C<br />
Business <strong>to</strong> Business (<strong>B2B</strong>)<br />
Business-<strong>to</strong>-business<br />
encompasses many other types<br />
of activities than simply placing<br />
orders between businesses (e.g.,<br />
joint design, development and<br />
manufacture). For these issues,<br />
there is a need <strong>to</strong> agree on<br />
platforms and/or data<br />
interchange standards.<br />
Typical activities among<br />
companies participating in <strong>B2B</strong><br />
<strong>commerce</strong> include collaborative<br />
planning and forecasting, order<br />
fulfillment, payment execution<br />
and status tracking.<br />
The business models in <strong>B2B</strong><br />
are much more defensible than<br />
in B2C. <strong>B2B</strong> is an evolved<br />
economy. It is about transformation<br />
and evolution of<br />
business. In <strong>B2B</strong>, buyers and<br />
suppliers are made more<br />
efficient, competitive and<br />
profitable.<br />
<strong>B2B</strong> orders are governed by<br />
the complex business rules of<br />
the different parties (such as<br />
buyers, sellers and distribu<strong>to</strong>rs)<br />
involved in the transaction.<br />
Each side wants visibility in<br />
the transaction from inception<br />
<strong>to</strong> completion.<br />
In most cases, the average<br />
order size (in value) in the<br />
<strong>B2B</strong> world is large.<br />
Introduction 7<br />
Business <strong>to</strong> Consumer (B2C)<br />
For the business-<strong>to</strong>-consumer,<br />
the business only has <strong>to</strong> be<br />
able <strong>to</strong> support communications<br />
via the Internet, phone, fax<br />
and e-mail. The focus is on<br />
providing services such as<br />
product catalogs, ordering and<br />
payment and status checking.<br />
The B2C models are based on<br />
optimizing the ability <strong>to</strong><br />
directly attract, manage and<br />
support the individual<br />
cus<strong>to</strong>mer, thus eliminating the<br />
traditional middleman.<br />
In B2C, it is a case of new vs.<br />
old: it is Amazon vs. Borders.<br />
They are fighting for a share<br />
of the same cus<strong>to</strong>mer.<br />
B2C orders are often impulse<br />
or spot transactions with a<br />
short life span. There is more<br />
leniency in fulfillment of these<br />
orders.<br />
In most cases, the average<br />
order size (in value) in the<br />
B2C world is small.
8 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Flexibility <strong>to</strong><br />
Change<br />
Relationships<br />
Cus<strong>to</strong>mer<br />
Relationships<br />
Table 1.1 (Continued)<br />
Business <strong>to</strong> Business (<strong>B2B</strong>)<br />
The switching costs in <strong>B2B</strong> are<br />
much higher because the<br />
companies are much more<br />
tightly connected through<br />
integration in<strong>to</strong> back office<br />
ERP systems. The companies<br />
must evolve business processes<br />
and develop trust with buyers<br />
and suppliers that goes well<br />
beyond delivering a product.<br />
Relationships are much more<br />
complex, long-term, often<br />
contractual and involve bigger<br />
dollar amount. They involve<br />
intricate procurement models,<br />
supply chain au<strong>to</strong>mation,<br />
engineering and planning<br />
collaboration.<br />
Business <strong>to</strong> Consumer (B2C)<br />
B2C relationships are very<br />
flexible. Buyers have full<br />
flexibility <strong>to</strong> change their<br />
suppliers.<br />
B2C relationships are usually<br />
one-sided, where businesses<br />
define and control the<br />
relationship with the consumer.<br />
Companies that have not yet put any resources in<strong>to</strong> developing a<br />
comprehensive <strong>B2B</strong> strategy will most likely face immense pressure,<br />
sooner rather than later, either from cus<strong>to</strong>mers, suppliers or competi<strong>to</strong>rs<br />
that have started reaping the cost benefits of doing business over the<br />
Internet.<br />
1.3.4. What is collaborative e-<strong>commerce</strong>?<br />
<strong>Collaborative</strong> e-<strong>commerce</strong>, also known as c-<strong>commerce</strong>, allows Internetenabled<br />
companies <strong>to</strong> share intellectual capital and leverage the core<br />
competencies of their trading partners. It promises <strong>to</strong> deliver significant<br />
increases in corporate innovation, productivity and profitability and<br />
create new opportunities for dynamic <strong>B2B</strong> collaboration over the Internet.<br />
According <strong>to</strong> the Gartner Group, by 2005 nearly half of all Web-based<br />
<strong>commerce</strong> will be collaborative in nature.
Introduction 9<br />
<strong>Collaborative</strong> e-<strong>commerce</strong> is enabled by <strong>B2B</strong> integration which leads<br />
<strong>to</strong> shared databases, open tracking systems, enhanced inter-enterprise<br />
visibility and cooperation, streamlined business processes, new cost<br />
efficiencies and an expanded cus<strong>to</strong>mer base for every collaborative<br />
partner — all resulting in a competitive advantage that traditional<br />
business models simply cannot duplicate.<br />
1.4. <strong>B2B</strong> <strong>Integration</strong> (<strong>B2B</strong>i)<br />
<strong>B2B</strong> integration or <strong>B2B</strong>i is basically about the secured coordination of<br />
information among businesses and their information systems (see<br />
Figure 1.1). <strong>B2B</strong>i provides a technology framework for <strong>B2B</strong> collaborative<br />
e-<strong>commerce</strong>. It promises <strong>to</strong> dramatically transform the way business is<br />
conducted between partners, suppliers and cus<strong>to</strong>mers. All companies<br />
(i.e., large, medium, small and new) can experience increased growth<br />
and success through tightly integrated partnerships.<br />
Large Company<br />
Cus<strong>to</strong>mer l> \^ Buyer<br />
t K Supplier<br />
tut mii<br />
Supplier cus<strong>to</strong>mer<br />
**^JTO
10 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Companies, from across a variety of industries, from consumer<br />
packaged goods, high technology, logistics and pharmaceuticals <strong>to</strong><br />
chemical, manufacturing and financial services, are embracing <strong>B2B</strong>i.<br />
They are realizing the enormous competitive advantage of <strong>B2B</strong>i, through<br />
faster time <strong>to</strong> market, reduced cycle times and increased cus<strong>to</strong>mer<br />
service. Through integration of business and technical processes,<br />
companies are able <strong>to</strong> strengthen relationships with service partners and<br />
cus<strong>to</strong>mers, achieve seamless integration inside and outside the enterprise,<br />
gain real-time views of cus<strong>to</strong>mer accounts, increase operational<br />
efficiencies and reduce costs.<br />
With <strong>B2B</strong> integration, collaborative e-<strong>commerce</strong> will truly come <strong>to</strong><br />
life — moving from the phase of revolutionary idea <strong>to</strong> become a<br />
common aspect of business operations. The future e-<strong>commerce</strong> landscape<br />
is beginning <strong>to</strong> take shape.<br />
1.4.1. <strong>Integration</strong>: The <strong>to</strong>p priority<br />
Business-<strong>to</strong>-business integration and enterprise application integration<br />
(EAI) are the <strong>to</strong>p priorities of companies these days. <strong>B2B</strong>i requires<br />
exchange of data and sharing of business processes across multiple<br />
trading partners, such as buyers, suppliers and distribu<strong>to</strong>rs. EAI, on the<br />
other hand, requires internal applications, such as CRM, ERP and<br />
legacy systems, <strong>to</strong> interact with each other seamlessly (see Figure 1.2).<br />
<strong>B2B</strong>i and EAI are accomplished by data, application and business<br />
process integration. The integration challenges in both <strong>B2B</strong>i and EAI<br />
have a lot in common and can be overcome through a single, integrated<br />
solution.<br />
In a company <strong>to</strong>day, resolving complex and costly integration<br />
issues is more critical than ever before. According <strong>to</strong> interviews of<br />
50 global firms conducted by Forrester Research, 77% of the interviewees<br />
(see Figure 1.3) recognized integration <strong>to</strong> be critically important for<br />
e-<strong>commerce</strong> strategy. Making application data available <strong>to</strong> trading partners<br />
and cus<strong>to</strong>mers is also becoming increasingly important <strong>to</strong> the global<br />
companies. But less than one-quarter (24%) (see Figure 1.4) of the<br />
firms surveyed for the report have purchased software <strong>to</strong> enable business<strong>to</strong>-business<br />
integration.
Portal<br />
Electronic<br />
s<strong>to</strong>refront<br />
Cus<strong>to</strong>mer<br />
Relationship<br />
Management<br />
ERP<br />
Application<br />
<strong>Integration</strong><br />
E-marketplaces<br />
Introduction 11<br />
Legacy Systems<br />
Suppliers &.<br />
Partners<br />
<strong>Collaborative</strong><br />
Networks<br />
Figure 1.2. — <strong>B2B</strong>i and EAI integrate all internal and external applications<br />
How important is application integration<br />
<strong>to</strong> your eGommerce efforts 7<br />
Extremely Important<br />
Totally irrelevant<br />
Don't Know<br />
Percent of 30 companies<br />
interviewed<br />
Source: Forrester Group<br />
52%<br />
6%<br />
Mow much does your company spend on integration ?<br />
fiitemat application<br />
42%<br />
28%<br />
10%<br />
6%<br />
&2H connections<br />
12%<br />
14%<br />
12 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Have you purchased software Have you purchased software<br />
for internal integration ? for <strong>B2B</strong> integration ?<br />
No No<br />
38'% Yes 76%<br />
62%<br />
24%<br />
Percent of 50 companies Percent of 50 companies<br />
interviewed interviewed<br />
What was/is the biggest headache surrounding software integration?<br />
Source: Forrester Group<br />
Vendor problems<br />
in-'<br />
Dealing with<br />
Standards and legacy systems<br />
industry issue' 27%<br />
13%<br />
Problems with B^tt^"<br />
data formats ^^^^ Internal<br />
8% personnel<br />
issues 42%<br />
Percent of 50 companies interviewed<br />
Figure 1.4. — Most companies using a wait-and-watch approach for <strong>B2B</strong><br />
integration<br />
cost associated with implementing a <strong>B2B</strong>i solution may come down in<br />
the future. A typical <strong>B2B</strong>i solution can cost a company any where from<br />
$350,000 <strong>to</strong> several millions of dollars. Additionally, some companies<br />
feel that they are not ready <strong>to</strong> make the highly difficult design choices<br />
that are fundamental <strong>to</strong> the dynamic nature of <strong>B2B</strong> application<br />
architectures, which have <strong>to</strong> react <strong>to</strong> rapid changes in <strong>commerce</strong>, market,<br />
technologies, standards and products.<br />
1.4.2. A daunting effort<br />
One of the key requirements of <strong>B2B</strong>i is that, apart from the organization<br />
itself, its cus<strong>to</strong>mers and trading partners have <strong>to</strong> participate in the<br />
integration process. In a hub-and-spoke type relationship, each trading<br />
partner has <strong>to</strong> integrate its applications, such as ERP, SCM and CRM<br />
with the corporate hub or marketplace at the center of the trading<br />
network.
Introduction 13<br />
<strong>B2B</strong>i is easier said than done. <strong>Integration</strong> is a big challenge, especially<br />
for global corporations that have hundreds <strong>to</strong> thousands of trading<br />
partners. It is an extremely daunting effort <strong>to</strong> manage the integration of<br />
so many business processes and can turn out <strong>to</strong> be a time consuming,<br />
complex and expensive task. With the advent of new technologies, the<br />
potential of disparity further increases and makes the exchange of<br />
electronic information even more complicated. To resolve this problem,<br />
companies are forced <strong>to</strong> adopt one or more of the following strategies:<br />
• Limit e-<strong>commerce</strong> transactions <strong>to</strong> business partners using compatible<br />
systems.<br />
• Enforce proprietary formats on business partners. This is a typical<br />
strategy used in a hub-and-spoke type business relationship.<br />
• Stand on the side lines until <strong>B2B</strong>i technology and standards are fully<br />
developed and used by companies in the same vertical industry.<br />
With the use of such strategies, several companies are not able <strong>to</strong><br />
reap the benefits of <strong>B2B</strong> collaborative e-<strong>commerce</strong>. These are the<br />
companies that will have a hard time competing with more nimble<br />
companies that have a successful <strong>B2B</strong>i implementation in the future.<br />
1.4.3. Getting beyond the starting line<br />
There are four main steps involved in building a successful <strong>B2B</strong>i solution:<br />
• Plan a <strong>B2B</strong>i strategy. The strategy should clearly state the different<br />
business processes that can be integrated with the business partners<br />
over the Internet, the benefits associated with the migration strategy<br />
and the technology and other resources required <strong>to</strong> achieve this<br />
transition. Evaluate and benchmark how other companies are<br />
successfully implementing <strong>B2B</strong>i. Learn from their successes and<br />
failures.<br />
• Determine short-term and long-term integration goals: For a successful<br />
implementation, it is very important <strong>to</strong> identify both short-term and<br />
long-term integration goals.<br />
• Leverage existing systems. With <strong>B2B</strong>i technology, companies can<br />
keep their existing internal systems while extending the information<br />
systems <strong>to</strong> accommodate e-business.
14 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Choose the right solution and solution provider. With the right <strong>B2B</strong>i<br />
solution, a company can design architecture that provides easy, secured<br />
and reliable integration with trading partners ERP, CRM, legacy<br />
systems, portals and databases.<br />
The resulting architecture should represent existing business<br />
relationships and have the flexibility <strong>to</strong> build dynamic relationships.<br />
This architecture should lay down a roadmap for the required enterprise<br />
application integration along with <strong>B2B</strong>i. It should also address Internet<br />
security and transaction management issues.<br />
Plan a <strong>B2B</strong>i strategy<br />
As it is not possible <strong>to</strong> manufacture a product without clear instructions<br />
of its shape, color and functionality, in a similar way it is not possible<br />
<strong>to</strong> achieve an effective <strong>B2B</strong>i without having a clear and visionary <strong>B2B</strong>i<br />
strategy. The strategy should develop an integrated enterprise from<br />
cus<strong>to</strong>mers <strong>to</strong> suppliers <strong>to</strong> distribu<strong>to</strong>rs <strong>to</strong> <strong>B2B</strong> e-marketplaces <strong>to</strong> financial<br />
institutions. <strong>B2B</strong>i involves fundamentally rethinking the business model<br />
<strong>to</strong> transform a company in<strong>to</strong> a digitally networked enterprise — an end<strong>to</strong>-end<br />
integration of systems, data and applications.<br />
The <strong>B2B</strong>i strategy should take in<strong>to</strong> consideration the challenges<br />
imposed by the constant changes in the field of information technology.<br />
Apart from technology, the strategy should also give careful consideration<br />
<strong>to</strong> cus<strong>to</strong>mer feedback, benchmark data, usage statistics, competitive<br />
analysis, current forces and current capabilities.<br />
Determine short-term and long-term integration goals<br />
After planning a strategy, the second step in moving <strong>to</strong>wards an integrated<br />
enterprise goal is <strong>to</strong> examine a company's needs and the needs of<br />
partner companies with which it will be integrating. Basically, <strong>B2B</strong>i<br />
strategy can be classified in<strong>to</strong> two phases: the short- <strong>to</strong> mid-term<br />
plan (the next five years) and the long-term plan (the sixth year and<br />
beyond).
Short-term strategy<br />
Introduction 15<br />
In the first phase, a company should focus on how integration can<br />
reduce the operational costs, increase worker productivity, au<strong>to</strong>mate<br />
supply chain and improve cus<strong>to</strong>mer relationships. The implementation<br />
of the technology will likely affect almost every aspect of a company's<br />
business, for example, cus<strong>to</strong>mer relationship management (CRM)<br />
packages will au<strong>to</strong>mate the sales and support process. Apart from<br />
providing a real-time, personalized service <strong>to</strong> the cus<strong>to</strong>mers, supply<br />
chain management (SCM) systems, <strong>B2B</strong> e-marketplaces and collaborative<br />
networks will change procurement, inven<strong>to</strong>ry control, order management<br />
and tracking processes. It is strategically important for a company <strong>to</strong><br />
determine the following with respect <strong>to</strong> its trading partners (i.e., buyers,<br />
suppliers and distribu<strong>to</strong>rs):<br />
• Have its trading partners implemented any <strong>B2B</strong>i solution?<br />
• Will they interact with it through existing networks or legacy systems?<br />
• Can they interact with it through various <strong>B2B</strong> e-<strong>commerce</strong> channels<br />
such as <strong>B2B</strong> e-marketplaces?<br />
• Which elements (such as order management, procurement and catalog<br />
management) of the <strong>B2B</strong> relationship need integration?<br />
Identifying integration goals is not a single step task. It takes several<br />
iterations in architectural design, assessment of internal and external<br />
systems and constant evaluation of processes <strong>to</strong> formalize them. A<br />
company has <strong>to</strong> constantly evaluate fac<strong>to</strong>rs such as industry standards,<br />
standards being used by the <strong>B2B</strong> e-marketplaces in which it is<br />
participating and participation in new collaborative networks in its<br />
vertical industry.<br />
Long-term strategy<br />
The second phase of a company's <strong>B2B</strong>i strategy is the long-term plan<br />
(the sixth year and beyond), which involves envisioning and understanding<br />
the company's long-term goals. <strong>B2B</strong>i is an asset that can<br />
create sustained business value. It is important <strong>to</strong> look beyond immediate<br />
<strong>B2B</strong>i needs <strong>to</strong> obtain this sustained business value.
16 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Companies can use a scenario methodology for long-term planning.<br />
In scenario methodology, a company has <strong>to</strong> imagine a number of<br />
possible scenarios, positive and negative, that could evolve in its industry,<br />
business relationships and technological advancements. Based on these<br />
scenarios and the sequence of events leading <strong>to</strong> them, a company will<br />
have <strong>to</strong> predict if it is technologically prepared for them. This evaluation<br />
can be a very iterative process, but would allow a company <strong>to</strong> reposition<br />
its technology direction in time. With the use of this methodology for<br />
long-term planning, <strong>B2B</strong>i goals would be a continuously evolving process.<br />
The fac<strong>to</strong>rs that should be considered in scenario methodology<br />
include: situational analysis, technology validation, financial planning<br />
and organizational development planning.<br />
Other fac<strong>to</strong>rs that a company has <strong>to</strong> constantly consider are:<br />
• How might its <strong>B2B</strong> relationships evolve in the future?<br />
• What new types of business partners (suppliers, channels) might it<br />
have in the future?<br />
• Does the <strong>B2B</strong>i infrastructure provide secure, location-independent<br />
access points <strong>to</strong> applications, a necessity for <strong>to</strong>day's mobile workforce<br />
and extended corporation?<br />
• Has it taken a holistic approach <strong>to</strong> e-business networking that provides<br />
an infrastructure for an entire e-business enterprise: internal operations,<br />
business partners and cus<strong>to</strong>mers?<br />
The e-business integration goals should serve as a roadmap <strong>to</strong> ensure<br />
that the organization uses its technology and business <strong>to</strong> realize its full<br />
potential.<br />
Leveraging existing systems<br />
<strong>B2B</strong>i technology will have a significant impact on business computing<br />
and is integral <strong>to</strong> moving enterprises <strong>to</strong>wards integrated infrastructures.<br />
The <strong>B2B</strong>i model substantially changes the way corporations plan, design,<br />
build, deploy and manage future business applications. The success of<br />
this evolution for any company would be determined by these two<br />
critical fac<strong>to</strong>rs: how well it has leveraged existing investments in<br />
corporate infrastructure and how well it has ensured flexibility for the
Introduction 17<br />
future. Companies that architect their <strong>B2B</strong>i implementation strategy<br />
based on these two fac<strong>to</strong>rs and choose a solution that meets these<br />
requirements, without compromising security, scalability and performance<br />
will be the winners in long run.<br />
Companies charging <strong>to</strong>wards <strong>B2B</strong> integration have a lot <strong>to</strong> learn<br />
from the old adage "make new friends, but keep the old". This old<br />
maxim is very pertinent in <strong>to</strong>day's dynamic technology and business<br />
environment. Although it is important for the companies <strong>to</strong> embrace<br />
new technology like <strong>B2B</strong> integration, they still have <strong>to</strong> retain and<br />
effectively use their legacy systems. Over the years, companies have<br />
invested several million dollars in building, maintaining and enhancing<br />
these core systems which have been supporting the business for decades.<br />
It would be absolutely imprudent <strong>to</strong> throw away these systems and<br />
start everything from scratch. With the right transition methodology,<br />
implementation <strong>to</strong>ols and smart vision, companies can effectively leverage<br />
their legacy systems, implement new integrated e-business solutions and<br />
tie them all <strong>to</strong>gether.<br />
Legacy extension enables a corporation <strong>to</strong> use pre-existing applications,<br />
like mainframe systems, that contain all the data, business rules<br />
and logic and extend their functionality <strong>to</strong> other applications such as<br />
ERP, CRM and <strong>B2B</strong> type applications. The new <strong>B2B</strong> applications can<br />
build on the proven business logic and processes by just acting like<br />
wrappers <strong>to</strong> the data contained within the legacy systems. In fact,<br />
legacy extension systems encapsulate the existing business processes.<br />
With this extension, organizations can reduce the overall <strong>B2B</strong>i<br />
implementation cost, time and effort.<br />
1.4.4. Selecting the right <strong>B2B</strong>i solution<br />
<strong>B2B</strong>i is much more than just planning a strategy and getting applications<br />
<strong>to</strong> communicate with each other. Without the right <strong>to</strong>ols and the right<br />
solution, any integration implementation will be doomed. Before a<br />
company selects any solution or solution provider and pools all its<br />
resources in<strong>to</strong> it, it should consider the following:<br />
• Can the solution evolve with the company, with the industry and with<br />
the IT industry?
18 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Does it offer comprehensive functionality with the flexibility <strong>to</strong><br />
support third-party software vendors and connect existing and new<br />
systems in a common framework?<br />
• Does it work within scalable environments <strong>to</strong> accommodate cus<strong>to</strong>mer<br />
and trading partner systems as well?<br />
• Does it support open standards?<br />
So, what are the key features that a company should look for before<br />
investing in any <strong>B2B</strong>i software package?<br />
Any transaction, any time — end-<strong>to</strong>-end, partner-<strong>to</strong>-partner<br />
A <strong>B2B</strong>i solution should be able <strong>to</strong> link a company <strong>to</strong> buyers, sellers,<br />
e-marketplaces and collaborative networks au<strong>to</strong>matically in real-time. It<br />
should be able <strong>to</strong>:<br />
• Fully au<strong>to</strong>mate real-time exchange of data between disparate<br />
applications;<br />
• Integrate cus<strong>to</strong>mer relationship management, procurement, supply chain<br />
management, databases and other legacy applications, regardless of<br />
existing technology at either end;<br />
• Provide easy bi-directional connectivity <strong>to</strong> collaborative networks;<br />
• Easily populate the existing enterprise information systems with the<br />
data resulting from <strong>B2B</strong> business process communications like<br />
purchase order, request for quotation and order status at both ends;<br />
• Provide easy integration for dynamic content like catalogs and<br />
inven<strong>to</strong>ry from the enterprise's systems in<strong>to</strong> each portal's proprietary<br />
system;<br />
• Be flexible enough <strong>to</strong> extend <strong>B2B</strong>i links <strong>to</strong> any trading partner and<br />
any <strong>B2B</strong> exchange as long as they adhere <strong>to</strong> industry standards for<br />
business process communication;<br />
• Enable sharing transaction-based business information with buy-side,<br />
sell-side and third party portals and exchanges;<br />
• Provide business objects that are a one-<strong>to</strong>-one mapping of the most<br />
common business processes;<br />
• Provide graphical flow control language for easy integration with<br />
business systems;
Introduction 19<br />
• Ensure the security, integrity and privacy of each transaction through<br />
security features such as encryption and authentication; and<br />
• Provide clustering solutions for load balancing along with robust fail<br />
over capabilities.<br />
Conduct all transactions securely<br />
The <strong>B2B</strong>i solution should address all types of electronic transactions<br />
including, but not limited <strong>to</strong>:<br />
• Catalog management transactions such as price/sales catalog, product<br />
descriptions, product change notification and inven<strong>to</strong>ry availability;<br />
• Order management transactions such as quote and order entry,<br />
transportation and distribution, returns and finance and product<br />
distribution;<br />
• Supply chain management transactions such as purchase orders,<br />
collaborative forecasting, inven<strong>to</strong>ry allocation and replenishment,<br />
inven<strong>to</strong>ry reporting and sales reporting;<br />
• Financial transactions such as payment orders, remittance advice,<br />
invoices and consolidated invoices; and<br />
• Logistics transactions such as mo<strong>to</strong>r carrier bills of loading, logistics<br />
service requests and responses and shipment status inquiries.<br />
Flexible<br />
The <strong>B2B</strong>i solution that a company chooses should support diverse sets<br />
of file formats, pro<strong>to</strong>cols, telecommunications and security standards. A<br />
company should be able <strong>to</strong> make a single connection <strong>to</strong> its <strong>B2B</strong><br />
integra<strong>to</strong>r and let it take care of all the complex, behind-the-scenes<br />
work necessary <strong>to</strong> bridge the electronic gap between its partners, vendors<br />
and cus<strong>to</strong>mers quickly and painlessly.<br />
The solution should be based on open standards that allow the<br />
company and its partners <strong>to</strong> send transactions using any combination of<br />
the following (see Figure 1.5):<br />
• Applications and file formats (SAP, PeopleSoft, Oracle and ANSI<br />
X.12, XML, etc.);<br />
• Telecommunications pathway (Internet, VAN, Frame Relay, etc.);
20 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
E-marketplace<br />
Ail File Formats<br />
AN Communication Pro<strong>to</strong>cols<br />
AM Security Solutions<br />
AM <strong>B2B</strong> Standards<br />
Logistics Provider<br />
Figure 1.5. — A typical <strong>B2B</strong> integration solution<br />
in mi<br />
• Communication pro<strong>to</strong>col (FTP, HTTP, HTTP/S, etc.);<br />
• Security (digital certificates, Secure Socket Layer, PGP, PKI, etc.);<br />
• Service requirements (archiving options, routing, moni<strong>to</strong>ring, etc.);<br />
and<br />
• <strong>B2B</strong> pro<strong>to</strong>cols and standards, including OBI, RosettaNet, OAG,<br />
BizTalk and ebXML.<br />
1.5. What is the Return on Investment (ROI)<br />
on <strong>B2B</strong>i?<br />
Through <strong>B2B</strong>i, the integrated companies operate efficiently on a realtime<br />
basis, which has a direct impact on their bot<strong>to</strong>m line. The return<br />
on investment for <strong>B2B</strong>i is extremely high — often 5 <strong>to</strong> 15 times more,
Introduction 21<br />
with a payback period measured in months, not years. The ROI on<br />
<strong>B2B</strong>i comes from the increased operational efficiency and reduced costs<br />
that are achieved by streamlining, au<strong>to</strong>mating business processes, reduced<br />
cycle time and supply chain au<strong>to</strong>mation.<br />
How do you measure the ROI on <strong>B2B</strong>i? Well, there is a right way<br />
and a wrong way <strong>to</strong> measure ROI. The wrong way <strong>to</strong> justify <strong>B2B</strong><br />
integration is by measuring the time representatives save in reduced<br />
paper work, or in revenue the company saves by slicing the need for<br />
data entry. The right way is <strong>to</strong> measure the quantum of reduction in<br />
operational and developmental costs.<br />
<strong>B2B</strong>i represents opportunities <strong>to</strong> increase revenues through decreased<br />
communication, reduction in operational and development costs and<br />
au<strong>to</strong>mated supply chain and cus<strong>to</strong>mer relationship management, resulting<br />
in higher profit margins. It dramatically reduces human intervention in<br />
business processes for faster, more reliable and more profitable<br />
transactions. The benefits of <strong>B2B</strong>i, lower costs, reduced inven<strong>to</strong>ry<br />
levels, faster time <strong>to</strong> market and better-informed decisions, have a<br />
cumulative effect on increasing the productivity of a company. In a<br />
recent research report, BCG forecasts that, by 2004, business-<strong>to</strong>-business<br />
integration will generate productivity gains equivalent <strong>to</strong> 1-2% of sales;<br />
by 2010, this figure could grow <strong>to</strong> 6%, or roughly $1 trillion.<br />
Increased Revenue + Decreased Cost + Improved Efficiency =<br />
Higher Profitability<br />
A company should calculate the implementation and ongoing costs<br />
associated with the project including software, hardware, system<br />
integration and future production support expenses. These cost estimates<br />
should be carefully examined <strong>to</strong> determine the return on investment<br />
(ROI) for the proposed solution. Every company wants <strong>to</strong> be considered<br />
forward thinking, but revenue, not technology, is still the king in the<br />
corporate world. Beware of any overly ambitious initiative spearheaded<br />
by the IT department.<br />
Though many software vendors claim an out-of-the-box solution <strong>to</strong><br />
<strong>B2B</strong> integration, the truth is that implementing a <strong>B2B</strong>i solution can<br />
often be a laborious, expensive undertaking.
22 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
ADAPTEC ACHIEVES AN ROI OF 1500% THROUGH <strong>B2B</strong>i<br />
Adaptec is a $1 billion global manufacturer and supplier of network<br />
and I/O connectivity hardware and software products such as board,<br />
chips and software <strong>to</strong> some of the biggest computer vendors — IBM,<br />
HP, Compaq, Sun and Dell. It competes in an environment of shrinking<br />
product lifecycles, increasing cus<strong>to</strong>mer demands and decreasing<br />
margins. To remain competitive, the company had <strong>to</strong> reduce its<br />
supplier lead-times and reduce overall cycle times from 105 days <strong>to</strong><br />
55 days.<br />
Unlike many competi<strong>to</strong>rs, Adaptec does not have its own fabrication<br />
and assembly facilities and has the additional challenge of coordinating<br />
the production of its IC products through several contract-manufacturing<br />
partners in Asia. Board-level assembly and final testing is<br />
conducted at their own high volume manufacturing facility in<br />
Singapore. This process requires tight integration among all the<br />
partners in the back-end of the supply chain.<br />
This manufacturing approach removes the need <strong>to</strong> invest<br />
$1.2 billion in its own fabrication facility, but increases the need <strong>to</strong><br />
interact seamlessly with Asian partners. Adaptec's previous methods<br />
of communication — fax, e-mail, FTP and EDI — had inherent<br />
problems that caused delays and increased lead-times, making it less<br />
competitive in the market.<br />
Extricity Alliance, a <strong>B2B</strong>i solution, enabled Adaptec <strong>to</strong> connect <strong>to</strong><br />
its external business partners securely and in real-time over the<br />
Internet, streamlined interaction with its global manufacturing partners<br />
and facilitated the exchange of information and transactions. The<br />
way Extricity Alliance connected business partners was highly flexible,<br />
which made it easy <strong>to</strong> support information exchanges and changing<br />
business processes.<br />
Extricity Alliance has enabled Adaptec <strong>to</strong> create a 'virtual fac<strong>to</strong>ry'<br />
by integrating the back-end of supply chain and au<strong>to</strong>mating a wide<br />
range of shared business processes — collaborative engineering, WIP<br />
updates and forecast sharing. The solution has helped <strong>to</strong> cut manufacturing<br />
cycle times by up <strong>to</strong> 50%, reduce inven<strong>to</strong>ry by 25% and<br />
Continue on page 23
Introduction 23<br />
Continued from page 22<br />
greatly improve cus<strong>to</strong>mer satisfaction — resulting in a significant<br />
competitive edge for Adaptec and bot<strong>to</strong>m-line savings of $2 million<br />
per year. The solution is estimated <strong>to</strong> have an ROI of 1,500%. Other<br />
benefits include improved on-time delivery due <strong>to</strong> better supply chain<br />
coordination and increased visibility <strong>to</strong> manufacturing processes.<br />
Taking four weeks off the cycle time resulted in a one-off $9 million<br />
saving for the company.<br />
Source: Condensed from Extricity Software, Solution for Adaptec, EAI Journal<br />
1.6. Conclusion<br />
<strong>B2B</strong> integration is the pervasive enabler of most current business<br />
strategies such as collaborative e-<strong>commerce</strong>, collaborative networks,<br />
supply chain management (SCM) and cus<strong>to</strong>mer relationship management<br />
(CRM) across multiple channels of delivery including wireless devices<br />
and the Internet.<br />
<strong>B2B</strong>i strategy should be laid out and executed in such a way so as<br />
<strong>to</strong>: have an integrated, real-time application-<strong>to</strong>-application, system-<strong>to</strong>system<br />
interaction with all the existing and new trading partners;<br />
eliminate all manual steps in business processes; conduct secure and<br />
real-time <strong>commerce</strong> transactions over the Internet; have the flexibility<br />
<strong>to</strong> accommodate the different mode of interactions of each partner; and,<br />
finally, have the ability <strong>to</strong> adapt <strong>to</strong> change quickly and easily in this<br />
dynamic age of <strong>B2B</strong> collaborative e-<strong>commerce</strong>. This is what <strong>B2B</strong>i is all<br />
about — the end-<strong>to</strong>-end au<strong>to</strong>mation and integration of cross-organization<br />
business processes, data, applications and systems.
Chapter 2<br />
Components, Benefits,<br />
Challenges and Applications<br />
of <strong>B2B</strong> <strong>Integration</strong><br />
The focus of this chapter<br />
There are multiple components of <strong>B2B</strong>i and each one of them has<br />
its own importance in planning a company's <strong>B2B</strong>i strategy and<br />
implementation.<br />
In this chapter, we will reveal all the major components of <strong>B2B</strong>i,<br />
<strong>B2B</strong>i benefits and potential challenges that a company may face in its<br />
implementation. We will also introduce some of the most important<br />
<strong>B2B</strong>i-enabled applications such as supply chain management,<br />
e-marketplaces and collaborative networks.<br />
24
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 25<br />
2.1. The Word is Out<br />
The word is out: dynamic business collaboration on the Internet is a<br />
strategic imperative. There is a great hustle and bustle going on in<br />
IT and business divisions of all companies either <strong>to</strong> kick start or,<br />
having done so, <strong>to</strong> quickly finish the integration process that provides a<br />
seamless, end-<strong>to</strong>-end solution for integrating cus<strong>to</strong>mers, partners and<br />
suppliers.<br />
In this chapter, we will discuss all the major components of <strong>B2B</strong>i,<br />
the bot<strong>to</strong>m line benefits of <strong>B2B</strong>i <strong>to</strong> companies and the challenges that<br />
they may face in <strong>B2B</strong>i implementation. This is followed by an<br />
introduction <strong>to</strong> a few major applications enabled by <strong>B2B</strong>i, such as<br />
supply chain management (SCM), <strong>B2B</strong> exchanges and collaborative<br />
networks.<br />
2.2. <strong>B2B</strong>i Components<br />
<strong>B2B</strong>i consists of multiple components, each one being of different<br />
priority for different companies. It may not be possible <strong>to</strong> incorporate<br />
all the components in the first phase of <strong>B2B</strong>i implementation; however,<br />
it is prudent <strong>to</strong> at least include them in long-term <strong>B2B</strong>i goals.<br />
2.2.1. <strong>Integration</strong> patterns<br />
Companies can achieve <strong>B2B</strong>i using one or more of the following<br />
integration patterns (see Figure 2.1):<br />
• Data oriented integration;<br />
• Application oriented integration;<br />
• Portal oriented integration; and<br />
• Business process oriented integration.<br />
Most of the companies have <strong>to</strong> use a combination of these patterns<br />
<strong>to</strong> achieve integration with their trading partners. The choice of the<br />
integration pattern is based on several fac<strong>to</strong>rs, including the nature of<br />
integration agreement with the trading partners, degree of synchronization<br />
required, budget, short-term and long-term business goals.
26 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
L_; Hi Hi<br />
Portal Oriented <strong>Integration</strong><br />
m<br />
Application Oriented <strong>Integration</strong><br />
D<br />
Data Oriented <strong>Integration</strong><br />
Business Process Oriented <strong>Integration</strong><br />
Figure 2.1. — <strong>B2B</strong> integration patterns<br />
2.2.2. Enterprise Application <strong>Integration</strong> (EAI)<br />
The initial part of a <strong>B2B</strong>i solution includes linking diverse applications<br />
installed within the enterprise. This is known as enterprise application<br />
integration (EAI) and it involves all the legacy systems running the<br />
business, ERP packages, CRM systems and internal applications (see<br />
Figure 2.2). From a technological point of view, it involves a complex<br />
mix of databases, multiple operating systems and several pro<strong>to</strong>cols.<br />
According <strong>to</strong> recent research, 65% of the organizations that are<br />
deploying <strong>B2B</strong> e-business systems are not tackling the internal integration<br />
issues. It is really unfortunate that the <strong>B2B</strong>i strategy in most of these<br />
companies will fail drastically, as they will have the train but would<br />
not have laid the track, so <strong>to</strong> speak. For these companies, the internal<br />
applications would largely remain fragmented.<br />
To evolve from the brick and mortar format, companies will have <strong>to</strong><br />
first go through the painful process of integrating existing disparate<br />
systems.
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 27<br />
Messaging<br />
Middleware<br />
Application ptppiicauuu<br />
A ^~<br />
packages *cP' .*-<br />
Databases<br />
(ERP,CRM..) \& «rf*»\V<br />
.irfk j j.**"* . - Internal Business — -<br />
A^<br />
j ** Processes<br />
^"-^•"* Legacy Systems<br />
Database<br />
Interfaces<br />
Figure 2.2. — Enterprise Application <strong>Integration</strong> components<br />
2.2.3. Business Process Management (BPM)<br />
<strong>B2B</strong>i is as much about business process management as it is about<br />
technology. <strong>B2B</strong>i implementation provides every corporation with the<br />
opportunity <strong>to</strong> redefine and au<strong>to</strong>mate core business processes, which<br />
results in streamlined business operations and reduced cost.<br />
BPM for <strong>B2B</strong>i is focused on how business partners can refine their<br />
business processes so that the applications supporting them can be<br />
seamlessly integrated. With effective BPM, companies can become a<br />
part of a unified business process flow and unified supply chain.<br />
Unified workflows allow the dynamic sharing of state information<br />
among trading partners, through which all communication can be tracked<br />
and recorded. Since <strong>B2B</strong> transactions can span over multiple days,<br />
unified workflows become critical in ensuring the completion of<br />
au<strong>to</strong>mated business transactions.<br />
2.2.4. Extensible Markup Language (XML)<br />
XML (Extensible Markup Language) is a technology based on open<br />
standards that standardizes and simplifies the communication of business
28 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
processes among companies. All life forms are carbon based. All<br />
e-business applications will be XML based.<br />
XML provides an open platform for businesses <strong>to</strong> communicate<br />
over the Internet, enabling dynamic 'anywhere-<strong>to</strong>-anywhere' business<br />
interactions. It is the universal language that makes structured Web<br />
data meaningful and enables computers <strong>to</strong> recognize easily and <strong>to</strong><br />
exchange contents and business documents, such as purchase orders,<br />
catalog inven<strong>to</strong>ry and invoices. XML is self-describing and provides an<br />
efficient means <strong>to</strong> separate the data and structure in electronic business<br />
documents from processes. With the use of XML in <strong>B2B</strong> applications<br />
(see Figure 2.3), trading partners do not have <strong>to</strong> go through the<br />
cumbersome process of mapping one another's business processes in<strong>to</strong><br />
Users<br />
Buyer Buyer Supplier Supplier<br />
Tl II II<br />
Internet<br />
Buyer «L^ Supplier<br />
cXMLl<br />
Internet f><br />
cXML ~<br />
- Internet<br />
E-marketplace<br />
J Internet<br />
XML<br />
4 E-marketplace<br />
Buyer Buyer Supplier Supplier<br />
Figure 2.3. — Example of use of XML in <strong>B2B</strong> applications<br />
Di liihulfiis<br />
DisliibuLuis<br />
Distribu<strong>to</strong>rs
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 29<br />
complex EDI-based messages. This completely changes the dynamics of<br />
communication in <strong>B2B</strong> applications.<br />
For a successful <strong>B2B</strong>i implementation, the companies will have <strong>to</strong><br />
reengineer their business processes <strong>to</strong> be XML-centric. Their new<br />
infrastructure must support critical XML standards, enable transformations<br />
and provide links <strong>to</strong> legacy applications.<br />
2.2.5. XML standards for e-business<br />
Just as the explosive growth in the usage of Internet was made possible<br />
by the standardization of the Web browser, the adoption, growth and<br />
success in <strong>B2B</strong> e-<strong>commerce</strong> will be controlled by the standardization of<br />
XML communication representing business processes among trading<br />
partners. There has <strong>to</strong> be a common set of business processes and a<br />
common grammar for <strong>B2B</strong>i <strong>to</strong> work.<br />
In <strong>B2B</strong>i, interoperability issues exist at almost every level — catalog<br />
management, order management, collaboration <strong>to</strong>ols, EDI pro<strong>to</strong>cols,<br />
shipping services, etc. Standards for data exchange for all the business<br />
processes involved in <strong>B2B</strong>i help in overcoming the interoperability<br />
issues.<br />
Several industry organizations, such as RosettaNet, are defining their<br />
market-segment-specific definitions.<br />
2.2.6. Web services<br />
Web services are Internet-based, self-describing and self-contained<br />
software resources that form the building blocks of distributed applications<br />
and business processes spanning across multiple organizations.<br />
Web services offer complete interoperability as they are based on<br />
open messaging standards. They work in conjunction with other Web<br />
services <strong>to</strong> complete part of a complex work-flow or business transaction.<br />
Web services can be invoked by partner applications at run-time,<br />
over the Internet. The client applications may not even have any prior<br />
knowledge of their existence. In essence, Web services enable just-intime<br />
<strong>B2B</strong> application integration.
30 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
2.2.7. Middleware technologies<br />
Middleware is a layer of software between the client and server<br />
applications that provides a uniform 'conduit' for them <strong>to</strong> communicate<br />
with one another. Middleware provides a platform for the integration of<br />
applications (developed in different programming languages and installed<br />
on different operating systems) and data sources (provided by different<br />
vendors). Middleware can be classified in<strong>to</strong> different categories that<br />
include: transaction oriented middleware, message oriented middleware<br />
(MOM), distributed objects and components-based application servers<br />
and communications middleware.<br />
2.2.8. <strong>Integration</strong> brokers<br />
<strong>Integration</strong> brokers built on <strong>to</strong>p of messaging middleware, known as<br />
message brokers, provide intelligent translation and routing of messages<br />
from the source <strong>to</strong> the target application. They enable content-based,<br />
sequential and conditional routing of messages. They also provide a<br />
message warehouse or reposi<strong>to</strong>ry for s<strong>to</strong>ring raw, unprocessed messages<br />
for archiving and retrieval.<br />
Companies will be able <strong>to</strong> achieve faster and reliable <strong>B2B</strong>i with<br />
integration brokers than with any other middleware solution.<br />
<strong>Integration</strong> brokers provide adapters for application servers, packaged<br />
applications such as CRM applications and SCM applications, legacy<br />
applications and databases (see Figure 2.4). They support all open<br />
standards and enable communication irrespective of the transportation<br />
pro<strong>to</strong>col. <strong>Integration</strong> brokers also impose a structure on the integration<br />
development process, thereby reducing the cost of maintaining application<br />
integration solutions.<br />
<strong>Integration</strong> brokers are the middleware of extranets that link<br />
applications and transactions not just across the enterprise but also<br />
across business-<strong>to</strong>-business networks.<br />
2.2.9. Internet security<br />
In <strong>B2B</strong>i, companies connect their internal systems <strong>to</strong> the Internet and<br />
through that single pipe they can potentially lose everything. A <strong>B2B</strong>
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 31<br />
/Constr- SQL<br />
Business Rules<br />
Formulas Actions Conversion /'<br />
/ Name Value Fixed Length \<br />
/ I 1 \<br />
[ Message Transformation 1j<br />
\ Object Streams Variable<br />
/Rosetta- \<br />
/ Net EDI ebXML BizTalk',<br />
Standards<br />
\ Swift CXML OASIS X12 /<br />
\ /<br />
<strong>Integration</strong><br />
Broker<br />
/ CRM Internal Accounting<br />
Applications<br />
ERP SCM Legacy Financial /<br />
/ Sybase MS-Access InformixX<br />
i i \<br />
Databases 11<br />
\ Oracle SQL Server Db2<br />
\<br />
Figure 2.4. — <strong>Integration</strong> broker connectivity<br />
transaction usually involves sharing proprietary information, electronic<br />
exchange of huge assets and potential involvement of multiple partners.<br />
It would be disastrous for a company <strong>to</strong> ignore the security requirements<br />
before participating in such transactions.<br />
<strong>B2B</strong>i infrastructure requires a cohesive security and network<br />
infrastructure through which the enterprises (buyers, suppliers and<br />
distribu<strong>to</strong>rs), <strong>B2B</strong> exchanges and service providers are able <strong>to</strong> manage<br />
securely complex relationships with both users and partners.<br />
2.2.10. Wireless technologies<br />
According <strong>to</strong> the Gartner group, more than 108 million employees<br />
worldwide will regularly work outside a traditional office. Companies<br />
/
32 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
are facing the challenge <strong>to</strong> provide these employees with access <strong>to</strong><br />
corporate computing resources. The access cannot be limited <strong>to</strong> basic<br />
features, such as e-mails, but needs <strong>to</strong> be a complete hookup in<strong>to</strong><br />
applications that enable them <strong>to</strong> be productive anytime, anywhere.<br />
Companies have <strong>to</strong> design and implement solutions that extend Internet,<br />
intranet and extranet applications wirelessly <strong>to</strong> handheld devices, based<br />
on the Palm and Windows CE platforms, as well as Internet-enabled<br />
phones.<br />
<strong>Integration</strong> of these mobile devices with a company's internal and<br />
trading partners' applications is now becoming an integral part of<br />
<strong>B2B</strong>i.<br />
2.2.11. Software agents<br />
The <strong>B2B</strong> e-<strong>commerce</strong> environment is both information and process<br />
rich. In the current environment, there are a lot of manual processes,<br />
such as information gathering and catalog management. Agent technology<br />
is very relevant in such an environment, as it is useful where a<br />
personalized, continuously running semi-au<strong>to</strong>nomous behavior is desired.<br />
Most of the work of information gathering and process management<br />
tasks can be delegated <strong>to</strong> agents.<br />
However, decisions in which the agent can possibly make a suboptimal<br />
choice, such as which s<strong>to</strong>ck <strong>to</strong> buy and approving a big<br />
contract, cannot be left <strong>to</strong> the software agent as the consequences of<br />
missed opportunities or unfavorable decisions can be severe.<br />
2.3. Benefits of <strong>B2B</strong> <strong>Integration</strong><br />
Following are several tangible and intangible benefits of <strong>B2B</strong>i, which<br />
directly affect a company's bot<strong>to</strong>m line:<br />
2.3.1. Dynamic business relationships<br />
<strong>B2B</strong> integration enables dynamic business relationships and processes<br />
that respond flexibly and quickly <strong>to</strong> new business models and changing
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 33<br />
cus<strong>to</strong>mer demands. <strong>B2B</strong>i makes it faster, easier and safer for companies<br />
<strong>to</strong> bring in<strong>to</strong> their ambit new associates and au<strong>to</strong>mate cross-enterprise<br />
business processes with them. Only a tightly integrated and highly<br />
au<strong>to</strong>mated organization can have this level of flexibility and adaptability<br />
<strong>to</strong> newer partners.<br />
2.3.2. Real-time information<br />
<strong>B2B</strong>i enables the secured exchange of real-time partner-specific and<br />
task-specific business information over the Internet, which has unlimited<br />
benefits. It gives companies the 'power of now'.<br />
As an example, let us assume that a company has seamlessly<br />
integrated its logistics system with all of its major shipping vendors.<br />
With this integration, the company will have a consolidated real-time<br />
view of shipments from multiple vendors. Even the company's direct<br />
cus<strong>to</strong>mers can securely access up-<strong>to</strong>-the-second shipping information<br />
through its corporate Website or via direct <strong>B2B</strong> links.<br />
2.3.3. Lower transaction costs<br />
Through <strong>B2B</strong>i, companies reduce not only the <strong>B2B</strong> transaction costs<br />
but also the complexity associated with them, while maintaining complete<br />
business logic.<br />
We are not talking about some small savings here. By exchanging<br />
business transactions electronically, companies can save as much as<br />
80% of the costs associated with conducting these same transactions<br />
on paper.<br />
According <strong>to</strong> a recent report from Goldman Sachs, Ford and GM,<br />
companies predict a savings of up <strong>to</strong> 20% from their Internet-based<br />
supply chain management systems. Likewise, British Telecom expects a<br />
90% per transaction cost savings from its <strong>B2B</strong>i efforts.<br />
The report also stated that currently less than 0.5% of all intercompany<br />
transactions take place electronically. By 2004, this number is<br />
expected <strong>to</strong> be more than 10% driven by the cost savings associated<br />
with e-<strong>commerce</strong>.
34 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
2.3.4. Participation in online marketplaces<br />
What is the advantage of participating in an online business community?<br />
Consider the data provided by Grainger's consulting unit on the<br />
advantages of electronic marketplace sales:<br />
• Cuts transaction costs by 32%;<br />
• Reduces inven<strong>to</strong>ry and production costs by 25%; and<br />
• Slashes errors and exceptions by 52%.<br />
<strong>B2B</strong>i allows companies <strong>to</strong> build digital marketplaces or participate<br />
in multiple vertical and horizontal markets.<br />
2.3.5. Streamline business operations<br />
<strong>B2B</strong>i helps companies <strong>to</strong> au<strong>to</strong>mate, reshape and improve the efficiency<br />
of their business processes via business process management. It au<strong>to</strong>mates<br />
the inter-organizational, inter-functional and inter-personal activities of<br />
these processes.<br />
2.3.6. XML-based integration<br />
<strong>B2B</strong>i over the Internet is completely credited <strong>to</strong> the use of XML, which<br />
fully leverages the open standards of the Internet.<br />
Today, companies are faced with the daunting challenge of linking<br />
inter-company data and processes for their business-<strong>to</strong>-business (<strong>B2B</strong>)<br />
e-<strong>commerce</strong> initiatives — all while integrating cus<strong>to</strong>mer and packaged<br />
applications, databases and mainframe systems within the enterprise.<br />
How are the companies addressing these challenges? The answer is by<br />
using XML-based <strong>B2B</strong> integration.<br />
2.3.7. Increased cus<strong>to</strong>mer service and retention<br />
With real-time and quality information companies get an opportunity <strong>to</strong><br />
provide much better personalized service and upgraded value-added<br />
services <strong>to</strong> valuable cus<strong>to</strong>mers. Through <strong>B2B</strong>i, there is complete transparency<br />
of business information end <strong>to</strong> end, which empowers cus<strong>to</strong>mers<br />
<strong>to</strong> make better decisions and let companies respond <strong>to</strong> cus<strong>to</strong>mers' needs
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 35<br />
swiftly, helping cus<strong>to</strong>mer retention. <strong>B2B</strong>i is the evolution of how close<br />
a company can get <strong>to</strong> its cus<strong>to</strong>mers.<br />
For example, General Mo<strong>to</strong>rs Corp. is working with Reynolds and<br />
Reynolds <strong>to</strong> deploy online software that will help the world's largest<br />
au<strong>to</strong>maker integrate its supply-chain systems with the inven<strong>to</strong>ry<br />
management systems of GM's 8,000 North American dealers.<br />
The primary goal of the $150 million-a-year alliance is <strong>to</strong> give<br />
consumers a seamless brand experience, whether they walk through<br />
the door of a dealer or click on a mouse. The software will link GM<br />
and its dealers as well as support the au<strong>to</strong>maker's current BuyPower<br />
consumer Web service. The software is designed <strong>to</strong> make it easier for<br />
all involved <strong>to</strong> share information. Consumers will be able <strong>to</strong> track the<br />
status of their vehicle orders like FedEx cus<strong>to</strong>mers track packages. GM<br />
dealers, for example, will gain access <strong>to</strong> the service his<strong>to</strong>ry of a specific<br />
cus<strong>to</strong>mer's vehicle.<br />
2.3.8. Opportunity <strong>to</strong> re-architect internal systems<br />
Companies seeking <strong>B2B</strong>i quickly face the poor architecture of many<br />
core business systems and current infrastructure, which hardly provide<br />
an adequate base for an integrated future. <strong>B2B</strong>i presents a tremendous<br />
opportunity <strong>to</strong> companies <strong>to</strong> clear up the mess within their organization.<br />
The properly designed architecture and infrastructure, which fully<br />
leverage the existing systems, will be able <strong>to</strong> conduct secure, nonrepudiated<br />
transactions in real-time, be designed <strong>to</strong> sustain competitive<br />
advantages and be flexible enough <strong>to</strong> adapt quickly <strong>to</strong> new technologies<br />
and business demands.<br />
2.4. <strong>B2B</strong>i Challenges<br />
Business process and application integration, both between and within<br />
enterprises, is a lot more complex than companies think. Companies<br />
tend <strong>to</strong> underestimate the complexity of <strong>B2B</strong>i, technically and from a<br />
business value proposition. All of the major 15-20 domains of <strong>B2B</strong>i,<br />
such as cus<strong>to</strong>mer relationship management, supply chain management,<br />
operations management and planning have multiple (4-5) sub-domains.
36 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Each of these sub-domains is supported by multiple applications. The<br />
core of the problem is that even applications supporting a sub-domain,<br />
for example catalog management within the supply chain, are not<br />
designed in such a way that they can exchange data with one another.<br />
They do not have a common data architecture, nor do they have a<br />
common messaging format. It is like a cartesian product of problems.<br />
A word of advice: do not let these challenges deter you from moving<br />
<strong>to</strong>wards an integrated enterprise. In this book, we will discuss not only<br />
the challenges but also the remedial solutions and how <strong>to</strong> work around<br />
them.<br />
Let's review in detail all the major challenges that the enterprises<br />
face in achieving the goals of <strong>B2B</strong>i.<br />
2.4.1. Internal application integration<br />
One of the biggest challenges companies face in <strong>B2B</strong>i is integrating<br />
information among existing internal business applications. According <strong>to</strong><br />
EAI Journal, an average Fortune 500 company may have 50 or more<br />
internal business applications. Very few of these applications are truly<br />
integrated with each other.<br />
A typical business process involved in <strong>B2B</strong> e-<strong>commerce</strong> is completed<br />
by multiple application systems. So, when a company buys a new<br />
application, it has <strong>to</strong> build an interface between the new software and<br />
many, if not all, of its existing applications. It is an extremely resource<br />
intensive, time consuming, expensive and a complex process <strong>to</strong> design,<br />
develop and maintain so many diverse interfaces.<br />
Thus, the first challenge that the companies face in their<br />
implementation plan of <strong>B2B</strong>i is the fact that the internal applications<br />
must be integrated. In fact, in a <strong>B2B</strong>i project, most integration dollars<br />
are spent on internal integration projects.<br />
According <strong>to</strong> Forrester Research, which conducted a survey on EAI<br />
at several companies, the following fac<strong>to</strong>rs (in order of their importance)<br />
make integration difficult (see Figure 2.5):<br />
• Internal personnel issues;<br />
• The diversity of the applications in the legacy systems that must be<br />
linked;
•<br />
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 37<br />
Have you purchased software Have you purchased software<br />
for internal integration ? for <strong>B2B</strong> integration ?<br />
No No<br />
38% Yes 76% J= S<br />
62%<br />
24%<br />
Percent of 50 companies Percent of 50 companies<br />
interviewed interviewed<br />
What was/is the biggest headache surrounding software integration?<br />
Vendor problems<br />
10%<br />
Dealing with<br />
Standards and |egacy systems<br />
industry issues 27%<br />
13%<br />
Problems with •HM'*'<br />
data formats 1^^ Internal<br />
8% personnel<br />
issues 42%<br />
Percent of 50 companies interviewed<br />
Figure 2.5. — Fac<strong>to</strong>rs that make integration difficult<br />
Standards and industry issues;<br />
A bewildering array of application integration options provided by<br />
different vendors <strong>to</strong> choose from; and<br />
Data format problems.<br />
The survey also found that out of 50 global companies, 62% purchased<br />
software <strong>to</strong>ols <strong>to</strong> hook <strong>to</strong>gether internal applications.<br />
2.4.2. Disparate internal corporate data<br />
Internal data integration is the single most expensive problem <strong>to</strong> fix.<br />
The internal application integration issue becomes pretty complex for<br />
companies that have application data scattered across several different<br />
databases. For example, a large financial services institution may offer<br />
several products — brokerage, mutual funds, insurance, credit cards and<br />
savings accounts — but each product may be managed by its own<br />
legacy accounting system. There is no easy way <strong>to</strong> link all of these<br />
accounts <strong>to</strong>gether <strong>to</strong> let a cus<strong>to</strong>mer see his or her entire portfolio of<br />
products without having <strong>to</strong> be authenticated for each account.
38 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
2.4.3. System heterogeneity<br />
<strong>B2B</strong>i poses a double pronged problem — internal systems heterogeneity<br />
and external systems heterogeneity. A global 2000 company has<br />
thousands of employees and several hundred business partners. Its IT<br />
infrastructure is comprised of multiple applications (commercial and<br />
in-house), running on several different operating systems, networks and<br />
hardware. This is a problem compounded by the fact that each partner<br />
(supplier, distribu<strong>to</strong>r and cus<strong>to</strong>mer) has a different IT infrastructure.<br />
The technologies <strong>to</strong> integrate such a heterogeneous (in terms of<br />
software, hardware, operating systems and programming environments)<br />
and distributed system are very complex and difficult <strong>to</strong> put in place.<br />
As the number of companies participating in the <strong>B2B</strong>i process grows,<br />
the complexity of the integration challenges increases exponentially.<br />
2.4.4. Data security<br />
Companies struggle <strong>to</strong> find a complete <strong>B2B</strong>i solution that would link<br />
internal systems with partners' systems quickly, bringing guaranteed<br />
delivery, secure communications and transaction traceability over the<br />
Internet.<br />
<strong>B2B</strong> transactions involve high value, sensitive corporate data and<br />
exposure of internal back-end systems. There is a lot at stake, hence the<br />
issue of security is extremely important.<br />
2.4.5. Transaction integrity<br />
Transaction integrity is defined as the degree <strong>to</strong> which a transaction<br />
flowing through a network reaches its intended destination without<br />
impairment of its function, content or meaning.<br />
To leverage maximum value from <strong>B2B</strong>i, it is critical <strong>to</strong> ensure that<br />
each business process between applications completed successfully —<br />
from the point where the transaction is initiated all the way through <strong>to</strong><br />
every application where the information is being used. If the transaction<br />
fails at any point, the whole transaction has <strong>to</strong> be aborted. Since <strong>B2B</strong><br />
applications are distributed, it is a major challenge <strong>to</strong> maintain<br />
transactional integrity.
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 39<br />
2.4.6. Internal business process management<br />
<strong>B2B</strong>i cannot be achieved through the traditional thinking of the<br />
companies, which treats any integration issue as a technical issue that<br />
can be addressed with technical solutions. This approach ignores the<br />
root cause of the integration challenge — the lack of business process<br />
integration that the technology infrastructure supports. The main objective<br />
of BPM is <strong>to</strong> make business processes effective, efficient and flexible.<br />
A global 2000 company is typically crippled with redundant business<br />
units, performing redundant processes and using redundant data structures<br />
and systems. For example, they may have up <strong>to</strong> 12-15 different billing<br />
applications that replicate a majority of the business processes and<br />
about 95% of the billing data. The billing data for each such application<br />
usually resides in a separate database and is not accessible <strong>to</strong> other<br />
applications. The root cause of these redundancies is bad design of<br />
business processes and the redundant business units that use them.<br />
<strong>Integration</strong> of all such systems requires major business process<br />
reengineering, which is obviously met with severe resistance from<br />
employees.<br />
2.4.7. Inter-enterprise business process integration<br />
<strong>B2B</strong>i requires integration of inter-enterprise business processes. To<br />
achieve this, teams of business-unit and IT professionals from the<br />
trading partners have <strong>to</strong> get <strong>to</strong>gether regularly and redesign core business<br />
processes from a business-<strong>to</strong>-business integration perspective.<br />
Business process oriented integration happens at multiple levels,<br />
across multiple organizational units and it is an extremely daunting task<br />
<strong>to</strong> coordinate it. Several complex business processes such as materials<br />
planning and forecasting are not easily integrated among the trading<br />
partners.<br />
2.4.8. Internal resistance<br />
Even if the <strong>B2B</strong>i implementation team can guarantee the integration of<br />
legacy systems, heterogeneous cross-organization applications and<br />
business processes, there is no guarantee that <strong>B2B</strong>i implementation will
40 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
be successful. For the successful implementation of <strong>B2B</strong>i, all the business<br />
departments of a company have <strong>to</strong> work hand-in-hand with the technology<br />
department. The whole company has <strong>to</strong> be mobilized and all departments<br />
(sales, marketing, distribution, purchasing) have <strong>to</strong> adopt new business<br />
models and that is hard stuff.<br />
2.4.9. Standards and industry issues<br />
The lack of industry standards for conducting business-<strong>to</strong>-business<br />
transactions over the Internet is a major deterrent <strong>to</strong> implementing <strong>B2B</strong>i<br />
for many companies.<br />
The main challenge in using XML is not with document structure<br />
and syntax, but with the semantics of the document which represents a<br />
business process. Several companies and industry groups have proposed<br />
a variety of different XML extensions and pro<strong>to</strong>cols. No one knows<br />
which standards will survive in the long run.<br />
2.4.10. Distributed control<br />
<strong>B2B</strong>i involves interaction and congruence among multiple IT groups,<br />
multiple business user communities and multiple groups of decisionmakers.<br />
Each group has an independent set of goals and requirements.<br />
Anything that involves high levels of agreement or the intertwining of<br />
systems and people is difficult <strong>to</strong> achieve and even more difficult <strong>to</strong><br />
maintain. With the increase in the number of partners that a company<br />
wants <strong>to</strong> integrate with, the problems associated with distributed control<br />
take precedence over all other problems.<br />
2.4.11. Performance and scalability<br />
<strong>B2B</strong>i requires real-time aggregation or distribution of information across<br />
dozens or hundreds of companies. Such a type of distributed architecture,<br />
if not properly designed, can significantly hurt the performance of<br />
applications. Delays of only a few seconds in <strong>B2B</strong> transactions can<br />
result in significant losses <strong>to</strong> trading partners. This can potentially<br />
result in disappointed cus<strong>to</strong>mers and damaged working relationships.
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 41<br />
2.4.12. Expensive<br />
<strong>B2B</strong>i implementation is an expensive process. The most basic <strong>B2B</strong>i<br />
solution, <strong>to</strong>gether with the expense of cus<strong>to</strong>mization, can cost upwards<br />
of $1.5 million. A substantial amount of money is also spent in EAI<br />
activities such as data cleansing, legacy-system and internal business<br />
process integration, which are prerequisites <strong>to</strong> <strong>B2B</strong>i.<br />
Forrester Research puts developmental costs at $1.5 million for a<br />
basic <strong>B2B</strong> site <strong>to</strong> more than $15 million for the most sophisticated<br />
sites, another $700,000 a year <strong>to</strong> keep up a basic site and up <strong>to</strong> $4<br />
million a year <strong>to</strong> run a high-end site.<br />
2.4.13. 24/7 availability of the system<br />
24/7 availability of real-time data in <strong>B2B</strong> applications, which is one of<br />
the key advantages of <strong>B2B</strong>i, is also one of its biggest challenges. In<br />
most companies, the data is exchanged and loaded through nightly<br />
batch processes. However, the logical expectation with <strong>B2B</strong>i is that the<br />
data is always available and can be accessed over the Internet. Companies<br />
can work around a data availability problem through data replication,<br />
but it is an expensive process. They have <strong>to</strong> make the business decision<br />
as <strong>to</strong> whether it is worth the expense of replicating data on a real-time<br />
basis, an hourly basis or through nightly batch cycles.<br />
2.5. <strong>B2B</strong>i-Enabled Applications<br />
The array of potential <strong>B2B</strong>i-enabled applications is vast and varies from<br />
industry <strong>to</strong> industry. In this book, we will be thoroughly discussing two<br />
critical <strong>B2B</strong>i-enabled applications: supply chain management and <strong>B2B</strong><br />
exchanges and collaborative networks, which are common <strong>to</strong> most<br />
industries.<br />
2.5.1. Supply Chain Management (SCM)<br />
Supply chain au<strong>to</strong>mation, which builds dynamic communities connecting<br />
the enterprise with cus<strong>to</strong>mers and suppliers, is one of the best <strong>B2B</strong>ienabled<br />
applications. <strong>B2B</strong>i uses Web-enabled technologies <strong>to</strong> join the
42 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Browse Products and<br />
Place Order y<br />
Check Credit<br />
His<strong>to</strong>ry<br />
Buyer E-procurement<br />
Response<br />
Check Order S,te Purchase<br />
Status<br />
Order<br />
Statement<br />
of Bill<br />
Deliver Products<br />
linn rn<br />
Bank<br />
Bill of Shipment<br />
Supplier<br />
Ship<br />
Products<br />
Figure 2.6. — E-procurement in an integrated supply chain<br />
Shipper<br />
different 'links' in the supply chain — such as manufacturers, material<br />
vendors and retailers (see Figure 2.6). This transforms the traditional<br />
supply chain in<strong>to</strong> a supply community. Such a supply chain community,<br />
integrated with collaborative technologies, results in a shared value<br />
chain that delivers reduced operational costs, lower inven<strong>to</strong>ries, increased<br />
efficiency and greater cus<strong>to</strong>mer satisfaction.<br />
2.5.2. E-marketplaces and collaborative networks<br />
<strong>B2B</strong> e-<strong>commerce</strong> can be transacted either directly between business<br />
partners or through an intermediary known as an exchange or an<br />
e-marketplace (see Figure 2.7). E-marketplaces allow all businesses<br />
including suppliers, buyers, financial institutions and shippers, irrespective<br />
of size and location, <strong>to</strong> collaborate in a real-time basis over the Internet.<br />
By participating in <strong>B2B</strong> e-marketplaces, the companies have the ability<br />
<strong>to</strong> negotiate better pricing, reduce transaction costs and reach a broader<br />
range of cus<strong>to</strong>mers or suppliers.
Components, Benefits, Challenges and Applications of <strong>B2B</strong> <strong>Integration</strong> 43<br />
Sel lers<br />
Sellers<br />
Distribu<strong>to</strong>rs<br />
Suppliers<br />
Manufacturers<br />
A Typical E-marketplace Buyers<br />
i M Collaboration **• ' Buyers<br />
l 1 Trading Events ~ ^ |<br />
*t SpotPurERisi—1 [» Resellers<br />
1 J Shared Wbrfflow/<br />
O. T Process Matching<br />
This page is intentionally left blank
Part II<br />
Established <strong>Integration</strong><br />
Components<br />
45
This page is intentionally left blank
Chapter 3<br />
<strong>Integration</strong> Patterns<br />
The focus of this chapter<br />
To achieve <strong>B2B</strong> integration, a company will have <strong>to</strong> adopt one or more<br />
of the following integration patterns: data oriented integration, portal<br />
oriented integration, application oriented integration and business process<br />
oriented integration. Irrespective of the integration pattern or a<br />
combination of multiple patterns that a company uses for <strong>B2B</strong>i, the<br />
final goal is <strong>to</strong> achieve real-time, secured access <strong>to</strong> internal corporate<br />
and external (suppliers, partners and cus<strong>to</strong>mers) data, which allows<br />
dynamic collaboration. The integration strategy should be in line with a<br />
company's business and technology environments and short-term and<br />
long-term business goals.<br />
In this chapter, you will learn about the different patterns of <strong>B2B</strong><br />
integration: data oriented integration, portal oriented integration,<br />
application oriented integration and business process oriented integration.<br />
We will also discuss how a company can choose its integration strategy<br />
based on the type of agreement with the trading partners, existing<br />
infrastructure and level of synchronization desired.<br />
47
48 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
3.1. Types of <strong>Integration</strong><br />
We discussed various benefits, challenges and components of <strong>B2B</strong>i in<br />
the last chapter. But how does the actual integration occur? What are<br />
the different integration patterns and methodologies used by companies<br />
in the real world? What are the pros and cons of each pattern?<br />
These are just a few questions that we will try <strong>to</strong> find answers for in<br />
this chapter on the different types of <strong>B2B</strong>i.<br />
There are four fundamental types of <strong>B2B</strong>i methodologies or patterns<br />
(see Figure 3.1)<br />
1. Data Oriented <strong>Integration</strong> — This pattern integrates cross-organization<br />
data through batch processes, replication, data warehouses, data marts<br />
and data federations.<br />
2. Portal Oriented <strong>Integration</strong> — This pattern presents a consistent Web<br />
interface or presentation layer for all the major applications and<br />
business processes <strong>to</strong> the user in a personalized, secured way.<br />
.J w<br />
Portal Oriented <strong>Integration</strong><br />
^4_<br />
/<br />
• s *<br />
Application Oriented <strong>Integration</strong><br />
M<br />
I ""I<br />
Data Oriented <strong>Integration</strong><br />
dpi<br />
Business Process Oriented <strong>Integration</strong><br />
Figure 3.1. — <strong>B2B</strong> integration patterns
<strong>Integration</strong> Patterns 49<br />
3. Application Oriented <strong>Integration</strong> — This pattern integrates distributed<br />
applications by invoking each other's exposed interfaces via standard<br />
mechanisms, such as Application Programming Interfaces (APIs) and<br />
Remote Procedure Calls (RPCs).<br />
4. Business Process Oriented <strong>Integration</strong> or Event-driven <strong>Integration</strong> —<br />
This pattern integrates business processes spread across multiple<br />
organizations.<br />
Let us probe deeper in<strong>to</strong> each of these integration patterns.<br />
3.2. Data Oriented <strong>B2B</strong> <strong>Integration</strong><br />
Enterprise data and information are typically distributed among multiple<br />
database management systems and legacy systems. The corporate data<br />
can reside in databases (relational or object oriented), data warehouses,<br />
data marts and legacy flat files, e-mails, spreadsheets and other sources.<br />
A Fortune 500 company frequently has more than 50 different sources<br />
of data and, usually deploys between 5-7 different database technologies.<br />
The semantics of all these data sources is heterogeneous, i.e., their data<br />
modeling and schemas are different. The data sources exist independently<br />
and their data schema can change at any time. They run on different<br />
platforms and provide proprietary application programming interfaces<br />
(APIs) and SQL dialect <strong>to</strong> interface with them. Applications access data<br />
from this wide variety of data sources by using non-standard interfaces.<br />
Data oriented integration attempts <strong>to</strong> eliminate the use of these<br />
proprietary interfaces <strong>to</strong> access data. It gives the power <strong>to</strong> access data<br />
from disparate internal data sources over the Intranet and external data<br />
sources belonging <strong>to</strong> suppliers and business partners over the Internet,<br />
using a single standard interface.<br />
Data oriented integration is the real-time integration (zero latency)<br />
of diverse internal data from legacy systems, ERP system, CRM system,<br />
SCM system and other applications with the external data from vendors,<br />
suppliers and partners. With data oriented integration, the companies<br />
can easily publish and share their corporate data on the Internet with<br />
trading partners, regardless of their database system, operating system,<br />
or networking platform. Such integration supports unified views of
50 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
information <strong>to</strong> all the trading partners and updates synchronously or<br />
asynchronously across systems.<br />
Enterprises can achieve data oriented integration through:<br />
• Data replication solution;<br />
• Extract, transform and load (ETL) solution using a transformation<br />
server; and<br />
• Multi-database server.<br />
3.2.1. Data replication<br />
Data replication is defined as the process of copying and maintaining<br />
database objects, such as tables, in multiple data sources that <strong>to</strong>gether<br />
constitute a distributed database system. Replication means maintaining<br />
multiple copies of the same data in different physical data sources and<br />
synchronizing these copies on a schedule-driven or an event-driven<br />
model. Replication is ideally suited <strong>to</strong> synchronizing data between<br />
systems in different locations so that the data source at each location<br />
has a consistent view of the data without the necessity of accessing<br />
it remotely.<br />
Replication is essentially based on distributed database system<br />
technology <strong>to</strong> share data among multiple sites. However, there is a<br />
conspicuous difference between the two: in a distributed system, the<br />
physical existence of any table is only at the data source, whereas in a<br />
replicated database the same table exists physically in all multiple data<br />
sources. Thus, in a replicated database solution, applications can access<br />
all the data locally, which is not the case in a standard distributed<br />
database system.<br />
Replication solution uses a replication server (see Figure 3.2) which<br />
should be able <strong>to</strong> handle both bulk and real-time data transfer for<br />
symmetric and asymmetric database schemas involving multiple data<br />
sources running on different platforms. It should have a robust fault<br />
<strong>to</strong>lerant architecture such as s<strong>to</strong>re and forward. In s<strong>to</strong>re and forward<br />
architecture, like the one used by the Sybase replication server, if a data<br />
movement request fails, data is queued at a source or intermediate<br />
location and is delivered later when the system is res<strong>to</strong>red. The result is
Propagate<br />
Change Propagate and<br />
-•-—— -*J*? 3 Data i^n Route<br />
Application A '"^^^^j, flM|» Cha "9 e ^ ^ Message<br />
-^n HBVHKK ». U^H 1 Network<br />
Application B<br />
<strong>Integration</strong> Patterns 51<br />
Replication Replication<br />
Server A Seiver B<br />
Figure 3.2. — Example of data replication<br />
Deliver Data 1 1 Deliver Data<br />
Change! I Change<br />
Database B Database C<br />
that users can be guaranteed that the data in their data source is<br />
consistent and accurate.<br />
All the leading database vendors such as IBM, Oracle, Sybase,<br />
Microsoft, Informix, Unisys and Ardent software provide replication<br />
servers.<br />
Architectures of data replication solution<br />
The core architectures of data replication solution include:<br />
• Primary site data replication;<br />
• Bi-directional data replication; and<br />
• Multi-site data replication.<br />
Primary site data replication<br />
In this architecture, there is a single, primary data source, known as the<br />
primary or master site, which maintains the master data. The data is<br />
replicated from this source <strong>to</strong> the other data sources (see Figure 3.3).<br />
All the data replicas only provide read-only access <strong>to</strong> the data. All the
52 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Large<br />
Company<br />
fef<br />
§£ jfc:<br />
S"~w g^ -c<br />
,l *r ^H> «ii-<br />
Company A Company B Company C<br />
Figure 3.3. — Primary site data replication<br />
applications in the system have <strong>to</strong> access data from the master site in<br />
order <strong>to</strong> do any update operations. Replication captures and s<strong>to</strong>res<br />
changes made <strong>to</strong> the data at the primary site before forwarding and<br />
applying them <strong>to</strong> each data source.<br />
Bi-directional data replication<br />
In bi-directional data replication architecture, data replication processes<br />
run on two or more data sources with each replicating data <strong>to</strong> one<br />
another (see Figure 3.4). One of these data sources may even be a<br />
primary site. In this model, the data that is being replicated from one<br />
site <strong>to</strong> another can be the same (all sites maintain master copy of the<br />
same data) or different (all sites maintain master copy of different data<br />
segments). Sites that contain a subset of the data are also known as<br />
snapshot sites.
Master Site<br />
St<br />
/ Company A\<br />
Snapshot Site Snapshot Site<br />
<strong>Integration</strong> Patterns 53<br />
Subset 81 * ' Subset<br />
of Data Sal of Data<br />
Company B Company C<br />
Multi-site data replication<br />
Figure 3.4. — Bi-directional data replication<br />
Multi-site data replication architecture involves two or more data sources,<br />
with each data source replicating the exact same data <strong>to</strong> one another<br />
(see Figure 3.5). This is a special type of bi-directional data replication,<br />
which involves dealing with the same data. This architecture takes the<br />
maximum resources and involves the highest risk of data corruption<br />
among all the data replication architectures.<br />
Benefits of data replication<br />
Replication allows for maintaining the same copy of data in multiple<br />
physical servers, thereby providing multiple data access points. Thus, if<br />
the local server is unavailable, users can always point <strong>to</strong> the remote<br />
server and continue with their work.<br />
Furthermore, replication is very useful in the <strong>B2B</strong> scenario, as<br />
applications of each company can point <strong>to</strong> their own internal database,<br />
rather than connecting <strong>to</strong> remote databases and accessing the data over<br />
the Internet. This will make the applications fast and minimize the<br />
network traffic. However, the timeliness of the data is an issue, as the
54 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Master Sits<br />
Company B Company C<br />
Figure 3.5. — Multi-site data replication<br />
replication for <strong>B2B</strong> data sources is usually done on a schedule basis<br />
and not on an event basis.<br />
3.2.2. Extract, Transform and Load (ETL) solution<br />
An ETL data integration solution performs the task of extracting,<br />
transforming, cleaning, routing and loading the data from different<br />
types of data sources, such as applications, enterprise wide databases,<br />
data warehouses and data marts, in<strong>to</strong> the target data source (see<br />
Figure 3.6). It is a single solution of data movement and translation that<br />
encompasses all the individual solutions implemented in a company in<br />
the form of data warehouses, data federations and other data integration<br />
applications. Whether the data resides in DB2, Oracle, Sybase, MS-<br />
SQL Server, IMS, VSAM, Informix or any other relational or nonrelational<br />
data source, the solution integrates it seamlessly, thereby<br />
enabling companies <strong>to</strong> achieve <strong>B2B</strong>i. An ETL-based solution allows<br />
organizations <strong>to</strong> filter and publish corporate data securely over intranets,<br />
extranets or the Internet so that authorized business partners with Web
I Packaged<br />
implications<br />
1 (CRM ERR<br />
| SCM) — j<br />
Systems '•"••i Extract m+ Transform »•* Cleanse •"•i Load<br />
Other<br />
Internal<br />
Applications<br />
(C++, Java,.<br />
Transient Data<br />
Source<br />
<strong>Integration</strong> Patterns 55<br />
Figure 3.6. — ETL-based data oriented integration solution<br />
Data W a reho use<br />
access can subscribe <strong>to</strong> the data. Put simply, this solution is a whole<br />
new class of data access middleware.<br />
A number of vendors provide ETL solutions, including Data Mirror<br />
(iDeliver), Acta's ActaWorks, Ascential's DataStage and Informatica's<br />
PowerCenter.<br />
Components of ETL solution<br />
An ETL data integration solution is built on open database architecture<br />
for easy connectivity <strong>to</strong> all corporate internal and external data. It is<br />
usually composed of several <strong>to</strong>ols, including a transformation or ETL<br />
engine, a scheduler, a designer <strong>to</strong>ol AND a reposi<strong>to</strong>ry that <strong>to</strong>gether<br />
provide end-<strong>to</strong>-end data integration.<br />
An ETL solution may be used in conjunction with data replication<br />
servers <strong>to</strong> provide a full-fledged data oriented solution within a company.<br />
ETL engine<br />
The ETL engine is used for extracting, converting and transforming<br />
data from a data source and loading it in<strong>to</strong> the target source. It has the<br />
ability <strong>to</strong> handle data feeds concurrently from multiple points. The<br />
engine uses data cleansing <strong>to</strong>ols <strong>to</strong> identify and correct inconsistent,
56 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
redundant and poor data. It uses a staging system or a transient data hub<br />
<strong>to</strong> extract, transform, cleanse and integrate data.<br />
The amount of data <strong>to</strong> be integrated internally and externally in <strong>B2B</strong><br />
applications can be huge. Thus, the ETL engine should be capable of<br />
providing high scalability and high data throughput for the movement<br />
of data from the origin <strong>to</strong> the destination by supporting functionalities<br />
such as in-memory data transformations, in-memory caching, query<br />
optimization and multithreading.<br />
The ETL engine can function in the following ways:<br />
• If the data sources <strong>to</strong> be integrated are completely heterogeneous,<br />
making local transformation impossible, the ETL engine extracts data<br />
from the origin data source, transforms and routes and loads data <strong>to</strong><br />
the target data source (see Figure 3.7). In this environment,<br />
sophisticated ETL functionalities of pulling data from multiple<br />
operating environments, applying transformation rules and then loading<br />
data in<strong>to</strong> target applications are required.<br />
• The load on the engine and the unnecessary use of network bandwidth<br />
would be a lot less if aggregations, consolidations and other<br />
transformations of data occur right at the data source level. In this<br />
approach, the data is partially transformed right at the data source,<br />
extracted and further transformed by the engine before routing it <strong>to</strong><br />
the target data source where further transformation may take place<br />
(see Figure 3.8).<br />
• In this approach, the complete transformation occurs at the source<br />
and/or target data source (see Figure 3.9). There is no extraction and<br />
Extract Load<br />
Data Transform Data<br />
Data<br />
Source Target<br />
Database Database<br />
ETL<br />
Engine<br />
Figure 3.7. — Data transformation performed by the ETL engine
Transform<br />
lata<br />
Source<br />
Database<br />
Figure 3.8.<br />
sources<br />
Extract<br />
Data Transform<br />
Data<br />
ETL<br />
Engine<br />
<strong>Integration</strong> Patterns 57<br />
Transform<br />
Load ! Data<br />
Data<br />
Target<br />
Database<br />
Data transformation performed by the ETL engine and data<br />
Transform<br />
Data<br />
ETL<br />
Engine<br />
Tan s<strong>to</strong>rm<br />
Data<br />
T£- am Source<br />
aill<br />
Cbmm<br />
Database<br />
lands^^^ Datz<br />
"^ Extract<br />
Load<br />
Tiansform<br />
Data<br />
Target<br />
Database<br />
Figure 3.9. — Data transformation performed by data sources
58 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
transition of data through the engine, making this process the fastest<br />
of all the three approaches. Here, the ETL engine simply brokers the<br />
Structured Query Language (SQL) instructions between the source<br />
and the target.<br />
Designer <strong>to</strong>ol<br />
The designer <strong>to</strong>ol provides a graphical user interface <strong>to</strong> specify data<br />
mappings, transformations, process rules and flow movement processes.<br />
The data is transformed, based on the transformation rules defined by<br />
the user. The process rules define the dependencies <strong>to</strong> control the flow<br />
of data. For instance, if the values in one of the target tables (let's say<br />
A) is dependent on the values of the other target table (let's say B), A<br />
cannot be loaded until B has finished loading. The transfer of the data<br />
can be in real-time or batch mode, as defined by users.<br />
Metadata reposi<strong>to</strong>ry<br />
Metadata is information about data such as length, description and the<br />
data source it belongs <strong>to</strong>. For instance, metadata for a data element<br />
"cus<strong>to</strong>mer_id" will be its length (8 characters), location (CRM database)<br />
and its description (id for each cus<strong>to</strong>mer in the CRM database).<br />
A metadata reposi<strong>to</strong>ry s<strong>to</strong>res and manages metadata about data along<br />
with the transformation rules.<br />
Scheduler<br />
The scheduler is used in an ETL solution for programming, deploying<br />
and controlling processes that can be scheduled <strong>to</strong> execute on an event<br />
or calendar basis.<br />
Benefits of ETL solution<br />
ETL solution is best suited for creation and maintenance of data<br />
warehouses and data marts. ETL data integration software works in<br />
conjunction with products from enterprise application integration vendors<br />
and process integra<strong>to</strong>rs, not in lieu of them. For instance, a data
<strong>Integration</strong> Patterns 59<br />
warehouse built using an ETL solution can work with a message broker<br />
<strong>to</strong> provide integration with multiple applications.<br />
3.2.3. Data warehouses and data marts<br />
Data warehouse<br />
A data warehouse is defined as a data source that consolidates operational<br />
data from multiple sources and uses consistent physical attributes,<br />
naming conventions and semantics. The data is extracted from multiple<br />
data sources, including legacy systems in different formats, transformed,<br />
cleansed and then finally loaded in<strong>to</strong> data warehouse, using an ETLbased<br />
solution. Thus, a data warehouse presents a single, consolidated<br />
view of cleansed data. Since it actually holds the data physically, unlike<br />
a virtual data warehouse, the performance and speed of database<br />
operations are much faster. The applications only require information<br />
about a single SQL dialect or database API with which they can<br />
interface with the data warehouse.<br />
Data warehouses should be application neutral, i.e., they should not<br />
be based on application or process oriented modeling methods. They<br />
should have the breadth <strong>to</strong> include all the data elements in internal and<br />
external data sources, which makes them more flexible and usable by<br />
multiple applications.<br />
In the majority of cases, data provided by data warehouses <strong>to</strong><br />
applications is not real-time and is only refreshed and synchronized on<br />
a monthly, weekly, daily, hourly or even on a minute-<strong>to</strong>-minute basis,<br />
depending on the operational requirements.<br />
Data warehouses pose implementation challenges if the data in them<br />
is updateable, with the requirement that the changes have <strong>to</strong> be<br />
propagated back <strong>to</strong> the effected data sources. In such scenarios, a<br />
combination of data warehouses and integration brokers (message<br />
brokers) may work very well (see Figure 3.10).<br />
Data marts<br />
A data mart is defined as a data source, which contains only a subset of<br />
the contents of a data warehouse. It contains summary or detail level
60 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
SCM System<br />
CRM System<br />
Legacy<br />
System<br />
I<br />
Enterprise Data<br />
Warehouse<br />
ERP System<br />
Internal<br />
Applications<br />
Figure 3.10. — Data oriented integration and message broker<br />
data that is focused on a specific business unit or a line of business.<br />
Since data marts contain limited but focused data, they offer much<br />
faster query processing as compared <strong>to</strong> data warehouses.<br />
A data mart can be populated directly from operational data sources<br />
using an ETL-based data integration solution as used for data warehouses,<br />
or it can get its data from a data warehouse. Figures 3.11, 3.12 and 3.13<br />
show the different <strong>to</strong>pologies of data marts and data warehouses.<br />
Coexistence of data warehouses and data marts<br />
Several companies implement a combination of data marts and data<br />
warehouses <strong>to</strong> solve their integration needs (see Figure 3.14). It is not a<br />
bad solution <strong>to</strong> take the load of warehouses by using data marts as<br />
reposi<strong>to</strong>ries of specialized data, but a company should not build excess<br />
data marts, as it would require maintaining and building additional data<br />
sources leading <strong>to</strong> higher costs. Thus, the direct usage of data marts<br />
should be limited and the users should access data directly from<br />
warehouses whenever possible.<br />
3.2.4. Multi-database server<br />
A multi-database server, also known as universal data access server,<br />
provides an abstraction layer <strong>to</strong> access multiple databases and legacy
Operational Data Source*<br />
. J<br />
Users<br />
<strong>Integration</strong> Patterns 61<br />
Legacy<br />
System<br />
Figure 3.11. — Data marts get data from operational data sources and users<br />
retrieve data from data marts<br />
Data Mart<br />
Data<br />
Warehouse<br />
Data Mart<br />
Figure 3.12. — Data marts get data from data warehouse and users retrieve<br />
data from data marts and data warehouse
62 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Users<br />
Data Mart Data Mart<br />
Data Mart<br />
Data Mart<br />
Users<br />
Figure 3.13. — Data marts get data from data warehouse and users retrieve<br />
data from data marts<br />
Operational Transient Data Data<br />
Data Sources Data Hub Warehouse Marts<br />
Legacy System<br />
Operational<br />
Database<br />
Operational<br />
Database<br />
-I<br />
Users<br />
Purchasing , 'Data Mining<br />
Sales<br />
Data<br />
Reporting<br />
Data Analysis<br />
Figure 3.14. — Coexistence of data warehouses and data marts
<strong>Integration</strong> Patterns 63<br />
systems — all of which may run on different platforms and hardware, be<br />
supplied from different vendors, have different data schemas and support<br />
their own dialect of structured query language (SQL). Multi-database<br />
servers provide a single, consolidated view of the data from multiple<br />
sources without physically moving the data from one source <strong>to</strong> another,<br />
thereby eliminating the need <strong>to</strong> construct a separate database of redundant<br />
data. An application which interfaces with a multi-database server does<br />
not have <strong>to</strong> know anything about the underlying data sources, as the<br />
multi-database server provides mapping, type conversion and multi-data<br />
source joins and unions. The server provides full transaction integrity<br />
by using two-phase commit pro<strong>to</strong>col for write operations which spread<br />
across multiple data sources. The server also acts as a s<strong>to</strong>rehouse of<br />
views for read-only operations, which may also span across multiple<br />
data sources.<br />
Multi-database servers are one of the emerging solutions for data<br />
oriented integration. Apart from integrating internal data sources, they<br />
can transparently access data from business partners' data sources over<br />
a network, if they are connected <strong>to</strong> Web gateways, all through the use<br />
of only a single interface and a single SQL dialect. These servers can<br />
work <strong>to</strong>gether with replication <strong>to</strong>ols, or may even support replication<br />
functionality implicitly.<br />
For instance, there can be any number of applications connected <strong>to</strong><br />
the multi-database server using either ODBC or JDBC APIs. The<br />
individual applications do not have <strong>to</strong> know about native API or SQL<br />
dialect of each data source. The server interfaces with all the data<br />
sources and invokes operations on them based on the requests received<br />
from the applications.<br />
Several companies, such as Oracle (Transparent Gateway), Sybase<br />
(OmniConnect), DB2 (DataJoiner), Attunity (Connect), provide such a<br />
solution. The support for various data sources differs from product <strong>to</strong><br />
product.<br />
Oracle's Transparent Gateway (see Figure 3.15) provides the flexibility<br />
<strong>to</strong> access transparently more than 40 non-Oracle systems, including<br />
Microsoft SQL Server, IBM DB2 and Sybase.<br />
IBM's product DB2 DataJoiner (see Figure 3.16) supports various<br />
data sources, including all members of the IBM DB2 family, Microsoft<br />
SQL Server, Oracle, Oracle RDB, Sybase, Sybase Anywhere, Informix
64 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
ODBC<br />
Application<br />
Windows<br />
IMS<br />
\JSAM<br />
via Classic<br />
Connect<br />
Other<br />
Java<br />
Application<br />
C++<br />
Application<br />
Oracle Database Server<br />
Heterogeneous Sere ices<br />
I<br />
Oracle Transparent Gateway<br />
1<br />
N on- Oracle<br />
system<br />
Figure 3.15. — Oracle transparent gateway<br />
AroZnfo,<br />
AroView, etc<br />
Gateway<br />
VB<br />
Application<br />
OS/2 MX Othres Macin<strong>to</strong>sh j Solaris HP-LXX<br />
I<br />
DB2 i>aiaJoin«r<br />
DB2 Universal Database<br />
Enterprise &<br />
Ents ip lise-Exten d ed<br />
Erfittmsfor AK<br />
DB2 Edition 1^3<br />
Grade<br />
Oracle Rdb<br />
Informix<br />
DB2 Universal Databases for A3X<br />
DB2 Universal Databases for HfHJX<br />
DB2 Universal Databasesfot Solans<br />
DB2forATX<br />
DB2forW>-UX<br />
M»- DB2for Solaris<br />
DB2forSinx<br />
DB2 Universal Databases Enterpiise &<br />
Enterprise-Extended Editions for Windows NT<br />
DB2Universal Database for Windows NT<br />
DB2 Universal Database for 06/2<br />
DB2for Windows NT<br />
DB2 for AS/400<br />
DB2fot OS/2<br />
DB2forSCO<br />
Merosoft SQL Seivei<br />
Sybase SQJ-Anywheie<br />
Sybase<br />
DB2 foi<br />
YSE&VM<br />
Figure 3.16. — IBM DB2 DataJoiner<br />
DB2 Universal Database<br />
for OS/90<br />
DB2 for MVS
<strong>Integration</strong> Patterns 65<br />
Online and several others (including non-relational DBMSs). Further,<br />
since DB2 DataJoiner is an extension of the DB2 base product, it is<br />
capable of s<strong>to</strong>ring and managing its own local data objects, such as<br />
tables, views and indexes. The optimizer provided with DataJoiner<br />
considers the disparate and physically distributed nature of its<br />
environment, so that an efficient data access strategy can be selected for<br />
each query.<br />
DB2 DataJoiner V2.1.1 provides transparent Data Definition Language<br />
(DDL) support, which gives greater flexibility in managing a<br />
heterogeneous environment.<br />
The real fact<br />
We have <strong>to</strong> know the real fact, as bitter as it may be. Though the multidatabase<br />
server concept looks good on paper, it is still not popular for<br />
<strong>B2B</strong>i because it lacks performance and integrity. It is based on the<br />
concept of distributed database operations (such as select, update, insert)<br />
and run-time conversion of SQL <strong>to</strong> native database calls, which is<br />
potentially slow and completely dependent on the availability of the<br />
network that connects the server <strong>to</strong> every single data source. Furthermore,<br />
it does not take away the complexity involved in identification and<br />
transformation of the source data and data mapping from one source <strong>to</strong><br />
another, as required by an actual physical data warehouse.<br />
Since this solution neither captures the data nor s<strong>to</strong>res it physically,<br />
it requires extraction and transformation from multiple data sources for<br />
every query that it runs. This is both slow and expensive as it uses a lot<br />
of network bandwidth.<br />
In its current state, this architecture is only good for small integration<br />
projects which involve the integration of simple data sources containing<br />
high quality data. According <strong>to</strong> the Gartner Group, by 2005 multidatabase<br />
architecture will remain an opportunistic approach for integrating<br />
only two <strong>to</strong> three relational data sources <strong>to</strong> meet simple business<br />
intelligence requirements.<br />
3.2.5. XML and databases<br />
Extensible markup language (XML) can be of tremendous use in data<br />
oriented integration. The capabilities and functionalities of databases
66 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
and XML compliment each other. Databases offer a very efficient<br />
means of s<strong>to</strong>ring data, while XML offers very efficient means for<br />
exchanging data <strong>to</strong> enable interoperability among heterogeneous<br />
applications and data sources.<br />
If all the companies participating in <strong>B2B</strong>i can share common XML<br />
schemas, the data sources within each company can expose and exchange<br />
data in XML format. The data flow in this scenario would involve the<br />
movement of data from the origin <strong>to</strong> the destination in the form of<br />
XML messages.<br />
XML documents can be s<strong>to</strong>red and retrieved from databases as<br />
images, XML native data type or regular data types after parsing the<br />
document using regular SQL commands such as SELECT, INSERT,<br />
UPDATE. A parsed XML document can be s<strong>to</strong>red in a relational<br />
database management system as multiple tables and rows as relations.<br />
Databases also provide a reposi<strong>to</strong>ry for s<strong>to</strong>ring XML document type<br />
definitions (DTDs).<br />
Several leading relational databases such as Sybase, DB2, Oracle,<br />
MS-SQL Server already provide direct support for data transfer in<br />
XML format, i.e., there is no need of intermediary application <strong>to</strong> pull<br />
the data from the data source and then format it in XML.<br />
For instance, IBM's DB2 XML Extender provides an end-<strong>to</strong>-end<br />
solution for s<strong>to</strong>ring and retrieving XML documents. Similarly, Sybase's<br />
Adaptive Enterprise Server (Version 12.5) fully supports XML and<br />
provides a built-in search engine for XML documents.<br />
XML layer over data oriented integration<br />
Even if the existing data sources in a company do not support direct<br />
s<strong>to</strong>rage and retrieval of XML documents, it can still leverage the<br />
benefits of using XML for integrating cross-organization applications<br />
by using an XML layer on <strong>to</strong>p of data oriented integration. With data<br />
oriented integration, a company can build data warehouses and data<br />
marts for internal data sources. With an XML layer that includes an<br />
XML reposi<strong>to</strong>ry for s<strong>to</strong>ring XML schemas, data can be transformed and<br />
then exchanged with all other trading partners, providing seamless <strong>B2B</strong>i<br />
(see Figure 3.17).
WebSite<br />
(Intra netj ^<br />
XML<br />
Schema Database<br />
ETL<br />
Transformation<br />
Process<br />
Operational Systems<br />
•Jl<br />
XML<br />
~* Transformation<br />
Process<br />
Data<br />
Warehouse<br />
-I<br />
Data<br />
Ma it<br />
<strong>Integration</strong> Patterns 67<br />
Figure 3.17. — XML transformation over data oriented integration<br />
3.2.6. Data oriented integration and <strong>B2B</strong>i<br />
Data oriented integration can either be real-time (such as synchronous<br />
replication, s<strong>to</strong>red procedures, virtual data warehouses) or non-real-time<br />
(such as asynchronous replication, batch transfer, scheduled extraction<br />
and transformation). The level of integration, transformation and<br />
timeliness of data are decided by the data oriented integration solution<br />
implemented by a company with its partners. A Fortune 500 company,<br />
typically, uses a combination of all the above solutions <strong>to</strong> achieve its<br />
integration goals.<br />
One of the most challenging tasks of data oriented integration is<br />
synchronizing the semantic discrepancies that exist in different data<br />
sources. Each data source may be supporting one or more business unit<br />
of the company. The data elements in these data sources may have the<br />
same names and formats, but have different meaning and association,<br />
based on the business unit they support.
68 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
In order <strong>to</strong> have long-term benefits of data oriented integration, a<br />
company needs <strong>to</strong> set a single standard for defining data elements<br />
across all data sources.<br />
3.3. Portal Oriented <strong>Integration</strong><br />
Portals provide a Web front-end or presentation layer for supporting key<br />
business functions involving online transactions such as sales, marketing,<br />
cus<strong>to</strong>mer service and enterprise-wide communication and sharing<br />
information with the cus<strong>to</strong>mers, trading partners and internal employees<br />
of a company. According <strong>to</strong> the definition provided by IBM, portals<br />
provide a secure, single point of interaction with diverse information,<br />
business processes and people, personalized <strong>to</strong> a user's needs and<br />
responsibilities. Portal users have a Web browser <strong>to</strong> access and interact<br />
with Web applications hosted by the company. Accessed content and<br />
data in the portal may reside virtually anywhere: on the intranet, the<br />
Web, relational databases and data warehouses, file systems, enterprise<br />
resource planning systems (e.g., MySAP) or other enterprise applications.<br />
A typical example of use of Web portals in a <strong>B2B</strong> scenario is a<br />
buyer logging on <strong>to</strong> their account maintained on a supplier's portal and<br />
checking on product availability, pricing and placing an order. After<br />
placing an order, the buyer can check on the status of order fulfillment<br />
and shipment through the portal. If the buyer uses the supplier's portal<br />
often, the portal will recognize the buyer and offer personalized services<br />
based on the buying pattern and preferences of the buyer.<br />
Today, Web portals are an important component of any company's<br />
<strong>B2B</strong>i strategy. They provide a very quick and efficient way <strong>to</strong> establish<br />
and maintain a business relationship and <strong>to</strong> add value <strong>to</strong> all interactions<br />
conducted through it by providing personalized services. Portals enable<br />
collaboration among the trading partners by including <strong>to</strong>ols which help<br />
large, distributed and cross-organization teams <strong>to</strong> work <strong>to</strong>gether and<br />
communicate across distance, time zones and company borders. Through<br />
portals, suppliers, buyers, manufacturers and distribu<strong>to</strong>rs can streamline<br />
their supply chains and other shared business processes. Furthermore,<br />
portals provide anytime (24/7/365), anywhere access <strong>to</strong> information<br />
over the Web and a scalable infrastructure for handling large volume
<strong>Integration</strong> Patterns 69<br />
interactions and transactions. Finally, they provide very effective search<br />
and navigation facilities by categorizing reposi<strong>to</strong>ries of content and<br />
searching them for relevant information.<br />
3.3.1. Types of portals<br />
Portals are grouped in<strong>to</strong> two categories, horizontal and vertical.<br />
Horizontal portals form the core services layer that offers the<br />
infrastructure on which all vertical portals are built (see Figure 3.18).<br />
Vertical portals, which are domain specific, represent only an instance<br />
of a portal that is built upon the horizontal portal. Vertical portals are<br />
also known as vortals.<br />
For instance, in a typical Fortune 500 company there may be several<br />
vertical portals, such as employee portal, consumer portal, supplier<br />
portal and sales service portal which are built on <strong>to</strong>p of the horizontal<br />
portal infrastructure. Once the horizontal portal is built, adding on<br />
vertical portals is relatively inexpensive. Each vertical portal can be<br />
aligned with a particular business goal of the company.<br />
A survey of 550 professionals by Delphi Group, a Bos<strong>to</strong>n-based<br />
consultancy, showed that at the end of 2000, 54% thought that their<br />
companies would develop multiple vertical portals by the end of 2002.<br />
<strong>B2B</strong> vertical portals are also known as <strong>B2B</strong> exchanges. They<br />
usually focus on procurement, supply chain management and other<br />
specialized services, such as legal and financing. A vortal can just be<br />
information oriented or may offer transaction services. For vortals <strong>to</strong> be<br />
successful, the formation of a community that provides the business<br />
services needed <strong>to</strong> support <strong>B2B</strong> transactions is essential.<br />
Internal 1 p_ , 1 I<br />
Employee 1 P "porta| T ' e I Cus<strong>to</strong>mer Portal I Supplier Portal<br />
Portal<br />
Horizontal Portal Infrastructure<br />
Figure 3.18. — Vertical portals are built on horizontal portal infrastructure
70 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Company<br />
Portals<br />
Portal<br />
Server<br />
E-procurement<br />
Cus<strong>to</strong>mer<br />
Relationship<br />
Management<br />
Business Partner Web Cus<strong>to</strong>mer<br />
u<br />
Presentation Layer<br />
Employee<br />
Inves<strong>to</strong>r<br />
Sei vices Lay ei (Personalization, Collaboration,<br />
<strong>Integration</strong>* Seaich, Indejdng, Secui ity, Publish/Subset ibe)<br />
Connection Layer<br />
\ X<br />
i i<br />
Internal and<br />
External Trading Partner Applications and , ^ , Applioat[an:! and DotaSourca<br />
external Data Sources ^<br />
Resources<br />
Figure 3.19. — Portal framework<br />
Note: <strong>B2B</strong> exchanges are covered in great detail in the chapter on <strong>B2B</strong><br />
e-marketplaces and collaborative networks.<br />
3.3.2. Components of a portal server platform<br />
An enterprise portal server framework provides open services and<br />
interfaces that are used <strong>to</strong>gether with a development kit <strong>to</strong> cus<strong>to</strong>mize<br />
the features of the presentation layer, services offered and connections<br />
<strong>to</strong> enterprise applications (see Figure 3.19). A portal server should be<br />
able <strong>to</strong> fully leverage an enterprise's existing infrastructure such as<br />
application servers, databases, legacy applications (mainframes) and<br />
packaged applications (ERP, CRM) through the use of pre-built<br />
components.<br />
A portal server consists of some essential components that form the<br />
presentation layer, services layer and integration layer. Dividing the<br />
portal server framework in<strong>to</strong> structured layered components for
<strong>Integration</strong> Patterns 71<br />
presentation, content, business logic and integration makes site<br />
maintenance and updates relatively easy.<br />
Vertical portals have much in common as far as functionality and<br />
connectivity issues required <strong>to</strong> build dynamic user interfaces are<br />
concerned. The framework should provide all the common features as<br />
an out-of-the-box solution, leaving the other uncommon features such<br />
as business logic and visual design — which are unique <strong>to</strong> each<br />
company and each vertical portal. It must, however, provide a platform<br />
<strong>to</strong> facilitate rapid, value-added development of these features, including<br />
the presentation layer. Companies can use generic templates of user<br />
interfaces as the starting point, rather than developing the whole code<br />
from scratch.<br />
The data presented by portals comes from several heterogeneous<br />
sources that include legacy, relational, packaged and partner data sources.<br />
Thus the portal framework has <strong>to</strong> provide connectivity or integration<br />
with enterprise applications. In fact, portals are built on <strong>to</strong>p of EAI<br />
platforms.<br />
Presentation layer<br />
The presentation layer is responsible for providing a user-friendly frontend<br />
interface <strong>to</strong> users. Through this layer, users view and interact with<br />
the data. A very basic example of the presentation layer is an HTMLbased<br />
front-end of any Website. Java Server Pages (JSPs), Active<br />
Server Pages (ASPs), VBScript, JavaScript, Java Applets, ActiveX,<br />
Dynamic HTML, Cascade Style Sheets (CSS), WML and cHTML are<br />
some of the other presentation technologies. A front-end may be built<br />
using one or a combination of these technologies. In some cases, the<br />
interface can even be a cus<strong>to</strong>m developed application in Visual Basic<br />
(VB), Visual C++, or Java that runs on the user machines as a standalone<br />
application. However, this will not be the case with a true Web<br />
portal application.<br />
Services layer<br />
The services layer provides foundation infrastructure on which portals<br />
are built. This layer resides between the presentation and the connectivity
72 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
layer. Services offered by this layer include session management, logging,<br />
security, personalization, document management, workflow management,<br />
subscription and notification and search and indexing. It also provides<br />
an API through which other enterprise applications, external applications<br />
and legacy systems could be integrated in<strong>to</strong> the portal environment.<br />
The services layer components include an application server, an<br />
SMTP server, a Web server, an LDAP server and an administration<br />
server. All these components <strong>to</strong>gether provide a highly scalable, reliable<br />
and robust architecture that can handle large enterprise systems and<br />
heavy traffic on the portal. The services layer offers features such as<br />
load balancing, distributed transaction control, message translation and<br />
the ability <strong>to</strong> handle multiple component types (EJB, COM, COM+,<br />
CORBA).<br />
The application server, the heart of a portal framework, should<br />
ensure maximum portability and flexibility by being built on a standards<br />
based architecture that includes support for all the leading technologies<br />
such as CORBA, RMI, EJB, XML, .Net and SOAP. Further, it should<br />
enable an end-<strong>to</strong>-end integration from the Internet <strong>to</strong> the mainframe.<br />
The Web server is an HTTP-based server for hosting static content<br />
and dynamic Web applications. It acts as a container and distribu<strong>to</strong>r of<br />
a collection of HTML/XML pages, JSPs, Servlets, Java classes, applets,<br />
ASPs, images, multimedia files and other file types. It provides high<br />
performance and availability through page caching, session state<br />
management and application server integration.<br />
The SMTP server is responsible for managing the e-mail flows<br />
through the portals. The e-mail addresses of the portal users are exposed<br />
<strong>to</strong> the enterprise e-mail server via the LDAP server. The portal framework<br />
should implement a WebDAV server, which is an Internet standard for<br />
accessing documents over the Web pro<strong>to</strong>col HTTP using XML encoding<br />
of data.<br />
The administration <strong>to</strong>ol gives a single point of moni<strong>to</strong>ring and<br />
management of the system.<br />
The core services offered by the service layer are:<br />
Personalization — Personalization features most commonly associated<br />
with portals are the ability <strong>to</strong> offer views of content based on a user's<br />
organizational role and for end users <strong>to</strong> cus<strong>to</strong>mize their interfaces. The
<strong>Integration</strong> Patterns 73<br />
ability for the end user <strong>to</strong> explicitly state preferences and create a<br />
personalized 'My HomePage' is an important element of the portal<br />
concept. However, an enterprise portal will only be as good as the<br />
structure and organization of the underlying data. Personalization services<br />
are made possible by behavior tracking feature of portal software.<br />
Behavior tracking records page impressions, 'click-throughs,' 'add-<strong>to</strong>s'<br />
and removals from shopping carts and purchase and order his<strong>to</strong>ries, for<br />
use in analysis of cus<strong>to</strong>mer shopping and buying patterns.<br />
Collaboration — Today, e-mail alerts of new content relevant <strong>to</strong> the<br />
end user are common. Many portals integrate with existing collaboration<br />
environments, allowing e-mail and group calendaring features from<br />
Lotus Notes or Microsoft Exchange <strong>to</strong> be accessed via the portal<br />
interface. Also common is the incorporation of collaborative features,<br />
such as threaded discussions or chat, in<strong>to</strong> the portal application itself.<br />
Some portals focus on project management or communications between<br />
enterprises. In these instances companies should look for portal products<br />
that provide for group work spaces, white boarding and team document<br />
sharing.<br />
Direc<strong>to</strong>ry — The portal server should provide a cross-platform, scalable<br />
and robust common direc<strong>to</strong>ry service such as Lightweight Direc<strong>to</strong>ry<br />
Access Pro<strong>to</strong>col (LDAP) <strong>to</strong> address the proliferation of applicationspecific<br />
direc<strong>to</strong>ries.<br />
Subscription and Notification — The portal server should offer rich<br />
subscription and notification services. The users of the portal should be<br />
able <strong>to</strong> subscribe for events, discussions, documents and chats.<br />
Notifications are triggered when any underlying data for which the user<br />
has subscribed changes and can be sent through e-mails, over PDA<br />
devices or placed in the personal portal of the user. A very simple<br />
example of subscription is that of an inves<strong>to</strong>r subscribing <strong>to</strong> news and<br />
quotes for a particular s<strong>to</strong>ck on a financial portal. The inves<strong>to</strong>r should be<br />
notified of news and quotes of that s<strong>to</strong>ck through the inves<strong>to</strong>r's preferred<br />
mode, such as e-mail or message over a handheld wireless device.<br />
Search — The portal server should offer a very powerful search facility<br />
through which users can locate relevant information based on content,<br />
metadata, author, date or type of information.
74 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Security — The portal server should provide a comprehensive security<br />
architecture that encompasses access control, cryp<strong>to</strong>graphy-based privacy,<br />
digital certificates, secure socket layer (SSL) and user authentication.<br />
Connection layer<br />
The portal server has <strong>to</strong> provide a connection layer through which<br />
structured and unstructured data can be retrieved from data marts, data<br />
warehouses, databases, e-mails, internal applications, legacy systems<br />
and external cus<strong>to</strong>mer feeds.<br />
3.3.3. Portal oriented integration and <strong>B2B</strong>i<br />
Portal oriented integration is not as complex and expensive as other<br />
integration patterns. Several small <strong>to</strong> medium size companies are using<br />
this integration pattern for <strong>B2B</strong>i <strong>to</strong> avoid the much sophisticated and<br />
involved integration of back-end systems. Through portals, a company<br />
can provide a Web interface <strong>to</strong> their key business systems such as ERP,<br />
CRM and other legacy systems.<br />
Portal oriented integration fails in most cases <strong>to</strong> achieve true <strong>B2B</strong><br />
integration. Most portals do not have sophisticated business process<br />
management <strong>to</strong>ols built in which the transfer of data based on business<br />
events can au<strong>to</strong>mate.<br />
We have covered all the integration challenges and their workarounds<br />
for vertical portals in the chapter on <strong>B2B</strong> e-marketplaces and<br />
collaborative networks.<br />
3.4. Application Oriented <strong>Integration</strong><br />
Application oriented integration involves the direct application-<strong>to</strong>application<br />
(A2A) integration of cross-organization and cross-platform<br />
application over a network. This type of integration is usually<br />
synchronous in nature. Application oriented integration can range from<br />
cus<strong>to</strong>m code (COBOL, C++, Java) <strong>to</strong> application programming interfaces<br />
(APIs) <strong>to</strong> remote procedure calls (RPCs) <strong>to</strong> distributed middleware such
y """X,<br />
./ \ Request<br />
I Client J^^^^^^T<br />
\ J ' w ~~ Response<br />
<strong>Integration</strong> Patterns 75<br />
1 Server<br />
Figure 3.20. — Synchronous communication (Request/Response)<br />
as TP moni<strong>to</strong>rs, distributed objects and message oriented middleware<br />
(MOM).<br />
A2A integration requires integration of new technology with the old,<br />
realizing a common architecture where all business-enabling applications<br />
are able <strong>to</strong> communicate with each other. It enables companies <strong>to</strong><br />
connect and coordinate data and events among multiple, crossorganization<br />
applications.<br />
Application oriented integration is primarily synchronous in nature,<br />
i.e., it is based on request/reply interactions between the client (requesting<br />
program) and the server (responding program) (see Figure 3.20). Thus,<br />
the middleware supporting this integration pattern has <strong>to</strong> provide adapters<br />
and an adapter <strong>to</strong>olkit, <strong>to</strong> develop cus<strong>to</strong>m adapters that support<br />
synchronous program invocation.<br />
In this section, we will discuss APIs and RPCs. The discussion on<br />
different technologies such as CORBA, RMI and TP moni<strong>to</strong>rs is provided<br />
in the chapter on middleware technologies.<br />
3.4.1. Application Programming Interfaces (APIs)<br />
An application programming interface is a group of functions or methods<br />
defined by programs, which external programs can invoke <strong>to</strong> interact<br />
(select information, update information, control the state or notify the<br />
events) with the underlying applications. Just as a keyboard is the<br />
interface for a computer, an API is the software interface for applications,<br />
programs and operating systems. An invocation of each method of an<br />
API is supposed <strong>to</strong> generate a desired outcome. APIs encapsulate the
76 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Application A Application B<br />
API Calls I I API Calls<br />
Data Access Layer<br />
Data Source Data Source<br />
Figure 3.21. — A typical API call<br />
underlying business logic and data access, providing a higher degree of<br />
security and data integrity.<br />
APIs provide a high-level programming paradigm, where an<br />
application or a program does not execute its own methods or functions<br />
itself but makes some other applications or programs <strong>to</strong> do it. This way<br />
the actual implementation of the method or function is always delegated<br />
<strong>to</strong> the program publishing the API and not the calling programs (see<br />
Figure 3.21). If there is any change in the business logic, which requires<br />
changing the implementation of the method, the developers have <strong>to</strong><br />
change the code at only one place, i.e., in the program providing the<br />
implementation of the method — as long as the incoming parameters<br />
and output do not change.<br />
For instance, applications and programs developed on any operating<br />
system use APIs provided by the underlying operating system. This way<br />
they are able <strong>to</strong> delegate all the dirty work of disk Input/Output (I/O),<br />
memory allocation, painting graphics on the moni<strong>to</strong>r, etc., <strong>to</strong> the operating
<strong>Integration</strong> Patterns 11<br />
system programs. Therefore, if a program has <strong>to</strong> read some data from a<br />
file or write some data <strong>to</strong> a file, all it does is invoke a method on the 1/<br />
O API provided by the operating system and let the operating system<br />
perform the task of seeking, reading and writing from the hard disk bit<br />
by bit.<br />
Most of the packaged applications such as ERP, CRM and SCM<br />
provide APIs <strong>to</strong> interact with the underlying application and business<br />
objects. These APIs are independent of the platform and programming<br />
language. This feature gives companies flexibility in terms of integrating<br />
their already developed internal applications, irrespective of their<br />
language and platform, with the packaged software.<br />
Usually all the APIs are synchronous in nature, i.e., the function call<br />
does not return until the specified action is complete. However, if the<br />
application invoking a function call through an API does not want the<br />
client process <strong>to</strong> wait indefinitely, it can spawn a new thread process <strong>to</strong><br />
handle other tasks.<br />
Components of APIs<br />
There are several components of an application programming interface,<br />
as follows:<br />
Interfaces — Interfaces contain the signatures or definitions of the API<br />
functions. They are distributed and used by all the client programs <strong>to</strong><br />
invoke API functions. A typical function signature contained in an API<br />
will have the following information:<br />
• Name of the function or method;<br />
• Input parameters;<br />
• Return type (output); and<br />
• Any exceptions thrown by the function.<br />
Methods or Functions — The methods or functions contain the actual<br />
code that performs the tasks defined by the API and are defined and<br />
contained in the underlying programs. If there is any change in the<br />
implementation of a function, its function code has <strong>to</strong> change.<br />
Input and Output Parameters — Each API function can take multiple<br />
input parameters and may return an output. The input parameters and
78 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
the output may be a user-defined type or a system-defined type. Userdefined<br />
types are used for s<strong>to</strong>ring groups of related information by<br />
containing combinations of multiple individual data members. This<br />
grouping and encapsulation of data helps in passing a single input<br />
parameter instead of a large number of parameters and/or returning a<br />
logical object that contains all the data as desired from the output of a<br />
method call.<br />
Named Constants — In several cases, APIs use fixed numeric or string<br />
codes, also known as constants, <strong>to</strong> represent some kind of constant<br />
information or value. Naming these constants provides a more convenient<br />
way <strong>to</strong> refer <strong>to</strong> their values in code.<br />
Callback Functions — Callback functions are an optional feature of an<br />
API. Callback functions are regular functions defined in the programs<br />
implementing APIs with the exception that they are never made available<br />
through an interface. They are used internally by one or more of the<br />
API functions <strong>to</strong> perform the task.<br />
Classes of APIs<br />
Based on their functionality and uses, APIs can be classified in<strong>to</strong> five<br />
different classes. Although there is considerable similarity in these<br />
classes, they broadly cover all the different approaches in which packaged<br />
applications (i.e., ERP, CRM, SCM), databases, legacy systems or<br />
cus<strong>to</strong>m developed applications can expose their methods in the form of<br />
interfaces.<br />
Method APIs — Method APIs provide an interface for a series of<br />
methods or functions exposed by an application, which the external<br />
applications can invoke. Each method is defined by a name, a set of<br />
input parameters (which must be provided by the calling application in<br />
order <strong>to</strong> use the method), output type and exceptions.<br />
Several leading packaged software vendors provide linkable libraries.<br />
For instance, external applications can access SAP Business Objects<br />
through standardized, platform-independent interfaces — Business<br />
Application Programming Interfaces (BAPIs).
<strong>Integration</strong> Patterns 79<br />
Messaging APIs — Messaging APIs provide a flexible message oriented<br />
interface that enables communication between message-based applications.<br />
The API makes it easy for enterprises <strong>to</strong> write business applications<br />
that asynchronously send and receive critical business data and events.<br />
For instance, the Java API for XML Messaging (JAXM) enables<br />
applications <strong>to</strong> send and receive document oriented XML messages<br />
using a pure Java API. With the use of JAXM, application developers can<br />
focus on building, sending, receiving and decomposing messages for their<br />
applications instead of programming low level XML communications<br />
routines.<br />
Component/Object APIs — Object APIs provide interfaces that can be<br />
used by applications <strong>to</strong> access different objects, which encapsulate the<br />
data and business processes.<br />
Several vendors of distributed component solutions such as DCOM,<br />
CORBA and EJB provide APIs <strong>to</strong> access remote objects.<br />
Data Management APIs — Data management APIs provide interfaces<br />
containing methods for directly accessing and manipulating an<br />
application's database or any other data source, internal or external <strong>to</strong><br />
the company. This API should not only allow the retrieval of downloaded<br />
data or data in databases, it should also support data management<br />
activities common <strong>to</strong> most applications. This API enables data<br />
management applications <strong>to</strong> be integrated much like ordinary software<br />
applications, as it provides a consistent, platform-independent interface<br />
for integration.<br />
A typical example of data management API is structured query<br />
language (SQL). Each database vendor implements and supports its<br />
own flavor of SQL. For example, Oracle provides PL/SQL, Sybase<br />
provides transact SQL.<br />
Sun's JDBC API is a Java API for accessing tabular data which<br />
makes it easy <strong>to</strong> send SQL statements <strong>to</strong> relational database systems<br />
and supports all dialects of SQL (see Figure 3.22). The JDBC API<br />
consists of a set of classes and interfaces written in the Java programming<br />
language that provides a standard API for <strong>to</strong>ol/database developers and<br />
makes it possible <strong>to</strong> write database applications using an all-Java API.<br />
The JDBC API contains two major sets of interfaces: the first is the
80 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
r JDBC<br />
JDBC-ODBC<br />
Bridge Driver<br />
Database<br />
Client Library<br />
t<br />
Database<br />
Server<br />
Java<br />
Application<br />
"W"<br />
JDBC API<br />
Driver<br />
Manager or<br />
DataSource Object<br />
1 Partial Java<br />
JDBC Driver<br />
Database<br />
Client Library<br />
Database<br />
Server<br />
Figure 3.22. — JDBC API — An example of data management API<br />
JDBC API for application writers and the second is the lower-level<br />
JDBC driver API for driver writers.<br />
File APIs — File APIs provide interfaces containing methods <strong>to</strong> manage<br />
file information, access data and catch events from legacy applications,<br />
which usually contain data in flat files. The interface encapsulates many<br />
of the advanced file and shell related functions.<br />
Applications can use file APIs <strong>to</strong> extract particular data elements<br />
from the legacy system. The API will take care of any logic or<br />
arithmetic needed <strong>to</strong> produce the desired data. Without this API,<br />
integration of legacy systems would be a nightmare, as they do not
<strong>Integration</strong> Patterns 81<br />
publish interfaces (i.e., they do not support program-level access <strong>to</strong><br />
internal business objects).<br />
Key requirements of an API<br />
There are several essential requirements of an API, which makes it<br />
usable for <strong>B2B</strong>i applications. Some of them are:<br />
Easy <strong>to</strong> Use — An API having even the most advanced functions will<br />
not be accepted well by the users, if its interface is not easy <strong>to</strong> use. The<br />
thumb rule in writing any API should be <strong>to</strong> make it as easy as possible<br />
for the users <strong>to</strong> use it. An API should be well supported through proper<br />
documentation and examples.<br />
Language and Platform Independent — The use of APIs in <strong>B2B</strong>i<br />
applications will be very limited if their use is bound <strong>to</strong> a specific<br />
programming language and platform. Two companies trying <strong>to</strong> integrate<br />
their internal applications using APIs may have the underlying<br />
applications running on different platforms and developed in different<br />
applications. Thus, APIs should be language and platform neutral.<br />
Protect the Underlying Data Sources — The API functions should be<br />
written in such a way so as <strong>to</strong> allow completely direct access <strong>to</strong> any<br />
underlying data sources. This requirement is especially important for<br />
<strong>B2B</strong> applications in which users of one company use APIs <strong>to</strong> access<br />
data from another company. If the APIs mistakenly provide access <strong>to</strong><br />
the data source, the users can maliciously change the data.<br />
Controlled Access — The APIs should provide controlled access <strong>to</strong><br />
each user set. Based on the entitlements of the users, the APIs should<br />
provide restricted functionality in terms of invoking functions.<br />
Support for Multiple Data Sources — APIs should provide support for<br />
different types of databases. The APIs should hide the details of each<br />
database format from the calling program.<br />
Limitations of APIs<br />
There are no industry standards for creating an API. Consequently,<br />
the structure and implementation of APIs can differ significantly
82 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
from application-<strong>to</strong>-application. With most middleware, 'wrappers' are<br />
developed (distributed objects) or messages queues employed (MOM)<br />
<strong>to</strong> provide a uniform communication standard between APIs.<br />
Invoking API functions from applications developed in different<br />
programming languages requires an application broker in between <strong>to</strong> do<br />
the data type conversion. This makes the calling application errorprone,<br />
which now has <strong>to</strong> deal with all kinds of interoperability issues,<br />
including hard-<strong>to</strong>-find problems such as pointers and terminating nulls.<br />
Most of the APIs do not allow for cus<strong>to</strong>mization of the application<br />
interface <strong>to</strong> better suit the needs of the user. Furthermore, API level<br />
integration makes the application tightly coupled, which has some<br />
serious drawbacks. These drawbacks are discussed later in the chapter<br />
under the heading Application Oriented <strong>Integration</strong> and <strong>B2B</strong>L<br />
3.4.2. Remote Procedure Calls (RPCs)<br />
RPCs provide a high-level communications paradigm for network<br />
applications using which the applications can invoke procedure<br />
calls across a network, irrespective of the underlying network. RPCs<br />
enable communication and integration of local and remote applications<br />
on a procedure or method level. They allow local applications <strong>to</strong> draw<br />
on the resources of remote systems and can set up cause-and-effect<br />
events.<br />
The independence from the transportation layer feature of RPC<br />
makes it very useful in <strong>B2B</strong>i as it can integrate cross-organization<br />
applications irrespective of the underlying networking mechanisms.<br />
Further, RPCs also hide other technical details of making a remote call<br />
such as parameter marshaling and context management.<br />
The current implementations of RPC include: Common Object<br />
Request Broker Architecture (CORBA), Java's Remote Method<br />
Invocation (RMI) and Microsoft's Distributed Component Object Model<br />
(DCOM).<br />
How <strong>to</strong> make a remote procedure call?<br />
RPCs enable programs <strong>to</strong> call or execute predefined functions in the<br />
same system or a remote system. Before we discuss how <strong>to</strong> make a
<strong>Integration</strong> Patterns 83<br />
remote procedure call, let's review some of the key terms of RPC<br />
pro<strong>to</strong>col.<br />
Client — A client is an application or program that makes remote<br />
procedure calls <strong>to</strong> remote servers. Irrespective of the language in which<br />
the client is developed, it needs <strong>to</strong> know the following in order <strong>to</strong> make<br />
a remote call:<br />
• The uniform resource loca<strong>to</strong>r (URL) and transmission control pro<strong>to</strong>col<br />
(TCP) port of the server;<br />
• The name of the remote procedure;<br />
• The kind and number of arguments that procedure expects; and<br />
• The kind and number of return values.<br />
Server — A server is a process that provides remote services <strong>to</strong> clients.<br />
Remote Service — A remote service is a collection of one or more<br />
remote programs available over the network.<br />
Remote Program — A remote program implements one or more remote<br />
procedures.<br />
A remote procedure call involves a single thread that controls<br />
two processes. One of the processes is that of the calling program<br />
(caller's process) or application and the other one is that of the server<br />
on which the call is being made (server's process). The caller process<br />
initiates the communication by sending a message with the remote<br />
procedure's parameters <strong>to</strong> the server process (see Figure 3.23). After<br />
sending the message, the caller process can wait for the server process<br />
<strong>to</strong> respond back with the results of the remote procedure (synchronous<br />
communication) or continue on (asynchronous communication). The server<br />
process, on the other hand, is dormant waiting for the client requests<br />
and servicing them as the RPCs are invoked. Once it receives a message<br />
from the client program, it executes the remote procedure and sends the<br />
calling process the results in the form of messages.<br />
In the above implementation example, there is only one process that<br />
is active at any moment in time. RPC pro<strong>to</strong>col supports simultaneous<br />
execution of more than one process. For instance, in an asynchronous<br />
RPC call, the client process can continue without waiting for the results<br />
from the server process.
84 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
RPC Client<br />
Calling<br />
Code<br />
RPC<br />
Interface<br />
Client<br />
Stub<br />
RPC<br />
Runtime<br />
jk %.<br />
Apparent Path of<br />
Procedure Call<br />
•<br />
Apparent Path<br />
of Data<br />
Return Data<br />
Input Arguments<br />
RPC Server<br />
Remote<br />
Procedure<br />
RPC<br />
Interface<br />
Server<br />
Runtime<br />
RPC Runtime<br />
Figure 3.23. — Real and apparent paths of RPC call and data flow<br />
RPC-based integration can either be synchronous or asynchronous in<br />
nature. A synchronous function or method call will hold up the execution<br />
of an application while it awaits a response from the remote method.<br />
As an example, assume that there is a remote procedure for retrieving<br />
cus<strong>to</strong>mer information. The details of the RPC are given in Table 3.1.<br />
XML-based RPCs<br />
<strong>B2B</strong> applications that communicate using RPC can fully leverage XMLbased<br />
technology <strong>to</strong> communicate in a standard way over the Internet<br />
using HTTP. RPCs, based on XML, work by encoding the RPC request<br />
from the client <strong>to</strong> the remote server in an XML message (see Figure 3.24).<br />
The message is then sent over the Internet <strong>to</strong> the server. On receiving<br />
the message, the server decodes it, executes the remote procedure and<br />
A<br />
A<br />
A<br />
A
Procedure<br />
Name<br />
<strong>Integration</strong> Patterns 85<br />
Table 3.1. An example for RPC <strong>to</strong> retrieve cus<strong>to</strong>mer information<br />
Host: http://165.107.65.25/rpc Port: 8080<br />
get_cus<strong>to</strong>mer_info<br />
I XML-RPC<br />
<br />
Procedure Definition<br />
Input<br />
Request<br />
Output<br />
<br />
XML-RPC Response<br />
Client Server<br />
Figure 3.24. — RPC based on XML messages<br />
Description<br />
For a valid<br />
cus<strong>to</strong>mer_id, the<br />
remote procedure<br />
will return the<br />
details of the<br />
cus<strong>to</strong>mer as a<br />
struct type. The<br />
structure will have<br />
the following<br />
fields:<br />
firstname<br />
lastname<br />
phonenumber<br />
faxnumber<br />
e-mail<br />
sends the results back <strong>to</strong> the client after encoding them as XML<br />
messages. The client then decodes the XML message in<strong>to</strong> standard<br />
language data types and continues on.<br />
As an example, let's consider the same example of a remote call for<br />
retrieving cus<strong>to</strong>mer information with XML-based communication.<br />
•
86 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
XML request message sent from the client <strong>to</strong> the server:<br />
<br />
<br />
get_ _cus<strong>to</strong>mer_info<br />
<br />
gs 12639 <br />
<br />
<br />
XML response message sent from the server <strong>to</strong> the client:<br />
<br />
<br />
<br />
<br />
firstname<br />
Garry<br />
<br />
<br />
lastname<br />
Sachs<br />
<br />
<br />
phonenumber<br />
01 l-732-632-6095<br />
<br />
<br />
faxnumber<br />
011 -732-632-6096<br />
<br />
<br />
e-mail<br />
gsachs @ mymail.com<br />
<br />
<br />
Transport and semantics<br />
<strong>Integration</strong> Patterns 87<br />
The RPC pro<strong>to</strong>col is completely independent of the transport pro<strong>to</strong>cols,<br />
i.e., the client can invoke RPC calls on the server irrespective of the<br />
transport pro<strong>to</strong>col on which the RPC service runs. It deals only with the<br />
specifications and interpretations of messages and does not take in<strong>to</strong><br />
account the manner and way in which the messages are exchanged<br />
between the client and the server applications. Based on this<br />
independence from transport pro<strong>to</strong>cols, RPC pro<strong>to</strong>col does not enforce<br />
any kind of semantics <strong>to</strong> the invocation or execution of a remote<br />
procedure. The semantics are explicitly declared by the transport pro<strong>to</strong>col.<br />
Thus, client and server applications have <strong>to</strong> be aware of the transport<br />
pro<strong>to</strong>col underneath RPC, as RPC service can run on a reliable pro<strong>to</strong>col<br />
(such as TCP/IP) or an unreliable (UDP) pro<strong>to</strong>col.<br />
Benefits of RPCs<br />
The biggest advantage of RPCs is their relative simplicity. Though the<br />
procedure is executed on a remote machine, it appears <strong>to</strong> the developer<br />
that it has been executed locally. Developers are removed from the<br />
complexities, which exist in other middleware solutions, most notably,<br />
distributed object models.<br />
Unlike the wild-west approach <strong>to</strong> APIs, comprehensive industry<br />
standards have been developed for RPCs. The most notable is the<br />
Distributed Computing Environment (DCE) standard created by the<br />
Open Software Foundation (OSF) in the 1980s. DCE is an industrystandard,<br />
vendor-neutral set of distributed computing technologies. The<br />
DCE standard for RPCs provides a complete distributed computing<br />
environment infrastructure including a security service <strong>to</strong> protect and<br />
control access <strong>to</strong> data, name services that make it easy <strong>to</strong> find distributed<br />
resources and a highly scalable model for organizing widely scattered<br />
users, services and data.<br />
Limitations of RPCs<br />
Though incredibly popular during the 80s and early 90s, RPCs have<br />
lost favor as a middleware solution <strong>to</strong> other technologies, such as
88 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
messaging and distributed objects. RPC is a procedural model, which<br />
primarily supports synchronous calls. In addition, RPC carries a<br />
significant amount of network overhead — it can be network hog. The<br />
many levels of services, which once made RPC appealing, also created<br />
the performance bottlenecks which make it very slow across large<br />
networks.<br />
3.4.3. Application oriented integration and <strong>B2B</strong>i<br />
The applications <strong>to</strong> be integrated for <strong>B2B</strong>i support different business<br />
lines of individual companies. This bag of application consist of a mix<br />
of home developed applications, third party solutions (such as ERP,<br />
CRM, SCM) and legacy systems. Their integration with the applications<br />
of the trading partners is much more than just making a remote method<br />
call or making one component talk <strong>to</strong> another remote component.<br />
It is a fairly straightforward task <strong>to</strong> integrate two applications<br />
developed by a single company using the same language and running<br />
on the same platform. However, integrating applications developed and<br />
maintained by different companies using different programming language<br />
and running on different platforms is an extremely daunting effort.<br />
For a successful implementation of this integration pattern, companies<br />
have <strong>to</strong> give away au<strong>to</strong>nomy and develop applications in close<br />
cooperation with the partners. Making any changes <strong>to</strong> support new<br />
business logic or technical feature requires informing and coordinating<br />
with the partners, which makes this integration pattern the least flexible<br />
of all the integration patterns. Because of its inflexibility, which requires<br />
making coding changes for every small change in business flow, this<br />
integration pattern is also the most expensive in the long run. It creates<br />
dependency that can have a major impact on the business operations of<br />
the companies participating in <strong>B2B</strong>i.<br />
Application oriented integration also requires making strict<br />
authentication checks before executing the function or method. The call<br />
<strong>to</strong> functions or methods can contain malicious code as it is usually<br />
made over the Internet. Furthermore, in order for the client programs <strong>to</strong><br />
make RPCs or API calls, a company needs <strong>to</strong> open its firewall, which<br />
can pose security threats. Finally, A2A integration does not help a<br />
company <strong>to</strong> improve business processes.
3.5. Business Process <strong>Integration</strong> (BPI)<br />
<strong>Integration</strong> Patterns 89<br />
Business process integration is a mechanism of integrating an<br />
organization's internal and external business processes with those of the<br />
business partners by sharing business information based on rules among<br />
diverse business systems. Business strategy and goals play an equally<br />
important role as technology in achieving successful <strong>B2B</strong>i based on<br />
process integration. BPI aims <strong>to</strong> achieve integration based on business<br />
rules that help <strong>to</strong> improve the way business is done and make it more<br />
efficient. To achieve BPI-based <strong>B2B</strong>i, companies have <strong>to</strong> go through a<br />
systematic and gradual implementation of business process management.<br />
BPI is more advanced than data oriented integration and application<br />
oriented integration since logic and reasoning of conducting business<br />
are included in this type of integration. It removes the limitations<br />
inherent in data integration or application integration types by focusing<br />
on the actual processes and not just the data.<br />
BPI is achieved through a much larger initiative involving the<br />
designing, modeling, au<strong>to</strong>mating, executing and moni<strong>to</strong>ring of business<br />
processes. A single instance of BPI, i.e., a business process such as<br />
order management that has been integrated, may require several<br />
applications <strong>to</strong> be integrated at different levels and multiple steps of<br />
data transfer from one data source <strong>to</strong> another.<br />
3.5.1. Business process integration patterns<br />
<strong>B2B</strong> process integration can take place in various ways and at various<br />
levels of hierarchy and sophistication. The two most commonly used<br />
patterns of <strong>B2B</strong> process integration are closed process <strong>B2B</strong>i or open<br />
process <strong>B2B</strong>i, as described below.<br />
Closed process-based (private process) integration<br />
The closed process, also know as private process, based integration<br />
occurs when the organization manages processes internally and<br />
externalizes the key process activities only through the data exchange<br />
gateway (see Figure 3.25).
90 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
f 1<br />
* •<br />
Closed Business<br />
Process<br />
Closed Business !<br />
Process I<br />
Company A Company B<br />
Figure 3.25. — Closed process-based integration<br />
The arrangement with closed process <strong>B2B</strong>i is that the organization<br />
within its setup is able <strong>to</strong> track the status of business process activities<br />
internally. Appropriate and relevant business activities are shared by the<br />
partner organizations with the data exchange gateway.<br />
Open process-based (public process) integration<br />
The open process, also know as public process, based integration occurs<br />
when the organization creates the potential for sharing processes among<br />
multiple <strong>B2B</strong> corporate entities (see Figure 3.26). The management of<br />
processes is shared by the corporate entities, which requires the BPI<br />
products <strong>to</strong> be implemented within each organization.<br />
In an open process-based integration pattern, the processes internal<br />
<strong>to</strong> the organization continue <strong>to</strong> be internal and can only be viewed and<br />
reviewed internally. However, processes external <strong>to</strong> the organization are<br />
shared by the business partners and can be viewed and reviewed by all<br />
entities involved.<br />
Open process-based integration is more suitable for <strong>B2B</strong>i applications.<br />
It gives higher flexibility <strong>to</strong> create and manage more complex and<br />
enhanced relationships among business partners.
— J<br />
Com pa MY A<br />
Figure 3.26.<br />
Open Business<br />
Process<br />
<strong>Integration</strong> Patterns 91<br />
Company B<br />
Open process-based integration<br />
3.5.2. Business process integration and <strong>B2B</strong>i<br />
BPI for <strong>B2B</strong> applications is based on shared processes, which represent<br />
an extension of data exchange capabilities <strong>to</strong> include agreements on<br />
multiple interdependent sets of messages. For example, two companies<br />
might agree <strong>to</strong> an order management process that specifies how<br />
acknowledgements are handled, the exception paths for order changes<br />
and backorders, or other logic specific <strong>to</strong> the relationship between<br />
buyer and seller.<br />
Business process oriented integration has several benefits for an<br />
organization and its trading partners. They include:<br />
• Opportunity <strong>to</strong> redesign existing business processes and take out any<br />
sort of latency involved.<br />
• Ability <strong>to</strong> design, model, au<strong>to</strong>mate and execute new business processes<br />
based on collaboration with the trading partners.<br />
• Capability <strong>to</strong> hide the intricacies of how each company handles<br />
internally the processing of data exchanged via messages based on<br />
standard business semantics. As long as the format and semantics of<br />
messages exchanged between companies remains the same, the<br />
underlying application responsible for processing and generating<br />
messages can change.
92 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Ability <strong>to</strong> moni<strong>to</strong>r all the processes by getting real-time status<br />
information about their operational state.<br />
• Allows the reuse of source or target system despite changes in<br />
process model. The main feature of this approach is <strong>to</strong> allow the<br />
relevant information <strong>to</strong> be extracted from any source application,<br />
target application, or data s<strong>to</strong>re with the use of the routing feature in<br />
a BPI solution <strong>to</strong>ol. This allows the model itself <strong>to</strong> be changed, due<br />
<strong>to</strong> process flow change or logic change, but without the change in the<br />
application(s) that are part of the process model.<br />
• Supports the flow of information amongst organizations involved in a<br />
community setting, providing a proactive system that shares important<br />
information in real-time.<br />
• Makes it possible not <strong>to</strong> share organizational sensitive information<br />
with the business partner community.<br />
Business process integration is made possible by a complete business<br />
process management suite, which includes a modeling <strong>to</strong>ol, a business<br />
process engine and an administration <strong>to</strong>ol. The modeling <strong>to</strong>ol is used <strong>to</strong><br />
graphically design and model business processes. The workflows<br />
generated depict processes of business activities in a graphical manner.<br />
They define how the information flows between applications with the<br />
logic that controls that flow.<br />
The engine provides the process integration technology and<br />
environment for executing business processes. It generates, processes<br />
and transforms the data which flows between cross-organization, disparate<br />
and au<strong>to</strong>nomous applications, based on the business rules. It works in<br />
tandem with message oriented or transaction oriented middleware. The<br />
administration <strong>to</strong>ol provides administration functionalities such as<br />
moni<strong>to</strong>ring the business processes and may also include reporting<br />
functionality for generating various reports on the performance of<br />
business processes.<br />
BPI aims <strong>to</strong> achieve end-<strong>to</strong>-end EAI and <strong>B2B</strong> application integration<br />
while working with multi-organizational setup using various platforms,<br />
formats, technologies and processes.<br />
Note: Readers should refer <strong>to</strong> the chapter on business process<br />
management <strong>to</strong> obtain further details about BPI, BPM concepts and<br />
BPM systems.
3.6. Which Approach <strong>to</strong> Use for Your <strong>B2B</strong>i<br />
Implementation?<br />
<strong>Integration</strong> Patterns 93<br />
Companies wishing <strong>to</strong> venture in<strong>to</strong> the world of integrated, collaborative<br />
and au<strong>to</strong>mated business face the following question: which integration<br />
type should we use <strong>to</strong> achieve <strong>B2B</strong>i?<br />
3.6.1. Agreement among the trading partners<br />
<strong>B2B</strong>i involves forming formal agreements among the trading partners <strong>to</strong><br />
decide various fac<strong>to</strong>rs involved in integration, such as level of integration,<br />
pattern of integration, scope of integration, data formats and XML<br />
standards. These agreements are dynamic in nature and are continuously<br />
changing with the business environment and needs.<br />
Some of the features of an agreement involved in a typical <strong>B2B</strong>i<br />
implementation are as follows:<br />
• The scope of the agreement — whether the agreement is for a<br />
horizontal industry, vertical industry or between two companies or<br />
among a small group of companies and a major company dictating<br />
terms;<br />
• The type of integration method used — data oriented, business<br />
method oriented, portal oriented, or business process oriented;<br />
• The data formats used — the common data representation standards;<br />
• The business process definitions used — the definitions of the common<br />
business process used;<br />
• The communication pro<strong>to</strong>col used — HTTP, FTP, e-mail, HOP, etc.; and<br />
• The security solutions — encryption, digital certificates, VPNs, digital<br />
signatures.<br />
All these features of an agreement play a very important role in<br />
determining the integration pattern used <strong>to</strong> achieve the final goal of<br />
integration.<br />
3.6.2. Your integration goals<br />
Each integration pattern discussed here has its own merits and<br />
shortcomings. There are several criteria that can guide you <strong>to</strong> determine
94 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
which approach best suits your integration goals. The most important<br />
ones are:<br />
• Will the integration be real-time?<br />
• What is the level of complexity of a given solution?<br />
• What is the degree of synchronization achieved in the integration?<br />
• Is the solution robust and scalable enough <strong>to</strong> handle your integration<br />
needs?<br />
• Is the solution flexible enough <strong>to</strong> adapt <strong>to</strong> your company's business<br />
processes?<br />
• What is the level of au<strong>to</strong>nomy or independence that your company<br />
will have in implementing the solution?<br />
• How close the participating companies will have <strong>to</strong> work in order <strong>to</strong><br />
achieve integration based on the solution?<br />
Figure 3.27 shows the different modes of integration and the level of<br />
synchronization achieved in using each one of them.<br />
To achieve <strong>B2B</strong>i, your company will have <strong>to</strong> adopt one or more of<br />
the integration patterns discussed in this chapter. Irrespective of the<br />
integration pattern or a combination of multiple patterns that you employ<br />
for <strong>B2B</strong>i, the final goal is <strong>to</strong> achieve real-time, secured access <strong>to</strong><br />
internal corporate and external (suppliers, partners and cus<strong>to</strong>mers) data,<br />
which allows dynamic collaboration. The integration strategy should be<br />
in line with your company's business and technology environments and<br />
short-term and long-term business goals.<br />
*Asynchronous Replication (Delayed)<br />
IfData Warehouses<br />
Data Marts<br />
•Transient Data Sources<br />
Staged<br />
• Asynchronous RPCs<br />
•Asynchronous API Calls<br />
Message Queuing<br />
• Message Br oka's<br />
f-Publish and Subscribe<br />
Non-real-time<br />
Virtual Data Warehouses<br />
• Synchronous Replication<br />
f Multi-database Servers<br />
• Databas e Acces s APIs<br />
Real-time (Data <strong>Integration</strong>)<br />
• Synchronous RPCs<br />
• Synchronous API Calls<br />
• Object Request Brokers<br />
• TP Moni<strong>to</strong>rs<br />
Real-time (Application <strong>Integration</strong>)<br />
Figure 3.27. — Level of synchronization in different types of integration
3.7. Conclusion<br />
<strong>Integration</strong> Patterns 95<br />
There are several integration patterns that a company can use <strong>to</strong> achieve<br />
<strong>B2B</strong>i. The choice as <strong>to</strong> which integration pattern <strong>to</strong> choose depends on<br />
the agreement with the trading partners, existing infrastructure and<br />
integration goals, such as level of synchronization and degree of<br />
au<strong>to</strong>nomy desired.<br />
Data oriented integration provides data access interface abstraction.<br />
It always involves data sharing and can result in communication between<br />
an application and a data source or a data source <strong>to</strong> another data source.<br />
It can be schedule or event-driven, based on the type of integration<br />
pattern used, such as synchronous replication or asynchronous replication,<br />
data warehouses or virtual data warehouses. The most common solution<br />
based on data oriented integration uses an ETL server.<br />
Application oriented integration involves API or RPC communication<br />
between application components, which may or may not involve data.<br />
Since cross-organization applications have <strong>to</strong> be integrated directly in<br />
this pattern, the participating companies have <strong>to</strong> work very closely <strong>to</strong><br />
jointly develop the applications. Companies have less au<strong>to</strong>nomy in this<br />
integration pattern, thus making it the least suitable for most <strong>B2B</strong>i<br />
implementations. However, this type of integration is synchronous in<br />
nature, i.e., the data is shared on a real-time basis.<br />
Portal oriented integration is a quick way for small <strong>to</strong> medium size<br />
companies <strong>to</strong> provide data access <strong>to</strong> cus<strong>to</strong>mers and trading partners<br />
through a Web-based interface.<br />
Business process oriented integration provides process interface<br />
abstraction that maintains the integrity of business rules. This integration<br />
type is being used by companies more and more as it not only aims at<br />
integration, but also at making the business processes of a company<br />
efficient by eliminating latency. Moreover, this integration type gives<br />
companies complete au<strong>to</strong>nomy in terms of how they want <strong>to</strong> conduct<br />
their business, as long as they are able <strong>to</strong> communicate with their<br />
trading partners based on certain pre-determined standards.
Chapter 4<br />
Enterprise Application<br />
<strong>Integration</strong> (EAI)<br />
The focus of this chapter<br />
<strong>Integration</strong> of internal applications is the single most important element<br />
of <strong>B2B</strong> integration which can make a company's <strong>B2B</strong>i implementation<br />
a success or a failure.<br />
In this chapter, we will explore the different enterprise-wide<br />
applications such as cus<strong>to</strong>mer relationship management (CRM), enterprise<br />
resource planning (ERP) and legacy systems. We will explain <strong>to</strong> you<br />
the convergence and divergence of enterprise application integration<br />
and business-<strong>to</strong>-business integration along with case studies. To give<br />
you information about the commercially available softwares for EAI,<br />
we have presented discussion of the major EAI solutions.<br />
96
4.1. Today's Enterprise<br />
Enterprise Application <strong>Integration</strong> (EAI) 97<br />
Today, an average Fortune 500 company may have 50 or more internal<br />
business applications deployed in multiple countries, different platforms<br />
and sometimes even on different versions of the same technology. Such<br />
large enterprises have small enterprises within themselves in the form<br />
of au<strong>to</strong>nomous groups, with each one of them having its own technology,<br />
business priorities and preferences.<br />
The information technology environment in companies is extremely<br />
dynamic as they adopt the latest and the best-of-breed software solutions<br />
that can help them in beating the competition. However, no single<br />
vendor can provide all these solutions. Again, the solution from each<br />
vendor may have different hardware, platform and database requirements,<br />
which results in the implementation of multiple physically separate<br />
systems.<br />
As companies move in the direction of <strong>B2B</strong>i, they will first have <strong>to</strong><br />
look inward <strong>to</strong> their own internal systems, applications and processes.<br />
Several business processes span across multiple internal applications.<br />
These applications must be able <strong>to</strong> communicate before a company can<br />
effectively e-communicate with the outside world.<br />
4.2. What is EAI?<br />
Most companies have inherited an environment of disparate legacy<br />
systems, applications, processes and data sources that typically interact<br />
by a maze of interconnections that are poorly documented and expensive<br />
<strong>to</strong> maintain. Additional problems arise from market consolidation in the<br />
digital age. Mergers and acquisitions of companies <strong>to</strong>day can increase<br />
the complexity of system integration exponentially.<br />
As the need <strong>to</strong> meet increasing cus<strong>to</strong>mer expectations continues <strong>to</strong><br />
rise, companies are forced <strong>to</strong> link their disparate systems <strong>to</strong> improve<br />
productivity, efficiency, and, ultimately, cus<strong>to</strong>mer satisfaction.<br />
The need for IT systems <strong>to</strong> communicate within an organization led<br />
<strong>to</strong> the evolution of EAI. EAI is the process of creating an integrated<br />
infrastructure for linking disparate systems, applications and data sources<br />
across the corporate enterprise.
98 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Cus<strong>to</strong>m Packaged BHJIMM Legacy Network<br />
Applications Applications DataBase* Systems Technology<br />
Adapter Adapter Adapter Adapter Adapter<br />
The EAI Platform<br />
Figure 4.1. — The EAI platform<br />
EAI processes and <strong>to</strong>ols help companies evolve <strong>to</strong> e-business by<br />
creating an integrated infrastructure <strong>to</strong> connect existing legacy systems<br />
and back-office applications with the Internet, allowing an organization<br />
<strong>to</strong> move and share information and data across all boundaries (see<br />
Figure 4.1).<br />
4.3. Where Did Things Go Wrong?<br />
Twenty <strong>to</strong> 30 years ago, information systems were relatively simple in<br />
makeup: there was the mainframe. The mainframe served its purpose<br />
admirably, providing an inherently integrated system. The minicomputer,<br />
often of a UNIX flavor, arrived soon after.<br />
The late 80s gave rise <strong>to</strong> distributed systems. With their rise came a<br />
strong move within companies <strong>to</strong> departmentalized information systems.<br />
The new distributed systems were generally based on UNIX and<br />
Windows technologies, the latter of which introduced the graphical user<br />
interface <strong>to</strong> the business world.<br />
The migration <strong>to</strong> departmentalized distributed computing was<br />
motivated by several fac<strong>to</strong>rs, including:<br />
• The desire <strong>to</strong> implement graphical user interfaces, which were not<br />
yet possible using mainframe 'green screens';<br />
• The perceived (often wrongly) notion that distributed client-server<br />
systems were cheaper and easier <strong>to</strong> implement and maintain;<br />
• The need for departmental executives <strong>to</strong> build fiefdoms <strong>to</strong> obtain<br />
personal advancement within the corporation; and<br />
• The ability of out-of-control IT departments <strong>to</strong> implement the latest<br />
technologies in<strong>to</strong> the market without giving proper consideration <strong>to</strong><br />
return on investment or revenue.
Internal Applications Jf"**"*"^<br />
(Java, C, C++) "#-«w_<br />
Enterprise Portal<br />
Application<br />
Financial System<br />
Enterprise Application <strong>Integration</strong> (EAI) 99<br />
ERP System<br />
SCM System<br />
Figure 4.2. — The enterprise maze<br />
m M cv.«4-=.«<br />
Databases<br />
Legacy System<br />
The segmentation of information systems was exacerbated with the<br />
introduction of commercial off-the-shelf applications such as ERP and<br />
CRM. Early on, these systems were designed as self-contained 'blackbox'<br />
systems with little or no means for accessing internal data or<br />
processes. Though many of these applications now provide better access<br />
<strong>to</strong> their underlying data and business logic, integrating these systems<br />
with other systems within the enterprise is still a challenge.<br />
Each node in Figure 4.2 maintains its own data, which may be<br />
shared among the nodes. Sharing of this data has been typically<br />
accomplished using data transfer methods including batch processes and<br />
data import/export jobs. Since the data of one node is not available in<br />
real-time <strong>to</strong> other nodes, the latter cannot analyze and make decisions<br />
while a transaction is being processed at the former. This is one of the<br />
major fac<strong>to</strong>rs that justify EAI. In fact, the very origin of EAI can be<br />
linked <strong>to</strong> the need for providing a full duplex, bi-directional solution <strong>to</strong><br />
share seamlessly and exchange data between ERP, CRM, SCM, databases,<br />
data warehouses and other important internal systems within the company<br />
(see Figure 4.3).
100 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Internal Applications<br />
(Java, Q C++)<br />
Enterprise Portal<br />
Application<br />
Financial System<br />
4.4. Benefits of EAI<br />
ERP System<br />
CRM System<br />
EAI Solution Databases<br />
SCM System<br />
Figure 4.3. — The EAI solution<br />
Legacy System<br />
EAI is not an out-of-the-box solution, but rather an ongoing process of<br />
creating a flexible, standardized enterprise infrastructure that allows<br />
new IT-based applications and business processes <strong>to</strong> be easily and<br />
efficiently deployed. The new infrastructure allows applications<br />
throughout an enterprise <strong>to</strong> seamlessly communicate with one another<br />
in a real-time manner.<br />
When implemented properly, EAI can provide many benefits<br />
including:<br />
• Enabling an organization <strong>to</strong> link legacy systems with new systems<br />
such as CRM and ERP <strong>to</strong> take advantage of electronic <strong>commerce</strong><br />
opportunities;<br />
• Helping companies realize the benefits <strong>to</strong>uted from business<br />
acquisitions and mergers;<br />
• Improving the speed for bringing products <strong>to</strong> market, systems <strong>to</strong><br />
implementation and new business units on-line;<br />
• Allowing companies <strong>to</strong> quickly react <strong>to</strong> changes in the business<br />
model; and<br />
• Enabling companies <strong>to</strong> take advantage of changes in the industry and<br />
technology.
Enterprise Application <strong>Integration</strong> (EAI) 101<br />
HOW ORACLE RE-ARCHITECTS ITS GLOBAL<br />
INFRASTRUCTURE INTO A CENTRALIZED<br />
E-BUSINESS ARCHITECTURE<br />
Oracle Corporation, like other large corporations had built a huge,<br />
distributed, worldwide culture based upon a client/server-computing<br />
infrastructure. For example, the company had 60 disparate financial<br />
systems in 60 different countries and 120 e-mail databases globally.<br />
Oracle was spending $600 million annually on global IT operating<br />
costs and the support of 1500 IT personnel <strong>to</strong> maintain them. The<br />
profit margins of the company were only 20% rather than 60% that<br />
successful software companies usually experience.<br />
Through a closer scrutiny of their business processes, the<br />
management realized that the 60 independent profit centers of the<br />
company created expensive redundancy uncontrolled spending, lower<br />
productivity and huge maintenance bills. The company was spending<br />
uncontrollably, adding more databases, applications and client/server<br />
infrastructure <strong>to</strong> support the phenomenal growth, while exponentially<br />
increasing the complexity.<br />
Realizing this, the company began a rather <strong>to</strong>ugh, but rewarding<br />
journey of re-architecting its systems in<strong>to</strong> a centralized e-business<br />
model that dramatically reduced maintenance on the desk<strong>to</strong>ps,<br />
inherently eliminated unnecessary servers and databases and greatly<br />
reduced IT and maintenance cost. For example, Oracle consolidated<br />
97 e-mail servers and 120 databases in<strong>to</strong> 4 servers running 4 databases<br />
and implemented a 'direct standards' model that allows it <strong>to</strong> maintain<br />
and update centralized applications worldwide from a single,<br />
centralized data center. Through this re-architecture of its systems,<br />
Oracle has reduced its operating budgets from $600 million <strong>to</strong> $440<br />
million annually.<br />
Source: Condensed from keep It Simple: How Oracle Consolidated Its Global<br />
Infrastructure in<strong>to</strong> a Centralized E-Business Architecture, Oracle White Paper.<br />
4.4.1. A word of caution<br />
Unfortunately, most IT shortcomings exist even <strong>to</strong>day. One only needs<br />
<strong>to</strong> substitute the term 'Web-based' for 'client-server' <strong>to</strong> see this. The
102 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
situation has never been more apparent than with the swift rise, and<br />
even swifter fall, of the Internet dot-coms. Both old and new economy<br />
companies rushed in<strong>to</strong> the 'sexiest' Internet technologies without any<br />
regard for ROI, revenue or shareholder value. Today, with one eye on<br />
the enormous implementation costs and another eye on the failure of the<br />
dot-coms, many companies have taken a more cautious approach. As<br />
the saying goes: "the more things change, the more they stay the same."<br />
The benefits of EAI are great, but so are the pitfalls, if one does not<br />
approach it in a systematic, cost-effective manner.<br />
4.5. Types of EAI<br />
EAI solutions can take on many forms and exist at many levels. The<br />
appropriate level of EAI can be dependent on many fac<strong>to</strong>rs including<br />
company size, company industry, integration/project complexity and<br />
budget.<br />
There are three types of middleware solutions <strong>to</strong> EAI:<br />
• User Interface <strong>Integration</strong>;<br />
• Data <strong>Integration</strong>;<br />
• Function or Method <strong>Integration</strong>; and<br />
• Business Method <strong>Integration</strong>.<br />
A brief overview of each of these levels of EAI include:<br />
4.5.1. User interface integration (Refacing)<br />
Refacing is the process of replacing the terminal screens of legacy<br />
systems and the graphical interfaces of PCs with one standardized<br />
interface, typically browser-based. Generally, the functionality of terminal<br />
screens applications can be mapped on a one-<strong>to</strong>-one basis with a<br />
browser-based graphical user interface. The new presentation layer is<br />
integrated with the existing business logic of the legacy systems.<br />
Enterprise business portals may also be considered a sophisticated<br />
refacing solution. A business portal consolidates the presentation of<br />
multiple applications in<strong>to</strong> one cus<strong>to</strong>mizable browser-based interface. A
Enterprise Application <strong>Integration</strong> (EAI) 103<br />
portal can provide a unified HTML interface <strong>to</strong> legacy systems, CRM<br />
and ERP applications, messaging services, external Websites, etc. An<br />
example of a popular portal site is my.Yahoo.com, which consolidates<br />
news, weather, sports and e-mail, among other things, in<strong>to</strong> a single<br />
unified Website.<br />
4.5.2. Data integration<br />
Data integration occurs at the database and data source level within an<br />
organization. The integration is achieved by migrating data from one<br />
data source <strong>to</strong> another. Most companies <strong>to</strong>day employ some form of<br />
data integration <strong>to</strong> achieve a primitive, yet necessary EAI model.<br />
There are a bevy of data replication and middleware <strong>to</strong>ols <strong>to</strong> facilitate<br />
data transfer between data sources in both real-time and batch modes.<br />
Some data integration methods include:<br />
• Batch Transfer;<br />
• Data Union; and<br />
• Data Replication.<br />
Data integration is the most prevalent form of EAI in existence<br />
<strong>to</strong>day. Data integration solutions are inexpensive and they often achieve<br />
the desired results. One of the biggest problems with data integration is<br />
that the business logic usually exists only within the primary system,<br />
limiting real-time transactional capabilities.<br />
4.5.3. Function or method integration<br />
Function or method integration involves the direct and rigid application<strong>to</strong>-application<br />
(A2A) integration of cross-platform applications over a<br />
network. It can range from cus<strong>to</strong>m code (COBOL, C++, Java), <strong>to</strong><br />
application programming interfaces (APIs), <strong>to</strong> remote procedure calls<br />
(RPCs), <strong>to</strong> distributed middleware such as TP moni<strong>to</strong>rs, distributed<br />
objects, common object request broker architecture (CORBA), Java<br />
remote method invocation (RMI), message oriented middleware (MOM)<br />
and Web services (see Figure 4.4).
104 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
iai<br />
1 «<br />
i<br />
Raquast<br />
API<br />
Java RMI<br />
CORBA<br />
DCOM<br />
RPC<br />
Web Services<br />
Response<br />
Application A Application B<br />
Figure 4.4. — Function or method integration<br />
Function or method oriented integration is primarily synchronous in<br />
nature, that is, it's based on request/reply interactions between the client<br />
(requesting program) and the server (responding program).<br />
4.5.4. Business process integration<br />
While data integration has proved a popular form of EAI, it can<br />
present problems from a security, data integrity and business process<br />
perspective. A vast majority of data within an organization is accessed<br />
and maintained through business logic. The business logic applies and<br />
enforces the required business rules, processes and security for the<br />
underlying data.<br />
Business process integration (BPI) occurs at the business process or<br />
method level, which may span multiple applications (see Figure 4.5).<br />
BPI is often characterized by the use of advanced middleware, which<br />
standardizes and controls the flow of information through a bus or<br />
hub-and-spoke framework.<br />
Business process integration can range from cus<strong>to</strong>m code (COBOL,<br />
C++, Java) <strong>to</strong> application programming interfaces (APIs) <strong>to</strong> distributed<br />
middleware such as TP moni<strong>to</strong>rs, distributed objects and message<br />
oriented middleware (MOM).
Enterprise Application <strong>Integration</strong> (EAI) 105<br />
Application A Application B<br />
Figure 4.5. — Business process integration<br />
4.6. Types of Enterprise Systems<br />
To understand EAI, one must first understand the types of application<br />
frameworks and architectures which exist with an organization. EAI can<br />
involve legacy systems, ERP packages, CRM systems, SCM systems<br />
and other applications.<br />
4.6.1. Legacy systems<br />
The term 'legacy system' typically refers <strong>to</strong> large mainframe, minicomputer<br />
and UNIX systems that use terminal-based (thin) clients.<br />
These systems are comprised of mission-critical business applications,<br />
databases and file management capabilities, typically contained within<br />
one central operating environment. There are estimates that upwards of<br />
70% of corporate data still reside on legacy systems.<br />
Today it seems that those who profit from EAI have their own<br />
definitions of what a legacy system is. Some have expanded the term<br />
'legacy system' <strong>to</strong> refer <strong>to</strong> any existing application that uses languages,<br />
platforms, or techniques that are older than the current technology.<br />
Contrary <strong>to</strong> popular belief, legacy systems still provide the majority<br />
of the back-office processing capability for most Fortune 500 companies.<br />
These systems can typically support a very large user base and provide<br />
processing power still unmatched by any distributed system. Advances
106 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
in middleware and integration technologies have made legacy systems<br />
accessible <strong>to</strong> <strong>to</strong>day's distributed systems. Consequently, companies are<br />
now leveraging the capabilities of their legacy systems by integrating<br />
them as the backbone of their new <strong>B2B</strong> infrastructure.<br />
4.6.2. Client/server systems<br />
The advent of the graphical user interface and the workstation gave rise<br />
<strong>to</strong> a new architectural model comprised of a 'fat' client and a database<br />
server. These systems were made possible through the proliferation of<br />
workstations running Windows or UNIX and the rise of distributed<br />
database vendors such as Oracle, Sybase and Informix.<br />
For the first time, organizational departments within a company<br />
could implement and maintain their own information systems. These<br />
new 'silo' systems allowed managers <strong>to</strong> exercise more control over<br />
their data.<br />
Beyond the departmental information system, client/server systems<br />
produced many other benefits. The advent of the graphical interface<br />
gave rise <strong>to</strong> powerful business <strong>to</strong>ols, such as spreadsheets and word<br />
processors, creating a much more productive office worker.<br />
These client/server systems also created a technology savvy<br />
generation. Computing technologies and architectures were no longer<br />
confined <strong>to</strong> the IS department in a closely guarded server or mainframe<br />
room at corporate headquarters.<br />
Though distributed client/server systems contributed <strong>to</strong> the EAI 'mess'<br />
found in most companies <strong>to</strong>day, it created a new competitive, innovative<br />
technological environment which has fueled the productivity and<br />
efficiency boom during the past decade.<br />
4.6.3. Enterprise Resource Planning (ERP)<br />
Enterprise resource planning (ERP) arrived on the scene in the early<br />
90s and has become a core element in the enterprise infrastructure. ERP<br />
is a software solution that addresses the needs of an entire enterprise. It<br />
takes a process-level view of an organization and attempts <strong>to</strong> tightly<br />
integrate all its functions.
Enterprise Application <strong>Integration</strong> (EAI) 107<br />
The efficiency, and ultimately, the success of an enterprise <strong>to</strong>day<br />
depends on the immediate flow of information across the complete<br />
supply chain. To this end, ERP promises <strong>to</strong> replace multiple, disparate<br />
silo systems with one enterprise environment. Today's modern ERP<br />
systems enable companies <strong>to</strong> standardize business processes across the<br />
enterprise including sales, accounts receivable, engineering, planning,<br />
inven<strong>to</strong>ry management, accounts payable, quality management,<br />
production, distribution planning and external transportation.<br />
His<strong>to</strong>ry of ERP<br />
ERP initially grew from the needs of the manufacturing industry. The<br />
focus of manufacturing systems in the 1960s was on inven<strong>to</strong>ry control.<br />
Most of the software packages were 'homegrown' and designed <strong>to</strong><br />
handle inven<strong>to</strong>ry based on the traditional inven<strong>to</strong>ry models of the time.<br />
In the 1970s the focus shifted <strong>to</strong> MRP (Material Requirement Planning)<br />
systems that translated the master schedule built for the end items in<strong>to</strong><br />
time-phased net requirements for the sub-assemblies, components and<br />
raw materials planning and procurement.<br />
In the 1980s, with the advent of the just-in-time inven<strong>to</strong>ry model,<br />
MRP evolved <strong>to</strong> MRP-II which extended material planning <strong>to</strong> the<br />
shop floor and distribution management activities. In the early 1990s,<br />
MRP-II was further extended <strong>to</strong> cover areas such as engineering, finance,<br />
human resources and project management — essentially any process<br />
across the enterprise. Hence, the birth of enterprise resource planning.<br />
ERP implementation<br />
The implications <strong>to</strong> existing business processes must be assessed before<br />
implementing an ERP solution. The traditional approach has been <strong>to</strong><br />
conduct a comprehensive business process reengineering (BPR) analysis<br />
prior <strong>to</strong> taking up ERP. The BPR process should identify areas for<br />
process improvement in addition <strong>to</strong> high-level integration and<br />
cus<strong>to</strong>mization requirements.<br />
The leaders in the ERP marketplace include SAP AG (SAP R/3),<br />
PeopleSoft, JD Edwards, Oracle, BaaN Infosystems (BaaN IV), Ramco<br />
Systems (Marshal) and QAD (MFG/PRO). SAP is, by far, the dominant
108 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
leader in the ERP market. According <strong>to</strong> AMR Research, the <strong>to</strong>p<br />
five ERP vendors, SAP America, Oracle Corporation, Peoplesoft, Inc.,<br />
JD Edwards & Company and Baan International, accounted for 64<br />
percent of the <strong>to</strong>tal ERP market revenue in 2000. Oracle, a newcomer<br />
<strong>to</strong> the ERP marketplace, has quickly been making inroads.<br />
Each vendor's product can au<strong>to</strong>mate a wide array of organizational<br />
functions and processes, but they are generally focused on financials/<br />
accounting, manufacturing and human resources. Some modules typically<br />
offered through the most popular ERP products include:<br />
• Production Planning;<br />
• Materials Management;<br />
• Plant Maintenance and Service Management;<br />
• Quality Management;<br />
• Financial Accounting;<br />
• Human Resource Management;<br />
• Business Information Warehouse;<br />
• Treasury;<br />
• Controlling;<br />
• Enterprise Consulting;<br />
• Investment Management; and<br />
• Sales & Distribution.<br />
The decision <strong>to</strong> implement an ERP system should be considered<br />
carefully and planned even more carefully. Often <strong>to</strong>uted in the past as<br />
an 'out-of-the-box' solution, ERP is hardly that. A CD-ROM and some<br />
training classes cannot fix the problems of a dysfunctional organization.<br />
But, when implemented properly, ERP can provide a significant<br />
competitive advantage.<br />
Evolution of ERP II<br />
The role of ERP continues <strong>to</strong> expand, not just across an enterprise, but<br />
across multiple enterprises. This rapid evolution of ERP has led <strong>to</strong> a<br />
new vision appropriately called ERP II. The major difference between<br />
ERP and ERP II involves a practice termed as collaborative <strong>commerce</strong>.<br />
According <strong>to</strong> the Gartner Group, collaborative <strong>commerce</strong> enables business<br />
partners from multiple companies <strong>to</strong> exchange information posted
Enterprise Application <strong>Integration</strong> (EAI) 109<br />
on e-<strong>commerce</strong> exchanges. For example, companies can develop new<br />
products with their suppliers by sharing each other's data across online<br />
marketplaces. <strong>Collaborative</strong> <strong>commerce</strong> also enables organizations <strong>to</strong><br />
find new partners <strong>to</strong> solve one-off design problems.<br />
Unlike old-style ERP, ERP II will cut across all business processes,<br />
such as cus<strong>to</strong>mer relationship management (CRM), as well as traditional<br />
functions including finance and human resource management. ERP II<br />
will also be applicable <strong>to</strong> all industries, not just the finance, manufacturing<br />
and distribution sec<strong>to</strong>rs that were the original focus of ERP.<br />
ERP integration<br />
Before we start discussion about ERP integration, it is of utmost<br />
importance <strong>to</strong> understand clearly what ERP is not. ERP is not the<br />
nirvana of a company's integration needs — it is just another application<br />
that has <strong>to</strong> be integrated through EAI. Secondly, no ERP will provide<br />
all functionalities <strong>to</strong> support every business aspect of a company —<br />
thus there will always be multiple applications apart from ERP. There<br />
will be a need for an adapter or interface <strong>to</strong> communicate between ERP<br />
and other applications.<br />
ERP integration can be done in multiple ways, such as developing<br />
in-house connec<strong>to</strong>r components, using the APIs provided by the ERP<br />
vendors, configuring third party adapters or using XML-based messaging<br />
for extracting and sharing data between ERP and other internal<br />
applications.<br />
SAP, the most popular ERP package, supports integration in the<br />
following ways:<br />
BAPI-API Oriented <strong>Integration</strong> — SAP R/3 system provides a business<br />
framework consisting of business objects (which represent business<br />
objects such as purchase orders, G/L accounts, employees), which are<br />
made available <strong>to</strong> the external applications through BAPI (Business<br />
Application Programming Interfaces). BAPIs are object-oriented views<br />
of R/3 applications and data. BAPIs enable synchronous integration<br />
between the SAP R/3 system and external systems. Figure 4.6 below<br />
depicts multiple ways in which BAPIs can be invoked through other<br />
programs.
110 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Source: SAP, AG<br />
SAP R/3 Server<br />
i<br />
[ B us ineas iO bj«ct|~—f BAP:<br />
A BAP:<br />
r<br />
Business €*bi»st Regwsltery<br />
fi<strong>to</strong>Jeefc-OriMtlei:' Mm®m<br />
Function Module!<br />
(RFC Capable)<br />
Function Modulej<br />
(RFC Capable)<br />
Function Modulej<br />
(RFC Capable)<br />
Fitnttiort ftuJMttr'<br />
• HFC A«*s*<br />
Figure 4.6. — BAPI and RFC enabled integration<br />
RFC-Method Oriented <strong>Integration</strong> — SAP provides support for remote<br />
function calls (RFCs), which enable synchronous communication between<br />
R/3 and non-SAP systems, or even different modules of the same R/3<br />
system. RFCs hide the implementation details of the function modules<br />
from the external applications and manage the communication process,<br />
error handling and parameter transfer.<br />
IDocs-Data Oriented <strong>Integration</strong> — SAP provides a mechanism <strong>to</strong><br />
exchange data <strong>to</strong> and from R/3 systems in file formats through<br />
Intermediate documents (IDocs), which act like containers of that data.<br />
This type of integration is asynchronous in nature and is useful for<br />
transferring large amount of data. IDocs contain a header and segments<br />
of data. SAP has defined templates for all the possible IDocs that<br />
represent business documents of R/3 system like purchase orders.<br />
XML-Message Oriented <strong>Integration</strong> — SAP Business Connec<strong>to</strong>r<br />
enables exchange of R/3 system business documents as XML-based<br />
messages with other SAP and non-SAP systems (see Figure 4.7).<br />
Messages are formatted in XML (based on the industry standards
Enterprise Application <strong>Integration</strong> (EAI) 111<br />
Figure 4.7. — SAP business connec<strong>to</strong>r<br />
like ebXML, RosettaNet) and delivered securely via HTTP <strong>to</strong> other<br />
applications that have subscribed <strong>to</strong> the message. These applications<br />
can be located on the same server, or over the Internet. SAP Business<br />
Connec<strong>to</strong>r also supports BAPIs and Idocs. All the business interfaces<br />
supported by SAP are published as XML schemas in the SAP Interface<br />
Reposi<strong>to</strong>ry.<br />
4.6.4. Cus<strong>to</strong>mer relationship management (CRM)<br />
Cus<strong>to</strong>mer relationship management (CRM) is not a new concept. For<br />
decades, companies have strived <strong>to</strong> be 'cus<strong>to</strong>mer-focused'. What is new<br />
is the technology that enables large, faceless corporations <strong>to</strong> know their<br />
cus<strong>to</strong>mers at a more intimate level. The Gartner Group defines CRM as<br />
a cus<strong>to</strong>mer-focused business strategy designed <strong>to</strong> optimize profitability,<br />
revenue and cus<strong>to</strong>mer satisfaction. CRM is designed <strong>to</strong> understand and<br />
anticipate the needs of the current and potential cus<strong>to</strong>mer base. It is all<br />
about managing the cus<strong>to</strong>mer experience and providing a single integrated<br />
view of the cus<strong>to</strong>mer at all <strong>to</strong>uch-points.
112 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
CRM should focus primarily on process and methodology, not<br />
technology, though technology is quickly becoming the enabler for<br />
methodology.<br />
Some of the traditional business processes which CRM products<br />
facilitate include sales, marketing, call center and helpdesk activities.<br />
The benefits generated from a successful CRM implementation include:<br />
• More effective cus<strong>to</strong>mer acquisition and retention;<br />
• Comprehensive view of all cus<strong>to</strong>mer interactions through all access<br />
channels;<br />
• Optimization of each cus<strong>to</strong>mer interaction for increased business<br />
opportunities;<br />
• Anytime, anywhere access <strong>to</strong> cus<strong>to</strong>mer and enterprise information;<br />
• Effective use of employee resources;<br />
• Increased responsiveness <strong>to</strong> cus<strong>to</strong>mers; and<br />
• Greater operational efficiency across the entire enterprise.<br />
The growth of CRM is still going strong. The Aberdeen Group<br />
estimates that the CRM market generated $7.8 billion in revenue from<br />
software packages, software-vendor licenses, integration services and<br />
peripheral and hardware sales for 1999, with CRM software sales<br />
making up $3.8 billion of that <strong>to</strong>tal. It is estimated that this market will<br />
grow <strong>to</strong> $9.4 billion by 2002, with CRM sales software and cus<strong>to</strong>merservice<br />
software growing the fastest. Another study released by IDC<br />
estimates that the cus<strong>to</strong>mer relationship management services market<br />
will rise <strong>to</strong> $148.0 billion in 2005 from 61.0 billion in 2001, representing<br />
a compound annual growth rate (CAGR) of 25.0 percent and "far<br />
exceeding" the overall IT services market.<br />
At the same time, Meta Group estimates that between 55% and 75%<br />
of CRM implementations will fail <strong>to</strong> meet their objectives. Like ERP,<br />
CRM impacts an organization at many levels. If not planned for and<br />
executed properly, a CRM implementation can have catastrophic<br />
consequences on a company's bot<strong>to</strong>m-line.<br />
CRM and data warehouses<br />
An integral component of CRM is a data warehouse which allows<br />
companies <strong>to</strong> gather and use an ever-growing data reposi<strong>to</strong>ry about
Buyers<br />
Enterprise Application <strong>Integration</strong> (EAI) 113<br />
<strong>to</strong> L m 1 _<br />
Figure 4.8. — Data warehouse works in conjunction with CRM application<br />
product use and marketplace trends (see Figure 4.8). Data analysis and<br />
business intelligence <strong>to</strong>ols are applied against the data warehouse <strong>to</strong><br />
identify cus<strong>to</strong>mer trends and needs. Data warehouses used in conjunction<br />
with business intelligence <strong>to</strong>ols allow CRM products <strong>to</strong>:<br />
• Measure the effectiveness of sales and marketing activities and return<br />
on investment of the system;<br />
• Assess sales strategy based on information such as discount sales<br />
analysis and pipeline status;<br />
• Evaluate cus<strong>to</strong>mer service performance; and<br />
• Analyze profitability by cus<strong>to</strong>mer or channel.<br />
4.6.5. eCRM<br />
Person<br />
-* Mail hr-<br />
Phone<br />
Web l*-><br />
Fax<br />
-* WAP I*<br />
Internal<br />
Application*<br />
uaia<br />
Warehouse<br />
Internal<br />
Data Sources<br />
Person<br />
-* Mat!<br />
Phone<br />
The rise of e-business has also given rise <strong>to</strong> electronic CRM (eCRM).<br />
eCRM provides companies with a means <strong>to</strong> conduct interactive,<br />
personalized and relevant communications with cus<strong>to</strong>mers across both<br />
traditional channels and the Internet. eCRM includes eMarketing, eSales,<br />
eCare, eWarehousing and eProfiling (see Figure 4.9). According <strong>to</strong> the<br />
META Group, the eCRM software market is expected <strong>to</strong> grow 42% this<br />
year, reaching $10 billion by 2002.<br />
Web<br />
Fax<br />
~* WAP H-<br />
•a<br />
Suppliers<br />
Tfft
114 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
eSales<br />
^Marketing<br />
Figure 4.9. — The circle of eCRM<br />
eWarehousing<br />
eProfiling<br />
The role of eCRM is an ever-expanding one, but is generally<br />
characterized as follows:<br />
• eCRM extends CRM by providing anytime, anywhere, real time<br />
access <strong>to</strong> cus<strong>to</strong>mer information via the Internet/Web and mobile<br />
devices. Most CRM vendors can now deliver information using open<br />
communication standards such as HTML, WAP and XML for<br />
delivering information <strong>to</strong> browsers or mobile devices. eCRM products<br />
can also provide an out-of-the-box portal solution <strong>to</strong> users, which<br />
creates a single browser-based entry point in<strong>to</strong> the CRM system.<br />
• eCRM integrates traditional CRM with legacy, back-office and other<br />
e-business applications, including ERP and SCM. CRM vendors (as<br />
well as ERP vendors) are working hard not only <strong>to</strong> integrate their<br />
products with new e-business frameworks, but also <strong>to</strong> expand their<br />
own offerings and product lines <strong>to</strong> deliver the complete e-solution.<br />
• CRM can capture a Web-surfer's digital trail <strong>to</strong> understand that<br />
user's buying patterns. Through eCRM, a cus<strong>to</strong>mer's patterns are<br />
captured <strong>to</strong> provide a personalized experience during future visits.<br />
Personalization enables an e-business <strong>to</strong> offer products uniquely<br />
relevant <strong>to</strong> the individual visi<strong>to</strong>r, creating a Web experience tailored<br />
<strong>to</strong> individual's tastes.
Enterprise Application <strong>Integration</strong> (EAI) 115<br />
The leaders in the CRM software market include Siebel Systems,<br />
Vantive, PeopleSoft and Clarify. The lines between CRM and ERP are<br />
quickly becoming blurred as vendors from traditional ERP and CRM<br />
markets cross over <strong>to</strong> each other's markets in an effort <strong>to</strong> create the<br />
complete, enterprise e-business solution.<br />
4.6.6. CRM and EAI<br />
The CRM system is based on integration hub-and-spoke architecture,<br />
rather than a point-<strong>to</strong>-point based architecture. The integration hub is<br />
the source of all business data. But, how does the integration hub get its<br />
data? The answer is through EAI, which retrieves, transforms and feeds<br />
the CRM system with the data from multiple applications like SCM,<br />
ERP and legacy systems.<br />
4.6.7. Supply Chain Management (SCM)<br />
SCM system integrates forecasting, planning and execution, thereby<br />
providing complete visibility across the supply chain.<br />
We have discussed the characteristics and features of SCM systems<br />
at great length in the chapter on supply chain management.<br />
4.7. Leading EAI Solutions<br />
Although there are several companies that provide EAI solutions, in this<br />
section we will discuss only the prominent ones.<br />
4.7.1. BEA eLink<br />
The BEA eLink is a suite of enterprise application integration (EAI)<br />
products that includes BEA Data <strong>Integration</strong> Option — for data<br />
normalization, transformation and routing, BEA Business Process<br />
Option — for process au<strong>to</strong>mation and BEA eLink Adapters for<br />
enterprise applications, mainframes and other environments — for<br />
application connectivity.
116 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Business Model<br />
Data Model<br />
Databases<br />
MVS acs / IMS<br />
SNA, TCP/IP<br />
Business Process<br />
Option<br />
Information<br />
Integra<strong>to</strong>r<br />
BEA eLink Foundation<br />
ERP<br />
SAP, PeopleSoft,<br />
Qrade, etc.<br />
Legacy,<br />
Cus<strong>to</strong>m<br />
*<br />
CRM<br />
Clarify, Siebel,<br />
etc.<br />
»f •<br />
Billing<br />
Kenan, Portal,<br />
etc.<br />
Figure 4.10. — BEA eLink enabling EAI<br />
Electronic<br />
Services<br />
According <strong>to</strong> the BEA eLink product data sheet, as of this writing,<br />
the following adapters are made available by BEA (see Figure 4.10):<br />
• Cus<strong>to</strong>mer resource management (CRM) applications: Vantive, Siebel,<br />
Clarify;<br />
• Enterprise resource planning (ERP) applications: SAP R/3, PeopleSoft,<br />
Oracle;<br />
• Mainframe applications: CICS, IMS, any SNA peer; Unisys OS<br />
2200, Unisys MCP/AS, or any system that supports Open Group<br />
XATMI over OSI TP;<br />
• Billing applications: Portal, Kenan;<br />
• Internet and integration adapters: BEA eLink Adapter for Broadvision,<br />
BEA eLink Adapter for XML and BEA eLink Adapter for MQSeries;<br />
and<br />
• <strong>Integration</strong> with databases: Oracle, Informix, Sybase, etc.<br />
4.7.2. TIBCO ActiveEnterprise<br />
The TIBCO ActiveEnterprise consists of several products that enable<br />
EAI. These products are (see Figure 4.11):
Enterprise Application <strong>Integration</strong> (EAI) 117<br />
TIB/In Con cert<br />
TIB/<strong>Integration</strong> Manager<br />
TIB/Message<br />
Broker<br />
f, ,,;••<br />
Figure 4.11. — TIBCO's ActiveEnterprise platform<br />
TIB/InConcert — au<strong>to</strong>mates the workflow of cus<strong>to</strong>mer-oriented<br />
processes.<br />
TIB/<strong>Integration</strong>Manager — defines and manages au<strong>to</strong>mated business<br />
processes that span multiple applications and transactions.<br />
TIB/MessageBroker — performs au<strong>to</strong>mated message transformation and<br />
business object mapping.<br />
TIB/Adapters — integrates off-the-shelf applications and databases.<br />
Each adapter integrates with one or multiple interfaces provided by the<br />
legacy, CRM, ERP and other applications.<br />
Adapters simplify the whole process of adding a new application in an<br />
enterprise, as long as it implements the ActiveEnterprise data model.<br />
The new application will be integrated seamlessly with every other<br />
application, database and network that is a part of the ActiveEnterprise<br />
platform. This specifies a very important point — through the use of<br />
adapters, applications just have <strong>to</strong> publish the data <strong>to</strong> the network.<br />
Other complex actions such as message transformation and business<br />
process au<strong>to</strong>mation are completely hidden from the individual applications.<br />
According <strong>to</strong> the data sheet provided by TIBCO, TIB/Adapters are<br />
available for many applications and platforms including SAP R/3, Siebel,<br />
Peoplesoft, Vantive, Clarify, Lotus Notes, Portal Infranet, Kenan and<br />
others. TIB/Adapters for Network Technologies are available for COM,
118 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
CORBA, MSMQ and MQSeries. TIB/Adapters for RDBMS are available<br />
for Oracle, MS SQL and Sybase.<br />
TIB/Rendezvous — forms the foundation of ActiveEnterprise by<br />
providing a very advanced and flexible messaging system.<br />
TIB/Hawk — provides comprehensive system moni<strong>to</strong>ring and<br />
management capabilities.<br />
4.7.3. IBM — WebSphere MQ integra<strong>to</strong>r<br />
WebSphere MQ Integra<strong>to</strong>r enables EAI through a combination of business<br />
rules and message formatting. It contains MQSeries — for messaging<br />
and queuing, NEONrules — for evaluation of the content of messages<br />
and routing them based on the application rules, NEONformatter — for<br />
transforming the data in appropriate format as required by the receiving<br />
application and NEON Adapters — an adapter for each application that<br />
handles the communications with the application and passes metadata<br />
<strong>to</strong> the NEONformatter.<br />
NEON Adapters connect WebSphere MQ with applications such as<br />
SAP R/3, Peoplesoft, Oracle, JDEdwards, Siebel, Broadvision and i2 and<br />
support industry standards such as EDI/XML, SWIFT message format<br />
and FIX message format library.<br />
GARTMORE ENTERS A NEW GENERATION OF<br />
TRADE PROCESSING<br />
Straight Through <strong>to</strong> the Benefits<br />
For over thirty years, Gartmore Investment Management Pic — one<br />
of the UK's leading investment management companies — has been<br />
managing money for corporate, institutional and private inves<strong>to</strong>rs.<br />
Since 30th September 2000, it has managed funds worth more than<br />
54 billion Pounds Sterling, covering the world's major equity, bond<br />
and currency markets.<br />
To maintain its investment management leadership, Gartmore has<br />
embarked on a strategy <strong>to</strong> exploit the latest straight-through processing<br />
Continue on page 119
Enterprise Application <strong>Integration</strong> (EAI) 119<br />
Continued from page 118<br />
techniques. By implementing a resilient EAI solution, Gartmore has<br />
been able <strong>to</strong> au<strong>to</strong>mate, streamline and accelerate the exchange of<br />
transaction information between the internal applications used in<br />
generating and executing trades.<br />
A 'Landmark' Achievement<br />
With a distributed technology environment — spanning Sun Solaris,<br />
OS/400 and NT operating platforms, as well as Sybase, Oracle and<br />
SQL Server databases — Gartmore needed a strategic EAI solution<br />
capable of delivering accurate and reliable file sharing across all<br />
platforms.<br />
For this reason, it chose <strong>to</strong> implement a backbone infrastructure,<br />
comprising IBM MQSeries message oriented middleware combined<br />
with enableNet Data Integra<strong>to</strong>r software from IBM Business Partner<br />
CommerceQuest.<br />
Gartmore implemented this solution initially <strong>to</strong> support, the<br />
installation of a new financial order management and execution<br />
package called Landmark. This system replaced the existing order<br />
process, which involved handwritten deal tickets passed <strong>to</strong> input<br />
clerks by dealers <strong>to</strong> be loaded on Paladign — Gartmore's existing<br />
AS/400-based back-office investment accounting system. To fully<br />
exploit the benefits of Landmark, Gartmore realized that it needed <strong>to</strong><br />
integrate it seamlessly with Paladign.<br />
Having experimented with FTP and other file transfer mechanisms,<br />
Gartmore concluded that it needed a far more resilient and reliable<br />
solution for exchanging data between Landmark and Paladign.<br />
MQSeries proved <strong>to</strong> be the answer. It is universally accepted as a<br />
rehable and stable messaging product and its cross-platform capabilities<br />
and guaranteed delivery mechanisms were precisely the attributes<br />
Gartmore required <strong>to</strong> realize its STP vision.<br />
Gartmore then chose enableNet Data Integra<strong>to</strong>r as a complementary<br />
EAI solution and discovered that the two products played <strong>to</strong> each<br />
other's strengths perfectly. That's because enableNet Data Integra<strong>to</strong>r<br />
has been specially developed <strong>to</strong> employ MQSeries' message queuing<br />
technology as its underlying communication infrastructure. Through<br />
Continue on page 120
120 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 119<br />
the use of asynchronous communication, s<strong>to</strong>rage queues and other<br />
coordination devices, MQSeries effectively maximizes reliability of<br />
data delivery, even in a connectionless state and during network<br />
failures and outages. What enableNet Data Integra<strong>to</strong>r adds is an<br />
additional layer of data integration, coordination, reliability and<br />
integrity, providing an EAI infrastructure that is unmatched for its<br />
fail-safe reliability and security. enableNet Data Integra<strong>to</strong>r is enabling<br />
Gartmore <strong>to</strong> achieve comprehensive audit control, tracking every<br />
single file across the network.<br />
The new EAI solution also takes the pain out of overnight batch<br />
processing. No matter what happens with the network, enableNet<br />
Data Integra<strong>to</strong>r simply continues from where it left off. Besides<br />
assuring the integrity of data, the business isn't impacted by<br />
unnecessary delays and dealer screens are updated quickly and<br />
efficiently.<br />
Higher Trade Volumes — Faster and More Accurate<br />
In terms of business benefits, Gartmore is delighted with the results<br />
of its new order generation and execution management process. They<br />
handle around 35% more trades in a very efficient and timely fashion<br />
with the new system. Information is captured more accurately at the<br />
point of generation and processed smoothly and rapidly.<br />
Valuable administration resources are no longer required for<br />
re-keying data and the burdens on back-office staff have also been<br />
reduced.<br />
Since implementation, Gartmore has employed its EAI hub <strong>to</strong><br />
integrate a new Sun Solaris-based SmartStream reconciliation package<br />
with the AS/400 accounting system. And, in the future <strong>to</strong>o, with<br />
MQSeries at the heart of the hub, Gartmore knows that it can achieve<br />
rapid deployment of new applications, without having <strong>to</strong> worry about<br />
complex integration issues.<br />
Source: Condensed from Mimesweeper's case study on Gartmore Mimesweeper.com
4.8. Convergence of EAI and <strong>B2B</strong>i<br />
Enterprise Application <strong>Integration</strong> (EAI) 121<br />
The lines between <strong>B2B</strong>i and EAI are quickly becoming blurred.<br />
Traditional EAI middleware has been characterized by the integration<br />
of back-office applications and front-office activities. But many of the<br />
traditional EAI services are also a necessity in many of <strong>to</strong>day's <strong>B2B</strong>i<br />
models; and EAI middleware vendors have been quick <strong>to</strong> capitalize on<br />
this fact. The entire EAI, <strong>B2B</strong>i and enterprise software marketplace is<br />
converging, merging and morphing at a rapid pace.<br />
This convergence is most apparent in the latest generation of<br />
middleware products where <strong>B2B</strong>i and EAI software share many common<br />
features, including:<br />
• Data transformation;<br />
• Use of application-specific adapters and APIs;<br />
• Messaging;<br />
• Intelligent routing; and<br />
• Workflow/process management.<br />
E-business software vendors such as IBM and BEA are combining<br />
EAI and <strong>B2B</strong>i services under one product. These vendors are taking the<br />
EAI integration process <strong>to</strong> the next logical step by 'wrapping' and<br />
publishing traditional EAI method-level components as Web services<br />
via XML/SOAP and UDDI. As an example, IBM's WebSphere not only<br />
provides all the method-level and transactional integration of a distributed<br />
object application server (via EJB), but will also be able <strong>to</strong> 'wrap' the<br />
Java Beans in a SOAP-compliant XML interface and publish the services<br />
using UDDI <strong>to</strong> facilitate <strong>B2B</strong> communication.<br />
Traditional ERP, SCM and CRM vendors are now developing software<br />
solutions across the entire spectrum of the enterprise. The traditional<br />
'silo' vendors, those who concentrate on one type of solution, will<br />
either expand their offerings, merge with other vendors, or just disappear<br />
from the enterprise software business al<strong>to</strong>gether. The new breeds of<br />
enterprise solutions are 'Internet-ready' with out-of-the-box Web/browser<br />
and mobile capabilities. In addition, the software will support <strong>B2B</strong><br />
pro<strong>to</strong>cols providing seamless integration and allowing rapid deployment<br />
in<strong>to</strong> <strong>B2B</strong> marketplaces.
122 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
The bot<strong>to</strong>m line is that the marketplace is converging and merging at<br />
a rapid pace as software vendors look <strong>to</strong> provide a complete e-business<br />
solution. Literally, there are thousands of niche e-business, <strong>B2B</strong>, EAI,<br />
or enterprise software firms, each one providing a value-added service.<br />
Some of these firms will emerge as winners and survive in their own<br />
right. Others will be gobbled up by the 'big-boys' such as Microsoft<br />
and IBM, as these companies continue <strong>to</strong> flex their muscles by leveraging<br />
their current market penetration and domination. The remainder will<br />
probably atrophy and disappear.<br />
SCIQUEST GOES THROUGH EAI BEFORE<br />
IMPLEMENTING <strong>B2B</strong>i<br />
SciQuest, a scientific products e-marketplace, maintains more than<br />
1.2 million products from more than 700 suppliers in its virtual<br />
catalog. When a cus<strong>to</strong>mer places an order, SciQuest has <strong>to</strong> pass that<br />
information along <strong>to</strong> anywhere from two <strong>to</strong> thousands of different<br />
suppliers. SciQuest also has <strong>to</strong> link electronically <strong>to</strong> other partners,<br />
such as shippers FedEx and UPS. To have a truly au<strong>to</strong>mated order<br />
management process, they have <strong>to</strong> support a diverse range of systems<br />
of their suppliers, who have infrastructure as basic as e-mail and a<br />
Web browser <strong>to</strong> fairly sophisticated ERP and high-end EDI systems.<br />
SciQuest had <strong>to</strong> get its internal act <strong>to</strong>gether before its systems<br />
could effectively communicate with the outside world. As a part of<br />
EAI, the company had <strong>to</strong> link its Siebel CRM system and Solomon<br />
financial software <strong>to</strong> the DB2 database where up-<strong>to</strong>-date information<br />
about all suppliers' products is s<strong>to</strong>red. That back-office infrastructure<br />
was then <strong>to</strong> be linked <strong>to</strong> the IBM Net.<strong>commerce</strong> Web catalog that<br />
lets its cus<strong>to</strong>mers shop and buy from SciQuest online.<br />
Source: Condensed from EAI goes <strong>B2B</strong>, InternetWeek<br />
4.9. Divergence of EAI and <strong>B2B</strong>i<br />
As <strong>B2B</strong> pro<strong>to</strong>cols and specifications mature, a schism will eventually<br />
develop between the roles of EAI and <strong>B2B</strong>i. EAI models are typically
Enterprise Application <strong>Integration</strong> (EAI) 123<br />
centralized within an organization, which tends <strong>to</strong> be a more efficient<br />
framework for integration. Conversely, <strong>B2B</strong>i models have <strong>to</strong> support<br />
joint development activities and technology level agreements among<br />
independent organizations, a much more challenging task.<br />
In many <strong>B2B</strong> marketplaces <strong>to</strong>day, companies are relying on proprietary<br />
EAI middleware <strong>to</strong> facilitate <strong>B2B</strong> communication. Many of these<br />
middleware solutions are mature, stable and battle-tested, providing an<br />
adequate framework for transacting over the Internet. This stability<br />
usually comes at the expense of accessibility, openness and scalability.<br />
Currently, <strong>B2B</strong>i implementation is subjected <strong>to</strong> frequent changes as<br />
the industry standards change or the business processes of trading<br />
partners change. The eventual acceptance of evolving <strong>B2B</strong> pro<strong>to</strong>cols<br />
and standards such as SOAP/XML, UDDI, XMLT will promise <strong>to</strong><br />
provide companies with a common, standardized framework for<br />
conducting <strong>B2B</strong> transactions, eliminating the need for proprietary<br />
software or constant rework. Once these standards become widely<br />
accepted in the marketplace, EAI will be relegated <strong>to</strong> middleware<br />
solutions such as messaging and distributed objects while <strong>B2B</strong>i will be<br />
reduced <strong>to</strong> pro<strong>to</strong>col-based communication, much like TCP/IP or HTTP<br />
is <strong>to</strong>day.<br />
The other major area of divergence is security. With EAI, companies<br />
do not have <strong>to</strong> worry about encryption, firewall implementations, crossorganization<br />
distributed applications, or partner management, all of<br />
which pose difficult challenges in <strong>B2B</strong>i. In addition, <strong>B2B</strong>i implementation<br />
is inherently more complex from a global perspective, as it has <strong>to</strong> deal<br />
with different international laws regarding the use and export of<br />
cryp<strong>to</strong>graphic technology.<br />
4.10. Conclusion<br />
<strong>Integration</strong> of enterprise applications is a key element of <strong>B2B</strong>i strategy.<br />
EAI can truly make a company's <strong>B2B</strong>i implementation a success or a<br />
failure. By integrating and streamlining business processes and the<br />
applications supporting them, EAI empowers enterprises <strong>to</strong> achieve<br />
higher operational efficiency, increased revenues and better cus<strong>to</strong>mer<br />
service.
124 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
EAI is not just simple connectivity <strong>to</strong> databases and transaction<br />
managers, but the overall integration of legacy, ERP, CRM and SCM<br />
systems.<br />
EAI is indeed a very challenging goal as it aims <strong>to</strong> integrate multiple<br />
systems, platforms, business processes, people and data. An EAI strategy<br />
should be driven by business goals, leverage current infrastructure<br />
within an enterprise and use the right set of integration solutions,<br />
architecture and methodology.
Chapter 5<br />
Business Process Management<br />
(BPM)<br />
The focus of this chapter<br />
Business process management (BPM) enables enterprises <strong>to</strong> au<strong>to</strong>mate<br />
and integrate the disparate internal and external corporate business<br />
processes. It does so by supporting dynamic process <strong>to</strong>pologies that<br />
allow the boundary between processes and participants <strong>to</strong> be determined<br />
either statically or dynamically on a real-time basis.<br />
In this chapter, we will present the fundamentals of BPM, especially<br />
as they relate <strong>to</strong> <strong>B2B</strong>L You will learn about business processes, process<br />
modeling, workflows and features of BPM systems — along with a<br />
discussion of leading commercially available BPM systems, business<br />
process markup language and standard business processes.<br />
125
126 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
5.1. Existence of 'Organization Silos'<br />
In <strong>to</strong>day's typical small, medium or large sized company, only certain<br />
parts of the business processes that form the backbone of any company's<br />
business are au<strong>to</strong>mated. With little integration among different departments<br />
and systems supporting various business process activities, several<br />
isolated islands of information, known as organization silos, exist within<br />
a company.<br />
Much human intervention is required <strong>to</strong> complete these processes,<br />
causing increased response time and slower cycle time. Furthermore,<br />
several of the currently au<strong>to</strong>mated business processes are fragmented in<br />
nature, with applications and data underlying them owned by different<br />
organizational units.<br />
The primary goal of dynamic real-time <strong>B2B</strong>i cannot be achieved if<br />
the underlying business processes are not au<strong>to</strong>mated and integrated <strong>to</strong><br />
work at Internet speed with complete accuracy, flexibility and adaptability.<br />
A successful implementation of <strong>B2B</strong>i requires a business process management<br />
(BPM) strategy that leads <strong>to</strong> sound end-<strong>to</strong>-end, cross-application<br />
and cross-organization business process integration.<br />
BPM enables collaboration among trading partners in a secured,<br />
scalable and reliable manner. It does so by supporting dynamic process<br />
<strong>to</strong>pologies that allow the boundary between processes and participants<br />
<strong>to</strong> be determined either statically or dynamically on a real-time basis.<br />
5.2. Fundamentals of BPM<br />
This section describes the fundamentals of business process management,<br />
as they relate <strong>to</strong> <strong>B2B</strong>i.<br />
5.2.1. Business processes<br />
A business process is a logical collection of tasks or activities involving<br />
internal and external systems and human decision-makers which needs<br />
<strong>to</strong> be achieved as part of an overall outcome for both an organization<br />
and, more importantly, for its cus<strong>to</strong>mers. A business process can also be<br />
defined as one of the various processes needed within an organization<br />
<strong>to</strong> deliver service <strong>to</strong> its cus<strong>to</strong>mers.
Business Process Management (BPM) 127<br />
There are start and exit rules associated with business processes that<br />
determine the control and data flow among the individual tasks. Each<br />
task is assigned <strong>to</strong> a user, an application, or any other system, based on<br />
the rules and consists of one or more transactions (see Figure 5.1). Each<br />
transaction is characterized by exchange of messages among the<br />
applications (both internal and external) involved. The messages consist<br />
of business documents, such as a purchase order and a request for quote<br />
along with the sender and receiver information, transport pro<strong>to</strong>col and<br />
transaction control mechanisms associated with them.<br />
Business Process<br />
T»*k 1<br />
Talk 2<br />
Tj»«k3<br />
4-<br />
Closed Ous m<br />
Process<br />
Company A<br />
Figure 5.1. — A typical business process<br />
r~K<br />
i ill • i<br />
Figure 5.2.<br />
Closed business process<br />
.1..'<br />
Closed Business<br />
Process<br />
Company B<br />
l
128 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Fundamentally, there are two types of business processes: internal<br />
(private or closed) (see Figure 5.2) and external (public or open) (see<br />
Figure 5.3). Internal processes control the information flow by coordinating<br />
interactions with business application systems within an<br />
organization, while external processes control interactions among<br />
independent trading partners.<br />
Business process lifecycle<br />
Generally, business processes of an organization have a continuous life<br />
cycle, going through phases and changes similar <strong>to</strong> the organization itself<br />
over time. The life cycle of a business process depends on its scope,<br />
which may be from process improvement <strong>to</strong> a new process design.<br />
Company A Company B Figure 5.3. — Open business process<br />
Goal<br />
Definition<br />
Business<br />
Process<br />
Ufecycle<br />
Figure 5.4. — Business process life cycle
Business Process Management (BPM) 129<br />
A business process life cycle typically starts with a goal definition<br />
relating <strong>to</strong> the process and its integration potential (see Figure 5.4). The<br />
goal definition involves the scope, and in the longer term, the final<br />
objective of the process. The goal leads <strong>to</strong> a process modeling exercise<br />
using a graphical modeling <strong>to</strong>ol <strong>to</strong> map the process. This leads <strong>to</strong> the<br />
stage of process execution. In process execution, the process map is<br />
tried with source and target systems <strong>to</strong> see the interactions and workflow<br />
of the process. The working of the process leads <strong>to</strong> the moni<strong>to</strong>ring and<br />
control of the process in action which ultimately leads <strong>to</strong> the goals<br />
being redefined and/or the process being fine-tuned or modified <strong>to</strong> suit<br />
the requirements.<br />
Characteristics of a good business process<br />
In very simple terms, a good business process achieves the desired<br />
goals in an efficient and effective manner with as little latency as<br />
possible. In terms of <strong>B2B</strong>i, the possible goals leading <strong>to</strong> better business<br />
performance and practice include:<br />
• Increased cus<strong>to</strong>mer focus;<br />
• Improved planning;<br />
• Increased process improvement;<br />
• Better supplier relationships;<br />
• Increased people improvement;<br />
• Better information use; and<br />
• Better leadership.<br />
One of the key characteristics of a good business process is continuous<br />
improvement in the final objective of seamless <strong>B2B</strong> integration and zero<br />
latency <strong>to</strong> promote efficient practices. All the economic and performance<br />
indica<strong>to</strong>rs point <strong>to</strong> the benefits of going down the path of continuous<br />
improvement. Continuous improvement implies changing the performance<br />
of an organization <strong>to</strong> achieve, sustain and eventually reach the best<br />
practices in business processes as they relate <strong>to</strong> <strong>B2B</strong>i. Here, best practice<br />
is the term used for management and operational practices that are more<br />
effective and efficient when compared <strong>to</strong> equivalent practices in other<br />
organizations.
130 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
A good business process is designed around three types of activities<br />
required for continuous improvement:<br />
1. Advanced concepts — Big-step improvements encompassing strategic<br />
initiatives, major projects and key business process innovations.<br />
2. Incremental improvement — Small-step improvements undertaken<br />
continuously by cross-functional or natural work teams as part of<br />
their normal day-<strong>to</strong>-day activities and job functions.<br />
3. Quality assurance — Establishes a sustainable base and standardizes<br />
process improvement, by rewriting procedures and conducting training<br />
in the new way of operation, so that any improvements that are<br />
made <strong>to</strong> the system are not lost over time but remain as standard<br />
operating practice.<br />
5.2.2. Participants<br />
The participants in a business process include applications, humans,<br />
trading partners, other processes and systems, which can be either static<br />
(these are known during the modeling of a business process) or dynamic<br />
(these are determined at the run-time of a business process). Emarketplaces<br />
offer a perfect example in which business processes have<br />
<strong>to</strong> deal with dynamic partners, as the buying or selling party is usually<br />
not known beforehand. The participants are the resources for a process.<br />
5.2.3. Activities<br />
Activities are units of work that are performed within a process. Active<br />
or passive resources are required <strong>to</strong> perform these activities. The same<br />
activity may be enacted in different processes and on different objects.<br />
Thus, activities should be designed in a reusable fashion.<br />
5.2.4. Business transactions<br />
A business transaction consists of exchange of messages resulting in a<br />
consistent change in the state of the business. Business processes can be<br />
composed of one or several business transactions. <strong>B2B</strong> transactions involve<br />
multiple enterprises and resources (such as databases, transactional
Business Process Management (BPM) 131<br />
< S everal Reads> < Up dates Recorded* < Updates Appl i ed><br />
\+- ±U wl4—— ——J ><br />
Tx Tx E nd Tx Tx<br />
Begin Abort Outside Transaction Begin Commit<br />
Figure 5.5. — A short-lasting <strong>B2B</strong> transaction<br />
<br />
U t.1 »<br />
Tx Begin In Transaction Tx Commit<br />
Figure 5.6. — A long-lasting <strong>B2B</strong> transaction<br />
objects and queues for persistent messages) that are managed and<br />
operated independently by each enterprise. Successful outcome of a<br />
transaction is dependent on the coordination of workflows, which drive<br />
business transactions, across multiple organizations.<br />
<strong>B2B</strong> transactions can be completed within a few seconds (see<br />
Figure 5.5) or can last over days (see Figure 5.6). Transactions that are<br />
long-lasting pose a unique challenge <strong>to</strong> the design and run-time execution<br />
of <strong>B2B</strong> applications. Consider an example where the buyer has placed<br />
an order with a supplier for shipment of some goods. This transaction<br />
will not be completed until the buyer actually receives the final delivery<br />
of the goods.<br />
A coordinated, flat transaction model requires maintaining full<br />
a<strong>to</strong>micity, consistency, isolation, durability and integrity of a transaction.<br />
It requires a two-phase-commit pro<strong>to</strong>col in order <strong>to</strong> enable distributed<br />
transaction coordination and provides an all-or-nothing guarantee by<br />
assuring that all participants of the transaction agree <strong>to</strong> either complete<br />
the transaction or abort it. There is usually only a single layer of control<br />
required by the flat transaction model.<br />
But this approach does not always fit long-lasting <strong>B2B</strong> transactions.<br />
In such cases it is not practical <strong>to</strong> achieve isolation, as it requires<br />
enterprises <strong>to</strong> lock their databases while waiting for others <strong>to</strong> finish<br />
their part of the transaction. The extended transaction model, also
132 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
known as open nested transaction model, fits well in such scenarios as<br />
it allows the main transaction <strong>to</strong> be broken in<strong>to</strong> independent and logical<br />
sub-transactions. The outcome of the sub-transactions is tied <strong>to</strong> the<br />
main transaction. If the main 'transaction aborts' all sub-transactions<br />
must abort. This model does not impose the isolation requirement, but<br />
maintains the all-or-nothing nature of transactions by using the processlevel<br />
forward and backward recovery approach.<br />
5.2.5. What is BPM?<br />
Although there are several interpretations and definitions of BPM,<br />
we will try <strong>to</strong> understand BPM as it relates <strong>to</strong> <strong>B2B</strong>i. Business process<br />
management involves management of several components, including time,<br />
cost, quality, scope, human resources, communications, procurement, risk<br />
and integration. BPM is designed <strong>to</strong> streamline the internal and external<br />
business processes of a company through a combination of several<br />
techniques, such as designing workflows, process rules and application<br />
components. BPM is a required element <strong>to</strong> direct data flow among the<br />
mass of packaged applications, legacy systems, services and partners.<br />
It aims <strong>to</strong> au<strong>to</strong>mate business processes from start <strong>to</strong> finish, thereby<br />
eliminating the need for unnecessary manual intervention and removing<br />
all points of friction within the company and with its trading partners. It<br />
also enables the formulation of consistent business policies across the<br />
organization, which leads <strong>to</strong> consistent execution of business processes<br />
across all channels and applications.<br />
BPM's focus on explicit process management allows processes <strong>to</strong> be<br />
executed, moni<strong>to</strong>red, controlled and modified with greater ease than in<br />
the past. Through BPM, companies can track and moni<strong>to</strong>r the actual<br />
state of a business process at any time.<br />
It is worth mentioning that BPM is not intended <strong>to</strong> remove manpower<br />
al<strong>to</strong>gether from supporting and running businesses. The goal of BPM<br />
is <strong>to</strong> let the personnel focus on what they are good at — thinking,<br />
rationalizing and making decisions by getting involved in exception<br />
management and process optimization. In fact, providing adequate support<br />
for human interaction is a vital feature of any BPM system.<br />
BPM, EAI and <strong>B2B</strong>i go hand-in-hand (see Figure 5.7) as the elements<br />
or resources included in a workflow definition should be interoperable
Business Process Management (BPM) 133<br />
Base of <strong>Integration</strong><br />
Platform<br />
Figure 5.7. — BPM, <strong>B2B</strong>i and EAI enable collaborative <strong>commerce</strong><br />
Start L* Task A I<br />
Task B w»& Decision^<br />
I<br />
m£>m>m>ai!stiBmmii& "fas k C I<br />
J<br />
W<br />
[ End J Figure 5.8. — An example of a workflow<br />
and provide the workflow engine the capability <strong>to</strong> invoke, execute or<br />
launch them.<br />
BPM gets very complicated for <strong>B2B</strong> applications, as the business<br />
processes not only span across multiple applications but also across<br />
multiple companies. This distributed nature of processes requires stable<br />
applications supporting them at each link.<br />
5.2.6. Workflow<br />
Workflow is defined as the process of au<strong>to</strong>mation of business process.<br />
A workflow can be represented as an ordered flowchart that is composed<br />
of one or many activities (that represent a logical unit of work) (see<br />
Figure 5.8). It is a way for organizing, formatting and representing a
134 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
business process so that it can be used by a BPM system. It defines the<br />
why (the goal of a business process), what (the activities/tasks that it<br />
involves, along with their input and output), who (who performs the<br />
activities and where the results go), where (the location — application,<br />
system, user — of the activities) and when (the order and timing of the<br />
activities) parameters of a business process.<br />
The BPM system included in a complete <strong>B2B</strong> integration suite<br />
provides a workflow manager or a workflow engine that works with the<br />
message broker <strong>to</strong> au<strong>to</strong>mate business processes.<br />
5.2.7. Roadmap <strong>to</strong> BPM<br />
Now that the basics of BPM have been discussed, it is time <strong>to</strong> understand<br />
how <strong>to</strong> achieve BPM within an organization. There are several logical<br />
steps that have <strong>to</strong> be followed sequentially. They are:<br />
Design and model<br />
Initially, the enterprise implementing BPM has <strong>to</strong> work <strong>to</strong>wards mapping<br />
existing business processes in the form of workflows, flowcharts or a<br />
combination with any other approach. This groundwork helps the<br />
company <strong>to</strong> identify the areas of wasted effort in traditional processes<br />
and hence represents opportunities for improvement in the process.<br />
As far as designing a new process goes, according <strong>to</strong> ebXML.org,<br />
there are four distinct stages involved (see Figure 9.10) as follows:<br />
1. Gather Requirements — The first step in designing a new business<br />
process is gathering requirements based on the statement of intent.<br />
Developing the statement of intent helps the business users in getting<br />
clarity about the scope and purpose of the business process. After<br />
the statement of intent has been prepared, users should start the<br />
process of gathering the requirements from all company departments<br />
involved in the concerned business process.<br />
2. Analyze Business Process and Business Information — Once the<br />
requirements are identified, the business analysts analyze all aspects<br />
of the business process so that it takes in the right input and<br />
produces the right output. Several entities including trading partners,
Statement of<br />
Intent<br />
Gather<br />
Requirements<br />
Requirements<br />
Documents<br />
Source: ebXML.org<br />
Analyze<br />
Business<br />
Process &<br />
Business<br />
information<br />
Business Process Management (BPM) 135<br />
Business Process<br />
Definition, Document<br />
Definition<br />
Develop<br />
Schemas<br />
I<br />
Document Schema<br />
XML Samples<br />
Business Process<br />
Definition<br />
Implement<br />
rik. Service/<br />
Application<br />
Figure 5.9. — Steps involved in designing a new business process<br />
industry standards organizations and other existing models can act as<br />
the source for the analysis process.<br />
Develop Schemas — The next step in designing a new business<br />
process is <strong>to</strong> develop schema that truly represents it, which involves<br />
creation of the document and information component schemas (XML<br />
schema/DTD or EDI message and data element definitions) and<br />
sample documents.<br />
Implement Service/Application — The last stage in designing a new<br />
business process is the final implementation of the business service<br />
interfaces and services/applications (such as back-end systems) in<br />
accordance <strong>to</strong> the business process definitions and the document<br />
schemas.<br />
Business process design stages<br />
For all the new business processes or existing business processes <strong>to</strong> be<br />
au<strong>to</strong>mated, the business users have <strong>to</strong> create visual models using a<br />
process modeling <strong>to</strong>ol.
136 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Company X creates a Sales_<br />
Forecast_Message.<br />
Company Y processes Sales_<br />
Forecast_Message<br />
Company Y evaluates the<br />
sales forcast figure.<br />
Company Y sends Jales_<br />
Forecast_Acknowledgment_<br />
Message<br />
Company X processes Sales_<br />
Forecast_Acknowledgment_<br />
Message<br />
Processes ends when Company X<br />
approves the sales forecast.<br />
\c\<br />
Sales_Forecast_<br />
Message<br />
Company Y sends Sales<br />
_Forecast_<br />
Revision_Message<br />
N<br />
Sales_Forecast_<br />
Acknowledgment^<br />
Message<br />
If necessary,<br />
Company X<br />
sends a revised sales<br />
forecast figure<br />
Revised.<br />
Sales_ -<br />
Forecast<br />
Revised_<br />
Sales_<br />
Forecast<br />
Figure 5.10. — Modeling of collaborative sales forecast business process<br />
Here is an example of business process modeling: in its simplest<br />
design, a collaborative sales forecast business process enables two<br />
trading partners (Company X and Company Y) <strong>to</strong> forecast, review and<br />
adjust sales forecasts in an iterative manner until they both arrive at an<br />
agreement (see Figure 5.10).<br />
The company that has a higher forecasting capability, let's say<br />
Company X, initiates the business process. As the first step of the<br />
business process, Company X sends a message (Sales_Forecast_Message)<br />
<strong>to</strong> Company Y with data pertaining <strong>to</strong> sales forecast. Company Y<br />
receives the message and evaluates the data. The process of evaluating<br />
and determining if the sales forecast is correct does not fall within the<br />
perimeters of BPM.<br />
Based on whether any change in forecast is needed or not, Company<br />
Y sends Company X one of the following:
Business Process Management (BPM) 137<br />
• An acknowledgement message (Sales_Forecast_Acknowledgment__<br />
Message) if no forecast revision is needed; or<br />
• A forecast revision message (Sales_Forecast_Revision_Message) if<br />
the forecast does require a change.<br />
On receiving a response message, Company X can do one of the<br />
following:<br />
• End the process — if the response is an acknowledgement indicating<br />
that Company T accepts the sales forecast data.<br />
• Process the data and review the changes — if the response is forecast<br />
revision. If Company X accepts the change, the process ends.<br />
• Send a message (Sales_Forecast_Revision_Message) with revised sales<br />
forecasts — if Company X does not agree with the revised figure<br />
from Company Y.<br />
The process continues <strong>to</strong> loop until both partners have reached an<br />
agreement. Company X will end the process, as it is the initia<strong>to</strong>r of this<br />
business process.<br />
Au<strong>to</strong>mate<br />
The objective behind au<strong>to</strong>mating a business process is <strong>to</strong> bring its<br />
latency <strong>to</strong> zero. Au<strong>to</strong>mation can be achieved through wastage reduction,<br />
streamlining the process <strong>to</strong> reduce duplication, and by having a good<br />
workflow. By au<strong>to</strong>mating the process, an organization achieves the<br />
desired productivity and real-time information for internal and external<br />
users. Au<strong>to</strong>mation does not mean the removal of human interface, but<br />
more efficient use of human interface.<br />
Executing processes<br />
The next step is <strong>to</strong> use the process models <strong>to</strong> execute the processes,<br />
directing the flow of information as needed <strong>to</strong> and from a company's<br />
internal IT systems and over the Internet <strong>to</strong> the IT systems of its<br />
partners, suppliers and cus<strong>to</strong>mers.<br />
There are three approaches <strong>to</strong> executing processes: logical, physical<br />
read-only and physical write-only. These approaches have different
138 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
levels of risk involved in terms of things going wrong and different<br />
levels of impact on maintaining the system's integrity.<br />
Using a logical approach process execution engine executes business<br />
process models without the need <strong>to</strong> change states at either the source<br />
or the target applications. This approach is recommended when no<br />
risk of making any real changes <strong>to</strong> the organization systems is <strong>to</strong> be<br />
taken. However, it does not inform about the problems ahead in real<br />
implementation.<br />
A physical read-only approach allows the process execution engine<br />
<strong>to</strong> only read information from the source systems. This approach allows<br />
the analyst <strong>to</strong> read and move information, but avoids updating the target<br />
systems. The read-only approach is second in terms of risk and has low<br />
risk in terms of the system's integrity. The model allows lesser power in<br />
terms of applicability, but has better value than the logical approach.<br />
The reading and processing of information has limited use if the target<br />
systems remain unaffected. The approach could be a compromise if the<br />
trading partners have differing attitudes <strong>to</strong> risk-taking.<br />
A physical read-write approach provides process execution engine<br />
with complete access <strong>to</strong> try the model on the source and target systems,<br />
which is the aim of full integration. As one would expect, this approach<br />
comes with the highest risk of the three approaches. Detachment of test<br />
systems from the organization's key systems could reduce the risk. The<br />
reason for minimizing the risk is the fact that any bug in the process<br />
model would result in an unstable state in the target or the source<br />
system which might not be acceptable <strong>to</strong> most organizations.<br />
Analyze<br />
For any process <strong>to</strong> work, it has <strong>to</strong> be supported with statistical analysis<br />
and data from organizations and moni<strong>to</strong>red for improvement. Regular<br />
moni<strong>to</strong>ring, recording and reporting of business operations will provide<br />
a wealth of information for analysis, interpretation and improvement of<br />
business processes.<br />
The analysis part of processes is extremely important, as that is<br />
where an organization learns from its inefficiencies and mistakes. There<br />
is a feedback involved in this phase from all interested parties, in order<br />
<strong>to</strong> design a meaningful process.
Adapt<br />
Business Process Management (BPM) 139<br />
Adaptation of the designed processes within the organization and the<br />
cus<strong>to</strong>mization of the standard package of BPM software forms part of<br />
the adapting phase of BPM. Training and follow-up of the personnel<br />
involved is an important component for the adaptation and acceptance<br />
of processes.<br />
5.3. BPM Systems<br />
Currently, there is a big convergence going on in the integration software<br />
industry, where the EAI and <strong>B2B</strong>i vendors are embracing BPM <strong>to</strong>ols by<br />
including them in their integration solution suites.<br />
There are certain manda<strong>to</strong>ry components of a BPM system, as follows:<br />
Process modeling <strong>to</strong>ol<br />
This is a graphical modeling <strong>to</strong>ol that enables rapid visual design<br />
of business processes while hiding the implementation from the<br />
users. The <strong>to</strong>ol should provide the functionalities of modifying user<br />
interfaces, business rules and process rules that drive the working of a<br />
business process.<br />
Process modeling involves drawing a workflow diagram that links<br />
resources, logic and movement of information between systems. Subprocesses<br />
are used when the main process becomes <strong>to</strong>o complex and<br />
needs <strong>to</strong> be broken down <strong>to</strong> keep it simple.<br />
The process-modeling <strong>to</strong>ol provides an environment <strong>to</strong> bind the<br />
components (process models; real entities such as companies, organizations,<br />
or people; source and target systems of the trading partners) of a<br />
business process <strong>to</strong>gether <strong>to</strong> create the final model for the process.<br />
Advanced modeling <strong>to</strong>ols also include XML-based rules reposi<strong>to</strong>ry,<br />
so that the rules can be shared across multiple applications in a single<br />
uniform format.<br />
Process execution engine<br />
This component is responsible for providing an environment for executing<br />
the process flow — i.e., sequencing and invoking the required element
140 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
as defined in the process design. The process execution engine manages<br />
a set of installed processes and coordinates their execution, thereby<br />
integrating applications and operations irrespective of the underlying<br />
platform. It interacts with the <strong>B2B</strong> integration server <strong>to</strong> exchange<br />
information with applications, control execution of individual steps and<br />
state transitions for running processes. All its actions are persistently<br />
logged <strong>to</strong> the database so that the users can analyze the data through a<br />
reporting <strong>to</strong>ol.<br />
Since <strong>B2B</strong> applications may involve heavy loads, the execution<br />
engine should be able <strong>to</strong> manage a large pool of concurrently running<br />
processes. In addition, it should provide checkpoint/restart capabilities<br />
that enable recovery from system failures.<br />
Process administration <strong>to</strong>ol<br />
This <strong>to</strong>ol provides administration functionalities <strong>to</strong> the users <strong>to</strong> moni<strong>to</strong>r<br />
the state of processes and act in the event of exceptions, such as<br />
changing the execution sequence.<br />
Process reporting <strong>to</strong>ol<br />
The process reporting <strong>to</strong>ol may be included in the administration <strong>to</strong>ol or<br />
may be provided as an independent component of BPM system. This<br />
<strong>to</strong>ol is responsible for generating and presenting different reports such<br />
as statistics and performance which help companies <strong>to</strong> optimize processes<br />
by removing any bottlenecks.<br />
A BPM system should functionally provide the following:<br />
Support for open standards<br />
Since <strong>B2B</strong>i requires integration of processes across corporate boundaries<br />
using exchange of XML-based documents or messages, the vocabulary<br />
used for communication between different systems should be based on<br />
open standards. The BPM system should support all the leading XML<br />
standards which define the vocabulary and/or the business processes,<br />
for instance, RosettaNet for electronic component industry and OBI for<br />
purchase management.
Business Process Management (BPM) 141<br />
Additionally, it should include basic business process designs and<br />
their associated XML data definitions for all the major vertical industries.<br />
For instance, a BPM system being used by a <strong>B2B</strong> exchange must<br />
include pre-designed processes and sub-processes for Partner and<br />
Enterprise Management (Account Information Exchange, <strong>Collaborative</strong><br />
Account Information Exchange), Procurement (Price and Availability<br />
Exchange, <strong>Collaborative</strong> Price and Availability Exchange, Price Change<br />
Announcement, Request for Quote, New Product Information Exchange,<br />
Request Product Information, Order Management), Order Fulfillment<br />
(Order Fulfillment, Invoicing, Shipping Invoice, Inven<strong>to</strong>ry Management,<br />
Inven<strong>to</strong>ry) and Logistics (Returns Management, Shipping Notice,<br />
Shipping Request, Shipping Status).<br />
Easy integration with applications<br />
A typical business process may be supported by multiple diverse<br />
applications such as ERP, CRM and legacy systems. It is virtually<br />
impossible for a BPM system <strong>to</strong> manage a workflow and execute the<br />
different tasks associated with it, which may require using APIs of<br />
other systems or exchanging messages with them, unless it provides<br />
easy integration facilities. A BPM system should also provide easy<br />
connectivity by publishing an API <strong>to</strong> other applications.<br />
Support for different middleware technologies<br />
BPM systems should provide support for all the different middleware<br />
technologies such as messaging (JMS), distributed computing (EJB,<br />
COM+), RPCs (RMI) as each task/sub-task of a business process may<br />
require the use of one or a combination of these technologies.<br />
With such wide technological support, a BPM system can fully<br />
leverage a company's existing infrastructure, thereby significantly<br />
increasing the ROI on business process integration.<br />
Several leading EAI <strong>to</strong>ol companies provide BPM systems as an<br />
independent application or package it <strong>to</strong>gether with their application<br />
integration servers.<br />
A few leading commercial BPM systems include:
142 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
5.3.1. BEA WebLogic integration<br />
BEA WebLogic integration is a platform that includes application server,<br />
application integration, business process management and <strong>B2B</strong> integration<br />
functionalities. In this section we will focus on the BPM aspect of the<br />
software suite.<br />
BEA WebLogic integration takes a process-centric approach <strong>to</strong> <strong>B2B</strong><br />
integration and allows channel-masters and their business partners<br />
<strong>to</strong> model, execute and easily manage business processes among<br />
organizations. With intuitive design <strong>to</strong>ols (see Figure 5.12) and an<br />
award-winning process engine, BEA WebLogic integration empowers<br />
the business analyst <strong>to</strong> design collaborative business processes and<br />
integrate them with internal processes and systems. At run-time, the<br />
process engine manages the execution of defined business processes<br />
(see Figure 5.11). Moni<strong>to</strong>ring capabilities enable companies <strong>to</strong> identify<br />
bottlenecks and optimize processes on-the-fly, without interrupting<br />
ongoing processes.<br />
In this BPM system, collaboration-specific processes exist separately<br />
<strong>to</strong> protect proprietary information during interactions between individual<br />
companies. Shared processes, defined and managed collaboratively, are<br />
deployed as local processes and execute only at each trading partner<br />
site <strong>to</strong> ensure that private information remains secure.<br />
HOW TO<br />
Invoke<br />
Events<br />
BPM Template |<br />
Definition<br />
(Studio)<br />
Process Engine<br />
wk m<br />
Template<br />
S<strong>to</strong>re<br />
Instance<br />
S<strong>to</strong>re<br />
HOW To<br />
Integrate<br />
XMLEvent ,.---<br />
'uj"'-"Sr Application<br />
XML<br />
RMI --"" EJB ""-v<br />
...Componentjjj*'<br />
Sys Ekec<br />
BPM Moni<strong>to</strong>r<br />
(Studio)<br />
Figure 5.11. — BEA-BPM execution engine<br />
Applicati tion J|
S Web<strong>to</strong>gic Process Integra<strong>to</strong>r Studio<br />
File View Toots Window Help<br />
Organization<br />
Templates<br />
Order Fulfilment<br />
Order Processing<br />
05/01/01 12:00AM<br />
: Order Processing Tripper<br />
' L ' ; 07/12/00 12:00AM<br />
t : Starts<br />
: ••• Events<br />
•+' r' Tasks<br />
• Decisions<br />
• Joins<br />
• Exception Handlers<br />
+ Variables<br />
Calendars<br />
Users<br />
Roles<br />
Routing<br />
Statistics Report<br />
Business Process Management (BPM) 143<br />
::.WMKfuw Deslon Ortte'f.Processiila qs/os/oi ISP-PM.:<br />
m Workflow Design Order Fulfilment 06/09/01 2:00 PM<br />
Figure 5.12. — BEA process modeling <strong>to</strong>ol<br />
5.3.2. Vitria BusinessWare<br />
BusinessWare's BPM component is capable of modeling and au<strong>to</strong>mating<br />
simple <strong>to</strong> complex business processes within and between organizations.<br />
Typical internal business processes could include order fulfilment and<br />
inven<strong>to</strong>ry management-type processes, while business-<strong>to</strong>-business processes<br />
can include provision of services, supply chain management and<br />
multistep purchasing transactions.<br />
Au<strong>to</strong>ma<strong>to</strong>r in the BusinessWare software is the primary component<br />
for process management and provides the process modeling environment<br />
and the process execution engine for handling high volumes of business<br />
transactions (see Figure 5.13). It also enables a company <strong>to</strong> create<br />
visual models of business processes and executes those business process<br />
models by directing the flow of information among the underlying<br />
internal and external IT systems and workers that perform the steps<br />
defined in each process. Au<strong>to</strong>ma<strong>to</strong>r can then adjust or change the
144 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Business<br />
Process<br />
Man Jig* mn nt Process Mod eli ng<br />
Au<strong>to</strong>ma<strong>to</strong>:<br />
Workflow<br />
Process Au<strong>to</strong>matio r<br />
Figure 5.13. — Vitria au<strong>to</strong>ma<strong>to</strong>r connects EAI, <strong>B2B</strong> processes<br />
ongoing business processes as per user-defined rules based on the<br />
feedback received from the real world live process execution.<br />
BusinessWare allows a separation of business process definition<br />
from back-end integration and system issues, which is a key feature.<br />
The business processes are best unders<strong>to</strong>od by businesses and the<br />
people running them, hence the processes should be left <strong>to</strong> them <strong>to</strong><br />
design and manage.<br />
5.3.3. Extricity <strong>B2B</strong> Alliance Manager<br />
Extricity <strong>B2B</strong> Alliance Manager provides an integrated development<br />
environment for modeling graphically inter-company business processes<br />
and defining business objects (the data that is exchanged). The resulting<br />
workflows define the sequence of events, the partners and the logic. The<br />
development environment supports event triggers, threaded conversations,<br />
timing control, conditional logic, alternative and parallel routing of<br />
documents and more.<br />
Extricity offers <strong>B2B</strong> Process Paks, which are packaged process<br />
solutions that enable organizations in specific industries <strong>to</strong> fast track the<br />
development of business with their trading partners. Process Paks make<br />
implementation faster and easier by delivering unique best-practice <strong>B2B</strong><br />
processes that work the way organizations want them <strong>to</strong> work. One can<br />
modify and cus<strong>to</strong>mize the Process Paks, working in the intuitive dragand-drop<br />
environment provided by the software solution.<br />
Presently, Extricity provides Process Paks for the following industries:<br />
Consumer Packaged Goods, E-retailers, Logistics Services, Net Markets,<br />
RosettaNet and Semiconduc<strong>to</strong>rs.
Business Process Management (BPM) 145<br />
TSMC: BEFORE AND AFTER —<br />
A COMPELLING DIFFERENCE<br />
Taiwan Semiconduc<strong>to</strong>r Manufacturing Company (TSMC) is the world's<br />
largest contract manufacturer of integrated circuits, offering its<br />
cus<strong>to</strong>mers turnkey services from design and fabrication through test<br />
and assembly. TSMC has revenues in excess of $1.5 billion and has<br />
400 cus<strong>to</strong>mers around the world. TSMC offers cus<strong>to</strong>m-made integrated<br />
circuits for its cus<strong>to</strong>mers. The business environment in the integrated<br />
circuit industry requires short product life-cycles, growing cus<strong>to</strong>mer<br />
demand and an increasing need <strong>to</strong> differentiate itself from its<br />
competi<strong>to</strong>rs by offering value-added services.<br />
In the past, TSMC found that its methods of communicating with<br />
cus<strong>to</strong>mers and suppliers, which included its Website, fax, e-mail,<br />
FTP, EDI, etc. were slow, time-consuming and limited in the volume<br />
of information and the timelines with which they could transmit the<br />
information. These inefficient communication methods were creating<br />
delays along the supply chain.<br />
In 1997, TSMC choose Extricity <strong>B2B</strong> for improving the way it<br />
interacted with its cus<strong>to</strong>mers and, also <strong>to</strong> incorporate the cus<strong>to</strong>mers<br />
in its internal processes at the manufacturing stage. The au<strong>to</strong>mated<br />
and shared business processes were in the area of collaborative<br />
engineering, forecast sharing, order management, WIP (work-inprogress)<br />
updates, shipment notifications, linking back <strong>to</strong> its own<br />
suppliers. With these areas of shared processes, TSMC was able <strong>to</strong><br />
achieve significant improvements in cus<strong>to</strong>mer satisfaction and supplychain<br />
efficiencies. Cus<strong>to</strong>mers now have the information that they<br />
require, whenever they require, in the format required, in and through<br />
their enterprise systems. Apart from reduction in TSMC's cus<strong>to</strong>mer<br />
lead-times by up <strong>to</strong> 25% and elimination of manual processes, there<br />
has also been a reduction in WIP inven<strong>to</strong>ry carrying costs and improved<br />
capacity planning. Based on <strong>to</strong>tal project costs and quantifiable<br />
benefits, TSMC had a return of 14 times on its investment in the first<br />
three years.<br />
With Extricity <strong>B2B</strong>, TSMC has implemented a business-<strong>to</strong>-business<br />
integration solution <strong>to</strong> connect its suppliers, contract manufacturers<br />
Continue on page 146
146 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Assembly & Test<br />
Supplier<br />
TSMC<br />
[Sriririai| [ fOM~ ] [Engineeririgj<br />
<strong>Collaborative</strong> Business Processes<br />
Continued from page 145<br />
Figure 5.14. — TSMC's <strong>B2B</strong> integration implementation<br />
Cus<strong>to</strong>mer<br />
Cus<strong>to</strong>mer<br />
Cus<strong>to</strong>mer<br />
and cus<strong>to</strong>mers (see Figure 5.14). This has created an integrated virtual<br />
supply-chain base <strong>to</strong> allow interactions and satisfy the individual<br />
cus<strong>to</strong>mer's needs.<br />
The integrated collaborative processes that are offered by TSMC<br />
<strong>to</strong> its cus<strong>to</strong>mers are:<br />
• Engineering Design — for pro<strong>to</strong>type specifications of cus<strong>to</strong>mers <strong>to</strong><br />
be tested and iteration of the process until a satisfac<strong>to</strong>ry design is<br />
finalized.<br />
• Forecast Sharing — cus<strong>to</strong>mers au<strong>to</strong>matically provide TSMC with<br />
demand forecasts on a regular basis.<br />
• Order Management — the system delivers purchase orders directly<br />
from the enterprise systems of TSMC's cus<strong>to</strong>mers in<strong>to</strong> TSMC's<br />
<strong>to</strong>tal order management system.<br />
• WIP Updates — four types of WIP data are generated daily from<br />
TSMC's manufacturing systems, formatted <strong>to</strong> meet each cus<strong>to</strong>mer's<br />
requirements and sent via the Internet. This provides cus<strong>to</strong>mers<br />
Continue on page 147
Business Process Management (BPM) 147<br />
Continued from page 146<br />
with visibility in the manufacturing status of their products, allowing<br />
more informed decisions.<br />
• Ship Notice — TSMC notifies cus<strong>to</strong>mers about finished products,<br />
which provides them with advance information and progress updates.<br />
With the implementation of Extricity <strong>B2B</strong> system, TSMC is<br />
predicting a ROI of 1400% over a three-year period, which equates<br />
<strong>to</strong> a five-month payback.<br />
Source: Condensed from Extricity cus<strong>to</strong>mer case study; The TSMC s<strong>to</strong>ry, Extricity.com<br />
5.4. Universal Language for BPM<br />
There are several practical challenges in the real world implementation<br />
of BPM. For instance, there are no de fac<strong>to</strong> standards available for<br />
business process modeling. Multiple groups demand different levels of<br />
abstraction in the design and execution of processes, and different BPM<br />
systems communicate by exchanging messages that have no standard<br />
formats, making <strong>B2B</strong>-based business process integration challenging.<br />
According <strong>to</strong> the Gartner Group, through 2005 no standard will fully<br />
eliminate the requirement that enterprises must support multiple,<br />
incompatible process-management-aware applications.<br />
There is a need for a universal language, which can be used <strong>to</strong> design,<br />
deploy, maintain and execute business processes, such as order management,<br />
demand and forecast planning and new product development.<br />
This language should represent all the internal and external activities<br />
that support any company's business — for instance, synchronous and<br />
asynchronous communication with all internal and external applications,<br />
information dissemination, short and long-lived transactions. It should<br />
be based on open architecture so that the process models among different<br />
BPM systems can be exchanged and should enable the creation of<br />
a common business process reposi<strong>to</strong>ry. Further, it should allow a<br />
mechanism for expressing rules for business level validation of messages,<br />
<strong>to</strong> link processes <strong>to</strong> events occurring in the environment and <strong>to</strong> express<br />
data extraction. Finally, it should provide full support for the existing
148 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
<strong>B2B</strong> collaboration pro<strong>to</strong>cols such as RosettaNet, BizTalk and ebXML,<br />
as well as technology integration standards, including J2EE and SOAR<br />
Business Process Management Initiative (BPMI) is leading an effort<br />
<strong>to</strong> develop a universal language for modeling, deployment and execution<br />
of business processes. There are two major direct competi<strong>to</strong>rs of BPMI:<br />
XLANG process specification language, a Microsoft initiative, and Web<br />
Services Flow Language (WSFL), an IBM initiative.<br />
Note: Web Services Flow Language (WSFL) is discussed in the chapter<br />
on Web services.<br />
5.4.1. Business Process Management Initiative (BPMI)<br />
The Business Process Management Initiative (BPMI.org) is led by several<br />
leading companies including: Hewlett-Packard Co., Art Technology<br />
Group, Sun Microsystems Inc., Tibco Software Inc., Computer Science<br />
Corporation, Cyclone Commerce, DataChannel, Entricom, On<strong>to</strong>logy.org,<br />
SI Corporation, Versata, VerticalNet and Verve. BPMI.org is developing<br />
the Business Process Modeling Language (BPML) and Business Process<br />
Query Language (BPQL).<br />
Business Process Modeling Language (BPML)<br />
BPML is an XML-based, open standard, meta language for the design,<br />
definition, deployment and management of business processes that span<br />
multiple applications, corporate departments and business partners. BPML<br />
is actually an XML schema that provides a standard way <strong>to</strong> model<br />
mission-critical business processes. It aims <strong>to</strong> allow tighter integration<br />
and collaboration in business processes than the current application<br />
interface model. BPML is <strong>to</strong> BPM as XML is <strong>to</strong> e-<strong>commerce</strong>.<br />
BPML, like any other business process standard such as ebXML,<br />
RosettaNet, is based on a message-based model. In message-based<br />
models, the participants involved in a business process interact through<br />
the exchange of messages. The business process determines the manner<br />
of the message flows and the information contained within them. The<br />
semantic and syntactic structure of messages is defined using BPML<br />
XML schema.
Business Process Management (BPM) 149<br />
BPML uses XPath as the basis for its expression language. XPath<br />
provides a declarative expression language with rich semantics for<br />
expressing condition logic, calculations and selection predicates.<br />
Business Process Query Language (BPQL)<br />
The Business Process Query Language (BPQL) intends <strong>to</strong> provide<br />
a standard interface for business process deployment (in a process<br />
reposi<strong>to</strong>ry) and execution (in a process server). BPMI.org is still<br />
developing this language.<br />
The interface for process reposi<strong>to</strong>ry is based on the Distributed<br />
Authoring and Versioning Pro<strong>to</strong>col (WebDAV). It would enable users <strong>to</strong><br />
manage the deployment of process models contained and managed by<br />
the reposi<strong>to</strong>ry. These process models could be exposed by the enterprises<br />
as Web services for process registration, advertising and discovery<br />
purposes.<br />
The BQML interface <strong>to</strong> a process server gives the users the<br />
capabilities <strong>to</strong> query and control the state of execution of process<br />
instances managed by the server. It is based on the Simple Object<br />
Access Pro<strong>to</strong>col (SOAP).<br />
5.4.2. XLANG<br />
XLANG, an initiative of Microsoft, is an XML-based language that<br />
describes the logical sequencing of business processes and their<br />
implementation by using various application services. It is expected <strong>to</strong><br />
serve as the basis for au<strong>to</strong>mated pro<strong>to</strong>col engines that can track the<br />
state of process instances and help enforce pro<strong>to</strong>col correctness in<br />
message flows.<br />
5.5. Standard Business Processes<br />
A key requirement of <strong>B2B</strong>i is the ability <strong>to</strong> describe business processes<br />
in a standard form that can be consumed by <strong>to</strong>ols for process implementation<br />
and moni<strong>to</strong>ring. Currently, there are several organizations<br />
that are trying <strong>to</strong> standardize business process standards for their vertical
150 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
industry. These business processes are defined according <strong>to</strong> a wellknown<br />
model, described in agreed-upon formats, which is made publicly<br />
available and which can be contractual in nature.<br />
As discussed, in <strong>B2B</strong> applications business processes span corporate<br />
boundaries. Each company has its own applications and workflow<br />
implementation technology. In such a case, loose coupling based on<br />
predefined external pro<strong>to</strong>cols provides integration of business processes.<br />
These pro<strong>to</strong>cols are message oriented, specify the flow of messages<br />
representing activities among the trading partners in a business process<br />
and standardize the format and content of the messages, leaving the<br />
implementation part completely opaque. Each company can have its<br />
own implementation, which is completely changeable at any time as<br />
long as the generated messages are based on the pro<strong>to</strong>col.<br />
For instance, RosettaNet, an independent consortium, is standardizing<br />
business process standards by publishing XML-based Partner Interface<br />
Processes (PIPs) for IT, electronic components and semiconduc<strong>to</strong>r<br />
industry. The PIPs define processes for a wide range of business<br />
activities in this specific industry, such as inven<strong>to</strong>ry, pricing, sales<br />
management, order handling, product configuration and shipping.<br />
Electronic Business XML (ebXML), which is jointly sponsored by<br />
the United Nations Center for Trade Facilitation and Electronic Business<br />
(UN/CEFACT) and the Organization for the Advancement of Structured<br />
Information Standards (OASIS), provides a standard method exchanging<br />
business messages, conducting trading of relationships, communicating<br />
data in common terms and defining and registering business processes.<br />
A detailed coverage of RosettaNet and ebXML can be found in the<br />
chapter on XML Standards.<br />
5.6. Conclusion<br />
BPM enables enterprises <strong>to</strong> au<strong>to</strong>mate and integrate the disparate internal<br />
and external corporate business processes. It does so through the effective<br />
and efficient design, deployment, execution, management and analysis<br />
of business processes. BPM enhances flexibility, adaptability and servicelevel<br />
management, while making the business more visible, measurable<br />
and auditable.
Business Process Management (BPM) 151<br />
BPM systems are increasingly becoming a core segment of the<br />
major integration platforms available commercially. They include a<br />
point-and-click visual modeling <strong>to</strong>ol through which the business analysts<br />
and developers can design and build distributed business processes that<br />
can be deployed immediately and changed in real-time. At the core of<br />
BPM systems is an execution engine which routes messages or events<br />
from integrated applications, based on the rules and the state of the<br />
current business process, <strong>to</strong> different participants of the process, whether<br />
they are people or systems.
Chapter Q<br />
Extensible Markup Language<br />
(XML)<br />
The focus of this chapter<br />
Extensible Markup Language (XML) has now become the lingua franca<br />
of the <strong>B2B</strong> e-business revolution. Since it is both universal and flexible,<br />
XML has become one of the fundamental components of <strong>B2B</strong>i, enabling<br />
systems <strong>to</strong> share data and add value as data is passed from point-<strong>to</strong>point.<br />
In this chapter, you will come <strong>to</strong> understand the importance of<br />
XML, its components and its coexistence with the traditional mode of<br />
communication — electronic data interchange (EDI). We have also<br />
provided in-depth coverage of the features of XML/EDI servers.<br />
152
Extensible Markup Language (XML) 153<br />
6.1. The Need for a Universal Language<br />
In order <strong>to</strong> participate in <strong>B2B</strong> e-<strong>commerce</strong>, companies are moving<br />
<strong>to</strong>wards cus<strong>to</strong>mer self-servicing, enterprise application integration and<br />
dynamic partnering with external companies and exchanges. This changing<br />
nature of doing business has significantly increased the complexities of<br />
processing business data. The data in this business environment can be<br />
found in varied formats, such as messages from different trading partners,<br />
internal corporate documents, messages from retail cus<strong>to</strong>mers, several<br />
interfaces <strong>to</strong> transaction-based systems, databases and Web pages.<br />
Capturing, managing and effectively using business data has become a<br />
wobbly task.<br />
Due <strong>to</strong> the lack of a universal data interchange format, companies<br />
are not able <strong>to</strong> fully exploit au<strong>to</strong>mation, both internally and externally,<br />
that would enable seamless communication between internal applications<br />
and external partner applications. As a result, most information<br />
technology departments spend upwards of 40% of their time in extracting,<br />
re-defining and updating data <strong>to</strong> serve specific needs, according <strong>to</strong> a<br />
recent survey from Forrester Research.<br />
It is impossible <strong>to</strong> even dream of <strong>B2B</strong>i based on the Internet,<br />
without a universal language that is unders<strong>to</strong>od by every party involved<br />
in integration. Through the use of this language, companies will be<br />
able <strong>to</strong> transact business across organizational boundaries. Its use in<br />
exchanging business data among cross-organization applications is a<br />
key requirement for e-business success.<br />
Companies in the same vertical industry that usually relate <strong>to</strong> each<br />
other as competi<strong>to</strong>rs, will benefit tremendously by collaborating on a<br />
universal data exchange format for business documents, such as invoices<br />
and purchase orders. All the companies have <strong>to</strong> participate in this<br />
transition <strong>to</strong> universal data format language for it <strong>to</strong> be successful. So,<br />
apart from adoption by the Fortune 1000 companies, it also has <strong>to</strong> be<br />
embraced by an estimated 25,000,000 small and medium enterprises<br />
(SMEs) in the world.<br />
Let's briefly review Electronic Data Interchange (EDI), a traditional<br />
method — and still the dominant way companies exchange information<br />
electronically.
154 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
6.2. What is Electronic Data Interchange (EDI)?<br />
EDI involves electronic exchange of routine business transactions. These<br />
transactions include documents, such as purchase orders, invoices,<br />
inquiries, planning, acknowledgements, pricing, order status, scheduling,<br />
test results, shipping and receiving, payments and financial reporting.<br />
Through EDI, these highly secure documents are exchanged in a<br />
compressed, machine-readable form over private value-added networks<br />
(VANs). EDI permits hundreds of companies <strong>to</strong> communicate and process<br />
business transactions electronically. In fact, EDI-based transactions over<br />
proprietary private networks account for 'the bulk' of the goods and<br />
services that businesses exchange electronically.<br />
EDI enables long-term relationships among trading partners and it is<br />
designed <strong>to</strong> address only those particular kinds of <strong>B2B</strong> relationships.<br />
For example, EDI messages are exchanged back and forth in a preestablished<br />
relationship of buyer and supplier, <strong>to</strong> maintain inven<strong>to</strong>ry of<br />
products and manage the logistics of shipping. This way a retailer could<br />
immediately let a warehouse know of an order and the warehouse could<br />
immediately notify suppliers of a change in inven<strong>to</strong>ry.<br />
One word in the above paragraph is of prime importance <strong>to</strong> EDIbased<br />
relationships — 'pre-established'. The relationships are preestablished<br />
and static as opposed <strong>to</strong> dynamic relationships, which are<br />
open <strong>to</strong> interactions <strong>to</strong> all newcomers.<br />
6.2.1. How does it work?<br />
EDI works by providing a collection of standard message formats and<br />
an element dictionary that can be exchanged via any electronic messaging<br />
service. EDI is based on standards developed according <strong>to</strong> the guidelines<br />
of the American National Standards Institute (ANSI), the coordina<strong>to</strong>r<br />
for national standards in the United States. The ANSI committee ensures<br />
that everyone using a process such as EDI follows the same rules and<br />
methods, making the program universally accessible. As a result of the<br />
standard, all businesses using EDI share a common interchange language,<br />
which minimizes the need for change in internal data processing systems.<br />
EDI traffic is mostly composed of companies transferring bulk files.<br />
EDI trading partners seldom connect <strong>to</strong> each other directly. Instead,
Buyer<br />
Purchasing<br />
Accounts<br />
Payable<br />
a<br />
t<br />
1<br />
0<br />
ft<br />
S<br />
u<br />
i<br />
t<br />
e<br />
Purchase Order<br />
VAN or Direct<br />
Connection<br />
Invoice<br />
Extensible Markup Language (XML) 155<br />
Remittance Advice<br />
Supplier<br />
Ordering<br />
Billing<br />
Accounts<br />
Receivable<br />
Figure 6.1. EDI-based communication between trading partners<br />
they use the services of VAN whereby each trading partner connects <strong>to</strong><br />
the VAN (see Figure 6.1). The service provider of VAN manages the<br />
connections <strong>to</strong> all trading partners.<br />
6.2.2. Limitations of traditional EDI<br />
The setup procedure for traditional EDI is expensive, complex and<br />
time consuming. The inherent nature of EDI communication requires<br />
the trading partners <strong>to</strong> synchronize their internal systems and business<br />
processes with those of their partners. The different applications<br />
used by the trading partners use different schemas and data exchange<br />
pro<strong>to</strong>cols. The format and data content of the files generated by these<br />
systems also vary widely. The transfer of files containing data between<br />
trading partners, from one computer system <strong>to</strong> another using EDI,<br />
is also a potentially complex process. The EDI-based file exchange<br />
mechanism will work correctly only if programs running at both ends<br />
(sender and receiver of file) are part of the same package written at the
156 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
same time. Thus, there is a complete dependence by everyone in a<br />
business relationship on the adoption of a specific implementation. This<br />
unwanted feature makes continued changes, improvements and<br />
enhancements, either at the individual enterprise or trading group level,<br />
very expensive.<br />
The software, hardware and network connectivity of an EDI network<br />
is expensive and specialized. Out of millions of companies that conduct<br />
business with each other, only 300,000 companies worldwide have<br />
adopted EDI, due <strong>to</strong> its complexity and expense.<br />
The dominant partner model that drives EDI is <strong>to</strong>o limiting and<br />
centralized in the Internet world. EDI relationships are usually hub-andspoke<br />
type, where the big corporation is the hub and all other small<br />
companies doing business with it are the spokes. The big corporation<br />
tends <strong>to</strong> dictate business and technical standards in its interactions with<br />
the smaller companies. This type of business model is not suitable for<br />
<strong>B2B</strong> e-<strong>commerce</strong>, as the latter is based on the emergence of many new<br />
and often short-lived business relationships and many kinds of payment<br />
arrangements.<br />
To summarize:<br />
• EDI is primarily a one-<strong>to</strong>-one technology, while a typical <strong>B2B</strong>i over<br />
the Internet requires many-<strong>to</strong>-many connectivity.<br />
• Adding trading partners under traditional EDI requires cus<strong>to</strong>mized<br />
mapping of each new partner's document formats.<br />
• Most EDI traffic flows over VANs, which can be expensive. Typical<br />
VANs charge $1 <strong>to</strong> $20 for each message.<br />
• As usage of VAN is expensive, EDI messages are compressed using<br />
algorithms. This makes the messages only machine readable and<br />
extremely difficult <strong>to</strong> debug. Just a small mistake in message formation<br />
can lead <strong>to</strong> hours of programming effort in detecting the problem.<br />
• EDI requires the installation and maintenance of dedicated servers that<br />
cost upwards of $100,000. But, wait. That's not all. The operational<br />
costs associated with EDI are also significantly high, as companies<br />
can spend $250,000 per month just in preserving the connection <strong>to</strong><br />
the EDI network and keeping the servers up and running. This is <strong>to</strong>o<br />
steep a cost for small and medium size industries and thus they<br />
refrain from adopting EDI.
Extensible Markup Language (XML) 157<br />
6.3. What's Wrong with the First Language<br />
of the Internet — HTML?<br />
In the early 1990s, Hyper Text Markup Language (HTML) was<br />
developed, enabling both machines and humans <strong>to</strong> read the same<br />
document. Although HTML has been very successful as a markup<br />
language for the Internet, there are certain inherent drawbacks and<br />
limitations in the language that make its use in <strong>B2B</strong> specific applications<br />
very limited.<br />
Let's discuss some of the major limitations from <strong>B2B</strong>i perspective:<br />
It is solely a presentation technology<br />
One of the key requirements for <strong>B2B</strong>i is <strong>to</strong> be able <strong>to</strong> transfer meaningful<br />
documents among the trading partners. However, HTML focuses solely<br />
on presentation of text, not on what the text signifies. It does not reveal<br />
anything about the context of the text <strong>to</strong> which HTML tags are applied.<br />
Consider an HTML tag example, Orange which has a specific<br />
presentation in the Web browser. HTML fails <strong>to</strong> reveal anything about<br />
the context — 'Orange' — that is presented in the document. 'Orange'<br />
in this document can potentially mean anything like a wireless company,<br />
a fruit or a last name. Thus, HTML tag names don't describe what<br />
content is. They only imply how content appears.<br />
It does not capture business rules and processes<br />
<strong>B2B</strong> applications, in almost all instances, interface with the back-end<br />
systems, often a database. Data flowing between these applications in<br />
HTML format loses all useful information that is available in the<br />
original format of the data. Additionally, HTML data is strictly static<br />
and read-only. The users or applications cannot sort, query or process<br />
this data. HTML documents fail <strong>to</strong> capture any business process or rule.<br />
It is fixed data set<br />
In <strong>B2B</strong> applications, flexibility in the data sets that contain the data is<br />
of prime importance. These data sets have <strong>to</strong> be created on the fly,
158 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
based on the nature of the application. It is not possible <strong>to</strong> extend the<br />
data set on which HTML is based <strong>to</strong> create new tags that are meaningful,<br />
useful and necessary for applications. Only the W3C (World Wide Web<br />
Consortium) can extend the data set for HTML. Thus, HTML only<br />
describes documents of a single type.<br />
Data is hard <strong>to</strong> process<br />
HTML data is hard <strong>to</strong> process. Browsers permit several syntactical and<br />
structural errors of HTML <strong>to</strong> pass, unchecked. It is not possible <strong>to</strong><br />
extract any meaningful, structured information from an HTML document.<br />
Apart from this, HTML documents can only be divided in<strong>to</strong> a head and<br />
a body. So, there can be no logical break up of information in the<br />
document. For example, it is not possible for a browser <strong>to</strong> request only<br />
a specific user information section from an HTML document that<br />
contains information about many users. The browser can request and<br />
present only the whole document.<br />
6.4. XML: The Universal Language of<br />
Data Interchange<br />
XML is the 'universal language of data interchange' as far as the<br />
exchange of data among diverse applications written in any language<br />
and running on heterogeneous platforms is concerned. The use of XML<br />
makes it fairly easy for applications <strong>to</strong> exchange, interpret and act on<br />
data. XML fully leverages Internet, as XML-based messages can be<br />
exchanged over the Internet using Hypertext Transfer Pro<strong>to</strong>col (HTTP)<br />
or HTTPS (SSL — Secured Sockets Layer HTTP).<br />
XML provides an efficient means of separating the data and structure<br />
from documents representing business processes. Based on these virtues,<br />
XML promises <strong>to</strong> enable the development of <strong>B2B</strong> e-<strong>commerce</strong> applications<br />
that are purely data-driven. The potential impact is significant: XML<br />
compliant application servers, Web servers, internal legacy applications,<br />
ERP systems and external applications can all quickly make their information<br />
available in a simple and usable format.<br />
Since XML is both universal and flexible, it has become one of the<br />
most powerful components of <strong>B2B</strong>i, enabling systems <strong>to</strong> share data and
Extensible Markup Language (XML) 159<br />
add value as data is passed from point-<strong>to</strong>-point. The use of XML allows<br />
trading partners <strong>to</strong> concentrate on their own internal business processes<br />
and can even change at their own convenience. For example, Company<br />
A can use XML <strong>to</strong> communicate with Company B, regardless of what<br />
internal systems each company is using. To do this, Company A converts<br />
the data that it wishes <strong>to</strong> share with Company B in<strong>to</strong> XML format. All<br />
the two companies have <strong>to</strong> do is agree on a set of tags (or use a<br />
standard set from their industry).<br />
6.4.1. The power <strong>to</strong> know<br />
Real-time availability and access <strong>to</strong> business data is the key <strong>to</strong> making<br />
the right business decisions at the speed of the Web and keeping<br />
companies one step ahead of their competition. In a <strong>B2B</strong> integrated<br />
environment, companies have <strong>to</strong> capture, integrate, explore, analyze and<br />
exchange information from across the entire enterprise and with all the<br />
trading partners.<br />
In order for the companies <strong>to</strong> get the power <strong>to</strong> know, the data has<br />
<strong>to</strong> be:<br />
Captured — The business information, data and context have <strong>to</strong> be<br />
captured as and when they are produced and generated by the source.<br />
S<strong>to</strong>ring the context helps in the meaningful search of the data.<br />
Managed — Managing electronic data, which is choking the corporate<br />
databases and other s<strong>to</strong>rage systems, has become a very big challenge.<br />
It is estimated that up <strong>to</strong> 7% of the revenue can go in<strong>to</strong> the creation and<br />
movement of documents. Companies should work on consolidating<br />
information in a centralized knowledge base. This would not only help<br />
in getting rid of redundant data, but would also provide a complete<br />
picture of your business processes. The consolidated data is easy <strong>to</strong><br />
maintain, organize, publish and search.<br />
Published — The whole idea behind capturing and managing data is <strong>to</strong><br />
publish it for the user community. This data can either be pushed or<br />
pulled from the corporate databases and should be presented in any<br />
easily understandable format. The data should be presented based on<br />
the entitlements and interests of the users.
160 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Exchanged — In a connected business environment, companies should<br />
be able <strong>to</strong> exchange and share data with multiple companies dynamically.<br />
The data can be transferred using either dedicated connections or over<br />
the Internet. In order for companies <strong>to</strong> exchange data on a real-time<br />
basis, they have <strong>to</strong> establish a common taxonomy for defining the<br />
structure and context of information.<br />
XML is the universal language that helps companies achieve all of<br />
the above tasks. It enables organizations <strong>to</strong> capture, manage, publish<br />
and exchange information with their partners, suppliers and cus<strong>to</strong>mers<br />
as efficiently as possible.<br />
The fundamentals of XML, its strengths and weakness and its<br />
benefits over EDI are explained below.<br />
6.4.2. What is XML?<br />
XML is a language developed by W3C for visual presentation of<br />
factual information that can facilitate the exchange of data between<br />
applications and/or humans.<br />
Although the origin of both HTML and XML is the same — Standard<br />
Generalized Markup Language (SGML), HTML is designed primarily<br />
for just the presentation of hypertext pages in browsers; XML, on the<br />
other hand, is designed <strong>to</strong> create new markup languages for new<br />
document types. HTML restricts the users <strong>to</strong> only a few set elements<br />
defined by W3C such as , and . XML enables<br />
the users <strong>to</strong> define new elements for processing information in their<br />
particular domain, context or field. Creation of document types, tag<br />
sets, building XML documents and the behavior of XML processor,<br />
which parses the XML document, are all determined and based on<br />
specifications of XML 1.0. The specification of XML can be obtained<br />
at http://www.w3c.org/xml.<br />
The concepts on which XML is built are pretty straightforward:<br />
the meaning of the data in an XML document is specified by the<br />
tags on data elements and the relationships between different data<br />
elements in the same document is provided via simple nesting and<br />
references. Thus XML not only specifies data elements, but also their<br />
semantics.
Extensible Markup Language (XML) 161<br />
However, XML is simply a data definition language, not a technology.<br />
XML cannot by itself integrate different systems.<br />
6.4.3. XML: A derivative of SGML<br />
The parent of Extensible Markup Language (XML) is the Standard<br />
Generalized Markup Language (SGML), an international standard for<br />
the definition of device-independent, system-independent methods of<br />
representing texts in electronic form. SGML is a meta-language, that is,<br />
a means of formally conveying a language, for specifying the structure<br />
and describing the content of documents. The use of SGML for encoding<br />
electronic forms ensures their transportability from one hardware and<br />
software environment <strong>to</strong> another without loss of information. SGML<br />
enables a publishers <strong>to</strong> define their own document formats and create a<br />
single document source that can be viewed, displayed, or printed in a<br />
variety of ways.<br />
XML is a sub-domain of SGML. The full specifications of SGML<br />
have a lot of unused and optional features that over time have proven <strong>to</strong><br />
have a high cost/benefit ratio, especially for <strong>B2B</strong> type applications.<br />
XML removes many of those arcane and seldom-used features of<br />
SGML, making it easy <strong>to</strong> use for defining new document types and<br />
creating their own tags while freeing them from the constraints of using<br />
predefined tags.<br />
6.4.4. Sample XML files<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Continue on page 162
162 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
<br />
<br />
Continued from page 161<br />
]><br />
<br />
<br />
Publishers of the <strong>B2B</strong> <strong>Integration</strong> Book<br />
<br />
<br />
ABC Publishing Company <br />
staff@abcpublishing.com<br />
http://www.abcpublishing.com/<br />
1900 East 32nd St. NY 10023<br />
212-111-1111 <br />
212-222-2222<br />
<br />
<br />
Manning Publishing<br />
staff@manning.com<br />
www.manning.com<br />
30 Newport Parkway, Jersey City, NJ 07384<br />
201 533 0000<br />
201 533 9999<br />
<br />
<br />
XML allows user <strong>to</strong>:<br />
• define their own tags;<br />
• specify the semantics of the document;<br />
• form a single, logical compound file by bringing <strong>to</strong>gether multiple<br />
files;<br />
• provide processing information <strong>to</strong> the supporting application, like an<br />
XML parser, XML document valida<strong>to</strong>r or a browser;<br />
• have a secured exchange of data by using HTTP and HTTPS<br />
communication along with other security solutions;
Extensible Markup Language (XML) 163<br />
• add editing comments <strong>to</strong> an XML file;<br />
• have faster searches and retrieval of documents, as it is easier <strong>to</strong><br />
arrange XML in<strong>to</strong> an indexed reposi<strong>to</strong>ry; and<br />
• Identify the location and format of illustrations in a text document.<br />
It is important <strong>to</strong> note, however, that XML is not:<br />
• A predefined set of tags that can be used <strong>to</strong> markup documents; or<br />
• A standardized template for producing particular types of text<br />
documents.<br />
6.4.5. XML strengths<br />
In this section, we will discuss the strengths of XML.<br />
Powerful meta-language<br />
Being a derivative of SGML, XML supports development of new<br />
markup languages for vertical industries and business domains. The<br />
XML language consists of rules that anyone can follow <strong>to</strong> create a<br />
markup language. Some of the examples include Fpml (Financial Products<br />
Markup Language), cXML (Commerce Extensible Markup Language).<br />
The rules ensure that a single compact program, the parser, can process<br />
all these new languages. XML can integrate multiple files (with structured<br />
data and unstructured data) in<strong>to</strong> a single compound document. Example<br />
of structured data are legacy files or relational database, unstructured<br />
data can be text documents, graphics and images, audio and video<br />
resources and Web pages.<br />
Allows semantic agreement between trading partners<br />
XML enables the creation of semantic agreement among companies<br />
exchanging XML documents by providing a mapping, transformations<br />
and cross-references in that document. Through an XML workflow,<br />
which can be distributed <strong>to</strong> all the trading partners or can be on a perpartner<br />
basis, companies can also define the processing of this XML<br />
document by identifying activities, processes and tasks.
164 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Domain-specific vocabularies<br />
XML enables building domain specific vocabularies for horizontal and<br />
vertical industry for, among others, advertising, financial and electronic<br />
<strong>commerce</strong>. These vocabularies will standardize the business process<br />
communication among partners. Several companies are also developing<br />
internal corporate vocabularies for describing internal data processes.<br />
Self-describing and interpreted<br />
XML is a human readable, self-describing language. Without any knowledge<br />
of applications and software programs at senders and receivers<br />
end, XML documents can be exchanged because the syntax of an XML<br />
document itself describes the relationships among the various elements.<br />
This relationship can be described either explicitly through Document<br />
Type Definitions (DTD) or implicitly by means of element context. The<br />
decoupling of applications and data also enables changes <strong>to</strong> the<br />
transactions, without any change required in the underlying applications,<br />
by merely changing the DTD. Proprietary as well as industry standard<br />
DTDs (XML/EDI, RosettaNet, etc.) can be used, depending on the<br />
requirement and availability.<br />
Simple<br />
Since XML is text-based, it is very easy <strong>to</strong> comprehend and understand<br />
XML documents, their structure, content, elements and relationships.<br />
This makes it easier <strong>to</strong> maintain and manage contents within XML<br />
documents.<br />
For example, if an XML document contains Orange and Orange, it is easy <strong>to</strong> distinguish<br />
that the first instance of Orange is in the context of fruit and the second<br />
occurrence is in the context of color.<br />
Separation of content data and its presentation format<br />
One of the biggest advantages of XML over HTML is that the former<br />
clearly separates the semantic content of the document and the<br />
presentation of the document.
Universal language<br />
Extensible Markup Language (XML) 165<br />
XML is a universal language which can be used in possibly all<br />
applications, such as legacy systems, ERP, CRM, graphical user interface<br />
for applications, object-oriented applications in C++ and Java, databases<br />
such as Oracle, Sybase and ODBMS powered XML reposi<strong>to</strong>ry, <strong>to</strong> name<br />
just a few.<br />
Softwares that are properly coded <strong>to</strong> parse certain XML documents<br />
can even understand languages that use a different character set, like<br />
Arabic or Japanese. This enables the exchange of information, not only<br />
between different computer systems and applications, but also across<br />
languages and countries.<br />
Powerful XML-based search engines<br />
Since XML documents contain contextual information, XML-based<br />
search engines are more likely <strong>to</strong> retrieve exact results matching a<br />
search query. These search engines can also retrieve specific portions of<br />
an XML file rather than presenting the whole file <strong>to</strong> the user. This not<br />
only saves network bandwidth, but also gives faster access <strong>to</strong> relevant<br />
information for the user.<br />
Common open standard<br />
XML is based on common open standards, which decouples it from<br />
proprietary browsers, parsers, edi<strong>to</strong>rs, etc. This is one of the great<br />
benefits of XML.<br />
Provides a 'one-server view' for distributed data<br />
In distributed applications, the data and elements that form an XML<br />
document can be distributed over multiple remote servers. Undoubtedly,<br />
XML is the most sophisticated format for distributed data.<br />
XML compresses very well<br />
Compression of data essentially means maximizing the throughput of a<br />
given input stream. Since XML documents are structured and highly
166 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
ordered, they can be compressed fairly well, thereby increasing<br />
performance. In fact, the compression of XML documents is much<br />
better than a standard text document as the latter is usually less structured.<br />
Rapid adoption by industry<br />
IBM, Microsoft, Sun, SAP, HP and many companies are supporting<br />
XML. XML is being rapidly adopted by all companies, big or small, in<br />
all the sec<strong>to</strong>rs of the economy, making it the de fac<strong>to</strong> standard for<br />
exchanging data over the Internet.<br />
6.4.6. XML limitations<br />
In this section, we will discuss some of the major limitations of XML.<br />
XML messages can be very large<br />
XML messages can be as large as 5 <strong>to</strong> 10 times their equivalent EDI<br />
messages, making it much slower than EDI. Such a large flow of data<br />
over the Internet uses up a lot of network bandwidth and slows the<br />
whole process down. For large companies that have fixed relationships<br />
and high volume of transactions, EDI is still a better way of handling<br />
those connections. XML, on the other hand, can be used for seeking<br />
any-<strong>to</strong>-any connectivity.<br />
Different standards<br />
Several organizations and companies are promoting their own flavors of<br />
XML standards. This adds <strong>to</strong> a lot of confusion in the marketplace<br />
about the interoperability issues. XML is also just an evolving technology<br />
and there are several pieces that are still being developed.<br />
Limited semantic interpretation<br />
For two companies <strong>to</strong> be able <strong>to</strong> exchange XML-based data, they need<br />
<strong>to</strong> explicitly agree upon the semantics of the document such as the
Extensible Markup Language (XML) 167<br />
definitions of tags. XML document by itself does not provide much<br />
information about how <strong>to</strong> interpret it.<br />
Does not facilitate data transformation<br />
The core problem in either EAI or <strong>B2B</strong>i for all corporations is the<br />
ability <strong>to</strong> transform and integrate data from one application <strong>to</strong> another.<br />
However, XML is just another data format in the plethora of formats<br />
used by a company.<br />
6.4.7. XML namespaces<br />
According <strong>to</strong> the W3C, an XML namespace is a collection of names,<br />
identified by a Uniform Resource Identifier (URI) reference, which are<br />
used in XML documents as element types and attribute names. XML<br />
namespaces qualify element names in a recognizable manner <strong>to</strong> avoid<br />
conflicts between elements with the same name. The elements contained<br />
within an XML document can be defined in different schemas on the<br />
Internet.<br />
Since XML documents can contain data from multiple sources across<br />
the Web, there is a great likelihood of element name overlapping. With<br />
the use of namespaces, same element names will not conflict and<br />
clarify their respective origins within an XML document. In other<br />
words, these similar elements could refer back <strong>to</strong> different schemas<br />
which uniquely qualify their semantics. A very simple example of<br />
element repetition within an XML document is the use of in a<br />
book purchase order. This element can be used for the book title,<br />
author's title, publishing company's contact person title etc. It is worth<br />
mentioning that namespaces do not give processing instructions for<br />
elements. Users (application developers, etc.) have <strong>to</strong> know what the<br />
elements mean and decide how <strong>to</strong> process them.<br />
The W3C has released XML namespaces as a recommendation,<br />
allowing elements <strong>to</strong> be subordinate <strong>to</strong> a URI. This enables users <strong>to</strong><br />
define private dictionaries of terms, or use a public namespace of<br />
common terms.<br />
Let's see the use of namespaces through an example.
168 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
XML NAMESPACE EXAMPLE<br />
<br />
<br />
<br />
<br />
Lee<br />
Bruce<br />
<br />
<br />
05-01 -2001 <br />
l 111111 l<br />
<br />
<br />
Any element name that begins with 'buyer:' prefix<br />
defined by the 'http://www.ds.org/buyers' namespace.<br />
element beginning with 'gs:' has meaning defined by<br />
the 'http://gs.org' namespace.<br />
has meaning<br />
Similarly, any<br />
whoever owns<br />
6.4.8. Brief introduction <strong>to</strong> the components of XML<br />
Any XML document is composed of a series of entities, with each<br />
entity containing one or more logical elements and each element<br />
containing one or more attributes that describe how <strong>to</strong> process that<br />
entity. XML defines the syntax for expressing the relationships among<br />
entities, elements and attributes that <strong>to</strong>gether make up an XML document.<br />
Based on these relationships, applications identify the component parts<br />
of each document.<br />
The structure of an XML document is validated through XML<br />
schema or DTD that declares permitted elements, entities and attributes<br />
and their relationships.<br />
Elements and attributes<br />
The primary components described in a DTD are elements and attributes.<br />
Together they are responsible for establishing the logical structure of
Extensible Markup Language (XML) 169<br />
XML documents. An element is essentially a logical unit of information,<br />
while an attribute is a characteristic of that information. Attributes help<br />
in describing the element in more detail. XML attribute types are of<br />
three kinds: a string type, a set of <strong>to</strong>kenized types and enumerated<br />
types.<br />
An element declaration has the following syntax:<br />
Syntax:<br />
<br />
Elements with data are declared with the data type inside parentheses:<br />
Syntax:<br />
<br />
#CDATA implies that the element contains character data (markup<br />
characters like <br />
The keyword ANY declares an element with any content.<br />
Example:<br />
<br />
Elements can also be empty:<br />
<br />
Empty elements are declared with the keyword EMPTY inside the<br />
parentheses.<br />
Example:<br />
<br />
XML element attributes are declared with an ATTLIST declaration.<br />
An attribute declaration has the following syntax:
170 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Syntax:<br />
<br />
Attribute declaration example:<br />
DTD example:<br />
<br />
<br />
XML example:<br />
<br />
In this example, circle is defined <strong>to</strong> be an empty element with radius<br />
as an attribute of type CDATA. The radius attribute has a default<br />
value of 0.<br />
Entities<br />
XML documents are divided in<strong>to</strong> s<strong>to</strong>rage units called entities, which<br />
define the physical structure of an XML document. The entities are<br />
usually identified by unique names and can be declared either internally<br />
or externally. Entities as variables can also be used <strong>to</strong> define shortcuts<br />
<strong>to</strong> common text.<br />
Following is the syntax along with an example:<br />
Syntax:<br />
<br />
DTD Example:<br />
<br />
<br />
XML example:<br />
&?writer;©right;<br />
Comments<br />
In XML syntax, comments begin with '' and can<br />
be placed anywhere in an XML document. Comments can contain any<br />
data except the literal string '--'. The parser does not usually pass<br />
comments <strong>to</strong> the application.
Document type definitions (DTD)<br />
Extensible Markup Language (XML) 171<br />
An XML document is essentially a structured medium for s<strong>to</strong>ring<br />
information. But how does an application identify which XML document<br />
is valid or not? In order <strong>to</strong> assess the validity of an XML document,<br />
the application needs <strong>to</strong> establish exactly <strong>to</strong> which structure the<br />
information within the document must adhere. This is accomplished<br />
with a schema, which is a model used <strong>to</strong> describe the structure of<br />
information within an XML document. Schemas are used in XML <strong>to</strong><br />
model a class of data.<br />
One of the principal uses of structured information is <strong>to</strong> enable data<br />
interchange. Different industries create consortia <strong>to</strong> specify the content<br />
model on which they all agree and which they use <strong>to</strong> mark up their<br />
information so that they can share it with each other easily and efficiently.<br />
In the context of structured information, that content model is defined<br />
as a DTD or a schema.<br />
DTDs are a means of establishing a schema for XML documents.<br />
The purpose of a DTD is <strong>to</strong> define the legal building blocks of an<br />
XML docment. It defines the document structure with a list of legal<br />
elements. A DTD can be declared inline in an XML document, or as an<br />
external reference.<br />
Example of a DTD:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Continue on page 172
172 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 171<br />
The DTD is interpreted like this:<br />
lELEMENT order (in line 2) defines the element 'order' as having<br />
a buyer element and one or more occurrences of 'lineltem' element.<br />
lELEMENT buyer (in line 3) defines the 'buyer' as having elements<br />
'name, address, city, state and zip'.<br />
!ELEMENT name (in line 4) is defined <strong>to</strong> be of the type 'PCDATA<br />
and so on ...<br />
Example of an XML document with an external DTD:<br />
<br />
<br />
<br />
]><br />
<br />
<br />
Beautiful Home Departmental S<strong>to</strong>re <br />
18 Middlesex Mall <br />
Edison <br />
NJ <br />
08817 <br />
<br />
<br />
Hand-painted lamp <br />
50 <br />
29.95 <br />
<br />
<br />
Table-mat <br />
100 <br />
5.95 <br />
<br />
<br />
The file order.dtd contains the DTD.
XML schemas<br />
Extensible Markup Language (XML) 173<br />
XML schemas, which are written in XML, define the complete structure<br />
(i.e., data types, elements, child elements, sequence of child elements,<br />
number of child elements, order of elements, attributes associated with<br />
elements, default values of attributes, entities contents and notations,<br />
etc.), content and semantics of XML documents. They provide valid<br />
building blocks for XML documents, support for data types and<br />
namespaces and document their own meaning, usage, and function.<br />
XML schemas are more flexible and powerful than DTDs.<br />
Validation of an XML document involves verifying the document<br />
against an XML schema.<br />
Continue on page 174
174 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 173<br />
human-readable and machine-processable vocabularies designed <strong>to</strong><br />
encourage the reuse and extension of metadata semantics among<br />
disparate information communities. The structural constraints RDF imposes<br />
<strong>to</strong> support the consistent encoding and exchange of standardized<br />
metadata provide for the interchangeabiUty of separate packages of<br />
metadata defined by different resource description communities.<br />
RDF integrates a variety of Web-based metadata activities including<br />
sitemaps, content ratings, stream channel definitions, search engine data<br />
collection (Web crawling), digital library collections and distributed<br />
authoring, using XML as an interchange syntax. RDF with digital<br />
signatures will be key <strong>to</strong> building the 'Web of Trust' for electronic<br />
<strong>commerce</strong>, collaboration and other applications.<br />
Source: www.w3.org/RDF<br />
6.4.9. Advantages of XML over traditional EDI<br />
Following are the advantages of XML over the traditional EDI:<br />
• Frees companies from the use of specific vendor software — With<br />
XML, companies can integrate business processes with their trading<br />
partners without having <strong>to</strong> use specific vendor software required for<br />
EDI.<br />
• Flexible standards — XML is based on simple, flexible and open<br />
standards, while EDI standards are very strict and inflexible. As a<br />
result, companies are able <strong>to</strong> au<strong>to</strong>mate the exchange of business<br />
information, dramatically improve efficiencies and reduce operating<br />
costs with the use of XML.<br />
• Cheaper — The initial setup and operational costs of EDI are very<br />
high. XML enables loose integration at a fraction of the effort and<br />
cost of traditional EDI.<br />
• Extensible — With XML, businesses do not need <strong>to</strong> replace or rebuild<br />
their applications; instead, they can simply XML-enable the data and<br />
systems they already have.<br />
• Human readable — XML is both machine and human readable while<br />
EDI is only machine-readable.
Extensible Markup Language (XML) 175<br />
• Effective use of Internet — XML effectively uses the Internet <strong>to</strong><br />
transfer the messages securely; whereas most of the EDI message<br />
flow occurs through expensive VANs.<br />
6.5. XSL — Extensible Stylesheet Language<br />
In order <strong>to</strong> display XML documents, it is necessary <strong>to</strong> have a mechanism<br />
<strong>to</strong> describe how the document should be displayed. One of the commonly<br />
used presentation technologies is Cascading Style Sheets (CSS) used by<br />
HTML, but XSL (Extensible Stylesheet Language), the preferred style<br />
sheet language of XML, is far more sophisticated than CSS. XSL is a<br />
language that can transform XML in<strong>to</strong> multiple formats, a language that<br />
can filter, format and sort XML data and a language that uses XML as<br />
its syntax. Currently, XSL is used primarily <strong>to</strong> transform XML semantics<br />
in<strong>to</strong> a display format like HTML that can be viewed through Web<br />
browsers. However, XSL provides a wide variety of presentation layers<br />
for a single XML document.<br />
An XSL style sheet contains instructions as <strong>to</strong> how <strong>to</strong> pull out<br />
information from the XML document and transform it in<strong>to</strong> another<br />
format, such as HTML or PDF file. The transformation of XML in<strong>to</strong><br />
other formats is done in a declarative way rather than the conventional<br />
scripting way, which makes it much easier <strong>to</strong> understand and maintain.<br />
The browsers and devices such as PDAs (Personal Digital Assistants)<br />
and cell phones each have a unique display format. A single XML<br />
document can be presented on all these different presentation devices<br />
by using XSL. An XSL processor, either on the client or server, can<br />
transform XML data in<strong>to</strong> the appropriate format, thereby completely<br />
decoupling the business layer with the presentation layer. This separation<br />
is the key <strong>to</strong> building any flexible and extensible application.<br />
An XSL processor can have output in multiple formats taking XML<br />
and style sheets (DTDs, schemas) as the inputs (see Figure 6.3).<br />
XSL consists of the following three parts:<br />
• XML Vocabulary — It describes the formatting objects portion of<br />
XSL. The process of formatting is performed by the formatter. The<br />
formatter may simply be a rendering engine inside a browser.<br />
Formatting objects can be inserted in<strong>to</strong> a result tree created by
176 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
XML Document<br />
1<br />
XSL<br />
Stylesheets<br />
1<br />
1<br />
• XSLPi ocessoi'<br />
I 1<br />
HTML/ Cascading!<br />
Style Sheets J<br />
Postscript/<br />
PDF<br />
Speech<br />
Figure 6.3. — A typical XSL processor<br />
" |<br />
Others 1<br />
another part of XSL, called XSLT, or XSL Transformations. Readers<br />
can get the most current working draft at http://www.w3.org/TR/xsl/.<br />
• XSL Transformations — This is a markup vocabulary which describes<br />
the transformation part of XSL. The input in this part is an<br />
XML document (source document) and the output is a result tree<br />
based on a series of filters and patterns that have been included<br />
within the style sheet. Readers can get the most current working draft<br />
at http://www.w3.org/TR/xslt.<br />
• The XML Path Language (XPath) — This is a language for<br />
addressing parts of an XML document, designed <strong>to</strong> be used by both<br />
XSLT and Xpointer. XSLT uses this language <strong>to</strong> describe the<br />
expressions and location paths that allow us <strong>to</strong> create expressions <strong>to</strong><br />
manage the selection of nodes for more advanced XSL transformations.<br />
Readers can get the most current working draft at http://www.w3.org/<br />
TR/xpath.<br />
Example of an XSL document:<br />
<br />
<br />
<br />
Order Example<br />
<br />
<br />
<br />
<br />
<br />
Buyer Details<br />
<br />
<br />
Order Line Item<br />
<br />
<br />
<br />
<br />
<br />
178 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
6.6. Coexistence of XML and EDI<br />
Continued from page 177<br />
EDI has helped companies for the last several years <strong>to</strong> simplify and<br />
speed up their transactions with cus<strong>to</strong>mers, suppliers and other partners.<br />
With the advent of XML, which has the potential of reaching new<br />
trading cus<strong>to</strong>mers and markets and serves as a universal language for<br />
all types of transactions, companies are facing <strong>to</strong>ugh questions. Should<br />
we stay with EDI? Should we move <strong>to</strong> the evolving technology of<br />
XML? Should we try <strong>to</strong> get EDI and XML <strong>to</strong> intemperate? Have the<br />
XML standards been defined for our industry?<br />
In the following section, we will try <strong>to</strong> find the answers <strong>to</strong> these<br />
daunting questions that form the backbone of a <strong>B2B</strong>i strategy.<br />
6.6.1. EDI is here <strong>to</strong> stay<br />
It is a misleading notion <strong>to</strong> claim that XML will completely replace<br />
EDI. It would be prudent for companies <strong>to</strong> build the XML world based<br />
on the last 30 years of EDI, rather than tear it all down. During these<br />
years, EDI has been implemented widely by large companies forming<br />
hub-and-spoke relationships. It has also been highly integrated in<strong>to</strong> the<br />
core business processes of companies. This level of integration required<br />
considerable effort. It is absolutely not possible <strong>to</strong> undo all EDI from
Extensible Markup Language (XML) 179<br />
business processes and then redo everything based on XML. XML and<br />
EDI will coexist for a long time. Their interoperability is one of the key<br />
success fac<strong>to</strong>rs for large, medium and small size companies doing<br />
business on the Internet.<br />
For well-defined, repetitive and high-volume situations, utilizing<br />
existing EDI connections makes the most sense for the present, especially<br />
for large organizations. XML, on the other hand, can be used <strong>to</strong> make<br />
new contacts, such as participating in <strong>B2B</strong> exchanges and adding new<br />
trading partners. If a company's relationship with a new trading partner<br />
involves a very high volume of transaction, which is difficult <strong>to</strong> manage<br />
over the Internet, EDI can be used. This gives companies tremendous<br />
benefit in being able <strong>to</strong> develop the initial contact cheaply, see if that<br />
contact blossoms and then invest money in a more robust and expensive<br />
technology.<br />
What's likely <strong>to</strong> be used by companies is a hybrid of EDI and XML.<br />
Companies are already moving <strong>to</strong>wards the implementation of EDI/<br />
XML translation software that enables conversion of any XI2 or<br />
EDIFACT EDI document in<strong>to</strong> the XML-based dialects (standards). The<br />
current XML dialects include xCBL, cXML, ebXML, BizTalk and<br />
RosettaNet PIPs.<br />
By the year 2003, XML/EDI will likely account for 30% of EDI<br />
transactions in the United States, with a further 30% supported via<br />
XML/EDI-<strong>to</strong>-EDI gateways. The remaining 40% will be supported via<br />
traditional EDI.<br />
6.6.2. EDI based on XML<br />
XML/EDI is an evolution, not a revolution. XML and EDI are both<br />
essentially data and metadata encapsulated in <strong>to</strong>kenized formats and<br />
structures. Thus, existing EDI structures and methods can be expressed<br />
in XML syntax and vice-versa (see Figure 6.4 and Figure 6.5). XML/<br />
EDI can also seamlessly interface with existing EDI systems and provide<br />
100% backward compatibility.<br />
For instance, a company can send an EDI message in an XML<br />
format <strong>to</strong> a supplier. The supplier's system can pick up the message and<br />
show it in a browser <strong>to</strong> the individual responsible for approving incoming<br />
purchase orders. That individual can modify the incoming purchasing
180 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
X12 EDI<br />
IEDI -XML<br />
i Transla<strong>to</strong>r<br />
• Uses<br />
L\<br />
XML —* XSL Parser frwnf<br />
XEDI XSL Parser XML<br />
Uses<br />
EDI Data Dictionary Transformation<br />
Instruction Sets<br />
Figure 6.4. — EDI <strong>to</strong> XML conversion<br />
Uses<br />
K<br />
EDI<br />
Transformation<br />
Rules Figure 6.5. — XML <strong>to</strong> EDI conversion<br />
order, which actually signals his approval — this could for instance be a<br />
digital signature. The approved purchase order can be sent back <strong>to</strong> the<br />
supplier's application as a plain EDI file. In this way, both human and<br />
machine readable messages that are created by a human or an application,<br />
can travel through an organization and can be sent <strong>to</strong> another organization<br />
and switch between humans and applications.<br />
It should be noted that one of the objections <strong>to</strong> wrapping an EDI<br />
message in an XML format is that a lot of overhead is created in the<br />
message.<br />
6.6.3. Characteristics of XML/EDI<br />
XML/EDI messages consist of a fusion of XML and EDI tags and data.<br />
They can be transmitted over the Internet like pure XML messages or<br />
over the VAN like EDI messages. All the current Web browsers that
Extensible Markup Language (XML) 181<br />
support XML should also support XML/EDI messages. EDI information<br />
within an XML/EDI message is explicitly labeled using tag names.<br />
DTDs that contain the structure declaration and relevant sets of code<br />
values can be referenced over the Internet.<br />
XML/EDI is a fusion of many concepts. XML/EDI:<br />
• Uses the XML and XSL for data interchange and presentation<br />
respectively;<br />
• Provides a standard for formatting documents;<br />
• Can be integrated with traditional methods of Electronic Data<br />
Interchange (EDI)<br />
• Can be used with all standard Internet transport mechanisms such as<br />
IP routing, HTTP, FTP and SMTP;<br />
• Uses modern programming <strong>to</strong>ols such as Java and ActiveX <strong>to</strong> allow<br />
data <strong>to</strong> be shared between programs; and<br />
• Uses agent technologies for data manipulation, parsing, mapping and<br />
searching.<br />
6.6.4. Benefits of XML/EDI over traditional batch EDI<br />
The benefits of XML/EDI over traditional batch EDI are:<br />
• XML/EDI is more dynamic, less costly and simpler than traditional<br />
EDI. It significantly reduces the entry costs for small and medium size<br />
companies, which cannot afford expensive EDI-based communication.<br />
• XML standards significantly reduce the number of trading partnerspecific<br />
maps required.<br />
• XML transforms static EDI tasks such as inven<strong>to</strong>ry management and<br />
production scheduling in<strong>to</strong> dynamic processes, by using real-time<br />
XML-encoded information obtained directly from cus<strong>to</strong>mers' and<br />
suppliers' business systems.<br />
• XML/EDI does not require extensive changes in the application layer<br />
which produces and consumes the data, as it keeps the information<br />
structure of EDI intact. The transition from EDI <strong>to</strong> XML using<br />
XML/EDI is done more at the transport layers.<br />
• The open architecture of XML allows the support of multiple<br />
standards.
182 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• XML/EDI over the Internet offers companies cheaper e-<strong>commerce</strong><br />
and smarter messaging via browsers.<br />
• XML/EDI enables contextual and intelligent searches over the Internet,<br />
as it wraps the unstructured text with structured data in the same<br />
document. This form of tagging makes the searches very efficient<br />
and accurate.<br />
6.6.5. Key features of XML/EDI server<br />
Does the server support all XML and EDI dialects? Is it scalable <strong>to</strong><br />
manage high-volume relationships? How well will it be able <strong>to</strong> integrate<br />
with other existing systems? Does it provide secured and reliable<br />
messaging service?<br />
These are just a few of the questions that companies come across in<br />
their search for an XML/EDI server. EDI <strong>to</strong> XML translation and viceversa<br />
is achieved primarily through stand-alone software products. Several<br />
EDI vendors also incorporate XML translation functions.<br />
Here are just a few of the desirable features of XML/EDI server that<br />
a company should consider in its final decision.<br />
Support both XML and EDI-based trading partners<br />
XML/EDI server should support EDI as well as XML-based communication.<br />
This way, a company can establish newer contacts using<br />
XML-based messaging services over the Internet, while supporting<br />
existing EDI-based relationships. This kind of flexible data exchange<br />
would allow companies <strong>to</strong> achieve the best of both worlds. They can<br />
continue benefiting from their investments in integrated EDI systems<br />
while reaching small <strong>to</strong> mid-size enterprises and e-marketplaces with<br />
XML. The XML/EDI server should be able <strong>to</strong> convert XML documents<br />
in<strong>to</strong> EDI documents and vice-versa, after validation and application of<br />
compliance checks and based on all major industry pro<strong>to</strong>cols.<br />
For example, it should support the following conversions:<br />
• XML <strong>to</strong> EDI, e.g., xCBL's Invoice <strong>to</strong> X12 810;<br />
• EDI <strong>to</strong> XML, e.g., xl2 850 <strong>to</strong> xCBL's Purchase Order;<br />
• XML <strong>to</strong> XML, e.g., xCBL <strong>to</strong> RosettaNet or xCBL <strong>to</strong> cXML;<br />
• XML <strong>to</strong> Flat File;
Extensible Markup Language (XML) 183<br />
• Flat File <strong>to</strong> XML;<br />
• EDI <strong>to</strong> EDI, e.g., X12 <strong>to</strong> EDIFACT; and<br />
• Flat File <strong>to</strong> Flat File (including CSV format type).<br />
The server should support XML standards like xCBL, RosettaNet,<br />
cXML, Open Applications Group (OAG), Financial Information<br />
eXchange (FIXML), Financial Products Markup Language (FPML),<br />
Mortgage Industry Standards Maintenance Organization (MISMO), Open<br />
Travel Alliance (OTA).<br />
FASTENAL — MAKES NEW CONTACTS,<br />
WHILE MAINTAINING THE OLD ONES<br />
Fastenal Co. in Winona, Minn., a decade-long EDI user — thanks <strong>to</strong><br />
the demands of its largest cus<strong>to</strong>mer — the industrial and construction<br />
supplier knew that its existing system couldn't handle XML. Still,<br />
Fastenal needed <strong>to</strong> accept XML transactions <strong>to</strong> deal with portals and<br />
dot-coms. In addition, it wanted <strong>to</strong> unite its more than 600 branch<br />
locations with a common look and feel. And there was that pesky<br />
back-end connection. Seamless integration was of prime importance.<br />
Luckily, Sterling Commerce Inc. had the necessary back-end<br />
connectivity and XML capability. Sterling Commerce is mostly known<br />
for its traditional Gentran EDI products, but it also offers XML<br />
connectivity through some key partners.<br />
This illustrates an important point. Fastenal could have chosen an<br />
EDI/XML product and done the heavy lifting of integration from<br />
scratch. But by researching its needs more fully, the company was<br />
able <strong>to</strong> frame a better system for its situation. And by carefully<br />
investigating vendors, Fastenal discovered a technology set that would<br />
meet its needs far better and more simply than a homegrown solution.<br />
Source: Condensed from EDI? XML? Or Both?, Part 2, XML in Practice, ITWorld.com.<br />
Eliminate the need for using VAN services<br />
The XML/EDI server should eliminate the need for using Value Added<br />
Network (VAN) services by using the Internet for exchanging
184 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
transactions. The communication of data should be secured and reliable.<br />
This way companies can save a lot on the high transaction fees associated<br />
with exchanging transactions using third-party VANs.<br />
Fit in the bigger picture of <strong>B2B</strong>i<br />
The XML/EDI server should include all the components necessary for<br />
seamless <strong>B2B</strong>i. The server along with its components should be able <strong>to</strong><br />
deliver au<strong>to</strong>mated, end-<strong>to</strong>-end integration between a company and its<br />
trading partners. It should provide ERP and EAI adapters and a robust<br />
business process engine for straightforward integration in<strong>to</strong> the enterprise<br />
(see Figure 6.6). Since each company has its own integration challenges,<br />
the server should provide options for cus<strong>to</strong>mization and integration.<br />
Support for business process integration<br />
XML/EDI server must integrate the business process transactions that<br />
involve inter-company data exchanges. Business process integration is<br />
one of the key requirements of the next generation XML-enhanced EDI<br />
servers.<br />
For example, when an ERP system detects low inven<strong>to</strong>ry and triggers<br />
a purchase order, the Netfish XDI Server au<strong>to</strong>matically translates the<br />
XML/EDI Server Integrating Internal' and<br />
External Applications<br />
Exterrial Applications (Trading Partners, <strong>B2B</strong> Exchanges, Banks,<br />
Accounting, Purchasing, Finance)<br />
I I I<br />
EDIFACT mUD Proprietary<br />
!<br />
XML/EDI <strong>Integration</strong> Server<br />
EDI Data Flat File XML/DTD<br />
Internal Enterprise Applications ERP, Legacy Systems, CRM<br />
Figure 6.6. — XML/EDI server integrating internal and external applications
liS-i<br />
ERP XDI<br />
Server<br />
Trading Partner A<br />
Extensible Markup Language (XML) 185<br />
VAN<br />
^XDI EDI<br />
Service •—-{fgp- internet<br />
Figure 6.7. Netfish XDI system<br />
Trading Partner C<br />
ERP business object in<strong>to</strong> XML and deposits it in the trading partner's<br />
mailbox on the server (see Figure 6.7). The document is au<strong>to</strong>matically<br />
scheduled for delivery <strong>to</strong> the supplier with the proper encryption and<br />
transaction audit trail.<br />
Supports encryption<br />
The data involved in <strong>B2B</strong> e-<strong>commerce</strong> is highly sensitive and should be<br />
protected from getting hacked or corrupted. The XML/EDI server should<br />
support encryption software <strong>to</strong> decrypt incoming data, encrypt outgoing<br />
data and authenticate both.<br />
Strong error handling<br />
Given the distributed nature of <strong>B2B</strong> applications, the XML/EDI server<br />
should have a robust error handling mechanism which captures all<br />
networking, application level and data errors. The error handling functionality<br />
should include the ability <strong>to</strong> capture errors in the error log and <strong>to</strong><br />
notify the person(s) concerned.<br />
Allow trading partner configuration<br />
The XML/EDI server should provide an easy <strong>to</strong> use trading partner<br />
configuration <strong>to</strong>ol. Through this <strong>to</strong>ol, companies will be able <strong>to</strong> easily configure<br />
their trading partner profiles such as specific business documents,
186 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
formats and mapping guidelines, delimiter instruction, communication<br />
pro<strong>to</strong>cols and security pro<strong>to</strong>cols.<br />
6.7. Conclusion<br />
XML has become the lingua franca of the <strong>B2B</strong> e-business revolution. It<br />
has created a mechanism <strong>to</strong> publish, share and exchange data using<br />
open standards over the Internet. There is no doubt that in the future<br />
XML will be used in each and every <strong>B2B</strong> application.<br />
XML is not an integration solution in itself—it is just a data<br />
definition language. Companies will have <strong>to</strong> install application integration<br />
servers that comply with all the leading XML standards and perform<br />
the traditional operations, such as routing, messaging, transformation<br />
and connectivity with databases and applications.<br />
In making a transition from EDI <strong>to</strong> XML-based communication,<br />
companies should try <strong>to</strong> leverage their existing hardware and software<br />
investments using an XML/EDI server. The XML/EDI server should<br />
enable companies <strong>to</strong> communicate with virtually any type of business or<br />
trading partner. This communication should be fast, secured and maintain<br />
data integrity. In all likelihood, they should be able <strong>to</strong> get an additional<br />
<strong>to</strong>ol from their current EDI vendor that supports XML/EDI translation<br />
for all different dialects of EDI and XML.
Chapter ~~[<br />
XML Standards for E-business<br />
The focus of this chapter<br />
<strong>B2B</strong> integration poses big interoperability challenges. Frameworks that<br />
provide standards and specifications for XML-based solutions for<br />
communication among cross-organization applications are critical <strong>to</strong><br />
overcome these challenges.<br />
In this chapter, you will learn about the need for XML standards.<br />
We have presented a thorough discussion of the leading industry standards<br />
such as RosettaNet, ebXML and BizTalk with examples. You will also<br />
learn about the rapidly evolving Simple Object Access Pro<strong>to</strong>col (SOAP).<br />
187
188 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
7.1. Standards Imperative for <strong>B2B</strong><br />
Application <strong>Integration</strong><br />
In the expanding world of <strong>B2B</strong> e-<strong>commerce</strong>, companies have <strong>to</strong> think<br />
globally. Without global e-<strong>commerce</strong> standards there can be no seamless<br />
business among companies spread out all over the world. These standards<br />
are a common set of industry-specific definitions representing business<br />
processes. For XML messages <strong>to</strong> be interpreted by all companies<br />
participating in <strong>B2B</strong>i they need <strong>to</strong> agree on a common XML-based <strong>B2B</strong><br />
standard, which will define the document formats, allowable information<br />
and process descriptions. These standards are like common currency for<br />
conducting business. If companies use the same currency <strong>to</strong> do business,<br />
then there is no need <strong>to</strong> convert one currency in<strong>to</strong> another, based on<br />
<strong>to</strong>day's conversion rate. In a similar way, communication based on<br />
these standards will be accepted and unders<strong>to</strong>od by every other company<br />
that uses the same standards.<br />
The need for industry-wide (vertical industries) <strong>B2B</strong> e-<strong>commerce</strong><br />
standards is becoming increasingly critical and obvious. Several<br />
organizations have been working <strong>to</strong> define these market-segment-specific<br />
definitions. Standards such as RosettaNet and OASIS are making it<br />
possible for companies <strong>to</strong> share information with one another without<br />
having <strong>to</strong> completely re-engineer their internal applications. These<br />
standards will au<strong>to</strong>mate the flow of information across all companies in<br />
that industry, independent of the underlying software or hardware<br />
infrastructure supporting the activities related <strong>to</strong> these transactions.<br />
A few examples of <strong>B2B</strong> XML standards are:<br />
• RosettaNet — a collection of exchange pro<strong>to</strong>cols that define products,<br />
partners and business transactions for the electronic components and<br />
information technology industry;<br />
• Financial products Markup Language (FpML) — a standard for the<br />
financial industry;<br />
• Electronic business Markup Language (ebXML) — a joint initiative<br />
of the United Nations (UN/CEFACT) and OASIS, a set of<br />
specifications for XML-based messages that allow enterprises <strong>to</strong><br />
conduct business with each other;
XML Standards for E-business 189<br />
• Commerce Extensible Markup Language (cXML) — a streamlined<br />
pro<strong>to</strong>col intended for consistent communication of business documents<br />
among procurement applications, e-<strong>commerce</strong> hubs and suppliers;<br />
and<br />
• BizTalk Framework — a set of guidelines for implementing an XML<br />
schema and a set of XML tags used in messages sent between<br />
applications.<br />
In this chapter, we will discuss a few frameworks and standards<br />
that ensure data communication interoperability and provide a<br />
mechanism that allows enterprises <strong>to</strong> find and conduct business with<br />
one another.<br />
7.2. RosettaNet's Solution<br />
In this section, we describe RosettaNet — the leading <strong>B2B</strong> standard for<br />
the information technology, electronic components and semiconduc<strong>to</strong>r<br />
manufacturing industry.<br />
7.2.1. What is RosettaNet?<br />
RosettaNet is a consortium of major information technology (IT),<br />
electronic components (EC) and semiconduc<strong>to</strong>r manufacturing (SM)<br />
companies, including manufacturers, suppliers, distribu<strong>to</strong>rs, resellers,<br />
financiers, shippers and end users, working <strong>to</strong> create and implement<br />
industry-wide e-business process standards. It is creating the electronic<br />
<strong>commerce</strong> framework <strong>to</strong> align processes in the IT supply chain.<br />
RosettaNet is establishing common definitions for data and business<br />
processes and dialogs in the supply chain cycle, such as quote and order<br />
entry and query product information. By defining these standard processes<br />
for the sharing of business information electronically, RosettaNet opens<br />
up the lines of communication for every company involved. It is one of<br />
the best examples of an industry standards group that is leveraging<br />
XML <strong>to</strong> address business needs.
190 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
7.2.2. Components of RosettaNet's<br />
e-business solution<br />
The RosettaNet e-business model consists of:<br />
• Partner Interface Processes — Business processes that define the<br />
interaction among trading partners;<br />
• RosettaNet Implementation Framework — A framework that defines<br />
pro<strong>to</strong>col of networked applications; and<br />
• RosettaNet Dictionary — A set of dictionaries that provides common<br />
coding schemes and standards.<br />
Partner Interface Processes (PIP)<br />
RosettaNet aims <strong>to</strong> align business processes of supply chain partners<br />
by continuously developing, maintaining and distributing partner interface<br />
processes. RosettaNet's PIPs are specialized system-<strong>to</strong>-system XMLbased<br />
dialogs that define how business processes are conducted between<br />
IT manufacturers, software publishers, distribu<strong>to</strong>rs, resellers and corporate<br />
end users.<br />
Each PIP defines how two specific processes, running in two different<br />
partner organizations, will be standardized and interfaced across the<br />
entire supply chain. PIPs include all the business logic, message flow<br />
and message contents <strong>to</strong> enable alignment of two processes. The partner<br />
companies can implement a subset of PIPs required <strong>to</strong> address their<br />
specific business interface requirements.<br />
Partner<br />
Review<br />
Establish<br />
Relationship<br />
Product<br />
Introduction<br />
Release<br />
Product<br />
Marketing<br />
Information<br />
Management<br />
Stimulate Market S. I<br />
Q'eate Demand I<br />
r<br />
Order i<br />
I nven<strong>to</strong>ry<br />
Management<br />
Management Service j I &<br />
Suppoit<br />
I<br />
Figure 7.1. — RosettaNet clusters<br />
Provide Post-Sate £<br />
Support
3A Quote Si<br />
Order E ntry<br />
3B Transportation<br />
Et Distribution<br />
Shipping Instructions<br />
Snipping Status<br />
Quotes Purchase<br />
Oder<br />
3D Create Solution<br />
Configuration<br />
3C Returns<br />
& Finance<br />
Invoice Return Information<br />
Financial Authorization<br />
XML Standards for E-business 191<br />
Sales Configuration<br />
"technical Configuration<br />
Ma n ufa ctu rin g In stru ctio ns<br />
Asse mb ly Instruct! on s<br />
3E Ship from S<strong>to</strong>ck!<br />
& Debit /Credit I<br />
Credit/ Debit<br />
Authorization<br />
Figure 7.2. — Segments in Order Management cluster<br />
Table 7.1. PIP clusters and segments<br />
Cluster Segments<br />
1. Partner, Product and Service Review A. Partner Review<br />
B. Product and Service Review<br />
2. Product Introduction A. Preparation for Distribution<br />
B. Product Change Notification<br />
3. Order Management A. Quote and Order Entry<br />
B. Transportation and Distribution<br />
C. Returns and Finance<br />
D. Product Distribution<br />
4. Inven<strong>to</strong>ry Management A. <strong>Collaborative</strong> Forecasting<br />
B. Inven<strong>to</strong>ry Allocation and<br />
Replenishment<br />
C. Inven<strong>to</strong>ry Reporting<br />
D. Inven<strong>to</strong>ry Replenishment<br />
E. Sales Reporting<br />
F. Price Protection<br />
G. Ship from S<strong>to</strong>ck and Debit/Credit<br />
(Electronic Components)<br />
5. Marketing Information Management A. Lead/Opportunity Management<br />
B. Marketing Campaign Management<br />
C. Design Win Management<br />
6. Service and Support A. Warranties Management<br />
B. Asset Management<br />
C. Technical Support and Service<br />
Management
192 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
The PIPs have been grouped in logical clusters (see Figure 7.1) and<br />
segments (see Figure 7.2) as shown in Table 7.1.<br />
A few published RosettaNet PIPs within clusters and segments are as<br />
follows:<br />
Note: For detailed description of PIP2A1, review Appendix A.<br />
Request Account Setup (PIPIAl) — PIPIAl provides au<strong>to</strong>mation support<br />
<strong>to</strong> the process of setting up an account between two trading<br />
partners, by electronically transferring information such as contacts and<br />
locations.<br />
Distribute New Product Information (PIP2A1) — PIP2A1 specifies<br />
the process of distributing new product information <strong>to</strong> buyers so that<br />
enterprise systems can accept product orders. It also specifies the<br />
process for product information users <strong>to</strong> populate the buyer's online<br />
sales catalog.<br />
Request Quote (PIP3A1) — PIP3A1 supports the process between<br />
trading partners that involves requesting and providing quotes.<br />
Notification of Sales Forecast (PIP4A1) — The purpose of PIP4A1 is<br />
<strong>to</strong> au<strong>to</strong>mate the process of issuing a sales forecast notification <strong>to</strong> a<br />
forecast recipient. The periodicity and time horizon of the sales forecast<br />
are cus<strong>to</strong>mizable.<br />
Manage Sales Lead (PIP5A1) — PIP5A1 allows a sales lead origina<strong>to</strong>r<br />
<strong>to</strong> transfer the responsibility of working a lead <strong>to</strong> a sales lead processor<br />
who either accepts or rejects a lead.<br />
An example of a business scenario<br />
Consider a simple business scenario in which the buyer has <strong>to</strong> place an<br />
order with a supplier for a specific part. Both the buyer and supplier<br />
have implemented the RosettaNet Order Management process. This is a<br />
typical example of e-procurement using RosettaNet solution.<br />
The procurement cycle comprises of the following interactions<br />
between the buyer and supplier:
XML Standards for E-business 193<br />
• The buyer confirms the price and availability for Item A with the<br />
supplier;<br />
• The buyer places the order with the supplier; and<br />
• The buyer checks on the status of the order.<br />
The PIPs that will be used in this example will be from the Order<br />
Management Cluster and Quote and Order Entry Segment as under:<br />
Query price and availability—PIP3A2<br />
With PIP3A2, the partners can query the price and availability of<br />
products from other partners that supply products in the supply chain<br />
(see Figure 7.3). Price and availability queries typically precede requests<br />
for quotes, as the quote is an agreement <strong>to</strong> provide a product at a<br />
specified price, whereas a price and availability check is much less<br />
formal.<br />
1. The buyer initiates the dialog with PIP3A2.<br />
2. The supplier acknowledges the request.<br />
3. The supplier sends the price and availability response back <strong>to</strong> the<br />
buyer.<br />
4. The buyer acknowledges the response.<br />
Quote and order entry — PIP3A1<br />
The purpose of PIP3A1 is <strong>to</strong> support a process between trading partners<br />
that involves requesting and providing quotes (see Figure 7.4).<br />
1.Price and availability query<br />
2. Acknowledges the request<br />
- 4 » " "<br />
i 3. Price and availability query response<br />
Buyer * -; Supplier I<br />
! -- 4. Acknowledges the response<br />
V- -/<br />
Figure 7.3. — Query price and availability (PIP3A2)
194 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Buyer<br />
Buyer<br />
1. Quote request<br />
2. Acknowledges the request<br />
3. Quote response<br />
4. Acknowledges the response<br />
Figure 7.4. — Request quote (PIP3A1)<br />
1. Purchase order request<br />
2. Purchase order acceptance<br />
Figure 7.5. — Manage purchase order (PIP3A4)<br />
!•••<br />
Supplier<br />
•1<br />
Supplier<br />
1. The buyer requests a product quote from a supplier using PIP3A1.<br />
2. The supplier acknowledges the request.<br />
3. The supplier responds back with the quote.<br />
4. The buyer acknowledges the response.<br />
Manage purchase order —PIP3A4<br />
PIP3A4 specifies the purchase order management process between trading<br />
partners (see Figure 7.5). The management process includes the creation,<br />
change and cancellation of a purchase order.<br />
1. The buyer creates a purchase order and sends a request <strong>to</strong> the<br />
supplier <strong>to</strong> fulfill the order.<br />
2. The seller acknowledges acceptance of the purchase order.<br />
3. The buyer can also use this PIP in the future <strong>to</strong> make a change in the<br />
purchase order or <strong>to</strong> cancel it al<strong>to</strong>gether.<br />
J
k<br />
! . ^ .<br />
Buyer<br />
1.Purchase older status query<br />
4<br />
2. Acknowledges the request<br />
3. Purchase order status response<br />
4. Acknowledges the response<br />
XML Standards for E-business 195<br />
— •<br />
• * •<br />
!•••<br />
Figure 7.6. — Query purchase order status (PIP3A5)<br />
Query order status — PIP3A5<br />
Supplier<br />
PIP3A5 specifies a process for querying and receiving the order status<br />
(see Figure 7.6). The status of the purchase order informs a requesting<br />
partner of the fulfillment and shipping status of the products in the<br />
order. For example, products in the purchase order request may be<br />
backordered, shipped, or the entire purchase order canceled.<br />
1. The buyer requests status of the product order.<br />
2. The supplier acknowledges the request.<br />
3. The supplier responds with the status that reflects the current state of<br />
the purchase order at the time of the request.<br />
4. The buyer acknowledges the response.<br />
RosettaNet implementation framework<br />
The RosettaNet implementation framework is an open and common<br />
framework for partners and solution providers <strong>to</strong> implement computer<br />
solutions that can collaboratively execute RosettaNet complaint PIPs.<br />
Its specifications include authentication, authorization, encryption and<br />
non-repudiate implementation aspects that are necessary for conducting<br />
secure electronic business over the Internet.<br />
This framework enables the creation of networked applications across<br />
corporate boundaries and executes electronic business processes by<br />
communicating via strictly defined pro<strong>to</strong>cols.<br />
\<br />
D>
196 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
RosettaNet dictionary (ITTD)<br />
RosettaNet dictionary is a master dictionary, which defines the properties<br />
for products, partners and business transactions. This dictionary, coupled<br />
with an established implementation framework, is used <strong>to</strong> support the<br />
e-business dialog known as PIP.<br />
The dictionary captures the component characteristics, component<br />
features and component associations. Characteristics are quantitative<br />
properties that have a well-defined type and default unit of measurement.<br />
Features are qualitative properties that may be single or multiple valued.<br />
The dictionary enumerates the set of valid features if they exist.<br />
Characteristics and features <strong>to</strong>gether are called as resources of a<br />
component.<br />
The following terms are used in specification names <strong>to</strong> denote<br />
component resources:<br />
1. Supplies: A component supplies a resource, e.g., a memory module<br />
and hard disk 'supply' s<strong>to</strong>rage capacity.<br />
2. Consumes: A component consumes a resource, e.g., software<br />
'consumes' s<strong>to</strong>rage capacity when it is permanently s<strong>to</strong>red on hard<br />
disk.<br />
3. Uses: A component uses resources in a shared way, e.g., software<br />
'uses' temporary disk space; other programs use this space as well.<br />
In addition, dictionaries capture the enumerated set of valid feature<br />
values that exist. Associations imply component interrelationships<br />
necessary for describing complex products. These are also present in<br />
the dictionary. Apart from all the above, the dictionary contains<br />
component functional or operational property specifications, such as<br />
resource consumption characteristics and functional architecture<br />
associations. Finally, the dictionary contains constraint descriptions that<br />
define the boundary conditions within which complex products can<br />
operate. For example, a lap<strong>to</strong>p provides a minimum of 1 and a maximum<br />
of 1 serial port.<br />
7.2.3. Benefits of using RosettaNet solution<br />
The benefits of using RosettaNet-based <strong>B2B</strong> integration solution<br />
include:
XML Standards for E-business 197<br />
• Manufacturers and distribu<strong>to</strong>rs will accelerate the speed of product<br />
availability <strong>to</strong> the buyers, decrease their inven<strong>to</strong>ry levels, raise<br />
productivity, have faster response times and thus be cost effective.<br />
• Using RosettaNet's electronic component technical dictionary (ECTD),<br />
manufacturers can make an immediate announcement of a new product<br />
and discontinuation of an existing product <strong>to</strong> all buyers and <strong>B2B</strong><br />
exchanges. This is especially relevant in an industry where the<br />
product life cycles are very short.<br />
• RosettaNet PIPs ensure the accuracy of transmitted data, eliminate<br />
redundant data entry at multiple points in the supply chain and<br />
facilitate more accurate planning and forecasting than before.<br />
• RosettaNet helps in streamlining just-in-time (JIT) reporting among<br />
all partners in the supply chain cycle. Usually the cost of generating<br />
multiple reports for multiple trading partners is very significant.<br />
Companies can reduce this cost as the product definitions become<br />
standardized.<br />
• Buyers can do a comparative study and analysis of the different<br />
product lines from multiple vendors. RosettaNet makes the information,<br />
like the catalogs, available <strong>to</strong> buyers in a uniform format from<br />
suppliers, making it possible for buyers <strong>to</strong> do an orange-<strong>to</strong>-orange<br />
evaluation of the product pricing, contract terms, availability and<br />
delivery dates.<br />
• Based on the above-described uniformity, buyers can shorten their<br />
procurement cycle and make it standardized.<br />
• Buyers and sellers will not be married <strong>to</strong> each other for a lifetime.<br />
They can engage in dynamic, flexible trading-partner relationships.<br />
• RosettaNet also standardizes the money lending process between<br />
partner companies and financial institutions. All the lending processes<br />
can be tracked on a real-time basis.<br />
To exploit the benefits of standardization, RosettaNet solution has <strong>to</strong><br />
be widely adopted and integrated in<strong>to</strong> enterprise applications by all<br />
large companies (if possible — all companies) in the respective sec<strong>to</strong>rs.<br />
7.2.4. RosettaNet embraced by software vendors<br />
Several leading software and application server vendors in the <strong>B2B</strong><br />
space are providing packaged solutions <strong>to</strong> help companies implement
198 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
RosettaNet PIPs for the RosettaNet Implementation Framework (RNIF).<br />
This capability reduces <strong>B2B</strong> integration complexities by providing<br />
baseline rules and standard message formats for trading partner<br />
interaction.<br />
A good example is WebLogic Collaborate for RosettaNet which<br />
provides <strong>to</strong>ols <strong>to</strong> help solution providers implement PIPs.<br />
7.2.5. What's the ROI (Return on Investment) in<br />
implementing RosettaNet solution?<br />
The return on investment is probably the first question that any<br />
corporation would consider before investing any resources <strong>to</strong> implement<br />
RosettaNet. Just because it is a hot technology and has everyone talking<br />
about it, is certainly not a good enough reason. How much companies<br />
will have <strong>to</strong> invest in implementing this solution and what the payoff,<br />
both near term and long term, are natural questions that need <strong>to</strong> be<br />
answered.<br />
There is little doubt that the first PIP is the hardest <strong>to</strong> implement. The<br />
cost and difficulty level in business process reengineering and integration<br />
is high. However, both these features fade away with the implementation<br />
of subsequent PIPs. The companies can, thereafter, enjoy the fruits of<br />
incremental cost reduction inherent in XML-based standards. The<br />
implementation and integration cost and effort required in RosettaNet is<br />
inversely proportional <strong>to</strong> the level of integration in existing systems.<br />
According <strong>to</strong> RosettaNet, implementation of just one PIP that allows<br />
manufacturers <strong>to</strong> seamlessly add new products — including standardized<br />
technical specifications and part numbers — in<strong>to</strong> their partners' catalogs<br />
alone, results in an average of $1 million in cost savings per year for<br />
each implementer — a 200% ROI. The IT supply chain stands <strong>to</strong> reap<br />
significant savings from the pervasive implementation of PIPs, possibly<br />
as high as $25 billion annually.<br />
Philips Semiconduc<strong>to</strong>rs, a member of RosettaNet, believes that<br />
RosettaNet's operational process enhancements will save the company<br />
millions of dollars. Just by allowing cus<strong>to</strong>mers <strong>to</strong> view order status and<br />
obtain cursory price and delivery information in a standardized way, the<br />
company will reduce the amount of cus<strong>to</strong>mer service-related calls by<br />
75%.
Leverage existing assets<br />
XML Standards for E-business 199<br />
Companies will be able <strong>to</strong> lower their investment cost in implementing<br />
RosettaNet solution by building it on <strong>to</strong>p of their existing assets. If a<br />
company has invested millions of dollars <strong>to</strong> put their EDI infrastructure<br />
in place, it makes absolutely no sense <strong>to</strong> abandon it and embrace<br />
RosettaNet. Instead, it should find an application server or software<br />
that, apart from supporting all RosettaNet PIPs, is also able <strong>to</strong> connect<br />
<strong>to</strong> its EDI systems. For example, XMLSolutions' software and services<br />
support all RosettaNet PIPs. The integration of XMLSolutions' XEDI<br />
with RosettaNet provides a means <strong>to</strong> connect with existing EDI systems.<br />
ROSETTANET TRANSFORMS HEWLETT-PACKARD'S<br />
SUPPLY CHAIN<br />
Hewlett-Packard's implementation of RosettaNet PIPs has transformed<br />
HP's <strong>B2B</strong> processes throughout its supply chain for HP workstations,<br />
HP NetServers and Unix servers. The RosettaNet PIPs have resulted<br />
in significant time savings and a smoother information flow for HP<br />
and its value-added resellers (VARs), distribu<strong>to</strong>rs and contract<br />
manufacturers.<br />
All the three RosettaNet PIPs that HP is currently using — PIP3A4,<br />
which acknowledges receipt of a purchase order; PIP3A6, which<br />
provides order status; and a pre-release version of PIP3B2, which<br />
sends advance shipment and shipper's manifest notifications — have<br />
reduced processing time for HP and North American VARs and<br />
distribu<strong>to</strong>rs from days <strong>to</strong> minutes. At the other end of the supply<br />
chain, the same PIPs are being exchanged between HP and North<br />
American contract manufacturers, resulting in similar time savings.<br />
The HP NetServer division is also using RosettaNet <strong>to</strong> enable<br />
VARs <strong>to</strong> streamline their entire configuration, pricing and availability,<br />
checking for HP NetServers ordered under HP Select Express, which<br />
delivers cus<strong>to</strong>mized solutions.<br />
The key benefits of implementation include:<br />
• Easy-<strong>to</strong>-use, Web-based <strong>to</strong>olset for Select Express HP NetServers;<br />
Continue on page 200
200 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 199<br />
• Quick and accurate HP NetServer configuration and management<br />
of shopping carts;<br />
• Online access <strong>to</strong> distribu<strong>to</strong>r pricing and HP availability for VARs;<br />
• Easy, cus<strong>to</strong>mized quote creation for cus<strong>to</strong>mers; and<br />
• Fast online order placement direct <strong>to</strong> distribu<strong>to</strong>rs.<br />
Source: Condensed from RosettaNet Standards: Strengthening Trading Networks,<br />
Ascet Volume 3<br />
7.3. FpML — Financial Products Markup Language<br />
This section gives a brief description of the Financial Products Markup<br />
Language (FpML) and its benefits.<br />
7.3.1. What is FpML?<br />
FpML is a new pro<strong>to</strong>col, based on XML, <strong>to</strong> enable e-<strong>commerce</strong> activities<br />
in the field of financial derivatives. It is a standard that will allow<br />
financial institutions <strong>to</strong> exchange derivative transactions using the<br />
Internet. All categories of over-the-counter (OTC) derivatives will<br />
eventually be incorporated in<strong>to</strong> the standard. It aims <strong>to</strong> streamline the<br />
processes supporting trading activities in the financial derivatives, by<br />
describing these products and associated business interactions, based on<br />
industry standards (see Figure 7.7 and Figure 7.8).<br />
7.3.2. Benefits of FpML<br />
The benefits of using FpML include:<br />
• Trade au<strong>to</strong>mation;<br />
• Enable sharing of financial information among disparate financial<br />
applications;<br />
• Faster trade confirmations;<br />
• Lower cost of system implementation and communication between<br />
applications, resulting in an overall decrease in transaction cost;
Trade Pricing<br />
Confirmation<br />
System<br />
Settlement<br />
System<br />
Collateral<br />
Management<br />
System<br />
Manual<br />
Matching<br />
Mddle Office Middle Office<br />
I<br />
XML Standards for E-business 201<br />
"Had<br />
I Ticket!<br />
Confirm Confirm I<br />
Reconciliation<br />
Setdement<br />
Collateral<br />
Matching<br />
1 L<br />
Confirmation<br />
System<br />
Setdement<br />
System<br />
Collateral<br />
Management<br />
System<br />
Figure 7.7. — Current manual process utilized for derivatives trading<br />
FpML -rj.a[|e pricing<br />
System<br />
FpMLRisk Managementj<br />
System<br />
5 ^ Settlement<br />
System<br />
FpML Collateral<br />
4mm^> Management<br />
System<br />
FpML<br />
Settlement<br />
FpML<br />
Trade Pricing<br />
System<br />
Risk Management!<br />
System<br />
Settlement<br />
System<br />
Collateral<br />
Management<br />
System<br />
FpML<br />
FpML<br />
FpMLI<br />
FpML<br />
Figure 7.8. — Au<strong>to</strong>mated process for derivatives trading using FplvIL<br />
11
202 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Easy procedure of adding new trading partners like counterparties;<br />
and<br />
• Reduce operational risks while increasing business opportunities for<br />
the wholesale financial services.<br />
7.4. Commerce XML (cXML)<br />
cXML is an open Internet-based standard for e-<strong>commerce</strong>. It is a set of<br />
lightweight XML DTDs — based on the World Wide Web Consortium's<br />
XML standard — with their associated request/response processes.<br />
cXML reduces online business trading costs by facilitating the exchange<br />
of content and transactions over the Internet. cXML provides an<br />
infrastructure for digitally exchanging catalog content and transactions<br />
in a secure manner. cXML supports all supplier content and catalog<br />
models, including buyer-managed, supplier-managed, content management<br />
services, electronic marketplaces and Web-based sourcing organizations.<br />
This allows suppliers <strong>to</strong> provide cus<strong>to</strong>mers with selective access <strong>to</strong><br />
personalized catalog content while maintaining their unique branding<br />
and competitive differentiation.<br />
cXML defines a request/response process for the exchange of<br />
transaction information. These business processes include purchase<br />
orders, change orders, acknowledgments, status updates, ship notifications<br />
and payment transactions.<br />
cXML also has a lower cost of implementation because of its XML<br />
base and ability <strong>to</strong> leverage existing HTML e-<strong>commerce</strong> infrastructure<br />
and software. For example, cXML leverages suppliers' existing<br />
e-<strong>commerce</strong> capabilities by allowing buyers <strong>to</strong> access supplier Websites<br />
from within a buy-side application. Using this functionality, buyers can<br />
see their contracted items, private prices and access product configura<strong>to</strong>rs<br />
or libraries of products. Since cXML is Internet-based, it provides a<br />
more cost-effective alternative <strong>to</strong> EDI and other methods of exchanging<br />
catalog content and transactions.<br />
Following are the main types of cXML documents:<br />
• Catalog — used by suppliers <strong>to</strong> convey product and service content<br />
<strong>to</strong> buyers.
XML Standards for E-business 203<br />
• PunchOut — used <strong>to</strong> implement pro<strong>to</strong>col for interactive sessions<br />
between applications managed across the Internet by using real-time,<br />
synchronous cXML messages.<br />
• Purchase Order — used by buyers <strong>to</strong> send purchase orders <strong>to</strong> suppliers<br />
<strong>to</strong> request fulfillment of a contract.<br />
Example of cXML-based Contract document:<br />
<br />
<br />
<br />
123456<br />
<br />
A sample cXML Contract Document<br />
<br />
<br />
<br />
<br />
AB1234<br />
<br />
100<br />
http://www.gsdscom/book <br />
<br />
<br />
<br />
AB5678<br />
<br />
150<br />
<br />
<br />
<br />
This cXML document is based on:<br />
http://xml.cXML.org/schemas/cXML/L2.006/cXML.dtd
204 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
7.5. Electronic Business XML (ebXML)<br />
ebXML is a set of specifications that <strong>to</strong>gether enable a modular, yet<br />
complete electronic business framework. ebXML is a complete set of<br />
specifications <strong>to</strong> enable secure, global, electronic business using proven,<br />
open standards such as TCP/IP, HTTP and XML. It is a joint initiative<br />
of the United Nations (UN/CEFACT) and OASIS.<br />
Conducting electronic business with ebXML is essentially a fourstep<br />
process (see Figure 7.9):<br />
1. Design and register business processes and information models;<br />
2. Implement business service interfaces and register;<br />
3. Optionally negotiate and define a <strong>Collaborative</strong> Partner Agreement<br />
(CPA); and<br />
4. Exchanging messages between business partners. The software<br />
applications send and receive ebXML messages containing ebXML<br />
business documents, over the secure and reliable ebXML messaging<br />
service.<br />
Implement &<br />
Register Profile<br />
Optionally Negotiate<br />
Agreement<br />
Hi.<br />
'.V= £|I Industry<br />
- »j" ""• Group<br />
Q Business FVocess Bt<br />
Design and Register Process Information Model<br />
Trading Partner i<br />
profile f""""" 11 *"<br />
Company A<br />
h Trading<br />
Conduct ebXM. Business<br />
Registry/<br />
Reposi<strong>to</strong>ry<br />
Partner<br />
Agreement<br />
• Business Document<br />
Figure 7.9. — Four easy steps <strong>to</strong> ebXML<br />
TTading Partner<br />
Profile<br />
I<br />
Company B
XML Standards for E-business 205<br />
7.6. Simple Object Access Pro<strong>to</strong>col (SOAP)<br />
In order <strong>to</strong> accomplish <strong>B2B</strong>i over the Internet, applications of multiple<br />
trading partners have <strong>to</strong> communicate. In the past, this was accomplished<br />
using distributed component architecture such as CORBA and DCOM.<br />
However, such architecture does not leverage the Internet, as it is based<br />
on remote procedure calls (RPCs), which can cause a substantial security<br />
threat over the Internet and usually the corporate firewalls and proxy<br />
servers block such traffic.<br />
SOAP is ideal for <strong>B2B</strong> applications, since it is an XML-based<br />
pro<strong>to</strong>col for exchange of information over the Internet in a decentralized,<br />
distributed environment.<br />
It consists of three parts: an envelope that defines a framework for<br />
describing what is in a message and how <strong>to</strong> process it, a set of encoding<br />
rules for expressing instances of application-defined datatypes and a<br />
convention for representing remote procedure calls and responses.<br />
7.6.1. SOAP messages<br />
All SOAP messages are encoded using XML. The SOAP message,<br />
essentially an XML document, contains the following XML elements<br />
(see Figure 7.10):<br />
• A SOAP envelope, which is the <strong>to</strong>p element of the XML document<br />
and defines the contents of the message.<br />
• A SOAP header that contains header information. This element is<br />
optional. The header is a generic mechanism for adding features such<br />
Figure 7.10. — Components of a SOAP message
206 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
as authentication, transaction management, payment, etc. <strong>to</strong> a SOAP<br />
message in a decentralized manner without prior agreement between<br />
the communicating parties.<br />
• A SOAP body, which contains manda<strong>to</strong>ry information, intended<br />
for the ultimate recipient of the message. It contains both call and<br />
response information.<br />
HTTP Request Message<br />
EXAMPLE MESSAGE<br />
<br />
<br />
<br />
<br />
SUNW<br />
<br />
<br />
<br />
This SOAP message will be embedded in the HTTP request. The<br />
description of the document is as follows:<br />
1. The envelope is the first element of the XML document.<br />
The namespace prefixes "SOAP-ENV" and "SOAP-ENC" used<br />
in this document are associated with the SOAP namespaces<br />
"http://schemas.xmlsoap.org/soap/envelope" and<br />
"http://schemas.xmlsoap.org/soap/encoding/">.<br />
2. The namespace for the function (s) is defined at<br />
"http://www.gets<strong>to</strong>ck.org".<br />
3. GetS<strong>to</strong>ckQuote request is sent <strong>to</strong> the server. The request has a<br />
S<strong>to</strong>ckSymbol parameter with the value SUNW.<br />
Continue on page 207
HTTP Response Message<br />
XML Standards for E-business 207<br />
Continued from page 206<br />
208 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
BizTalk Framework Compliant (BFC) Server<br />
A BFC server is represented by the set of services providing the messageprocessing<br />
functionality defined in the BizTalk Framework specifications.<br />
Note: BizTalk Server, one of the commercial BFC Servers available, is<br />
discussed in the chapter on integration brokers.<br />
Application<br />
An application is the line-of-business system where the business data or<br />
logic is s<strong>to</strong>red and executed. Examples of application are ERP systems,<br />
CRM systems, etc. An application also includes any additional adapters<br />
that may be required <strong>to</strong> emit or consume business documents and<br />
communicate with a BFC server.<br />
Business document<br />
A business document is a well-formed XML document containing<br />
business data. This data may represent a purchase order, invoice, sales<br />
forecast, or any other business information.<br />
7.7.2. The envelope<br />
The communication between BizTalk servers is through BizTalk<br />
messages, which are envelopes of multi-layered objects (see Figure 7.11).<br />
Transport Envelope<br />
BizTalk Document<br />
BizTalk Header<br />
Delivery Information<br />
• Document Manifest '•<br />
Document Body<br />
Bu siness. Dot umfent •<br />
..iAU-"*, %--«!**•,*<br />
Figure 7.11. — BizTalk envelope structure
XML Standards for E-business 209<br />
The first layer specifies the transport mechanism such as HTTP and<br />
FTP for this specific object and acts like a wrapper <strong>to</strong> the BizTalk<br />
document. A BizTalk message always contains a primary BizTalk<br />
document. This document defines the semantics of the message within<br />
the BizTalk Framework and it is actually a SOAP 1.1 message, i.e., it<br />
contains an optional header element and a manda<strong>to</strong>ry body element.<br />
The information for the recipient of the message is contained in the<br />
body of the message and can be any business document, such as a<br />
purchase order and request for quote.<br />
BIZTALK DOCUMENT EXAMPLE<br />
1 <br />
2 <br />
< !—The header, an optional field, defines details for the message<br />
envelope—><br />
3 <br />
4 <br />
5 <br />
6 12032000<br />
7 2001-03-12T12:15:30+01:00<br />
8 Purchase Order<br />
9 <br />
10 <br />
11 http://www.gsds.com/purchase_order.jsp<br />
12 <br />
13 DRAM<br />
14 order<br />
15 PurchaseProcess<br />
16 <br />
17 <br />
18 <br />
19 mail<strong>to</strong>:eprocurement@gsds.com<br />
20 <br />
21 DRAM<br />
Continue on page 210
210 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 209<br />
22 order<br />
23 ConfirmProcess<br />
24 <br />
25 <br />
26 <br />
27 <br />
28 <br />
29 PurchaseOrder_DRAM<br />
30 Purchase Order for DRAM<br />
31 <br />
32 <br />
33 l <br />
34 PO.sig<br />
35 This is digital signature file<br />
36 <br />
37 <br />
38 <br />
39 <br />
<br />
40 <br />
41
XML Standards for E-business 211<br />
Continued from page 210<br />
2 — biztalk_l is the root element of this XML document. There is<br />
also a namespace associated with the document, which is essentially<br />
a Universal Resource Name (URN). It indicates the location of the<br />
schema that describes this document.<br />
3 — 38 — The header node of the document contains delivery and<br />
manifest as child nodes. The delivery element is required <strong>to</strong> provide<br />
the routing/delivery information. The manifest element describes what<br />
is being sent in this document and can include attachments.<br />
4 — 26 Delivery element which contains message, <strong>to</strong> and from as<br />
child nodes.<br />
6 — Unique message ID associated with this document.<br />
7 — TimeStamp indicating the time when the message was<br />
sent.<br />
8 — The subject specifying the title of the message.<br />
10 — 17 — element which contains address and state as its sub<br />
elements. This provides information <strong>to</strong> the sender's BizTalk server <strong>to</strong><br />
route the above document.<br />
11 — Address of the receiver's BizTalk server. In our<br />
example, we are sending the document <strong>to</strong> www.gsds.com. The address<br />
also contains information about the action <strong>to</strong> be taken on the receiver's<br />
server. In this example, we are causing it <strong>to</strong> execute purchase_order.jsp<br />
on that server.<br />
12 — An element that contains , <br />
and as the sub-elements. They describe how the BizTalk<br />
server has <strong>to</strong> process this document.<br />
18 — Same as element, but provides information about<br />
the senders BizTalk server and the processes that will handle the<br />
response.<br />
19 — The response BizTalk document will be routed <strong>to</strong><br />
the ConfirmProcess through the mail server.<br />
27 — 37 — An element that contains and<br />
as sub-elements.<br />
28 — has and as its sub-elements.<br />
32 — 36 — An element that has , and<br />
as the child nodes. Together they describe the attachment<br />
Continue on page 212
212 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 211<br />
that is accompanied with this BizTalk document. In this example, we<br />
are sending a digital signature file <strong>to</strong> make sure that the submission<br />
of Purchase Order is secured.<br />
39 — 43 — The body element contains BizTags that <strong>to</strong>gether<br />
define the purchase order. The purchase order sent in this BizTalk<br />
document is based on PurchaseOrder_DRAM.xdr schema. Also<br />
provided is the information about the namespace of this schema,<br />
which in this example is located on the sender's server.<br />
7.8. Conclusion<br />
<strong>B2B</strong> integration poses big interoperability challenges. Frameworks that<br />
provide standards and specifications for XML-based solutions for<br />
communication among cross-organization applications are critical <strong>to</strong><br />
overcome these challenges.<br />
There are several vertical-domain specific standards bodies and<br />
industry initiatives <strong>to</strong> specify vocabularies and content models for<br />
XML-based solutions like schemas. These schemas are becoming widely<br />
published and implemented <strong>to</strong> facilitate communication between both<br />
applications and businesses.<br />
However, several of these standards are doomed <strong>to</strong> fail. It is very<br />
important for a standards body <strong>to</strong> align with all the major companies in<br />
that vertical industry or it will not find support from the leading<br />
software vendors for their standards. The standards body should try<br />
'not' <strong>to</strong> overdo the specifications for business processes. This will<br />
avoid delays and complexity in their specifications.
Chapter 8<br />
Middleware Technologies<br />
The focus of this chapter<br />
Middleware technologies advance the goals of <strong>B2B</strong> integration and<br />
enterprise application integration. By integrating disparate systems<br />
throughout an organization, middleware technologies can promote a<br />
zero-latency enterprise strategy where data is exchanged across systems<br />
in real-time; reduce application development time and improve speed <strong>to</strong><br />
market; create standardized development methodologies throughout an<br />
organization; facilitate the integration of systems inherited through<br />
mergers or acquisitions; and reduce application maintenance.<br />
In this chapter, we have presented an introduction <strong>to</strong> all the leading<br />
middleware technologies, including message oriented middleware —<br />
MQSeries, JMS and MSMQ, transaction processing moni<strong>to</strong>rs, distributed<br />
components middleware — CORBA, Windows DNA and J2EE. You will<br />
also get an overview of the leading J2EE-based application servers —<br />
BEA's WebLogic and IBM's WebSphere.<br />
213
214 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
8.1. What is Middleware?<br />
The term 'middleware' is actually a misnomer <strong>to</strong> a large degree.<br />
Middleware has typically been defined as distributed software that<br />
resides in the middle of a client/server system providing a uniform<br />
'conduit' for client applications <strong>to</strong> communicate with a server. The<br />
truth is that many middleware products manage, contain and share<br />
business and application logic, operating more as a server than as<br />
'middleware'.<br />
Traditional middleware technologies include message oriented<br />
middleware (MOM), TP moni<strong>to</strong>rs and distributed object technology,<br />
though a 'purer' type of middleware would be communication conduits<br />
such as TCP/IP, DCE and RPC. Middleware products provide a highlevel<br />
abstraction through an API that shields a developer from the<br />
complexities of heterogeneous platforms and architectures.<br />
In order <strong>to</strong> accomplish the transfer of information, most middleware<br />
will follow a standard set of functions as under:<br />
• The sending application formats the information in<strong>to</strong> a message<br />
buffer using a process called marshalling.<br />
• The sending application must identify the location of the receiving<br />
application or service. The destination can be specified several ways<br />
including:<br />
1. Hard coding;<br />
2. Initialization file; and<br />
3. Middleware naming service such as JNDI or UDDI.<br />
• The sending application must initiate a network communications<br />
session with the destination application.<br />
• The sending application must transfer the message buffer <strong>to</strong> the<br />
receiving application.<br />
• The receiving application must receive the message buffer.<br />
• The receiving application must extract and interpret the information<br />
in the message using a process called unmarshalling.<br />
• If a response is required, then the receiving application must generate<br />
a response and repeat the communication process <strong>to</strong> send a message<br />
back <strong>to</strong> the sender.
Middleware Technologies 215<br />
The various types and classes of middleware are extensive and<br />
cannot be covered completely in one chapter. Therefore, this chapter<br />
provides an overview of the most popular middleware technologies,<br />
including:<br />
• Transaction Oriented Middleware;<br />
• Message Oriented Middleware; and<br />
• Distributed Objects and Components.<br />
Transaction Oriented Middleware — This middleware technology<br />
includes transaction processing (TP) moni<strong>to</strong>rs and transactional-based<br />
application servers. TP moni<strong>to</strong>rs were the first true middleware application<br />
servers. A transaction processing (TP) moni<strong>to</strong>r is middleware that<br />
manages transactions, processes, or applications from multiple clients<br />
across multiple servers.<br />
Generally, these transactions are carried out on database servers but<br />
can also be process-based. Some functions performed by TP moni<strong>to</strong>rs<br />
include prioritization, resource funneling, connection pooling, highavailability<br />
and load balancing. TP moni<strong>to</strong>rs are mature, stable, battletested<br />
middleware solutions. IBM's CICS is a TP moni<strong>to</strong>r which has<br />
been around since the 1960s.<br />
Message Oriented Middleware (MOM) — MOM is an integration model<br />
that connects applications running on different systems by sending and<br />
receiving application data as messages. The application data is combined<br />
with a header (information about the data) <strong>to</strong> form a message.<br />
MOM is an asynchronous model providing a loosely coupled<br />
communication between the client and server. There are two primary<br />
MOM frameworks: point-<strong>to</strong>-point and hub-and-spoke (brokering). The<br />
emergence of the hub-and-spoke model of message brokering offers<br />
substantial benefits over the traditional point-<strong>to</strong>-point model message<br />
queue.<br />
Distributed Objects and Components — This middleware technology<br />
allows objects and components, distributed throughout servers within an<br />
enterprise, <strong>to</strong> interoperate and share functionality. Client objects and<br />
components invoke the public methods of server objects and components<br />
providing business method level integration.
216 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Distributed object technology is very well suited for heterogeneous<br />
systems and architectures which exist in most organizations. Distributed<br />
objects encapsulate the business logic and data within objects, allowing<br />
them <strong>to</strong> be located anywhere within a distributed system. Objects can<br />
be linked <strong>to</strong>gether in a plug-and-play manner <strong>to</strong> interoperate across<br />
networks.<br />
These three middleware solutions provide the foundation for <strong>to</strong>day's<br />
enterprise middleware frameworks. Middleware technologies are<br />
converging and morphing in<strong>to</strong> middleware frameworks, which can<br />
manage the integration needs of an entire enterprise. Throughout this<br />
chapter, you will see words such as 'convergence', 'morphing' and<br />
'framework' mentioned repeatedly.<br />
8.2. Transaction Processing (TP) Moni<strong>to</strong>rs<br />
To understand transaction processing moni<strong>to</strong>rs, one must first understand<br />
a transaction. A transaction is defined as the execution of a unit of<br />
work that either succeeds or fails as a whole. If one part of the<br />
transaction were <strong>to</strong> fail, the entire transaction would rollback <strong>to</strong><br />
its initial state. Transactions are usually associated with database<br />
transactional methods. A transaction begins with a 'Begin Transaction'<br />
and ends with either a 'Commit Transaction' if successful or a 'Rollback<br />
Transaction' if there is an error. Transactions are always an all-ornothing<br />
proposition.<br />
A transaction becomes the fundamental unit of recovery, consistency<br />
and concurrency in a distributed environment. A transaction is a<br />
collection of actions that must also maintain its ACID properties. ACID<br />
stands for:<br />
A<strong>to</strong>micity — A transaction is an indivisible unit of work. It will succeed<br />
or fail as a whole. If a transaction fails, all the steps will be rolled back<br />
<strong>to</strong> the initial state. Otherwise, the entire transaction will be saved<br />
(committed).<br />
Consistency — After a transaction executes, it must leave the system in<br />
a correct state or it must abort. If it cannot achieve a consistent state, it<br />
must rollback <strong>to</strong> its initial condition.
Middleware Technologies 217<br />
Isolation — A transaction's behavior is not affected by other transactions<br />
which are occurring concurrently. This is often accomplished by<br />
serializing transactions by using table or row level locking within a<br />
database.<br />
Durability — A transaction's effects are permanent after it commits,<br />
even in the event of a system failure.<br />
TP moni<strong>to</strong>rs allow multi-vendor resources <strong>to</strong> plug in<strong>to</strong> the TP system<br />
and provide global management of transactions across databases and<br />
other resources. TP moni<strong>to</strong>rs are still unmatched in the management of<br />
high transactional environments across multiple database systems residing<br />
on multiple operating systems.<br />
8.2.1. How they work?<br />
TP moni<strong>to</strong>rs decouple the relationship between the client application<br />
and the physical database schema. Access <strong>to</strong> the underlying database is<br />
usually through an API, ensuring enforcement of business rules and<br />
referential integrity. By offloading most work <strong>to</strong> a middle tier, TP<br />
moni<strong>to</strong>rs improve overall system efficiency.<br />
TP moni<strong>to</strong>rs work by creating classes or application processes,<br />
which are memory-resident threads that handle the work for a particular<br />
application. Each application can have one or more classes<br />
belonging <strong>to</strong> it. When a client requests a service from the TP moni<strong>to</strong>r,<br />
the server loads the DLL for the process, manages the execution of the<br />
process or transaction and returns the results <strong>to</strong> the client. The DLL can<br />
then remain resident in memory where it can be shared by other<br />
processes.<br />
Due <strong>to</strong> the inherently heterogeneous environment in which TP<br />
moni<strong>to</strong>rs exist, a set of standards was developed <strong>to</strong> allow these products<br />
<strong>to</strong> communicate with disparate systems. In 1991, the X/Open XTP group<br />
published the Transaction Processing Reference Model, often referred<br />
<strong>to</strong> as the X/Open XA model for transaction managers.<br />
The standard defined three components for transaction processing<br />
are:
218 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Resource Managers — the component which manages shared<br />
resources. They are responsible for ensuring that changes <strong>to</strong> the<br />
datas<strong>to</strong>re are executed in a consistent, isolated and durable manner.<br />
• Transaction Managers — the component which is responsible for<br />
managing and coordinating resource managers and coordinating a<br />
transaction with other transaction managers.<br />
• Application Programs — the application which uses the resource<br />
manager <strong>to</strong> coordinate and manage its transactional needs.<br />
8.2.2. Benefits of TP moni<strong>to</strong>rs<br />
The benefits of the TP moni<strong>to</strong>rs include:<br />
Three-tier architecture<br />
TP moni<strong>to</strong>rs support the concept of n-tier architectures by decoupling<br />
the client application from the underlying datas<strong>to</strong>re. They promote the<br />
use of reusable, encapsulated components and enforce the ACID<br />
properties of each transaction.<br />
Prioritization<br />
Each application can have one or more classes belonging <strong>to</strong> it. Each<br />
class can also be prioritized. Typically, short-running, high-priority<br />
processes are assigned a high priority status while batch and lowpriority<br />
processes are assigned a lower priority status on the server.<br />
Load balancing<br />
One of the biggest benefits of TP moni<strong>to</strong>rs is the ability <strong>to</strong> provide both<br />
static and dynamic load balancing. If the load on the server becomes<br />
<strong>to</strong>o great, a TP moni<strong>to</strong>r can dynamically create new processes or<br />
distribute the load <strong>to</strong> other servers. TP moni<strong>to</strong>rs can also make effective<br />
use of a multi-processor (SMP) machine.<br />
All major database vendors provide some TP moni<strong>to</strong>r capabilities<br />
within their flagship databases, but these transaction moni<strong>to</strong>rs generally
Middleware Technologies 219<br />
provide a single-domain, single-vendor solution for transaction processing.<br />
S<strong>to</strong>red procedures and triggers in single-vendor database environments<br />
now handle many of the transactional duties that used <strong>to</strong> be performed<br />
by TP moni<strong>to</strong>rs. However, these solutions lack such benefits as loadbalancing<br />
and prioritization found in traditional application servers and TP<br />
moni<strong>to</strong>rs. These vendor specific TP solutions can also prove inadequate<br />
when considering that the typical Fortune 500 company has dozens of<br />
separate databases based on four or more different database products.<br />
TP moni<strong>to</strong>rs are a necessity in most database-centric integration<br />
solutions. The major middleware vendors have not overlooked this fact<br />
as the lines between application servers, distributed objects and TP<br />
moni<strong>to</strong>rs are quickly becoming blurred.<br />
A few leading vendors for transactional middleware include BEA's<br />
Tuxedo, IBM's CICS and Microsoft's MTS.<br />
8.3. Message Oriented Middleware (MOM)<br />
MOM is an integration model that connects applications running on<br />
different systems by sending and receiving application data as messages.<br />
MOM is an asynchronous communication style that provides a loosely<br />
coupled exchange across multiple operating systems and disparate<br />
applications (see Figure 8.1).<br />
Sender Receiver<br />
Application A<br />
Message<br />
Application B<br />
Message<br />
Message! •<br />
Sent! 1 Message<br />
ip> (Received<br />
Queue Manager<br />
Middleware Ads<br />
as Media<strong>to</strong>r<br />
Figure 8.1. — Asynchronous communication using message oriented middleware
220 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
The typical MOM system contains the following components:<br />
• Messages;<br />
• Queues — the physical MOM server; and<br />
• Messaging Clients — the sender and receiver.<br />
Messages — Messages generally consist of two parts: a header and a<br />
body. The header contains information <strong>to</strong> route and identify each message.<br />
The body contains the application data or message content. Messages<br />
can be assigned priorities so that higher priority messages can be<br />
processed before lower priority messages, improving overall system<br />
performance.<br />
Queues — Queues are the mailboxes or inboxes of MOM. Queues<br />
receive and s<strong>to</strong>re messages until the receiving applications are ready <strong>to</strong><br />
retrieve each message. Queues may be physically located on the sending<br />
computer, the receiving computer, or both.<br />
Queues are managed by a message queue server that is independent<br />
of either the application client or application server. The server may<br />
also manage several queues on one host machine.<br />
Queues may be persistent or non-persistent. Non-persistent queues<br />
s<strong>to</strong>re messages in memory, which means that if the message queuing<br />
server fails messages could be lost. Persistent queues will write messages<br />
<strong>to</strong> a physical disk, ensuring that they can be recovered in the event of a<br />
server failure.<br />
Persistent queues can provide guaranteed delivery of messages.<br />
Guaranteed delivery can be beneficial where the reliability of the<br />
network or applications themselves cannot be guaranteed. Persistent<br />
queues typically require more resources and can be slower than nonpersistent<br />
queues, but are often a necessity in most critical business<br />
applications.<br />
Message Clients — Message clients reside with client applications and<br />
provide an API <strong>to</strong> allow the application <strong>to</strong> send and receive messages.<br />
Using the API, an application is able <strong>to</strong> initiate a session, prepare a<br />
message, set routing parameters and send messages <strong>to</strong> the intended<br />
queue.
8.3.1. Why use message queues?<br />
The advantages of using message queues are as below:<br />
Asynchronous communication<br />
Middleware Technologies 221<br />
In the RPC model, a client sends a request <strong>to</strong> a server, waits for the<br />
server <strong>to</strong> run the procedure and return a reply, all strictly a synchronous<br />
process. If there is ever a problem with the server or a break in the<br />
network connection, the client can face two possible outcomes. If<br />
the problem prevents the client from communicating with the server, the<br />
client can receive an error message. In this case, the user can try <strong>to</strong><br />
complete the transaction at a later date. The other scenario is that the<br />
client successfully submits the request and the server completes the<br />
transaction, but is then unable <strong>to</strong> send the reply <strong>to</strong> the client. In this<br />
case, the client can become 'hung' while waiting for a response that<br />
will never arrive.<br />
Instead of using a synchronous process such as RPC <strong>to</strong> send a<br />
request directly <strong>to</strong> the server, messages can be placed and retrieved<br />
from a queue. An asynchronous message will not block the execution of<br />
an application when a reply or response is not required, improving<br />
overall performance.<br />
The differences between RPC and MOM are analogous <strong>to</strong> the<br />
differences between a telephone and an e-mail. A telephone is a direct<br />
point-<strong>to</strong>-point communication requiring both parties <strong>to</strong> be engaged. In<br />
contrast, an e-mail is sent <strong>to</strong> an 'inbox' (mail server) where it sits until<br />
one is ready <strong>to</strong> read and respond <strong>to</strong> it.<br />
Simplifies application communication<br />
MOM removes communication details from an application, simplifying<br />
application development. Messaging is often used <strong>to</strong> coordinate programs<br />
in dissimilar systems or written in different programming languages.<br />
The contents of a message can be anything from a simple text string <strong>to</strong><br />
a serialized object or an XML document.
222 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Scalability<br />
MOM is a highly scalable technology. The scalability of MOM has<br />
resulted in its wide-spread use in some of the world's largest and most<br />
complex systems, including many within demanding Wall Street financial<br />
institutions.<br />
Reliability<br />
MOM is not a new technology. It has been around for over a decade<br />
and has a proven track record in some of the most demanding<br />
environments. It is extremely reliable and able <strong>to</strong> handle high<br />
transactional systems.<br />
8.3.2. Types of communication<br />
There are three asynchronous: broadcasting, publish/subscribe and point<strong>to</strong>-point<br />
and one synchronous: message passing messaging models in<br />
common use <strong>to</strong>day.<br />
Broadcasting<br />
In a broadcast communication, a message is sent <strong>to</strong> every application on<br />
the network. Broadcasting may also be referred <strong>to</strong> as 'fire-and-forget'.<br />
Applications then decide if they want <strong>to</strong> act on the message. If an<br />
application has a need for the message, it will process the request and<br />
possibly respond <strong>to</strong> the sender. Otherwise, the message is ignored.<br />
Broadcasting is generally not recommended for a messaging solution,<br />
as it can impact network performance by increasing overall network<br />
traffic.<br />
Publish/subscribe<br />
A publish/subscribe messaging system supports an event-driven<br />
model where information consumers and producers participate in the<br />
transmission of messages. Producers 'publish' events, while consumers
Producer<br />
Topic<br />
t<br />
Middleware Technologies 223<br />
Subscribes<br />
Delivers<br />
Msgl<br />
Delivers<br />
Subscribes<br />
Figure 8.2. — Publish/subscribe messaging system<br />
Subscriber 1<br />
Subscriber 2<br />
'subscribe' <strong>to</strong> events of interest and consume events (see Figure 8.2).<br />
Producers associate messages with a specific <strong>to</strong>pic and the messaging<br />
system routes messages <strong>to</strong> consumers based on <strong>to</strong>pics the consumers<br />
register interest in.<br />
Publish/subscribe allows each application in the system <strong>to</strong> decide<br />
which events it wants <strong>to</strong> be notified about. Publishers do not know<br />
which applications are subscribing, nor do they care. The messaging<br />
middleware is responsible for ensuring that each subscriber receives the<br />
message once it receives it from the publisher. TIBCO's TIB/Rendezvous<br />
popularized the publish/subscribe model, where it found a large following<br />
in the financial industry.<br />
Point-<strong>to</strong>-point<br />
In point-<strong>to</strong>-point messaging systems, messages are routed <strong>to</strong> an individual<br />
consumer which maintains a queue of 'incoming' messages. Messaging<br />
applications send messages <strong>to</strong> a specified queue and clients retrieve<br />
messages from a queue.<br />
As Figure 8.3 illustrates, the traditional point-<strong>to</strong>-point MOM architecture<br />
can create a maintenance nightmare. Each application's messaging<br />
service must know about the messaging services of all other applications<br />
in order <strong>to</strong> communicate. As new applications are added <strong>to</strong> the enterprise,<br />
their messaging services must be systematically updated <strong>to</strong> communicate<br />
with each application.
224 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Message passing<br />
Mini<br />
Computer<br />
Mainframe<br />
Unix<br />
! WinNT<br />
AS/400<br />
Figure 8.3. — Point-<strong>to</strong>-point messaging system<br />
Message passing uses a request/reply model where the communication<br />
occurs in a synchronous manner, requiring the calling application <strong>to</strong><br />
halt execution until a response is received. Synchronous messaging<br />
requires that every application, server and service necessary <strong>to</strong> complete<br />
the communication must be available and in service, just as if it where<br />
an RPC communication.<br />
8.3.3. MOM frameworks<br />
There are two types of messaging frameworks: message queuing and<br />
message brokers. Traditional MOM supports the point-<strong>to</strong>-point model<br />
while message brokers support the new paradigm of a hub-and-spoke<br />
model. Message brokers offer much potential in <strong>B2B</strong>i and may be the<br />
closest thing <strong>to</strong> EAI nirvana that the industry has seen.<br />
Message queuing<br />
Message queuing is a point-<strong>to</strong>-point model of communication between<br />
programs. Messages are s<strong>to</strong>red in queues, which can either be buffered
Middleware Technologies 225<br />
or persistent. Each application 'node' contains its own message queue.<br />
Message queuing is often associated with IBM's popular MQSeries,<br />
which has been used for several years as the application integration<br />
solution of choice for the mainframe and UNIX platforms.<br />
Message brokers<br />
A better approach <strong>to</strong> point-<strong>to</strong>-point model of message queues is a<br />
message broker. A message broker is an intelligent intermediary that<br />
directs the flow of messages between applications, which become sources<br />
and consumers of information. Message brokers provide a very flexible<br />
communications backbone and such services as data transformation,<br />
message routing and message warehousing (see Figure 8.4).<br />
Message brokering is rapidly proving <strong>to</strong> be the most flexible and<br />
adaptable way <strong>to</strong> translate between multiple information formats found<br />
in typical enterprise application environments. Message brokers also<br />
provide additional services, such as data transformation, event-driven<br />
processing and intelligent routing. Message brokers are discussed in<br />
greater detail in the chapter on integration brokers.<br />
Legacy System<br />
(Mainframe)<br />
ERP System<br />
(SAP, Peoples eft,<br />
Baan)<br />
Adapter<br />
Adapter<br />
<strong>Integration</strong><br />
Broker<br />
Adapter<br />
Adapter<br />
CRM System<br />
(Clarify, Siebel)<br />
SCM System<br />
'"§. (i2, Manugistics)<br />
Figure 8.4. — Hub-and-spoke approach of message brokering
226 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
8.3.4. MOM middleware<br />
The most commonly used MOM middleware includes IBM's MQSeries,<br />
Microsoft's MQMQ and Sun's JMS.<br />
MQSeries<br />
IBM's MQSeries was introduced in 1992 and is available on over 40<br />
operating systems, including AIX, HP-UX VMS/VAX, Solaris, Linux,<br />
Windows 95/98/NT/2000 and MacOS. MQSeries is easily the dominant<br />
leader in the MOM market, providing the vast majority of MOM<br />
services for mainframe and legacy systems. According <strong>to</strong> the Gartner<br />
Group, MQSeries accounted for about three-quarters of the 2000<br />
worldwide revenue for all embedded message oriented middleware<br />
(MOM).<br />
MQSeries uses queue managers in a point-<strong>to</strong>-point model. Queue<br />
managers communicate across the network using channels, which run<br />
over a variety of transport pro<strong>to</strong>cols, including TCP/IP, NetBIOS, SNA,<br />
SPX and DECnet. Applications are written using a common programming<br />
interface, known as the message queue interface (MQI), so that<br />
applications developed on one platform can be transferred <strong>to</strong> another.<br />
Figure 8.5 shows how MQSeries passes messages <strong>to</strong> applications<br />
with separate queue managers on different machines.<br />
Queue<br />
Manager<br />
Queue<br />
T 1^.<br />
Program A<br />
(MQPUT)<br />
Message<br />
Channel<br />
Queue<br />
Manager<br />
Queue<br />
a<br />
Program B<br />
(MQGET)<br />
Figure 8.5. — MQSeries queue managers communicate using message channels
Middleware Technologies 227<br />
Program A makes an MQPUT call specifying not a local queue but<br />
a local definition of a remote queue. This definition identifies a queue<br />
on another queue manager. The queue manager <strong>to</strong> which Program A is<br />
connected puts the message on a special queue called a transmission<br />
queue. The message is then au<strong>to</strong>matically sent along the channel<br />
connecting the two queue managers. The receiving queue manager puts<br />
the message on the queue that was originally specified by Program A.<br />
This message is s<strong>to</strong>red on the queue until it is retrieved by Program B,<br />
after Program B has issued an MQGET call.<br />
MQSeries can support three kinds of transactional operations as<br />
follows:<br />
• Internal Transactions — MQSeries supports internal operations and<br />
transactions related <strong>to</strong> the actual messages. Messages are managed<br />
using transactional controls, allowing it <strong>to</strong> commit or rollback/resubmit<br />
messages in the event of a failure. In that case, all messages would<br />
rollback and the original input message would be reinstated on the<br />
queue.<br />
• External Transactions — MQSeries supports external transactional<br />
managers, such as TP moni<strong>to</strong>rs. MQSeries can commit or rollback all<br />
message processing, based upon the success or failure of the external<br />
transaction. In the event of a failure, all messages would rollback and<br />
the original message would be reinstated on the queue. In this mode,<br />
MQSeries is acting as a so-called resource manager. MQSeries can<br />
integrate with any X/Open XA compliant transaction manager, such<br />
as BEA Tuxedo and IBM's CICS.<br />
• Self Transactional — MQSeries can act as a transaction manager,<br />
managing messaging and other X/Open XA-compliant resources, such<br />
as databases. This allows MQSeries <strong>to</strong> support transactions without<br />
the use of a TP moni<strong>to</strong>r or application server. MQSeries does not<br />
provide all the capabilities of an enterprise TP moni<strong>to</strong>r, but it can be<br />
a good fit where a need for transaction management is at a minimum.<br />
MQSeries provides intelligent routing, allowing servers <strong>to</strong> forward<br />
messages along the shortest path available. Intelligent routing will<br />
also route messages around networks which have failed or which are<br />
experiencing problems.
228 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
MQSeries is supported by most of the leaders in message brokering<br />
<strong>to</strong>ols (besides its own MQSeries Integra<strong>to</strong>r). With its dominance in the<br />
MOM marketplace, MQSeries will be a component of most middleware<br />
solutions.<br />
Microsoft message queue (MSMQ)<br />
Microsoft introduced MSMQ in 1998 as an add-on <strong>to</strong> Windows NT,<br />
and has become a base service in Windows 2000. MSMQ, along with<br />
Microsoft transaction server (MTS), was Microsoft's first attempt <strong>to</strong><br />
penetrate the enterprise computing market. This attempt has culminated<br />
in the recent release of their .NET architecture, which has the potential<br />
<strong>to</strong> thrust Microsoft in<strong>to</strong> a leadership role in the enterprise computing<br />
market. Though slow <strong>to</strong> be adapted, there is definitely interest in<br />
MSMQ, if for any reason, due <strong>to</strong> the Microsoft name.<br />
As with most Microsoft services, MSMQ is implemented using a<br />
series of ActiveX components and DLLs, which provide an API for<br />
accessing its capabilities. MSMQ is Microsoft centric and will only<br />
work within a Microsoft environment. However, gateways such as<br />
Microsoft's host integration server (formerly SNA server) do exist <strong>to</strong><br />
allow MSMQ <strong>to</strong> communicate with other MOM products and other<br />
platforms.<br />
MSMQ uses queue managers in a point-<strong>to</strong>-point model. There are<br />
four types of queues within MSMQ: outgoing, system, public and<br />
private. Messages reside on queues between the time they are written<br />
by one application and the time they are read by another. Queues use a<br />
combination of memory and disk <strong>to</strong> provide s<strong>to</strong>rage consistent with<br />
particular kinds of message.<br />
MSMQ structures its resources around enterprises and sites.<br />
Information about an enterprise and sites is hosted in the message<br />
queue information s<strong>to</strong>re (MQIS) which is a database or distributed<br />
direc<strong>to</strong>ry that MSMQ uses <strong>to</strong> s<strong>to</strong>re information describing the network.<br />
At the enterprise level, a primary enterprise controller (PEC) would<br />
exist on a machine <strong>to</strong> define the information about an enterprise. Within<br />
an enterprise, MSMQ would have sites containing a primary site<br />
controller (PSC) and a backup site controller (BSC), which usually<br />
correlates <strong>to</strong> one physical location.
Middleware Technologies 229<br />
The MQIS provides intelligent routing and supports transactional<br />
management, similar <strong>to</strong> MQSeries, though this is usually accomplished<br />
with the assistance of MTS. MSMQ also provides some of the following<br />
features:<br />
• Prioritization — Messages are sorted by priority within the queue.<br />
Messages with high priority are processed before messages with low<br />
priority.<br />
• Encryption — Messages may be declared as public or private. Private<br />
messages will be encrypted by MSMQ and decrypted upon receipt by<br />
the receiver.<br />
• Component Streaming — MSMQ allows COM/COM+ components<br />
<strong>to</strong> be serialized in<strong>to</strong> a message and reconstituted on the receiving<br />
end.<br />
Java message service (JMS)<br />
The Java message service (JMS) is a recent addition <strong>to</strong> the J2EE and<br />
EJB specification. J2EE (discussed in the section on Distributed Objects)<br />
is a quickly evolving distributed object standard developed by Sun<br />
Microsystems. Realizing the importance of messaging in distributed<br />
systems, Sun has developed the JMS API, allowing Java applications <strong>to</strong><br />
send and receive messages.<br />
JMS is not a traditional stand-alone MOM solution like MQSeries,<br />
but rather a J2EE-specific messaging solution. The JMS API adds <strong>to</strong> a<br />
common J2EE API and provider framework that enables the development<br />
of portable, message-based applications in the Java programming<br />
language.<br />
JMS provides a common interface <strong>to</strong> standard messaging pro<strong>to</strong>cols<br />
and <strong>to</strong> special messaging services in support of Java programs. JMS<br />
supports point-<strong>to</strong>-point and publish-and-subscribe models.<br />
A JMS application is composed of the following parts (see Figure 8.6):<br />
• JMS provider is a messaging system that implements the JMS<br />
interfaces and provides administrative and control features.<br />
• JMS clients are Java applications that send and receive messages.<br />
• JMS messages are standard messages consisting of a header and<br />
body.
230 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
V.<br />
Message<br />
Prod ucer Creates<br />
I Sends <strong>to</strong><br />
f Connection "\<br />
\ Fac<strong>to</strong>ry )<br />
• Creates<br />
Connection I<br />
1 Creates<br />
Session<br />
• Creates<br />
Message<br />
^^^^< Message<br />
Qeates Consumer<br />
Figure 8.6. — JMS building blocks<br />
I Receives From<br />
Destination }<br />
• Administered objects are pre-configured JMS administered objects used<br />
by clients. There are two kinds of administered objects, destinations<br />
and connection fac<strong>to</strong>ries.<br />
• JMS domains allow classification of the messaging environment as<br />
either point-<strong>to</strong>-point or request/reply. The domains are implemented<br />
using the JMS API. One or both domains can be supported in a<br />
single application.<br />
Non-JMS clients are programs that use a messaging product's native<br />
client API instead of the JMS API. If the application predated the<br />
availability of the JMS API, it is likely <strong>to</strong> include both JMS and non-<br />
JMS clients.<br />
JMS promises <strong>to</strong> work in concert with other MOM products <strong>to</strong><br />
provide reliable, asynchronous communication among components in<br />
a distributed computing environment. Using the JMS interface, an<br />
application can invoke the messaging services of IBM's MQSeries,<br />
Progress Software's SonicMQ and other popular messaging product<br />
vendors. Similar <strong>to</strong> MSMQ, JMS supports messages that contain<br />
serialized Java objects, as well as messages that contain extensible<br />
markup language (XML) pages.
8.4. Distributed Objects and Components<br />
Middleware Technologies 231<br />
The advent of object-oriented technology was difficult <strong>to</strong> miss. Almost<br />
every software designer or developer who has been involved with<br />
application programming over the past several years has read about or<br />
experienced object technology. Distributed object technology has<br />
promised <strong>to</strong> radically alter the way systems are developed and deployed<br />
by:<br />
• Defining a standardized approach <strong>to</strong> application development;<br />
• Enabling rapid application development by providing flexible,<br />
cus<strong>to</strong>mizable, prefabricated, reusable components;<br />
• Enabling inter-application communication and integration across an<br />
enterprise;<br />
• Providing interchangeable 'plug-and-play' components; and<br />
• Combining other EAI technologies, such as transaction management,<br />
messaging and API's, in<strong>to</strong> one architectural framework.<br />
Distributed object and component technology allow objects and<br />
components, distributed throughout servers within an enterprise, <strong>to</strong><br />
inter-operate and share functionality. Client objects and components<br />
invoke public methods of server objects and components providing<br />
business method level integration.<br />
What is an object? An object is a self-contained software entity that<br />
usually models a real-world object. Objects consist of three distinct<br />
parts:<br />
• Private Data — information or attributes, generally of a persistent<br />
nature, which define an object;<br />
• Private Methods — internal procedures for accessing or updating the<br />
private data; and<br />
• Public Interface — public methods for communicating with other<br />
objects.<br />
An object contains both data and business logic in a single software<br />
entity or package. It is designed <strong>to</strong> carry out the same functions as those<br />
in the real world. Objects are assigned roles and responsibilities and<br />
contain all information they need <strong>to</strong> carry out their actions.
232 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
As an example, an employee system maintained by the HR department<br />
would track all aspects of an employee. There could be an Employee<br />
object which represents an actual employee. The Employee object could<br />
contain the following private data (attributes):<br />
• Name<br />
• Social Security No.<br />
• Start Date<br />
• End Date<br />
• Level<br />
• Salary<br />
These attributes would be persisted in a database. The Employee<br />
object would also have a set of private methods for manipulating or<br />
validating the private data. These methods usually contain logic internal<br />
<strong>to</strong> the object:<br />
• validateSSNO<br />
• checkSalaryRangeO<br />
Finally, the object has a set of public methods used for accessing the<br />
private data. These methods usually consist of a series of get and set<br />
functions:<br />
• getNameO<br />
• setName()<br />
• getS alary ()<br />
• setSalary()<br />
Distributed object technology is very well suited for heterogeneous<br />
systems and architectures which exist in most organizations. Distributed<br />
objects encapsulate the business logic and data within objects, allowing<br />
them <strong>to</strong> be located anywhere within a distributed system. Objects can be<br />
linked <strong>to</strong>gether in a plug-and-play manner <strong>to</strong> interoperate across networks.<br />
Distributed object technology allows valuable legacy systems <strong>to</strong> be<br />
'wrapped' and appear <strong>to</strong> the developer <strong>to</strong> be objects. Once wrapped, the<br />
legacy code can participate in a distributed object environment. Object<br />
wrapping allows businesses <strong>to</strong> leverage existing legacy code while<br />
migrating <strong>to</strong> a new enterprise architecture.
Middleware Technologies 233<br />
Distributed objects must work within a common framework, using a<br />
commonly distributed pro<strong>to</strong>col. There are currently three competing<br />
distributed architectures in use <strong>to</strong>day:<br />
• OMA's CORBA — Object Management Architecture, Common Object<br />
Request Broker Architecture (Object Management Group — OMG);<br />
• Windows DNA's COMH Component Object Model (Microsoft);<br />
and<br />
• J2EE's EJB — Java 2 Enterprise Edition, Enterprise JavaBeans (Sun<br />
Microsystems).<br />
Each pro<strong>to</strong>col defines specifications for object interoperability,<br />
interfacing, communication and distribution. These pro<strong>to</strong>cols will be<br />
discussed in detail in the next section.<br />
Though the concept of distributed objects has been around for<br />
decades, they are a relatively new and immature EAI middleware<br />
solution and need much work <strong>to</strong> meet unfulfilled expectations.<br />
The good news is that distributed architectures are beginning <strong>to</strong><br />
fulfill their potential at a much faster rate than they have in the past by<br />
building on past failures and experiences. Distributed object middleware<br />
solutions are moving away from the academic or idealistic approaches<br />
that object-oriented design methodologies originally espoused <strong>to</strong> a more<br />
practical, component approach that can handle the real-life rigorous<br />
demands of an enterprise.<br />
8.4.1. Distributed components<br />
The true benefits of distributed object technology are components.<br />
Object-oriented programming has long been considered the nirvana of<br />
application development. However, it has never fulfilled its potential<br />
due <strong>to</strong> a lack of standards which allow objects <strong>to</strong> communicate with<br />
one another across processes, machines and networks. Consequently,<br />
object-oriented programming has tended <strong>to</strong> be contained <strong>to</strong> just an<br />
application with no efficient means of inter-application communication.<br />
The solution <strong>to</strong> this problem is a system in which application<br />
developers create reusable software components. Components are au<strong>to</strong>nomous,<br />
self-managing and packaged objects that can be placed anywhere<br />
on the network, implement a common set of business services and
234 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
provide the fundamental building blocks for creating distributed systems.<br />
They can be developed and deployed independently of other system<br />
components. Components are designed <strong>to</strong> be the ultimate plug-and-play<br />
application development solution.<br />
Components often go beyond basic object services by providing:<br />
• High level transaction management;<br />
• Security;<br />
• Event-handling; and<br />
• Persistence.<br />
Object technology has now been relegated <strong>to</strong> the development<br />
methodology used for implementing distributed component architecture.<br />
Components are created and deployed using a pro<strong>to</strong>col, such as<br />
those specified for CORBA, COM or EJB (discussed in the next<br />
section). COM and EJB are both based on component architecture,<br />
while CORBA has recently addressed the need for components with its<br />
CORBA Component Model (CCM) pro<strong>to</strong>col.<br />
8.4.2. Distributed object frameworks<br />
Distributed object frameworks have come a long way from the original<br />
object-oriented programming methodologies espoused by the academic<br />
community. These new frameworks extend well beyond objects, with<br />
each of these frameworks, including OMA, Windows DNA and J2EE,<br />
offering a wide range of services. Some elements common <strong>to</strong> all the<br />
frameworks include:<br />
• A distributed enterprise level framework or specification (OMA,<br />
J2EE, Windows DNA);<br />
• A distributed object or component framework or specification<br />
(CORBA, EJB, COM+);<br />
• An interface definition language (IDL);<br />
• Messaging and MOM;<br />
• Transactional processing and management;<br />
• Security;<br />
• Persistence; and<br />
• Event handling.
Middleware Technologies 235<br />
Each framework is a book in itself. Some aspects of these frameworks,<br />
such as MOM (MSMQ and JMS), have been previously <strong>to</strong>uched upon<br />
in this chapter due <strong>to</strong> their ever-increasing importance in distributed<br />
systems. For the purpose of brevity, this section will focus on the<br />
distributed object/component element of each framework.<br />
8.4.3. OMA — CORBA 3<br />
The common object request broker architecture, or CORBA, was the<br />
first successful distributed architecture pro<strong>to</strong>col <strong>to</strong> be developed. CORBA<br />
is a distributed object/component technology that is platform and<br />
language independent and allows remote object creation and remote<br />
object method invocation.<br />
OMA architecture<br />
CORBA is a pro<strong>to</strong>col based on the object management architecture<br />
(OMA) developed by the OMG. The OMG is a consortium formed in<br />
1989 <strong>to</strong> define the standards and pro<strong>to</strong>cols required for distributed<br />
object systems in heterogeneous environments. OMG's objective is the<br />
definition of the OMA, which includes four sets of standards: the<br />
Common Object Request Broker Architecture (CORBA), Common Object<br />
Services Specification (COSS), Common Facilities and Application<br />
Objects. Unlike the COM and EJB pro<strong>to</strong>cols, the CORBA and OMA<br />
pro<strong>to</strong>cols are developed by a consortium which helps ensure that the<br />
final specification is product or technology independent.<br />
In 1992, OMG first approved the CORBA pro<strong>to</strong>col that defined the<br />
services <strong>to</strong> be provided by an Object Request Broker (ORB). The ORB is<br />
at the heart of CORBA and ORB provides a mechanism for transparently<br />
communicating between client requests, target objects and other ORBs.<br />
The ORB simplifies distributed programming by decoupling the<br />
client from the details of the method invocations. This makes client's<br />
requests appear <strong>to</strong> be local procedure calls, when in fact the ORB is<br />
operating on a remote server (see Figure 8.7). When a client invokes an<br />
operation, the ORB is responsible for finding the object implementation,<br />
transparently activating it if necessary, delivering the request <strong>to</strong> the<br />
object and returning any response <strong>to</strong> the caller.
236 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Client Machine Server Machine<br />
•"<br />
V)<br />
Client<br />
Application<br />
•<br />
User<br />
Code<br />
Function Call<br />
Stub<br />
Code<br />
Request<br />
ORB<br />
Code<br />
J<br />
HOP Message<br />
Server<br />
Application<br />
r \<br />
User /CORB^X<br />
Code ' v v bje 5yf<br />
Function Call<br />
Skele<strong>to</strong>n<br />
Code *<br />
Function Call<br />
ORB<br />
Code<br />
v *y<br />
Figure 8.7. — Client application invoking a remote CORBA object function<br />
This decoupling takes place through the use of an Interface Definition<br />
Language (IDL). The IDL separates the object's interface from its<br />
implementation. The parameters that are used with the object interface<br />
and the named operations that the object can perform are described<br />
with the IDL.<br />
Most ORBs implement the CORBA Internet Inter-ORB Pro<strong>to</strong>col<br />
(HOP), which runs over TCP/IP. This pro<strong>to</strong>col is designed <strong>to</strong> provide<br />
efficient interoperability between ORB applications.<br />
The OMA architecture categorizes objects in<strong>to</strong> four categories:<br />
1. CORBA Services;<br />
2. Horizontal CORBA Facilities;<br />
3. Domain (Vertical) CORBA Facilities; and<br />
4. Application Objects.<br />
CORBA services<br />
These are base services that are used by many distributed object<br />
programs. They provide the equivalent of system-level services <strong>to</strong>
Middleware Technologies 237<br />
applications and components. Some of the more popular CORBA<br />
Services include:<br />
• Naming Service — A direc<strong>to</strong>ry service which allows clients <strong>to</strong> find<br />
objects based on names, similar <strong>to</strong> the white pages of a telephone<br />
book;<br />
• Trading Service — A direc<strong>to</strong>ry service which allows clients <strong>to</strong> find<br />
objects based on their properties, similar <strong>to</strong> the yellow pages of a<br />
telephone book;<br />
• Event Service — Defines generic interfaces where supplier object<br />
can input events and consumer objects can receive them;<br />
• Notification Service — Adds event typing and filtering <strong>to</strong> the basic<br />
event service; and<br />
• Security Service — An interface for providing end-<strong>to</strong>-end security<br />
over open channels.<br />
There are also Object Service specifications for transactions,<br />
messaging and licensing, as well as many others.<br />
Horizontal CORBA facilities<br />
CORBA facilities sit between the CORBA services and application<br />
objects. CORBA facilities are application-level services that allow<br />
developers <strong>to</strong> build component-based objects. An example of such a<br />
facility is the Distributed Document Component Facility (DDCF), a<br />
compound document common facility based on OpenDoc. Examples of<br />
CORBA facilities include:<br />
• Internationalization service;<br />
• Secure time facility;<br />
• Print facility; and<br />
• Mobile agents facility.<br />
CORBA domains<br />
These interfaces fill roles similar <strong>to</strong> object services and common facilities<br />
but are oriented <strong>to</strong>wards specific industries. For example, one of the<br />
first OMG RFPs issued for domain interfaces is for Product Data
238 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Management (PDM) enablers for the manufacturing domain. Other<br />
OMG RFPs will soon be issued in the telecommunications, medical and<br />
financial domains.<br />
Application interfaces<br />
These are interfaces developed specifically for a given application.<br />
Because they are application-specific and because the OMG does not<br />
develop applications (only specifications), these interfaces are not<br />
standardized. However, if over time it appears that certain broadly<br />
useful services emerge out of a particular application domain, they<br />
might become candidates for future OMG standardization.<br />
CORBA 3<br />
The latest version of CORBA, CORBA 3, is built upon both the<br />
successes and shortcomings of earlier versions of CORBA. CORBA 3<br />
is divided in<strong>to</strong> three major categories:<br />
• Java and Internet integration;<br />
• Quality of service control; and<br />
• CORBA Component Model (CCM).<br />
The biggest and most anticipated change in the CORBA 3 standard<br />
is the CORBA Component Model. The introduction of CCM, along<br />
with other features such as messaging, has helped CORBA catch up<br />
<strong>to</strong> the other component frameworks. A few of the new CORBA 3<br />
specifications, as provided by OMG, are outlined below:<br />
Java and internet integration<br />
CORBA 3 provides enhanced integration with the Java language and<br />
the Internet:<br />
Java-<strong>to</strong>-IDL Mapping<br />
This mapping allows Java RMI objects <strong>to</strong> interoperate over the network<br />
as CORBA objects. They have CORBA object references and emit the<br />
HOP pro<strong>to</strong>col. New mapping defines IDL interfaces for Java objects
Middleware Technologies 239<br />
that lets them use the OMG's HOP pro<strong>to</strong>col for remote invocations and<br />
allows Java servers <strong>to</strong> be invoked by CORBA clients written in any<br />
CORBA-supported programming language.<br />
Firewall Specification<br />
The CORBA 3 firewall specification will define the capabilities CORBA<br />
needs <strong>to</strong> safely traverse firewalls.<br />
Interoperable Naming Service<br />
The interoperable name service defines one URL-format object reference,<br />
corbaloc, that can be typed in<strong>to</strong> a program <strong>to</strong> reach defined services at<br />
a remote location, including the naming service. A second URL format,<br />
corbaname, actually invokes the remote naming service using the name<br />
that the user appends <strong>to</strong> the URL and retrieves the IOR of the named<br />
object.<br />
Quality of service control<br />
The new messaging specification defines a number of asynchronous and<br />
time-independent invocation modes for CORBA and allows both static<br />
and dynamic invocations <strong>to</strong> use every mode.<br />
CORBA components package<br />
The three major parts of CORBA components are:<br />
• A container environment that packages transactionality, security and<br />
persistence and provides interface and event resolution;<br />
• <strong>Integration</strong> with EJBs; and<br />
• A software distribution format that enables a CORBA component<br />
software marketplace.<br />
8.4.4. Windows DNA — COM+<br />
Windows DNA has evolved from the middleware services originally<br />
provided in Windows NT, including the Component Object Model<br />
(COM), Distributed COM (DCOM), Microsoft Transaction Server (MTS)<br />
and Microsoft Message Queue (MSMQ). The foundation of Windows
240 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
DNA is COM+. COM+ has a long his<strong>to</strong>ry originating from Microsoft's<br />
Object Linking and Embedding (OLE) framework creating COM and<br />
then evolving from COM (and MTS) <strong>to</strong> its current form.<br />
Windows DNA platform<br />
One big difference between the CORBA, J2EE and Windows DNA<br />
frameworks is that the elements of Windows DNA can be both pro<strong>to</strong>col<br />
and product based. The major elements of DNA include:<br />
• Windows 2000 — Most Windows DNA services are now integrated<br />
with the Windows 2000 operating system. As mentioned earlier,<br />
Windows DNA is not platform independent.<br />
• Internet Information Services (IIS) — IIS is Microsoft's Web server<br />
and one of the leading Web servers in use on the Web. It is now part<br />
of the Windows 2000 operating system.<br />
• COMH COM+ is the component architecture for Windows. COM+<br />
is a marriage of COM and Microsoft Transaction Server (MTS). The<br />
COM+ framework is discussed in detail in this section.<br />
• Microsoft Message Queue (MSMQ) — MSMQ provides asynchronous<br />
messaging in the DNA environment.<br />
• Universal Data Access (UDA) — UDA is Microsoft's latest data<br />
access strategy that encompasses OLE DB and ActiveX Data Objects<br />
(ADO) for accessing databases and datas<strong>to</strong>res, Active Direc<strong>to</strong>ry<br />
Services Interfaces (ADSI) for accessing the direc<strong>to</strong>ry services of<br />
Windows's 2000 Active Direc<strong>to</strong>ry and <strong>Collaborative</strong> Data Objects<br />
(CDO) for accessing Microsoft Exchange.<br />
Microsoft's new .NET initiative extends Windows DNA even further<br />
by incorporating additional integration and Web services, including:<br />
• Host <strong>Integration</strong> Server — Provides gateways <strong>to</strong> allow bi-directional<br />
access <strong>to</strong> legacy systems, including mainframe, OS/390, OS/400 and<br />
Unix systems from a Windows platform.<br />
• BizTalk Server 2000 — BizTalk Server uses a message passing model<br />
<strong>to</strong> integrate applications. It is oriented <strong>to</strong>ward XML as a data format,<br />
but can also handle other formats such as HTTP URLs and MSMQ<br />
messages.
Middleware Technologies 241<br />
• Internet Security and Acceleration Server 2000 (ISA) — Contains<br />
two apparently unrelated applications. The first product, Internet<br />
security, is a firewall for setting access policies and network authentication.<br />
The second product, Acceleration server, is a content caching<br />
server.<br />
• Application Center Server 2000 — Provides an administration <strong>to</strong>ol<br />
for managing clusters of COM+ servers, a feature which was<br />
noticeably lacking in DNA.<br />
Microsoft has struggled <strong>to</strong> penetrate the enterprise distributed<br />
component market, though their latest initiatives, including .NET, could<br />
make them competitive in this space. The fact that they are Microsoft<br />
doesn't hurt either. Though it may take Microsoft some time <strong>to</strong> capture<br />
a market, they are usually successful at simplifying and demystifying<br />
technologies <strong>to</strong> the point where they become an out-of-the-box<br />
commodity (usually accomplished by integrating the technology with<br />
the operating system).<br />
COM+<br />
COM and COM+ are the distributed component pieces of the Windows<br />
DNA platform for building distributed application in a Microsoft<br />
Windows environment. Much like CORBA, COM provides a framework<br />
and standards for object and component communication (see Figure 8.8).<br />
Client Application<br />
T<br />
diem Communicates<br />
directly <strong>to</strong> Object<br />
COM+<br />
Establishes Connection<br />
| Object<br />
Server Application<br />
Figure 8.8. — Basic COM communication process
242 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
COM components can be written in any language, though Microsoft<br />
makes it easier <strong>to</strong> create COM components using Microsoft development<br />
languages, such as Visual Basic and Visual C++.<br />
COM provides two types of servers <strong>to</strong> allow clients <strong>to</strong> invoke a<br />
component: in-process and out-of-process. These COM servers provide<br />
much of the same roles as an ORB.<br />
In-process Server — An in-process server is a component where the<br />
objects run inside the client's memory space. Essentially, the client has<br />
a copy of the component on the local machine. In-process servers are<br />
implemented using DLLs or EXEs. The components are invoked using<br />
a local procedure call (LPC) (see Figure 8.9). LPCs are a means of<br />
communication between different processes on the same machine. As<br />
might be expected, in-process server components experience little<br />
overhead and are very quick <strong>to</strong> execute.<br />
Out-of-process Server — An out-of-process server runs in a separate<br />
process or memory space, usually on a separate machine (see Figure 8.10).<br />
They serve up 'remote' objects which are usually independent applications<br />
in their own right. Out-of-process servers use RPC-like communication<br />
similar <strong>to</strong> HOP with CORBA and RMI with J2EE. The<br />
benefits of out-of-process servers include component reusability and<br />
Client<br />
Application<br />
Vv_<br />
Client<br />
Application<br />
DCE<br />
RPC<br />
Client Process<br />
-1 r<br />
Figure 8.9. — In-process server call<br />
_i<br />
CCM<br />
)<br />
!<br />
y<br />
HI \<br />
^ (<br />
RPC<br />
-Vi<br />
Remote Machine<br />
Remote Server Process'<br />
COM<br />
Stub<br />
Figure 8.10. — Out-of-process server call<br />
Pemote Server<br />
Remote<br />
Object<br />
vk
Middleware Technologies 243<br />
maintainability. The drawbacks include slower performance due, <strong>to</strong> the<br />
communication overhead incurred from RPC calls and brokering<br />
performed by COM, such as marshalling.<br />
COM+ was born from the marriage of traditional COM and MTS.<br />
COM+ supports transactions natively — components are inherently<br />
designated a transaction. In COM+ there is no longer a need <strong>to</strong> deploy<br />
a component and then specify its transactional requirements. Instead,<br />
the transactional semantics are part of a component as defined by the<br />
programmer, thereby reducing administrative error.<br />
COM+ also provides transaction processing moni<strong>to</strong>ring capabilities<br />
by allowing multiple COM objects <strong>to</strong> be stringed <strong>to</strong>gether in<strong>to</strong> a single<br />
transaction. If an error occurs in any component, COM+ will roll back<br />
all of the work and res<strong>to</strong>re the system <strong>to</strong> its original state.<br />
DCOM is what puts the 'distributed' in COM. DCOM is an extension<br />
of Microsoft's Component Object Model (COM) across the network. It<br />
allows a transparent implementation of COM between two or more<br />
computers. DCOM is now built in<strong>to</strong> the Windows 2000 operating<br />
system which has reduced the effort <strong>to</strong> deploy a distributed COM<br />
system.<br />
Fundamentally, DCOM specifies a network pro<strong>to</strong>col for making this<br />
transparency work. When a client and component reside on the same<br />
computer they communicate via local procedure calls. When a client<br />
and a component reside on different computers, DCOM inserts itself<br />
in<strong>to</strong> the mix by using remote procedure calls <strong>to</strong> access the components<br />
across the network (see Figure 8.11).<br />
DCOM<br />
Pro<strong>to</strong>col<br />
LPC<br />
DCE<br />
RPC<br />
Figure 8.11. — Client-server communication via DCOM pro<strong>to</strong>col<br />
CCM<br />
Remote<br />
Component
244 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
To the client and component, the distributed calls are <strong>to</strong>tally<br />
transparent. The client never has <strong>to</strong> change how it calls the component.<br />
To the component it does not even know that its client is on another<br />
machine.<br />
COM and DCOM use a binary specification <strong>to</strong> provide language<br />
neutrality. A COM/DCOM component can be created with Java, C++,<br />
MS Visual Basic, Delphi, PowerBuilder, etc. This is one of the advantages<br />
COM+ provides over J2EE which is locked in<strong>to</strong> Java. DCOM<br />
allows the organization or developer <strong>to</strong> choose a language which he/she<br />
is most familiar with.<br />
8.4.5. J2EE — EJB<br />
Sun Microsystems released the Java platform in 1995 and <strong>to</strong>uted it as a<br />
way <strong>to</strong> create applications that would run on any computer, regardless<br />
of the operating system and deployment environment. The battle cry for<br />
Java was 'write once, run anywhere'.<br />
Building upon the success of the Java language, Sun leveraged the<br />
capabilities of Java with an eye on the enterprise framework of CORBA<br />
<strong>to</strong> develop a new enterprise Java model.<br />
J2EE platform<br />
The J2EE platform is the current version of enterprise Java. There are<br />
actually three editions of the Java 2 platform: the Java 2 Platform,<br />
Micro Edition (J2ME) for small devices and smartcards; the Java 2<br />
Platform, Standard Edition (J2SE) for desk<strong>to</strong>ps; and the Java 2 Platforms,<br />
Enterprise Edition (J2EE) for creating server-based applications and<br />
services. It is the J2EE platform which provides an enterprise framework<br />
for distributed components. J2EE is a set of coordinated specifications<br />
and practices which enable solutions for developing, deploying and<br />
managing multi-tier server-centric applications.<br />
The primary technologies in J2EE include (see Figure 8.12):<br />
• Enterprise JavaBeans (EJB);<br />
• Java Server Pages (JSP);
Middleware Technologies 245<br />
Messaging Services Communication<br />
innllnMAK JavaMail JDBC TCP/IP. HTTP. SSL<br />
Application JMS JMDI pMI<br />
Services<br />
1 Business<br />
Logic<br />
I<br />
JTA FMI-IICP<br />
WLEC<br />
Entity Session<br />
Beans Beans<br />
EIR AwitafaMr<br />
Presentation JavaSeivei Sei.,,_,.. HTML'<br />
Pages XML<br />
Logic<br />
W*» Contrtwar<br />
Figure 8.12. — J2EE platform<br />
• Java Servlets;<br />
• Java Naming and Direc<strong>to</strong>ry Interface (JNDI);<br />
• Java Transaction API (JTA);<br />
• Java Interface Language (IDL) for CORBA;<br />
• JDBC Data Access API; and<br />
• JavaMail.<br />
Though J2EE is a platform independent pro<strong>to</strong>col, the underlying<br />
technology is Java, a language which is owned and maintained by Sun.<br />
Application server vendors pay a royalty <strong>to</strong> Sun <strong>to</strong> implement J2EE<br />
technology.<br />
EJB<br />
EJB has become a widely adopted server-side component architecture,<br />
based on the J2EE framework. The EJB specification is an industry<br />
initiative led and driven by Sun with participation from many vendors<br />
in the industry. Sun owns the interactive and iterative process of<br />
defining, creating and publishing the specification while ensuring ongoing
246 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Security<br />
Distributed Object<br />
Management<br />
Enterprise<br />
JavaBeans<br />
Persistence<br />
Transactions<br />
Figure 8.13. — Few features of enterprise JavaBeans<br />
incorporation of input and feedback from the industry and the general<br />
public.<br />
EJB technology is the core of J2EE. It enables developers <strong>to</strong> write<br />
reusable portable server-side business logic for the J2EE platform.<br />
Some of the key features of EJB include the following (see Figure 8.13):<br />
• EJB components are server-side components written entirely in the<br />
Java programming language;<br />
• EJB components contain business logic only — no system-level<br />
programming;<br />
• System-level services such as transactions, security, life-cycle,<br />
threading, persistence, etc. are au<strong>to</strong>matically managed for the EJB<br />
component by the EJB server or container;<br />
• EJB architecture is inherently transactional, distributed, portable, multitier,<br />
scalable and secure;<br />
• Components are declaratively cus<strong>to</strong>mized (can cus<strong>to</strong>mize: transactional<br />
behavior, security features, life-cycle, state management, persistence,<br />
etc.); and<br />
• EJB components are fully portable across any EJB server and any<br />
OS.
Middleware Technologies 247<br />
EJB technology has gained wide spread industry adoption and support.<br />
The EJB specification is unique from CORBA and COM+ in that the<br />
specification was developed using industry-wide collaboration, as with<br />
CORBA, yet the specification is controlled by a single company, as<br />
with COM+. This has given EJB the advantage of obtaining industry<br />
acceptance from the application server vendors, while at the same time,<br />
the ability <strong>to</strong> advance and modify the specification quickly, since<br />
ultimately there is really only one owner and final decision-maker.<br />
At a high level, EJBs do not differ much from CORBA, or even<br />
COM+. EJBs require an IDL <strong>to</strong> separate the interface from implementation;<br />
it supports transaction management, component level security and<br />
messaging; and it is object-oriented based.<br />
EJB differs from its brethren, as follows:<br />
• EJB is a Java-based pro<strong>to</strong>col. Though EJBs can interface with non-<br />
Java components through wrappers or interfaces <strong>to</strong> CORBA, EJBs<br />
are Java at heart.<br />
• In addition <strong>to</strong> being platform independent, EJBs are also middleware<br />
independent. An EJB application can, in theory, be ported from one<br />
application server <strong>to</strong> another with minimal rework.<br />
• EJBs live in a container. The container provides several services for<br />
the EJBs, including lifecycle management and instance pooling and<br />
transaction management. The container intercedes between client<br />
calls on the remote interface and the corresponding methods in a<br />
bean <strong>to</strong> enforce transaction and security constraints. The container<br />
also enforces policies and restrictions on bean instances, such as<br />
reentrance rules and security policies.<br />
• EJBs were designed <strong>to</strong> wrap around, or encapsulate, existing legacy<br />
systems, applications and datas<strong>to</strong>res, allowing an organization <strong>to</strong><br />
leverage its existing infrastructure. These existing systems will appear<br />
as a standard bean within the container. EJB can also co-exist with<br />
other technologies, including COM/DCOM, ActiveX and CORBA.<br />
Types of beans<br />
The 'bean' part of Java Beans is Sun's name for a Java component.<br />
There are two types of enterprise beans: session beans and entity beans.
248 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Session beans<br />
Session beans represent behaviors associated with client sessions. A<br />
session bean instance is typically private <strong>to</strong> a particular client connection.<br />
It is usually not shared among multiple clients and therefore becomes a<br />
logical extension of the client application. Interfaces are defined <strong>to</strong><br />
support a session bean accessing and modifying data as part of a<br />
transaction.<br />
SESSION BEAN PROPERTIES<br />
• Transaction capable;<br />
• Handles one transaction at a time;<br />
• Accesses and updates database for the client;<br />
• A logical extension of the client;<br />
• Used only by client who creates it;<br />
• Short lived — lives only as long as the client;<br />
• Does not survive crash of client or server;<br />
• Hides its identity (appears anonymous);<br />
• No finder method; and<br />
• Fields represent the state of the transient conversation with the<br />
client.<br />
Stateless versus stateful session beans<br />
Session beans can be either stateful or stateless. A stateless session<br />
bean does not maintain an internal state and has no persistence. The<br />
state of the bean will always be the same both before and after any<br />
method calls or transactions have occurred. Since session beans of the<br />
same type are identical, they can be pooled <strong>to</strong> service multiple clients.<br />
They can also be created and destroyed easily by the container, since<br />
they hold no state.<br />
A stateful session bean, on the other hand, maintains an internal<br />
state that can be accessed and modified directly by the client. A stateful<br />
bean can be accessed by only one EJB client and becomes a logical
Middleware Technologies 249<br />
extension of the client application. Since these beans can be persisted,<br />
they are often referred <strong>to</strong> as Persistent Session Beans.<br />
Entity beans<br />
An entity bean is persistent once it is created, until it is explicitly<br />
deleted. Entity beans represent specific persistent data, which is<br />
maintained in a database and the methods for acting on that data. Entity<br />
beans typically correspond <strong>to</strong> a database table row with a single row<br />
representing a single bean instance. The primary key for that row will<br />
provide the identification for that bean. Interaction with the database<br />
can be through the EJB container (container-managed) or handled directly<br />
by the bean through embedded SQL (bean-managed).<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
ENTITY BEANS PROPERTIES<br />
Persistent;<br />
Handles multiple clients;<br />
Transactional;<br />
Survives server crash;<br />
Represents data in a database, along<br />
that data;<br />
Exposes its identity as primary key;<br />
Has finder method; and<br />
In a relational database context , there<br />
a table.<br />
8.4.6. J2EE application servers<br />
with the methods <strong>to</strong><br />
act<br />
on<br />
is one bean for each row in<br />
In the following section, we will discuss two of the most popular J2EE<br />
compliant application servers.<br />
IBM WebSphere<br />
WebSphere is actually a series of products offered by IBM. The<br />
corners<strong>to</strong>ne of the WebSphere product suite is the WebSphere Application
250 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Access Services<br />
[ (HTTP, HOP, RMI / HOP) )<br />
Dynamic content services<br />
(JavaSeiver Pages, HTM_ or<br />
XML SSL)<br />
/<br />
Ru nti me Se rvices<br />
Component Broker, Distributed '<br />
CICS and Encina<br />
f" ^ '<br />
Connection Services<br />
CCRBA Java, EJa<br />
Transactional fiPls<br />
PCS Browsers<br />
..J..<br />
i<br />
i Web Server Java Servlet<br />
:EJB,CORBA<br />
>...__.__—*. Business<br />
Applications<br />
Relational<br />
Databases<br />
IBM DB2<br />
Oracle, Sybase.<br />
Informix.. JDBC<br />
Transactional<br />
Systems<br />
ERP<br />
Systems<br />
Figure 8.14. — IBM's WebSphere suite<br />
Pervasive devices<br />
(such as cell phones and<br />
handheld devices)<br />
I I<br />
Other<br />
Application<br />
Servers<br />
MQSerie &<br />
Lotus Domino<br />
Others<br />
(LDAP direc<strong>to</strong>ries,<br />
ORBs, Oustnm<br />
applications)<br />
Server which is a Java 2 Enterprise Edition (J2EE)-compliant platform<br />
for developing, deploying and maintaining Web-based applications. The<br />
WebSphere suite comes with an impressive arsenal of products in<br />
support of the application server, including development <strong>to</strong>ols moni<strong>to</strong>ring<br />
components and configuration management utilities (see Figure 8.14).<br />
Some of the other products in the WebSphere family include:<br />
• WebSphere Studio;<br />
• WebSphere Personalization Server;<br />
• WebSphere Business Integra<strong>to</strong>r;<br />
• WebSphere Portal Server;<br />
• WebSphere Host <strong>Integration</strong> Solution;<br />
• WebSphere Voice Server;<br />
• WebSphere Site Analyzer; and<br />
• DB2.<br />
The enterprise edition of WebSphere also comes bundled with other<br />
IBM products, including:<br />
• Component Broker — a complete, CORBA 2.0 compliant object<br />
transaction moni<strong>to</strong>r;<br />
• Encina — a transaction processing (TP) moni<strong>to</strong>r;
• CICS — another TP moni<strong>to</strong>r; and<br />
• MQSeries — IBM's popular messaging product.<br />
Middleware Technologies 251<br />
Each of these products is an independent commercial product in<br />
itself. As might be expected, WebSphere also integrates with many<br />
other popular IBM products, including MQSeries Integra<strong>to</strong>r and Lotus<br />
Domino. WebSphere is available on all the major operating systems,<br />
including AIX, Windows NT/2000, Solaris, Linux, IBM OS/390 and<br />
HP-UX. WebSphere comes with DB2 as the default database but also<br />
supports Oracle 8i and Sybase Adaptive Server, with some effort.<br />
Though the breadth of the WebSphere family seems impressive (and<br />
it is), the actual integration of all these <strong>to</strong>ols is not always a turnkey<br />
operation. In a rush <strong>to</strong> provide the most comprehensive e-<strong>commerce</strong><br />
product line, many of these products were placed under the WebSphere<br />
'umbrella' before full interoperability was attained. The WebSphere<br />
application server itself has had a reputation of being difficult <strong>to</strong> install<br />
and maintain. But IBM has deep pockets and a strong commitment <strong>to</strong><br />
WebSphere, so each new release has provided tighter integration and<br />
better interoperability among the various products. And, of course,<br />
IBM's Global Services will be more than happy <strong>to</strong> help companies out<br />
with their integration problems.<br />
WebSphere is also the first software platform <strong>to</strong> incorporate the<br />
following elements <strong>to</strong> enable Web services, including:<br />
• SOAP (Simple Object Access Pro<strong>to</strong>col) for Java server and <strong>to</strong>ols for<br />
standard-format Web services data and communications;<br />
• UDDI (Universal Description, Discovery and <strong>Integration</strong>) for Java,<br />
providing a set of Java APIs for interacting with UDDI registries for<br />
Web services;<br />
• XML (Extensible Markup Language) upgraded XML parser for better<br />
performance and <strong>B2B</strong> communications; and<br />
• WSDL (Web Services Description Language), a common language <strong>to</strong><br />
describe the capabilities of Web services.<br />
IBM has beaten other application server vendors <strong>to</strong> the punch by<br />
providing support for Web services within WebSphere. These new<br />
services will help WebSphere extend the enterprise <strong>to</strong> the Web, providing<br />
an end-<strong>to</strong>-end (or EAI <strong>to</strong> <strong>B2B</strong>i) integration model.
252 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Client<br />
Wirele<br />
BEA WebLogic<br />
Partner<br />
Offerings<br />
Campaign Manage:<br />
Commerce Server<br />
Personalisation Server<br />
Legacy<br />
Applications<br />
Mamfiames<br />
and Databases<br />
eLink<br />
Partner<br />
Offenngs<br />
Weblogic <strong>Integration</strong><br />
WebLogic and Tuxedo Application Servers<br />
BEA Services<br />
Figure 8.15. — BEA family of WebLogic servers<br />
M<br />
Partners<br />
Suppliers<br />
Emplcyees<br />
r~,—<br />
Cus<strong>to</strong>mers<br />
Like WebSphere, BEA's WebLogic is actually a family of products. BEA<br />
WebLogic Server, a J2EE-based application server, is at the heart of the<br />
WebLogic platform. The BEA family of WebLogic servers includes (see<br />
Figure 8.15):<br />
• BEA WebLogic Server;<br />
BEA WebLogic Express;<br />
BEA WebLogic Commerce Server;<br />
BEA WebLogic Personalization Server;<br />
BEA WebLogic <strong>Integration</strong>; and<br />
BEA Tuxedo.<br />
A high performance Web server is bundled in with WebLogic.<br />
WebLogic also integrates with BEA's eLink family of off-the-shelf<br />
enterprise application integration (EAI) products. eLink leverages the<br />
WebLogic platform <strong>to</strong> integrate existing legacy applications with<br />
e-<strong>commerce</strong> and <strong>B2B</strong> platforms.<br />
WebLogic is available on all the major operating systems, including<br />
AIX, Windows NT/2000, Solaris, Linux, IBM OS/390 and HP-UX.
Middleware Technologies 253<br />
Unlike WebSphere, WebLogic products are generally easier <strong>to</strong> install<br />
and maintain. In addition, integration and interoperability among various<br />
servers is tighter and simpler <strong>to</strong> implement than its main rival,<br />
WebSphere. WebLogic is one of the most mature and stable J2EE<br />
application servers available.<br />
BEA WebLogic has what IBM wants: market share. BEA was the<br />
first vendor <strong>to</strong> achieve widespread industry acceptance of a J2EE<br />
distributed component middleware platform. Though both IBM and<br />
BEA regularly make contradicting claims about their market share, it is<br />
IBM who must play catch-up (and it seems they are).<br />
8.5. Conclusion<br />
Middleware technologies reduce the effort required <strong>to</strong> develop and<br />
maintain computer systems. By removing the complexities of<br />
heterogeneous environments inherent in most organizations, middleware<br />
products provide a reliable, scalable means for system integration within<br />
the organization.<br />
Middleware technologies advance the goals of <strong>B2B</strong>i and enterprise<br />
application integration. By integrating disparate systems throughout the<br />
organization, middleware technologies can promote a zero-latency enterprise<br />
strategy, where data is exchanged across systems in real-time; reduce<br />
application development time and improve speed <strong>to</strong> market; create<br />
standardized development methodologies throughout an organization;<br />
facilitate the integration of systems inherited through mergers or<br />
acquisitions; and reduce application maintenance.<br />
Ultimately, the question is not if middleware should be used, but<br />
how and <strong>to</strong> what extent.
Chapter Q<br />
<strong>Integration</strong> Brokers<br />
The focus of this chapter<br />
<strong>Integration</strong> brokers are the middleware for extranets that provide an<br />
end-<strong>to</strong>-end integration platform addressing the critical business<br />
components required <strong>to</strong> completely au<strong>to</strong>mate business processes across<br />
the extended enterprise.<br />
In this chapter, we will present the different architectures of message<br />
oriented integration brokers (message brokers), their components and<br />
salient features. You will also get an overview of the leading integration<br />
broker solutions along with relevant case studies.<br />
254
9.1. Introduction<br />
<strong>Integration</strong> Brokers 255<br />
Traditionally, companies have used relatively flat architectures, such<br />
as file transfers, APIs and RPCs <strong>to</strong> integrate internal and external<br />
applications. These architectures utilize application specific adapters<br />
and messaging middleware.<br />
However, flat architectures are not suitable for <strong>B2B</strong>i, which<br />
requires a more robust, scalable and systematic implementation. Such<br />
architectures, being quite rigid, lack the flexibility required in <strong>B2B</strong>i.<br />
The physical architecture for <strong>B2B</strong>i is multi-tiered, which introduces an<br />
integration broker between the applications (nodes) being integrated and<br />
shields the individual nodes or end points from each other and the<br />
actual integration services. <strong>Integration</strong> brokers, built primarily on<br />
messaging middleware, provide an end-<strong>to</strong>-end integration platform<br />
addressing the critical business components required <strong>to</strong> completely<br />
au<strong>to</strong>mate business processes across the extended enterprise. They provide<br />
wide-ranging, pre-built application adapters and bi-directional<br />
connectivity <strong>to</strong> multiple applications, including mainframe applications.<br />
<strong>Integration</strong> brokers enable data integration by allowing applications <strong>to</strong><br />
exchange information at the program level (application oriented<br />
integration) or data level (data oriented integration).<br />
An integration broker extracts data from the source node at the right<br />
time, transforms the data, converts the schema and routes the data <strong>to</strong><br />
the target node. Here, the node can be an application, a program, or a<br />
person — as defined in the business process workflow. Communication<br />
between applications and an integration broker occurs mostly in the<br />
form of messages. An integration broker also provides a reposi<strong>to</strong>ry for<br />
archiving, searching and retrieving these messages.<br />
<strong>Integration</strong> brokers do not replace traditional middleware as MOM,<br />
RPC and distributed TP moni<strong>to</strong>rs. They are in fact built on <strong>to</strong>p of<br />
existing middleware technology, most often on messaging middleware.<br />
Therefore, in this chapter we will focus on integration brokers built on<br />
messaging middleware, also called message brokers. Message brokers<br />
are also known as middleware for extranets.<br />
A few leading vendors for integration brokers include — IBM<br />
MQSeries Integra<strong>to</strong>r; Extricity; BEA eLink; webMethods <strong>B2B</strong> Enterprise;<br />
Merca<strong>to</strong>r Enterprise Broker, WebBroker, CommerceBroker; NEON
256 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
eBusiness <strong>Integration</strong> Servers; SeeBeyond e*Exchange eBusiness<br />
<strong>Integration</strong> Suite; Tibco ActiveEnterprise, ActivePortal, ActiveExchange;<br />
Vitria BusinessWare; CrossWorlds Software; and Microsoft BizTalk<br />
Server.<br />
9.1.1. <strong>Integration</strong> brokers enable (best-of-breed)<br />
BOB approach<br />
A typical medium <strong>to</strong> large size company needs multiple applications<br />
that collectively support its entire business operation. No single software<br />
vendor can provide all these applications with elaborate functionalities<br />
for each industry.<br />
<strong>Integration</strong> brokers enable enterprises <strong>to</strong> select solutions from different<br />
software vendors that provide greater domain expertise and functional<br />
support. With their use, for example, a company can implement Clarify<br />
CRM, PeopleSoft Human Resources, Ariba e-Procurement, Oracle<br />
Financial, i2 SCM and SAP Utilities.<br />
9.2. Architecture of <strong>Integration</strong> Brokers<br />
<strong>Integration</strong> brokers are based on one of two distinct fundamental physical<br />
architectures: hub-and-spoke and message bus. Another derived<br />
architecture, known as multi-hub, connects several integration brokers,<br />
each of which is based on hub-and-spoke or message bus architecture.<br />
Let's have a closer look at these architectures:<br />
9.2.1. Hub-and-spoke architecture<br />
In hub-and-spoke architecture, there is a central server (hub) <strong>to</strong> which<br />
all internal and external applications (spokes) are connected (see<br />
Figure 9.1). The central server is actually the integration broker that<br />
provides all the integration services. The addition of any new application<br />
is extremely simple in this architecture, it simply needs <strong>to</strong> be plugged<br />
in<strong>to</strong> the hub. From there onwards, it can communicate with any other<br />
application also connected with the hub. Administration of the integration
Legacy System<br />
(Mainframe)<br />
ERP System<br />
(SAP, PeopleScft,<br />
Baan)<br />
Adapter<br />
Adapter<br />
<strong>Integration</strong> Brokers 257<br />
I A \ | lnteoration I/ 1 *\l , f C " S¥ste "\<br />
g.\i s/~& Broker "S-^f—v - * 02, Manugistics)<br />
Broker ff »<br />
Adapter<br />
r V<br />
v<br />
Adapter<br />
CRM System<br />
(Clarify, Siebel)<br />
Figure 9.1. — Hub-and-spoke architecture<br />
broker is fairly simple in this architecture, as everything is managed<br />
centrally.<br />
However, the centralized nature of this architecture is also its biggest<br />
drawback. If, for instance, connectivity <strong>to</strong> the integration broker is<br />
down due <strong>to</strong> network errors — the entire system would come <strong>to</strong> a<br />
standstill. No internal or external application is able <strong>to</strong> communicate<br />
with the other. To avoid such situations, this architecture requires a<br />
clustered solution in which multiple instances of integration brokers run<br />
on different physical machines.<br />
This architecture is suitable for small <strong>to</strong> medium size enterprises,<br />
which have relatively fewer internal and external applications <strong>to</strong> integrate<br />
with.<br />
The most widely used integration brokers based on this architecture<br />
are from webMethods, CrossWorlds and Vitria.<br />
9.2.2. Message bus architecture<br />
In message bus architecture, the message bus forms the backbone<br />
communication link <strong>to</strong> which all applications are connected (see
258 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Metadata<br />
Reposi<strong>to</strong>ry<br />
ERP System<br />
(SAP, PeopleSoft,<br />
Baan)<br />
%\ /<br />
Adapter<br />
Adapter<br />
n<br />
Adapter<br />
Adapter<br />
<strong>Integration</strong><br />
Broker<br />
SCM System<br />
(i2, Manugistics)<br />
Adapter<br />
n Adapter<br />
Message<br />
Adapter<br />
tt<br />
Adapter-<br />
Databases<br />
(Oracle, Sybase)<br />
Figure 9.2. — Message bus architecture<br />
CRM System<br />
(Clarify, Siebel)<br />
Adapter<br />
n Adapter<br />
Bus<br />
Adapter<br />
n Adapter<br />
Legacy System<br />
(Mainframe)<br />
Figure 9.2). Every message that flows between applications travels over<br />
the bus <strong>to</strong> the integration broker, which transforms, translates and<br />
routes the message <strong>to</strong> the receiving application.<br />
The addition of new applications is also simple in this architecture.<br />
The integration broker suite would provide either a pre-packaged adapter<br />
for the application or APIs <strong>to</strong> build an adapter for the same. After the<br />
new application is connected <strong>to</strong> the bus, it can communicate with all<br />
the applications that are connected <strong>to</strong> the bus.<br />
In this architecture, the integration broker should be viewed as 'just<br />
another service on the bus' and not as a hub.<br />
Since this architecture is distributed in nature, it offers better<br />
scalability and performance. It is more suitable for large size companies,<br />
which have a relatively large number of internal and external applications<br />
<strong>to</strong> connect with.<br />
The most widely used integration brokers based on this architecture<br />
are from Tibco and SeeBeyond.<br />
9.2.3. Multi-hub architecture<br />
A multi-hub architecture is characterized by the presence of multiple<br />
integration brokers, each one of which has many applications connected<br />
<strong>to</strong> it (see Figure 9.3). This configuration links <strong>to</strong>gether all the different
Application Application Application Application<br />
$ $ # $<br />
Message<br />
Broker<br />
Message<br />
Broker<br />
£ ¥~^<br />
Application Application Application<br />
<strong>Integration</strong> Brokers 259<br />
Application Application<br />
$ $<br />
Application^ H"*** I<br />
Broker |<br />
in?<br />
Message<br />
Broker<br />
Application Application<br />
Figure 9.3. — Multi-hub architecture<br />
integration brokers. The connectivity of the brokers is transparent <strong>to</strong> the<br />
underlying applications. Through their respective connection with an<br />
integration broker, they are integrated with all the other applications<br />
linked <strong>to</strong> different brokers in the system.<br />
This architecture is very useful as a scalability solution, where<br />
multiple instances of the same integration broker can be deployed on<br />
different physical machines. More such instances can be added if the<br />
number of applications <strong>to</strong> be integrated increases or the current solution<br />
is slow due <strong>to</strong> overload.<br />
9.3. Components of <strong>Integration</strong> Brokers<br />
The essential components of any integration broker include Messaging<br />
Manager and Message Warehouses, Application Adapters, Data<br />
Transformation Component, Workflow Manager, Metadata Reposi<strong>to</strong>ry<br />
and Administration Tool (see Figure 9.4). All of them work <strong>to</strong>gether in<br />
providing a robust, flexible and dynamic integration solution that supports<br />
the exchange and transformation of data from multiple applications over<br />
multiple networks.<br />
Several components such as the data transformation component and<br />
the workflow manager do not fall in<strong>to</strong> the category of application or<br />
middleware. They can be placed in either applications or middleware.
260 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Metadata Reposi<strong>to</strong>ry 1<br />
Administration Tool<br />
Workflow Manager<br />
Message<br />
Warehouses<br />
Components of<br />
<strong>Integration</strong> Broker<br />
Data Transform ation I<br />
Tool I<br />
Message Distribution!<br />
Manager 1<br />
Figure 9.4. — Components of an integration broker<br />
App 1 i c ati on Ad apters I<br />
From a systems architecture point-of-view, the ideal place for these<br />
components is within integration brokers, as it would provide a single<br />
point of integration.<br />
Here is an elaborated discussion of the components of an integration<br />
broker:<br />
9.3.1. Messaging services<br />
Messaging is defined as the process by which the source sends business<br />
events or data as strings of bytes <strong>to</strong> a destination, asynchronously or<br />
synchronously, over a communications pathway.<br />
At the core of an integration broker lies its ability <strong>to</strong> support<br />
mission-critical communications that include:<br />
• Capabilities for asynchronous and synchronous communication;<br />
• Message queuing;<br />
• Message flow control;<br />
• Publish-and-subscribe;<br />
• Filtering;
<strong>Integration</strong> Brokers 261<br />
• Parsing;<br />
• Intelligent routing;<br />
• Extracting key identifiers and identifying specific processing rules;<br />
and<br />
• Guaranteed secured message delivery.<br />
The messaging services determine when and how the messages are<br />
routed, what <strong>to</strong> do with a message if the receiving application is not<br />
ready <strong>to</strong> receive it and several other features typical of a message<br />
broker.<br />
An integration broker can be built either on messaging middleware<br />
or provide adapters for message oriented middleware or message buses.<br />
In either case it has <strong>to</strong> enable guaranteed messaging of both the<br />
structure (syntax) and the meaning (semantics) of the data between<br />
applications. Many integration broker software vendors use MQ Series<br />
for message queuing.<br />
Message flow control is an important feature that an integration<br />
broker has <strong>to</strong> support for effective performance results. Assume a<br />
situation in which the source application is generating messages at a<br />
rate much faster than they can be received by the destination. In such<br />
a scenario, messages accumulate in the broker's memory, which may<br />
reduce the available CPU resources for other tasks. It should be able <strong>to</strong><br />
throttle the source application, using flow control <strong>to</strong> avoid losing<br />
messages and slowing down the message throughput of the broker as<br />
a whole. Additionally, the broker should provide robust performance<br />
in the event of server overload and network congestion — all of<br />
which may result in a high number of unretrieved messages in the<br />
message queue.<br />
Each trading partner in a <strong>B2B</strong> application may have its own<br />
preferences in terms of transaction sets, message formats, communication<br />
transports, access privileges, routing and transformation rules and tracking<br />
and error-handling requirements. <strong>Integration</strong> brokers should support all<br />
these cus<strong>to</strong>mizable preferences and enable message routing that directs<br />
data according <strong>to</strong> conditions set by the business. They should also<br />
enable message formatting so that applications can exchange information<br />
after adapting the presentation of the content <strong>to</strong> the requirements of the<br />
environment.
262 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
<strong>Integration</strong> brokers also have <strong>to</strong> provide an infrastructure and <strong>to</strong>ols<br />
for s<strong>to</strong>ring the messages in message warehouses (saving a copy of<br />
all messages in a database or file, usually on disk and usually in an<br />
unprocessed format). Warehouses provide functionalities of auditing<br />
used for reporting, retrieving messages, associating messages with the<br />
genera<strong>to</strong>rs and message non-repudiation. They provide a persistent buffer<br />
<strong>to</strong> s<strong>to</strong>re messages that could be lost in the event of the receiving<br />
application being unavailable. Messages can be retrieved and resent <strong>to</strong><br />
the target application when it becomes available.<br />
9.3.2. Application adapters<br />
An application adapter provides a communication interface between the<br />
underlying application and the integration broker. It allows messages <strong>to</strong><br />
be sent and received between the two, based on a business event or an<br />
explicit invocation. Some of the common methods used by adapters <strong>to</strong><br />
enable communication include sequential file access, invocation of<br />
component methods using APIs, RPCs and direct database access.<br />
As discussed earlier, there is a different adapter for each application<br />
<strong>to</strong> be integrated (see Figures 9.5 and 9.6). The integration brokers<br />
should offer these adapters for the industry-leading enterprise applications<br />
and offer pre-packaged integration solutions for integrating pre-built<br />
applications with static code (such as SAP-i2, BroadVision-Siebel).<br />
Application adapters drastically reduce the deployment time of integration<br />
brokers, sometimes as high as 50%.<br />
An adapter should also be available <strong>to</strong> enable the communication<br />
between integration brokers and application servers supporting common<br />
object request brokers including CORBA, EJB, COM and COM+.<br />
Apart from providing adapters for core internal applications,<br />
integration brokers should also provide adapters that hook up with<br />
popular <strong>B2B</strong> trading exchanges, such as the Ariba Commerce Services<br />
Network.<br />
<strong>Integration</strong> brokers should include adapter development environment<br />
and <strong>to</strong>olkit for graphically generating cus<strong>to</strong>m interface components.<br />
The <strong>to</strong>olkit should also include APIs that make services of brokers<br />
available.
Legacy<br />
Systems<br />
CRM<br />
System<br />
SCM<br />
System<br />
VTT7<br />
<strong>Integration</strong><br />
Broker<br />
1<br />
Adapter for<br />
SAP R/3<br />
ALE<br />
BAPI / RFC<br />
ABAP Direct<br />
• RFC |RFC I :<br />
^ ir #<br />
SAP R/3 |<br />
System I<br />
Internal<br />
Applications<br />
Figure 9.5. — Adapter for ERP system-SAP R/3<br />
Legacy<br />
Systems<br />
CRM ERP<br />
\M7<br />
System System<br />
<strong>Integration</strong><br />
Broker<br />
T<br />
Adapter for<br />
i 2 System<br />
Common Data || Copy Maps<br />
Models.<br />
12 System<br />
ADW<br />
^-<br />
RhythmLink<br />
1<br />
\2 Engines<br />
Internal<br />
Applications<br />
Figure 9.6. — Adapter for SCM system-i2<br />
<strong>Integration</strong> Brokers 263
264 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
XML<br />
Document<br />
XML DTD<br />
or Schema<br />
Lj-$* *? S -! H **K i J®<br />
Adapter for<br />
XML<br />
Processed<br />
XML<br />
Message<br />
• *> ,v <strong>Integration</strong><br />
Broker<br />
Transformed<br />
XML<br />
Message<br />
• iv ••*,&-,*, Application A<br />
* _>uj j*^.*, Application B<br />
Data<br />
*K ,<br />
Transformation .j<br />
Tool r<br />
H Tr ansf 01 med •<br />
XML<br />
Message<br />
Figure 9.7. — Data transformation component<br />
9.3.3. Data transformation component<br />
<strong>Integration</strong> brokers should support an any-<strong>to</strong>-any document translation<br />
paradigm. The data transformation component of an integration broker<br />
performs the dynamic process of schema conversion and data transformation<br />
of messages as they are exchanged between the source and<br />
target applications (see Figure 9.7). It does so by deconstructing the<br />
message from the source application, interpreting the meaning of data<br />
using the metadata reposi<strong>to</strong>ry and mapping that data <strong>to</strong> the schema of<br />
the target application and reconstructing the message. It changes the<br />
original message structure and format based on the schema of each of<br />
the target applications.<br />
Without schema conversion and data transformation, no two disparate<br />
applications can communicate with each other. It is the responsibility of<br />
the integration broker <strong>to</strong> take the data from one application and transform<br />
it in such a way that the receiving application can understand it, i.e., all<br />
incoming messages have <strong>to</strong> be translated and mapped in the form of<br />
outgoing messages for the receiving application.<br />
As an example, consider the kind of data that can be exchanged for<br />
a new user creation between CRM application and ERP application<br />
with the WebLogic integration broker. When a new cus<strong>to</strong>mer is created<br />
in a CRM system such as Clarify, an event in BEA WebLogic <strong>Integration</strong><br />
is triggered, which initiates a business process that enters new cus<strong>to</strong>mer<br />
data in<strong>to</strong> SAP R/3 and sends a welcome e-mail.
<strong>Integration</strong> Brokers 265<br />
Table 9.1. Semantic differences between source and target applications<br />
Source Application (CRM — Clarify)<br />
UserlD — Char (10)<br />
UserName — Char (50)<br />
PostalAddress — Char (100)<br />
PhoneNumber — Char (15)<br />
Target Application (ERP — SAP)<br />
user_id — Char (12)<br />
first_name — Char (20)<br />
middle_name — Char (2)<br />
last_name — Char (20)<br />
street_address — Char (20)<br />
city — Char (20)<br />
state — Char (5)<br />
zip — Char (7)<br />
country_code — Num (4)<br />
city_code — Num (3)<br />
phone_number — Num (10)<br />
Table 9.1 shows the semantic difference between the schemas of the<br />
two applications.<br />
It is apparent that the two applications have different data schemas.<br />
There will be several errors if an attempt is made <strong>to</strong> move the data from<br />
one <strong>to</strong> the other without transformation. However, if the same data is<br />
passed through an integration broker, it will transform the data from<br />
CRM application <strong>to</strong> a form that is in congruence with the schema of<br />
ERP application.<br />
<strong>Integration</strong> brokers should support a full range of data types, including<br />
all the leading standards such as XML, cXML, EDI, RosettaNet,<br />
EDIFACT, XI2, HL7 and SWIFT.<br />
Usually, integration brokers include a graphical <strong>to</strong>ol known as<br />
DataMapper, which allows visual creation of maps that define the<br />
correspondence between the records and fields of the source application<br />
with those of the receiving application. A map may represent<br />
specifications in any language such as Extensible Stylesheet Language<br />
(XSL) style sheets that are used by the broker <strong>to</strong> perform the<br />
transformation described in the map.
266 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
9.3.4. Workflow manager<br />
<strong>Integration</strong> brokers work on the definition and management of the flow<br />
of messages that represent business processes between integrated<br />
applications. Thus, it is imperative for them <strong>to</strong> have a sophisticated<br />
workflow manager, which would allow users <strong>to</strong> visually create workflows<br />
representing inter-company business processes in the form of a sequence<br />
of events, routes, tasks and users. The execution environment should<br />
support event triggers, rules-based processing, threaded conversations,<br />
au<strong>to</strong>matic event notification, timing control, triggers, exception<br />
management and alternative and parallel routing of documents.<br />
Advanced rules-based processing in an integration broker reduces<br />
the messaging overhead with content-based message recognition and<br />
routing. Rules support the creation and dispatch of multiple messages <strong>to</strong><br />
multiple destinations from a single input message, while allowing<br />
different formats for each. The rules can be updated immediately, over<br />
time or on a delayed time frame. This sort of flexibility provides<br />
business users with effective control over business processes in a fast<br />
changing <strong>B2B</strong> environment.<br />
As a typical <strong>B2B</strong> example, an incoming purchase order may require<br />
cross-reference checking with ERP system for valid component<br />
identification number, financial system for verification of credit and<br />
several other necessary steps <strong>to</strong> complete the integration in<strong>to</strong> business<br />
applications. These rules and the associated flow logic should be easily<br />
created within the broker-provided graphical user interface and shared<br />
between maps, reducing development time significantly.<br />
9.3.5. Metadata reposi<strong>to</strong>ry<br />
Metadata reposi<strong>to</strong>ries s<strong>to</strong>re the definitions, formats, data elements and<br />
flow of messages that are used <strong>to</strong> exchange data between companies.<br />
<strong>Integration</strong> brokers can use these defined formats <strong>to</strong> parse and process<br />
messages.<br />
9.3.6. Administration <strong>to</strong>ol<br />
An integration broker should provide a graphical, user-friendly<br />
administration <strong>to</strong>ol that supports wide-ranging administrative functions,
<strong>Integration</strong> Brokers 267<br />
including trading partner management, ability <strong>to</strong> moni<strong>to</strong>r and properly<br />
control the state of operation of all events and indicate when they are<br />
completed, specifying security features, communication pro<strong>to</strong>cols and<br />
activity report generation. This <strong>to</strong>ol will be used <strong>to</strong> target and troubleshoot<br />
problems.<br />
9.4. Services of <strong>Integration</strong> Brokers<br />
<strong>Integration</strong> brokers provide the following essential services (see<br />
Figure 9.8):<br />
9.4.1. Enable all types of integration<br />
The first and foremost feature of any integration broker is <strong>to</strong> enable all<br />
types of integration needs within an organization and in an extended<br />
organization through translating, routing and tracking of all types of<br />
Enables Publishing/<br />
Subscribing of<br />
Web Services<br />
Based on Oper<br />
Architecture<br />
Easy <strong>to</strong><br />
Administer<br />
Business Process<br />
Management: Workflows,<br />
Business Processes<br />
<strong>Integration</strong> Broker<br />
Platform Services<br />
Trading Partner<br />
'•'anagement<br />
Standards Compl'<br />
Supports for all Ind 1<br />
a"t Scalability and<br />
jitry Transaction Integrity<br />
Standards<br />
Seamless <strong>Integration</strong><br />
with Enterprise<br />
Internal Systems<br />
Personalization for<br />
each Cus<strong>to</strong>mer<br />
, Secured Transactions<br />
and Connectivity<br />
Figure 9.8. — Services of a typical integration broker
268 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
data. They have <strong>to</strong> enable A2A (application-<strong>to</strong>-application), <strong>B2B</strong><br />
(business-<strong>to</strong>-business) and B2C (business-<strong>to</strong>-consumer) integration,<br />
thereby eliminating the need for an individual software solution for<br />
each type of integration.<br />
For small <strong>to</strong> medium size organizations that do not have the resources<br />
<strong>to</strong> implement advanced <strong>B2B</strong> systems, integration brokers should provide<br />
functionality for rapidly developing <strong>B2B</strong> portals <strong>to</strong> enable Web-based<br />
participation in business processes.<br />
9.4.2. Web services<br />
<strong>Integration</strong> brokers should provide the ability <strong>to</strong> create, test, deploy,<br />
publish and manage Web services and subscribe <strong>to</strong> a business partner's<br />
Web services as an out-of-the-box solution. This would enable the<br />
enterprises <strong>to</strong> quickly convert the existing applications in<strong>to</strong> Web<br />
services.<br />
9.4.3. Interoperability<br />
<strong>Integration</strong> brokers should provide seamless interoperability with existing<br />
applications, irrespective of the programming language (such as Java,<br />
C, C++ and COBOL) in which they were developed and the platform<br />
(such as Windows, Unix and Mainframe) they run on.<br />
9.4.4. Open architecture<br />
<strong>Integration</strong> brokers should provide open, non-invasive and scalable<br />
architectures that support all the leading distributed computing<br />
architectures such as COM+, CORBA and J2EE.<br />
9.4.5. Support for all communication pro<strong>to</strong>cols<br />
<strong>Integration</strong> brokers should provide support for all the pro<strong>to</strong>cols of<br />
transmitting data for <strong>B2B</strong> application integration (see Figure 9.9). Some<br />
of the most commonly used communication pro<strong>to</strong>cols include FTP,<br />
HTTP, HTTPS, EDI, e-mails (POP, SMTP), WAP, SNA and TCP/IP.
*fil s<br />
;-r a d<br />
JMS<br />
HTTP<br />
<strong>Integration</strong><br />
: ..._Broke.r<br />
FTP<br />
Large Enterprise t<br />
Email<br />
<strong>Integration</strong> Brokers 269<br />
-if 11 !<br />
Large Enterprise<br />
Medium Enterprise<br />
i<br />
Small Enterprise<br />
Small Enterprise<br />
Figure 9.9. — Exchange of data in a typical <strong>B2B</strong> scenario<br />
As depicted in the figure, in a typical <strong>B2B</strong> scenario, a company can<br />
exchange data with other companies through multiple channels<br />
9.4.6. Direc<strong>to</strong>ry services<br />
As seen in the multi-hub architecture figure, a real world implementation<br />
is completely distributed in nature with multiple instances of integration<br />
brokers connecting several applications and middleware resources.<br />
Direc<strong>to</strong>ry service of an integration broker is like yellow pages that<br />
maintain an index of all source and target applications along with their<br />
location, communication pro<strong>to</strong>col and use. It provides a single point of<br />
entry, also known as a gateway, along with search facilities for all the<br />
applications and resources connected by the broker.<br />
9.4.7. Trading partner management and<br />
personalization<br />
<strong>Integration</strong> brokers should provide a metadata reposi<strong>to</strong>ry, which can<br />
s<strong>to</strong>re the definition, preferences and technical specifications (such as
270 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
communication pro<strong>to</strong>col, XML/EDI standard, delivery channel and<br />
security requirements) unique <strong>to</strong> each trading partner relationship. S<strong>to</strong>ring<br />
all this information would greatly increase the speed of conducting<br />
business and would enable companies <strong>to</strong> offer personalized services <strong>to</strong><br />
each cus<strong>to</strong>mer, supplier and distribu<strong>to</strong>r.<br />
Usually integration brokers provide a graphical administration <strong>to</strong>ol,<br />
which lets the users define and manage relationships (i.e., adding or<br />
removing a new partner, granting and revoking access <strong>to</strong> privileges,<br />
etc.) with each trading partner.<br />
9.4.8. Security<br />
<strong>Integration</strong> brokers should provide a complete security solution, using<br />
encryption, PKI, digital authentication, digital certificates SSL and S/<br />
MIME encryption. They should also maintain a transaction audit trail,<br />
through which data privacy, data integrity and transaction non-repudiation<br />
(i.e., non-repudiation of origin and non-repudiation of receipt) can be<br />
ensured.<br />
9.4.9. Scalability<br />
<strong>Integration</strong> brokers should provide a scalable platform that can support<br />
a company's business <strong>to</strong>day and for years <strong>to</strong> come. They should be<br />
optimized for multi-processor systems and enable load balancing and<br />
failover solutions through a clustered architecture.<br />
9.4.10. Transactional integrity<br />
<strong>Integration</strong> brokers must provide transactional integrity (event-based<br />
processing, exception handling and built-in recovery) at every step,<br />
activity and node for each transaction and business process that flows<br />
through them.<br />
Typically, a business transaction is composed of several logical units<br />
of work and each unit of work must be completed successfully in order<br />
for the transaction <strong>to</strong> be committed. If even one unit of work fails, the<br />
whole transaction fails and all completed units of work have <strong>to</strong> be<br />
rolled back (reversed).
<strong>Integration</strong> Brokers 271<br />
Since a business transaction may involve updating multiple databases,<br />
it may take a long time <strong>to</strong> complete. If a database being updated by an<br />
application through messages is unavailable, the integration broker should<br />
s<strong>to</strong>re the message and make it available <strong>to</strong> the application when the<br />
database is up again.<br />
9.4.11. <strong>Integration</strong> broker connectivity<br />
Table 9.2 shows the connectivity that an integration broker should<br />
provide (see Figure 9.10):<br />
Application Adapters<br />
Language Adapters<br />
Database Adapters<br />
Mainframe Adapters<br />
E-<strong>commerce</strong> Packages<br />
Middleware<br />
Communication Pro<strong>to</strong>cols<br />
Legacy Systems<br />
Security<br />
Table 9.2. <strong>Integration</strong> broker connectivity<br />
Clarify, Oracle, SAP (SAP EDI, SAP ALE,<br />
SAP AMS), Siebel, Remedy, PeopleSoft,<br />
Portal Software<br />
ACTIVEX/COM, C/C++, CORBA IDL,<br />
EXECUTABLE, FORTE 4GL, JAVA, HTML/<br />
WEB AND XML<br />
Oracle, Microsoft SQL Server, ODBC, IBM<br />
Universal Database (DB2), Sybase<br />
CICS/COBOL, IBM MQ SERIES,CICS/PL/1,<br />
EDA/SQL, IMS<br />
Ariba, Broadvision, Commerce One, Blue<br />
Martini<br />
COM+, CORBA, MQSeries, MSMQ<br />
E-mail (POP and SMTP), FTP, HTTP, HTTPS,<br />
LDAP, NFS, TCP/IP, WAP, SNA<br />
CICS, IMS, Screen Scraping — CNT<br />
Enterprise/Access<br />
Digital signatures, digital authentication, X.509<br />
digital certificates, RSA SSL (Secure Socket<br />
Layer), Access control lists (ACLs), Audit<br />
Logging, S/MIME
272 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Operating Systems<br />
Industry Standards<br />
Web/Portals<br />
Prepackaged <strong>Integration</strong><br />
Solutions<br />
Business Rules<br />
>, Formulas Actions Conversion •'<br />
/ Name Value Fixed Length\<br />
| Message Transformation 1 j<br />
\ Object Streams Variable<br />
Table 9.2 {Continued)<br />
AIX, Compaq Tru64, IBM AS/400, IBM RS/<br />
6000 IBM-AIX 4.3.3 HP-UX 11, Linux, NT,<br />
OS/390, Solaris, Siemens-Nixdorf/Pyramid,<br />
Windows 2000<br />
XML, CXML, XOCP, XCBL, XI2, SWIFT,<br />
HL7, ASC X12, EDIFACT, ROSETTANET,<br />
XML DTD, XML SCHEMA, HTML, SOAP,<br />
SAP-IDOC, SAP-BDC, AL3, X409, ASTM,<br />
ASN.l, COM+, CORBA, EJB, JSP, SGML,<br />
JMS, XSLT<br />
Apache Web Server, ATG Dynamo, CGI<br />
Web Servers, DataChannel Portal Server,<br />
iPlanet Web Server, iPlanet Application<br />
Server, Microsoft IIS Web Server, IBM<br />
WebSphere<br />
Broadvision- SAP, Broadvision- Siebel,<br />
ONYX-SAP, ONYX-PeopleSoft, PeopleSoft-<br />
SAP, Siebel-SAP, Clarify, Baan, Oracle<br />
Applications, Portal, Remedy<br />
EDI ebXML BtzTalk\<br />
Standards 1 j<br />
, Swift cXML OASI5 X12<br />
<strong>Integration</strong><br />
Broker<br />
CUM Internal Accounting<br />
I !<br />
Applications<br />
. hRP SCM Legacy Fi<br />
• Sybase MS-Access Informix<br />
Databases<br />
is Oracle SQL Server Db2<br />
Figure 9.10. — <strong>Integration</strong> broker connectivity
9.5. Selecting an <strong>Integration</strong> Broker for<br />
Your Company<br />
<strong>Integration</strong> Brokers 273<br />
An integration broker forms the guts of any company's <strong>B2B</strong>i<br />
implementation as it sits right in the center of <strong>B2B</strong>i architecture<br />
with some serious responsibilities that include translating messages,<br />
applying business rules, making control decisions and providing scalable<br />
throughput. All the critical business applications of an enterprise are<br />
connected <strong>to</strong> the integration broker and any sort of downtime for it<br />
can have serious repercussions for a company's business. The right<br />
selection of integration broker can make or break a company's <strong>B2B</strong>i<br />
implementation since it decides how much cus<strong>to</strong>m coding is required<br />
in-house by the IT staff, how much the company will have <strong>to</strong> spend in<br />
buying cus<strong>to</strong>m adapters for applications, how flexible the solution will<br />
be and how the system will perform in a real world business scenario.<br />
All this will have a major impact on the return on investment (ROI) for<br />
the company.<br />
With so many integration brokers available commercially, companies<br />
have <strong>to</strong> face <strong>to</strong>ugh choices as far as their selection is concerned. Fac<strong>to</strong>rs<br />
such as sophistication of BPM <strong>to</strong>ol, availability of application adapters,<br />
messaging capabilities and scalability play a role in the selection process.<br />
All these fac<strong>to</strong>rs may have a different weight and order of importance<br />
in different companies.<br />
The provision of application adapters of an integration broker<br />
determines its horizontal adaptability within a company. The more the<br />
horizontal adaptability, the higher the number of application-<strong>to</strong>-application<br />
and peer-<strong>to</strong>-peer connections the broker can support. Consider only<br />
those integration brokers that provide adapters for your internal<br />
applications, otherwise true end-<strong>to</strong>-end connectivity cannot be achieved.<br />
For instance, if you have SAP as the ERP system, you should only<br />
consider integration brokers that offer an adapter for SAP.<br />
The provision for different types of middleware determines the<br />
vertical adaptability of an integration broker. Support for the key<br />
middleware technologies, especially the ones existing within your<br />
company is another important feature that you should consider before<br />
buying an integration broker.
274 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Another important fac<strong>to</strong>r <strong>to</strong> consider is the scalability of the<br />
integration broker. The performance of integration brokers under heavy<br />
load with a large number of concurrently connected users is a key<br />
fac<strong>to</strong>r in planning a development and deployment strategy. Based on<br />
your company's requirement, the integration broker should be able <strong>to</strong><br />
handle a few thousand message transactions per day <strong>to</strong> hundreds of<br />
thousands of message transactions per day without significantly affecting<br />
the performance, i.e., it should have a high throughput of messaging<br />
and processing and low latency.<br />
Furthermore, in <strong>B2B</strong> messaging applications exception handling is<br />
critical and a good integration broker should provide strong exception<br />
handling.<br />
Other external fac<strong>to</strong>rs specific <strong>to</strong> your company, such as the vertical<br />
industry you belong <strong>to</strong> and application domains with which you wish <strong>to</strong><br />
be integrated, also play a major role in the selection process.<br />
By considering these parameters, you will be able <strong>to</strong> select the<br />
product which best matches your requirements <strong>to</strong>day, as well as handling<br />
your future requirements.<br />
9.6. Leading <strong>Integration</strong> Brokers<br />
Here is a brief review of components and features of some of the<br />
leading integration brokers:<br />
9.6.1. Microsoft BizTalk Server Suite<br />
Microsoft's BizTalk initiative has three fundamental components: BizTalk<br />
Framework, BizTalk Server Suite and BizTalk Schema Library. BizTalk<br />
Framework is a platform-neutral e-<strong>commerce</strong> framework that is based<br />
on XML schemas and industry standards. BizTalk Server, a member of<br />
the Microsoft .NET enterprise server family, is Microsoft's flagship<br />
product, which enables internal (EAI) and external (<strong>B2B</strong>i) integration<br />
of enterprises. It includes a suite of <strong>to</strong>ols and services for visually<br />
designing, building and maintaining business processes and securely<br />
integrating applications, independent of their operating system,<br />
programming model, or programming language. BizTalk Library is a
<strong>Integration</strong> Brokers 275<br />
reposi<strong>to</strong>ry of published schemas submitted by participating companies<br />
that is maintained on the http://www.biztalk.org/ site. Through this site,<br />
the schema for any BizTalk message is universally accessible.<br />
Note: We have provided a detailed coverage on BizTalk Framework in<br />
the chapter on XML standards.<br />
BizTalk Server<br />
The BizTalk Server provides a development and execution environment<br />
that integrates loosely coupled, long-running business processes and<br />
applications both within and between companies. It acts as a standard<br />
gateway for sending and receiving documents across the Internet, as<br />
well as providing a range of services including BizTalk Orchestration<br />
Service and BizTalk Messaging Service that ensure data integrity,<br />
delivery, security and support for the BizTalk Framework and other key<br />
document formats.<br />
<strong>Integration</strong> of BizTalk Orchestration Services and BizTalk Messaging<br />
Services enables the secured and controlled exchange of documents and<br />
messages between trading partners and internal applications by using<br />
multiple transport services.<br />
BizTalk Messaging Services — The messaging services include sending,<br />
receiving, parsing and tracking documents; receipt generation and<br />
correlation; and data mapping, integrity and security.<br />
BizTalk Orchestration Services — The orchestration services enable the<br />
creation and orchestration of business processes that span time,<br />
organizations, applications and people. The services include the<br />
integration of long-running business processes with the applications that<br />
run those business processes. An executable business process file called<br />
an XLANG schedule provides the integration.<br />
An XLANG schedule is a business process implemented by<br />
connecting each step in the process <strong>to</strong> a technology component or<br />
service that executes the step. An XLANG schedule is then run by a<br />
service called the XLANG Scheduler Engine, which controls the<br />
instantiation, execution, dehydration and rehydration of an XLANG<br />
schedule, or multiple instances of one or more schedules.
276 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
The BizTalk Server Suite <strong>to</strong>olset includes two important modules:<br />
BizTalk Mapper and BizTalk Edi<strong>to</strong>r.<br />
BizTalk Mapper<br />
BizTalk Mapper is a <strong>to</strong>ol for creating maps, which define the<br />
correspondence between the records and fields in one specification and<br />
the records and fields in another specification (see Figure 9.11). A map<br />
contains an XSL style sheet that is used by the BizTalk Server at<br />
runtime <strong>to</strong> perform the transformation described in the map. The <strong>to</strong>ol<br />
enables the visual creation of maps by providing drag and drop<br />
functionality through which users can drag a connecting line from an<br />
element in the left window (source window) <strong>to</strong> the target element in the<br />
right window (target window).<br />
HH BizTalk Mapper - InvoiceToPayment.xm!<br />
pie Edit yiew Tools Help<br />
:16a -ilk-<br />
Figure 9.11. — BizTalk Mapper
BizTalk Edi<strong>to</strong>r<br />
<strong>Integration</strong> Brokers 277<br />
BizTalk Edi<strong>to</strong>r is a <strong>to</strong>ol for creating, editing and managing document<br />
specifications, which are based on industry standards (such as EDIFACT,<br />
X12 and XML) or on flat files (delimited, positional, or delimited and<br />
positional) (see Figure 9.12). Document specifications define a way <strong>to</strong><br />
translate between the document's original data format and the server's<br />
internal XML format. The specifications can be created based on a<br />
specified template, an existing schema or from scratch.<br />
This <strong>to</strong>ol can also be used for directly uploading BizTalk Framework<br />
compliant XML-schemas <strong>to</strong> BizTalk library through Web Distributed<br />
Authoring and Versioning (WebDAV — an extension <strong>to</strong> the HTTP 1.1<br />
standard that exposes a hierarchical file s<strong>to</strong>rage media, such as a file<br />
system, over an HTTP connection). The trading partners can then<br />
download and access this schema.<br />
IS Microsoft BizTalk Edi<strong>to</strong>r (PurchaseOrderRequest<strong>Guide</strong>line.xml)<br />
£7 File d Edit Jp View f "Tools*: Help<br />
DB0|-«tk..m y. £ d,, x l#l<br />
- \> Contactlnfo<br />
n ContactType<br />
1 ContactName<br />
*• ContactNumber<br />
- 11 Buyer<br />
- ;i Address<br />
U Name<br />
!>' Addressl<br />
• t Address2<br />
n City<br />
1 State<br />
»T PostalCode<br />
! i Country<br />
-i \:> Contactlnfo<br />
M ContactType<br />
i! ContactName<br />
' ContactNumber<br />
+l i i( InvoiceTermsOfSale<br />
-: j ii Item<br />
- ii>; ItemHeader<br />
ij LineNumber<br />
" Quantity<br />
•' Price<br />
H UnitOfMeasure<br />
"•• BuyerPart<br />
'•i VendorPart<br />
[ Declaration ^^^Namespacel<br />
Property I Value<br />
Required , Yes<br />
Start Position<br />
End Position<br />
Max Occurs | 0<br />
Min Occurs 1<br />
-<br />
278 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Trading<br />
Partners<br />
e*Xcharoe<br />
Partner Manager<br />
Partner Profiles<br />
<strong>B2B</strong> Pro<strong>to</strong>cols<br />
Audit Trail<br />
E-security<br />
e*Insight<br />
Partner Manager<br />
Model<br />
Moni<strong>to</strong>r<br />
Manage<br />
Optimize<br />
e*Index<br />
Paitnei' Manage)<br />
Au<strong>to</strong> Matching<br />
Cross Indexing<br />
Data Mgm t<br />
e*Gate Integra<strong>to</strong>r "<br />
Guaranteed Data Distributed Centralized<br />
Messaging Transform Deployment Management o<br />
t> a D<br />
ft<br />
m i S-<br />
Packaged Web/E-<strong>commerce</strong> Communications<br />
Application Application Pro<strong>to</strong>cols<br />
Legacy<br />
Systems<br />
Figure 9.13. — SeeBeyond e-Business integration suite<br />
9.6.2. SeeBeyond eBusiness <strong>Integration</strong> Suite<br />
Web & Portal<br />
Connectivity<br />
SeeBeyond's integration solution is based on message bus architecture.<br />
The SeeBeyond eBusiness <strong>Integration</strong> Suite consists of the following<br />
components (see Figure 9.13):<br />
e*Gate Integra<strong>to</strong>r — an integration platform based on component-based<br />
network centric bus.<br />
e*Xchange Partner Manager — a <strong>to</strong>ol for trading partner relationship<br />
management that speeds up the whole process of new partner creation,<br />
maintenance of existing partner relationship and profile management for<br />
personalization. It offers secured connectivity for a wide range of<br />
communication pro<strong>to</strong>cols.<br />
e*Index — enables the identification of unique cus<strong>to</strong>mers across all<br />
internal disparate applications. It enables the sharing of cus<strong>to</strong>mer data<br />
across all applications by creating a cross-index of a local identifier<br />
assigned by each application <strong>to</strong> the same cus<strong>to</strong>mer.<br />
e*Insight Business Process Manager — a BPM solution bundled with<br />
the integration suite, which enables design, execution and real-time<br />
moni<strong>to</strong>ring of a company's internal and external business processes. It<br />
also includes a decent reporting <strong>to</strong>ol.
Hading<br />
Partner<br />
' Enterprise<br />
Systems<br />
ERP<br />
System<br />
CRM<br />
System<br />
Mairfram 3<br />
Apt*<br />
Database<br />
JT<br />
ERP<br />
System<br />
£<br />
P<br />
webMethods BZB<br />
Integra<strong>to</strong>r<br />
(Build, Mirage, Publish)<br />
T<br />
webMethods <strong>B2B</strong> Sa ver<br />
KP<br />
Mainftame<br />
Apps<br />
Database<br />
CRM<br />
Future<br />
wAMahodsHZB Core Sendees<br />
Alapte-s<br />
6<strong>to</strong>bat2tI» : CoODany<br />
Process<br />
Manager<br />
Business<br />
Logic<br />
• Loggng/<br />
Reporting<br />
• Routing<br />
• Processing<br />
• Validation<br />
IF IF IF IF<br />
Mairfram e<br />
Apps<br />
<strong>Integration</strong> Brokers 279<br />
Core Services<br />
If IF<br />
webMethods<br />
BZB<br />
Figure 9.14. — webMethods <strong>B2B</strong> platform<br />
9.6.3. webMethods <strong>B2B</strong> platform<br />
webMethods<br />
Enterprise<br />
Internet<br />
1><br />
HTML 6, XML<br />
VUebSite<br />
webMethods integration solution (see Figure 9.14) contains adapters for<br />
several leading applications, such as Baan, Oracle, PeopleSoft, SAP,<br />
Siebel and i2. The <strong>B2B</strong> solution consists of two main components<br />
which work <strong>to</strong>gether <strong>to</strong> create and execute service calls between business<br />
applications in use throughout the integrated network.<br />
webMethods <strong>B2B</strong> Integra<strong>to</strong>r — a user-friendly, graphical environment<br />
that allows the users <strong>to</strong> visually design, define, maintain and administer<br />
<strong>B2B</strong> services, business processes, workflows and data transformations.<br />
A neat feature of this <strong>to</strong>ol is the ability <strong>to</strong> do integrated testing with the<br />
<strong>B2B</strong> server.<br />
webMethods <strong>B2B</strong> Server — an integration server that provides an<br />
environment for executing processes and services as defined by the users.<br />
It enables <strong>B2B</strong>i through secured flow of information between companies,<br />
their trading partners and trading networks. The server also supports<br />
several data formats, communication pro<strong>to</strong>cols, platforms and standards.
280 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
WEBMETHODS AT WORK WITH JUNIPER NETWORKS<br />
Introduction<br />
Juniper Networks is a perfect example of medium size companies<br />
using the Internet and becoming an e-business <strong>to</strong> compete effectively<br />
against larger competi<strong>to</strong>rs. In order <strong>to</strong> go head-<strong>to</strong>-head with its<br />
powerful rivals, Juniper Networks needed business-<strong>to</strong>-business (<strong>B2B</strong>),<br />
business-<strong>to</strong>-consumer (B2C) and EAI capabilities, <strong>to</strong> create a realtime,<br />
'continuous <strong>commerce</strong>' environment. To build this competitive<br />
advantage, Juniper selected the webMethods <strong>B2B</strong>i solution suite, a<br />
comprehensive offering that enables business integration within the<br />
enterprise and externally with trading partners.<br />
Matching a Competi<strong>to</strong>r's Capabilities<br />
Juniper Networks designs, develops and markets a new class of<br />
integrated silicon- and software-based routing systems for wide-area<br />
network (WAN) solutions. The company's Internet backbone routers<br />
enable Internet service providers and other telecom service providers<br />
<strong>to</strong> meet the demands of the rapidly growing Internet. For long-term<br />
success, however, Juniper must continue <strong>to</strong> offer its cus<strong>to</strong>mers not<br />
only superior products, but also e-business capabilities that match or<br />
exceed those of key competi<strong>to</strong>rs.<br />
In formulating its e-business strategy, Juniper established several<br />
goals. They included creating a reliable, scalable, secure system of<br />
integrated applications; ensuring rapid deployment that leverages their<br />
Internet pro<strong>to</strong>col infrastructure; matching the capabilities of their<br />
competi<strong>to</strong>r's cus<strong>to</strong>mer-facing applications; and eliminating batch<br />
processing of information in favor of real-time processing <strong>to</strong> increase<br />
responsiveness <strong>to</strong> cus<strong>to</strong>mers.<br />
But several obstacles s<strong>to</strong>od in the way of Juniper reaching its<br />
goals. Common data between applications was not synchronized and<br />
there was no method for building a multi-step business process that<br />
would span the company's mission-critical applications. Those<br />
applications include QAD for order management and distribution,<br />
Clarify for cus<strong>to</strong>mer service, Selectica for product configuration, a<br />
Continue on page 281
<strong>Integration</strong> Brokers 281<br />
Continued from page 280<br />
cus<strong>to</strong>m Java servlet application for quoting and enCommerce for<br />
Web cus<strong>to</strong>mer authentication.<br />
In addition, Juniper works with numerous contract manufacturers<br />
<strong>to</strong> produce products and components, so it required a way <strong>to</strong> link its<br />
internal business processes with critical trading partners. In particular,<br />
Juniper needed <strong>to</strong> improve its Available-<strong>to</strong>-Promise (ATP) application<br />
<strong>to</strong> streamline the Purchase Order/Change Order process and ensure<br />
immediate answers for cus<strong>to</strong>mers about product availability and order<br />
fulfillment. In the past, this manual ATP process — which required a<br />
significant amount of back-and-forth communication as well as<br />
duplicate data entry — could take anywhere from three days <strong>to</strong> a<br />
week <strong>to</strong> complete.<br />
Integrating Internal Applications for e-Business<br />
After evaluating a range of potential solutions <strong>to</strong> integrate its internal<br />
business processes, Juniper selected a combination of webMethods<br />
Enterprise as its EAI solution and webMethods <strong>B2B</strong> <strong>to</strong> handle<br />
transactions with trading partners beyond the firewall.<br />
webMethods Enterprise was selected by Juniper for a variety of<br />
reasons:<br />
• To provide a flexible, scalable platform for its network <strong>commerce</strong><br />
initiative;<br />
• To provide a fast return on investment and very rapid<br />
implementation;<br />
• To solve the problems of synchronizing data between applications<br />
and building and au<strong>to</strong>mating multi-step, cross-application business<br />
processes; and<br />
• To keep pace with the rapid change in the e-business marketplace.<br />
With webMethods Enterprise, they could easily integrate new bes<strong>to</strong>f-class<br />
applications as they emerge. The architecture enabled<br />
them <strong>to</strong> swap applications they were currently using for better<br />
ones or add new applications — all without the time-consuming<br />
work of rewriting point-<strong>to</strong>-point interfaces.<br />
Continue on page 282
282 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Delivering the Benefits of Continuous Commerce<br />
Continued from page 281<br />
With webMethods Enterprise as its hub, the Juniper e-business system<br />
is already having a positive effect on the company's results. Juniper<br />
now updates, in real-time, a wide range of information cus<strong>to</strong>mers can<br />
view over the Web, including cus<strong>to</strong>mer discounts, promotions, quotes,<br />
quote-<strong>to</strong>-order status and shipment-<strong>to</strong>-order status.<br />
As the central control point, the vast majority of business created<br />
by Juniper <strong>to</strong>uches the webMethods Enterprise system. The revenues<br />
have tripled since the system became operational, even though no<br />
employees have been added <strong>to</strong> its order administration staff. Cus<strong>to</strong>mers<br />
enter information via the Web and that information immediately<br />
becomes available throughout the company. The process is very<br />
efficient and has eliminated the costly, time-consuming and separate<br />
forecast processes for sales, finance and manufacturing.<br />
Au<strong>to</strong>mating the <strong>B2B</strong> Supply Chain Allows Real-Time ATP<br />
Juniper also enhanced its e-business initiative by integrating trading<br />
partners within its supply chain. The company carries on a virtual<br />
manufacturing operation, outsourcing its manufacturing <strong>to</strong> vendors,<br />
whose information systems can now be linked directly with Juniper's<br />
via webMethods <strong>B2B</strong> for RosettaNet. Using the webMethods solution<br />
(see Figure 9.15), Juniper was able <strong>to</strong> capitalize quickly on standard<br />
Soicetron Trading Partner<br />
(Manufacturing Using webMethods<br />
System) B2 B for Rosetta Net<br />
|§f B|<br />
Cus<strong>to</strong>mer<br />
Selectica<br />
(Product<br />
Configura<strong>to</strong>r)<br />
webMethods<br />
<strong>B2B</strong> for Portals<br />
Nebs cape «ut Enterprise<br />
(Web Server)<br />
JUNIPER NETWORKS<br />
Figure 9.15. — webMethods at work with Juniper networks<br />
Clarify<br />
(Support)<br />
H<br />
|<br />
(Financial<br />
System)<br />
Continue on page 283
<strong>Integration</strong> Brokers 283<br />
Continued from page 282<br />
RosettaNet Partner Interface Processes (PIPs) for Quote and Order<br />
Entry.<br />
The webMethods solution integrates Juniper's applications and<br />
au<strong>to</strong>mates cross-application business processes both inside and outside<br />
their enterprise, enabling the company's highly advanced eBusiness<br />
operation <strong>to</strong> compete efficiently with larger competi<strong>to</strong>rs.<br />
Juniper anticipates its integrated eBusiness will reduce IT costs<br />
year after year by an amount equal <strong>to</strong> approximately 2% of the<br />
company's revenues. The system is also creating satisfied cus<strong>to</strong>mers;<br />
Juniper consistently receives a rating of 4.5 out of a possible 5 in<br />
cus<strong>to</strong>mer satisfaction — the highest rating of any company in its<br />
industry.<br />
Juniper's webMethods solution includes the following products:<br />
• webMethods Enterprise;<br />
• webMethods Enterprise Adapters: Oracle, ODBC, Clarify, Java<br />
Agent;<br />
• webMethods <strong>B2B</strong> for Portals; and<br />
• webMethods <strong>B2B</strong> for RosettaNet.<br />
Source: Condensed from Juniper Networks Finds Easy <strong>Integration</strong> with Webmethods,<br />
ScreamingMedia, Serverworld<br />
9.6.4. BEA WebLogic integration<br />
WebLogic <strong>Integration</strong> provides a single, enterprise-class platform that<br />
supports all the leading development languages, communication pro<strong>to</strong>cols<br />
and standards, including Java and J2EE (Java 2 Enterprise Edition) (see<br />
Figure 9.15). It also supports leading <strong>B2B</strong> pro<strong>to</strong>cols, including<br />
RosettaNet, cXML (Commerce Extensible Markup Language) and XOCP<br />
(Extensible Open Collaboration Pro<strong>to</strong>col).<br />
BEA WebLogic <strong>Integration</strong> consists of four key functional areas:<br />
Application Server — a J2EE-based application server, which provides<br />
infrastructure, functional capabilities and underlying services, including
284 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Cus<strong>to</strong>mers Partners<br />
O<br />
Cus<strong>to</strong>m Applications<br />
Suppliers<br />
0<br />
FIREWALL<br />
¥ T<br />
Employees<br />
fl<br />
If<br />
Third-party Applications!<br />
Enterprise<br />
Application<br />
i> ER.P CRM<br />
Business web services BEA WebLogic <strong>Integration</strong> <br />
SCM Cus<strong>to</strong>m<br />
•M-V<br />
Simple Web Services<br />
HR. Legacy<br />
BEA WebLogic Server<br />
Figure 9.16. — BEA WebLogic <strong>Integration</strong> platform<br />
security, fault-<strong>to</strong>lerance, messaging and transactions for enterprise-wide<br />
Web and wireless applications. It enables the creation of simple Web<br />
services based on point-<strong>to</strong>-point connectivity and messaging.<br />
Application <strong>Integration</strong> — a solution based on the J2EE Connec<strong>to</strong>r<br />
Architecture (J2EE CA). It enables organizations <strong>to</strong> add and integrate<br />
new applications with other enterprise-wide applications such as SAP<br />
R/3, Siebel and PeopleSoft quickly.<br />
Business Process Management — a component that adds BPM<br />
functionality <strong>to</strong> the integration solution. It integrates business processes<br />
involving systems, applications and human decision-makers.<br />
<strong>B2B</strong> <strong>Integration</strong> — a functional area in WebLogic <strong>Integration</strong> that<br />
enables rapid connectivity with business partners and provides a highly<br />
process-oriented, secured environment <strong>to</strong> manage <strong>B2B</strong> interactions. At<br />
the core of this component are Web services. <strong>B2B</strong> <strong>Integration</strong> is built<br />
upon and significantly enhances the simple Web services supported by<br />
the WebLogic Server core.
9.6.5. ROI on integration brokers<br />
<strong>Integration</strong> Brokers 285<br />
<strong>Integration</strong> brokers have a very high price attached <strong>to</strong> them. The actual<br />
implementation of an integration broker in a company can range from a<br />
minimum of $350,000 <strong>to</strong> millions of dollars. Companies have <strong>to</strong> be<br />
extremely conscious about having at least a rough estimate on their ROI.<br />
An ideal integration broker solution maximizes the ROI by providing<br />
technology independence and leveraging existing infrastructure, which<br />
enables existing applications <strong>to</strong> continue <strong>to</strong> operate unchanged. In<br />
addition, it enables mission-critical communications that gracefully handle<br />
network and application failure and connect packaged applications with<br />
legacy systems and databases.<br />
<strong>Integration</strong> brokers reduce the cost of maintaining application integration<br />
solutions by imposing a structure on the integration development process.<br />
Without integration brokers, a small change in an existing application can<br />
cause a rippling effect on each individual interface that connects it <strong>to</strong><br />
only a single application. But, with an integration broker, only a single<br />
interface that connects the application <strong>to</strong> the broker needs <strong>to</strong> be changed.<br />
<strong>Integration</strong> brokers also significantly reduce the cost of in-house<br />
cus<strong>to</strong>m coding required <strong>to</strong> integrate applications, as it provides prebuilt,<br />
pre-configured adapters for applications. According <strong>to</strong> the Gartner<br />
Group, when implemented well and managed effectively, integration<br />
brokers reduce the amount of time (and money) required <strong>to</strong> develop<br />
interfaces between applications by as much as 25 percent (i.e., for<br />
simple interfaces) <strong>to</strong> 43 percent (i.e., for complex interfaces).<br />
There is a direct relationship of cost savings and the complexity and<br />
heterogeneity existing within an enterprise prior <strong>to</strong> the implementation<br />
of an integration broker enabled <strong>B2B</strong>i. Enterprises with more diverse<br />
computing environments, platforms, systems and applications realize<br />
the cost savings and reduction in development efforts quickly.<br />
The <strong>to</strong>tal cost savings <strong>to</strong> a company will increase with the time that<br />
it has deployed an integration broker.<br />
9.7. Conclusion<br />
<strong>Integration</strong> brokers have emerged as a bridge between heterogeneous<br />
applications and systems that enable sharing of an organization's
286 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
information across part or all of the extended enterprise. <strong>Integration</strong><br />
brokers perform the tasks of interfacing (extract the data in and out of<br />
applications), transforming (convert the semantic information of the<br />
data before passing it on other applications), distributing (move the data<br />
between applications), routing (send the data <strong>to</strong> the appropriate receiver),<br />
managing (create the workflows for business processes) and s<strong>to</strong>ring<br />
(s<strong>to</strong>re the data/messages in a message warehouse).<br />
<strong>Integration</strong> brokers substantially reduce the time and effort required<br />
<strong>to</strong> implement and maintain new application interfaces. They allow<br />
enterprises <strong>to</strong> leverage a single platform and reusable components across<br />
multiple applications.<br />
Several vendors offer integration broker platforms. Although there<br />
are similarities in their products, there also some significant differences.<br />
Companies have <strong>to</strong> carefully choose which product best suits their<br />
current IT infrastructure and internal and external integration goals,<br />
both short-term and long-term.
Chapter *| Q<br />
Internet Security<br />
The focus of this chapter<br />
<strong>B2B</strong> integration involves significant security risks, as it involves the use<br />
of the Internet for conducting business. Security and privacy controls<br />
are becoming manda<strong>to</strong>ry before access <strong>to</strong> participation in huge <strong>B2B</strong>i<br />
implementations.<br />
In this chapter, you will learn about the fundamentals of Internet<br />
security, different security risks involved in <strong>B2B</strong> integration and comprehensive<br />
solutions <strong>to</strong> mitigate them. We have also discussed how<br />
organizations can shield themselves from the outside world and make<br />
secure transactions involving payments over the Internet.<br />
287
288 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
10.1. Internet Security (E-Security) Critical<br />
for <strong>B2B</strong>i<br />
The Internet has revolutionized the ways in which companies do business.<br />
<strong>B2B</strong> e-<strong>commerce</strong> is undeniably efficient, inexpensive and flexible. However,<br />
it is vulnerable <strong>to</strong> a range of security risks. As <strong>B2B</strong> e-<strong>commerce</strong><br />
becomes more widespread, security tends <strong>to</strong> be critical in achieving<br />
seamless communications between trading partners. It is not just a<br />
requirement, but in fact the foundation on which <strong>B2B</strong>i will be built.<br />
Information recorded electronically and available on networked<br />
computers is more risk-prone than if the same information is printed on<br />
paper and locked in a filing cabinet. Intruders do not need <strong>to</strong> be<br />
physically present at that location and may not even be in the same<br />
country or continent. They can silently steal or tamper with electronic<br />
files and hide evidence of their unauthorized activity.<br />
A recent study on Internet Security, conducted by the Datamoni<strong>to</strong>r<br />
Group, has found that companies have a very low awareness of the<br />
need for e-security. Over 50 per cent of businesses spend 5% or less of<br />
their IT budget on security technology, with just a mere 10% spending<br />
over 20% of their IT budget on security. So, the fact is that many<br />
companies will experience a major loss due <strong>to</strong> lax security.<br />
Neglecting adequate security measures in <strong>B2B</strong>i applications, which<br />
exposes a company's network <strong>to</strong> cus<strong>to</strong>mers and partners, may land a<br />
company in hot water. In a <strong>B2B</strong>i environment, even simple mistakes<br />
could lead <strong>to</strong> leakage of data that no trading partner would ever<br />
<strong>to</strong>lerate. Consider a scenario where a mistake or wrong configuration<br />
in a company's systems causes confidential pricing agreements or<br />
cus<strong>to</strong>mized catalog data sent by a supplier <strong>to</strong> leak out. The supplier's<br />
other cus<strong>to</strong>mers may cry foul, ending their business relationships with<br />
the supplier al<strong>to</strong>gether. The erring company may have <strong>to</strong> bear the<br />
liability and make up the difference in sales.<br />
Thus, a company participating in <strong>B2B</strong>i has <strong>to</strong> convince its trading<br />
partners that it can be trusted with their data. It has <strong>to</strong> continuously<br />
detect, correct and eliminate risks <strong>to</strong> mission-critical <strong>B2B</strong> systems and<br />
data. In fact, security and privacy controls are becoming manda<strong>to</strong>ry<br />
before access <strong>to</strong> participation in huge <strong>B2B</strong>i implementations.
Internet Security 289<br />
10.2. <strong>B2B</strong>i — Makes a Company Highly Vulnerable<br />
<strong>to</strong> Security Risks<br />
At the core of <strong>B2B</strong>i is communication — the real-time exchange of<br />
sensitive corporate data among trading partners. If the security within a<br />
company is not good enough, it not only risks exposure of its data but<br />
also that of its trading partners.<br />
Below are some key reasons that make <strong>B2B</strong>i considerably vulnerable<br />
<strong>to</strong> security risks:<br />
10.2.1. Complex nature of applications<br />
<strong>B2B</strong>i involves a variety of applications and software components. A<br />
typical system consists of cus<strong>to</strong>m-developed applications, off-the-shelf<br />
components and vendor- provided components, all integrated <strong>to</strong>gether.<br />
It is very difficult <strong>to</strong> evaluate each component's robustness from a<br />
security point of view and there may be potential weak points that go<br />
unnoticed.<br />
10.2.2. Anonymous relationships in<br />
<strong>B2B</strong> e-<strong>commerce</strong><br />
Anonymity, a key characteristic of <strong>B2B</strong> e-<strong>commerce</strong>, poses a high<br />
security threat <strong>to</strong> online transactions. Given the dynamic nature of<br />
relationships in <strong>B2B</strong> e-<strong>commerce</strong>, a company may deal with several<br />
kinds of trading partners, and some of them will not even be known<br />
beforehand. This greatly increases the risk of impos<strong>to</strong>rs, posing as<br />
trading partners, trying <strong>to</strong> sneak in<strong>to</strong> the company's corporate networks.<br />
10.2.3. Software undergoing frequent change<br />
Due <strong>to</strong> the large number of applications involved in a typical <strong>B2B</strong>i<br />
environment, the amount and frequency of adjustments that have <strong>to</strong> be<br />
made <strong>to</strong> the whole system is considerably high. This increases the risk<br />
of potential bugs introduced in<strong>to</strong> the system.
290 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
10.2.4. Human fac<strong>to</strong>r involved<br />
Applications supporting <strong>B2B</strong>i are accessible <strong>to</strong> many people, from the<br />
cus<strong>to</strong>mer service representatives at the call center <strong>to</strong> sales executives<br />
equipped with wireless lap<strong>to</strong>ps and, hence, chances of someone<br />
accidentally or intentionally creating a security breach are higher.<br />
10.3. Employees and Other Insiders Pose the<br />
Biggest Threat<br />
Companies do not have <strong>to</strong> look <strong>to</strong>o far <strong>to</strong> identify the biggest threat <strong>to</strong><br />
their e-security. It is right within their organization, in front of their<br />
% of respondents experiencing<br />
these breaches in the past 12 months<br />
0% 10% 20% 30% 40% 50% 60% 70% 80%<br />
Installation/use of unauthorised S/W<br />
Infection of company equipment via viruses/<br />
malicious code/executables<br />
(deliberate or accidental)<br />
•••••••••^••••••i 63%<br />
Use of company computing resources for<br />
illegal or illicit communi cation or activities<br />
(Porn surfing, e-mail harassment)<br />
•lllliMllfMtiPI¥TffWIP"«'«"'' 58%<br />
Abuse of computer access control<br />
l^^MM^BMMMMIilMllMiiM— 54%<br />
Installation/use of unauthorized<br />
hardware peripherals<br />
Use of company computing resources for<br />
personal profit (gamblling, spam, managing<br />
personal e-<strong>commerce</strong> site, online investing)<br />
3aHHRHWttK 42%<br />
Physical theft, sabotage or Intentional<br />
destruction of computing equipment Unsure<br />
24% 35%<br />
Electronic theft, sabotage or intentional<br />
destruction/disclosure of proprietary<br />
data or information<br />
13%<br />
Fraud<br />
Were these breaches<br />
deliberate or accidental?<br />
70%<br />
Deliberate<br />
17%<br />
Accidental<br />
48%<br />
Source: Information Security, September 2000 Issue, Survey 2000<br />
Figure 10.1. — Insider breaches<br />
76%
Internet Security 291<br />
own eyes — it is the staff and insiders (see Figure 10.1). Electronic<br />
sabotage, theft and disclosure of proprietary knowledge by insiders are<br />
growing at an overall rate of a whopping 41% per annum.<br />
10.4. E-Security Strategy<br />
E-security strategy should be an integral part of a company's overall<br />
<strong>B2B</strong>i strategy. If a company wants <strong>to</strong> participate in <strong>B2B</strong>i, it will have <strong>to</strong><br />
forgo the old strategy of completely hiding the data if it cannot be<br />
protected. The new strategy calls for the implementation of a security<br />
solution that enables enterprises <strong>to</strong> deliver secure e-business solutions and<br />
personalized access management by controlling access <strong>to</strong> applications,<br />
resources and data. It should give them the ability <strong>to</strong> extend their<br />
internal systems <strong>to</strong> their business partners without quickly and easily<br />
compromising on security or performance; incorporate the right selection,<br />
configuration and use of security products and their integration with<br />
legacy systems; and establish dynamic security policies. As a part of<br />
their e-security strategy, companies have <strong>to</strong>:<br />
• Determine critical assets such as corporate networks, devices,<br />
applications and data;<br />
• Evaluate the potential security threats in the <strong>B2B</strong> environment;<br />
• Secure the assets by properly selecting and deploying a right security<br />
solution, which provides a high return on investment while scaling <strong>to</strong><br />
their security needs; and<br />
• Evolve the security solution by constantly reviewing the business<br />
environment, <strong>B2B</strong>i goals, current threats and the latest technological<br />
changes.<br />
10.5. Basic Security Services in <strong>B2B</strong>i<br />
E-security, in light of <strong>B2B</strong>i, is about protecting an enterprise, while<br />
extending the business information and data <strong>to</strong> cross-enterprise<br />
applications and systems. In <strong>B2B</strong>i, the focus is on building trusted<br />
relationships with trading partners, and the importance of maintaining<br />
this trust cannot be over-emphasized. Whenever data communication
292 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
takes place between different companies, there is some risk involved.<br />
The major concerns are:<br />
• Someone may intercept the message and breach its privacy;<br />
• Someone may impersonate a company and send a message under its<br />
name and signature;<br />
• Someone may change the contents of the message in transit; and<br />
• The sending company may, later on, deny having sent the message.<br />
To reduce these risks, the following security services must be ensured<br />
during <strong>B2B</strong> communication:<br />
• Confidentiality — assurance that the message is private and its contents<br />
have not been disclosed <strong>to</strong> the outside world;<br />
• Authentication — proof that the message was indeed sent by the<br />
company with whom communication was taking place;<br />
• Integrity — complete assurance that the message was not tampered<br />
with or accidentally altered during transit; and<br />
• Non-repudiation — the message must be binding on the sending<br />
company so that it cannot deny having sent it at a later point.<br />
Failure in ensuring any of the above features will result in the whole<br />
transaction being compromised and ultimately undermine the confidence<br />
of businesses and consumers in <strong>B2B</strong>i technology.<br />
10.5.1. The strength of the chain is as strong as its<br />
weakest link<br />
Besides securing the data transaction, i.e., the data while it passes from<br />
one enterprise <strong>to</strong> the other, the data must be secure at the end-points as<br />
well. To elaborate further, the data resides in the sending company on<br />
some physical system, maybe its Web server, or some other server.<br />
Also, when the receiving company gets the data, it s<strong>to</strong>res it in some<br />
physical location. Unless strict measures are taken, this data can fall<br />
in<strong>to</strong> unauthorized hands, by someone breaking in<strong>to</strong> the internal LAN of<br />
either company, through the Web server or through the operating system.<br />
Therefore, each aspect of the system must be equally secured. There is
Internet Security 293<br />
no point in securing just the communication channel, if the intruders are<br />
able <strong>to</strong> access the information by breaking in<strong>to</strong> internal systems of the<br />
company.<br />
10.6. Key Concepts in E-Security Solutions<br />
Some key technologies that have emerged as the foundation of<br />
e-security are: cryp<strong>to</strong>graphy, digital signatures/certificates and firewalls.<br />
In this section, we will take a closer look at these technologies and<br />
understand the role played by each in creating a secure environment for<br />
an enterprise.<br />
10.6.1. Cryp<strong>to</strong>graphy<br />
Cryp<strong>to</strong>graphy, also called encryption, protects the privacy of sensitive<br />
information being transmitted over the Internet. It ensures that the<br />
information is not intelligible if it falls in<strong>to</strong> the wrong hands. While<br />
cryp<strong>to</strong>graphy has been in existence since ancient times, its level of<br />
sophistication has increased, commensurate with the increase in risks.<br />
Today's cryp<strong>to</strong>graphy uses sophisticated mathematical formulas and<br />
computer algorithms.<br />
The main elements of cryp<strong>to</strong>graphy are:<br />
• Original Text — the precise contents of the message;<br />
• Cipher Text — the form in which the message appears after being<br />
encrypted. This is not humanly readable;<br />
• Encryption Algorithm — the algorithm or mathematical formula used<br />
<strong>to</strong> convert the original message in<strong>to</strong> cipher text; and<br />
• Key — the element used <strong>to</strong> encrypt and decrypt the message. Every<br />
encryption algorithm makes use of a key. Depending on the key used,<br />
the same algorithm will produce different cipher text for the same<br />
message contents.<br />
Encryption is done <strong>to</strong> secure not only text, but also video, sound,<br />
etc. — any form of communication across the Internet.
294 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Secret<br />
Secret<br />
Message Encryption<br />
with<br />
Company A Private Key<br />
Decryption<br />
with<br />
Private Key<br />
Message<br />
Company —J B<br />
Figure 10.2. — Private key encryption<br />
10.6.2. Private key encryption<br />
Private key encryption, also called symmetrical encryption, was the<br />
simplest way the encrypted messages were sent in the earlier times. It<br />
used the same unique code called single key or private key for encrypting<br />
as well as decrypting the messages.<br />
Consider a scenario in which Company A wants <strong>to</strong> send Company B<br />
a secret message (see Figure 10.2). If a single private key is used,<br />
• Company A informs Company B about its private key.<br />
• Company A encrypts the message with its private key and sends the<br />
message across.<br />
• Company B makes use of the private key (sent over earlier) <strong>to</strong><br />
decrypt the message.<br />
This encryption method has several obvious limitations. Firstly,<br />
there has <strong>to</strong> be some secure way by which Company A will initially<br />
communicate the private key <strong>to</strong> Company B. If an outsider gets hold<br />
of this private key, the entire communication will be compromised.<br />
Secondly, Company A becomes completely vulnerable <strong>to</strong> Company B<br />
and if Company B wishes it can use this private key <strong>to</strong> impersonate<br />
Company A. Finally, this method is not suitable for multi-party communication—<br />
for example a <strong>B2B</strong> exchange may be communicating<br />
with hundreds of companies for which it will have <strong>to</strong> distribute the<br />
private key <strong>to</strong> all the companies; and as the number of companies<br />
increases, it can be compromised easily.<br />
The most commonly used private key encryption algorithms are RC2<br />
(40 bit encryption) and RC4 (128 bit encryption). Both of these were<br />
invented by RSA Data Security. 56-bit DES is another algorithm that is<br />
primarily used for unclassified government documents.
10.6.3. Public key encryption<br />
Internet Security 295<br />
To overcome the drawbacks of private key encryption, a new algorithm,<br />
called public key encryption, was invented by Whitfield Diffie and<br />
Martin Hellman in 1976.<br />
Public key encryption or asymmetrical encryption uses two keys:<br />
• One is called the private key, which is held by only one party; and<br />
• The other is called the public key, which is available <strong>to</strong> the outside<br />
world.<br />
These keys complement each other like a mechanical lock and key.<br />
The message is encrypted with the public key and can be unlocked or<br />
decrypted only with the private key. Any company, like Company A,<br />
wishing <strong>to</strong> communicate with Company B can encrypt the message with<br />
Company B's public key and send it across (see Figure 10.3). Thus, the<br />
two companies do not have <strong>to</strong> agree upon a key in advance. Since the<br />
decryption can be done only with the private key, which is known only<br />
<strong>to</strong> Company B, even if the message is intercepted, the intercep<strong>to</strong>r will<br />
not be able <strong>to</strong> comprehend the message. Thus, the message always<br />
remains protected using public key encryption.<br />
Public key encryption comes with its own share of drawbacks; speed<br />
being the most critical. The keys used are much longer than symmetric<br />
encryption, hence encryption overhead is much higher and performance<br />
decreased.<br />
Among the most popular algorithms available for public key<br />
encryption is RSA, created by RSA Data Security, which uses key<br />
lengths from 512 <strong>to</strong> 1024 bits.<br />
Secret<br />
Message<br />
„ f<br />
Encryption<br />
«iith<br />
Company A Public Key<br />
of Gompany B<br />
Decryption<br />
with<br />
Figure 10.3. — Public key encryption<br />
Secret<br />
Message<br />
_ p<br />
Private Key company B<br />
of Company B
296 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Session Key<br />
^<br />
Secret<br />
Message Encryption<br />
t) with<br />
CompanYA Session Key<br />
Figure 10.4.<br />
*ds-~ y<br />
Cipher<br />
Text Decryption<br />
with<br />
Secret<br />
Message<br />
Session Key Company B<br />
Digital envelope<br />
10.6.4. Best of both worlds — The digital envelope<br />
By combining private and public key encryption, we get best of both<br />
worlds, the digital envelope.<br />
Consider again a case of Company A wanting <strong>to</strong> communicate with<br />
Company B. Company A generates a random private key for the<br />
communication session. This random private key is called a session key<br />
since it will be used only for this particular session. The session key is<br />
encrypted with the public key of Company B and sent <strong>to</strong> it. Company B<br />
gets the session key securely, using its private key <strong>to</strong> understand the<br />
message. Figuratively, the session key is sent in a secure envelope<br />
formed by public key encryption (see Figure 10.4).<br />
Once the session key is established between the two companies, the<br />
subsequent communication, based on private key encryption, can be<br />
made using the session key on both sides. This part of communication<br />
is much faster due <strong>to</strong> decreased overhead.<br />
Using a digital envelope, the same level of privacy is achieved as<br />
public key encryption with better performance of the application.<br />
10.6.5. Digital signature<br />
Digital signature is the electronic equivalent of a pen-and-paper signature<br />
and is used for authenticating the sender of the message. It provides<br />
a means by which information cannot be repudiated by binding
Internet Security 297<br />
communication <strong>to</strong> the person who signed it. It also guarantees that the<br />
message was not modified since it left the sender. Digital signatures<br />
rely on public key systems.<br />
Creating a digital signature<br />
A digital signature is typically created using what is known as a hash<br />
function. A hash function is an algorithm that maps values from a large<br />
domain in<strong>to</strong> a much smaller range. In other words, if we have a typical<br />
message, which consists of many thousands of bits, the hash algorithm<br />
can produce a 'digest' of it, which would be about a hundred bits in<br />
length. Also, it would ensure that even if one bit is changed in the<br />
message, the digest produced would be different. This 'message digest'<br />
is encrypted using the sender's private key (usually RSA encryption)<br />
and the result is called the digital signature (see Figure 10.5).<br />
The digital signature is attached <strong>to</strong> the message file and the combined<br />
message is encrypted with the receiver's public key (see Figure 10.6).<br />
Receiver's<br />
Public Key<br />
Message<br />
Hash<br />
Function<br />
Message<br />
PMWMS?<br />
Sender's Private<br />
Key<br />
Message<br />
Digest<br />
Digital<br />
Signature<br />
Figure 10.5. — Creating a digital signature<br />
Digital<br />
Signature<br />
Signed and<br />
Encrypted<br />
Secured Message<br />
Figure 10.6.<br />
signature<br />
Encryption using digital
298 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
When the receiver gets the message, it performs the following<br />
actions:<br />
1. It decrypts the message using its private key (see Figure 10.7). Now<br />
what it sees is the digital signature and the original message file.<br />
2. It re-computes the 'digest' from the original file, using the same hash<br />
algorithm.<br />
3. It decrypts the digital signature using the sender's public key.<br />
4. It then compares the decrypted digital signature with the digest that it<br />
just computed.<br />
5. If the two are exactly the same, the receiver is assured that the<br />
message was not changed en route and also that the sender's identity<br />
is proved (as the sender's private key was involved in the process;<br />
see Figure 10.8).<br />
Receiver's<br />
Private Key<br />
Secured Message<br />
Received<br />
Message<br />
Digital<br />
Signature<br />
Figure 10.7. — Decryption using digital signature<br />
Hash<br />
Function Sender's Public<br />
Key<br />
Message<br />
Digital<br />
+ Signature<br />
Message Message<br />
Digest Digest<br />
Pass/<br />
Fail<br />
Figure 10.8.<br />
message<br />
Ensuring integrity of the
Internet Security 299<br />
Message Authentication Codes (called MACs) is another mechanism<br />
for identifying users. A MAC is an authentication tag (also called a<br />
checksum) derived by applying an authentication scheme, <strong>to</strong>gether with<br />
a secret key, <strong>to</strong> a message. However, it is not foolproof, as the receiver<br />
can also generate these codes and misuse them.<br />
SIGNING ON THE DIGITAL LINE<br />
Williams Communications, an Oklahoma-based company, is an example<br />
of how digitally signed documents can streamline business<br />
processes.<br />
Much of the company's correspondence consisted of sensitive<br />
documents — from employee time sheets and performance reviews <strong>to</strong><br />
contracts and agreements with cus<strong>to</strong>mers and other companies. All<br />
these items required physical signatures <strong>to</strong> ensure their accuracy,<br />
integrity and validity. However, gathering those signatures meant lots<br />
of paper, slow cycles and a real loss of efficiency within the company.<br />
The company decided <strong>to</strong> use electronic signatures — a technology<br />
that allows digital documents <strong>to</strong> be 'signed', keeping them valid<br />
and secure while retaining the efficiency of electronic s<strong>to</strong>rage and<br />
transmission. Soon after, Williams Communications implemented two<br />
pieces of electronic signature technology — Approvelt from Silanis<br />
Technology and a form of public key infrastructure technology from<br />
Entrust Technologies. The technology not only helped alleviate the<br />
company's paper-generated internal struggles; it also paved the way<br />
for faster and easier e-<strong>commerce</strong> interactions with cus<strong>to</strong>mers and<br />
business partners.<br />
A Changing Landscape<br />
It sounds like a fine solution <strong>to</strong> a significant problem, but there was<br />
an issue: where a manually signed document carried force of law<br />
behind it, digital signatures often weren't worth the virtual paper they<br />
were written on. All that changed in June 2000, when Congress<br />
passed the Electronic Signatures in Global and National Commerce Act.<br />
The act, effective Oc<strong>to</strong>ber 1, 2000, made digitally signed electronic<br />
agreements as legally valid as hand-signed, printed documents.<br />
Source: Condensed from Signing on the Digital Line, CIO Magazine
300 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
10.6.6. Digital certificates and role of Certificate<br />
Authorities (CAs)<br />
All of the above mechanisms of security relied on using public keys<br />
and private keys for both the sender and the receiver. The question<br />
arises — where do these keys come from? How does the outside world<br />
get hold of the public key of a particular party?<br />
The answer lies in digital certificates, issued by organizations called<br />
Certificate Authorities (CAs). Certificates can be used <strong>to</strong> replace passwords<br />
and login ID's wherever access is <strong>to</strong> be restricted <strong>to</strong> certain<br />
users, such as registered cus<strong>to</strong>mers. In several applications, certificates<br />
may replace 'cookies', which have proven unpopular with many Web<br />
users.<br />
Any company/individual wishing <strong>to</strong> communicate securely over the<br />
Internet can apply <strong>to</strong> a CA for a digital certificate. It has <strong>to</strong> send<br />
its identification information and public key <strong>to</strong> the CA. The CA will<br />
verify the authenticity of information and then issue a certificate with<br />
the given information and public key. To seal the certificate, the CA<br />
encrypts it with its private key and sends it <strong>to</strong> the applicant (see<br />
Figure 10.9).<br />
In this approach, when Company A wants <strong>to</strong> communicate with<br />
Company B, it will ask Company B for its certificate. On receiving this<br />
certificate, Company A will decrypt the same using the CA's public key.<br />
It will then read the identifying information on the certificate. If satisfied,<br />
it will use the public key present on the certificate <strong>to</strong> send across the<br />
information <strong>to</strong> Company B.<br />
This methodology is not only secure, but requires the sender <strong>to</strong><br />
know only the CA's public key, rather than remember the public key of<br />
every party it wishes <strong>to</strong> communicate with.<br />
The most widely recognized standard public key certificate format is<br />
defined in the ITU X.509 standard.<br />
Serial<br />
Number<br />
Signature<br />
N umber<br />
CA Info<br />
CA<br />
Number<br />
Owner Info<br />
Owner's<br />
N umber<br />
Owner's<br />
Public Key<br />
N umber<br />
Validity<br />
Period<br />
Figure 10.9. — Simple public key certificate<br />
CA<br />
Digital<br />
Signature
Internet Security 301<br />
There are multiple organizations which function as certification<br />
authorities. Leading among them is Verisign (http://www.verisign.com),<br />
which caters <strong>to</strong> institutions as well as individuals. It issues the following:<br />
• E-mail Certificate — verifies that the e-mail comes from the mentioned<br />
address;<br />
• Server Certificate — establishes the identity of a particular Internet<br />
site; and<br />
• Code Signing Certificate — used by software companies <strong>to</strong> sign the<br />
released versions of their code.<br />
10.6.7. Using SSL (Secure Sockets Layer) <strong>to</strong><br />
establish secure sessions<br />
Secure Sockets Layer (SSL) provides privacy, integrity and authentication<br />
<strong>to</strong> application pro<strong>to</strong>cols such as HTTP by using encryption, message<br />
digests, digital signatures and certificates. This is very valuable on the<br />
Internet since it allows a much greater degree of secure communication<br />
than is available without SSL. Most Web servers and browsers <strong>to</strong>day<br />
support SSL and implement it au<strong>to</strong>matically, so users using these<br />
browsers can utilize it directly.<br />
SSL operates on <strong>to</strong>p of the TCP/IP network layer (see Figure 10.10).<br />
Therefore, any communication that relies on TCP/IP such as FTP file<br />
transfer, news pro<strong>to</strong>col (NNTP), remote login sessions (telnet, rlogin,<br />
rsh) and e-mail (SMTP) can, in theory, be secured by SSL.<br />
SSL performs the following:<br />
• Allows an SSL-enabled server <strong>to</strong> authenticate itself <strong>to</strong> an SSLenabled<br />
client;<br />
HTTP SMTP NNTP<br />
Application Layer<br />
Network Layer<br />
TCP/IP Layer<br />
Figure 10.10. — Pro<strong>to</strong>col stack for communications
302 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Send a Client Hello<br />
Send a Server Hello<br />
Certificate<br />
Certificate Regue^<br />
Server Hello Done<br />
Certificate<br />
Certificate Ver if' L,<br />
Change Ciphers pec<br />
Finished<br />
Char^eChJpherSpec<br />
Finished<br />
Client Server<br />
Decide on the cipher suite, and set up the<br />
session ID and other parameters such as<br />
method of compression and pro<strong>to</strong>col version<br />
Request the client certificate and if required,<br />
send the server certificate<br />
Acknowledge the receipt of client certificate,<br />
if required<br />
Exchange the 1 cipher suite and handshake is<br />
completed<br />
Figure 10.11. — Simplified handshake sequence<br />
• Allows an SSL-enabled client <strong>to</strong> authenticate itself <strong>to</strong> an SSL-enabled<br />
server; and<br />
• Allows both <strong>to</strong> set up an encrypted connection, i.e., a secure<br />
communication channel.<br />
To achieve the above, SSL supports multiple cryp<strong>to</strong>graphic algorithms<br />
called ciphers. The client and server decide upon a set of ciphers or<br />
cipher suite during their initial SSL handshake (see Figure 10.11).<br />
10.7. Shielding an Organization from the<br />
Outside World<br />
In this section, we will discuss the solutions companies use <strong>to</strong> shield<br />
themselves from the outside world.<br />
10.7.1. Firewalls<br />
Until now, we have discussed the mechanisms for securing the data in<br />
transit, i.e., when it is traveling from one company's systems <strong>to</strong> the<br />
other. Now we shall look at how a company can prevent the data from<br />
unauthorized access while the data still lies in its internal systems.
Firewall<br />
DMZ<br />
Internet<br />
t<br />
Screening router<br />
Screening Router L^...<br />
internal LAN<br />
Network Client Nodes<br />
Server<br />
mm 1<br />
Internet Security 303<br />
Proxies<br />
Figure 10.12. — Firewall between internal LAN and the internet<br />
A firewall insulates a company's internal networks from the outside<br />
world. It is the first line of defense between the internal LAN and the<br />
Internet (see Figure 10.12). It works by enforcing an access control<br />
policy <strong>to</strong> and from the private network. All messages entering or<br />
leaving the Intranet pass through the firewall, which examines each<br />
message and blocks those not meeting the specified security criteria.<br />
Firewalls can be implemented in both hardware and software, or a<br />
combination of both.<br />
10.7.2. Functions performed by firewalls<br />
The functions performed by firewalls are:<br />
1. Allow the traffic from the Internet <strong>to</strong> enter only when it is going<br />
<strong>to</strong> a particular set of applications. For these applications, traffic is<br />
allowed <strong>to</strong> go only <strong>to</strong> certain internal addresses (machines) and not
304 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
others. These machines have the ability <strong>to</strong> cope with any threats<br />
posed by outside requests.<br />
2. Check the source of the traffic. For some types of incoming traffic,<br />
it may be necessary <strong>to</strong> check the source. For example, users coming<br />
in via TELNET may have <strong>to</strong> provide their username and password<br />
or a personal <strong>to</strong>ken for identification.<br />
3. Regulate not just the incoming traffic, but also the traffic going from<br />
the internal LAN <strong>to</strong> the external Internet. If a network is compromised,<br />
then it may be made <strong>to</strong> send certain data/packets <strong>to</strong> the outside<br />
Internet <strong>to</strong> addresses where it is not supposed <strong>to</strong> go. Checking where<br />
data is going from the inside <strong>to</strong> the outside can halt this kind of<br />
activity.<br />
4. Encrypting or checking data integrity for all the traffic <strong>to</strong> or from a<br />
network. This 'gateway' type of implementation is also called a<br />
virtual private network.<br />
10.7.3. Types of firewalls<br />
Firewalls generally belong <strong>to</strong> two classes: network level and application<br />
level.<br />
Network level firewalls<br />
Network level firewalls intercept every packet that attempts <strong>to</strong> go in or<br />
out of your network (see Figure 10.13).<br />
A network level firewall acts at the IP — machine address level. It<br />
uses screening routers or packet filters. Each network packet contains<br />
External<br />
Network<br />
Di rect Tratt ic<br />
Possible<br />
Network<br />
Laval<br />
Bastion<br />
[Optional)<br />
,=t Ne<br />
/ (Subnet)<br />
Figure 10.13. — Network level firewall schematic
Internet Security 305<br />
the IP address of its source and destination. Packet filters check this<br />
address information of each and every packet, <strong>to</strong> determine whether it<br />
is acceptable or not. The administra<strong>to</strong>rs set up the firewall rules on the<br />
basis of whether it filters the incoming traffic and allows/disallows<br />
connections.<br />
Routers, which direct information packets, can provide some firewall<br />
support because their function is <strong>to</strong> forward and filter data packets.<br />
Some sophisticated routers provide additional facilities such as encryption<br />
features.<br />
These types of firewalls are usually the least expensive. However,<br />
they do not offer much flexibility and also slow down the performance<br />
of the network considerably.<br />
Application level firewalls<br />
Application level firewalls work by handling the traffic destined for a<br />
specific application such as e-mail or FTP, rather than all network<br />
traffic (see Figure 10.14).<br />
Application level firewalls are like a relay system between the<br />
Internet and the internal network; they do not allow direct traffic <strong>to</strong><br />
pass between the two networks. In these, a highly isolated machine,<br />
called an application gateway, proxy gateway, or proxy server is used.<br />
This machine runs programs called proxies; a separate proxy is run for<br />
each Internet service, such as HTTP and FTP.<br />
Since all interaction of the external users is with the proxies, this<br />
allows all passwords and internal IP addresses <strong>to</strong> remain internal,<br />
making them more difficult <strong>to</strong> detect and misuse.<br />
External<br />
Network<br />
Network<br />
Laval<br />
Figure 10.14. — Application level firewall schematic
306 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
With an application level firewall, a company can control which user<br />
has access <strong>to</strong> what application and when the user can access it. This<br />
firewall also performs detailed activity logging. Check Point's Firewall-<br />
1 is the most widely used application level firewall.<br />
10.7.4. Considerations in choosing a firewall<br />
The right selection of a firewall is of utmost importance for an enterprise,<br />
as it is able <strong>to</strong> secure the integrity and availability of data and data<br />
processes. It is very important <strong>to</strong> perform risk analysis before selecting<br />
a firewall. The status of each identified risk should be further evaluated<br />
<strong>to</strong> determine if it is still a valid risk. If the answer is yes, the firewall<br />
chosen should eliminate it completely.<br />
Any firewall that a company chooses has <strong>to</strong> provide the list of<br />
features and level of performance that it has identified as manda<strong>to</strong>ry.<br />
The main considerations in deciding the type and configuration of a<br />
company's firewall are:<br />
• Internet Services Required — what services will be required, e.g. telnet,<br />
World Wide Web, audio or video applications;<br />
• Additional Features Required — whether encryption will be used;<br />
• <strong>Integration</strong> Capabilities — how well does the firewall integrate with<br />
other products, such as encryption <strong>to</strong>ols;<br />
• Level of Risks — how closely the information needs <strong>to</strong> be guarded,<br />
depending on how sensitive or mission critical the information is;<br />
and<br />
• Budget — expenditure permissible for firewall setup and maintenance.<br />
Although it is difficult <strong>to</strong> give exact advice, in general application<br />
gateways are more popular firewalls, due <strong>to</strong> the level of flexibility and<br />
control that they provide.<br />
10.7.5. Enterprise firewall appliance<br />
An enterprise firewall appliance is a hardware and/or a software device<br />
that provides robust and comprehensive enterprise security for Internet,<br />
intranet and extranet traffic. Its deployment and configuration, based on
Firewall<br />
Function<br />
Moni<strong>to</strong>r,<br />
Report<br />
Writer<br />
OSKernel TCP/IP<br />
Private<br />
Network<br />
Web Browsers<br />
'Router<br />
aproxy http web gate<br />
i<br />
Internet Security 307<br />
Mail Server<br />
Figure 10.15. — Enigma firewall solution<br />
Web Servers<br />
DMZ<br />
aka<br />
Server Network<br />
an enterprise security policy, is extremely rapid, as most of its components<br />
are pre-installed and pre-configured. These appliances are built<br />
using the latest security technologies; and provide remote administration,<br />
the ability <strong>to</strong> manage multiple firewalls from one location, centralized<br />
built-in reporting and logging for moni<strong>to</strong>ring all activities and the<br />
flexibility and scalability <strong>to</strong> support enterprise level traffic.<br />
Check Point's Firewall-1, Symantec's VelociRap<strong>to</strong>r, Watchguard's<br />
Firebox II and Enigma 2.0 Firewall Appliance are some examples of<br />
enterprise firewall appliances.<br />
Figure 10.15 is a simplified reconstruction of the internal workings<br />
of the Enigma Firewall Appliance. All computers in the private network<br />
and the DMZ communicate with the proxies. The proxies manage<br />
connectivity between the networks and all transfers must pass through<br />
them. There are multiple independent proxies that are tailored <strong>to</strong> provide<br />
application specific defenses, such as e-mail, FTP, HTTP and reverse-<br />
HTTP.
308 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
10.7.6. Virtual Private Networks (VPNs)<br />
Many organizations have several offices situated in diverse locations.<br />
They have employees who are traveling or telecommuting, as well as<br />
business partners and cus<strong>to</strong>mers in remote locations. These organizations<br />
would like <strong>to</strong> provide all these entities access <strong>to</strong> their internal LANs.<br />
The simplest way of doing this would be <strong>to</strong> dial-in directly <strong>to</strong> the<br />
modems of the organization or access its Remote Access Server (RAS)<br />
directly, via long distance telephone calls.<br />
This method is secure. However, it is substantially expensive for<br />
most companies. The ideal way would be a secure way of getting<br />
access <strong>to</strong> the LAN through the general Internet. Internet-based VPNs<br />
that use the open, distributed infrastructure of the Internet <strong>to</strong> transmit<br />
data between corporate sites, provide companies with a mechanism for<br />
a combination of security and economy (see Figure 10.16).<br />
Branch Office Branch Office<br />
Partner Office<br />
Figure 10.16. — VPN network securing a business, partner company and<br />
mobile worker
Internet Security 309<br />
Virtual private networks enable enterprises <strong>to</strong> leverage the Internet,<br />
while protecting sensitive business information. With VPNs, companies<br />
can achieve a significant cost saving of up <strong>to</strong> 60% over private leased<br />
lines and 30% over frame-relay networks.<br />
VPNs have <strong>to</strong> provide scalability, flexibility and reliable performance<br />
in order that the companies use them <strong>to</strong> support access <strong>to</strong> their missioncritical<br />
applications. All the components of VPNs should be easy <strong>to</strong><br />
configure and provide seamless integration within the whole enterprise<br />
security infrastructure.<br />
VPNs have <strong>to</strong> provide the following three critical functions <strong>to</strong><br />
ensure security for data:<br />
• Authenticate — confirm that the data is coming from the source that<br />
it claims;<br />
• Secure — restrict read/write access and maintain data integrity of the<br />
data traveling over the Internet; and<br />
• Access control — allow only authorized users <strong>to</strong> gain admission <strong>to</strong><br />
the network<br />
VPN uses the following technologies:<br />
• Encryption;<br />
• Authentication; and<br />
• Pro<strong>to</strong>col Tunneling — In pro<strong>to</strong>col tunneling, the actual data packets<br />
are encrypted; then enclosed inside other IP packets and transmitted<br />
across the Internet. At the destination, there is a special host that<br />
decrypts them. This tunneling of data is completely transparent <strong>to</strong> the<br />
end-users. They feel as if they are directly connected <strong>to</strong> the internal<br />
LAN.<br />
Various pro<strong>to</strong>cols are used <strong>to</strong> carry out tunneling, such as Microsoft's<br />
Point-<strong>to</strong>-Point Tunneling Pro<strong>to</strong>col (PPTP), Ipsec pro<strong>to</strong>col and L2TP<br />
pro<strong>to</strong>col proposed by Cisco and Microsoft. There are several vendor<br />
products available for creating and managing VPNs, such as IBM<br />
eNetwork VPN series and AltaVista Tunnel97. Many telecom carriers<br />
such as AOL and AT&T also offer dedicated services for VPN<br />
communication.
310 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
10.7.7. Check Point's VPN solution<br />
Check Point's VPN-1 family of products (software-based VPN Gateway<br />
products, plug-and-play VPN appliances, client-based VPN software,<br />
VPN acceleration cards and PKI products) helps build state-of-the-art<br />
Enterprise VPNs, by providing secure Internet-based connectivity <strong>to</strong><br />
corporate networks, remote and mobile users, satellite offices and partner<br />
sites.<br />
The key component in the whole family is VPN-1 Gateway (a<br />
combined package of Fire Wall-1 and VPN-1), which supports high<br />
availability configurations for IPSec traffic and remote access VPNs<br />
(see Figure 10.17). It supports all leading PKI products and services<br />
that are used mainly for extranets, and includes bandwidth management,<br />
compression and hardware-based VPN acceleration.<br />
FloodGate-1<br />
Bandwidth'<br />
Management<br />
Authentication pvl^-^^<br />
Server t r~Z?<br />
VPN-1<br />
Gateway<br />
Certificate<br />
Enterprise<br />
Management<br />
Console<br />
Partner<br />
Site<br />
IPSec-Com pliant<br />
Gateway<br />
Secured By Satellite<br />
Checkpoint<br />
office<br />
Appliance<br />
Figure 10.17. Check Point's VPN solution<br />
VPN-1<br />
SecureClient
10.8. <strong>B2B</strong>i and E-Security<br />
Internet Security 311<br />
After discussing the fundamentals of e-security, let's review how it<br />
plays a role in a company's <strong>B2B</strong>i plans.<br />
10.8.1. Revamp your security<br />
The security solutions that companies implemented in the EDI world<br />
are rather obsolete. EDI-based communication occurs over VAN and<br />
with a select few predetermined partners. <strong>B2B</strong>i over the Internet changes<br />
all equations and makes the existing security solutions outdated.<br />
E-security for <strong>B2B</strong>i is much more than just installing a corporate<br />
firewall. <strong>B2B</strong>i requires securing communications (99.99% security level<br />
is not good enough — it has <strong>to</strong> be 100% secured) between networks,<br />
systems, applications and users across the Internet, Intranets and extranets.<br />
Below are just a few of the features that a company should look for in<br />
a security solution that would help it achieve the elusive 100% security<br />
protection:<br />
• Be a truly all-in-one security system that combines firewall, antivirus,<br />
intrusion detection and other security necessities in<strong>to</strong> a single<br />
product that's easier <strong>to</strong> manage than integrated multiple <strong>to</strong>ols;<br />
• Provides real-time transaction auditing and moni<strong>to</strong>ring of audit trails;<br />
• Provides full, cus<strong>to</strong>mized access <strong>to</strong> security information reports,<br />
policies and logs;<br />
• Interface <strong>to</strong> add, modify and delete security policy change requests;<br />
• Support for multiple operating systems such as NT and UNIX;<br />
• Provides easy-<strong>to</strong>-use graphical user interface that allows the security<br />
administra<strong>to</strong>rs <strong>to</strong> review and set entitlements as required, right down<br />
<strong>to</strong> the application and object level;<br />
• Provides a flexible and expandable security architecture, which can<br />
fit in<strong>to</strong> any company's existing infrastructure;<br />
• Offers robust access control, cryp<strong>to</strong>graphy-based privacy and authentication<br />
of users; and<br />
• Gives high performance and scalability when the load (i.e., system<br />
load, user accesses and user authentications) is great.
312 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Commission a DMZ (demilitarized zone)<br />
As a crucial part of e-security revamping efforts, a company should<br />
commission a DMZ that is delineated by an external and an internal<br />
firewall. The external firewall secures the systems inside the DMZ from<br />
external intruders. It provides access <strong>to</strong> these systems only <strong>to</strong> authorized<br />
parties. The internal firewall, on the other hand, prevents unauthorized<br />
access <strong>to</strong> enterprise networks and systems from the DMZ.<br />
Formulate policies for detecting intrusion<br />
Formulate corporate security policies that require logging and minute<br />
level inspection of every inbound and outbound call. This will assist in<br />
identifying dubious activities and patterns leading <strong>to</strong> a network or<br />
system attack.<br />
Build an effective entitlements management system<br />
This system should be geared <strong>to</strong>wards setting up the entitlements and<br />
user access privileges for all the applications, independent of their<br />
respective platform. Such a system would eliminate the need for<br />
proprietary security components built in<strong>to</strong> each individual application.<br />
Implement cross-domain single sign-on<br />
Single Sign-on (SSO) enables the user <strong>to</strong> log in (by providing user ID<br />
and password) just once and then caching that information for the<br />
whole session until the user logs out. Once the user is logged in<br />
successfully, the user's identity can be shared and passed on from one<br />
system <strong>to</strong> another, thereby making it unnecessary <strong>to</strong> have a separate<br />
sign-on for each system. With a cross-domain single sign-on, this<br />
information can be passed over from one secured domain <strong>to</strong> another.<br />
10.8.2. <strong>B2B</strong>i software<br />
Your <strong>B2B</strong> integration software/server provides the primary source of<br />
access over the Internet. It acts as an external interface <strong>to</strong> a company's
Internet Security 313<br />
corporate network and if not properly chosen can provide easy break-in<br />
points <strong>to</strong> hackers.<br />
As a part of <strong>B2B</strong>i strategy, a company should choose <strong>B2B</strong> integration<br />
software that has:<br />
• Wide support and adoption by security vendors; and<br />
• Flexibility in easily linking existing security solutions in the integration<br />
solution.<br />
10.8.3. Security features in the leading <strong>B2B</strong><br />
integration servers<br />
Security features in some of the leading <strong>B2B</strong>i integration solutions is<br />
as follows:<br />
webMethods <strong>B2B</strong> solution<br />
webMethods <strong>B2B</strong> solution supports X.509 digital certificates, which<br />
ensure that business services are accessed and data transactions are<br />
initiated only by known and specified partners, HTTP Authentication,<br />
Access Control Lists (ACLs), Secure Socket Layer (SSL) support and<br />
RSA-based public key encryption of data. These capabilities permit secure<br />
connections <strong>to</strong> Web servers running SSL and also protect communications<br />
between the webMethods <strong>B2B</strong> Server and your trading partners.<br />
Netfish XDI server<br />
Netfish XDI Server enables routing of outbound requests through an<br />
SSL proxy server. Inbound requests can also enforce either server-side<br />
SSL authentication or mutual (server and client) SSL authentication<br />
(see Figure 10.18). The XDI Server supports importing digital certificates<br />
in standard formats such as PKCS#12 and PKCS#7 and allows trading<br />
partners <strong>to</strong> use distinct certificates for data encryption and signing.<br />
TIBCO TIB/BusinessConnect<br />
Tibco's <strong>B2B</strong> solution — TIB/BusinessConnect supports 56- and 128-bit<br />
SSL encryption. For authentication, it utilizes digital signatures, X.509
314 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
N<br />
XDI Web<br />
Server Server<br />
DMZ<br />
HTTPS<br />
XDI Web<br />
Secure Server<br />
Gateway HTTPS<br />
Figure 10.18. — Netfish XDI server<br />
Internet<br />
Trading<br />
Partner<br />
certificates and Public Key Infrastructure (PKI). It provides au<strong>to</strong>mated<br />
sub-processes for the signature and encryption of business documents,<br />
as well as for verification and decryption.<br />
10.8.4. E-security tailored <strong>to</strong> XML<br />
XML is fast becoming the lingua franca of e-business. All through the<br />
industry, companies are using XML at the interface of their systems <strong>to</strong><br />
exchange a variety of data and documents. XML documents are<br />
comprised of data and metadata, i.e., information describing the meaning<br />
of the data. It is becoming a key requirement of integrated systems <strong>to</strong><br />
process or parse this data efficiently. Hence, companies are welcoming<br />
security algorithms tailored <strong>to</strong> XML.<br />
XML Security Suite is one such product, by IBM AlphaWorks. It<br />
pushes the security further by introducing new security features, such as<br />
digital signature, element-wise encryption and access, control that are<br />
beyond the capability of the transport-level security pro<strong>to</strong>col such as<br />
SSL. Element-wise encryption means that one can choose the specific<br />
elements of an XML document which one wants <strong>to</strong> secure.<br />
At the time of writing, the release of XML Security Suite provided<br />
reference implementations of DOMHASH, a proposed canonicalized<br />
digest value for XML documents. DOMHASH may be a basis for XML<br />
digital signature that is being discussed in both IETF and W3C. The<br />
IETF and W3C have combined their efforts and are working <strong>to</strong>wards an<br />
XML signature specification. The XML signature syntax will express<br />
the relationships between cryp<strong>to</strong>graphic signatures and Web resources
Internet Security 315<br />
(anything that can be referenced by a URL). It will also include the<br />
procedures for processing and verifying XML signatures.<br />
Another advancement is Security Services Markup Language (S2ML),<br />
which is under development by Netegrity, VeriSign and several other<br />
e-<strong>commerce</strong> vendors. S2ML provides a standard way of defining user<br />
authentication, authorization, entitlement and profile information in XML<br />
documents, thus allowing business users <strong>to</strong> move from site-<strong>to</strong>-site without<br />
multiple sign-ons.<br />
10.9. Secure Payments Over the Internet<br />
<strong>B2B</strong> e-payment and settlement is complex and requires coordination<br />
among multiple parties. For a single <strong>B2B</strong> payment, documents may be<br />
exchanged among the buyer, the seller, marketplace, shippers, insurers,<br />
financiers, regula<strong>to</strong>rs and other parties. It is not easy <strong>to</strong> au<strong>to</strong>mate a<br />
payment that involves so many parties. In order <strong>to</strong> au<strong>to</strong>mate the complete<br />
process, right from purchase of the order <strong>to</strong> the final exchange of<br />
payment between the parties, cooperation is required from banks,<br />
technology providers and the member companies of the marketplaces.<br />
As transactions happen over the Internet, a need for electronic<br />
payment systems for handling the payment part of the transaction<br />
arises. <strong>B2B</strong> payment systems must securely handle:<br />
• Financing;<br />
• Electronic funds transfer;<br />
• Payment;<br />
• Invoicing;<br />
• Reconciliation;<br />
• Online contracting; and<br />
• Authentication.<br />
In a typical dynamic <strong>B2B</strong> scenario, transacting companies would be<br />
assigned cryp<strong>to</strong>-secured digital identities that would be validated in<br />
real-time. However, these digital identities, by themselves are not good<br />
enough <strong>to</strong> provide the right business conditions, such as security,<br />
reliability and trustworthiness for online <strong>B2B</strong> transactions. Without the<br />
involvement of an external entity that interacts with parties at both ends
316 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
and maintains a comparable mode of verification of each party's consent,<br />
<strong>B2B</strong> transactions cannot be enforced.<br />
10.9.1. Need for trusted third party entities<br />
In <strong>B2B</strong> e-<strong>commerce</strong> transactions, which can run in<strong>to</strong> millions of dollars<br />
without ever involving a piece of paper, companies cannot trust new<br />
business partners simply on the basis of an e-mail address or a password<br />
or a Website address. There is a need for the involvement of a financial<br />
institution that can validate and facilitate all the financial aspects of a<br />
transaction. Their involvement will give participating companies the<br />
assurance they require <strong>to</strong> conduct negotiations, reach agreements and<br />
make payments in a trusted and secure manner.<br />
The trusted third party entity should:<br />
• Issue digital certificates;<br />
• Provide guarantee of these digital certificates;<br />
• Have a global presence and a large clientele;<br />
• Support open standards and provide technology interoperability, so<br />
that the participant companies can use security solutions that best fit<br />
their needs;<br />
• Provide transactional integrity and assurance that can bind all the<br />
participants <strong>to</strong> contracts that are enforceable across all countries; and<br />
• Maintain the audit information in the form of electronic paperwork <strong>to</strong><br />
trace back any transactions or communications. This audit can be<br />
used <strong>to</strong> resolve any dispute between two parties using their services.<br />
Without the audit information, which is a comparable mode of<br />
verification of the concerned party's consent, it will be difficult <strong>to</strong><br />
enforce an electronic transaction.<br />
Identrus is a typical example of such a trusted third party entity,<br />
which brings <strong>to</strong>gether several leading financial institutions (FIs). The<br />
partner FIs issue guaranteed digital certificates that enable their cus<strong>to</strong>mers<br />
<strong>to</strong> participate in <strong>B2B</strong> e-<strong>commerce</strong>. In addition, FIs also act as payment<br />
intermediaries and offer their traditional financial services securely over<br />
the Internet.<br />
As an example of a transaction through Identrus Network (see<br />
Figure 10.19), a manufacturer receives a request for a proposal over
Bank 1<br />
Certif i cate<br />
Validation<br />
Prospective<br />
Trading Partner<br />
Identrus,<br />
LLC<br />
Real-Time<br />
Certificate/Identity<br />
and Credit Verification<br />
RFP<br />
Response<br />
Internet Security 317<br />
Certif i cate<br />
Validation<br />
Bank 2<br />
Manufacturer<br />
Figure 10.19. — Example of a transaction in identrus network<br />
the Internet from an unfamiliar source. Without confirmation of the<br />
company's identity, it may make little sense <strong>to</strong>day <strong>to</strong> set aside inven<strong>to</strong>ry or<br />
even consider the bid, because the manufacturer would have <strong>to</strong> engage in<br />
extensive diligence. As a cus<strong>to</strong>mer of a financial institution participating<br />
in Identrus, the company could present a compliant digital certificate along<br />
with the Request for Proposal (RFP). The manufacturer could then fully<br />
trust in the identity of the origina<strong>to</strong>r of the RFP. If the RFP came with<br />
credit information verified by a participating financial institution's digital<br />
certificate, the manufacturer could rely on that information <strong>to</strong> determine<br />
the credit-worthiness of its prospective trading partner.<br />
10.10. Security Trends for the Future<br />
A few security trends for the future are:<br />
• The need <strong>to</strong> control and secure digital content will grow tremendously.<br />
Bos<strong>to</strong>n-based consultancy Yankee Group predicts that a market for<br />
secure content delivery technologies will evolve, exceeding US$200<br />
million in 2001 and US$2 billion by 2005.
318 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• The Yankee Group predicts that the market for network and computer<br />
security will reach more than $10 billion by 2003, up from $2.3<br />
billion in 1998.<br />
• By 2005, the managed security service provider market will grow <strong>to</strong><br />
over US$2.6 billion. Managed service providers (MSP) will try <strong>to</strong><br />
integrate the needs of e-<strong>commerce</strong>, Web hosting, IP virtual private<br />
networks (VPNs) and managed security services.<br />
ESTABLISHING ELECTRONIC COMMERCE VIA<br />
CERTIFICATE AUTHORITIES<br />
Security Considerations for OASIS Electric Utility Websites<br />
OASIS (open access, same-time, information systems) is a project<br />
that facilitates transactions of wholesale electricity <strong>to</strong> utilities and<br />
corporate cus<strong>to</strong>mers nationwide. OASIS was designed by the Joint<br />
Transmission Services Information Network (JTSIN), a consortium<br />
of regional electric utility cooperatives.<br />
OASIS emerged when the Federal Energy Regula<strong>to</strong>ry Commission<br />
(FERC) mandated that wholesale buyers, sellers and distribu<strong>to</strong>rs of<br />
electric power have equal access <strong>to</strong> information about power transmission,<br />
availability and pricing. Previously, wholesalers and corporate<br />
cus<strong>to</strong>mers used <strong>to</strong> rely on personal contacts <strong>to</strong> find electricity at<br />
bargain prices; now all information on pricing and available power<br />
grid capacity is open <strong>to</strong> them via the Internet through the secure<br />
VPNs created by OASIS.<br />
JTSIN outsourced project development <strong>to</strong> BSG, Cegelec ESCA<br />
Corp., with TradeWave Corporation as the developer of the system's<br />
security architecture.<br />
OASIS went online in January 1997 and consists of over 500<br />
separate entities and market makers in the electric power industry,<br />
trading an estimated $35 billion in transmission capacity, making it<br />
one of the largest e-<strong>commerce</strong> projects (see Figure 10.20).<br />
Information surrounding the availability and pricing of electricity,<br />
like that of any commodity, must remain confidential. A system that<br />
Continue on page 319
Internet Security 319<br />
Continued from page 318<br />
- &jer 500 separate entities and<br />
market makers in power industry<br />
- Trading an estimated $35 billion+ in<br />
electric pow er transmission capacity<br />
Figure 10.20. — OASIS consists of over 500 separate entities and market<br />
makers in the electric power industry, trading an estimated $35 billion in<br />
transmission capacity<br />
generates multi-million dollar transactions demands both dataencryption<br />
and user-authentication capability. Security has <strong>to</strong> be strong<br />
enough <strong>to</strong> guarantee the integrity of the billing and payments that<br />
will soon be transferred on<strong>to</strong> OASIS. OASIS sites that have implemented<br />
TradeWave's TradeVPI (Virtual Private Internet) solution<br />
have overcome each of the security concerns that previously stunted<br />
the development of e-<strong>commerce</strong> on the Web.<br />
Security concerns that OASIS participants face include effective<br />
authorization mechanism that controls users' access <strong>to</strong> the VPN, as<br />
well as control over what information users can view, based on their<br />
level of trust. Mutual authentication is needed <strong>to</strong> verify both those<br />
sending and those receiving information. Strong encryption is needed,<br />
along with <strong>to</strong>ols that ensure that messages are not altered in any<br />
Continue on page 320
320 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 319<br />
way. Once a message is sent, non-repudiation capability must be in<br />
place so that there is no question who sent or received a particular<br />
message.<br />
TradeWave secured OASIS transactions by building upon an Entrustbased<br />
Public Key Infrastructure (PKI) <strong>to</strong> create a nonproprietary,<br />
open-architecture solution that meets all relevant industry, government<br />
and international security standards. The standard Entrust PKI was<br />
advanced by 'Web-enabling' it, au<strong>to</strong>mating its ability <strong>to</strong> issue certificates<br />
and adding an access-control <strong>to</strong>ol that handles data-access<br />
privileges for each user.<br />
Security Implementation at MAIN<br />
The major TradeVPI components that support the OASIS architecture<br />
at JTSIN participant MAIN (Mid-America Interconnected Network)<br />
are the TradeWave's online certificate authority (CA) service, client<br />
and server software and the TradeAccess Control Server software.<br />
• A trusted CA direc<strong>to</strong>ry manages and distributes electronic keys for<br />
encrypting information and electronic certificates for authenticating<br />
user and server identities.<br />
• TradeAgent client enables a user's Web browser <strong>to</strong> gain secure<br />
access <strong>to</strong> the Web pages of MAIN and other participating OASIS<br />
utilities.<br />
• TradeAgent Server provides secure MAIN resources, such as<br />
confidential OASIS pages, <strong>to</strong> TradeAgent client users.<br />
• Both the TradeWave client and server software encrypt and decrypt<br />
data detailing the pricing and availability of electricity at MAIN<br />
and other OASIS participants.<br />
• The TradeAccess Control Server software ensures that authenticated<br />
users with the proper access privileges can access certain protected<br />
MAIN and OASIS resources.<br />
User Authentication<br />
Users must first be approved by a local registration agent (LRA), who<br />
provides the user with a security profile. MAIN'S LRA then confirms<br />
Continue on page 321
Internet Security 321<br />
Continued from page 320<br />
the approved registrant with TradeAuthority, the IBM-supported CA<br />
server protected at a physically secured site in Austin, Texas.<br />
As an example, a broker in Pennsylvania who wants <strong>to</strong> log on<strong>to</strong><br />
the VPN of Wisconsin-based MAIN <strong>to</strong> check pricing and availability<br />
of electricity must first be confirmed by TradeAuthority, which matches<br />
a user's encrypted log-on signature with the signature included in the<br />
s<strong>to</strong>red profile.<br />
Once the broker's log-on is validated, this potential cus<strong>to</strong>mer has<br />
access <strong>to</strong> any OASIS node without having <strong>to</strong> log on again, avoiding<br />
the inconvenience of having <strong>to</strong> remember separate IDs and passwords<br />
for each JTSIN account.<br />
To access MAIN Web documents, the cus<strong>to</strong>mer enters the desired<br />
MAIN URL and forwards this request through TradeAgent client.<br />
TradeAgent client then contacts the CA <strong>to</strong> obtain the certificate for<br />
the desired MAIN address. It opens contact with MAIN'S TradeAgent<br />
server. TradeAgent client and server can now authenticate each other<br />
by checking a certificate revocation list for both the client and server;<br />
if neither the broker's address nor MAIN URL is on the revocation<br />
list, communication between the two may proceed.<br />
The session continues with client and server selecting a public<br />
key <strong>to</strong> encrypt data traveling between them, as well as algorithms<br />
that ensure data confidentiality and integrity.<br />
Access Control<br />
Each user in the OASIS system has specified access privileges as<br />
deemed appropriate by the administra<strong>to</strong>r.<br />
With TradeVPI, MAIN has a system in place that is secure<br />
enough <strong>to</strong> meet the expected explosion in electronic <strong>commerce</strong>.<br />
Billing information will soon be shared with other providers and<br />
utilities. Transaction payments aren't far behind. The present architecture<br />
gives ITSIN the security <strong>to</strong> easily migrate billing and payments<br />
<strong>to</strong> the Internet.<br />
The OASIS system addresses security concerns with an infrastructure<br />
in place that not only protects the proprietary information<br />
of its corporate members, but also has the encryption and<br />
Continue on page 322
322 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 321<br />
authentication capability that can process purchases of electrical<br />
power worth millions of dollars. OASIS is a blueprint for commercial,<br />
public-key infrastructure-based electronic <strong>commerce</strong>.<br />
Source: Condensed from cyberguard-ecom.se-com.com white paper<br />
10.11. Conclusion<br />
<strong>B2B</strong>i involves significant security risks, as it involves the use of the<br />
Internet for conducting business. Anonymity, a key characteristic of<br />
<strong>B2B</strong> e-<strong>commerce</strong>, also adds a lot <strong>to</strong> the uncertainty of online <strong>B2B</strong><br />
transactions. Security breaches in this environment can cause severe<br />
losses and damages <strong>to</strong> the reputation of the parties involved. For example,<br />
a security hack, such as denial-of-service (DOS — incapacitating<br />
Web servers by flooding them with nuisance traffic) attacks on any<br />
major <strong>B2B</strong> exchange can virtually cripple the whole industry and lead<br />
<strong>to</strong> millions and millions of real dollar losses <strong>to</strong> corporations, apart from<br />
destroying the credibility of the company running that exchange. As a<br />
matter of fact, the economic damage caused by e-security breaches,<br />
such as hacker attacks, viruses, denial of service attacks and unauthorized<br />
access, exceeds $15 billion annually.<br />
E-security in lieu of <strong>B2B</strong>i is not just using a secure connection<br />
provided by SSL or placing a corporate firewall in place. It requires a<br />
whole revamping of enterprise-wide security policies and solutions. The<br />
revamped security solution has <strong>to</strong> help companies better leverage their<br />
existing infrastructure, be cost-effective and reduce security breach<br />
risks with each dollar spent.<br />
Organizations that offer all the financial services over the Internet<br />
and provide both the technological and operational infrastructure for<br />
secured <strong>B2B</strong> transactions will thrive in the future.
Part III<br />
Evolving <strong>Integration</strong><br />
Components<br />
323
This page is intentionally left blank
Chapter "| 1<br />
Web Services<br />
The focus of this chapter<br />
Web services based on service-oriented architecture are an evolution in<br />
e-business applications that will help companies reach their integration<br />
goals and take <strong>B2B</strong> <strong>to</strong> the next level.<br />
In this chapter, we present the latest technology being developed<br />
in the <strong>B2B</strong> integration domain — Web services. You will learn about<br />
SOA, UDDI, WFSL, WSDL and how they fit in<strong>to</strong> the architecture of<br />
Web services.<br />
325
326 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
11.1. Service Oriented Architecture (SOA)<br />
We have discussed in the previous chapters that <strong>B2B</strong>i involves dynamic<br />
integration of heterogeneous applications and platforms across multiple<br />
organizations. A minor alteration in just one of the applications, at one<br />
of the firms, can break the whole integration.<br />
For true dynamic integration, software resources such as applications,<br />
objects and programs should be loosely coupled. These resources should<br />
make their presence known <strong>to</strong> the world and provide public interfaces,<br />
which describe their actions. The communication between these resources<br />
and the applications using them should occur, based on open standards.<br />
Using these resources, which can be personalized for each user, the<br />
future applications would be built dynamically within seconds.<br />
This is where SOA comes in<strong>to</strong> the picture. It provides a framework<br />
and architecture for interconnecting applications and software components<br />
seamlessly. It provides the ability <strong>to</strong> invoke remote business services<br />
and install them as local components in a different application, all without<br />
writing a single line of low-level code.<br />
11.1.1. Components and operations of SOA<br />
There are three components of service oriented architecture (see<br />
Figure 11.1). They are:<br />
• Service Provider — This component is responsible for creating and<br />
publishing the interfaces of services, providing the actual implementation<br />
of these services and responding <strong>to</strong> any requests for the<br />
use thereof. Any company or business can be a service provider.<br />
• Service Broker — This component registers and categorizes public<br />
services published by various service providers and offers services<br />
like search, etc. Service brokers act like a reposi<strong>to</strong>ry or yellow pages<br />
for Web services. Companies that want <strong>to</strong> use Web services can<br />
search these yellow pages <strong>to</strong> find one matching their needs. Currently<br />
several companies including Ariba, IBM and Microsoft are acting as<br />
service brokers.<br />
• Service Requester — This component is the actual user of Web<br />
services. Service requesters discover Web services by searching the<br />
reposi<strong>to</strong>ry maintained by the service brokers and then invoke these
Service<br />
Provider<br />
PublishJF ^k Bind<br />
c&rui*"-^ Service i<br />
5JJJU |^WBM»«MB^ Rec|uester !<br />
Find<br />
Figure 11.1. — SOA model<br />
Web Services 327<br />
services by communicating with the actual service providers. In most<br />
cases the invocation would be remote over the Internet, but it is also<br />
possible that the invocation of the service is local over the intranet,<br />
which means that the requesting company is also the service provider.<br />
The three most basic operations through which the SOA participants<br />
interact are:<br />
• Publish — It allows the service provider <strong>to</strong> publish its services and<br />
interface requirements with a service broker. WSDL (Web services<br />
description language) is an XML-based language used <strong>to</strong> perform the<br />
operation of describing the interface of Web services which are then<br />
published using UDDI.<br />
• Find — This operation allows a service reques<strong>to</strong>r <strong>to</strong> locate, search<br />
and discover the services published via a service broker that are<br />
offered in a particular classification or by a specific service provider.<br />
Finding is enabled by the UDDI (Universal description, discovery<br />
and integration) framework.<br />
• Bind — This operation enables a service reques<strong>to</strong>r <strong>to</strong> actually bind<br />
and use a service provided by a service provider. Binding is enabled<br />
by SOAP-based XML messages.<br />
11.2. What are Web Services?<br />
Web services are URL-addressable, self-contained resources and/or<br />
applications that can be described, published, located and invoked over<br />
a network, usually the Internet. Web services are XML representations<br />
;
328 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
of applications, resources, messages and objects that enable application<strong>to</strong>-application<br />
interaction over the Internet. They provide well-defined<br />
interfaces, called contracts, that describe the services provided. Web<br />
services are based on service oriented architecture (SOA) and support<br />
bind, publish and find operations. Each component (network node) can<br />
play any or all roles of a service broker, service requester or service<br />
provider.<br />
Web services enable companies <strong>to</strong> publish public interfaces of their<br />
business objects and programs so that other companies can search and<br />
find them and interact with these services.<br />
At the core of Web services is the fact that each service encapsulates<br />
the implementation details and publishes a messaging API, so that it<br />
can be used by other services over the network. Web services have<br />
all features of object-oriented systems, such as encapsulation, message<br />
passing, dynamic binding and service description and querying. Through<br />
the dynamic binding of components, which is platform and programming<br />
language-neutral and communications mechanism-independent, they<br />
enable just-in-time integration of applications.<br />
Web services enable full leverage of existing infrastructure and<br />
applications. The existing Web applications (Internet/Intranet) can be<br />
easily converted in<strong>to</strong> Web services, irrespective of the platform or<br />
programming language used <strong>to</strong> implement these applications. The Gartner<br />
Group predicts that by 2004, 40% of legacy enterprise applications will<br />
be partially or fully service oriented.<br />
Examples of practical use of Web services in the <strong>B2B</strong> world include:<br />
• A company invoking another company's service <strong>to</strong> send a purchase<br />
order (PO) over the Internet; and<br />
• A logistics company writing a service which calculates the cost of<br />
shipping goods based on weight, delivery date, etc. that other companies<br />
can use <strong>to</strong> figure out the cost, based on their shipment details.<br />
11.2.1. Application of SOA-based framework <strong>to</strong> <strong>B2B</strong>i<br />
The requirements: For <strong>B2B</strong>i, companies have <strong>to</strong> use a framework that<br />
provides high-performance, reliable, extensible, scalable, secured and<br />
open standards based communication and messaging.
Web Services 329<br />
The solution: A SOA-based framework can enable companies in<br />
achieving their <strong>B2B</strong>i goals by providing a service-based platform <strong>to</strong><br />
integrate new and existing applications and systems, implementing<br />
industry standards, and building an infrastructure that would support the<br />
dynamic messaging required for continuous processing for all types of<br />
business transactions. Service-oriented architecture can provide the<br />
foundation and Web services can provide the building blocks for<br />
application architecture in order <strong>to</strong> achieve seamless trade processing.<br />
A SOA-based framework is capable of providing support for multiple<br />
XML standards, such as ISO15022, cXML, and FpML, at the same time,<br />
and adding additional standards support without significant redevelopment<br />
effort. With the use of Web services as an enabling technology, <strong>B2B</strong>i<br />
related problems and issues will shift from connectivity among different<br />
applications in-house and with trading partner applications <strong>to</strong> the content<br />
and structure of the information that is exchanged. The analogy here<br />
will be that Web services will define the standard postal mechanism<br />
along with the envelope and addressing format for exchanging letters.<br />
What is inside the envelope (the content of the letter) will be defined<br />
by the XML-based business process standard, such as ISO 15022 XML<br />
or RosettaNet.<br />
11.3. Essential Features of a Web Services<br />
Environment<br />
There are several essential features for the operation of Web services.<br />
The Web services environment provides a framework that gives the<br />
ability <strong>to</strong> dynamically discover, install and re-use business services.<br />
A Web service needs <strong>to</strong> be:<br />
• Created and its interfaces and invocation methods must be defined;<br />
• Published <strong>to</strong> one or more intranet or Internet reposi<strong>to</strong>ries for potential<br />
users <strong>to</strong> locate;<br />
• Located <strong>to</strong> be invoked by potential users;<br />
• Invoked by other Web services, applications;<br />
• Provide access <strong>to</strong> standard library functions such as security, search,<br />
translation, logging and transactions;
330 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Unpublished when it is no longer available or needed; and<br />
• Integrated with other Web services using Internet standards.<br />
As discussed, Web services involve exchange of XML messages.<br />
It is manda<strong>to</strong>ry for Web services <strong>to</strong> associate XML schemas (which<br />
define the data types, requirements of XML documents used for<br />
messages, types of messages and operations the messages are mapped<br />
<strong>to</strong>) with these XML messages. Web services can be implemented in any<br />
language (such as C, Java and C++) using any technology such as EJB<br />
and CORBA, as long as they are able <strong>to</strong> generate and parse XML<br />
documents.<br />
11.4. Universal Description, Discovery and<br />
<strong>Integration</strong> (UDDI)<br />
Although it may seem relatively easy <strong>to</strong> discover the Web services of<br />
known trading partners, it is not easy <strong>to</strong> know all services and how they<br />
work. Again, if a company is involved in dynamic business trading,<br />
how would it know the Web services offered by new partners? How<br />
will it ensure that the information that it has about a service is up-<strong>to</strong>date?<br />
Thus, there is need for a mechanism which provides real-time<br />
information about services, ensures consistency in service description<br />
formats and makes it easy <strong>to</strong> track the changes as they occur. There is<br />
a need for a solution that maintains distributed direc<strong>to</strong>ries/registries<br />
of businesses and their services in a common language and format<br />
unders<strong>to</strong>od by all. That solution is UDDI — a primary resource for<br />
identifying and connecting with potential collaborative partners using<br />
Web services.<br />
11.4.1. What is UDDI?<br />
UDDI is a centralized business registry that enables business-<strong>to</strong>-business<br />
communication. UDDI is a standard way of addressing the need for a<br />
reposi<strong>to</strong>ry or broker that will manage a direc<strong>to</strong>ry of service interfaces.<br />
IBM, Microsoft and Ariba outlined their specification <strong>to</strong> help facilitate<br />
the creation, description, discovery and integration of Web-based services.
A UDDI registry basically has two types of users:<br />
Web Services 331<br />
• Businesses that publish a service and its XML-based usage interface;<br />
and<br />
• The clients that want <strong>to</strong> use these services by binding <strong>to</strong> them. All<br />
companies that register in the UDDI business registry are assigned a<br />
globally unique identifier.<br />
11.4.2. UDDI built on SOAP<br />
As discussed in the previous chapter, SOAP enables information in the<br />
form of XML documents <strong>to</strong> be exchanged across system boundaries.<br />
UDDI is actually built on <strong>to</strong>p of SOAP, i.e., the UDDI APIs are built on<br />
SOAP specifications. As depicted in Figure 11.2, UDDI uses technologies<br />
such as TCP/IP, XML and SOAP <strong>to</strong> create a uniform service description<br />
format and service discovery pro<strong>to</strong>col. All UDDI documents are actually<br />
SOAP-based XML documents.<br />
It is worth mentioning that although the UDDI API is implemented<br />
using SOAP, there is no requirement that the services registered in<br />
UDDI use SOAP.<br />
llnivPinfil>M> Maikup Lnnquaqr (XML)<br />
Common Internet Pro<strong>to</strong>cols (HTTP, TCP/IP)<br />
Figure 11.2. — UDDI built on <strong>to</strong>p of SOAP<br />
11.4.3. UDDI data structure<br />
The core information model used by UDDI registries is defined in<br />
an XML schema (http://www.uddi.com/schema/uddi_l.xsd), which
332 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
defines business information, service information, binding information<br />
and information about specifications for services. The basic organization<br />
of the UDDI data structures is as follows (see Figure 11.3):<br />
Business Entity — (<strong>to</strong>p level structure that describes a business)<br />
-Business Service — (describes a service and groups a series of<br />
related Web services related either <strong>to</strong> a<br />
category of services business process or a<br />
category of servicesuch as purchasing and<br />
security)<br />
-Binding Template —> points <strong>to</strong> a tModel (contains the information<br />
required <strong>to</strong><br />
actually invoke this<br />
service)<br />
-Binding Template —> points <strong>to</strong> a tModel<br />
-other Binding Templates ...<br />
-other Business Services ...<br />
-Binding Templates ...<br />
tModels is a list of references that provide the access information,<br />
i.e., metadata about Web services. Each binding element contains this<br />
element. There is an m:n (many-<strong>to</strong>-many) relationship between business<br />
services and tModels.<br />
<br />
-name<br />
-description<br />
-URL pointers <strong>to</strong> specifications<br />
Since each business entity, business service and tModel can be<br />
associated with single or multiple categories and identifiers, UDDI<br />
supports precise search based on these categories and identifiers.
usinessEntity: Information about the<br />
party vho publishes information about a<br />
service<br />
!<br />
I j businessService: Descriptive<br />
WimsmW i nf orm atio n a bo ut a pa |-ti ou la r<br />
family of technical services<br />
Source: uddi.org<br />
""-"> bind ngTempi ate: Technical<br />
I information about a service entry<br />
point and construction specilcations<br />
ff<br />
Figure 11.3. — UDDI data structure<br />
Web Services 333<br />
', tModel: Descriptions of specifications ,<br />
fo r se rvices o f taxon om i es. Ba sis for<br />
teehn ica I fi n gerp rints<br />
bindingTemplate data contains references<br />
<strong>to</strong>tModels. These references designate the<br />
interface spedficationsfor a service.<br />
Note: Please refer <strong>to</strong> Appendix B for UDDI Information Model.<br />
11.4.4. UDDI APIs<br />
UDDI supports two types of APIs that allow users <strong>to</strong> publish and access<br />
Web services maintained in the UDDI registry.<br />
• Inquiry API — As the name itself indicates, inquiry API allows<br />
users <strong>to</strong> inquire and locate a business, Web service and its<br />
specifications. It is also used in situations where Web service<br />
invocations experience failures.<br />
• Publishers' API — This API enables the companies <strong>to</strong> publish<br />
information about business entities, services and tModels in<strong>to</strong> a<br />
UDDI registry.<br />
11.5. Web Services Description Language (WSDL)<br />
WSDL is an XML language that describes a Web service, specifies its<br />
location, describes the operations (i.e., methods) it exposes, defines the<br />
XML messages it generates and exchanges and its binding details.<br />
WSDL is a format for describing networked XML services in terms of<br />
'endpoints', which are a way <strong>to</strong> request XML-related functionality from<br />
a remote machine over a network such as the Internet. It standardizes
334 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
the format of publishing the operations of a service with their respective<br />
parameters and data types, defining the location and binding details of<br />
the service.<br />
WSDL syntax enables both the messages and the operations on the<br />
messages <strong>to</strong> be defined abstractly, so that they can be mapped <strong>to</strong><br />
multiple physical implementations, such as SOAP, HTTP and MIME.<br />
WSDL is independent of the underlying pro<strong>to</strong>col and encoding<br />
requirements, thereby enabling dynamic cross-platform integration.<br />
11.5.1. WSDL schema<br />
A WSDL XML schema (as defined by IBM and Microsoft) includes the<br />
following parts:<br />
• Types — a container for the different data types contained in the<br />
message, which can be in the form of XML schemas or some type<br />
system (such as XSD);<br />
• Message — an abstract description of the data being exchanged that<br />
can be presented as full documents or as arguments mapped <strong>to</strong> an<br />
operation invocation;<br />
• Operation — an abstract definition of an action (such as a business<br />
process) supported by a Web service;<br />
• Port Type — an abstract collection of operations that are mapped <strong>to</strong><br />
one or more endpoints, which enables the operations <strong>to</strong> map <strong>to</strong> one<br />
or more transport pro<strong>to</strong>cols;<br />
• Binding — used <strong>to</strong> attach a concrete pro<strong>to</strong>col and data format<br />
specification for a port type;<br />
• Port — an endpoint defined as a combination of binding a<br />
network address, which provides the target address of the service<br />
communication; and<br />
• Service — a collection of related endpoints that map the binding <strong>to</strong><br />
the port and include any extensibility definition.<br />
11.5.2. WSDL and UDDI<br />
WSDL complements the UDDI standard by providing a uniform way of<br />
describing the interface and pro<strong>to</strong>col bindings of network services.
Web Services 335<br />
According <strong>to</strong> the technical specifications made available by IBM and<br />
Microsoft, UDDI-based Web services can be created using WSDL by<br />
the following steps:<br />
1. Create the WSDL service interface definition. Typically, industry<br />
groups will define a set of service types and describe them with one<br />
or more service interface definition WSDL documents. The service<br />
interface definition will include service interfaces and pro<strong>to</strong>col<br />
bindings and will be made publicly available. The WSDL service<br />
interface definitions are then registered as UDDI tModels; the<br />
overviewDoc field in each new tModel will point <strong>to</strong> the corresponding<br />
WSDL document.<br />
2. Build services that conform <strong>to</strong> the industry standard service definitions.<br />
To do so, retrieve the tModel description of the industry standard<br />
definition and (following the overviewDoc link) obtain the<br />
corresponding WSDL definition document.<br />
3. Deploy and register the new service in the UDDI reposi<strong>to</strong>ry. To do<br />
so, create a UDDI businessService data structure and then register it.<br />
11.6. Web Services Flow Language (WSFL)<br />
The Web Services Flow Language (WSFL) is an XML language for the<br />
description of Web services compositions. It provides the ability <strong>to</strong><br />
compose Web services <strong>to</strong>gether, describe business processes, create<br />
workflows and describe overall interactions between varying Web<br />
services with no specified sequence. It provides a specification for<br />
implementing business process models, using Web services architecture,<br />
and is used for creating XML-based representation of business models.<br />
WSFL is layered on <strong>to</strong>p of the WSDL. WSDL describes Web<br />
services endpoints where individual business operations can be accessed,<br />
whereas WSFL uses WSDL for the description of service interfaces and<br />
their pro<strong>to</strong>col bindings.<br />
11.7. Putting Everything Together<br />
After having discussed all the components of Web services, let's try <strong>to</strong><br />
redefine them. A Web service is a modular application that can be:
336 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Figure 11.4. — Example of Web Services in <strong>B2B</strong> applications<br />
Supplier C<br />
• Described using WSDL;<br />
• Published using UDDI;<br />
• Found using UDDI;<br />
• Bound using SOAP (or HTTP GET /POST);<br />
• Invoked using SOAP (or HTTP GET/POST); and<br />
• Composed with other services in<strong>to</strong> new services using WSFL.<br />
Figure 11.4 shows an example of actual use of Web services in a<br />
<strong>B2B</strong> application, where a buyer gets information about Web services of<br />
suppliers using private UDDI registry and invokes these services over<br />
the Internet <strong>to</strong> get quotes for a specific item.<br />
11.8. Essential Features of a Web Services<br />
Framework<br />
A Web services framework for EAI and <strong>B2B</strong>i has <strong>to</strong> provide an<br />
integrated development environment and platform for easily building<br />
and deploying Web Services and service components. There are a few<br />
essential features that Web Services solution vendors will have <strong>to</strong><br />
incorporate in order <strong>to</strong> successfully support Web Services, without<br />
which their use and adoption within companies is not possible. They<br />
are (see Figure 11.5):<br />
• Easy and secured connectivity <strong>to</strong> private and public UDDI, or any<br />
other reposi<strong>to</strong>ry;
Connectivity <strong>to</strong><br />
Public and Private UDDI<br />
Reliable Messaging Strong Security<br />
Built-in Transaction<br />
Registry Management<br />
Web Services 337<br />
Features of<br />
Web Services T „ .. ...<br />
Scalable Solution <strong>Integration</strong> with<br />
Execution Existing Infrastructure<br />
Environment (such as J2EE Servers,<br />
<strong>Integration</strong> Brokers)<br />
Failover Capability<br />
and Load Balancing<br />
Administrative Development,<br />
Tool Deployment<br />
and Publishing Tool<br />
<strong>Integration</strong> with<br />
Legacy Systems<br />
Figure 11.5. — Features of Web Services solution<br />
• Effective audit mechanism, through which the access and usage of<br />
Web Services can be closely moni<strong>to</strong>red;<br />
• Efficient security safeguards, such as policy management and<br />
authentication, for the access and usage of Web Services;<br />
• Easy development, deployment, publishing, finding and dynamic<br />
binding for Web Services interfaces;<br />
• A stable environment for rapid development of Web Services-based<br />
applications; and<br />
• Workflow management and personalization.<br />
11.9. Security Requirements for Web Services<br />
No matter how big a company is or what it does, security will be<br />
the primary consideration when choosing a Web service for all <strong>B2B</strong><br />
applications. The key security requirements for the usage of Web services<br />
are authentication, authorization, data protection, and non-repudiation.
338 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
11.9.1. Authentication<br />
Authentication is a security requirement that ensures each entity involved<br />
in the usage of a Web service — the requester, the provider, and the<br />
broker (if there is one) — is what it actually claims <strong>to</strong> be. Authentication<br />
involves accepting credentials from the entity and validating them<br />
against an authority. While Web services for EAI should have one level<br />
of authentication and rarely make use of encryption, Web services for<br />
<strong>B2B</strong>i may involve multiple levels of authentication and should always<br />
use encryption. Of course, there will always be a tradeoff between<br />
robust security and performance.<br />
11.9.2. Authorization<br />
Authorization is a security requirement that determines whether the<br />
reques<strong>to</strong>r has been granted access <strong>to</strong> the Web service by the service<br />
provider. Basically, authorization confirms the service reques<strong>to</strong>r's<br />
credentials — checks that the service reques<strong>to</strong>r is entitled <strong>to</strong> perform<br />
the operation, which may range from invoking the Web service <strong>to</strong><br />
executing a certain part of its functionality.<br />
11.9.3. Data protection<br />
Data protection is a security requirement that ensures that the Web<br />
service request and response have not been tampered with en route.<br />
Data protection requires securing both data integrity and privacy. It is<br />
worth mentioning that data protection does not guarantee the identity<br />
of the message sender. In the case of <strong>B2B</strong>i projects, the messages<br />
corresponding <strong>to</strong> Web service request and response should always be<br />
encrypted, using one or more of the following: cryp<strong>to</strong>graphy, digital<br />
signatures, secured socket layer (SSL), and so on. The use of SSL<br />
should be avoided, as far as possible, for Web services used within the<br />
corporate network for EAI projects.<br />
11.9.4. Non-repudiation<br />
Non-repudiation guarantees that the sender of a message is the same as<br />
the crea<strong>to</strong>r of the message. This is very useful for Web services used in
Web Services 339<br />
the <strong>B2B</strong>i domain, as otherwise a malicious sender can later disavow<br />
having created and sent a specific message.<br />
The importance of each one of these requirements is determined on<br />
an application-<strong>to</strong>-application basis and fac<strong>to</strong>rs such as whether the Web<br />
Service is being used for EAI or <strong>B2B</strong>i, what's the level of access that<br />
the Web service provides <strong>to</strong> the underlying and should the access be<br />
based authorization and entitlements. But, one thing is for sure —<br />
security is one of the primary fac<strong>to</strong>rs that would determine the adoption<br />
of Web Services by companies of all sizes and in all sec<strong>to</strong>rs.<br />
11.10. Where <strong>to</strong> Start?<br />
Companies should start using Web services in internal application<br />
integration projects on a function, application programming interface<br />
(API) or remote procedure call (RPC) level. This will orient the IT staff<br />
with the technology issues involved in using Web services, which<br />
would be very helpful in overcoming the challenges later posed when<br />
the company uses Web services for external application integration<br />
(<strong>B2B</strong> integration) projects. It is much easier <strong>to</strong> control, manage, find,<br />
execute and maintain Web services within an intranet, as compared <strong>to</strong><br />
using them over the Internet across the corporate firewall. Furthermore,<br />
it would help companies in identifying business opportunities using<br />
standardized and relatively cheap Web services solutions as opposed <strong>to</strong><br />
expensive EAI broker solutions.<br />
Web services will gradually evolve from an EAI solution <strong>to</strong> a <strong>B2B</strong>i<br />
solution over a period of time.<br />
11.10.1. Leverage existing assets<br />
It would be utterly naive of companies <strong>to</strong> scrap the existing EAI<br />
infrastructure and blindly march <strong>to</strong>wards deploying Web Services <strong>to</strong><br />
replace it. Companies cannot s<strong>to</strong>p using the EAI middleware frameworks,<br />
which provide full transactional services, in lieu of Web Services,<br />
which don't (as yet). Instead, they should use Web Services <strong>to</strong> leverage<br />
existing infrastructure.<br />
Using Web Services, companies will also be able <strong>to</strong> leverage the<br />
resources they have invested in implementing any .NET and/or J2EE
340 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
projects. Web Services technology works hand-in-hand in .NET and<br />
J2EE technologies, rather than as a competing technology. For instance,<br />
J2EE connec<strong>to</strong>rs give developers an interface for accessing legacy<br />
transactions and data, whereas Web services provide a uniform, standardsbased<br />
technique for exposing application functionality over the Internet<br />
or the corporate intranet.<br />
11.10.2. Build an internal reposi<strong>to</strong>ry for Web Services<br />
Early on in their adoption of Web Services, companies should make an<br />
effort <strong>to</strong> develop an internal centralized service reposi<strong>to</strong>ry for publishing<br />
information that internal applications can use <strong>to</strong> find information about<br />
published Web Services. If each group and department starts maintaining<br />
their own reposi<strong>to</strong>ry, over time there will be several reposi<strong>to</strong>ries within<br />
the company, making the publishing, discovery and use of Web Services<br />
a painful and time consuming process.<br />
11.10.3. Bot<strong>to</strong>m line<br />
Web Services, by themselves, are not the nirvana for EAI or <strong>B2B</strong>i. An<br />
EAI and/or <strong>B2B</strong>i platform within a Fortune 500 company would still<br />
comprise multiple solutions which <strong>to</strong>gether would offer both non-real<br />
time and real-time integration, support for managing semantic<br />
transformations, business process integration and application integration,<br />
based on open standards and proprietary formats.<br />
11.11. Web Services Networks<br />
The use of Web services for <strong>B2B</strong>i will be enabled through the emergence<br />
of trusted managers, known as Web services networks. Web services<br />
networks will be built on open Internet standards, including Web services.<br />
They will take on the responsibility for managing the security, transaction<br />
management, versioning, publishing, finding and deploying Web services.<br />
They will help in overcoming the biggest hurdle of using third party Web<br />
services for <strong>B2B</strong>i — the inherent unreliability of unqualified sources.<br />
Grand Central Network is an example of such a Web services oriented<br />
network.
Web Services 341<br />
It is worth mentioning, though, that over time there will be <strong>to</strong>o many<br />
of such networks and companies will have <strong>to</strong> make diligent choices<br />
about joining them. Most of these networks will meet the same fate as<br />
several e-marketplaces, which sprung up all over and gradually started<br />
<strong>to</strong> disappear.<br />
11.12. Conclusion<br />
The Web services architecture enables the creation of dynamic and<br />
loosely coupled applications, based on the public services that companies<br />
expose. It provides a data independent, platform neutral, programming<br />
language independent and a communication pro<strong>to</strong>col independent<br />
technology that reveals business services on the Internet, using standard<br />
XML pro<strong>to</strong>cols and formats.<br />
Instead of the conventional static binding, since Web services allow<br />
dynamic binding of applications, its architecture will be of enormous<br />
relevance <strong>to</strong> several <strong>B2B</strong> applications like product collaboration, shared<br />
business processes applications and value chains.<br />
The Universal Description, Discovery and <strong>Integration</strong> (UDDI)<br />
framework allows companies <strong>to</strong> search and discover Web services<br />
based on categories such as industry classification and business function<br />
or type of service.<br />
Several companies such as IBM, Ariba, Microsoft, Sun Microsystems<br />
and Hewlett Packard are betting on the Web services development<br />
paradigm.
Chapter "] 2<br />
Wireless Technologies<br />
The focus of this chapter<br />
Wireless technology will play a crucial role in <strong>B2B</strong> interactions and<br />
transactions. Mobile e-<strong>commerce</strong> is still evolving rapidly while e<strong>commerce</strong><br />
has reached a more mature stage. Global mobile e-<strong>commerce</strong><br />
is projected <strong>to</strong> have revenues of $200 billion by 2004, with 130 million<br />
cus<strong>to</strong>mers and 14 billion transactions annually.<br />
In this chapter, we present the benefits of mobile <strong>commerce</strong>, wireless<br />
application architecture and components including Wireless Access<br />
Pro<strong>to</strong>col (WAP), Wireless Markup Language (WML) and WMLScript.<br />
You will also learn about the security issues involved in wireless<br />
applications, examples of wireless <strong>B2B</strong> applications and integration of<br />
these applications with the <strong>B2B</strong>i infrastructure.<br />
342
12.1. Introduction<br />
Wireless Technologies 343<br />
Business-<strong>to</strong>-business (<strong>B2B</strong>), business-<strong>to</strong>-consumer (B2C) and business<strong>to</strong>-employee<br />
(B2E) have all involved wired interactions over telephone,<br />
fax, local area network (LAN), Internet and intranet among entities and<br />
individuals. Exceptions have been those rare field workers, such as UPS<br />
deliverymen and the field employees of progressive companies, who<br />
have employed wireless technologies.<br />
E-<strong>commerce</strong> involves wired transactions through Websites and can<br />
involve either businesses or individuals that take part in transactions<br />
with other businesses. In contrast, mobile e-<strong>commerce</strong> (m-<strong>commerce</strong>)<br />
involves the same types of entities, but the transactions are performed<br />
wirelessly. M-<strong>commerce</strong> is still evolving rapidly while e-<strong>commerce</strong> has<br />
reached a more mature stage. Table 12.1 outlines the salient technical<br />
differences between e-<strong>commerce</strong> and m-<strong>commerce</strong>. In terms of devices,<br />
content delivery standards and bearer networks, m-<strong>commerce</strong> is far<br />
more complex than e-<strong>commerce</strong>. The purpose of this chapter is <strong>to</strong><br />
examine wireless technologies in the context of <strong>B2B</strong>i.<br />
Table 12.1. E-<strong>commerce</strong> and m-<strong>commerce</strong> — Technical components<br />
Components<br />
Devices<br />
Operating System<br />
Content Delivery<br />
Standards<br />
Browsers<br />
Bearer Networks<br />
PC<br />
E-<strong>commerce</strong><br />
Windows, Unix, Linux<br />
HTML<br />
MS Explorer, Netscape<br />
Naviga<strong>to</strong>r<br />
TCP/IP<br />
M-<strong>commerce</strong><br />
Smartphones (low and high<br />
end), PDAs, pagers<br />
EPOC, PocketPC, Palm<br />
HTML, WML, HDML, cHTML<br />
Phone.com's UP, Nokia<br />
GSM, CDMA, TDMA, CDPD,<br />
paging networks
344 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
12.2. The Wireless Internet Today<br />
Let us take a look at the wireless Internet as it stands <strong>to</strong>day.<br />
12.2.1. Definition and growth<br />
The phrase 'Mobile Internet' conjures up images of an individual with<br />
the ability <strong>to</strong> get whatever information desired, wherever and whenever<br />
needed and on virtually any device — tethered or untethered. The<br />
reality is that we are not quite at that point yet. The extant wireless or<br />
mobile Internet is in an evolutionary phase akin <strong>to</strong> the one the traditional<br />
Web entered in the mid 1990s. At that time there were only a limited<br />
number of online services that were available <strong>to</strong> users. A salient<br />
difference between the wired (i.e., tethered) and unwired (i.e., untethered)<br />
or mobile Web is that there is no longer serious doubt as <strong>to</strong> whether<br />
select consumers and companies will want <strong>to</strong> use the Web <strong>to</strong> purchase<br />
goods and services from their desk or while on the run. People want <strong>to</strong><br />
take their technology with them and thus the potential for the mobile<br />
Internet has already gained a wide and growing acceptance.<br />
Mobile e-<strong>commerce</strong> or m-<strong>commerce</strong>, as it is sometimes termed,<br />
involves the use of mobile handheld devices, such as mobile phones,<br />
personal digital assistants (PDAs) and two-way pagers <strong>to</strong> communicate,<br />
interact and transact. The purpose of these handheld devices is <strong>to</strong> use<br />
wireless technologies <strong>to</strong> provide convenient, personalized and locationbased<br />
services <strong>to</strong> cus<strong>to</strong>mers, employees, partners and ordinary people.<br />
There is no doubt that the m-<strong>commerce</strong> market has the potential <strong>to</strong><br />
explode. Wireless subscribers have been projected <strong>to</strong> grow from<br />
400 million in 1999 <strong>to</strong> over 1 billion in 2003. This means that in the<br />
near future, approximately 1 in 6 people on earth will have access <strong>to</strong> a<br />
cell phone. Wireless Internet subscribers have been projected <strong>to</strong> grow<br />
from 6 million in 1999 <strong>to</strong> over 400 million in 2003. For most people,<br />
the wireless Internet may be the only Internet that they use on a regular<br />
basis. Global m-<strong>commerce</strong> is projected <strong>to</strong> have revenues of $200 billion<br />
by 2004, with 130 million cus<strong>to</strong>mers and 14 billion transactions annually.<br />
Table 12.2 outlines commonly cited wireless Internet projections.<br />
Since these projections were made at an initial stage, the technology<br />
sec<strong>to</strong>r has imploded, particularly in the United States. However,
Wireless Technologies 345<br />
Table 12.2. U.S. wireless internet access device projections (in millions)<br />
Device<br />
High-end smartphones<br />
Low-end smartphones<br />
Net-capable PDAs<br />
Alpha-numeric pagers<br />
E-books<br />
1999<br />
0.3<br />
0.8<br />
5.2<br />
2.4<br />
0.0<br />
2000<br />
0.8<br />
5.3<br />
6.9<br />
3.5<br />
0.6<br />
2001<br />
1.6<br />
27.7<br />
8.6<br />
4.7<br />
1.3<br />
2002<br />
2.4<br />
57.5<br />
10.3<br />
5.9<br />
2.1<br />
2003<br />
technological progress has continued and will continue <strong>to</strong> be inexorable.<br />
When economic fortunes change for the better, people will still want <strong>to</strong><br />
take their technology with them. This bodes well for wireless.<br />
12.2.2. Mobile benefits<br />
It is conceivable that m-<strong>commerce</strong> will expand across several industries<br />
initially: transportation and travel — au<strong>to</strong>motive and air travel; financial<br />
services — retail banking, brokering and the use of mobile 'wallets';<br />
media and entertainment — newspapers, music, video and gaming.<br />
Mobile offerings will undoubtedly evolve with technology and as dictated<br />
by the desires of early adopters.<br />
For example, in 1999, one could get news through personal instant<br />
messaging (PIM) and short message services (SMS). In 2000, this<br />
evolved <strong>to</strong> what might be termed communication enhancements: e-mail,<br />
instant messaging (IM), wireless application pro<strong>to</strong>col (WAP) alerts and<br />
the provision of direc<strong>to</strong>ries wirelessly. At present, the floodgates have<br />
been opened <strong>to</strong> the point that the provision of easy and secure transactions<br />
that include single-click procurement of goods, event and locationspecific<br />
applications, trading, reservations and the ability <strong>to</strong> participate<br />
in auctions are possible. With enhanced bandwidth and the advent of<br />
applications with built-in artificial intelligence <strong>to</strong> the mobile space in<br />
2003 and beyond, the mobile Internet will evolve <strong>to</strong> the provision of<br />
3.5<br />
75.9<br />
12.0<br />
7.7<br />
3.0
346 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
personalized advice and one-<strong>to</strong>-one marketing, as well as multimedia<br />
applications.<br />
Benefits of mobile Internet technology include:<br />
Direct data access and collection<br />
Decision-makers need <strong>to</strong> ask themselves what elements of operations<br />
of their businesses may benefit from mobile data at the actual point of<br />
activity. Already some models are evident. For example, in the area of<br />
sales force au<strong>to</strong>mation and in healthcare, companies are providing<br />
physicians with access <strong>to</strong> patients' records and data on drug interactivity<br />
via their PDAs. Several companies have developed applications that<br />
permit physicians <strong>to</strong> write prescriptions on a handheld device, which<br />
are then wirelessly transmitted <strong>to</strong> pharmacies. The benefit <strong>to</strong> consumers<br />
is that prescribed medications can now be ready for patients when they<br />
arrive at the drugs<strong>to</strong>re. Errors resulting from hard-<strong>to</strong>-read prescriptions<br />
and drug interactions will be eliminated.<br />
Mobile employees can access centrally s<strong>to</strong>red data in real-time. They<br />
can also gather and upload data <strong>to</strong> company servers that can be viewed<br />
and used by their colleagues and cus<strong>to</strong>mers back at the office or in<br />
other locations around the globe. The proprietary handheld data-collection<br />
devices employed by overnight delivery companies such as FedEx and<br />
UPS are the most obvious examples of this capability. These companies<br />
have been performing this type of sophisticated mobile data collection<br />
for years. More recently, they have developed technological advances<br />
such as electronic signature capture via pressure-sensitive tablets. New<br />
developments entail on-the-fly data upload <strong>to</strong> central servers around the<br />
globe.<br />
Accuracy and speed<br />
Mobile data collection means that information need only be entered<br />
once before it becomes a part of a company's database. This streamlines<br />
collection, transcription and access, which result in improved accuracy<br />
and enhanced speed. These efficiencies can be transferred directly <strong>to</strong> a
Wireless Technologies 347<br />
company's bot<strong>to</strong>m line, as redundant processes and opportunities for<br />
error are eliminated.<br />
There are numerous everyday examples. A sales representative taking<br />
a cus<strong>to</strong>mer's order in the field could easily select a cus<strong>to</strong>mer's account,<br />
as well as model numbers, colors and other criteria desired, from preset<br />
or contextual menus on a mobile device. The order could then be easily<br />
transmitted wirelessly <strong>to</strong> the company's back-end servers where the<br />
cus<strong>to</strong>mer database resides and where it would au<strong>to</strong>matically enter the<br />
fulfillment process. Without mobile technology, the sales agent would<br />
have a number of other more pedestrian options. The agent would<br />
either need <strong>to</strong> wait until he reached a networked computer <strong>to</strong> input the<br />
order or, alternately, he could fax or call in the order <strong>to</strong> the home office,<br />
where another employee would have <strong>to</strong> enter it in<strong>to</strong> the system. Each of<br />
these more pedestrian alternatives unnecessarily complicates the ordering<br />
process, slowing it down and decreasing its accuracy.<br />
Communications in real-time<br />
As alluded <strong>to</strong> earlier, mobile messaging and file transfer applications<br />
permit individuals <strong>to</strong> send and receive files without the delay of first<br />
finding a networked PC terminal. An example is Cendant, the company<br />
that owns realty franchises Century 21, ERA and Coldwell Banker. This<br />
forward-looking firm is in the process of equipping all of its agents<br />
with two-way smart pagers capable of sending and receiving e-mail.<br />
This will permit the agents, who may be out of the office for considerable<br />
periods of time, <strong>to</strong> respond more quickly <strong>to</strong> cus<strong>to</strong>mer inquiries. There<br />
are other examples. At large law firms and investment banks like<br />
Skadden Arps and Goldman Sachs, professionals receive RIM (Research<br />
in Motion) Blackberry devices, affording them round-the-clock access<br />
<strong>to</strong> e-mail.<br />
12.3. Wireless Application Architecture<br />
and Components<br />
Figure 12.1 is an example of an existing technical architecture that<br />
integrates a wired Website with a wireless access component.
348 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Mobile Base<br />
Station<br />
WAP Gateway ;<br />
±<br />
Jill-,<br />
Base Station;<br />
Controtier ><br />
-#• Internet<br />
Public Access<br />
Private Access<br />
App Server<br />
Web Server<br />
Hydra<br />
Web<br />
Web Server<br />
it<br />
App Server<br />
Figure 12.1. — Existing technical environment<br />
Production<br />
Mirror<br />
Region<br />
Production<br />
Region<br />
Internal<br />
Database<br />
As can be seen in this figure, addition of a WAP gateway, which<br />
interacts with the base station controller, mobile base station and mobile<br />
phone, permits this wired architecture <strong>to</strong> have a wireless component.<br />
Some of the most important components of wireless applications<br />
include:<br />
Wireless Network Middleware<br />
The intermediate software component generally located on the wired<br />
network between the wireless appliance and the application or data<br />
residing on the wired network is referred <strong>to</strong> as wireless network<br />
middleware. The purpose of middleware is <strong>to</strong> increase the performance<br />
of applications running across a wireless network. In order <strong>to</strong> accomplish<br />
this, middleware attempts <strong>to</strong> mitigate wireless network impairments,<br />
such as limited bandwidth and network connection disruptions. The<br />
handheld device communicates with middleware, using a wireless<br />
network optimized pro<strong>to</strong>col. The middleware then communicates with<br />
the actual application or database, using applicable connectivity software.
Wireless Technologies 349<br />
Many middleware products possess features that go beyond the basic<br />
functionality of connecting appliances <strong>to</strong> applications and databases<br />
located on the wired network. The important features of wireless network<br />
middleware are:<br />
Optimization Techniques — Middleware often includes data compression<br />
at the transport layer <strong>to</strong> help minimize the number of bits sent over the<br />
wireless link. A variety of compression algorithms are employed <strong>to</strong><br />
perform the compression, including V.42bis, Hoffman encoding, runlength<br />
encoding and proprietary compression techniques. Some<br />
middleware use header compression.<br />
Intelligent Restarts — Unfortunately, with wireless networks a<br />
transmission may be disrupted due <strong>to</strong> interference or operational<br />
problems. A recovery mechanism often employed is an intelligent restart<br />
that detects when a transmission has been cut and when the connection<br />
is reestablished. With intelligent restart, the middleware resumes<br />
transmission from the breakpoint, instead of at the beginning of the<br />
transmission.<br />
S<strong>to</strong>re-and-Forward Messaging — In order <strong>to</strong> ensure message delivery<br />
<strong>to</strong> users who may become disconnected from the network for a period<br />
of time, middleware performs message queuing. Once the station comes<br />
back online, the middleware will send the s<strong>to</strong>red messages <strong>to</strong> the<br />
station.<br />
Screen Scraping and Reshaping — Many middleware products have a<br />
development environment that enables a developer <strong>to</strong> use visual <strong>to</strong>ols <strong>to</strong><br />
'scrape' and 'crop' portions of existing application screens <strong>to</strong> fit within<br />
the smaller display of data collec<strong>to</strong>rs.<br />
Operational Support Mechanisms — Some middleware products moni<strong>to</strong>r<br />
the performance of handheld devices through utilities and <strong>to</strong>ols, which<br />
enable IT personnel <strong>to</strong> better troubleshoot problems.<br />
Middleware connectivity often possesses the following attributes:<br />
Highly efficient operation over wireless networks — Middleware reduces<br />
the load on the wireless network through the use of optimization<br />
techniques, such as data compression and screen scraping.
350 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Appliance or host/server programming not required — The preponderance<br />
of wireless middleware products possess a development environment<br />
that shields the developer from having <strong>to</strong> understand the appliance and<br />
host-based development environments.<br />
Mainframe <strong>to</strong> client/server systems migration supported — Many<br />
companies are migrating from mainframes <strong>to</strong> client/server systems.<br />
Middleware is a cost-effective solution for supporting these migrations,<br />
enabling connections <strong>to</strong> both mainframes and client/server databases,<br />
simultaneously.<br />
Multiple-vendor appliances support — Most middleware products<br />
interface with a wide variety of handheld devices.<br />
12.3.1. Wireless Access Pro<strong>to</strong>col (WAP)<br />
Wireless Application Pro<strong>to</strong>col (WAP) is an open, global standard that<br />
enables mobile devices <strong>to</strong> be compatible with the majority of bearer<br />
networks such as Code Division Multiple Access (CDMA), Global<br />
System for Mobile Communications (GSM) and next-generation network<br />
standards. WAP has been constructed on modified Internet pro<strong>to</strong>cols<br />
and permits mobile devices on non IP-based networks <strong>to</strong> connect <strong>to</strong> the<br />
Internet.<br />
WAP is an application environment and a communications pro<strong>to</strong>col.<br />
WAP sits astride a variety of wireless carriers and provides services<br />
such as compression, encryption, the integration of telephony and data<br />
services and, most importantly, the wireless application architecture that<br />
permits the building of WAP application programs that run on smart<br />
phones (i.e., WAP applications). In a practical sense, WAP applications<br />
deliver WML-tagged, instead of HTML-tagged documents <strong>to</strong> a browser.<br />
Usability challenges include the following: Internet on mobile devices,<br />
small screens, phone keypad, slow connection speeds and no standardized<br />
browser behavior. An often-mentioned competi<strong>to</strong>r <strong>to</strong> WML is cHTML<br />
that has been popularized by Japan's iMode service.<br />
The success of this standard will depend on the penetration of WAPenabled<br />
devices, the development and recognition of useful applications<br />
and the rollout of WAP gateways from Ericsson, Mo<strong>to</strong>rola, Nokia and<br />
Phone.com. Negatives of WAP are associated with the fact that it offers
Wireless Technologies 351<br />
a somewhat limited development environment, particularly for more<br />
media-rich devices such as Microsoft's PocketPC and Palms IIIc.<br />
12.3.2. Wireless Markup Language (WML)<br />
Phone.com's HDML (Handheld Device Markup Language) served as<br />
the basis for Wireless Markup Language (WML). WML is a descendant<br />
of Standardized General Markup Language (SGML) and XML. It is<br />
optimized for low bandwidth and is specified by the WAP Forum.<br />
WML looks a lot like Hypertext Markup Language (HTML), but uses a<br />
deck and card metaphor. It contains variables that can be used in all<br />
cards in the same deck.<br />
WML differentiates from HTML in the following ways: it is case<br />
sensitive, the standalone tags end with a '/', form tags are not needed<br />
and select lists do not look the same. Tables are not as dynamic as with<br />
HTML and WML has strong semantics: no errors are allowed. The<br />
parts of a WML 'page' consist of a deck and one or more cards. The<br />
<strong>to</strong>p-most card is the first <strong>to</strong> be displayed. An action can be taken in<br />
response <strong>to</strong> other events, such as timer timeouts. A card can also set<br />
variables that can be used by other cards or WMLScripts. Variables set<br />
in one card can be used in others, as long as the memory is not erased.<br />
WML building blocks are cards (e.g., ), paragraph items<br />
(e.g., , ) text formatting (e.g., , ), tables and<br />
images (e.g., ), select and anchor (e.g., ), input field and set variables (e.g., ), triggers (e.g., ).<br />
Since WAP applications are XML-based programs, they must start<br />
out with a valid XML prologue containing the XML version and a<br />
pointer <strong>to</strong> the XML definition of the language being used. Examples of<br />
code follow:<br />
352 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
1.<br />
2.<br />
3.<br />
4.<br />
5.<br />
6.<br />
7.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
12.3.3. WMLScript<br />
Continued from page 351<br />
paragraph<br />
check the Accept and Previous<br />
but<strong>to</strong>ns<br />
go <strong>to</strong> this URL<br />
perform and action<br />
close do loop<br />
end card<br />
WMLScript is a scripting language that employs procedural logic,<br />
loops and conditionals that are optimized for small-memory, small-CPU<br />
devices. It is derived from European Computer Manufacturers Script<br />
(ECMAScript). WMLScript is integrated with WML, which results in<br />
a powerful extension mechanism that serves <strong>to</strong> reduce overall network<br />
traffic and enhance functionality. Typically, WMLScript is used for field<br />
validation, device extensions and conditional logic. With WMLScript,<br />
compiled byte code is transferred <strong>to</strong> the terminal. Standard libraries<br />
include: Lang for general purpose math functionality, string processing,<br />
Universal Resource Loca<strong>to</strong>r (URL) processing, WML browser interface,<br />
dialogue and floating point functions.<br />
Some representative code is as follows:<br />
1.<br />
2.<br />
3.<br />
4.<br />
5.<br />
6.<br />
The WMLScript example — Script part<br />
//random.wmls<br />
external function getRandom ( ) {<br />
var r= Lang.random(lOO)<br />
WMLBrowser.setVar("result", r);<br />
WMLBrowser.go("random.wml#card2");<br />
}<br />
The WML part which calls WMLScript<br />
comment<br />
start of function<br />
variable<br />
end of function
1.<br />
2.<br />
3.<br />
4.<br />
5.<br />
6.<br />
7.<br />
8.<br />
9.<br />
10.<br />
11.<br />
<br />
<br />
Randomize<br />
<br />
<br />
12.4. Wireless Security Issues<br />
Wireless Technologies 353<br />
start of wml<br />
identifies cardl<br />
title<br />
do loop which runs<br />
WMLScript<br />
close do loop<br />
closes cardl<br />
identifies card2<br />
puts out Random<br />
result<br />
closes card2<br />
end of wml<br />
The advantages of wireless communication are being overshadowed by<br />
its weaknesses: low bandwidth, high-latency connections, broadcast<br />
medium, low power (battery powered) and 'security' risks.<br />
Security becomes manda<strong>to</strong>ry in such a mobile network, as it is hard<br />
<strong>to</strong> restrict access <strong>to</strong> network resources physically. The necessity for<br />
security is due <strong>to</strong> the existence of hackers, viruses, intruders, Internetbased<br />
attacks, disgruntled current and ex-employees and industrial<br />
espionage. In this section, we will discuss the threats <strong>to</strong> the security of<br />
networks and also how they specifically relate <strong>to</strong> the wireless network.<br />
We will also present the security solutions for wireless networks.<br />
12.4.1. Security of mobile systems<br />
Data transmission security is an essential part of wireless network<br />
engineering. Since access <strong>to</strong> the network cannot be restricted physically,<br />
cryp<strong>to</strong>graphic methods must be used <strong>to</strong> protect transmitted data and<br />
network elements. Aspects that should be considered are data<br />
confidentiality, data authenticity and service availability.<br />
The mobile system should have functions and protection so that:
354 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• The information is not known <strong>to</strong> intruders (confidentiality);<br />
• The information is not altered by unauthorized persons (integrity);<br />
and<br />
• The information is accessible <strong>to</strong> authorized users (availability).<br />
First generation systems<br />
Analog cellular systems, such as Nordic Mobile Telephone (NMT),<br />
Advanced Mobile Phone System (AMPS), and Total Access<br />
Communication System (TACS) are considered first generation (1G)<br />
technologies. These systems are nowadays considered quite insecure.<br />
Cloning of the analog terminals is possible and in some systems<br />
widespread. Terminal cloning compromises the security of charging,<br />
which leads <strong>to</strong> loss of profit and reduces the consumer's trust of mobile<br />
service. In many cases, the lack of security has been the main reason<br />
for the decision <strong>to</strong> prematurely close the 1G networks.<br />
Second generation systems<br />
Second generation (2G) systems use digital radio transmission techniques<br />
and digital speech coding. 2G systems were designed for voice, although<br />
they now also transport a limited amount of low speed data<br />
communication.<br />
The 2G systems include:<br />
• The GSM family which has been adopted world-wide;<br />
• Personal Digital Communications (PDC) used in Japan; and<br />
• Enhanced (digital) versions of the 1st generation United States<br />
Advanced Mobile Phone System (AMPS) standard; IS-136 TDMA<br />
and IS-95 CDMA (alias cdmaOne)<br />
The use of digital technology enhances security in two principal<br />
ways:<br />
• Digital technology allows the use of cryp<strong>to</strong>graphic methods for<br />
authentication and encryption; and<br />
• Moni<strong>to</strong>ring digital transmission on the radio interface requires<br />
specialized equipment, which is expensive and not freely available.
Wireless Technologies 355<br />
Most of the state-of-the-art IS-95 CDMA and IS-136 TDMA terminals<br />
support roaming <strong>to</strong> the analog first generation AMPS system (dual<br />
mode terminals). This is currently a major problem for the IS-95<br />
CDMA and IS-136 TDMA opera<strong>to</strong>rs as it also expands the AMPS<br />
system's lack of security <strong>to</strong> the 2G systems.<br />
GSM-based mobile systems provide mobile user authentication and<br />
security over the radio interface as an integrated part of the system. The<br />
GSM security is based on the trust between network opera<strong>to</strong>rs and on a<br />
shared secret key (Ki) s<strong>to</strong>red on the user-subscriber's identification<br />
module (SIM) and in the Authentication Center (AUC) of the opera<strong>to</strong>r.<br />
Third generation systems<br />
The third generation mobile systems (3G) will be available soon after<br />
the year 2002. The security of first and second-generation systems<br />
is based on the traditional telecom security model (separation of user<br />
data and signaling data). The third generation mobile systems will be<br />
IP-based and, at least partially, connected <strong>to</strong> the Internet. IP-networks<br />
are 'open networks', which do not separate signaling from the user<br />
data. This allows malicious users <strong>to</strong> exploit the faults of the pro<strong>to</strong>col<br />
stacks <strong>to</strong> gain access <strong>to</strong> data or network resources. The 3G systems<br />
have <strong>to</strong> adopt a new security policy and build an Internet-like security<br />
architecture (firewalls, virtual private networking, end-<strong>to</strong>-end encryption,<br />
etc.).<br />
12.4.2. Security issues in WAP<br />
WAP allows the introduction of hypertext services <strong>to</strong> mobile systems.<br />
The services are s<strong>to</strong>red on servers in the network and they are used<br />
with a browser program from the mobile terminal. Both the opera<strong>to</strong>r's<br />
network and the service provider's WAP servers can be connected <strong>to</strong><br />
the public Internet, thus exposing the WAP stack and servers <strong>to</strong> attacks.<br />
The main areas where security should be addressed are:<br />
• Security between the mobile phone and the antenna;<br />
• Security between the antenna and the WAP gateway; and<br />
• Security between WAP gateway and origin server.
356 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
The following threats and protection methods are identified:<br />
• The possibility for viruses and malicious services in the mobile<br />
terminal. Virus protection is required.<br />
• The wireless transmission on the radio interface is protected with<br />
standard GSM security methods.<br />
• Mobile networks can have unprotected radio links inside the network<br />
(typically between the base station and base station controller). WAP<br />
services could be protected by the Wireless Transport Layer Security<br />
(WTLS) layer.<br />
• The WAP gateway and the server where the services are s<strong>to</strong>red<br />
require similar protection as Internet-servers (firewalls, careful system<br />
configuration, skillful administration and moni<strong>to</strong>ring, etc.). This<br />
protection is critical for the servers, which implement charging or<br />
s<strong>to</strong>re sensitive user information.<br />
• The data transmission between the WAP gateway and the server<br />
needs <strong>to</strong> be protected by firewalls, IPsec tunneling, or other methods.<br />
• The new security requirements are similar <strong>to</strong> the security requirements<br />
of a company intranet and Web servers.<br />
Terminal<br />
The terminal uses WTLS <strong>to</strong> provide privacy, integrity and authentication<br />
between itself and the WAP gateway. Phone.com incorporates RSA<br />
Security encryption technology in<strong>to</strong> the WAP-compliant UP.Browser®<br />
terminal and Up.Link Server Suite products. Embedded in<strong>to</strong> numerous<br />
mobile phones, UP.Browser utilizes RSA Security technology <strong>to</strong> provide<br />
secure wireless information access from wherever a consumer may be.<br />
The UP.Browser v4.1 was designed as a WAP 1.1 Class C device,<br />
which includes all required layers of the WAP stack. Phone.com<br />
anticipates that the UP.Browser v4.1 will ship with 128-bit encryption<br />
for US and international markets, based on recent US government<br />
policy decisions and Phone.com's receipt of US exports authorization.<br />
Ranging from smart phones like the Nokia Communica<strong>to</strong>r 9000 <strong>to</strong><br />
large, enterprise WAP servers, Nokia incorporates RSA BSAFE security<br />
components in<strong>to</strong> its products <strong>to</strong> enable them <strong>to</strong> offer e-business services
Wireless Technologies 357<br />
for the mobile Internet market. Nokia relies on RSA Security encryption<br />
technology <strong>to</strong> bridge the wired and wireless Internet worlds and provide<br />
a seamless user experience.<br />
WAP gateway<br />
At the gateway, the adaptation layer terminates and passes the WDP<br />
packets on <strong>to</strong> a WAP Proxy/Server via a pro<strong>to</strong>col, which is the interface<br />
between the gateway that supports the bearer service and the WAP<br />
Proxy/Server (see Figure 12.2).<br />
The WAP gateway contains transition features from WTLS <strong>to</strong> SSL<br />
(i.e., secure sockets layer) and vice versa. It also contains a WML<br />
encoder that makes the information that goes over the wireless network<br />
in<strong>to</strong> byte-code. The WMLScript compiler takes the script as input and<br />
compiles it in<strong>to</strong> byte-code.<br />
Mobile<br />
Phone<br />
Xf><br />
Co mm unication<br />
Tower<br />
c<br />
1C<br />
Origin<br />
Server<br />
WTLS-Pro<strong>to</strong>cot Conversion-SSLj I<br />
V , LL| ,,JF ?<br />
WML Encoder<br />
Dl<br />
WML Script Compiler Dl<br />
isi=J^-«%~
358 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
WAP gateway security considerations<br />
Suppliers of the WAP gateway and network opera<strong>to</strong>rs take every possible<br />
measure <strong>to</strong> keep the WAP gateway secure by:<br />
• Ensuring that the WAP gateway never s<strong>to</strong>res decrypted content on<br />
secondary media;<br />
• Ensuring the removal of unencrypted content from the memory in the<br />
WAP gateway as fast as possible;<br />
• Securing the WAP gateway physically so that only authorized<br />
administra<strong>to</strong>rs have access <strong>to</strong> the system console;<br />
• Limiting the access <strong>to</strong> the WAP gateway so that it is not accessible<br />
from a remote site outside the carrier firewall; and<br />
• Applying all other security precautions used <strong>to</strong> protect billing systems<br />
and the home location register <strong>to</strong> the WAP gateway.<br />
12.4.3. Generic mobile solutions<br />
There are two main solutions, which will be based on whether or not a<br />
mobile opera<strong>to</strong>r is used.<br />
Mobile opera<strong>to</strong>r solution<br />
In this solution the WAP gateway will be located at the opera<strong>to</strong>r's<br />
end. The opera<strong>to</strong>r will connect the mobile world and the Internet<br />
world by placing a WAP gateway in as a node in<strong>to</strong> the GSM system.<br />
The origin server will be at the cus<strong>to</strong>mer's site that will have <strong>to</strong> take<br />
the necessary security action <strong>to</strong> secure the environment. Figure 12.3<br />
outlines the architecture of the WAP gateway at the mobile opera<strong>to</strong>r's<br />
site.<br />
Company solution<br />
Company solution is narrowed down <strong>to</strong> two possible infrastructures: the<br />
use of a WAP server or a WAP gateway.
Wap """---_<br />
Terminal i<br />
Wireless<br />
Network<br />
WAP Gateway<br />
Mobile Opera<strong>to</strong>r<br />
SSL<br />
Wireless Technologies 359<br />
Internet / Intranet<br />
»<br />
1<br />
WAP Server<br />
Figure 12.3. — WAP gateway controlled by the mobile opera<strong>to</strong>r<br />
u<br />
S<br />
Wa<br />
Ter<br />
Wireless Network<br />
WTLS<br />
i n ' n a ' j<br />
,<br />
_ Internet<br />
e<br />
^1<br />
H * SSL<br />
WAP<br />
Satew ay S<<br />
liver ,<br />
Figure 12.4. — WAP gateway controlled by a company<br />
Implementing a WAP infrastructure with the use of a<br />
WAP gateway<br />
One way <strong>to</strong> build an infrastructure is <strong>to</strong> invest in a WAP gateway (see<br />
Figure 12.4). This means that the company must also have a Web server<br />
that is configured for WAP.<br />
Nokia offers this solution <strong>to</strong> their cus<strong>to</strong>mers. Typically, a company<br />
that chooses this type of solution can have a modem pool inside <strong>to</strong><br />
operate entirely on its own.<br />
Implementing a WAP infrastructure in concert with a<br />
WAP server<br />
This solution is based on the fact that the WAP architecture provides<br />
end-<strong>to</strong>-end security between the endpoints in the pro<strong>to</strong>col (see<br />
Figure 12.5) which can be done with a WAP Application Server. A<br />
WAP application server is a WWW-server with the WAP gateway<br />
features implemented.
360 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
•<br />
! Wap<br />
'. Terminal<br />
Wifeless Network<br />
WTLS<br />
I<br />
WAP Application Server<br />
Intranet / Internet<br />
Figure 12.5. — Solution with a WAP application inside the company<br />
The WAP application server consists of a WML encoder, WMLScript<br />
compiler, pro<strong>to</strong>col adapters, application logic, content database and<br />
WML decks with WML scripts. This way the company can set up the<br />
WAP architecture with only one internal machine.<br />
12.5. <strong>B2B</strong> Wireless Applications<br />
<strong>B2B</strong> wireless applications enable companies <strong>to</strong> communicate with their<br />
users' and cus<strong>to</strong>mers' wireless devices, delivering business-critical and<br />
time-sensitive information. According <strong>to</strong> H. C. Wainwright & Co., the<br />
<strong>to</strong>tal wireless applications revenue opportunity will reach US $15 <strong>to</strong><br />
$18 billion for the consumer market and about $250 billion for the<br />
business segment within ten years.<br />
Several <strong>B2B</strong> software vendors, including Vignette and Broadvision<br />
are providing solutions <strong>to</strong> allow a company's employees, cus<strong>to</strong>mers and<br />
trading partners <strong>to</strong> conduct such business-<strong>to</strong>-business (<strong>B2B</strong>) transactions<br />
as purchasing from catalogs, approving requisitions or accessing backend<br />
applications directly from their handheld devices.<br />
Let us explore business uses of the mobile Internet and different<br />
<strong>B2B</strong> wireless applications.<br />
12.5.1. Business uses of the mobile Internet<br />
A corporate requirement <strong>to</strong> communicate with peripatetic staff working<br />
away from their offices is not a recent development. Since the dawn of<br />
civilization, the movement of goods and people between cities and<br />
<strong>to</strong>wns, or between countries and continents, has been a fundamental
Wireless Technologies 361<br />
part of commercial life. Today, Fortune 500 companies report that close<br />
<strong>to</strong> 40% of their workers are mobile and that the standard mobile<br />
applications, if any, are e-mail services, productivity applications and<br />
sales force au<strong>to</strong>mation applications that are provided <strong>to</strong> workers. Opening<br />
existing Web-based applications <strong>to</strong> mobile users commonly accomplishes<br />
this.<br />
Mobile business-<strong>to</strong>-business (<strong>B2B</strong>) e-<strong>commerce</strong> with requirements<br />
for submitting bids, tracking RFQs (Request for Quote) and authorizing<br />
purchase orders appears <strong>to</strong> make sense for all parties. This is because<br />
business people cannot afford <strong>to</strong> wait. The technology inclusion does<br />
not pose a barrier and e-marketplaces must run just <strong>to</strong> stay in place.<br />
By the end of 2001, mobile functionality via SMS, WAP and PDAs<br />
may well become a requirement for both e-marketplaces and technology<br />
vendors, particularly those that target small <strong>to</strong> medium-sized enterprises.<br />
The implications of this are that mobile specialists will see a dramatic<br />
rise in business, bulk SMS resellers will proliferate and this will force<br />
cus<strong>to</strong>mer relationship management (CRM) and sales force au<strong>to</strong>mation<br />
(SFA) vendors <strong>to</strong> respond. As legacy-free <strong>B2B</strong> vendors make mobile<br />
functionality the rule instead of the exception, these CRM and SFA<br />
vendors will finally be spurred in<strong>to</strong> action.<br />
An example of mobile <strong>B2B</strong> e-<strong>commerce</strong><br />
The company bluecycle.com performs online au<strong>to</strong> salvage auctions.<br />
Currently 40% of the bids arrive not from PCs, but from mobile phones<br />
via SMS and WAP. A focused audience of approximately 1,000<br />
individuals in the United Kingdom who buy crashed cars and either<br />
break them down for scrap or repair them for resale-is targeted. Most<br />
are self-employed or work for small businesses and are constantly on<br />
the move <strong>to</strong> review prospective inven<strong>to</strong>ry.<br />
Bluecycle.com offers a simple mobile service. The user first<br />
establishes an account at bluecycle.com's Website. Afterwards, users<br />
can utilize the mobile service in two ways. First, all mobile users can<br />
elect <strong>to</strong> receive SMS messages when they've been overbid by another<br />
bidder or have won a particular auction. Second, WAP-enabled users<br />
can log in with a user name and password on their phones <strong>to</strong> review
362 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
new auctions, check status and submit bids. After six months, it has<br />
been determined that 40% of bids at bluecycle.com arrive from mobile<br />
phones. Focus groups have shown that early users find the service <strong>to</strong> be<br />
indispensable, which may be a harbinger of things <strong>to</strong> come in associated<br />
industries which require specific, timely information.<br />
12.5.2. <strong>B2B</strong> wireless portals<br />
The EIP (enterprise information portal) is a term for a Website that<br />
serves as a single point of access <strong>to</strong> a company's information and<br />
knowledge base for employees and possibly for cus<strong>to</strong>mers, business<br />
partners and the general public as well. The value of the enterprise<br />
portal lies in its ability <strong>to</strong> provide a single access point <strong>to</strong> disparate<br />
information for diverse individuals. With wireless access and the unique<br />
ability of the mobile device <strong>to</strong> offer end-users a personalized and<br />
remote communications device, the role of portals will rise in importance<br />
as a link and gateway <strong>to</strong> various corporate services. Users will be able<br />
<strong>to</strong> access services and content that leverage the unique features of<br />
mobility, such as location and time sensitivity of information, that fixed<br />
Internet portals cannot provide.<br />
The ability <strong>to</strong> provide wireless access <strong>to</strong> portal content will be<br />
increasingly important <strong>to</strong> remote workers. The ways in which portal<br />
products aggregate, integrate and access content vary substantially.<br />
Some are built around crawling or polling technologies that essentially<br />
build indexes and schemas that identify content <strong>to</strong>pics and locations.<br />
Others integrate with specific content and data sources <strong>to</strong> expose content<br />
from these sources via the interface. In this environment it is important<br />
<strong>to</strong> consider support for wireless standards in any corporate portal strategy.<br />
The Delphi Group considers that, despite the rapid competition and<br />
innovation among manufacturers of mobile information appliances, the<br />
real innovation in ubiqui<strong>to</strong>us computing lies in extending the business<br />
portal software <strong>to</strong> new devices. Their research found that what they<br />
refer <strong>to</strong> as the 'untethered' business portal is the vital link for the<br />
mobile workforce and that it contributes greatly <strong>to</strong> making the entire<br />
concept of mobile access for <strong>B2B</strong> effective.<br />
Linking such activities <strong>to</strong> wireless devices and the increasing numbers<br />
of workers away from the office are now vital considerations. For
Wireless Technologies 363<br />
example, the mundane ability <strong>to</strong> fill out expense reports in real-time has<br />
cost and efficiency benefits for companies that can make effective use<br />
of centrally administered enterprise resources.<br />
Portals should be able <strong>to</strong> scale easily <strong>to</strong> hundreds of thousands of<br />
users and support users on a range of platforms, including PCs, mobile<br />
phones and handheld devices.<br />
Business portal software is rapidly becoming a point of convergence<br />
for the enterprise. Mobile professionals want <strong>to</strong> take their business<br />
portals with them. Within a few years, untethered points of access <strong>to</strong><br />
enterprise portals will make the problems of 'synching' and docking<br />
PIMs and PDAs obsolete.<br />
12.5.3. On-demand trading<br />
A growing cadre of new e-marketplaces is establishing dynamic venues,<br />
such as auctions and exchanges, that allow buyers and sellers <strong>to</strong> establish<br />
prices in real-time. In these markets, firms won't just participate in<br />
these venues, they will configure online markets for each transaction.<br />
They will do so by trading across multiple product attributes and giving<br />
their favored suppliers special treatment.<br />
To achieve this level of personalization and a dynamic pricing<br />
environment, the e-marketplaces will have <strong>to</strong> provide real-time<br />
information about market activities <strong>to</strong> all the users on all types of<br />
devices, including wireless.<br />
With on-demand trading, truckers, for example, will be able <strong>to</strong> post<br />
capacity or a bid on a load whenever they want. The result will be that<br />
some traveling commodity managers will expect <strong>to</strong> bid through wireless<br />
devices and respond in the same way.<br />
12.5.4. Business-<strong>to</strong>-employee (B2E) connections<br />
There are few who now doubt the impact of the Internet revolution. It is<br />
ironic that the need <strong>to</strong> be wireline connected <strong>to</strong> an office network or<br />
intranet has ensured that physical location is still necessary for most<br />
knowledge transfer in the workplace. Whether production, sales, or<br />
shipping <strong>to</strong>ok place elsewhere, the office's status as the primary location
364 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
for the gathering, processing and sharing of information throughout the<br />
company has remained unchanged.<br />
As alluded <strong>to</strong> earlier, another revolution is sweeping the business<br />
world: the Internet is becoming untethered and there is a demonstrated<br />
need for B2E (business-<strong>to</strong>-employee) interactions. Employees no longer<br />
need <strong>to</strong> be shackled <strong>to</strong> fixed Ethernet connections <strong>to</strong> send and receive<br />
data. Handheld devices can now connect them <strong>to</strong> cus<strong>to</strong>mers, colleagues<br />
and data wherever they may roam. In short, the mobile Internet is<br />
finally forcing companies <strong>to</strong> question the previous notion that the office<br />
was indispensable as a physical presence for information <strong>to</strong> be gathered,<br />
processed and passed. The result is that now an office can be wherever<br />
employees, their colleagues and cus<strong>to</strong>mers want it <strong>to</strong> be.<br />
Each industry has unique ways of approaching the mobile Internet<br />
and there cannot be a single or even small set of solutions for different<br />
industries. As an illustration, Figure 12.6 outlines a typical pathway for<br />
mobile content delivery.<br />
Two general ways that firms can exploit mobile technology are<br />
internally and externally. Internally focused mobile applications leverage<br />
" VaTTous"<br />
Back-End<br />
Systems<br />
Content >i<br />
Management;<br />
Vignette j<br />
Content<br />
Delivery<br />
Epi centric<br />
Web Portal<br />
User PC<br />
Middleware<br />
Components<br />
Aether Systems I<br />
WebObjects j<br />
WebSphere >•<br />
WebLogic I<br />
• Provides translation of<br />
HTML content <strong>to</strong> support<br />
different devices<br />
p Provides device<br />
management cap abilities<br />
• Adds additional layerfoi*<br />
scalability<br />
• Enables rapid application<br />
development<br />
Gateways<br />
rj'l a<br />
HIJ v i. i_m<br />
IrEach gateway maybe<br />
combined with third patty<br />
add-ons<strong>to</strong> supplement<br />
the offenng (security<br />
additional API support}<br />
Devices<br />
' ina-L P : ior-?s<br />
.,iii..y.'.s ^ijti<br />
V.i.\'!\'i ' -iti ds<br />
Wireless Technologies 365<br />
the power of mobile technology among a company's own employees.<br />
They are the focus of this section. Externally oriented mobile applications<br />
reach cus<strong>to</strong>mers and clients through their handheld devices.<br />
Internally focused mobile applications that eliminate or hasten<br />
repetitive or time-consuming processes permit companies <strong>to</strong> reap the<br />
benefits of improved operational efficiencies with the provision of<br />
means for employees <strong>to</strong> access and <strong>to</strong> transmit data at the point of need,<br />
and employees are empowered <strong>to</strong> be more effective and productive and<br />
thus streamline business processes.<br />
Some examples of B2E applications are:<br />
• Field workers can access project records remotely while in the field<br />
or onsite at a client's offices. Claims adjusters in the field can<br />
immediately complete electronic forms on a handheld device and<br />
upload their reports <strong>to</strong> a central server, saving time and improving<br />
accuracy.<br />
• In places such as hotels, casinos and department s<strong>to</strong>res, employees<br />
can roam the premises, while retaining access <strong>to</strong> the company network.<br />
• Before meeting new or existing cus<strong>to</strong>mers, sales representatives can<br />
access the latest inven<strong>to</strong>ry levels, product line data and pricing<br />
structures.<br />
• Fac<strong>to</strong>ry workers can track product batches as they progress through<br />
production or assembly without needing <strong>to</strong> return <strong>to</strong> a fixed terminal.<br />
• Consultants and other business professionals can avoid manually<br />
updating contact lists on their PDAs or daily planners by 'synching'<br />
these devices with a central company database. Interestingly, this can<br />
also be configured <strong>to</strong> be accomplished upon entry or exit of an<br />
employee <strong>to</strong> an office's local wireless LAN.<br />
12.5.5. <strong>B2B</strong>, B2C, B2E and wireless<br />
B2E like <strong>B2B</strong> and B2C has, here<strong>to</strong>fore, been wired, though it is<br />
evolving <strong>to</strong>wards wireless applications. So long as there is a need for<br />
(a) ubiqui<strong>to</strong>us access <strong>to</strong> information; (b) convenience and accessibility;<br />
(c) personalization; or, in the near future, (d) localization, there is a<br />
possibility that wireless can play a role. The most salient present
366 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
constraints are bandwidth and the complexity of the underlying networks<br />
in the United States.<br />
Thus, it appears that <strong>B2B</strong> does not naturally lend itself <strong>to</strong> wireless.<br />
B2C can, and will, morph from e-<strong>commerce</strong> primarily directed at wired<br />
individual consumers <strong>to</strong> both e- and m-<strong>commerce</strong> in select industries<br />
(e.g., travel and entertainment or banking). B2E, similarly, will have<br />
applications in the CRM and SFA realm, which will have elements that<br />
can be accessed in both wired and wireless formats.<br />
12.6. Enterprise <strong>Integration</strong> Issues<br />
for M-<strong>commerce</strong><br />
Much has been written about <strong>B2B</strong> e-<strong>commerce</strong>, but little has been set<br />
down about the preparation and protection of these same enterprise<br />
systems for mobile e-<strong>commerce</strong>. This section examines the his<strong>to</strong>ry of<br />
remote access <strong>to</strong> enterprise e-<strong>commerce</strong> systems and attempts <strong>to</strong> identify<br />
particular issues and challenges mobile <strong>B2B</strong> e-<strong>commerce</strong> presents.<br />
Mobile e-<strong>commerce</strong> has some specialized issues relating <strong>to</strong> the<br />
separation of wireless user access from Internet latency and secure data<br />
because of multiple air interfaces in use (i.e., from the handheld <strong>to</strong> the<br />
transmission <strong>to</strong>wer and from there <strong>to</strong> the gateway at a carrier or within<br />
a firm). In the United States, particularly, this is a problem because<br />
there are three air interfaces in use on the public networks: GSM<br />
(Global System for Mobile Communications), CDMA (Code Division<br />
Multiple Access) and TDMA (Time Division Multiple Access), as well<br />
as three packet networks, ARDIS, Mobitex and CDPD. Apart from slow<br />
speed (9.6kbps), GSM in particular has significant latency implications<br />
from an enterprise standpoint.<br />
The issue of speedier and more secure transmission of corporate<br />
data over comparatively slow wireless links is being addressed by a<br />
new group of <strong>to</strong>ol builders who are developing applications which are<br />
network resident, or especially designed <strong>to</strong> be accommodated on small<br />
handheld wireless phones. However, the issue of developing an audit<br />
trail for billing and non-repudiation of transactions appears <strong>to</strong> be more<br />
complicated than in traditional remote access over wireline networks. A
1<br />
Wireless Technologies 367<br />
GSM h HSCSD h GPRS fc EDGE fc UTR.A WCDMA<br />
9,6 - 14.4 - *" 57.6 Kbps - "*" 176 Kbps - "^ 768 Kbps - r 2 Mbps<br />
Kbps I JL<br />
1999 2000 2001 2002<br />
Figure 12.7. — The migration <strong>to</strong> 3G networks<br />
way <strong>to</strong> address this shortcoming is through enhanced user authentication<br />
and location profiling which is a byproduct of real-time call rating.<br />
Still another set of latency issues arise in the transcoding (i.e.,<br />
presentation and adaptation) of Internet data for display and processing<br />
on wireless devices. Websites combine presentation and content data<br />
using HTML, which must be transcoded for wireless device use. Use of<br />
XML gets around that problem. Widespread adoption of the WAP with<br />
its XML-compliant WML has provided an interim solution. However,<br />
conversion of WAP at a carrier's gateway poses a security risk for the<br />
enterprise. While 3G wireless and wired broadband networks will<br />
ultimately use end-<strong>to</strong>-end IP (Internet Pro<strong>to</strong>col), enterprise solutions in<br />
the near term are likely <strong>to</strong> require middleware <strong>to</strong> ensure security and<br />
high throughput for transactions. Figure 12.7 outlines the migration <strong>to</strong><br />
3G networks.<br />
As wireless devices become smarter, faster and more powerful, they<br />
will undoubtedly pose a new enterprise security risk. It is anticipated<br />
that these devices will exchange not only voice and data, but also<br />
executable code. Distributed object frameworks support remote invocation<br />
of code. As mobile IP, distributed object frameworks and mobile code<br />
technologies, such as Java and Jini, merge in the future, it is safe <strong>to</strong><br />
assume that we will have new security and privacy risks.<br />
If a company is looking <strong>to</strong> deploy some kind of wireless business-<strong>to</strong>business<br />
solution, there are three basic, but very important things one<br />
can do <strong>to</strong> protect one's data now and limit the impact of IP theft:<br />
1. The more network-centric solutions designed a priori, with the least<br />
amount of sensitive data residing in the handheld, the better off one<br />
X
368 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
is. The PDA can hold the browser and forms, but data should not<br />
reside there. Among the cognoscenti, it is well known that current<br />
handhelds, particularly the Palm devices, have such limited processing<br />
power and s<strong>to</strong>rage capability that it is hard <strong>to</strong> put any kind of serious<br />
virus protection on the device. Pocket PC devices are better suited<br />
for this, as they will soon have Intel Pentium-level or Strong Arm 2<br />
(600 MHz) processors and more s<strong>to</strong>rage.<br />
2. A server-type certificate built in<strong>to</strong> the client is an excellent idea.<br />
This is important because the client then authenticates the server<br />
before the password is used from the network <strong>to</strong> authenticate the<br />
client. This prevents 'spoofing', in which a user uploads sensitive<br />
data <strong>to</strong> what he thinks is his network server, but which is not. This<br />
method calls for mutual authentication before any sensitive information<br />
is shared.<br />
3. For most wireless networks, it is advisable <strong>to</strong> put an additional layer<br />
of security on <strong>to</strong>p of the built-in security mechanism. It is widely<br />
recognized in the industry that one cannot rely on GSM security<br />
alone. CDMA has stronger security natively and CDPD, Mobitex<br />
and Ardis typically need <strong>to</strong> run an application layer on <strong>to</strong>p of their<br />
native security. Most of the built-in security is robust enough <strong>to</strong> s<strong>to</strong>p<br />
someone with a scanner from seeing plain text, but there is very little<br />
that cannot be defeated by a computer cracker. Deciding on how<br />
much security one layers on, the transmission becomes a tradeoff in<br />
performance and cost. In essence, what needs <strong>to</strong> be done, unless one<br />
wants <strong>to</strong> use a no-compromise deployment from end-<strong>to</strong>-end and<br />
spare no expense, is <strong>to</strong> match up the level of access or services <strong>to</strong><br />
the wireless network's capabilities <strong>to</strong> handle security.<br />
There are at least three tiers of services one can match <strong>to</strong> wireless<br />
network capabilities. Tier one would be where users simply view<br />
information, such as bank account information. In tier two, closed<br />
transactions would be acceptable, where information can be exchanged<br />
or money transferred, <strong>to</strong> continue the bank analogy, within the same<br />
institution. Tier three, the highest level of security, would use end-<strong>to</strong>end<br />
encryption <strong>to</strong> allow users <strong>to</strong> exchange information with other<br />
companies or transfer money between various banks.
Wireless Technologies 369<br />
12.7. Leading M-<strong>commerce</strong> Solution Providers<br />
Table 12.3 shows the leading wireless solution providers:<br />
Several application server providers, such as BEA — WebLogic<br />
and IBM, and WebSphere Everywhere Suite also provide support for<br />
m-<strong>commerce</strong> solutions through their platforms.<br />
12.7.1. BEA WebLogic m-<strong>commerce</strong> solution<br />
The BEA WebLogic m-<strong>commerce</strong> solution enables enterprises <strong>to</strong> run<br />
reliable and scalable e-<strong>commerce</strong> solutions on a single infrastructure<br />
that serves dynamic content <strong>to</strong> wired PCs and wireless personal digital<br />
assistants, pocket PCs, pagers and cell phones (see Figure 12.8).<br />
Based on the WAP, the BEA WebLogic m-<strong>commerce</strong> solution<br />
integrates BEA WebLogic server and BEA WebLogic <strong>commerce</strong> server<br />
with the Nokia WAP server and is compliant with all WAP-enabled<br />
wireless devices. With the BEA WebLogic <strong>commerce</strong> server, businesses<br />
can make the best use of tiny mobile displays <strong>to</strong> deliver cus<strong>to</strong>mized<br />
information and services <strong>to</strong> individual wireless cus<strong>to</strong>mers. Furthermore,<br />
Client<br />
Wireless<br />
PDA<br />
Partner<br />
Offerings<br />
Campaign Manage!<br />
Commerce Server<br />
Personalization Server<br />
Legacy<br />
Applications<br />
Mainframes<br />
and Databases<br />
eUnk<br />
Partner<br />
Gffeimgs<br />
Web logic <strong>Integration</strong><br />
WebLogic and Tuxedo Application Servers<br />
BEA Services<br />
ft<br />
Partners<br />
mh<br />
Suppliers<br />
Employees<br />
Internet Cus<strong>to</strong>mers<br />
Figure 12.8. — BEA's WebLogic provides m-<strong>commerce</strong> solution
Company<br />
Brience<br />
Everypath<br />
GadgetSpace<br />
NetMorf<br />
Products and<br />
services<br />
Brience Framework,<br />
Wireless Edge<br />
Server<br />
Everypath Mobile<br />
Application<br />
Platform<br />
GadgetSpace<br />
MobileMediary<br />
service<br />
SiteMorfer<br />
Table 12.3. Leading M-<strong>commerce</strong> solution providers<br />
Description (including key<br />
technologies used)<br />
Works with existing apps<br />
infrastructure <strong>to</strong> extend all<br />
e-business apps <strong>to</strong> any Webenabled<br />
wireless device.<br />
Mobilizes business apps, XML<br />
interfaces, transactional Webbased<br />
data and database<br />
information.<br />
Instantaneous, bidirectional<br />
dialog between any Internet<br />
app and any Internet-capable<br />
mobile device.<br />
Au<strong>to</strong>matic content conversion<br />
via SiteMorfer Mark-up<br />
Language (SML) for access by<br />
all mobile devices.<br />
Partnerships and<br />
alliances with other<br />
companies<br />
BroadVision, Cisco,<br />
E.piphany, Lucent<br />
Technologies<br />
Check Point Software,<br />
Engage, Interwoven,<br />
Network Appliance<br />
CalendarCentral,<br />
Clarks<strong>to</strong>n<br />
Allaire, Clarks<strong>to</strong>n,<br />
Merca<strong>to</strong>r, Mobilocity,<br />
SignalSoft<br />
Key websites using<br />
products and services<br />
BarPoint.com,<br />
Hyperion, Ingram<br />
Micro<br />
Alaska Airlines, Best<br />
Buy, E*Trade,<br />
salesforce.com<br />
Celanese Chemicals,<br />
MGM, Symbol<br />
Technologies<br />
barnesandnoble .com,<br />
CEOExpress, MyPalm
2Roam<br />
Company<br />
Products and<br />
services<br />
2Roam Catalyst<br />
Wireless Server,<br />
2Roam Nomad<br />
Wireless Publisher<br />
Source: PC Magazine, February 2001<br />
Table 12.3 (Continued)<br />
Description (including key<br />
technologies used)<br />
XML-based. Intelligently<br />
harvests content off-site or<br />
integrates with data systems <strong>to</strong><br />
deliver static or dynamic content<br />
<strong>to</strong> any wireless device.<br />
Partnerships and<br />
alliances with other<br />
companies<br />
AdForce, Akamai,<br />
Avenue A, DoubleClick,<br />
iQ.com, SignalSoft<br />
Key websites using<br />
products and services<br />
eBay, Fogdog,<br />
iOwn.com,<br />
SalesHound.com, uBid,<br />
WorldPages.com
372 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
this solution is designed <strong>to</strong> protect the confidentiality of sensitive<br />
cus<strong>to</strong>mer information across all communication channels.<br />
12.7.2. IBM's WebSphere everyplace suite<br />
IBM's WebSphere everyplace suite is server software that extends<br />
network connectivity <strong>to</strong> a wide variety of wireless pro<strong>to</strong>cols, synchronizes<br />
device databases with server databases and delivers content reliably. It<br />
accommodates a variety of connectivity gateways, including WAP, GSM,<br />
CDMA, TDMA, and TCP/IP, and securely communicates with wireless<br />
devices. By extending essential business-<strong>to</strong>-business transactions <strong>to</strong><br />
wireless devices, participants can remain engaged from anywhere, thereby<br />
increasing market efficiency.<br />
12.8. To be or not <strong>to</strong> be... Wireless: Pertinent<br />
Strategic Considerations<br />
The mobile Internet will not supplant the PC-based Web experience that<br />
we now enjoy. Rather, the promise of the mobile Internet <strong>to</strong>day is that<br />
it will expand the reach of the Internet, even though the browsing<br />
experience on a handheld will probably not resemble what we see on<br />
the traditional Web. The mobile Internet represents a new <strong>to</strong>ol for<br />
businesses. It permits them <strong>to</strong> connect their employees and <strong>to</strong> streamline<br />
their processes in ways previously thought <strong>to</strong> be unwieldy, expensive or<br />
impossible.<br />
12.8.1. Goal and business definition<br />
Building an application is similar <strong>to</strong> building a house. Goals must be<br />
defined clearly in the beginning and plans must be drawn up before the<br />
actual coding commences. Companies should think first about the nature<br />
of their existing operations and where in those processes mobilization<br />
could play a role. This could be through the speeding up or elimination<br />
of various processes, the freeing up of employees from their desks<br />
so that they could spend more time in the field, improving access
Wireless Technologies 373<br />
<strong>to</strong> information, or simply enhancing communication throughout the<br />
enterprise.<br />
Several key questions are immediately evident:<br />
• What are the specific goals of mobilization?<br />
• Which business processes are candidates for mobilization?<br />
• Who in the company will take ownership of the initiative?<br />
• Is there support from upper management?<br />
Essential questions for implementing <strong>B2B</strong> mobile models<br />
As always, when focusing further on a new technology, pertinent<br />
questions start <strong>to</strong> surface. Any company implementing <strong>B2B</strong> mobile<br />
models should consider the following questions:<br />
1. How well do the bundled applications work in a small handheld form<br />
fac<strong>to</strong>r? If the handheld is <strong>to</strong>o hard <strong>to</strong> use or if the applications are<br />
difficult <strong>to</strong> see on a small screen, the device may look useful in a<br />
demonstration but will fail in regular everyday use.<br />
2. Has the battery life been sacrificed for extra features? Battery power<br />
is a vital fac<strong>to</strong>r and any device that offers unnecessary applications<br />
will require the user <strong>to</strong> carry additional batteries or be tied <strong>to</strong> a<br />
power outlet, directly impacting mobility. Note that in remote areas<br />
there may be only limited access <strong>to</strong> batteries and recharging facilities.<br />
3. Are users willing <strong>to</strong> pay for bundled features they may not need?<br />
According <strong>to</strong> the detrac<strong>to</strong>rs of Microsft's PocketPC, users are given<br />
little choice in this matter.<br />
4. Will the operating system appeal <strong>to</strong> developers? Earlier versions of<br />
Windows CE (Compact Edition) encountered problems in this area,<br />
and without a large community of developers creating new<br />
applications, Windows CE became a metaphorical 'island in a stream'.<br />
5. Are expansion options available for the handheld? For example, Palm<br />
users can choose multiple expansion technologies, enabling over<br />
500 expansion options, with more on the way every day.<br />
This debate between suppliers of operating systems and various<br />
vendors illustrates just one of the many issues corporate IT departments<br />
need <strong>to</strong> grapple with in implementing mobile business solutions. Gaining
374 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
a clear idea of what is offered through the smokescreen of competing<br />
vendor claims is not an easy task. Putting sensitive, mission-critical<br />
data in<strong>to</strong> devices that are designed <strong>to</strong> go anywhere creates management<br />
challenges that include security, software distribution, data flow issues<br />
between a mobile device and a PC or directly with a server, au<strong>to</strong>mating<br />
enforcement of company policies, centralized backup and res<strong>to</strong>ration,<br />
remote troubleshooting and the prevention of viruses from passing in<strong>to</strong><br />
the corporate network. This will require a comprehensive set of security,<br />
data synchronization and systems management functions <strong>to</strong> overcome<br />
potential problems.<br />
12.8.2. Formulation of technology strategy<br />
Once the specific goals for mobilization have been identified, it is then<br />
recommended <strong>to</strong> conduct a high-level technical analysis of how the<br />
solution will be realized. The mobile environment is so complex and<br />
evolves so quickly, that a diverse array of options demands a careful,<br />
strategic approach. Some of the primary choices <strong>to</strong> be made in developing<br />
mobile applications include how users' devices will send and receive<br />
data, the identification of those devices and what applications they will<br />
run. Because early choices impact other options, it is important <strong>to</strong> view<br />
the choices made as an interdependent system of options, rather than a<br />
series of isolated decisions. For example, the need <strong>to</strong> gather and transmit<br />
large batches of non-time sensitive data may easily lead <strong>to</strong> choosing<br />
PDAs that synchronize <strong>to</strong> a central database. Conversely, a decision that<br />
global wireless coverage is absolutely required will mandate the selection<br />
of particular devices running certain types of applications.<br />
Build or buy applications<br />
Mobile applications can range from simple SMS-based alerts, <strong>to</strong> complex,<br />
locally s<strong>to</strong>red programs. As with other, non-mobile applications, they<br />
can all be obtained via vendor offerings, or through cus<strong>to</strong>m development.<br />
There is a wide array of vendors that offer mobile 'point solution'<br />
applications or suites of applications that perform particular functions,<br />
such as sales force au<strong>to</strong>mation or scheduling. The benefits of choosing
Wireless Technologies 375<br />
a vendor's software product often include reduced time-<strong>to</strong>-market and<br />
lower cost. However, the disadvantages of these products are limited<br />
cus<strong>to</strong>mizability or adaptability <strong>to</strong> the unique methods of a business<br />
operation. In addition, these off-the-shelf products may not be easily<br />
extensible when new technological developments appear. It is important<br />
<strong>to</strong> remember that because mobile technology is developing rapidly,<br />
with new devices, networks and pro<strong>to</strong>cols continually emerging, the<br />
adaptability that cus<strong>to</strong>m development brings may be an essential element<br />
of a long-term strategy.<br />
Many ways <strong>to</strong> data transmission<br />
Data transmission refers <strong>to</strong> the means by which data is sent and<br />
received by a mobile device. When thinking about data transmission, it<br />
is important <strong>to</strong> consider a variety of fac<strong>to</strong>rs relating <strong>to</strong> how the eventual<br />
mobile application will be built and how it will actually be used in the<br />
field. The right solution for one's company will depend on a number of<br />
issues, such as timeliness and time-sensitivity of information, as well as<br />
geographic coverage.<br />
Real-time wireless versus 'synchable' data<br />
The choice between wireless and 'synchable' wireless solutions depends<br />
primarily on the time sensitivity of the data at hand. Many quite useful<br />
mobile applications never establish a wireless connection <strong>to</strong> the Internet.<br />
Instead, they synchronize locally s<strong>to</strong>red data with that on a server.<br />
'Synchable' solutions are often superior when large amounts of<br />
information are <strong>to</strong> be transferred. This is because they rely on a serial<br />
port or an even faster Universal Serial Bus (USB) connection. In a<br />
practical sense, sending a megabyte of data over most current wireless<br />
networks would be all but impossible, as their limited bandwidth would<br />
reduce the data flow <strong>to</strong> a trickle. Another fac<strong>to</strong>r <strong>to</strong> consider in deciding<br />
between 'synchable' and real-time wireless is network coverage. If<br />
users will frequently be in locations where a wireless carrier's bearer<br />
network coverage is spotty or absent, even the most powerful mobile<br />
application will be of little value.
376 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Is data pushed or pulled?<br />
Another fac<strong>to</strong>r <strong>to</strong> consider is whether data will be pushed <strong>to</strong> individuals<br />
or pulled by individuals. Push-based data transfer lends itself <strong>to</strong> timesensitive<br />
information requiring interactivity from the recipient. An<br />
example is whether <strong>to</strong> reschedule a planned meeting upon receiving<br />
notice that one of the invitees cannot attend. Push functionality may be<br />
achieved through various technologies: Short Messaging Service (SMS)<br />
messages, browser alerts <strong>to</strong> WAP phones, or e-mail <strong>to</strong> an 'always-on'<br />
device. The type of underlying network available will determine which<br />
of these options are viable.<br />
For example, 'packet-switched' bearer networks (used by two-way<br />
paging devices) are 'always on'. They do not require the user <strong>to</strong><br />
establish a network connection before receiving data which makes this<br />
type of network an ideal choice when the timely receipt of wireless<br />
e-mail is absolutely necessary. Conversely, 'circuit-switched' networks,<br />
such as those used by digital and PCS (Personal Communication System)<br />
mobile phones, require that a connection be established, but offer the<br />
additional benefit of carrying voice-based communications.<br />
There are other fac<strong>to</strong>rs <strong>to</strong> consider. In the American market, the<br />
patchwork of competing PCS and cellular carriers means that packetswitched<br />
networks have a greater geographic coverage than any one<br />
circuit-switched network. Companies seeking <strong>to</strong> standardize on one<br />
device for employees traveling throughout the country may choose<br />
always-on connectivity for this reason.<br />
Local mobile (LAN) versus roaming mobile<br />
In offices where employees want <strong>to</strong> move freely within a limited area,<br />
wireless LANs may be the ideal solution. By establishing a wireless<br />
LAN, a company can equip employees with handhelds that access its<br />
network over an always-on connection from within a relatively short<br />
radius, with much higher bandwidth than would be possible over widerange<br />
bearer networks. Some hotels equip their staff with handheld<br />
devices that track room status and inven<strong>to</strong>ry levels in real-time and<br />
many supermarkets employ this technology <strong>to</strong> update inven<strong>to</strong>ry.
A growing panoply of devices<br />
Wireless Technologies 377<br />
Not all mobile devices are created equal. The relatively large screens<br />
and pen-based input system of many PDAs and two-way pagers make<br />
them well suited <strong>to</strong> display relatively large amounts of data from<br />
spreadsheets, maps, or graphs at once. Phones can exploit VoXML<br />
(Voice Extensible Markup Language) and associated voice-navigation<br />
technologies, but often suffer from poorly designed physical interfaces.<br />
Emerging hybrid devices combine the strengths of both PDAs and<br />
phones, but may suffer from trying <strong>to</strong> do <strong>to</strong>o much.<br />
Within any given device class there can be a few and in some cases,<br />
many, potential manufacturers and models <strong>to</strong> choose from. In many<br />
firms, once a general device class, such as a smart phone or PDA is<br />
decided upon, just one model in that class is approved for employees.<br />
One of the key benefits of designing internally focused, as opposed <strong>to</strong><br />
cus<strong>to</strong>mer-focused, external, mobile applications is the control over the<br />
end device which can greatly simplify application development, enhance<br />
security and overall design, testing and troubleshooting.<br />
Extension of the web infrastructure<br />
In considering a mobile solution, attention should be directed <strong>to</strong> existing<br />
legacy systems, a company's Web infrastructure and any middleware<br />
platforms <strong>to</strong> be used for particular features such as 'synching', alerts, or<br />
instant messaging. It is highly likely that a certain amount of cus<strong>to</strong>m<br />
software development may be called for, even if an off-the-shelf solution<br />
is employed.<br />
In addition, firms should already be thinking about leveraging an<br />
XML-based architecture, which will permit companies <strong>to</strong> keep data in<br />
its raw form and package it in<strong>to</strong> its appropriate format depending on the<br />
channel being reached. This evolution is necessary <strong>to</strong> address an<br />
inexorable trend: the PC is becoming but one channel among many for<br />
the delivery of data.<br />
User-level design<br />
As with wired Web-based projects, a company's mobile initiative can<br />
succeed or fail if the user-level design is not well considered. At this
378 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
juncture, questions are not about high-level strategic choices among<br />
vendors or platforms, but rather of user-level concerns: interface design,<br />
site structure and layout. In the world of the mobile Internet, small<br />
displays, clunky input mechanisms and slow network speeds can all<br />
conspire <strong>to</strong> detract from the user experience and derail the mobile<br />
initiative.<br />
Navigation considerations are important. The more the levels of an<br />
application's hierarchy a user must navigate, the greater the opportunity<br />
for erroneous input, which will often result in slowing down the process<br />
further. 'Flattened' application hierarchies attempt <strong>to</strong> keep vital data as<br />
few 'clicks', or levels away from the user task completion, as possible,<br />
at all times. Employment of context-sensitive 'soft' keys can aid this<br />
process by putting the most likely choices at the user's fingertips.<br />
Personalization will be important in the mobile realm. For example,<br />
when only one or a few employees will be using a particular device,<br />
their individual preferences and user information can be s<strong>to</strong>red either<br />
locally or on a central server, <strong>to</strong> speed up the navigation process and,<br />
ultimately, their access <strong>to</strong> data. As an example, a sales agent's phone<br />
can s<strong>to</strong>re his user ID and password, so that upon accessing his company's<br />
WAP site, he is au<strong>to</strong>matically logged in, with contact information for<br />
his key client leads and sales figures for the product lines he covers<br />
readily available.<br />
A more creative and practical use of personalization may involve<br />
having a user configure the wireless application preferences on a PC.<br />
The preferences would then be accurately reflected when the user<br />
activates his mobile device. For example, a banker could configure a<br />
'synchable' application via their PC so that upon accessing their<br />
company's back-end server over the Internet, he or she downloads data<br />
on acquisitions only in a particular industry or sec<strong>to</strong>r.<br />
In the world of the mobile Internet, the minimization of what is<br />
transmitted is important. This is because slow network speeds will<br />
translate in<strong>to</strong> longer latency, which will frustrate the end user. It is<br />
important <strong>to</strong> remember that, for example, in the case of WAP phones,<br />
exceedingly small displays mean that the amount of data displayed at a<br />
single time should also be minimized.<br />
A company can reap the rewards of the mobile Internet more quickly<br />
when it is used frequently by many employees <strong>to</strong> share information.
Wireless Technologies 379<br />
This harvest can be realized more quickly if the online wireless<br />
experience is standardized. As the availability of networks with 'fat<br />
pipes' <strong>to</strong> transmit more data, more quickly, takes hold, the value of a<br />
mobile initiative increases dramatically.<br />
A way <strong>to</strong> reap this reward is for companies <strong>to</strong> minimize resistance <strong>to</strong><br />
mobile applications by settling on interface standards where possible.<br />
Much of the standardization of elements in Microsoft Windows<br />
applications has permitted users <strong>to</strong> learn new programs quickly and<br />
easily. Thus, maintaining the homogeneity of mobile devices and<br />
interfaces within a firm will encourage mobile application use, facilitate<br />
internal (and external) data transfer and allow for a thorough integration<br />
of mobile components in<strong>to</strong> existing operations.<br />
Implementation<br />
Due <strong>to</strong> the proliferation of devices and networks, testing takes on a new<br />
level of importance and complexity in the mobile world. An application<br />
that works as intended on a particular device or bearer network may<br />
reveal hidden glitches on another. This is also true for different devices.<br />
Thorough testing of mobile applications therefore demands functionality,<br />
stress and regression testing on as many devices <strong>to</strong> be supported and,<br />
where applicable, as many underlying networks, as possible. Companies<br />
can standardize on a single technological platform <strong>to</strong> simplify the<br />
testing process. Often this is not an option, as support for multiple<br />
devices may be necessary.<br />
As noted earlier in this chapter, the only constant with the mobile<br />
technology landscape is change. Companies that roll out cutting-edge<br />
mobile applications <strong>to</strong> their employees <strong>to</strong>day must continue <strong>to</strong> roll out<br />
better versions of the same applications <strong>to</strong>morrow if they want <strong>to</strong> stay<br />
ahead of their competi<strong>to</strong>rs. In both the wired and wireless worlds, what<br />
is required is an ongoing evaluation of a company's strategy and<br />
solution against new technologies, products, devices and software.<br />
12.9. Conclusion<br />
We are on the verge of an explosion in wireless use. By 2003, there<br />
will be 400 million mobile Internet users. By 2005 there will be one
380 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
billion cell phones in use. Today, Fortune 500 companies report that<br />
close <strong>to</strong> 40% of their workers are mobile and that the standard mobile<br />
applications, if any, are e-mail services, productivity applications and<br />
sales force au<strong>to</strong>mation applications that are provided <strong>to</strong> workers.<br />
A wireless business portal is a vital link for the mobile workforce<br />
and contributes greatly <strong>to</strong> making the entire concept of mobile access<br />
effective.<br />
Handheld devices are now moving from a role as personal productivity<br />
<strong>to</strong>ols <strong>to</strong> providing enterprise-wide business solutions. In effect, they are<br />
extending the reach of the enterprise and the use of mission critical<br />
applications wherever they are needed.<br />
In considering a mobile solution, attention should be directed <strong>to</strong><br />
existing legacy systems, a company's Web infrastructure and any<br />
middleware platforms <strong>to</strong> be used for particular features such as<br />
'synching', alerts, or instant messaging. It is certain that cus<strong>to</strong>m software<br />
development will be called for, even if an off-the-shelf solution is<br />
employed.<br />
Wireless technology will play a crucial role in <strong>B2B</strong> interactions and<br />
transactions. It would enable the users <strong>to</strong> query an integrated backend<br />
system, such as SAP R/3 and have the response forwarded <strong>to</strong> other<br />
wireless devices: lap<strong>to</strong>ps, WAP-enabled phones and PDAs.
Chapter "] 3<br />
Software Agents<br />
The focus of this chapter<br />
The opportunities for using intelligent software agents in <strong>B2B</strong> applications<br />
are enormous. They will not only assist in coordinating tasks<br />
among humans but also communicate, cooperate and collaborate among<br />
distributed programs.<br />
This chapter explains the fundamentals of software agents vis-a-vis<br />
<strong>B2B</strong> integration, types of software agents and features of intelligent<br />
mobile agents. We also cover the different applications of software<br />
agents in <strong>B2B</strong> e-<strong>commerce</strong> applications, along with the universal<br />
language used by the agents — Agents Markup Language (AML).<br />
381
382 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
13.1. Software Agents Enabling the Formation of<br />
Virtual Organizations<br />
<strong>B2B</strong>i requires companies <strong>to</strong> go through a big structural change, wherein<br />
the hierarchical, coordinated organization model is replaced by the<br />
decentralized business network, leading <strong>to</strong> virtual organizations.<br />
In order <strong>to</strong> have operational efficiency and productivity, virtual<br />
organizations should be able <strong>to</strong> communicate, cooperate and collaborate<br />
with each other in real-time. However, there is a need <strong>to</strong> ensure that the<br />
rise in productivity is not lowered or even over-compensated for by the<br />
overhead of coordination efforts required among cross-organization<br />
departments.<br />
The Solution:<br />
Software agents are an effective <strong>to</strong>ol for virtual organizations because<br />
they provide mechanisms <strong>to</strong> au<strong>to</strong>mate several activities, such as gathering<br />
and filtering information, negotiating deals and synchronizing business<br />
processes and workflows. Intelligent software agents can work on behalf<br />
of human knowledge workers, be it supplier or buyer or both.<br />
Software agents find applications in a variety of domains, including:<br />
<strong>B2B</strong> e-<strong>commerce</strong>, Internet-based information systems, robotics, smart<br />
systems, decision support systems, data mining and knowledge discovery.<br />
This chapter focuses on the role of software agents in <strong>B2B</strong> e-<strong>commerce</strong><br />
and <strong>B2B</strong> integration.<br />
The opportunities for using intelligent agents in <strong>B2B</strong> applications<br />
are enormous, mainly because the fundamental need of buyers over<br />
the Internet is <strong>to</strong> find the best price and that of sellers is <strong>to</strong> get an<br />
optimum price from buyers and multiply sales. These needs give rise <strong>to</strong><br />
a variety of intelligent agents working for <strong>B2B</strong> buyers and sellers.<br />
Agent technology can also be very useful in searching the Internet or<br />
an Intranet, negotiating deals and au<strong>to</strong>mating cus<strong>to</strong>mer relationship<br />
management, supply chain management and market pricing.<br />
13.2. What are Intelligent Software Agents<br />
An intelligent software agent is essentially a program that au<strong>to</strong>nomously<br />
senses the environment, acts upon it and adapts <strong>to</strong> the environment with
Software Agents 383<br />
time. These agents do not act in isolation, but in the presence of other<br />
humans and agents. They have <strong>to</strong> cooperate and execute a task <strong>to</strong><br />
achieve the desired goal. Intelligent agents have the ability <strong>to</strong> plan and<br />
set goals, reason about the effects of the actions and improve their<br />
knowledge and performance through learning. In short, intelligent agents<br />
are active, persistent (software) components that perceive, reason, act<br />
and communicate.<br />
Humans can reduce information overload and work overload by<br />
delegating tasks, which they would prefer not <strong>to</strong> do <strong>to</strong> these intelligent<br />
programs. As the intelligence of software agents grows, companies<br />
using them will become more time responsive, efficient and profitable<br />
since their supply chain processes, cus<strong>to</strong>mer relationship processes and<br />
internal processes will be more responsive <strong>to</strong> changes in price, availability<br />
and other external and internal fac<strong>to</strong>rs.<br />
An intelligent agent should be:<br />
• Social — one that interacts, negotiates, coordinates and cooperates<br />
with other agents;<br />
• Reactive — one that absorbs new information, responds <strong>to</strong> the changes<br />
in environment and constraints;<br />
• Mobile — one that is engaged in e-<strong>commerce</strong> travels from computer<br />
<strong>to</strong> computer, gathering information until search parameters are<br />
exhausted;<br />
• Persistent and Goal-Oriented — one that does not require constant<br />
attention from human beings and is driven <strong>to</strong>wards defined and<br />
established goals;<br />
• Communicative/<strong>Collaborative</strong> — one that communicates and collaborates<br />
in a multi-agent environment and sends and receives information<br />
<strong>to</strong> and from other agents, using appropriate pro<strong>to</strong>cols. This requires<br />
communication services supporting message queue management,<br />
asynchronous messaging and content-based routing of messages;<br />
• Flexible — one that deals with heterogeneity of other agents and<br />
information sources;<br />
• Adaptive/Learning — one that observes and learns from the users<br />
and other agents and adapts <strong>to</strong> the needs of the owner;<br />
• Au<strong>to</strong>nomous — one that acts on behalf of humans without their<br />
intervention;
384 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Proactive — one that acts <strong>to</strong> achieve goals; and<br />
• Able <strong>to</strong> perform directed tasks — one that takes directions from<br />
human beings or other agents and performs the directed tasks.<br />
13.3. What are Agent Systems?<br />
Agent systems provide an environment for the execution of software<br />
agents. As an application framework provides a set of services for the<br />
execution of the application-related actions, an agent framework provides<br />
a similar set of services for the execution of agent actions. Typically,<br />
an agent framework would provide services, such as the ability <strong>to</strong><br />
communicate with other agents, maintain the current state of executing<br />
agent and provide secure platform for code execution.<br />
13.4. Agent Classification<br />
Agents can be of the following types (see Figure 13.1):<br />
Payment<br />
Mobile<br />
Seller<br />
User<br />
Interface<br />
\<br />
Bui ier<br />
, - - • " " •<br />
"-•-/<br />
i Types of<br />
\ Agents<br />
/<br />
r--" ><br />
Inforn nation<br />
/<br />
Negotiating<br />
."'*•**•"--- C<br />
\<br />
Reactive<br />
eliberative<br />
Collabora itive 1<br />
Figure 13.1. — Agent classification
Interacts with<br />
•IIIIIMIMIIIIIIIIIMIIIIIIIMIIIMIMIIMIII Usei'<br />
Application J Observes &<br />
I Imitates<br />
Software Agents 385<br />
Corrmun ic ation Concept Lear ni ng<br />
Agent I<br />
User Interface L<br />
Interacts with ,.„^fL. .-J Provides Feedback <strong>to</strong><br />
Figure 13.2. — User interface agent<br />
User Interface Agents — User interface agents usually provide assistance<br />
<strong>to</strong> a user dealing with a particular application (see Figure 13.2). The<br />
metaphor is that of a personal assistant who is collaborating with a user<br />
in the same work environment.<br />
Information Agents — An information agent is an agent that can answer<br />
the queries of users by gathering, filtering, processing and manipulating<br />
information from at least one data and information source.<br />
<strong>Collaborative</strong> Agents — Agents that communicate, i.e., share information<br />
and collaborate on a common task are called collaborative agents (see<br />
Figure 13.3).<br />
Mobile Agents — Agents that act on a user's behalf and are able <strong>to</strong><br />
migrate over a network in a controlled fashion are known as mobile<br />
agents. The agent decides its own path of migration, time of execution<br />
and acts if it has <strong>to</strong> terminate its execution. It returns results and<br />
messages in an asynchronous fashion.<br />
Reactive Agents — Agents that respond <strong>to</strong> activities in the current state<br />
of their environment are labeled as reactive agents.<br />
Deliberative Agents — Agents that plan and reason <strong>to</strong> achieve coordination<br />
with other agents are addressed as deliberative agents. These<br />
agents possess an internal representational and reasoning model.<br />
Matchmaking Agents — Matchmaking agents act as intelligent media<strong>to</strong>rs<br />
between buyers and sellers.
386 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Smart<br />
Agents<br />
<strong>Collaborative</strong><br />
Learning Agents<br />
<strong>Collaborative</strong> Interface<br />
Agents Agents<br />
Source: Hyacinth Nwana (1996)<br />
Figure 13.3. — <strong>Collaborative</strong> agents<br />
Negotiating Agents — Agents that negotiate with users or agents in a<br />
given environment <strong>to</strong> achieve an optimum outcome for their users or<br />
agents are classified as negotiating agents.<br />
Commerce Agents — Agents that participate and collaborate in <strong>commerce</strong><br />
activities leading <strong>to</strong> transactions are categorized as <strong>commerce</strong><br />
agents. Seller and buyer agents are good examples of <strong>commerce</strong> agents.<br />
• Seller Agents — Agents that represent sellers (e.g., suppliers and<br />
resellers) and au<strong>to</strong>mate their activities, such as tracking buyer demand,<br />
change in market dynamics, engage in competitive negotiations with<br />
buyer agents, perform knowledge mining and even learn through<br />
collaboration from buyer agents, are known as seller agents.<br />
• Buyer Agents — Agents that represent buyers (e.g., consumers and<br />
companies) and au<strong>to</strong>mate their activities, such as building and<br />
maintaining relationships with seller agents or users, engaging in<br />
competitive negotiations with seller agents, performing knowledge<br />
mining and even learning through collaboration with seller agents are<br />
known as buyer agents.
13.5. Agents and Au<strong>to</strong>nomy<br />
Software Agents 387<br />
Intelligence is based on au<strong>to</strong>nomy. Au<strong>to</strong>nomy refers <strong>to</strong> the ability of<br />
agents <strong>to</strong> take initiative, operate on their own and exercise some level<br />
of restraint and control on their own actions. Au<strong>to</strong>nomy of the agents is<br />
driven by the following traits:<br />
• Goal-oriented — Au<strong>to</strong>nomy is directly linked <strong>to</strong> the goal-oriented<br />
nature of agents. They should be able <strong>to</strong> learn and identify human<br />
needs and be responsible for pursuing a course of action <strong>to</strong> satisfy<br />
those needs.<br />
• Pro-activeness — Agents should act on their own instantaneously if<br />
and when they detect a change in their environment. This action<br />
should be chosen dynamically, based on the change. To do so, they<br />
would have <strong>to</strong> learn as they react and interact with their external<br />
environment.<br />
Effective adjustable au<strong>to</strong>nomy minimizes the necessity for human<br />
interaction, but maximizes the capability for humans <strong>to</strong> interact at<br />
whatever level of control is most appropriate for any situation at any<br />
time.<br />
From the perspective of <strong>B2B</strong> e-<strong>commerce</strong>, adjustable au<strong>to</strong>nomy<br />
(i.e., dynamically adjusting the level of au<strong>to</strong>nomy of an agent) fits more<br />
as of the moment. There are several critical decisions that are involved<br />
in completing a <strong>B2B</strong> transaction successfully. With the given level of<br />
agent intelligence, humans should be involved at some level, based on<br />
the situation, <strong>to</strong> complete the transaction.<br />
13.6. Multi-Agent Environment<br />
A multi-agent environment consists of cooperating intelligent agents.<br />
In a multi-agent environment, there are multiple agents with different<br />
owners, users, skills, intelligence, constraints and governing rules. Agents<br />
in such systems have <strong>to</strong> interact, either in a selfish or cooperative way,<br />
both with associated users and other agents in their environments. The<br />
working of such environments is viable only with the coordination of<br />
the activities of multiple agents. Agents can develop the coordination<br />
strategies through learning and adaptation.
388 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
13.6.1. The 3 Cs of prime importance<br />
The 3 Cs of fundamental importance in a multi-agent environment are<br />
communication, collaboration and coordination. Individual agents operate<br />
with major knowledge and resource constraints <strong>to</strong> accomplish the given<br />
goal, making these three Cs a necessity in a multi-agent environment.<br />
13.6.2. Advantages of a multi-agent environment<br />
The advantages of a multi-agent environment are:<br />
• Modularity and Flexibility — A multi-agent architecture can be<br />
easily modularized. Different teams can work on different modules.<br />
The modularity and flexibility offered by a multi-agent environment<br />
makes it an invaluable <strong>to</strong>ol <strong>to</strong> au<strong>to</strong>mate and implement concurrent<br />
<strong>B2B</strong> processes and practices, where there is no central control and<br />
high level of dynamics.<br />
• Information Sharing — Agents can share the information by communicating<br />
with other agents.<br />
• Efficient — Independent sub-tasks can be solved locally and speed<br />
can be increased as agents working on partial solutions can process<br />
complex instructions in parallel.<br />
• Multimode Input — Different modes of interaction can be integrated<br />
by the cooperation of agents.<br />
• Learning/Adaptability — An agent can learn the preferences and<br />
changing priorities of associated users. It can also learn about other<br />
agents in the multi-agent environment <strong>to</strong> compete or cooperate with<br />
them effectively.<br />
13.6.3. Disadvantages of a multi-agent environment<br />
The disadvantages of a multi-agent environment are:<br />
• Performance and Scalability — There are still several unresolved<br />
issues in multi-agent systems related <strong>to</strong> performance and scalability.<br />
Environment requirements, such as execution of several mobile agents<br />
simultaneously, slow down the system. Before adopting any specific
Software Agents 389<br />
agent technology, companies should consider the performance and<br />
scalability of an agent system that requires communication and<br />
coordination with so many heterogeneous agents running on all kinds<br />
of platforms and systems over external networks like Wide Area<br />
Networks (WANs).<br />
• Security Risk — In a multi-agent environment, security risks are<br />
manifold as compared <strong>to</strong> stand-alone agents.<br />
• Unnecessary Interactions — In a large-scale multi-agent system, agents<br />
need <strong>to</strong> interact with other agents. There is the risk of an explosive<br />
number of unnecessary interactions that are futile in achieving agents'<br />
goals.<br />
• Unpredictable External Environment — As a multi-agent environment<br />
increases in scope, dynamics and complexity, the task of grasping its<br />
changes becomes more demanding. The unpredictability of changes<br />
or discontinuities up scales the environmental uncertainty.<br />
13.7. Agents and Negotiation<br />
The tremendous growth of <strong>B2B</strong> e-<strong>commerce</strong> has increased the importance<br />
and need for au<strong>to</strong>mated negotiation systems. Negotiation systems are<br />
built on a negotiation strategy and collaboration strategy. The goal of<br />
any negotiation strategy is <strong>to</strong> maximize outcomes within the boundaries<br />
and constraints of a given environment.<br />
In real world negotiations, humans take decisions based on their own<br />
expertise, past experience and in cooperation with other experts. How<br />
will the agents be able <strong>to</strong> replicate the human behavior counterparts?<br />
Let's first try <strong>to</strong> learn what we mean by a negotiation strategy in an<br />
agent's paradigm:<br />
1. Negotiation strategy is a formalized strategy responsible for computation<br />
of appropriate actions and outcomes. Negotiation pro<strong>to</strong>cols are<br />
established <strong>to</strong> govern and restrict the interaction among participating<br />
agents in a multi-agent environment.<br />
2. Negotiating agents have a goal that is associated with a set of<br />
parameters and binding rules with regard <strong>to</strong> penalty, commitment,<br />
recommitment, timeout and termination conditions. In a negotiation
390 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
process, a group of agents communicate with one another <strong>to</strong> come<br />
up with a mutually acceptable agreement.<br />
3. Design and implementation of any negotiating strategy and<br />
collaboration pro<strong>to</strong>col isn't easy. A great deal of research still needs<br />
<strong>to</strong> be done, so that the negotiation strategy of any agent completely<br />
replicates human behavior.<br />
13.7.1. Types of negotiation strategies<br />
There are two fundamental types of negotiation strategy, as follows:<br />
Analytical Negotiation Strategies — They are based on static<br />
mathematical models <strong>to</strong> evaluate outcomes and generate corresponding<br />
actions. These strategies are usually reliable and stable in behavior.<br />
However, since they are static in nature, they tend <strong>to</strong> have a predictable<br />
outcome.<br />
Evolutionary Negotiation Strategies — They are dynamic in nature and<br />
adapt and evolve with time, learning by their behavior, environment and<br />
through other agents. However, they are extremely complex and very<br />
few implementations have been tried using such strategies.<br />
13.7.2. Not revealing negotiation strategy paramount<br />
If agents can somehow know what other agents are thinking and learn<br />
during their interactions how other agents behave, their payoff might<br />
increase. Learning in negotiation is tightly integrated with the issue of<br />
how <strong>to</strong> model the overall negotiation process, i.e., what negotiation<br />
pro<strong>to</strong>cols are adopted.<br />
It is very important for agents <strong>to</strong> hide their negotiation strategies. If<br />
the buyer agent knows the supplier agent's negotiation strategy (<strong>to</strong><br />
accept all offers as long as they are above a certain threshold value),<br />
the buyer in this scenario can begin by offering a price lower than the<br />
threshold value and repeatedly offering the seller a penny more each<br />
time until the threshold value is reached. At this price, the supplier<br />
agent would accept the price, which is obviously not the optimum one<br />
from its perspective.
Client Application<br />
Hgrates<br />
Server Application<br />
II ]<br />
Cl ient Appl i cati on |<br />
i<br />
I<br />
Figure 13.4. — Mobile agent architecture<br />
13.8. Agents and Mobility<br />
Software Agents 391<br />
Mobility is the ability of agents <strong>to</strong> migrate in a self-directed way from<br />
one host platform <strong>to</strong> another. Mobile agents are capable of migrating<br />
from one computer <strong>to</strong> another <strong>to</strong> execute a set of tasks on behalf of<br />
their owners (see Figure 13.4). These agents gather, filter and analyze<br />
data from multiple sources (nodes of the network) and present a subset<br />
of this data <strong>to</strong> another agent or owner.<br />
For example, a computer manufacturing company that needs semiconduc<strong>to</strong>r<br />
chips on a regular basis could have intelligent agents that<br />
moni<strong>to</strong>r its internal inven<strong>to</strong>ry, usage forecasts and patterns and launch<br />
mobile purchasing agents when the inven<strong>to</strong>ry goes down. These agents<br />
would traverse different <strong>B2B</strong> e-marketplaces and suppliers and collect<br />
information about the chips based on specifications. They would then<br />
evaluate the prices, logistics, delivery date, etc. and make a decision<br />
about the supplier, negotiate the terms of the transaction, place orders<br />
and make secured au<strong>to</strong>matic payments. At any stage, if agents feel that<br />
a human intervention is required, they will generate messages for users<br />
and notify them.<br />
13.8.1. Benefits of using mobile agents<br />
Asynchronous, adaptive and bandwidth-saving natures of mobile agents<br />
make them ideal for <strong>B2B</strong>i. The main benefits of using mobile agents<br />
are:
392 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Mobile agents are dynamic in nature, i.e., they are able <strong>to</strong> adapt <strong>to</strong><br />
new negotiation strategies and pro<strong>to</strong>cols, based on the current task.<br />
• Mobile code significantly reduces network traffic due <strong>to</strong> local agent<strong>to</strong>-agent<br />
communication. In a distributed application, like the ones<br />
supporting <strong>B2B</strong> e-<strong>commerce</strong>, network bandwidth is one of the major<br />
concerns. To successfully complete a single transaction in the <strong>B2B</strong><br />
domain, applications of the companies concerned have <strong>to</strong> communicate<br />
a multiple number of times. In each communication there is a clientserver,<br />
round-trip involved which not only takes the already scarce<br />
network bandwidth, but also slows down the whole process, resulting<br />
in poor performance for the application as a whole. By creating a<br />
mobile agent <strong>to</strong> handle the query or transaction and sending the agent<br />
from the client <strong>to</strong> the server, network bandwidth consumption is<br />
reduced and the process becomes much faster.<br />
• Mobile agent architectures also solve the problem created by<br />
intermittent or unreliable network connections. In the conventional<br />
systems, if the network goes down, the whole transaction is aborted.<br />
The users of such applications have <strong>to</strong> redo all the work <strong>to</strong> complete<br />
the aborted transaction. In a mobile agent architecture, the client<br />
doesn't talk <strong>to</strong> the server over the network, instead, the client actually<br />
migrates <strong>to</strong> the server's machine. Once on the server's machine, the<br />
client makes its requests <strong>to</strong> the server directly. When the entire<br />
transaction is complete, the mobile agent returns home with the<br />
results.<br />
13.8.2. Potential risks involved in use of<br />
mobile agents<br />
Mobile agents have <strong>to</strong> expose their code and data <strong>to</strong> the host environment<br />
that supplies them the means <strong>to</strong> execute. Due <strong>to</strong> this feature, agents can<br />
be tampered with, scanned, or, in some extreme cases, even terminated<br />
by malicious servers.<br />
The risks of attack on an agent's activities and fitness are directly<br />
proportional <strong>to</strong> its mobility (see Figure 13.5). Thus, agents dealing with<br />
highly secured data, such as payment information, should be restricted<br />
in mobility.
Safety<br />
static<br />
--...<br />
mobile<br />
Software Agents 393<br />
Figure 13.5. — Relationship between safety and mobility of software agents<br />
13.9. Agents' Role in <strong>B2B</strong> E-<strong>commerce</strong> and <strong>B2B</strong>i<br />
The use of intelligent software agents that au<strong>to</strong>mate the coordination<br />
activities among business partners is not only an advantage, but a necessity<br />
in the connected and networked world that companies operate in.<br />
Intelligent agents can be responsible for collecting and interpreting<br />
information of merchants and products, making decisions, even presenting<br />
payment information and settling transactions, thus reducing time and<br />
cost. They will help buyers and suppliers achieve greater efficiencies in<br />
all of the important aspects of <strong>B2B</strong>, such as content, community and<br />
transaction.<br />
Additionally, agent based e-<strong>commerce</strong> happens on the Internet and<br />
does not require the high setup costs associated with EDI. Agent<br />
technology also leverages existing infrastructure and investments.<br />
Agents can help in au<strong>to</strong>mating all the repetitive activities in the<br />
following business aspects:<br />
• Internal functions and activities, such as accounting, order fulfillment<br />
and personnel management;<br />
• External activities, such as supply chain management and eprocurement,<br />
which involve interaction with trading partners, <strong>B2B</strong><br />
exchanges; and<br />
• External cus<strong>to</strong>mer centric activities such as eCRM, sales and services.<br />
Let us review these aspects in greater detail.
394 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
13.9.1. Information gathering and filtering<br />
In 1982, the volume of publicly available scientific, corporate and<br />
technical information had doubled every five years. By 1988, it had<br />
doubled every 2.2 years and by 1992 every 1.6 years. Due <strong>to</strong> the<br />
Internet, the amount of information available electronically has increased<br />
by manifolds and is now doubling in less than a year. According <strong>to</strong><br />
IBM, over 67,000 corporations are publishing new Websites every day.<br />
This information overload is causing major problems, as far as<br />
gathering relevant information and network bandwidth are concerned.<br />
Information gathering and filtering agents help in overcoming these<br />
problems, as they affect <strong>B2B</strong> e-<strong>commerce</strong> and companies that participate<br />
in it, as follows:<br />
• Companies usually publish data such as catalogs in formats and<br />
structures that are vastly varied and this information is very dynamic.<br />
This information should be made available <strong>to</strong> all buyers just-in-time<br />
(JIT) — delivered immediately as needed, relevant — based on users'<br />
preferences and filters and au<strong>to</strong>-refreshed — updated whenever a new<br />
piece of information arrives. Agents can be used <strong>to</strong> locate information<br />
sources, <strong>to</strong> combine intelligently disparate streams of information<br />
from multiple distributed resources <strong>to</strong> respond <strong>to</strong> a specific request<br />
from users with relevant, synthesized results. Agents can help by<br />
managing data and information sources, such as routing e-mails,<br />
information retrieval, building dynamic catalogs and retrieving latest<br />
product information. In short, they are able <strong>to</strong> anticipate and act on<br />
users' information needs.<br />
• Companies face the challenge of organizing network flows in a way<br />
that prevents massive retrieval of information from remote sources.<br />
The inundation of data can cause severe degradation of their network<br />
performance. Software agents help in providing a solution <strong>to</strong> this<br />
problem. Agents can gather and select this information locally, thereby<br />
avoiding unnecessary network loads.<br />
• Agents are not only able <strong>to</strong> perform searches based on keywords,<br />
but also based on context. They will deduce this context from user<br />
information (i.e., a built-up user model) or by using other services,
Software Agents 395<br />
such as a thesaurus service. With more efficient and powerful search<br />
capabilities, agents will help drive down e-<strong>commerce</strong> costs and make<br />
<strong>B2B</strong> e-<strong>commerce</strong> more transparent.<br />
13.9.2. Uncovering quality sales prospects<br />
Agents can au<strong>to</strong>mate the process of identifying quality sales leads for<br />
the sales and marketing professionals. They can search, retrieve, analyze,<br />
identify, generate precise targeted sales prospects and interact with<br />
users <strong>to</strong> develop an accurate data profile of a quality prospect in the<br />
target market segment.<br />
For example, ProspectMiner, a seller agent developed by Inkarta,<br />
generates buyer profiles by pulling information in parallel from 19 search<br />
and direc<strong>to</strong>ry services. For each quality lead identified, ProspectMiner<br />
au<strong>to</strong>matically researches the candidate company, retrieving and organizing<br />
the key information needed by sales and marketing professionals <strong>to</strong><br />
initiate an informed contact. ProspectMiner can be set in<strong>to</strong> au<strong>to</strong>-query<br />
mode <strong>to</strong> operate au<strong>to</strong>nomously on the user's behalf, periodically scanning<br />
the Web for new prospects and information about previously identified<br />
and researched prospects in the given market segment.<br />
Advantages of Web-based lead generation include the ability <strong>to</strong><br />
access far more companies than are available through any other lead<br />
source — finding the smallest, newest and least known prospects — and<br />
<strong>to</strong> retrieve the most current information about each quality candidate.<br />
13.9.3. Value chain integration<br />
An integrated supply chain allows businesses <strong>to</strong> share real-time<br />
information and drastically reduce transaction costs. Agents act as value<br />
chain integra<strong>to</strong>rs by au<strong>to</strong>mating and integrating the value chain. The<br />
value chain is comprised of inbound logistics, operations, outbound<br />
logistics, marketing and sales and service.<br />
Using agents that communicate and collaborate within the organization<br />
and with the trading partners, companies can reduce cycle times and<br />
increase transparency throughout the procurement and supply chain.
396 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
13.9.4. Optimization of business processes in<br />
light of <strong>B2B</strong>i<br />
Agents enable companies <strong>to</strong> optimize their business processes and<br />
allocate the most qualified resources <strong>to</strong> perform activities in the shortest<br />
amount of time. By doing business more efficiently in conjunction with<br />
their value chain partners (e.g., order fulfillment, new product launch,<br />
contract negotiation and project management), companies can achieve<br />
significant cost savings.<br />
For example, Exterprise utilizes collaborative agent technology in its<br />
Agent-based Process Engine (APEx) <strong>to</strong> optimize business processes.<br />
EXTERPRISE'S APEX PLATFORM:<br />
POWERING COLLABORATIVE BUSINESS NETWORK<br />
Today's market conditions warrant fast change; frequently no two<br />
suppliers or channel partner relationships are the same. Also, business<br />
rules can vary from partner <strong>to</strong> partner. Exterprise utilizes collaborative<br />
agent technology in its Agent-based Process Engine (APEx) platform<br />
(see Figure 13.6) <strong>to</strong> bring <strong>to</strong>gether business process activities, business<br />
rules and resources at runtime. Exterprise cus<strong>to</strong>mers report cost<br />
savings of 20% <strong>to</strong> 30% and higher.<br />
The APEx platform consists of a network of collaborative agents,<br />
'event-condition-action' driven programs designed <strong>to</strong> work continuously<br />
<strong>to</strong> complete a specific action. As their name implies, collaborative<br />
agents work <strong>to</strong>gether <strong>to</strong> solve a problem. Although each agent is<br />
au<strong>to</strong>nomous, the resulting synergy from their cooperation makes the<br />
agents collaborative in problem solving.<br />
In an agent-based model, activities, rules and resources are<br />
independent of one another and are brought <strong>to</strong>gether at run-time.<br />
Thus, business processes adapt in real-time <strong>to</strong> varying conditions.<br />
Each process is highly configurable so companies can adapt and<br />
change as their businesses change. Processes are moni<strong>to</strong>red as<br />
well, so each process can be examined and streamlined over time <strong>to</strong><br />
maximize efficiencies.<br />
Continue on page 397
Q Once the process is<br />
requested, the process agent<br />
initiates negotiations with the<br />
pool of proxy agents having the<br />
capability <strong>to</strong> perform the rst<br />
activity of the process.<br />
© Selected'bestfit'proxy<br />
agent is assigned by the<br />
process agent <strong>to</strong> perform the<br />
activity.<br />
^7 Process agent communicates<br />
the specifications of the activity <strong>to</strong><br />
the proxy agent.<br />
Q Proxy agent then begins work.<br />
Here is how agents function<br />
using an example process<br />
of building a home<br />
* '<br />
While moni<strong>to</strong>ring the progress of the<br />
process, the process agent repeats the<br />
negotiation and selection steps for<br />
subsequent activities until the entire<br />
project has been completed per the<br />
cus<strong>to</strong>mer's specifications.<br />
*<br />
wans<br />
A<br />
*<br />
4PW<br />
A A<br />
Software Agents 397<br />
Continued from page 396<br />
Foundation ion _ sro&.#_<br />
I Windows<br />
"ft<br />
* fl\ IHli<br />
I—A IP<br />
Figure 13.6. — Exterprise agent-based process engine<br />
APEx supports a number of pre-built collaborative processes in<br />
the system, such as contract management, complex matching and<br />
negotiations for sourcing, distributed order management and catalog<br />
product pricing management.<br />
Source: Exterprise.com<br />
13.9.5. Efficient e-marketplaces<br />
Almost all existing commercial <strong>B2B</strong> e-marketplaces provide limited<br />
services, such as communication supports between buyers and sellers,
398 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
industry news, liquidity and current market information and transaction<br />
services.<br />
KASBAH —AN AGENT BASED E-MARKETPLACE<br />
Kasbah is an agent marketplace that allows agents <strong>to</strong> negotiate the<br />
price of goods on behalf of consumers. However, Kasbah allows<br />
negotiations based only on price and uses only one specific negotiation<br />
strategy.<br />
In the Kasbah system, buyers who need <strong>to</strong> procure particular<br />
goods would create an agent, give it basic strategic direction and<br />
send it off in<strong>to</strong> the electronic marketplace. The Kasbah agents would<br />
then proactively seek out potential sellers and negotiate with them on<br />
the buyer's behalf, making the best possible deal based on a set of<br />
constraints specified by the buyer, including the highest acceptable<br />
price and a transaction completion date.<br />
The selling agents in the Kasbah system are pro-active <strong>to</strong>o. When<br />
a selling agent is created, the marketplace has <strong>to</strong> give it a list of<br />
potential buyer agents and inform all potential buyers of the existence<br />
of this new selling agent. It has <strong>to</strong> match up agents interested in the<br />
same goods.<br />
Using intelligent agents <strong>to</strong> buy and sell goods can create truly<br />
rational market behavior— just the way economics is supposed <strong>to</strong><br />
work. Future exchanges will be built using a set of agents <strong>to</strong> support<br />
coordination, negotiation and settlement with both numerical data and<br />
textual information. Agents would au<strong>to</strong>mate the whole process of<br />
multidimensional <strong>B2B</strong> e-<strong>commerce</strong> involving product selection, payment<br />
methods, delivery, after sales service, etc. This is in sharp contrast <strong>to</strong><br />
<strong>to</strong>day's <strong>B2B</strong> e-marketplaces that are purelly transaction based. Such a<br />
multi-agent model would be ideal for highly uncertain and dynamic<br />
markets involving complex negotiation processes. The required conditions<br />
<strong>to</strong> build such a marketplace are the establishment of on<strong>to</strong>logies (in<br />
short: unequivocal definitions of entities) and pro<strong>to</strong>cols.
Software Agents 399<br />
Agents can also act as intermediaries in <strong>B2B</strong> e-marketplaces by<br />
evaluating the quality of products, comparing prices and providing<br />
recommendations.<br />
13.9.6. Maintaining cus<strong>to</strong>mer relationships<br />
Intelligent agents can au<strong>to</strong>mate the task of tracking cus<strong>to</strong>mer behavior,<br />
linking business goals and cus<strong>to</strong>mer interests, learning from previous<br />
experience, drawing conclusions from that and giving recommendations<br />
for actions <strong>to</strong> be taken due <strong>to</strong> changes in cus<strong>to</strong>mer behavior. With the<br />
above information, suppliers can provide personalized service, such as<br />
sales suggestions, prices, bulk discounts and content <strong>to</strong> cus<strong>to</strong>mers.<br />
13.9.7. Effective e-procurement<br />
Most of the activities involved in corporate procurement are defined,<br />
routine and repetitive in nature. But there is still a substantial human<br />
element involved in the procurement cycle, which slows the whole<br />
process down. Software agents au<strong>to</strong>mate the enterprise procurement<br />
process by finding and negotiating deals, instead of having personnel do<br />
it. According <strong>to</strong> a recent report from Deloitte Research, by 2002<br />
companies will routinely use intelligent agents <strong>to</strong> e-shop.<br />
Agents can assist buyers by finding all the products and their<br />
suppliers, based on a defined price, preferred highest acceptable, delivery<br />
date, delivery location and other defined specifications. Moreover, the<br />
decision-making capability of these buyer and seller agents is dynamic<br />
and reacts <strong>to</strong> user needs and the current environment. Agents like the<br />
ones used by <strong>commerce</strong>one.com (which hosts several vertical exchanges)<br />
assist in information sharing and aggregation between buyers and sellers<br />
across vertical and horizontal exchanges.<br />
Suppliers usually adopt a push strategy <strong>to</strong> announce their products<br />
and survey cus<strong>to</strong>mer demand. Human sales representatives, who visit<br />
buyers on behalf of the supplier, traditionally carry out this task. Mobile<br />
software agents can au<strong>to</strong>mate this process quickly and with low cost by<br />
visiting many buyer sites, obviating much human involvement in the<br />
procurement process.
400 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
13.9.8. <strong>Integration</strong> with legacy systems<br />
Software agents provide an ideal mechanism for integrating legacy<br />
systems with new data systems. Agents are well suited <strong>to</strong> implement<br />
these middleware applications. They can be used <strong>to</strong> perform data translation<br />
and implement data systems interfaces that meet a wide variety<br />
of requirements. This is one of the key attributes of agent technology in<br />
au<strong>to</strong>mating <strong>B2B</strong> e-<strong>commerce</strong>, as dynamic <strong>B2B</strong> relationships involve<br />
exchange and interpretation of heterogeneous data.<br />
Agent technology can be used <strong>to</strong> produce a simple information agent<br />
by 'wrapping' any information source <strong>to</strong> allow it <strong>to</strong> conform <strong>to</strong> the<br />
communication conventions of an agent infrastructure. This allows for<br />
the interconnection and interoperation of multiple existing legacy systems.<br />
By building an agent wrapper around such systems, they can be<br />
interoperated in<strong>to</strong> an agent society.<br />
13.9.9. Enable privacy in <strong>B2B</strong> transactions<br />
<strong>B2B</strong> e-<strong>commerce</strong> has delivered several benefits <strong>to</strong> businesses, but it has<br />
also substantially increased the need for privacy protection of participating<br />
companies. Any person or company should not own privacy. It<br />
should be a standard feature with every computer, every <strong>B2B</strong> transaction.<br />
With the help of privacy agents, businesses can au<strong>to</strong>mate and<br />
implement a privacy policy based on defined parameters.<br />
Privacy agents enable companies <strong>to</strong>:<br />
• Adopt and implement a privacy policy that takes in<strong>to</strong> consideration<br />
the goals of a company's Website as well as the anxiety of consumers<br />
over sharing information online;<br />
• Give users choice and consent over how their personal information is<br />
used and shared; and<br />
• Put data security and access measures in place <strong>to</strong> safeguard, update<br />
and correct personally identifiable information.<br />
@YourCommand's unique intelligent agents that assure anonymity<br />
and privacy are an example of such agents.
Software Agents 401<br />
HOW ©YOURCOMMAND'S SOLUTION WORKS<br />
©YourCommand is based on the model of an English butler who<br />
shops anonymously on behalf of a private person. The butler can<br />
be completely candid with a merchant concerning this person's<br />
needs, wants and preferences. The merchant benefits by knowing<br />
exactly what products are in demand. The private individual benefits<br />
by receiving the goods he or she wants through a trusted,<br />
private channel, without disclosing identity or any other personal<br />
information.<br />
@ YourCommand applies this model <strong>to</strong> electronic <strong>commerce</strong>, with<br />
the role of the butler played by an ©YourCommand intelligent agent,<br />
called a Tasklt. A consumer will be able <strong>to</strong> visit ©YourCommand's<br />
secure site and be completely candid concerning needs, wants and<br />
preferences — including price, style, location and other product<br />
attributes. A detailed demand profile — but not personal data — will<br />
be sent <strong>to</strong> merchants offering such products and those who can meet<br />
the demands can approach this consumer. Payment and delivery will<br />
also be completely anonymous. In short, the Tasklt agent protects the<br />
consumer's identity.<br />
The real-time demand data will allow merchants <strong>to</strong> mass-cus<strong>to</strong>mize,<br />
maximize the consumer's shopping experience, thereby increasing<br />
their margins and sales. The same information can also be used <strong>to</strong><br />
quantify lost sales.<br />
If the Tasklt does not find the item it is searching for, it continues<br />
a 'persistent search' of ©YourCommand's database. The search ends<br />
when the item is found or when the consumer calls off the search.<br />
In addition <strong>to</strong> benefiting consumers, persistent searches will create<br />
persistent demand that helps merchants tailor products and services<br />
<strong>to</strong> match this demand. ©YourCommand enables long-term relationships<br />
based on need and not identity and relieves merchants from<br />
the burden of having <strong>to</strong> collect and s<strong>to</strong>re personally identifiable<br />
information.<br />
Source: Condensed from How ©YourCommand Works, Business Wire
402 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
h<br />
Information j Matchmaking Matchmaking!, 1. _ . Information<br />
|"" Agent P ^<br />
r ""'"""""* Agent f*** Agent f * Agent |^'»= J =»" r |<br />
,, ,, I Negotiating I Auctioning I Negotiating I „,,„_„<br />
seller j»—» Agent p—» Agent f^ Agent I*** y<br />
<strong>Collaborative</strong> | <strong>Collaborative</strong><br />
"* Agent ' Agent •*<br />
Figure 13.7. — Agent communication<br />
13.10. Need for a Universal Language<br />
In a multi-agent environment, interacting agents need <strong>to</strong> have the same<br />
understanding of a particular vocabulary and need <strong>to</strong> be able <strong>to</strong> present<br />
the data in a single consistent language. Agents within a system have <strong>to</strong><br />
converse with agents external <strong>to</strong> the system, which are within another<br />
agent framework (see Figure 13.7). Dynamic communication, cooperation<br />
and collaboration among agents is possible only through a universal<br />
language like XML. In a previous chapter, we have already discussed<br />
the merits of using XML as a common syntactic representation of<br />
knowledge.<br />
Here are a few more merits of XML in the context of inter-agent<br />
communication:<br />
• XML has a way of defining the 'meaning' of new tags using XML<br />
itself. With XML, virtually any data anywhere can be adapted <strong>to</strong> the<br />
Web and used by agents.<br />
• XML enables communication, cooperation and collaboration among<br />
agents in a diverse, multi-agent environment (see Figure 13.8).<br />
• Cataloging and information gathering agents can moni<strong>to</strong>r and retrieve<br />
online information from distributed and heterogeneous sources. This<br />
information represented in XML format can be analyzed on the fly<br />
and product catalogs and search results can be built dynamically.<br />
• Using XML, agents can be built on open standards. Assembling the<br />
various pieces of a complex multi-agent environment requires broad<br />
accessibility and interoperability, which is possible only if agents are<br />
developed using open standards.
Software<br />
Software Code<br />
XML Document<br />
Software<br />
Agent<br />
Software Code<br />
Exchange<br />
of XML<br />
XML Document<br />
Messages J"""*'<br />
Figure 13.8. — XML-based agent communication<br />
Software Agents 403<br />
BRML: ENABLING COMMUNICATION AMONG<br />
DISPARATE AGENTS<br />
BRML (Business Rules for Electronic Commerce) is an 'XML Rule<br />
Interlingua for Agent Communication, based on Courteous/Ordinary<br />
Logic Programs'. It is used in connection with 'CommonRules' from<br />
IBM and was developed in connection with IBM's business rules for<br />
e-<strong>commerce</strong> project.<br />
CommonRules provides innovative XML interoperability and<br />
prioritized conflict handling capabilities. Using CommonRules, a seller<br />
Website or application can communicate its business policy rules<br />
about pricing, promotions, cus<strong>to</strong>mer service provisions for refunds<br />
and cancellation, ordering lead-time and other contractual terms and<br />
conditions <strong>to</strong> a cus<strong>to</strong>mer application/agent, even when the seller's<br />
rules are implemented using a different rule system <strong>to</strong> that in which<br />
the buyer's rules are implemented. The cus<strong>to</strong>mer application/agent<br />
can then understand and assimilate those rules in<strong>to</strong> its own business<br />
logic. Similarly, using CommonRules a cus<strong>to</strong>mer can communicate<br />
with its suppliers RFQs/RFPs, including detailed conditions and<br />
policies expressed in rules, e.g., in supply chain settings.<br />
Source: IBM Corp.<br />
However, XML is only a 'grammar', i.e., a standard for how <strong>to</strong> use<br />
markup tags. It does not define any term or word in the language. In<br />
order for agents <strong>to</strong> communicate in a multi-agent environment over the<br />
Internet, there has <strong>to</strong> be a common vocabulary, which is available <strong>to</strong><br />
and unders<strong>to</strong>od by all agents.
404 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Is common vocabulary alone sufficient for agents <strong>to</strong> locate and<br />
communicate with each other? No. Agents need <strong>to</strong> know the addresses,<br />
locations and names of the remote agents in order <strong>to</strong> communicate with<br />
them. Extensible Name Service (XNS) maintains the dictionary and<br />
address book for Web agents. XNS provides a common vocabulary and<br />
a common global naming and addressing system for permanent linking<br />
of Web agents.<br />
13.10.1. XNS: A dictionary and address book for<br />
web agents<br />
The HTML linking mechanism for Web pages was based on Domain<br />
Name System (DNS), developed <strong>to</strong> name host computers on the Internet.<br />
But DNS names are far from ideal for naming Web agents, which<br />
represent more dynamic resources, such as people and businesses.<br />
Furthermore, Web agents need <strong>to</strong> be able <strong>to</strong>: a) move on a network (like<br />
people or businesses move locations) and b) change their names (like<br />
people or businesses change their names) — both without breaking their<br />
links with one another. For this reason Web agents needed something<br />
DNS was unable <strong>to</strong> provide: permanent, universal addresses.<br />
Software<br />
XNS Naming &<br />
Addressing System<br />
XNS Name: Evan<br />
XNS ID: 10000<br />
XNS Address:<br />
78.202.15.3 XNS Link<br />
(10000<br />
<strong>to</strong> 20000)<br />
XNS Name: Ben<br />
XNS ID: 20000<br />
XNS Address:<br />
80.187,13,2<br />
Figure 13.9. — XNS naming and addressing system linking web agents
Software Agents 405<br />
The developers of Web agent technology recognized that they could<br />
solve both problems at once — create a global Web agent vocabulary<br />
and a global Web agent naming and addressing system — by designing<br />
a new Internet name service based on XML (see Figure 13.9). Thus<br />
Extensible Name Service (XNS) was born. In short, XNS is <strong>to</strong> DNS<br />
what XML is <strong>to</strong> HTML.<br />
13.11. Conclusion<br />
Current trends have made it clear that the complexity of <strong>B2B</strong> e<strong>commerce</strong><br />
and the software that enables it will increase dramatically in<br />
the coming decades. The focus has <strong>to</strong> be on infrastructure, negotiation,<br />
information gathering and transactional technology <strong>to</strong> ensure a smooth<br />
transaction from proper goods selection <strong>to</strong> final payment and goods<br />
delivery.<br />
Intelligent agents are the most promising paradigm for facing these<br />
challenges, overcoming the difficulties and exploiting the opportunities<br />
associated with <strong>B2B</strong> e-<strong>commerce</strong>.<br />
However, if intelligent agent technology is going <strong>to</strong> survive, it has <strong>to</strong><br />
be able <strong>to</strong> deal effectively with the most important characteristics of<br />
<strong>B2B</strong> e-<strong>commerce</strong>: global business and information infrastructure. <strong>B2B</strong><br />
e-<strong>commerce</strong> is very dynamic, large, distributed, heterogeneous, open<br />
and constantly evolving. The dynamic and distributed nature of both<br />
data and applications require that software agents not merely respond <strong>to</strong><br />
requests for information but intelligently anticipate, adapt and actively<br />
seek ways <strong>to</strong> support users. Intelligent systems should not only assist in<br />
coordinating tasks among humans, they must also communicate, cooperate<br />
and collaborate among distributed programs.<br />
In the long-term, agents will approximate true 'smartness', in that<br />
they can collaborate and learn, in addition <strong>to</strong> being au<strong>to</strong>nomous in their<br />
settings. They will possess rich negotiation skills and some may<br />
demonstrate what may be referred <strong>to</strong>, arguably, as 'emotions'.
This page is intentionally left blank
Part IV<br />
<strong>B2B</strong>i-Enabled Applications<br />
407
This page is intentionally left blank
Chapter "| 4<br />
Supply Chain Management (SCM)<br />
The focus of this chapter<br />
Supply chain management (SCM) is one of the most important<br />
applications enabled by <strong>B2B</strong> integration for various industries. <strong>B2B</strong>i<br />
helps businesses effectively Web-enable all processes of supply chain<br />
management and allows tight integration with processes of cus<strong>to</strong>mers,<br />
suppliers, distribu<strong>to</strong>rs and marketplaces.<br />
In this chapter, we have presented the fundamentals of SCM, along<br />
with an in-depth discussion of how <strong>B2B</strong>i au<strong>to</strong>mates it. You will learn<br />
about the differences between a push and a pull-based supply chain,<br />
challenges involved in implementing a supply chain management solution,<br />
different SCM techniques and features of SCM systems.<br />
409
410 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
14.1. Introduction<br />
<strong>B2B</strong> integration opens a world of opportunities for effective and<br />
successful supply chain management which coordinates and integrates<br />
all activities, internal and external, in<strong>to</strong> a seamless process. The internal<br />
activities pertain <strong>to</strong> various departments within an organization and<br />
external activities relate <strong>to</strong> trading partners, such as vendors, carriers<br />
and third-party companies. A company that is able <strong>to</strong> au<strong>to</strong>mate all<br />
activities through <strong>B2B</strong>i is in a position <strong>to</strong> deliver products with low<br />
operational costs and high profitability and would stand the market<br />
competition and flourish.<br />
<strong>B2B</strong>i helps businesses effectively Web-enable all processes of supply<br />
chain management and allows tight integration with processes of<br />
cus<strong>to</strong>mers, suppliers and marketplaces.<br />
14.2. Fundamentals of Supply Chain Management<br />
In this section we will go over some of the fundamentals of SCM. SCM<br />
is a subject in itself, thus it is not possible <strong>to</strong> cover each section<br />
in-depth. Our goal is <strong>to</strong> provide differentiation between a <strong>B2B</strong>i-enabled<br />
and a legacy supply chain.<br />
14.2.1. A few definitions of SCM<br />
There are numerous definitions of SCM. Here are a few of them:<br />
• SCM is the process of maximizing a company's internal practices<br />
and its interaction with suppliers and cus<strong>to</strong>mers, in order <strong>to</strong> bring<br />
products in<strong>to</strong> market more efficiently.<br />
• SCM is a business strategy <strong>to</strong> strengthen the shareholder and cus<strong>to</strong>mer<br />
value by optimizing the flow of products, services and related<br />
information from point of origin (source) <strong>to</strong> the end user.<br />
• SCM enfolds processes of creating and fulfilling the demand for<br />
goods and services.<br />
• SCM is a set of business processes that covers a trading partner<br />
community engaged in a common goal of gratifying the end cus<strong>to</strong>mer.
Supply Chain Management (SCM) 411<br />
SCM includes a large variety of functions such as demand forecasting,<br />
locating the sources of procurement, inven<strong>to</strong>ry and warehouse<br />
management, production scheduling, processing of orders, distribution<br />
logistics, cus<strong>to</strong>mer service and other disciplines. All these functions are<br />
au<strong>to</strong>mated through the use of advanced software application called the<br />
SCM system.<br />
14.2.2. What is a supply chain?<br />
A supply chain is a network of facilities and distribution operations that<br />
procures materials and transforms these materials in<strong>to</strong> intermediate and<br />
finished products and finally distributes them <strong>to</strong> cus<strong>to</strong>mers. It is an end<strong>to</strong>-end<br />
chain with transparency and visibility, which enfolds all suppliers<br />
— main and sub-suppliers — internal operations, cus<strong>to</strong>mers, both trade<br />
and retail ones and all other end users. All interlinked resources and<br />
activities needed <strong>to</strong> create and deliver products cum services <strong>to</strong> cus<strong>to</strong>mers<br />
constitute a supply chain. This chain exists in manufacturing organizations<br />
and services, though its intricacies may differ substantially from industry<strong>to</strong>-industry<br />
or company-<strong>to</strong>-company.<br />
In a supply chain, every cus<strong>to</strong>mer is a supplier <strong>to</strong> the next cus<strong>to</strong>mer<br />
until the finished product reaches the ultimate end consumer.<br />
Example of a supply chain<br />
Before probing in<strong>to</strong> the details of a supply chain, it would be worthwhile<br />
<strong>to</strong> bring under focus the relationship among trading partners in a supply<br />
chain by analyzing the example of manufacturing and distribution of<br />
cereal.<br />
The whole process starts with farmers sowing, growing and harvesting<br />
grains. So, it is the farmer who puts the process in<strong>to</strong> motion initially.<br />
Companies buy grains from farmers and process the same in<strong>to</strong> cereals<br />
which are packaged in<strong>to</strong> boxes. The boxes in turn are transported <strong>to</strong><br />
various distribu<strong>to</strong>rs for sale <strong>to</strong> grocers with end consumers eventually<br />
purchasing the cereal boxes.<br />
Various interrelated processes and relationships among trading partners<br />
of a supply chain, as shown in Figure 14.1, <strong>to</strong>gether form a supply chain.
412 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Grain Cereal<br />
Processing &.<br />
Manufacturing Packaging<br />
Facility<br />
Label Producer<br />
Packaged Cereal<br />
Figure 14.1. — Example of a supply chain<br />
M M 1M<br />
Retailer le ^sterner<br />
(Final Consumer)<br />
Requisition Supervisor<br />
Purchasing<br />
. Senior Manager<br />
Agent K<br />
n<br />
Acknowle<br />
Purchase<br />
dgment<br />
Order<br />
Central<br />
Receiving<br />
Shipment M- Supplier<br />
Recei pt<br />
V<br />
Accounts<br />
Payable<br />
-• Check/Payment Bank<br />
Figure 14.2. — Business process and workflow of a purchase requisition<br />
14.2.3. A typical business process flow in a<br />
supply chain<br />
A supply chain flow extends from the original materials suppliers<br />
through manufacturing, wholesaling and retailing <strong>to</strong> the final consumer.<br />
Figure 14.2 shows the entire business process and the workflow of a<br />
purchase requisition in a company.<br />
Whenever there is a purchase requisition in a department, it is<br />
forwarded through the supervisor <strong>to</strong> the senior manager who, after
Supply Chain Management (SCM) 413<br />
review, passes it on <strong>to</strong> the purchasing agent for procurement. The<br />
purchasing agent then contacts the appropriate supplier from the approved<br />
list of suppliers, considers various fac<strong>to</strong>rs such as competitive rates,<br />
quality, quantity available and lead-time and then issues a purchase<br />
order <strong>to</strong> the supplier.<br />
The supplier acknowledges the purchase order, giving details including<br />
the date of shipment and mode of transport. The purchasing company<br />
warehouse receives the goods in due time and after proper verification,<br />
delivers the same <strong>to</strong> the requisitioner and reports the delivery and<br />
acceptance of goods <strong>to</strong> the accounts department. Simultaneously, the<br />
supplier also sends the accounts department the invoice for the goods<br />
shipped and accepted by the warehouse. The accounts department<br />
then issues instructions <strong>to</strong> the bank for payment in accordance with the<br />
terms of payment agreed upon with the supplier or as mentioned in the<br />
purchase order.<br />
14.2.4. Activities in a supply chain<br />
A supply chain involves three-tier activity (see Figure 14.3):<br />
• Upstream activities;<br />
• Internal activities; and<br />
• Downstream activities.<br />
Upstream activities<br />
The first part of a supply chain involves activities, such as material and<br />
service inputs of upstream external suppliers who provide raw materials,<br />
component parts, end products, services, infrastructure support and<br />
computer technology.<br />
While most companies rely on one level of suppliers, manufacturers<br />
depend upon a complex hierarchy of suppliers in their supply chains. The<br />
number of suppliers involved in a manufacturing process is much larger<br />
than in any other sec<strong>to</strong>r as the product produced tends <strong>to</strong> be more<br />
complex. For example, a typical au<strong>to</strong>mobile manufacturer may depend<br />
on 60,000 <strong>to</strong> 100,000 suppliers, due <strong>to</strong> the requirement of enormous<br />
number of parts which make up the end product. As the products are
414 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
?*Tier<br />
Suppliers<br />
Upstream<br />
Internal<br />
Downstream<br />
2" Tier<br />
Suppliers<br />
l**Tier I 1" Tier<br />
Suppliers I Suppliers<br />
Assembly/<br />
Manufacturing<br />
& Packaging<br />
I<br />
Distribution<br />
Centers<br />
Ret; ilers<br />
4<br />
Cus<strong>to</strong>mers<br />
2"" Tier<br />
Suppliers<br />
Figure 14.3. — Supply chain activities<br />
linked <strong>to</strong> raw materials, manufacturers are linked with their suppliers'<br />
information systems for their inven<strong>to</strong>ry and replenishment and other<br />
issues which are directly relevant <strong>to</strong> the manufacturing process.<br />
Internal activities<br />
Internal activities involve the conversion of raw material procured from<br />
suppliers in<strong>to</strong> finished product. These are processes <strong>to</strong> convert raw<br />
material procured from the suppliers in<strong>to</strong> finished product. The<br />
synchronization of various internal activities at different levels has <strong>to</strong> be<br />
very agile and harmonious, especially in a big organization. Different<br />
functions, such as production planning, demand forecasting, manu<br />
facturing, order processing, packing of goods and maintenance, need<br />
the utmost care and vigilance.
Downstream activities<br />
Supply Chain Management (SCM) 415<br />
Last but not least, downstream activities of a supply chain involve the<br />
distribution of the finished product <strong>to</strong> the distribu<strong>to</strong>rs for sale <strong>to</strong> the end<br />
consumers. In the downstream activities, logistics function plays a vital<br />
role. It includes transportation management — selecting and managing<br />
the internal and external fleet of carriers, packaging, warehousing and<br />
handling of finished products at the warehouses and retail outlets<br />
receiving them. All these activities are integral and need strong links<br />
with one another <strong>to</strong> maintain the flow of supplies unobtrusively.<br />
14.3. Legacy Supply Chain<br />
Let's review the definition and limitations of a legacy supply chain.<br />
14.3.1. Push-based supply network<br />
A legacy supply chain is primarily forecast driven, which relies on<br />
push-based supply network for the procurement of materials.<br />
In a push-based supply network, the materials department procures,<br />
based on the marketing forecasts; the production department produces,<br />
based on the production cycle demand; and the distribution department<br />
distributes according <strong>to</strong> the replenishment demand (see Figure 14.4). A<br />
forecast is after all based on expectations, subject <strong>to</strong> various fac<strong>to</strong>rs in<br />
the market. This may be faulty, as the gap in the expected and the real<br />
may lead <strong>to</strong> accumulated inven<strong>to</strong>ries or shortage of materials.<br />
Materials<br />
Supply<br />
Campaign<br />
Demand<br />
Production Distribution Consumption<br />
Production<br />
Demand<br />
Push<br />
Repl eni shm ent<br />
Demand<br />
Figure 14.4. — Push-based supply chain<br />
Consumer<br />
Demand
416 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
14.3.2. What's wrong in a legacy supply chain?<br />
A legacy supply chain appears very simple since it gives one the<br />
impression of being smooth without any obstructions and accumulations<br />
of inven<strong>to</strong>ries at different levels with various supply chain partners. As<br />
reflected in Figure 14.5, it appears <strong>to</strong> have very few links and barriers.<br />
Raw Material<br />
• • j<br />
•Ji<br />
Cus<strong>to</strong>mer<br />
(Final Consumer) Retailer<br />
Supplier Manufacturer<br />
Figure 14.5. — Superficial picture of a supply chain<br />
*rFiir<br />
Raw Material Warehouse<br />
• •<br />
Hi Cus<strong>to</strong>mer<br />
(Final Consumer)<br />
TBBH<br />
Supplier Warehouse<br />
yw<br />
Retailer<br />
lite<br />
Warehouse<br />
—* Warehouse<br />
la<br />
Figure 14.6. — The real picture of a supply chain<br />
Manufacturer<br />
irtL<br />
Warehouse<br />
l(t<br />
Warehouse<br />
•<br />
Distribu<strong>to</strong>r
Supply Chain Management (SCM) 417<br />
However, the real picture is far more ugly and intricate than what<br />
it appears <strong>to</strong> be. A legacy supply chain is crowded and congested<br />
with unnecessary steps and superficial s<strong>to</strong>ckpiles. There are a number<br />
of barriers and steps inherent in a legacy supply chain as shown in<br />
Figure 14.6.<br />
Lack of external collaboration<br />
A legacy supply chain has a high degree of demand uncertainty and<br />
variability. The forecast figures in a legacy supply chain are not shared<br />
dynamically by supply chain partners, resulting in each of them having<br />
a buffer s<strong>to</strong>ck or unnecessary inven<strong>to</strong>ry at multiple steps in various<br />
warehouses.<br />
In addition, it takes a long time for the finished product <strong>to</strong> cross all<br />
the barriers of the supply chain and ultimately reach the consumer.<br />
Lack of internal collaboration<br />
In a legacy supply chain, the focus is on task specialization and local<br />
optimization of functions rather than performance of an organization as<br />
a whole. The internal departments have their own objectives which may<br />
often conflict.<br />
Various departments in an organization engaged in different activities,<br />
such as planning, purchasing, manufacturing, distributing and marketing<br />
have tended <strong>to</strong> work independently in the supply chain. All these<br />
departments have different priorities. The result is that there is not a<br />
single, integrated plan for an organization — there are as many plans as<br />
there are departments.<br />
14.4. <strong>B2B</strong>i-Enabled Supply Chain<br />
There is an imperative necessity for a mechanism through which different<br />
internal and external departmental functions can be integrated <strong>to</strong>gether.<br />
<strong>B2B</strong>i allows the creation of a supply chain that involves greater<br />
integration, collaboration and exchange of information with its suppliers<br />
and cus<strong>to</strong>mers. Such a supply chain is based purely on pull-based supply<br />
networks.
418 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Let's review principles of a good supply chain before we discuss the<br />
pull-based supply chain, which is based on them.<br />
14.4.1. Principles of SCM<br />
Accenture, a leading provider of technology and management services<br />
and solutions, has laid down a few principles of effective supply chain<br />
management. If these principles are adopted, it gives a company<br />
competitive advantages over others in the form of larger revenues,<br />
tighter cost control, more effective asset utilization and better cus<strong>to</strong>mer<br />
service.<br />
The principles spelt out are as follows:<br />
1. Division of cus<strong>to</strong>mers based on service needs — Prior <strong>to</strong> the<br />
introduction of SCM, cus<strong>to</strong>mers were provided with the same level<br />
of services within a group after classifying them by industry, product,<br />
or trade channel. An effective SCM, however, groups cus<strong>to</strong>mers by<br />
their diverse service needs, irrespective of the industry they belong<br />
<strong>to</strong>, and then cus<strong>to</strong>mizes services <strong>to</strong> suit these groups.<br />
2. Tailor the logistics network — A successful SCM is not based on a<br />
large logistics network but rather caters <strong>to</strong> the service requirement<br />
bot<strong>to</strong>m-line needs of cus<strong>to</strong>mers.<br />
3. Listen <strong>to</strong> signals of market demand and plan accordingly — A<br />
successful SCM senses and reacts <strong>to</strong> changing market conditions,<br />
such as demand patterns of cus<strong>to</strong>mers, through its sales and operations<br />
planning module.<br />
4. Distinguish products that the cus<strong>to</strong>mer wants — Gone are the days<br />
when companies could s<strong>to</strong>ckpile their products in anticipation of<br />
demand and make cus<strong>to</strong>mers keep large inven<strong>to</strong>ries. There has now<br />
been an appreciable change in the balance of power between cus<strong>to</strong>mers<br />
and companies providing them with products and services. Now it is<br />
the cus<strong>to</strong>mer who is in the driving seat, asking companies <strong>to</strong> deliver<br />
what, when and how.<br />
5. Strategic management of supply sources — The real-time information<br />
sharing enabled by SCM helps companies <strong>to</strong> reduce their inven<strong>to</strong>ry,<br />
thereby lowering the operational costs.
Supply Chain Management (SCM) 419<br />
6. Using technology across supply chain — A successful SCM is<br />
built on strong foundation of information technology which enables<br />
real-time information sharing and a transparent and dynamic view of<br />
flow of products among trading partners.<br />
7. Measuring performance through the supply chain — SCM not<br />
only moni<strong>to</strong>rs the internal functions, it also enforces measures which<br />
embrace both service and financial metrics, <strong>to</strong> every link in the<br />
supply chain.<br />
14.4.2. Pull-based supply network<br />
The redesigned pull-based supply network is demand oriented and<br />
highly efficient. Since actual consumption pulls the distribution, which<br />
in turn guides the production and the material procurement. This paves<br />
way for smooth replenishment, production and material supply with<br />
consumer and retail demands.<br />
For proper assessment and forecasting of the demand, all partners<br />
in this chain must involve themselves. This chain works backwards,<br />
beginning with the cus<strong>to</strong>mer and makes the forecast for products and<br />
the production runs (see Figure 14.7).<br />
The future belongs <strong>to</strong> tightly integrated supply chains running from<br />
raw-material suppliers <strong>to</strong> the consumer, with information flowing front<br />
<strong>to</strong> back and back <strong>to</strong> front.<br />
Consumption Distribution K<br />
Consumer Retail<br />
Demand<br />
Syncronized<br />
Replenishment<br />
Production<br />
Pull<br />
Syncronized<br />
Production<br />
Figure 14.7. — Pull-based supply chain<br />
Materials<br />
Supply<br />
Syncronized<br />
Material Supply
420 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
14.4.3. ROI in moving from pull-based <strong>to</strong> push-based<br />
supply network<br />
Worldwide studies have revealed that in various companies there has<br />
been a 20-50% improvement in overall working capital, capacity<br />
utilization, cost of goods and cus<strong>to</strong>mer service with a pull-based supply<br />
network, as compared <strong>to</strong> push-based supply network. Additionally,<br />
improvement in the time <strong>to</strong> market has been registered at 50-100%,<br />
resulting in a corresponding 3-15% increase in the market share.<br />
14.4.4. Features of <strong>B2B</strong>i-enabled supply chain<br />
The key features of <strong>B2B</strong>i-enabled supply chain are collaboration,<br />
integration and data exchange (see Figure 14.8).<br />
Collaboration<br />
Collaboration can make a world of difference between a performing and<br />
non-performing supply chain. Opportunities for collaboration exist at<br />
every link in the supply chain. Through a collaborative business process,<br />
problems of potential and frequent discontinuity at all interfaces of a<br />
supply chain (i.e., designing, planning, forecasting and execution) can<br />
be avoided.<br />
Coll abo rats<br />
Figure 14.8. — Feature of <strong>B2B</strong>i-enabled supply chain
Supply Chain Management (SCM) 421<br />
For instance, determining the level of production and inven<strong>to</strong>ry<br />
required <strong>to</strong> meet the end cus<strong>to</strong>mer demand is a critical function. In a<br />
collaborated supply chain, buyers and suppliers work jointly <strong>to</strong> derive<br />
sales forecast figures by sharing demand and supply forecasts and<br />
building production plans, based on that consolidated number.<br />
Collaboration requires sharing real-time information on:<br />
• Production schedules;<br />
• Design and fulfillment;<br />
• Procurement;<br />
• On-hand and in-transit inven<strong>to</strong>ry;<br />
• Demand forecasts and supply management; and<br />
• Manufacturing capacities.<br />
<strong>Integration</strong><br />
The SCM system of a company is functionally very closely linked <strong>to</strong><br />
the ERP and CRM system (see Figure 14.9). A <strong>B2B</strong>i-enabled supply<br />
Supplier<br />
Relationship<br />
Management<br />
Material<br />
Management<br />
Procurement<br />
Manufacturing<br />
Enterprise Resource Planning<br />
Production Fulfillment<br />
Warehouse<br />
Management<br />
Transportation<br />
Management<br />
Inven<strong>to</strong>ry<br />
Management<br />
Enterprise Resource Planning<br />
Supply Chain Management<br />
Cus<strong>to</strong>mer Relationship Management<br />
Order<br />
Management<br />
Distribution<br />
Logistics<br />
jj Sales<br />
:< Service<br />
: I Marketing<br />
Cus<strong>to</strong>mer<br />
Relationship<br />
Management<br />
Figure 14.9. — Relationship of SCM, ERP and CRM systems
422 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
chain involves cross-organization and internal process synchronization,<br />
integration of SCM system with CRM, ERP and legacy systems of a<br />
company and integration with the SCM system of other companies. A<br />
<strong>B2B</strong>i-enabled supply chain is fully integrated end-<strong>to</strong>-end.<br />
Data exchange<br />
A <strong>B2B</strong>i-enabled supply chain involves real-time and synchronous<br />
exchange of information among the trading partners' SCM systems.<br />
14.5. Supply Chain Planning and Execution<br />
The processes within SCM have been grouped <strong>to</strong>gether in<strong>to</strong> a couple of<br />
sub-processes, namely supply chain planning and supply chain execution<br />
(see Figure 14.10), which are further composed of several sub-processes<br />
(see Table 14.1).<br />
14.5.1. Supply chain planning (SCP)<br />
Supply chain planning is a set of processes that allow business partners<br />
<strong>to</strong> collaborate and coordinate activities, such as planning, forecasting<br />
f<br />
Supply Chain Planning<br />
Information Flow<br />
ftt<br />
I liD Flow S 3 Flow tWB Fiow < jWH > Flow IllBI<br />
Supplier Manufacturing Distribution Retailer Cus<strong>to</strong>mer<br />
(Final<br />
Consumer)<br />
f \<br />
Payment Flow<br />
Supply Chain Execution<br />
Figure 14.10. — Supply chain planning and supply chain execution processes
Supply Chain Management (SCM) 423<br />
and replenshing throughout the supply chain, thereby accelerating the<br />
delivery of goods, services and information from supplier <strong>to</strong> cus<strong>to</strong>mer<br />
and balancing supply and demand. SCP processes optimize the flow<br />
of information, material and cash across the extended supply chain.<br />
SCP is composed of sub-processes, including demand forecasting,<br />
inven<strong>to</strong>ry data, production planning and distribution, order management,<br />
transportation planning or logistics and scheduling.<br />
Companies that participate in SCP reduce excess inven<strong>to</strong>ry, improve<br />
inven<strong>to</strong>ry velocity and increase sales throughout the supply chain.<br />
Example sub-processes<br />
Demand Planning — Demand planning, a process which feeds in<strong>to</strong> the<br />
supply planning process and demand fulfillment process, allows for<br />
effective anticipation of market demand. The objective behind this<br />
process is <strong>to</strong> analyze cus<strong>to</strong>mers' buying patterns and develop aggregate<br />
and collaborative forecasts involving long-term, intermediate-term and<br />
short-term time horizons.<br />
Supply Planning — Supply planning helps in mobilizing the resources<br />
of an enterprise <strong>to</strong> meet demand.<br />
14.5.2. Supply chain execution (SCE)<br />
Supply chain execution is a framework of execution-oriented applications<br />
which helps in the efficient procurement and supply of goods, services<br />
and information across enterprise boundaries <strong>to</strong> meet specific cus<strong>to</strong>mer<br />
demands, including manufacturing execution systems, warehousing<br />
management systems, procurement and other execution systems within<br />
an enterprise and across the supply chain.<br />
Example sub-process<br />
Demand Fulfillment — Demand fulfillment provides accelerated, exact<br />
and reliable delivery-date responses <strong>to</strong> cus<strong>to</strong>mer orders. It is mainly an<br />
execution-level sub-process that includes order procurement, cus<strong>to</strong>mer<br />
verification, order promising, backlog management and order fulfillment.
424 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Table 14.1. Supply chain processes and sub-processes<br />
Process<br />
Supply Chain Planning<br />
Supply Chain Execution<br />
Sub-processes<br />
Order Management<br />
Advanced Scheduling and Manufacturing Planning<br />
Demand Planning<br />
Supply Planning<br />
Distribution Planning<br />
Transportation Planning or Logistics<br />
Procurement<br />
Replenishment<br />
Demand Fulfillment<br />
Distribution Management<br />
Reverse Distribution or Reverse Logistics<br />
Each of these processes is a subject in itself and books can be<br />
written on each one of them. We will briefly discuss a couple of<br />
important processes of a supply chain in the next section.<br />
14.5.3. E-procurement — The transformation of<br />
corporate purchasing<br />
Procurement of raw materials and finished goods is one of the most<br />
important functions in a supply chain. Most companies still use manual<br />
purchasing processes that involve much paperwork and are inefficient<br />
and error-prone. Such purchasing processes are characterized by lack of<br />
au<strong>to</strong>mation, zero transparency and huge purchasing overheads.<br />
E-procurement is the process of procuring goods over the Internet,<br />
using an integrated supply chain (see Figure 14.11). E-procurement<br />
has emerged as one of the strongest and most financially beneficial<br />
<strong>B2B</strong>i-enabled applications.<br />
An e-procurement solution allows companies <strong>to</strong> leverage their buying<br />
power, strengthen their supplier relationships and streamline internal<br />
purchasing processes. By au<strong>to</strong>mating procurement processes, companies<br />
eliminate any unplanned buying, reduce administrative overheads and<br />
eliminate all the paperwork.
vJ<br />
Supply Chain Management (SCM) 425<br />
Buyer Buyer Supplier Supplier<br />
II 11 II II<br />
CXML<br />
Internet<br />
E-marketplace<br />
| E-marketplace<br />
1<br />
T Tl<br />
Buyer Buyer Supplier Supplier<br />
Figure 14.11. A typical e-procurement cycle<br />
Distribu<strong>to</strong>rs<br />
Distribu<strong>to</strong>rs<br />
Distribu<strong>to</strong>rs<br />
Au<strong>to</strong>mation not only reduces errors, but also makes information<br />
available on a real-time basis, thereby streamlining corporate purchasing<br />
policies. Instead of manually browsing through all the brochures <strong>to</strong><br />
order a specific item, a company can get that information pushed<br />
electronically over the Internet. The gains are significant and available<br />
across the whole spectrum of an organization's purchasing.<br />
Numerous companies such as Ariba (Ariba Buyer), Agile Software<br />
Corp (Agile Buyer), Extensity (Extensity Purchase Reqs), i2 Technologies<br />
(TradeMatrix Buy Solution), J.D. Edwards (JDEdwards E-procurement),<br />
SAP (SAP Enterprise Buyer), PeopleSoft (PeopleSoft E-procurement<br />
and Purchasing), Peregrine Systems (Get.Resources), Commerce One<br />
(Enterprise Buyer), BroadVision (Enterprise Procurement provide<br />
e-procurement solutions.
426 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
An e-procurement solution should include features for desk<strong>to</strong>p<br />
requisitioning, au<strong>to</strong>mated processing, indirect purchasing, direct and<br />
indirect sourcing, travel and expense management and electronic forms.<br />
It should streamline accounts payable systems; enable easy transition<br />
from a paper-based contract management system <strong>to</strong> an electronic one,<br />
procurement of requisition and project-based resources, aggregation<br />
with service suppliers and optimization of business processes; provide<br />
access <strong>to</strong> centralized <strong>commerce</strong> services, such as supplier content,<br />
sourcing, liquidation, logistics and payment; deliver an open architecture<br />
that allows buying organizations <strong>to</strong> connect with thousands of trading<br />
partners worldwide; and track requisitions allowing end users immediate<br />
visibility in<strong>to</strong> the procurement process. Once integrated in<strong>to</strong> a company's<br />
infrastructure, the solution should enable connectivity with any number<br />
of e-marketplaces and collaborative networks. This feature is only<br />
possible if the solution is based on open standards and architecture.<br />
GET ON TO THE FAST, EFFICIENT TRACK WITH<br />
E-PROCUREMENT<br />
A recent American Express and Ernst & Young study revealed that<br />
firms using manual purchase orders <strong>to</strong> buy low-dollar supplies and<br />
services incur an average process cost of $90 for each transaction,<br />
with some organizations spending as much as $200 on certain<br />
transactions. In comparison, the study indicated that companies using<br />
e-procurement systems incurred significantly lower processing costs<br />
of $20 <strong>to</strong> $45 per purchase.<br />
Better still, firms that employed purchasing cards for payment and<br />
accounting tasks with electronic procurement systems <strong>to</strong> buy supplies<br />
reduce their process costs <strong>to</strong> as low as $4 per purchase, a decrease<br />
of 95%. In addition, companies can cut the time required for the<br />
purchasing process from two hours <strong>to</strong> 7.4 minutes by using a combined<br />
purchasing card and electronic purchasing solution.<br />
Source: Condensed from eProcurement: End-<strong>to</strong>-end Solutions Deliver Big Cost<br />
Savings, Alliente, Inc.
Supply Chain Management (SCM) 427<br />
14.5.4. E-logistics: Integrating warehouses, distribution<br />
centers and cus<strong>to</strong>mer interaction processes<br />
Most companies still use manual methods, spreadsheets, or proprietary<br />
software <strong>to</strong> manage their logistics processes (i.e., transportation and<br />
distribution activities).<br />
Assets s<strong>to</strong>red in a warehouse are fairly easy <strong>to</strong> track. However, these<br />
same assets become almost invisible and very difficult <strong>to</strong> track when<br />
they are in transit. In <strong>to</strong>day's competitive business environment, where<br />
business competi<strong>to</strong>rs can outbeat a company with effective implementation<br />
of just-in-time (JIT) delivery, a company cannot afford <strong>to</strong> lose track<br />
of its assets. Companies need <strong>to</strong> implement a fast-moving, adaptable<br />
logistics system for everything from purchasing through manufacturing<br />
<strong>to</strong> sales and distribution of goods and services.<br />
E-logistics essentially consists of Internet-based management and<br />
integration of warehousing, delivery and transportation, return management,<br />
order management and cus<strong>to</strong>mer interaction processes across<br />
all vendors and cus<strong>to</strong>mers. Cus<strong>to</strong>mer interaction usually involves order<br />
status, various delivery calls (urgent delivery, pick-up delivery, overnight<br />
delivery).<br />
The e-logistics solution should standardize transaction management<br />
and logistics processes of a company and integrate them in<strong>to</strong> the<br />
company's internal transaction infrastructure. It should provide realtime<br />
visibility and performance moni<strong>to</strong>ring of movements of goods and<br />
events and enable Internet-based collaborative capacity planning, load<br />
tendering, carrier availability notifications, inven<strong>to</strong>ry status reporting<br />
and proof-of-delivery validation. The e-logistics solution should also<br />
enable real-time communication between the dispatching company and<br />
carriers, giving carriers the ability <strong>to</strong> dynamically perform tasks, such<br />
as sales au<strong>to</strong>mation, delivery verification and route sales. Furthermore,<br />
it should enable the dynamic optimization of routes and vehicle dispatch<br />
by giving companies the ability <strong>to</strong> moni<strong>to</strong>r and update real-time delivery<br />
status.<br />
Software providers such as Descartes Systems, i2, SAP, PeopleSoft,<br />
Baan offer a Web-based collaborative logistics management system.
428 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
14.6. SCM Challenges<br />
No doubt the concept of integrated supply chain management is prima<br />
facie alluring but one cannot be blind <strong>to</strong> the enormous difficulties<br />
accompanying the implementation of such a strategy.<br />
A few of the major challenges companies encounter in SCM<br />
implementation are:<br />
14.6.1. Synchronization in supply chain<br />
Getting suppliers in tune and time with the pace manufacturers maintain<br />
is a threatening challenge facing SCM. Trading partners, with their<br />
individual priorities, pursue different processes and practices. Subject <strong>to</strong><br />
individual fac<strong>to</strong>rs, one may take a longer or shorter time than others for<br />
the same process. Synchronization with all on the time scale is rather a<br />
difficult task.<br />
14.6.2. Building trust through supply chain<br />
The creation, implementation and functioning of a supply chain is not<br />
possible without the trust among the organizations and departments<br />
participating in it. Without trust, there can be no visibility, which is a<br />
key feature of any supply chain system. Lack of visibility in the trading<br />
partners activities and capabilities may entail increased risk in terms of<br />
cost and time, various stages of relationships, identifying constraints<br />
and the ability <strong>to</strong> manage bottlenecks.<br />
14.6.3. Operational stability<br />
The success of a supply chain is directly dependent on its operational<br />
stability. If one supplier in the chain of suppliers fails <strong>to</strong> deliver, a chain<br />
reaction could potentially disrupt the business of any company connected<br />
<strong>to</strong> the chain. Thus, the challenge for manufacturers relying on supply<br />
chains is <strong>to</strong> maintain operational stability by ensuring supply chain<br />
continuity.
14.6.4. Inertia for change<br />
Supply Chain Management (SCM) 429<br />
It is not an easy task for people and organizations as a whole <strong>to</strong> change<br />
age-old business practices. The fear of complete au<strong>to</strong>mation leading <strong>to</strong><br />
the removal of human intervention may be a big deterrent fac<strong>to</strong>r in the<br />
acceptance of this change.<br />
14.6.5. Supply chain complexity<br />
A supply chain is beset with baffling intricacies. It may take a long<br />
time <strong>to</strong> attain and enjoy the fruits of transformation by adopting changes<br />
in policies, processes and patterns required by the application of a<br />
supply chain. Re-engineering the fundamental processes and bringing in<br />
new procedures may require more user training and consulting.<br />
14.6.6. Managing supply chain for short<br />
lifecycle products<br />
In the case of a product with short expiry period or lifecycle, the challenge<br />
lies in maintaining the product availability at the counter while keeping<br />
the dead s<strong>to</strong>cks as low as possible. It also requires greater skill in<br />
moni<strong>to</strong>ring the short-life products than the long-life products because:<br />
• It is not easy <strong>to</strong> anticipate the demand figures due <strong>to</strong> demand patterns<br />
and variables;<br />
• In the traditional forecast method, the demand for any product was<br />
worked out on the basis of one year's data, which is not possible in<br />
the case of products having a lifecycle of less than a year; and<br />
• With expired lef<strong>to</strong>ver s<strong>to</strong>ck, the cost of inven<strong>to</strong>ry in the form of dead<br />
s<strong>to</strong>ck is higher rather.<br />
It is critical <strong>to</strong> forecast the demand correctly and make swift changes<br />
if the market conditions fluctuate.<br />
14.6.7. <strong>Integration</strong> challenge within the organization<br />
Multiple departments are involved in the movement and s<strong>to</strong>rage of<br />
goods. For example, the purchase department takes care of procurement
430 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
of raw materials and transportation of raw materials <strong>to</strong> the production<br />
plant. S<strong>to</strong>rage and movement of products within the plant itself are<br />
taken care of by the s<strong>to</strong>res department (in the s<strong>to</strong>res) and by the<br />
manufacturing department (in the plant). The distribution department<br />
is responsible for the movement of finished products from the plant<br />
<strong>to</strong> the cus<strong>to</strong>mer while the marketing department works out the sales<br />
predictions.<br />
Flow of information within all the departments concerned in many<br />
cases is not smooth and timely. Although SCM aims <strong>to</strong> integrate these<br />
functional departments within an organization, the fact is that it is a<br />
daunting effort.<br />
14.6.8. <strong>Integration</strong> challenge with supply<br />
chain partners<br />
The enormous heterogeneity makes transition from an enterprise strategy<br />
<strong>to</strong> a supply chain system quite challenging. The most difficult facet in<br />
implementation is linking trading partners because it needs systems <strong>to</strong><br />
reconcile disparate business models, data contexts and notions.<br />
14.6.9. Inter-company business<br />
process synchronization<br />
Reluctance and resistance of chain partners <strong>to</strong> share information and<br />
switch over their respective business processes may be the greatest<br />
stumbling block. The reasons for hesitation may be manifold, e.g., lack<br />
of faith, unwillingness <strong>to</strong> change the long existing business processes<br />
and apprehension regarding secrecy.<br />
14.7. SCM Techniques<br />
Methodologies for implementing an SCM solution within an enterprise<br />
include Quick Response, Vendor Managed Inven<strong>to</strong>ry, Just-in-time,<br />
<strong>Collaborative</strong> Planning Forecasting and Replenishment and <strong>Collaborative</strong><br />
Order Processing.<br />
Here is a brief summary of some of the major techniques:
14.7.1. Vendor Managed Inven<strong>to</strong>ry (VMI)<br />
Supply Chain Management (SCM) 431<br />
VMI is a framework that streamlines the approach <strong>to</strong> inven<strong>to</strong>ry and order<br />
fulfillment leading <strong>to</strong> minimum level of inven<strong>to</strong>ry and reduced operational<br />
costs. In this system, the responsibility of managing and replenishing<br />
inven<strong>to</strong>ry is shifted from retailers <strong>to</strong> the suppliers. In a VMI system,<br />
vendors keep track of the number of products supplied <strong>to</strong> distribu<strong>to</strong>rs<br />
and retail outlets. It keeps them abreast of the requirements of distribu<strong>to</strong>rs<br />
and s<strong>to</strong>cks at the counter outlets enabling them <strong>to</strong> replenish them timely.<br />
14.7.2. Just-in-Time (JIT)<br />
JIT is defined as an integrated set of multiple activities with a view<br />
<strong>to</strong> achieving high-volume and best quality production with minimum<br />
inven<strong>to</strong>ry levels. It aims at reducing inven<strong>to</strong>ries by collaborating and<br />
coordinating with suppliers of materials for delivery just before their<br />
use, thereby reducing inven<strong>to</strong>ry-carrying costs.<br />
The JIT model works on the concept that unless actually needed,<br />
nothing will be supplied. In other words, raw materials and components<br />
reach the workstations just-in-time and are put through the manufacturing<br />
process immediately thereafter. It takes in<strong>to</strong> cognicance changes in<br />
supply and demand portfolios.<br />
Since JIT is based on almost real-time delivery of raw materials, it is<br />
subject <strong>to</strong> great reliance of the company on suppliers, transportation and<br />
delivery of raw materials and components at the specified destination,<br />
on tight schedules. Any break in the link anywhere may cause disruption<br />
and bring the production <strong>to</strong> a standstill, paralyzing the entire chain from<br />
manufacture <strong>to</strong> supply.<br />
Companies are now switching <strong>to</strong> Internet-based technologies <strong>to</strong><br />
establish an electronic dialogue with their suppliers, making the JIT<br />
ordering and delivery process faster and more flexible.<br />
14.7.3. <strong>Collaborative</strong> Planning, Forecasting and<br />
Replenishment (CPFR)<br />
CPFR is a standards-based, collaborative, e-<strong>commerce</strong> initiative in the<br />
retail and consumer goods industry. CPFR aims <strong>to</strong> improve partnership
432 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
among retailers and vendor merchants through shared information. It<br />
integrates both 'demand' and 'supply' side processes (linking manufacturers,<br />
retailers and carriers) and improves the flow of a product and<br />
information about the product throughout the entire supply chain.<br />
Increased communication among partners enables them <strong>to</strong> generate<br />
accurate forecasts and set effective replenishment plans. Additionally, if<br />
there is any change in demand, promotions or policies, partners can<br />
quickly adjust the jointly managed forecasts, thereby minimizing the<br />
wasteful inven<strong>to</strong>ry after the fact corrections.<br />
CPFR is a concept that allows collaborative processes across the<br />
supply chain, using a set of process and technology models that are:<br />
• Open and secured;<br />
• Flexible across the industry;<br />
• Extensible <strong>to</strong> all supply chain processes; and<br />
• Supportive of a broad set of requirements (new data types,<br />
interoperability with different DBMSs, etc.).<br />
Introduction<br />
NABISCO AND WEGMANS — CPFR PILOT<br />
OVERVIEWS WITH METRICS<br />
Nabisco is a major international manufacturer of biscuits, snacks, and<br />
premium grocery products, including well-known U.S. brands Oreo,<br />
Ritz crackers and Planters nuts and snacks. It also manufactures<br />
international products, which are marketed in the United States,<br />
Canada and 85 other countries.<br />
Wegmans Food Markets, Inc. is a 58-s<strong>to</strong>re supermarket chain in<br />
New York and Pennsylvania and is recognized as an industry leader<br />
and innova<strong>to</strong>r.<br />
Executive Summary<br />
Category management and supply chain management have been proven<br />
<strong>to</strong> offer a competitive advantage <strong>to</strong> firms that can successfully<br />
implement them.<br />
Continue on page 433
Supply Chain Management (SCM) 433<br />
Continued from page 432<br />
Trading partners can gain an even greater advantage by linking<br />
these activities through the CPFR (<strong>Collaborative</strong> Planning, Forecasting<br />
and Replenishment) process. CPFR provides the opportunity <strong>to</strong> link<br />
the output of business plans that were jointly developed between<br />
trading partners in<strong>to</strong> the supply-chain process.<br />
The business plans and forecasts are moni<strong>to</strong>red and kept current<br />
by both trading partners by the creation of a two-way interactive<br />
communication process. These activities can help increase sales and<br />
profits between participating partners.<br />
Scope<br />
Nabisco and Wegmans engaged in a CPFR pilot <strong>to</strong> validate the VICS<br />
(Voluntary Inter-industry Commerce Standards) business model. The<br />
pilot was limited <strong>to</strong> 22 Planters nut items. The pilot was conducted<br />
without increasing resources in the area of headcount or technology.<br />
For the first six months, transfer of information was accomplished<br />
using spreadsheets and e-mail.<br />
Metric Results<br />
Actual results from the CPFR pilot from July 1998 through January<br />
1999 include:<br />
• An increase in category sales by 13% vs. 8% decline for other<br />
retailers in the market;<br />
• Sales increases for the Planters brand were especially dramatic at<br />
53%, as measured by IRI for 30 weeks ending January 17, 1999; and<br />
• The majority of the increases in retail sales can be attributed <strong>to</strong><br />
jointly developed business plans that leveraged enhanced category<br />
management strategy and increased category focus.<br />
These results were achieved with minimal stress on the supply<br />
chain due <strong>to</strong> CPFR.<br />
On the operations side:<br />
• Service level <strong>to</strong> s<strong>to</strong>res increased from 93% <strong>to</strong> 97%; and<br />
• Days of inven<strong>to</strong>ry declined 2.5 days (18%).<br />
Continue on page 434
434 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Continued from page 433<br />
These positive results have led both Nabisco and Wegmans <strong>to</strong><br />
decide <strong>to</strong> extend the timeline for this pilot and <strong>to</strong> expand its scope <strong>to</strong><br />
include Milk-Bone pet snack products.<br />
In addition, commercially available collaboration software will be<br />
tested as potential technology solutions.<br />
Source: Condensed from Nabisco Inc. and Wegmans Food Markets, Roadmap <strong>to</strong><br />
CPFR: The Case Studies, Voluntary Interindustry Commerce Standards Association<br />
14.8. SCM Systems<br />
A good SCM system is built on a framework that uses open technology<br />
and provides full support for industry standards, such as XML and<br />
CPFR. Such a system is flexible and interoperable with SCM systems<br />
of the trading partners. Apart from providing pre-configured functions,<br />
it also supports unique requirements of individual companies or sec<strong>to</strong>rs.<br />
One of the key requirements of an SCM system is <strong>to</strong> provide easy<br />
integration with a company's internal financial management, manufacturing,<br />
cus<strong>to</strong>mer relationship management and legacy applications.<br />
The other functional specific features of an SCM system include:<br />
• Supply chain planning, demand planning, life cycle planning;<br />
• Supply chain event planning and management — for moni<strong>to</strong>ring and<br />
responding <strong>to</strong> each stage of a supply chain and taking action in a<br />
real-time mode if activities are not going as earlier planned;<br />
• Real-time collaboration and communication with suppliers and<br />
distribu<strong>to</strong>rs;<br />
• Materials management;<br />
• E-procurement;<br />
• Logistics;<br />
• Shared forecasts with suppliers;<br />
• Inven<strong>to</strong>ry planning, replenishment planning, manufacturing planning;<br />
• Full support for SCM practices, such as CPFR, VMI and collaborative<br />
order processing;<br />
• Order processing and purchasing;
Supply Chain Management (SCM) 435<br />
• Resource utilization planning;<br />
• <strong>Collaborative</strong> design and fulfillment;<br />
• Transportation planning for inbound and outbound transportation;<br />
and<br />
• Product life cycle management <strong>to</strong> track product life cycle demand<br />
patterns and recommend future profiles, based on the product life<br />
cycle.<br />
SCM systems, typically, have a three-tier architecture, which includes<br />
the presentation tier (HTML, GUI-based front-end developed in<br />
programming languages such as Java, VC++), middle-tier comprising<br />
application servers with clustering solutions for load balancing and<br />
back-end comprising of database servers such as DB2, Oracle, Sybase,<br />
SQL Server. An SCM solution should be available for all the main<br />
operating systems — Windows 2000, Windows NT, Sun Solaris, HP-<br />
UX.<br />
The leading providers of SCM software include i2, PeopleSoft, SAP,<br />
Manugistics, Oracle and J.D. Edwards.<br />
Goal<br />
MITSUBISHI MOTOR SALES OF AMERICA —<br />
ENABLING DEALER COLLABORATION<br />
VIA THE INTERNET<br />
Strengthen Mitsubishi Mo<strong>to</strong>r Sales of America's (MMSA) new brand<br />
strategy and company revitalization efforts<br />
Strategy<br />
Ensure MMSA cus<strong>to</strong>mers have the right car at the right place at the<br />
right time by implementing a Web-based order-<strong>to</strong>-delivery system<br />
Solution<br />
Manugistics NetWORKS Demand, NetWORKS Supply, and<br />
NetWORKS Collaborate, jointly implemented by Manugistics and<br />
Deloitte Consulting<br />
Continue on page 436
436 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Results<br />
Continued from page 435<br />
• Linked all of MMSA's 526 North American au<strong>to</strong> dealerships in<strong>to</strong> a<br />
Manugistics-powered Internet-based collaboration system;<br />
• Slashed collective vehicle inven<strong>to</strong>ry in half;<br />
• Decreased age of vehicles on dealers' lots by more than 25%;<br />
• Cut vehicle lead times by more than 60%; and<br />
• Eliminated port s<strong>to</strong>ck, saving millions of dollars per year.<br />
The order-<strong>to</strong>-delivery solution, believed <strong>to</strong> be the first of its kind<br />
in the North American au<strong>to</strong> industry, allows MMSA <strong>to</strong> develop a<br />
profile of each dealership, based on fac<strong>to</strong>rs such as dealer geography,<br />
cus<strong>to</strong>mer buying patterns, product promotions, and sales seasonality.<br />
Dealers help refine these profiles, which can be shaped <strong>to</strong> cover<br />
key issues such as required materials and lead times, <strong>to</strong> help dealers<br />
forecast how many vehicles they should order <strong>to</strong> meet demand.<br />
Vehicle orders are then submitted by the dealers via the Web <strong>to</strong><br />
MMSA.<br />
Since going live, the order-<strong>to</strong>-delivery solution has helped slash<br />
collective vehicle inven<strong>to</strong>ry (the number of cars MMSA and its<br />
dealers have on the ground at any given time) from a high of 80,000<br />
units <strong>to</strong> less than 40,000 units — all while experiencing sales increases<br />
of nearly 40 percent per month. The average age of vehicles on<br />
dealer lots has also decreased, from 166 days down <strong>to</strong> 38 days,<br />
resulting in fresher, higher quality products reaching cus<strong>to</strong>mers.<br />
In addition, vehicle lead times have decreased by more than 60<br />
percent, reducing port and distribution center inven<strong>to</strong>ries. Port s<strong>to</strong>ck<br />
has fallen from 45,000 units at the start of the project <strong>to</strong> zero <strong>to</strong>day,<br />
creating millions of dollars in savings for MMSA.<br />
MMSA's outstanding results illustrate the bot<strong>to</strong>m-line success that<br />
is achievable using the power of intelligent Internet collaboration <strong>to</strong><br />
create an eBusiness trading network of manufacturers, suppliers, and<br />
distribu<strong>to</strong>rs that communicate and execute in real time.<br />
Source: Condensed from Mitsubishi Mo<strong>to</strong>r Sales of America: Enabling Dealer<br />
Collaboration via Internet, Manugistics Corp.
14.9. Conclusion<br />
Supply Chain Management (SCM) 437<br />
Supply chain management (SCM) is one of the most important<br />
applications enabled by <strong>B2B</strong> integration for various industries. SCM is<br />
a set of integrated business processes characterized by four underlying<br />
concepts: process optimization, combination of goods, services and<br />
information and extent of a supply chain. Companies that are positioning<br />
themselves as next generation enterprises (NGEs) are au<strong>to</strong>mating supply<br />
chain processes, which let trading partners exchange real-time information<br />
on the planning and execution of their respective supply chains.<br />
A <strong>B2B</strong>i-enabled supply chain is demand driven which eliminates the<br />
need for companies <strong>to</strong> build inven<strong>to</strong>ries through forecasts that may or<br />
may not match the actual cus<strong>to</strong>mer demand. It enables companies <strong>to</strong><br />
consider all constraints, including material, capacity, logistics and<br />
financial, in real-time <strong>to</strong> best determine how <strong>to</strong> optimally plan, execute<br />
and deliver <strong>to</strong> meet cus<strong>to</strong>mer demands, while ensuring profitable order<br />
fulfillment.<br />
SCM systems provide an end-<strong>to</strong>-end solution that integrates<br />
forecasting, planning and execution capabilities with complete supply<br />
chain wide visibility across the supply chain, which includes multiple<br />
distributed enterprises. A good SCM system provides seamless integration<br />
with external applications, such as a trading partner SCM system and<br />
internal applications, such as ERP, CRM and legacy systems. It also<br />
provides flexibility <strong>to</strong> add-on products on a need basis.
Chapter "] 5<br />
E-Marketplaces and <strong>Collaborative</strong><br />
Networks<br />
The focus of this chapter<br />
<strong>B2B</strong> e-marketplaces align buyers, suppliers and <strong>commerce</strong> service<br />
providers in<strong>to</strong> seamless trading communities. However, until e-marketplaces<br />
are integrated in<strong>to</strong> companies' internal processes, real cost benefits<br />
of participating in them cannot be realized.<br />
In this chapter, you will come <strong>to</strong> know about the basics of <strong>B2B</strong><br />
e-marketplaces and their integration with enterprise systems. You will<br />
also realize the importance of collaborative networks and how they will<br />
change the very nature of how companies do business with one another.<br />
438
15.1. What are E-Marketplaces?<br />
E-Marketplaces and <strong>Collaborative</strong> Networks 439<br />
<strong>B2B</strong> e-marketplaces, also known as hubs, are centers of <strong>commerce</strong> for<br />
the exchange of goods and services, driven by virtual electronic trading<br />
floors and an aggregation of buyers and sellers (see Figure 15.1). <strong>B2B</strong><br />
e-marketplaces align buyers, suppliers and <strong>commerce</strong> service providers<br />
in<strong>to</strong> seamless trading communities. They provide an environment for<br />
trading communities of common business interest where the buyers and<br />
sellers meet and trade with one another. By participating in e-marketplaces,<br />
companies reduce procurement and transaction costs and increase<br />
operational efficiencies for the exchange of goods and services.<br />
According <strong>to</strong> Forrester Research, 70% of the global 2500 companies<br />
participate in <strong>B2B</strong> e-marketplaces and more than 50% intend <strong>to</strong><br />
participate in two <strong>to</strong> three of them. Despite the economic downturn,<br />
about 440 billion dollars' worth of <strong>B2B</strong> transactions are expected <strong>to</strong><br />
flow through them, which would result in around 57 billion dollars of<br />
savings for the participating businesses in the year 2001 alone. The<br />
companies owning these marketplaces will generate revenue of<br />
approximately 23 billion dollars in the same period.<br />
The participation in these exchanges is beneficial <strong>to</strong> all small,<br />
medium and large companies. The main drivers for participation in <strong>B2B</strong><br />
e-marketplaces include:<br />
• Distributed supply chain;<br />
• Push for market/operational process efficiencies, sales revenue and<br />
profitability;<br />
Sellers A Typical E-marketplace<br />
Sellers [Q| *.£<br />
Collaboration<br />
Trading Events<br />
t-l* lO<br />
pf I<br />
Distribu<strong>to</strong>rs fw" -,J j Spot cnnt- Purchase Pi irrhaco ~~| I<br />
Suppliers<br />
Manufacturers<br />
Jo 1<br />
Ivy<br />
Shared Workflow/<br />
Process Matching 8*<br />
•'.PesTgrTarTd SburcThg] i<br />
lO Distribu<strong>to</strong>rs<br />
^ I Excess Inven<strong>to</strong>ry M j ^ Retailers<br />
Figure 15.1. — A typical e-marketplace
440 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Complex purchasing information;<br />
• Reduction in new product rollout cycles;<br />
• Procurement process cost, which is a high percentage of the <strong>to</strong>tal<br />
cost; and<br />
• Purchasing, which is critical for companies.<br />
15.2. Basics of <strong>B2B</strong> E-Marketplaces<br />
In this section, we will discuss fundamentals of e-marketplaces.<br />
15.2.1. Pre e-marketplace era<br />
Before the advent of <strong>B2B</strong> e-marketplaces, companies used point-<strong>to</strong>point<br />
integration (usually integrating back-end ERP systems) <strong>to</strong> conduct<br />
business securely with one another (see Figure 15.2). Buyers had<br />
<strong>to</strong> maintain static business relationships with a few suppliers. Such<br />
relationships were characterized by lack of competitive pricing.<br />
15.2.2. E-marketplace era<br />
In the <strong>B2B</strong> e-marketplaces era, companies do not have <strong>to</strong> bother about<br />
integrating their ERP system with trading partners' ERP systems. They<br />
can conduct business dynamically with any company in the world,<br />
Suppliers<br />
TllEI [••p ]••• TlIlP<br />
Buyers<br />
Figure 15.2. — Pre-exchange era
E-Marketplaces and <strong>Collaborative</strong> Networks 441<br />
Suppliers<br />
1»»D TlllB (••D TlIlD<br />
E-marketplace<br />
A 4k. A. 4k<br />
Buyers<br />
Figure 15.3. — E-marketplaces era<br />
participating in that exchange (see Figure 15.3). <strong>B2B</strong> e-marketplaces<br />
are based on a 'many-<strong>to</strong>-many relationship'.<br />
15.2.3. Classification of e-marketplaces<br />
E-marketplaces can be classified as follows:<br />
Vertical vs. horizontal e-marketplaces<br />
Vertical — E-marketplaces that provide products and serve buyers and<br />
sellers of a specific industry, such as au<strong>to</strong>motive or health care, are<br />
known as vertical exchanges. A few examples of vertical exchanges are<br />
e-Steel.com serving the steel industry, irail.com serving the railway<br />
industry and buckaroo.com serving the digital component market.<br />
Horizontal — E-marketplaces offering services and indirect goods that<br />
serve companies across all the industries are called horizontal exchanges.<br />
Indirect goods help the companies run their business, but are not<br />
necessarily part of a company's products. These marketplaces are like<br />
application service providers focusing on services that are common <strong>to</strong><br />
all companies, such as transaction management, logistics, insurance,<br />
financing, credit and indirect goods, such as computers and stationery.<br />
Commerce One's Marketsite, Oracle exchange, VerticalNet, Ariba
442 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Network and PurchasePro are examples of horizontal marketplaces.<br />
Most of these companies also provide buyer and seller packages that<br />
integrate their exchanges with a corporation's enterprise resource planning<br />
(ERP) system.<br />
Buyer vs. supplier controlled e-marketplaces<br />
Supplier centric or e-distribution sites — Supplier centric markets are<br />
developed, managed and run by major suppliers, such as Cisco and<br />
Marshall. In such markets, one supplier offers goods or services <strong>to</strong><br />
several buyers (see Figure 15.4). It is the buyer's responsibility <strong>to</strong> do<br />
comparison-shopping.<br />
Buyer centric or e-procurement sites — Buyer centric markets are<br />
developed, managed and run by buyer(s) (see Figure 15.5). By installing<br />
Figure 15.4. — Supplier centric e-marketplace<br />
tP a<br />
Buyer<br />
^<br />
Suppliers<br />
• •<br />
Figure 15.5. — Buyer centric e-marketplace
E-Marketplaces and <strong>Collaborative</strong> Networks 443<br />
Buyers jr^ E-marketplace ^ Suppliers<br />
& Si<br />
Figure 15.6. — Neutral e-marketplace<br />
a buy-side portal, a company can link with all its suppliers that use<br />
catalogs <strong>to</strong> make their products available electronically and support all<br />
features of e-procurement. Purchases made through this system are<br />
directly linked back <strong>to</strong> the ERP system. A typical example of a buyer<br />
centric market is Covisint, which is a consortium hub by GM-Ford-<br />
Daimler-Chrysler. In these markets, smaller suppliers run the risk of<br />
high pricing pressures and competition from larger suppliers. Additionally,<br />
this model is <strong>to</strong>o expensive for small-<strong>to</strong>-medium size buyers since they<br />
bear the responsibility of maintaining catalogs for each of their suppliers.<br />
Neutral — Neutral marketplaces (see Figure 15.6) are not controlled<br />
solely by either buyers or sellers. Everyone has an equal stake and<br />
opportunity <strong>to</strong> conduct business in neutral e-marketplaces. Buyers and<br />
sellers can even interchange their roles, with buyers becoming sellers<br />
and vice versa. They are best suited <strong>to</strong> markets with fragmented and<br />
distributed buyers and sellers.<br />
A few e-marketplaces may start off as either buyer or seller centric<br />
with the initial liquidity provided by the founding companies and can<br />
gradually evolve in<strong>to</strong> neutral exchanges, for example, Tradespark — an<br />
exchange for energy traders.<br />
Open vs. private e-marketplaces<br />
Open — E-marketplaces that accept all companies meeting certain<br />
preliminary criteria that are common <strong>to</strong> all the participants are known<br />
as open e-marketplaces.
444 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Private — E-marketplaces that restrict the participation of buyers and<br />
sellers, either because they are truly extranets or virtual private networks<br />
(VPNs) or industry-sponsored hubs for exclusive participants are known<br />
as private exchanges.<br />
Pass-through vs. brokered e-marketplaces<br />
Pass-through — E-marketplaces that are responsible for just the<br />
introduction of buyers and sellers are called pass-through exchanges.<br />
They do not offer any transaction processing services, leaving it <strong>to</strong><br />
the individual parties involved. Such a model is suitable only for direct<br />
materials transactions where buyers and sellers do business based on trust.<br />
Brokered — E-marketplaces that facilitate the entire transaction, apart<br />
from providing a platform where buyers and sellers can meet, are called<br />
brokered exchanges. They are suitable for indirect material transactions<br />
(MRO — maintenance, repair and operating supplies like office<br />
stationery, etc.).<br />
15.2.4. Market makers<br />
Apart from providing typical e-marketplace services such as portal and<br />
media<strong>to</strong>r model-based exchanges, market makers actually provide<br />
liquidity and stability in the marketplace by buying from sellers and<br />
selling it <strong>to</strong> buyers. Market makers exert direct influence on demand<br />
and supply and thereby on the prices. This concept is very popular in<br />
the financial and utility industry.<br />
15.2.5. Dynamic trading through <strong>B2B</strong> e-marketplaces<br />
<strong>B2B</strong> e-marketplaces enable the formation of dynamic trading communities<br />
where a community of buyers and sellers can trade online. Dynamic<br />
trading occurs when market conditions, such as volatility, supply and<br />
demand and other external fac<strong>to</strong>rs determine the price at which companies<br />
buy or sell goods and services. <strong>B2B</strong> dynamic trading occurs in the form<br />
of RFP/RFQ bidding, liquidating excess inven<strong>to</strong>ries, etc.
E-Marketplaces and <strong>Collaborative</strong> Networks 445<br />
It has inherent advantages over fixed price trading because of its<br />
superior ability <strong>to</strong>:<br />
• Dynamically adjust the prices in situations with high uncertainty or in<br />
response <strong>to</strong> change in supply/demand (driving down prices <strong>to</strong> sell off<br />
end-of-life products and reduce the impact of inven<strong>to</strong>ry write offs); and<br />
• Allocate goods and services from those who can provide them most<br />
efficiently <strong>to</strong> those who value them the most.<br />
15.2.6. Governance of e-marketplaces<br />
Just as s<strong>to</strong>ck exchanges, such as the NSE and the NYSE, provide<br />
governance for trades transacted through them; in a similar way,<br />
e-marketplaces have <strong>to</strong> provide governance <strong>to</strong> ensure transaction<br />
reliability, enforceability, fairness and honesty in dealings among parties<br />
that trade on the exchange. E-marketplaces have <strong>to</strong> make sure that the<br />
participating companies do not misuse the system and uphold their<br />
responsibilities and obligations. E-marketplaces should set up a set of<br />
rules and procedures that define the dos and the don'ts of the operational<br />
standards and a standard of conduct for participants.<br />
The key features of a <strong>B2B</strong> e-marketplace governance mechanism are:<br />
• Standardization of the contracts that trade on the e-marketplace;<br />
• Agreements between the e-marketplace and its participants; and<br />
• Standing committees <strong>to</strong> assure enforcement and participant input.<br />
15.2.7. Benefits of <strong>B2B</strong> e-marketplaces<br />
The benefits of <strong>B2B</strong> e-marketplaces are:<br />
Common benefits <strong>to</strong> all participants<br />
Benefits enjoyed by all participants of an e-marketplace are:<br />
• Dynamic price determination due <strong>to</strong> real-time connections between a<br />
large population of buyers and sellers;<br />
• Optimization of resource utilization and improved scheduling and<br />
cycle times throughout supply chain;
446 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Secured transactions end-<strong>to</strong>-end;<br />
• Personalized services with full privacy protection;<br />
• Enhanced collaboration for design, development and fulfillment of<br />
new products; and<br />
• 24/7/365 access and support.<br />
Benefits <strong>to</strong> buyers<br />
E-marketplaces offer several benefits <strong>to</strong> buyers; for example, reducing<br />
order processing and e-procurement costs by as much as 60-70% per<br />
order. They are able <strong>to</strong> achieve such drastic reductions because of<br />
au<strong>to</strong>mating purchasing processes and workflow; obtaining greater<br />
transparency in product lines and suppliers; and aggregating purchases<br />
through the exchange. Participating buyers no longer have <strong>to</strong> wait<br />
endlessly for catalogs <strong>to</strong> arrive by mail and have manual intervention <strong>to</strong><br />
place orders by phone or fax.<br />
By becoming a participant member of a <strong>B2B</strong> e-marketplace, buyers<br />
get the following services:<br />
• Access <strong>to</strong> multiple suppliers across the globe;<br />
• Real-time information pertaining <strong>to</strong> product offerings, product<br />
promotions, discontinued product closeouts and new product pricing;<br />
• Direct comparison of prices, terms and specifications;<br />
• Filtered and personalized industry-wide contents relevant <strong>to</strong> their<br />
interests;<br />
• Order fulfillment information that includes order status, shipping dates<br />
and back orders;<br />
• Contract management information that includes contract changes and<br />
expirations; and<br />
• Purchasing pattern-moni<strong>to</strong>ring services that allow effective inven<strong>to</strong>ry<br />
maintenance.<br />
Benefits <strong>to</strong> sellers<br />
E-marketplaces have several benefits <strong>to</strong> offer sellers, including the<br />
lowering costs from process integration and collaborative supply chain.<br />
Some of the tangible benefits are:
E-Marketplaces and <strong>Collaborative</strong> Networks 447<br />
• Access <strong>to</strong> new buyers in the same industry or other sec<strong>to</strong>rs across all<br />
geographic regions at minimal cost;<br />
• Easy announcement of a new product or a change in a product by<br />
publishing the information in just one place — the exchange;<br />
• Significant reduction of cost of retaining existing cus<strong>to</strong>mers and<br />
acquiring new ones;<br />
• Au<strong>to</strong>mated order processing and transactions, which allows suppliers<br />
<strong>to</strong> respond in real-time <strong>to</strong> buyers' requests, resulting in better cus<strong>to</strong>mer<br />
service;<br />
• Power <strong>to</strong> grow the market share by aggregating demand from multiple<br />
buyers; and<br />
• Improved efficiency and reduced inven<strong>to</strong>ry through au<strong>to</strong>mated supply<br />
chain cycle, which gives real-time access <strong>to</strong> demand information from<br />
all buyers.<br />
NTE EMPOWERING TRANSPORTATION MANAGEMENT<br />
Introduction<br />
The National Transportation Exchange (NTE) is an example of a<br />
successful vertical <strong>B2B</strong> trading exchange that has survived the <strong>B2B</strong><br />
shakeout. The goals of the exchange are <strong>to</strong> offer greater connectivity<br />
among shippers and carriers for logistics optimization and <strong>to</strong> act as a<br />
singular transportation management and execution source for an<br />
industry that offers the best features of a dynamic market, as with<br />
perishable inven<strong>to</strong>ry. It generates revenue through the spread between<br />
the shipper and the carrier.<br />
NTE has a neutral marketplace for buyers and sellers <strong>to</strong> trade<br />
ground transportation at a market-driven price interactively (see<br />
Figure 15.7). It combines its online public marketplace with a private<br />
auction service that allows closed negotiations between trading partners.<br />
Who are the Participants?<br />
The exchange participants include shippers, consignees, third-party<br />
logistics providers, brokers, truckload carriers, freight forwarders and<br />
other intermediaries.<br />
Continue on page 448
448 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
NTE'S <strong>B2B</strong>/E-Commerce Trading Solution<br />
Supply Chain Management<br />
Ground Transportation Air Transportation 1<br />
Management K j<br />
Shippers<br />
Market-Based J Member-Specific! Value-Added<br />
Pricing J Requirements J Services<br />
Carriers<br />
Figure 15.7. — NTE's <strong>B2B</strong> trading exchange<br />
What are the Services Offered?<br />
Continued from page 447<br />
NTE supports full execution around the logistics of transportation<br />
management and trade. Apart from providing just transaction services,<br />
such as doing a placement, generating notifications for the core carriers<br />
and placing the offer in the trading exchange, it also offers performance<br />
reporting and financial reconciliation services.<br />
<strong>Integration</strong> with Cus<strong>to</strong>mer's Internal Systems<br />
Through its partnership with companies such as Manugistics, SAP<br />
and i2 Technologies, NTE is able <strong>to</strong> provide integration with<br />
cus<strong>to</strong>mers' back-office internal systems. This enables cus<strong>to</strong>mers <strong>to</strong><br />
optimize freight movement with existing trade partners, with the<br />
option of using NTE's trading exchange for real-time pooling of<br />
less-than-truck-load orders. The exchange can then dynamically find<br />
Continue on page 449
E-Marketplaces and <strong>Collaborative</strong> Networks 449<br />
Continued from page 448<br />
a shipper with such matching parameters as location and size of load.<br />
This real-time collaboration among trading partners and exchange<br />
leads <strong>to</strong> better supply chain visibility, transaction abilities, visualization<br />
of the whole supply chain while inven<strong>to</strong>ry is in motion and cost and<br />
service efficiencies.<br />
Benefits <strong>to</strong> the Participants<br />
The benefits of shippers participating in NTE include guaranteed<br />
capacity, access <strong>to</strong> multiple carriers leading <strong>to</strong> optimum cost benefit,<br />
comprehensive reporting system on delivery loss, damages etc.,<br />
compliance management and a single party <strong>to</strong> contact, a single check<br />
<strong>to</strong> write, a single point <strong>to</strong> access all transportation needs. They can<br />
also enter up <strong>to</strong> 150 business rules, such as freight type, shipment time,<br />
size, distance, routing, service levels and insurance requirement, which<br />
are the parameters considered during the matching of the orders.<br />
The benefits <strong>to</strong> the carriers include higher profit margins, full<br />
loads of transportation and access <strong>to</strong> multiple shippers.<br />
Source: Condensed from National Transportation Exchange: A Case Study,<br />
Strategis.gc.ca.<br />
15.2.8. Which e-marketplace <strong>to</strong> join?<br />
Since there are so many e-marketplaces with wide-ranging diversity in<br />
each industry, a company may face <strong>to</strong>ugh decisions about which exchange<br />
<strong>to</strong> join. The key fac<strong>to</strong>r that you should consider is the capability of the<br />
digital market <strong>to</strong> create a substantial value proposition directly affecting<br />
the bot<strong>to</strong>m line.<br />
A few minimum criteria that a company must evaluate include:<br />
Goals of participating in an e-marketplace<br />
A company must detail the short-term and long-term goals of becoming<br />
a participant in an e-marketplace. Is it a big company? If so, can the<br />
company start its own buyer or supplier centric exchange rather than
450 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
participating in one? Is it a small company? If so, what kind of services<br />
and infrastructure support should it look for from e-marketplaces?<br />
These are the questions that companies have <strong>to</strong> raise and find the<br />
answers in-house. Once the goals are established, the hunt for an<br />
e-marketplace(s) can begin.<br />
Liquidity<br />
This is the single most critical fac<strong>to</strong>r that can make an e-marketplace a<br />
success or a failure. Without liquidity in an e-marketplace, sellers will<br />
not be able <strong>to</strong> find buyers and vice versa. There will be fewer transactions<br />
through the exchange, resulting in lower revenues and threatening its<br />
very survival. Thus, an e-marketplace should have a lot of participants<br />
in that vertical industry — big and small.<br />
Pursue your major cus<strong>to</strong>mers<br />
As a supplier, a company cannot afford <strong>to</strong> lose its major cus<strong>to</strong>mers.<br />
Companies should become members of <strong>B2B</strong> e-marketplaces that their<br />
major cus<strong>to</strong>mers participate in.<br />
Focus<br />
It is essential <strong>to</strong> evaluate what the main focus group of any e-marketplace<br />
is. Is it small, medium or large size suppliers and buyers; or a combination<br />
of all three? It is equally essential <strong>to</strong> know the purpose of the e-marketplace<br />
— whether it is serving a horizontal or vertical community.<br />
Credit worthiness<br />
Since e-marketplaces enable buyers and sellers <strong>to</strong> transact business<br />
dynamically, they should either directly or through a third party accept<br />
the responsibility of certifying transactions. <strong>B2B</strong> transactions involve<br />
huge amounts, and credibility is an important deciding fac<strong>to</strong>r. Most of<br />
the e-marketplaces outsource the accountability of certifying buyers and<br />
suppliers and their credit worthiness <strong>to</strong> companies such as Identrus.
Enhanced services<br />
E-Marketplaces and <strong>Collaborative</strong> Networks 451<br />
E-marketplaces should evolve from a transaction and supply chain<br />
aggregation based model <strong>to</strong> new models based on transactions, content,<br />
integrated e-procurement and collaborative supply chain. They should<br />
provide affordable, secure and single point of supply chain interaction<br />
and support integration with existing systems, such as ERP and order<br />
processing.<br />
Neutrality<br />
It is critical that e-marketplaces prevent any side playing a dominant<br />
role by dictating such matters as the technology and operational standard,<br />
since it should be neutral <strong>to</strong> all participants. Of course, if a company<br />
decides <strong>to</strong> participate in a buyer centric or a supplier centric exchange,<br />
the operating and technical standards would be dictated by them.<br />
Setup, participation and transaction fees<br />
Setup costs for participating in any e-marketplace should not be <strong>to</strong>o<br />
steep. These costs may also be dependent on the volume of content that<br />
needs <strong>to</strong> be put online in the exchange. Several e-marketplaces do not<br />
charge any one-time participation or annual fees from buyers. They do,<br />
however, charge substantial fees from suppliers. So, as a supplier, a<br />
company should negotiate fees with companies running e-marketplaces.<br />
It may even create alliances with other suppliers and bargain for a<br />
group/volume discount.<br />
Some exchanges do not charge any participation fees even <strong>to</strong> suppliers.<br />
Suppliers pay fees (volume-based, percentage of <strong>to</strong>tal transaction or flat<br />
annual fees) only when they receive a confirmed order from buyers.<br />
Flexible, secured, scalable technology<br />
The technology supported by e-marketplaces should be flexible, so that<br />
it is interoperable with the internal systems of companies, and architecture<br />
should be flexible enough so that adding any off-the-shelf product (like<br />
adapters for internal systems) requires much less coding. Additionally,
452 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
the hardware and software on which e-marketplaces are built should be<br />
scalable and secured <strong>to</strong> support any number of transactions per day and<br />
have 24/7/365 availability.<br />
One of the main causes of the failure of many <strong>B2B</strong> e-marketplaces<br />
has been that available technology does not match with processes<br />
within companies.<br />
Content aggregation and distribution<br />
E-marketplaces should provide complete content management services,<br />
such as aggregation, formatting, cleansing, mapping, cus<strong>to</strong>mization and<br />
distribution. They should incorporate supplier-neutral content as a<br />
foundation for content management and maintenance. No matter how<br />
good the trading engine of the exchange is, if buyers are not able <strong>to</strong><br />
search and find products easily and suppliers are not able <strong>to</strong> publish their<br />
product contents <strong>to</strong> the e-marketplaces, there can be virtually no trading.<br />
Content management is one of the most difficult challenges involved,<br />
since the format of the data coming from multiple sources can be<br />
widely different. It has <strong>to</strong> be cleansed in<strong>to</strong> standard formats like XML<br />
and parsed, so that it can be easily imported in<strong>to</strong> the e-marketplace's<br />
platform and exchanged with trading partners. The contents should be<br />
dynamic (updated as and when the underlying data changes) with the<br />
facility of adding new products instantly. Distribution of cus<strong>to</strong>mized<br />
content, such as contract pricing, volume discount and negotiation of<br />
terms between suppliers and buyers, should also be a part of this<br />
service. Most of the exchanges outsource this service <strong>to</strong> vendors such<br />
as Aspect Development and ec-Content.<br />
Support for EDI/XML-based documents<br />
E-marketplaces should be able <strong>to</strong> support all leading XML industry<br />
standards, EDI-based transactions and provide EDI-XML data conversion.<br />
Dynamic pricing<br />
The e-marketplace should create an environment where the supply<br />
meets the demand and the prices are determined dynamically through
E-Marketplaces and <strong>Collaborative</strong> Networks 453<br />
services like auctions. Not only should the matching of trades be based<br />
on prices, but also fac<strong>to</strong>rs such as logistics, warranty and quality.<br />
Interoperability with other e-marketplaces<br />
An e-marketplace should provide interoperability with other e-marketplaces.<br />
For example, CommerceOne.net, an open <strong>B2B</strong> e-marketplace,<br />
interoperates with all of the mega exchanges that are members of the<br />
Global Trading Web (an interconnected network of e-marketplaces).<br />
Negotiation<br />
Negotiation is one of the key fac<strong>to</strong>rs for buyers <strong>to</strong> participate in an emarketplace.<br />
With this feature, buyers can pre-select qualified suppliers<br />
by filtering out those who do not meet basic criteria. They can then<br />
negotiate on a one-<strong>to</strong>-one basis with suppliers on various terms. All the<br />
key terms for negotiation should be electronically documented by the<br />
exchange for future reference.<br />
Training<br />
Lastly, e-marketplaces should provide appropriate and thorough training.<br />
Without proper training, internal users of companies may get overwhelmed<br />
with the application and its usage.<br />
15.2.9. <strong>B2B</strong> e-marketplaces services<br />
Some of the core services provided by an e-marketplace are (see<br />
Figure 15.8):<br />
Trading events<br />
• Auction — Auction services of e-marketplaces, leading <strong>to</strong> dynamic<br />
pricing, make them true exchanges. Auctions can be either seller or<br />
buyer centric. In the former, sellers list the item <strong>to</strong> sell and multiple<br />
buyers bid for this item. Through auctioning, suppliers can easily<br />
dispose of their excess inven<strong>to</strong>ries and generate revenue on inven<strong>to</strong>ry
454 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Content<br />
User<br />
Profiles<br />
Catalogs<br />
News and<br />
Data<br />
Contacts<br />
Adapters<br />
Transformati on<br />
Translation<br />
Transactions<br />
Fulfillment<br />
Logistics<br />
Order<br />
Mgmt.<br />
Invoice/<br />
PO,Other<br />
Requisition<br />
Source: Gartner Group<br />
Dynamic<br />
Trade<br />
Exchange<br />
Auction/<br />
Reverse<br />
RFQ/<br />
RFP<br />
Pricing<br />
Collaboration<br />
CRM<br />
Design &.<br />
Sourcing<br />
Demand<br />
Planning<br />
SCM<br />
Content Aggregation<br />
Shared Workflow/<br />
Process Matching<br />
Catalog Aggregation<br />
Business<br />
Services<br />
Training<br />
Expert<br />
Advice<br />
Marketing<br />
Business<br />
Dev.<br />
Figure 15.8. — E-marketplace services<br />
Administration<br />
Personalization<br />
Permissions<br />
Tracki ng/<br />
Audit<br />
Member<br />
Services<br />
Adapters<br />
Transformation<br />
Translation<br />
which otherwise would be written off. In buyer driven auctions,<br />
buyers specify the item <strong>to</strong> buy and multiple suppliers compete <strong>to</strong> get<br />
that order. Buyers can easily get discounted services or goods as<br />
downward pricing pressure is induced in such an auction.<br />
• Direct Selling — As the name indicates, direct selling allows direct<br />
dynamic trade between sellers and buyers of any e-marketplace.<br />
• RFQ/RFP — E-marketplaces should provide buyers the ability <strong>to</strong><br />
submit RFQs and RFPs <strong>to</strong> all sellers. Through this service, buyers<br />
get multiple quotes for goods or service and sellers get sales leads.<br />
Full-service transactions<br />
• Logistics — As the volume of products transacted over <strong>B2B</strong><br />
e-marketplaces increases, there will be a corresponding increase in<br />
the demand for management of the movement of these products. <strong>B2B</strong><br />
e-marketplaces should directly or through external vendors provide
E-Marketplaces and <strong>Collaborative</strong> Networks 455<br />
an infrastructure <strong>to</strong> execute transportation processes from dock-<strong>to</strong>dock.<br />
• Order management — E-marketplaces should offer full order management<br />
services that can enable participant companies <strong>to</strong> effectively<br />
manage all aspects of purchases and sales order management. The order<br />
management system should au<strong>to</strong>mate the generation and distribution<br />
of documents, such as purchase orders (POs), PO changes, PO acknowledgments,<br />
invoices and goods receipts. It should tightly integrate all<br />
participants of a supply chain by enabling communication with third<br />
party financial institutions for electronic settlement, logistics provision<br />
and warehouse facilities. A system that provides end-<strong>to</strong>-end, realtime<br />
transparency of order flow throughout its lifecycle helps in<br />
drastically reducing the cash-<strong>to</strong>-cash cycle, minimizes the day's sales<br />
outstanding and makes supply chains more responsive.<br />
• Electronic Bill Presentation and Payment (EBPP) — According <strong>to</strong><br />
the consulting firm Ovum, companies can save up <strong>to</strong> 70% in processing<br />
costs associated with distributing paper-based invoices by using EBPP.<br />
E-marketplaces should offer EBPP services, so that companies can<br />
streamline financial process management by selecting terms and<br />
schedules that fit their size and requirements. One of the best examples<br />
of EBPP service deployment is that of GE Global eXchange that has<br />
a billion transactions worth $1 trillion annually.<br />
• Secured messaging & data exchange — E-marketplaces should<br />
support secured messaging and data exchange services that accept<br />
and transmit data in various formats and communication pro<strong>to</strong>cols<br />
(such as ANSI XI2, UN/EDIFACT, EDI-INT, CXML, RosettaNet,<br />
HTTPS, SSL, FTP and other popular standards) that the participants<br />
use.<br />
Collaboration<br />
• Product collaboration — If an e-marketplace provides product<br />
collaboration services, the participating companies can collaborate in<br />
distributed product development <strong>to</strong> create innovative and profitable<br />
products (see Figure 15.9). This is usually a hosted subscription
456 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Company C<br />
Figure 15.9. — E-marketplaces collaboration services<br />
service provided by an e-marketplace that needs heavy investment in<br />
staffing and infrastructure for networking, computing and security.<br />
The use of this subscription service would save a company a lot in<br />
extensive networking, computing, security and integration infrastructure<br />
required <strong>to</strong> support distributed product development.<br />
For instance, E2open — a leading secure collaboration network for<br />
the electronics industry, with participants such as Acer, Hitachi, IBM,<br />
LG Electronics, Lucent Technologies, Matsushita Electric (Panasonic),<br />
Nortel Networks, Seagate Technology, Solectron and Toshiba — provides<br />
very effective product collaboration services.<br />
• Supply Chain Management (SCM) — E-marketplaces should provide<br />
supply chain collaboration services (such as standard business process<br />
workflows in the areas of forecasting, planning and procurement), by<br />
offering a centralized hub, enabling supply chain collaborations on a<br />
shared many-<strong>to</strong>-many platform.
E-Marketplaces and <strong>Collaborative</strong> Networks 457<br />
By linking the information systems of their trading partners, companies<br />
can immediately view changes in a wide variety of fac<strong>to</strong>rs, including<br />
consumer demand and raw material supply. As a result, companies can<br />
respond <strong>to</strong> changing market conditions with rapid, intelligent decisions,<br />
reducing inven<strong>to</strong>ries significantly and maximizing manufacturing throughput.<br />
Companies will no longer compete enterprise-<strong>to</strong>-enterprise, but supply<br />
chain-<strong>to</strong>-supply chain<br />
15.3. How E-Marketplaces Fit in<strong>to</strong> a Company's<br />
<strong>B2B</strong>i Plans<br />
Until e-marketplaces are integrated in<strong>to</strong> companies' internal processes,<br />
real cost benefits of participating in them cannot be realized. Integrating<br />
an e-marketplace involves complex interactions among back-office<br />
processes and systems, such as existing procurement, enterprise resource<br />
planning and supply chain applications. Some of the major integration<br />
issues that companies face are:<br />
15.3.1. Catalog publishing<br />
Each supplier has <strong>to</strong> publish the product contents for its buyers and<br />
exchanges. Each buyer and exchange may request its own format <strong>to</strong><br />
accept the data. Suppliers run in<strong>to</strong> grave problems when attempting <strong>to</strong><br />
manage and maintain the product content for multiple channels.<br />
Solutions from companies like ec-Content solve this problem by<br />
accepting just a single feed of data from suppliers and generating output<br />
in multiple formats acceptable by major exchange vendors, such as Ariba,<br />
Commerce One, Oracle and i2. They also add value <strong>to</strong> the product information<br />
and pricing, making it easy for them <strong>to</strong> find, evaluate and buy.<br />
ec-Content's process works as follows (see Figure 15.10):<br />
Step 1 — Supplier provides the data feed <strong>to</strong> ec-Content.<br />
Step 2 — The Q-Centric process formats and enhances the supplier<br />
catalog products.<br />
Step 3 — ec-Content distributes the files <strong>to</strong> the supplier's cus<strong>to</strong>mers<br />
and exchanges in whatever file format they require, for example text<br />
files, EDI, XML, MS Excel.
458 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Supplier<br />
Data ^<br />
E-marketplace<br />
Buyer<br />
The Q-Centrle<br />
Process Distribu<strong>to</strong>r<br />
Figure 15.10. — Q-Centric process — An example of catalog publishing<br />
15.3.2. Receiving and processing orders<br />
E-marketplaces have <strong>to</strong> be integrated with back-end business processes<br />
of receiving and processing orders <strong>to</strong> capture the advantages of supply<br />
chain integration, pricing and revenue optimization, electronic workflow<br />
and seamless transactional capabilities. This integration can be done<br />
either on a file-based batch interface or a real-time application programming<br />
interface (API) level. Several vendors, such as Commerce One,<br />
Ariba and RightWorks, provide both buyer-side and supplier-side<br />
solutions for fully au<strong>to</strong>mating the electronic flow of documents (such as<br />
purchase orders, purchase order acknowledgments, purchase order check<br />
and availability check).<br />
For instance, Commerce One provides XML Portal Connec<strong>to</strong>r (XPC)<br />
— a stand-alone, server-based application that resides at the supplier's<br />
site. This application provides an out-of-the-box, file exchange capability,<br />
using Java APIs for seamless integration between back-office systems<br />
(such as supplier's order management/ERP system) and Commerce<br />
One e-marketplaces. XPC installation includes the XML Commerce<br />
Connec<strong>to</strong>r, which provides secure, efficient and validated communication<br />
with an e-marketplace.<br />
The steps involved in a typical e-procurement cycle using XPC are<br />
(see Figure 15.11):<br />
Step 1 — The buyer (1) generates a requisition approved by Enterprise<br />
buyer (2) and s<strong>to</strong>red in the Enterprise buyer database (3). Enterprise<br />
buyer generates an approved purchase order in the form of an XML file
Buyers<br />
© BE': via the Internet<br />
by HTTP/S and<br />
Enterprise Buyer the MarketSite [I<br />
»•§•. o<br />
Enterprise Buyer<br />
Database/ERP <strong>Integration</strong><br />
Messaging<br />
Layer<br />
e<br />
m<br />
E-Marketplaces and <strong>Collaborative</strong> Networks 459<br />
Market-<br />
Site<br />
e<br />
MarketSite<br />
Data System<br />
Web Server<br />
running<br />
Suppy Order<br />
via the Internet by<br />
HTTP/S and the<br />
MarketSite<br />
Messaging Layer<br />
or a Standards<br />
Based Gateway<br />
o<br />
Supplier<br />
o o<br />
Supplier XPC, „ S " pp, i? r<br />
ThiKrf „=.*./ Back-office<br />
Third-party em*..<br />
Product,<br />
or Gateway Receiver<br />
(e.g. OBI server)<br />
Figure 15.11. — Commerce One's XPC solution for integration<br />
System<br />
(xCBL) representing this requisition. The file is securely sent over the<br />
Internet <strong>to</strong> MarketSite (4) — Commerce One's e-marketplace.<br />
Step 2 — MarketSite sends the newly arrived POs via HTTPS and<br />
the MarketSite messaging layer, or via a standards-based gateway,<br />
<strong>to</strong> the supplier's XPC or a gateway receiver (8). The receiver submits<br />
the PO <strong>to</strong> the supplier's back office system (9), gets a PO response,<br />
builds a response document, then returns it <strong>to</strong> MarketSite (4), which<br />
optionally reformats the results (e.g., transforming OBI 855s <strong>to</strong> xCBL<br />
OrderResponse documents) and sends them <strong>to</strong> Enterprise buyer (2).<br />
Enterprise buyer s<strong>to</strong>res the results for display <strong>to</strong> the end user (3).<br />
15.3.3. Data transformation<br />
In each industry there has been a proliferation of XML standards,<br />
which are not compatible with each other. Thus, employing a solution<br />
that integrates a legacy system with one e-marketplace may fail drastically<br />
in linking <strong>to</strong> another e-marketplace. For example, Ariba uses cXML<br />
while Commerce One uses ebXML. These flavors of XML are not<br />
compatible with each other.<br />
Companies have <strong>to</strong> deploy a data translation server, which may be a<br />
part of a <strong>B2B</strong> application server that accepts any file format from<br />
buyers and sellers such as flat files, EDI, XML (all leading standards)<br />
and transports them <strong>to</strong> their clients. Data transformation vendors include
460 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
CardoNet, OnDisplay, Cohera, webMethods, Cyclone Commerce and<br />
StreamServe.<br />
For instance, StreamServe Business Communication Platform<br />
represents a flexible communication layer that allows au<strong>to</strong>mated<br />
communication processes <strong>to</strong> be defined in a unified and structured<br />
manner. StreamServe processes multiple incoming documents and<br />
prepares them for output in a structured data stream <strong>to</strong> the receiver,<br />
based on pre-determined communication rules.<br />
15.3.4. Integrating credit, financing and collection<br />
system with ERP<br />
Dynamic trade with unknown parties in <strong>B2B</strong> e-marketplaces can be<br />
risky at times. In order for a company <strong>to</strong> safeguard itself from malicious<br />
trades, it needs <strong>to</strong> integrate credit, financing and collection components<br />
with ERP systems, which enables au<strong>to</strong>mated credit reviews of new<br />
cus<strong>to</strong>mers, identify and pre-qualify new cus<strong>to</strong>mers, streamline collection<br />
processes and au<strong>to</strong>mate enterprise-wide receivables management.<br />
The credit system would accept an application from a cus<strong>to</strong>mer,<br />
retrieve information about the credit his<strong>to</strong>ry from a credit bureau such<br />
as EDGAR (this information may come in different formats), clean the<br />
data <strong>to</strong> a single uniform format, make a decision on the credit limit —<br />
based on the credit rules that a company may have fed in<strong>to</strong> the system<br />
— and send out a response <strong>to</strong> the cus<strong>to</strong>mer. This whole process has <strong>to</strong><br />
be fully au<strong>to</strong>mated and completed at Internet speed.<br />
15.4. Emergence of <strong>B2B</strong> <strong>Collaborative</strong> Networks<br />
There are several prominent reasons that have led <strong>to</strong> the failure of most<br />
of the e-marketplaces. From an integration and services point of view,<br />
the important ones are:<br />
15.4.1. Just another point of connection<br />
<strong>B2B</strong> e-marketplaces act like middlemen, bringing buyers and sellers<br />
<strong>to</strong>gether. However, there are multiple exchanges sprouting in each
Company A<br />
Application<br />
Application<br />
t-marketplace X<br />
E-Marketplaces and <strong>Collaborative</strong> Networks 461<br />
.^plication<br />
Company B<br />
/•^plication<br />
Application<br />
Application<br />
Figure 15.12. — The <strong>B2B</strong> traffic jam<br />
Company C<br />
Application<br />
Application<br />
C-marketplace ¥<br />
vertical industry, each supporting different technology and different data<br />
formats. Each company eventually plans <strong>to</strong> participate in multiple<br />
exchanges. In order <strong>to</strong> participate in each individual exchange, companies<br />
have <strong>to</strong> establish a connection. Establishing, managing and maintaining<br />
a multiple point-<strong>to</strong>-point connection (see Figure 15.12) between a<br />
company, trading partners and e-marketplaces is extremely difficult and<br />
expensive.<br />
The more e-marketplaces that a company participates in, the greater<br />
the transaction data formats that it has <strong>to</strong> support (see Figure 15.13).<br />
This may make the whole scheme error prone as it takes only one slight<br />
error in format <strong>to</strong> cause transactions <strong>to</strong> fail.
462 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
I I f •"»•' t I I<br />
tut XEDI RosettaNet Plat Hie cXML ebXML<br />
Supplier Supplier Supplier Reseller E-marketplace E-marketplace<br />
Figure 15.13. — Different data formats for e-marketplaces<br />
Thus, there are severe shortcomings of point-<strong>to</strong>-point connection<br />
mechanism (with e-marketplaces being a point of connection themselves),<br />
such as:<br />
• Disparate technologies and platforms used by buyers, sellers and<br />
marketplaces, leading <strong>to</strong> integration headaches;<br />
• Insufficient leverage of existing technologies like EDI; and<br />
• Budding <strong>B2B</strong> standards that are far from maturity.<br />
All these have created the need for a single point of connection which<br />
all of the trading partners, intermediaries and e-marketplaces can use.<br />
15.4.2. Lack of support for collaborative <strong>commerce</strong><br />
<strong>Collaborative</strong> e-<strong>commerce</strong>, also know as c-<strong>commerce</strong>, is enabled through<br />
a collaborative framework that integrates cross-organization business<br />
process, cus<strong>to</strong>mer relationships and knowledge. C-<strong>commerce</strong> is the next<br />
generation of e-<strong>commerce</strong>, that brings about an evolution of the traditional<br />
supply chain process.<br />
E-marketplaces primarily focus on constructing a virtual community<br />
of trading partners <strong>to</strong> buy or sell goods and services. But the scope of<br />
collaborative <strong>commerce</strong> is far beyond just trading.<br />
15.4.3. <strong>B2B</strong> collaborative networks<br />
<strong>B2B</strong> collaborative networks enable formation of collaborative trading<br />
communities and any-<strong>to</strong>-any connectivity by linking <strong>to</strong>gether buyers,
Company A<br />
fe3<br />
Application<br />
Application<br />
Application<br />
E-Marketplaces and <strong>Collaborative</strong> Networks 463<br />
Application<br />
<strong>B2B</strong> <strong>Collaborative</strong><br />
Network<br />
Application<br />
E-marketplace X<br />
Figure 15.14.<br />
Company B<br />
Application<br />
Application<br />
Application<br />
Company C<br />
Application<br />
Application<br />
E-marketplace Y<br />
<strong>B2B</strong> collaborative network<br />
suppliers and e-marketplaces (see Figure 15.14). They provide open<br />
interfaces <strong>to</strong> tie <strong>to</strong>gether all the participants' applications in<strong>to</strong> an<br />
integrated network, thereby creating a single, collaborative and responsive<br />
<strong>B2B</strong> e-<strong>commerce</strong> solution. By participating in such a network, a company<br />
transacts business with all its trading partners using a single connection,<br />
a single format (see Figure 15.15) and only a single method of security.<br />
According <strong>to</strong> The C-Commerce Framework report by the Gartner<br />
Group, companies that employ a collaborative <strong>commerce</strong> framework<br />
can expect a 40% gain in profitability by 2003.<br />
Some of the services of the networks include (see Figure 15.16):<br />
• <strong>Integration</strong> — Provides full integration with the internal systems of<br />
the companies and thereby leverages existing infrastructure, such as
464 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Supplier<br />
Figure 15.15<br />
Supplier Relationship<br />
Management<br />
_£3LCb—<br />
Buyer<br />
t<br />
Buyer's Preferred Format<br />
. I- •<br />
<strong>B2B</strong><br />
Reseller E-marketplace E-marketplace<br />
Single data format for <strong>B2B</strong> collaborative networks<br />
Collaboration Services<br />
such as New<br />
Product Development<br />
Supply Chain<br />
Management<br />
Trading and<br />
Commerce<br />
Any-<strong>to</strong>-Any<br />
Connectivity<br />
Services of<br />
<strong>B2B</strong><br />
<strong>Collaborative</strong><br />
Networks<br />
Value-added Services<br />
such as Logistics,<br />
Freight and Settlement<br />
<strong>Integration</strong><br />
Transaction<br />
Management<br />
Content<br />
Management<br />
Cus<strong>to</strong>mer<br />
Relationship Management<br />
Figure 15.16. — Services of <strong>B2B</strong> collaborative networks
E-Marketplaces and <strong>Collaborative</strong> Networks 465<br />
EDI. Supports all the leading Internet technologies (PKI, SSL, Digital<br />
Certificates, LDAP, XML and different industry standards);<br />
• Content — A robust, searchable, interoperable content infrastructure<br />
that requires suppliers <strong>to</strong> publish catalog content once in a single<br />
format;<br />
• Collaboration — Includes design collaboration, supply collaboration,<br />
supply chain planning and inven<strong>to</strong>ry visibility features;<br />
• Connectivity — Buyers can link their Supplier Relationship<br />
Management (SRM) systems, ERP and e-procurement systems; and<br />
suppliers can link their Order Management, ERP and CRM systems<br />
with the network through private networks (VANs) or the Internet; and<br />
• Commerce — Includes RFQ and auctions, order management, financial<br />
settlement and logistics.<br />
For example, any-<strong>to</strong>-any connectivity provided by i2's Tradematrix<br />
Open Network Commerce (see Figure 15.17) helps enterprises,<br />
marketplaces and service providers interact seamlessly.<br />
I<br />
Buyers<br />
^gTradeMatrlx Open Commerce Network rf^.<br />
Private<br />
Sellers<br />
V<br />
Q I Enterprise 1<br />
I J<br />
Figure 15.17. — i2's TradeMatrix Open Commerce Network
466 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Ariba Commerce Services Network (Ariba CSN) and Commerce<br />
One MarketSite are other examples of such networks. They provide<br />
solutions from basic interoperability and connectivity <strong>to</strong> advanced<br />
capabilities for specialized <strong>commerce</strong> processes.<br />
15.5. Conclusion<br />
E-marketplaces are one of the best <strong>B2B</strong>i-enabled applications. The<br />
benefits of an e-marketplace for both buyers and sellers are considerable,<br />
depending upon the transaction mechanisms and services offered by the<br />
marketplace and the industry served by it. Participants have the ability<br />
<strong>to</strong> negotiate better pricing, reduce transaction costs and reach a broader<br />
range of cus<strong>to</strong>mers or suppliers.<br />
Companies should carefully consider their short-term and long-term<br />
procurement and supply chain strategies and minutely evaluate the<br />
services and features of an e-marketplace before deciding <strong>to</strong> invest in it.<br />
The need for any-<strong>to</strong>-any connectivity has given rise <strong>to</strong> <strong>B2B</strong><br />
collaborative networks, which allow multiple trading partners and<br />
e-marketplaces <strong>to</strong> replace dozens, sometimes hundreds, of point-<strong>to</strong>-point<br />
connections with a single connection <strong>to</strong> the network.
Part IV<br />
<strong>B2B</strong>i-Enabled Applications<br />
467
This page is intentionally left blank
Chapter "| Q<br />
<strong>B2B</strong> <strong>to</strong> P2P Evolution<br />
The focus of this chapter<br />
Peer-<strong>to</strong>-peer (P2P) computing represents the next revolution in the <strong>B2B</strong><br />
domain, as it will dramatically alter the way businesses communicate,<br />
collaborate and exchange data over the Internet.<br />
In this chapter, which is also the concluding chapter of the book, we<br />
will imagine the future of <strong>B2B</strong> applications as they are being shaped in<br />
the form of P2P-based architectures. Through examples, we will show<br />
the benefits of P2P applications in <strong>B2B</strong> integration.<br />
469
470 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
16.1. Why Peer-<strong>to</strong>-Peer?<br />
Throughout this book, the emphasis has been on efficient use of the<br />
three prime resources of the Internet — information, bandwidth and<br />
computing resources — for all current and future <strong>B2B</strong> applications.<br />
However, with the current client-server type architectures of <strong>B2B</strong><br />
applications, which have relatively fewer servers and many clients,<br />
these resources are grossly underutilized.<br />
In this final chapter of the book, we will discuss a new revolution,<br />
peer-<strong>to</strong>-peer (P2P) computing that could change radically the business<br />
models, applications and enterprise technology management approaches.<br />
Peer-<strong>to</strong>-peer computing based architecture allows for decentralized<br />
application design, moving from centralized server models <strong>to</strong> a distributed<br />
model where each peer, independent of software and hardware platforms,<br />
can benefit and profit from being connected <strong>to</strong> millions of other peers.<br />
In such architectures, clients and servers have a lateral relationship,<br />
rather than the traditional vertical relationship, giving the whole peer<br />
group tremendous processing power, s<strong>to</strong>rage space and network<br />
bandwidth. This revolutionary change allows every networked machine<br />
<strong>to</strong> connect <strong>to</strong> another machine, fully leveraging the previously unused<br />
resources and changing the <strong>B2B</strong> landscape.<br />
16.1.1. Let your imagination run wild<br />
Imagine a world in which billions and billions of electronic devices, all<br />
part of peer networks, seamlessly exchange messages and run applications<br />
among themselves. Imagine a world in which there is no need <strong>to</strong> load<br />
any software on computers, PDAs, cell phones. Imagine freedom from<br />
permanent IP addresses, domain names and registration with domain<br />
name servers. Imagine fully utilizing the worldwide computing resources<br />
of approximately 300 million PCs with average processing power of<br />
300 MHz and 3 GB drives on average. Imagine access <strong>to</strong> all the net<br />
connected PCs with 90 billion MHz of processing power and 300<br />
thousand terabytes of s<strong>to</strong>rage.<br />
P2P can make this fantasy come true. This is surely much bigger<br />
than the Internet revolution.
<strong>B2B</strong> <strong>to</strong> P2P Evolution 471<br />
Many major companies, including Intel (Peer-<strong>to</strong>-peer Working Group),<br />
Sun Microsystems (Juxtapose) and Microsoft (.Net) are inputting<br />
extensive resources <strong>to</strong> build a future based on this vision.<br />
16.1.2. What is P2P?<br />
Peer-<strong>to</strong>-peer computing is the direct sharing of computer resources and<br />
services between systems, without the use of a centralized server. P2Pbased<br />
architecture eliminates the need for setting up and managing a<br />
centralized infrastructure.<br />
Put simply, P2P clients talk <strong>to</strong> one another directly, without going<br />
through a central server. The client can range from a large multiprocessor<br />
server <strong>to</strong> a small desk<strong>to</strong>p computer <strong>to</strong> a handheld device.<br />
It involves file sharing, exchange of processing cycles, cache s<strong>to</strong>rage,<br />
messaging, Web services and distributed services. This architecture<br />
harnesses the typically unused, high desk<strong>to</strong>p computing power of<br />
each individual computer in the entire enterprise. It is the collective<br />
power of so many client nodes, also acting as servers that redefines<br />
the effective utilization of resources. The most popular example of<br />
a P2P-based application is Napster, although it is not business-<strong>to</strong>business.<br />
16.1.3. What is a peer group?<br />
A peer group can be defined as a collection of peers that agree <strong>to</strong> a<br />
common set of rules <strong>to</strong> generate, publish and exchange information. It<br />
is up <strong>to</strong> the group members <strong>to</strong> decide the governance rules like<br />
membership policy from public (open <strong>to</strong> all) <strong>to</strong> private (highly secured<br />
— open only by invitation) group.<br />
16.1.4. Features of a P2P application<br />
The most basic requirements of any P2P application are peer discovery<br />
and peer communication. A P2P application has the following typical<br />
features:
472 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Ability <strong>to</strong> discover other peers<br />
A P2P application should be able <strong>to</strong> locate other peers in the network.<br />
Since P2P networks cannot operate in an environment of stable<br />
connectivity and fixed IP addresses, the nodes (each device in the<br />
network is known as a node) have <strong>to</strong> operate outside Domain Name<br />
Service (DNS — converts names <strong>to</strong> IP addresses) system.<br />
So, how are the peers able <strong>to</strong> locate each other? Well, this can be<br />
achieved in a pure P2P-based architecture (see Figure 16.1) by network<br />
broadcasting and in a P2P-based architecture with a central server (see<br />
Figure 16.2), which is used <strong>to</strong> maintain a list of all the current<br />
Peer<br />
Figure 16.1. — Pure P2P-based architecture<br />
Figure 16.2. — P2P-based architecture using a central server
<strong>B2B</strong> <strong>to</strong> P2P Evolution 473<br />
participating applications and distribute this information <strong>to</strong> all the<br />
requesting applications.<br />
Ability <strong>to</strong> communicate with peers<br />
After an application is able <strong>to</strong> locate the peers, it should be able <strong>to</strong><br />
communicate with them using messages. The communication can be a<br />
request for content, which can be originated by the user or by the<br />
application itself.<br />
Ability <strong>to</strong> share information with other peers<br />
Once the communication is established with other peers, the application<br />
should be able <strong>to</strong> receive and provide information such as content and<br />
data <strong>to</strong> them.<br />
16.2. Leading P2P Pro<strong>to</strong>cols<br />
Some of the leading P2P pro<strong>to</strong>cols are as under:<br />
16.2.1. Jabber<br />
Jabber is an instant messaging and presence notification, open source<br />
XML-based pro<strong>to</strong>col. Since it is platform neutral, Jabber is interoperable<br />
with messaging across both wireless and browser based messaging<br />
services.<br />
The real-time messages are exchanged as XML streams. Jabber's<br />
open XML pro<strong>to</strong>col contains three <strong>to</strong>p level XML elements, which in<br />
turn contain data through attributes and namespaces.<br />
1. — contains messages that are exchanged among Jabber<br />
users;<br />
2. — provides availability information about Jabber entities;<br />
and<br />
3. (info/query) — structures a rudimentary conversation between<br />
any two entities in Jabber and allows them <strong>to</strong> pass XML-formatted<br />
queries and responses back and forth.
474 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
16.2.2. Juxtapose — JXTA<br />
JXTA derives its name from the fact that peer-<strong>to</strong>-peer is juxtaposing <strong>to</strong><br />
client/server or Web-based computing.<br />
JXTA is an open network platform for P2P computing. It provides a<br />
framework and a set of pro<strong>to</strong>cols that standardize the way in which<br />
peers discover, advertise network resources, communicate and cooperate<br />
with each other <strong>to</strong> form secure peer groups. All the functions supported<br />
by JXTA are performed by publishing and exchanging XML messages<br />
among participating peers.<br />
JXTA is independent of programming language. Heterogeneous digital<br />
devices, such as PCs, servers and PDAs, and appliances with completely<br />
different software stacks can interoperate with JXTA pro<strong>to</strong>cols. Moreover,<br />
it is independent of transport pro<strong>to</strong>cols, such as TCP/IP and HTTP, and<br />
can be implemented on <strong>to</strong>p of them.<br />
JXTA architecture<br />
As depicted in the JXTA architecture figure (see Figure 16.3), JXTA is<br />
essentially divided in<strong>to</strong> three layers:<br />
JXTA<br />
Application i<br />
JXTA Community Application<br />
Sun j: TA<br />
Application<br />
3XTA I f SUN indexing<br />
&.„,i— i JXTA Community Services I JKTA 'Searching 1 ' , ,<br />
SerViC ** I I Services *File Sharing 3 Commends .<br />
JXTA<br />
Core<br />
Pea Gioups Peer Pipes Peei Moni<strong>to</strong>nng<br />
Secunt,'<br />
Any tea* on ih« I I Web<br />
Figure 16.3. — JXTA architecture
<strong>B2B</strong> <strong>to</strong> P2P Evolution 475<br />
1. Core Platform — This layer enables interoperability among all<br />
P2P devices. It encapsulates services that are manda<strong>to</strong>ry for P2P<br />
networking, such as peers, peer groups and peer moni<strong>to</strong>ring.<br />
2. Services — This layer encapsulates the non-manda<strong>to</strong>ry but desired<br />
network services, such as searching, indexing and file sharing.<br />
3. Applications — This layer includes P2P applications, such as instant<br />
messaging, content management and delivery.<br />
JXTA pro<strong>to</strong>cols, messages and advertisements<br />
JXTA pro<strong>to</strong>cols are the common threads among JXTA peers. Each<br />
pro<strong>to</strong>col, as defined by JXTA, involves exchange of one or more<br />
messages (based on a pre-defined format) and advertisements among<br />
the peers.<br />
A JXTA message consists of an envelope, which defines fields such<br />
as destination address and source address and a stack, which contains<br />
the body of the message and its relevant information (see Figure 16.4).<br />
An advertisement is an XML-structured document and, therefore,<br />
platform independent, that names, describes and publishes the existence<br />
of a resource, such as a peer, a peer group, a pipe, or a service.<br />
Envelope<br />
Stack of<br />
Messages<br />
9 Ixta:// I Envelope Version<br />
i C«1MIRWeMmBttMaiiaiIIHBIHIHH^iMH«;<br />
Figure 16.4. — JXTA message definition
476 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Example of an advertisement — Peer advertisement<br />
As the name itself indicates, a peer advertisement describes peer<br />
information. It is represented as an XML document that contains peer<br />
information, such as name, peer id, services and properties.<br />
An example of a peer advertisement:<br />
<br />
<br />
Name of the peer <br />
Search Keywords for this Peer <br />
Peer Id <br />
Peer Properties<br />
Service Advertisement<br />
Service Advertisement<br />
Endpoint Advertisement<br />
<br />
The pro<strong>to</strong>cols implemented in JXTA are:<br />
1. Peer Discovery Pro<strong>to</strong>col — It enables a peer <strong>to</strong> find advertisements<br />
on other peers and can be used <strong>to</strong> find any of the peers, peer groups,<br />
or advertisements.<br />
2. Peer Resolver Pro<strong>to</strong>col — It enables a peer <strong>to</strong> send and receive<br />
generic queries <strong>to</strong> search for peers, peer groups, pipes and other<br />
information.<br />
3. Peer Information Pro<strong>to</strong>col — It allows a peer <strong>to</strong> learn about other<br />
peers' capabilities and status.<br />
4. Peer Membership Pro<strong>to</strong>col — It allows a peer <strong>to</strong> obtain group<br />
membership requirements, <strong>to</strong> apply for membership and receive<br />
membership, <strong>to</strong> update an existing membership or application<br />
credential, and finally, <strong>to</strong> cancel a membership or an application<br />
credential.<br />
5. Pipe Binding Pro<strong>to</strong>col — It allows a peer <strong>to</strong> bind a pipe advertisement<br />
<strong>to</strong> a pipe endpoint, thus indicating where messages actually go over<br />
the pipe.
<strong>B2B</strong> <strong>to</strong> P2P Evolution All<br />
6. Peer Endpoint Pro<strong>to</strong>col — It allows a peer <strong>to</strong> ask a peer router for<br />
available routes for sending a message <strong>to</strong> a destination peer.<br />
16.3. Examples of P2P Applications<br />
Below is a brief description of some of the P2P-based applications that<br />
are useful in <strong>B2B</strong> e-<strong>commerce</strong>:<br />
16.3.1. NextPage — NXT 3<br />
NextPage's NXT 3 e-Content Network joins distributed content<br />
management systems, corporate portals, groupware <strong>to</strong>ols, databases and<br />
Web servers in a peer-<strong>to</strong>-peer content network. In this environment,<br />
each content site contributes all or part of its resources <strong>to</strong> the Content<br />
Network, without having <strong>to</strong> move anything <strong>to</strong> a central location.<br />
The NXT 3 platform (see Figure 16.5) includes:<br />
• Integrated search engine, so that users can search and retrieve content<br />
located anywhere across a distributed network;<br />
• Security component for distributed environment, which manages<br />
e-business security policies using Access Control Modules (ACMs),<br />
SSL and RSA data encryption; and<br />
NXT3<br />
Search<br />
Enqkie<br />
Distributed Content<br />
Network Platforms<br />
NXT3<br />
Content<br />
Syndica<strong>to</strong>i<br />
Loral Content<br />
Management .Solution<br />
Nxrs<br />
Content<br />
Adapter*<br />
i<br />
NXT 3<br />
Senility<br />
Services<br />
NXT3<br />
Content<br />
Server<br />
Other Information<br />
Sources<br />
Figure 16.5. — The NXT 3 e-Content platform<br />
(•iniiimvare
478 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
• Content adapters <strong>to</strong> enable direct and P2P integration like adapters<br />
for ODBC compliant databases such as SQL Server, Oracle and<br />
Sybase.<br />
16.3.2. FirstPeer — Professional servant<br />
FirstPeer offers an open platform, person-<strong>to</strong>-person application<br />
development <strong>to</strong>ol, called the Professional Servant. The Professional<br />
Servant manages the interaction among applications and devices on a<br />
direct P2P basis. It extends and builds upon the basics of traditional<br />
DNS, HTTP, XML, XML-RPC and Jabber instant messaging, <strong>to</strong> address<br />
the opportunities in P2P marketplaces and <strong>commerce</strong>.<br />
16.3.3. Groove networks — Groove 1.0<br />
Groove is a peer computing platform designed <strong>to</strong> host a broad range of<br />
peer-<strong>to</strong>-peer applications and business solutions for collaboration —<br />
particularly security and synchronization. The solution enables instant<br />
messaging, live voice, file sharing, free-form drawing and other ways of<br />
working <strong>to</strong>gether.<br />
16.3.4. Gnuetella<br />
Gnuetella is a distributed P2P file sharing system, which does not<br />
require a centralized server. Gnutella allows a user running a Gnutella<br />
client <strong>to</strong> search for and download files from other Gnutella users.<br />
Companies can use it <strong>to</strong> serve files in<strong>to</strong> the intranet from any device on<br />
the network.<br />
16.3.5. Applied MetaComputing — Legion<br />
Applied Meta provides a comprehensive middleware that has a complete<br />
set of capabilities for developing robust P2P and distributed computing<br />
solutions. Their technology provides a scaleable and secure framework<br />
that allows enterprises <strong>to</strong> effectively manage distributed systems, which<br />
include network servers, desk<strong>to</strong>ps, clusters and handheld devices across
<strong>B2B</strong> <strong>to</strong> P2P Evolution 479<br />
geographically dispersed locations. In crux, it enables one <strong>to</strong> build a<br />
system that can encompass multiple organizations, architectures, operating<br />
systems and physical locations.<br />
16.4. Benefits of P2P-Based Applications in<br />
<strong>B2B</strong> <strong>Integration</strong><br />
All enterprises — small, medium and large — can effectively use P2P<br />
applications for several <strong>B2B</strong> related tasks. For instance, buyers can use<br />
P2P networks <strong>to</strong> search and find suppliers, products, etc.; suppliers can<br />
easily distribute their catalog information, complete a <strong>B2B</strong> transaction<br />
with their trading partners and use P2P for effective cus<strong>to</strong>mer relationship<br />
management. Cycle sharing, collaboration, knowledge management and<br />
secondary e-<strong>commerce</strong> are some of the distinct benefits of P2P<br />
Benefits and applications of P2P in <strong>B2B</strong> include:<br />
16.4.1. Collaboration<br />
P2P applications enable internal and external product design and<br />
development groups <strong>to</strong> communicate, share data and work transparently,<br />
over the Internet or behind the firewall. Clients always have access <strong>to</strong><br />
fresh data, which can be s<strong>to</strong>red locally, thereby reducing the network<br />
traffic. P2P-based collaborative environments are very flexible as there<br />
is no need of a central server, any device can act as a peer, and they can<br />
be disassembled as soon as the group goal is achieved.<br />
For instance, Ford will use peer-<strong>to</strong>-peer technology as a way <strong>to</strong><br />
produce more fuel-efficient cars. It plans <strong>to</strong> connect design teams<br />
located in multiple sites that are using different operating systems and<br />
applications, which will save them between $5 million <strong>to</strong> $15 million<br />
per vehicle design program.<br />
16.4.2. Enhanced performance<br />
<strong>B2B</strong> integration requires real-time exchange of data in the form of<br />
messages among the participating companies. P2P-based applications<br />
distribute the resources and computation over the network, thereby<br />
reducing the distances (less latency) for messages and data <strong>to</strong> travel. In
480 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
addition, with the use of a network of computers, businesses can<br />
logically distribute large computational jobs across several computers<br />
and the results can be shared directly among participating peers.<br />
Through the use of computing resources untapped in the past, which<br />
reduce the load on main servers and allow them <strong>to</strong> perform specialized<br />
services, organizations can dramatically lower the processing costs and<br />
speed up the process completion times.<br />
DATASYNAPSE SPREADING THE COMPUTING POWER<br />
DataSynapse helps cus<strong>to</strong>mers harness idle and underused computing<br />
power in their network. They provide a product called WebProc*,<br />
which is a peer-<strong>to</strong>-peer platform for distributing compute-intensive<br />
application processes <strong>to</strong> idle and underutilized resources. The solution<br />
does not discriminate, based on whether the resources are in rackmounted<br />
servers or high-performance desk<strong>to</strong>p PCs. As long as they're<br />
on the enterprise network, WebProc will use them <strong>to</strong> perform<br />
demanding processing tasks.<br />
The solution integrates easily with the corporation's existing<br />
network environment. Employees never notice that WebProc is<br />
working, because it only takes control of a desk<strong>to</strong>p PC when that<br />
PC is idle. Should a worker return <strong>to</strong> his desk during a computation,<br />
WebProc immediately interrupts the processing task and reroutes it <strong>to</strong><br />
another idle system.<br />
The results of the DataSynapse WebProc solution are impressive.<br />
In one installation at a retail banking corporation, where crunching<br />
complex derivatives contracts requires a lot of power, performance<br />
improved by a fac<strong>to</strong>r of 80. Baseline time <strong>to</strong> process 200 trades on an<br />
existing server was 44 minutes. By distributing those computations<br />
across 100 Intel®-based PCs, the job finished in 33 seconds.<br />
Completing such jobs faster is invaluable <strong>to</strong> a financial services<br />
company. It can boost the productivity of traders, allow a bank <strong>to</strong><br />
react more swiftly <strong>to</strong> abrupt economic changes and generally increase<br />
the number of trades a company can conduct. What's more, scaling<br />
Continue on page 481
such a system<br />
incredibly easy.<br />
<strong>to</strong> handle more and more complex<br />
<strong>B2B</strong> <strong>to</strong> P2P Evolution 481<br />
Continued from page 480<br />
calculations is<br />
Source: Condensed from Peer-<strong>to</strong>-Peer — Spreading the computing<br />
power, Intel<br />
16.4.3. Intelligent agents<br />
Peer-<strong>to</strong>-peer computing allows peer networks <strong>to</strong> work <strong>to</strong>gether<br />
dynamically using intelligent software agents, which reside on the peer<br />
nodes. These agents can find and communicate with each other. They<br />
can be used <strong>to</strong> prioritize tasks on a network, change traffic flow, search<br />
for files locally or determine anomalous behavior, such as a virus, and<br />
s<strong>to</strong>p it before it affects the network.<br />
For instance, Sandia Labs' virus protection agents communicate<br />
suspicious behavior <strong>to</strong> other peers on the network and get them all <strong>to</strong><br />
take the necessary action <strong>to</strong> s<strong>to</strong>p the threat.<br />
Another example is that of Consilient, which allows businesses<br />
<strong>to</strong> create intelligent agents that carry out business processes (see<br />
Figure 16.6). The intelligent agents advance a business process by<br />
moving control and data directly between peer clients via personalized<br />
user interfaces. This technology can be used <strong>to</strong> au<strong>to</strong>mate business<br />
processes, such as procurement or other collaborative tasks.<br />
Consilient technology links au<strong>to</strong>mated and manual tasks <strong>to</strong> help<br />
companies and individuals take control of diverse and dynamic processes<br />
that span multiple systems, people and organizations. It allows cus<strong>to</strong>mized<br />
information and tasks <strong>to</strong> be aggregated and distributed <strong>to</strong> the appropriate<br />
individuals within a particular business process. The results are greater<br />
collaboration across extended enterprises and processes that are more<br />
efficient and innovative.<br />
16.4.4. P2P marketplaces<br />
P2P marketplaces eliminate the middleman — a centralized <strong>B2B</strong><br />
e-marketplace — and let buyers and sellers trade directly. They offer
482 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Email Pile Web Page<br />
Detached & Static Content<br />
Task Agents<br />
Clai rfy<br />
Figure 16.6. — Consilient's peer-<strong>to</strong>-peer framework<br />
Ai iba<br />
Application Content<br />
some compelling advantages over the <strong>B2B</strong> exchange based model. First,<br />
and most obvious, they permit companies <strong>to</strong> avoid the fees charged by<br />
e-marketplaces. Second, they reduce the complexity and expense of<br />
networking. It is much easier for a company <strong>to</strong> integrate its internal<br />
information systems with a single P2P program or 'peering portal', than<br />
with a bunch of different exchanges. Finally, while membership among<br />
exchanges is limited, often determined along industry lines, P2P<br />
marketplaces have no bounds.<br />
For example, GnuMarkets is the first dynamic distributed marketplace<br />
available in the peer-<strong>to</strong>-peer industry, where buyers and sellers can buy,<br />
sell and trade items in a secure environment. GnuMarkets uses the<br />
bandwidth, data s<strong>to</strong>rage and CPU of each participant, which eliminates<br />
the need for central servers and lowers costs.<br />
The services offered by a P2P exchange are manifold. The important<br />
ones are <strong>to</strong>:<br />
1. Provide a direc<strong>to</strong>ry service where the track/record of IP addresses of<br />
participants can be maintained;
<strong>B2B</strong> <strong>to</strong> P2P Evolution 483<br />
2. Trace new buyers and sellers;<br />
3. Keep aggregates of all products offered for purchase and catalog<br />
sale;<br />
4. Maintain folders detailing products vis-a-vis prices for comparison;<br />
5. Provide workflow function <strong>to</strong> au<strong>to</strong>mate deal closing procedures<br />
consequent <strong>to</strong> finalization of negotiations; and<br />
6. S<strong>to</strong>re the terms of deals in archives after their consummation.<br />
16.4.5. Information discovery using search engines<br />
Search engines are among the most widely used applications based<br />
on P2P technology. According <strong>to</strong> Forrester research, approximately 2 C<br />
10 E 18 bytes of data is produced in the world every year, out of which<br />
only 3 C 10 E 12 bytes of data is published (i.e. only a single byte out<br />
of every megabyte of information generated is physically published).<br />
Even the most advanced search engines such as Yahoo, Altavista and<br />
Google search only a small fraction of the <strong>to</strong>tal information that is<br />
published. Therefore, current search engines cannot provide up-<strong>to</strong>-date<br />
and precise searches of electronic data like catalogs and industry news<br />
that is increasing at an exponential rate daily.<br />
Search engines are relevant in several aspects of <strong>B2B</strong> e-<strong>commerce</strong>.<br />
For example, buyers can search across suppliers' computers and see<br />
real-time prices. InfraSearch is a typical example of a P2P-based search<br />
engine. Its technology makes it possible for content companies <strong>to</strong> return<br />
more useful results when searched. For example, database-driven sites<br />
can retrieve formatted results from within their databases, which is not<br />
possible with typical search engines.<br />
16.4.6. Eliminate the need for cataloging in<br />
multiple formats<br />
P2P helps in resolving suppliers' problems of publishing, distributing<br />
and maintaining catalog information. It frees them from the hassle of<br />
distributing the catalogs in multiple formats, as expected by <strong>B2B</strong> emarketplaces<br />
and buyers. With P2P-based applications, suppliers have<br />
full control of data format.
484 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
16.5. But the Road is Winding<br />
P2P technology is indeed alluring. But the road <strong>to</strong> designing, developing<br />
and executing P2P-based applications is not a straight one. There are<br />
several major challenges that may hamper its early adoption, especially<br />
in <strong>B2B</strong> applications.<br />
Some of the potential problems with P2P-based architectures in the<br />
light of <strong>B2B</strong>i follow:<br />
16.5.1. Network bandwidth<br />
A critical fac<strong>to</strong>r of the success of peer-<strong>to</strong>-peer technology is the<br />
bandwidth available. If companies use P2P-based applications for <strong>B2B</strong><br />
integration, it may severely slow down their network connections and<br />
hamper the core business activities. By definition, P2P applications<br />
eliminate central servers and create a loose, dynamic network of peers.<br />
For any content retrieval operation, such as a search for a specific item<br />
in a catalog, all the peers in the network are searched, using a lot of<br />
network bandwidth. As this network size increases and becomes more<br />
distributed, it may be affected by poor and slow connections. Further,<br />
as the number of peers searching for content or communicating in the<br />
network increases, the resulting traffic can potentially block the whole<br />
network bandwidth.<br />
For instance, the traffic generated by Gnutella, an open, decentralized,<br />
peer-<strong>to</strong>-peer search system for files, is enormous. A Gnutella search is<br />
broadcast across a network that changes from moment <strong>to</strong> moment,<br />
going from one individual computer <strong>to</strong> four others, from those <strong>to</strong> sixteen<br />
others and so on. The search results are returned along the same<br />
pathway they originally traveled.<br />
16.5.2. Security<br />
The most important feature of the P2P-based application — decentralized,<br />
distributed architecture — is also its weakest link. P2P applications<br />
pose major security threats <strong>to</strong> companies, as by definition the peer<br />
network involves distributing data and computing resources over several<br />
peers. <strong>B2B</strong> applications require communication with external parties,
<strong>B2B</strong> <strong>to</strong> P2P Evolution 485<br />
making it easy <strong>to</strong> break even robust enterprise security features by<br />
passing a bad remote command execution or files containing viruses.<br />
Moreover, these applications require access through the corporate<br />
firewall, which may potentially open up a major security hole in the<br />
firewall that can be exploited maliciously both by internal and external<br />
users.<br />
16.5.3. Complex architectures and<br />
difficult maintenance<br />
The architecture of P2P-based applications for <strong>B2B</strong> integration is<br />
extremely complex as it involves security issues and the use of distributed<br />
resources in an optimal way, making decentralized and independent<br />
systems work as one. Maintenance of such applications is much more<br />
difficult, since it is extremely <strong>to</strong>ugh <strong>to</strong> identify, replicate and fix<br />
application or network related problems.<br />
16.6. Conclusion<br />
P2P, a next-generation computing architecture, is still evolving. P2P<br />
networks are the future — networks based on high speed, with any<br />
electronic device attached <strong>to</strong> them, that do not need any centralized<br />
servers and in which each device acts as a client and a server.<br />
P2P computing represents the next revolution in the <strong>B2B</strong> sphere, as<br />
it will dramatically alter the way businesses communicate, collaborate<br />
and exchange data over the Internet. However, P2P is still in its infancy<br />
and much work still needs <strong>to</strong> be done, as well as many industry<br />
standards and specifications still need <strong>to</strong> be established.
This page is intentionally left blank
Acronyms<br />
1G First Generation.<br />
2G Second Generation.<br />
3G Third Generation.<br />
3GL Third-Generation Language.<br />
4GL Fourth-Generation Language.<br />
AMPS Advanced Mobile Phone System.<br />
ANSI American National Standards Institute.<br />
API Application Programming Interface.<br />
APPC Advanced Program-<strong>to</strong>-Program Communication.<br />
ASCII American Standard Code for Information Interchange.<br />
ASP Application Service Provider.<br />
AUC Authentication Center.<br />
<strong>B2B</strong> Business-To-Business.<br />
<strong>B2B</strong>i Business-To-Business <strong>Integration</strong>.<br />
B2C Business-To-Consumer.<br />
B2E Business-To-Employee.<br />
B2P Business-To-Peer.<br />
BUOW Business Unit Of Work.<br />
C/S Client/Server.<br />
CDMA Code Division Multiple Access.<br />
CDPD Cellular Data Packet Data.<br />
CDR Clinical Data Reposi<strong>to</strong>ry.<br />
CE Compact Edition.<br />
cHTML Compact Hypertext Markup Language.<br />
CIF Catalog Interchange Format.<br />
CMMS Computerized Maintenance Management System.<br />
COM Component Object Model.<br />
487
488 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
CORBA<br />
CPG<br />
CPI-C<br />
CRM<br />
CSS<br />
cXML<br />
DBMS<br />
DC<br />
DCOM<br />
DML<br />
DSOM<br />
EAI<br />
EAM<br />
EBCDIC<br />
ECMA<br />
E-<strong>commerce</strong><br />
EDA/SQL<br />
EDGE<br />
EDI<br />
EDIFACT<br />
EFT<br />
EIP<br />
EPOC<br />
ERP<br />
F&B<br />
FM<br />
GCOS<br />
GPRS<br />
GSM<br />
GUI<br />
HCO<br />
HDML<br />
HL7<br />
HRMS<br />
HTML<br />
The Object Management Group's Common Object Request<br />
Broker Architecture.<br />
Consumer Packaged Goods.<br />
Common Programming Interface for Communications.<br />
Cus<strong>to</strong>mer Relationship Management.<br />
Cus<strong>to</strong>mer Service and Support.<br />
Commerce Extensible Markup Language.<br />
Database Management System.<br />
Distribution Center.<br />
Microsoft's Distributed Component Object Model.<br />
Data Manipulation Language.<br />
IBM's Distributed System Object Model.<br />
Enterprise Application <strong>Integration</strong>.<br />
Enterprise Asset Management.<br />
Extended Binary-Coded Decimal Interchange Code.<br />
European Computer Manufacturer's Script.<br />
Electronic Commerce.<br />
Enterprise Data Access/Structured Query Language.<br />
Enhanced Data Rates for Global Evolution.<br />
Electronic Data Interchange.<br />
Electronic Data Interchange for Administration, Commerce<br />
and Transportation.<br />
Electronic Funds Transfer.<br />
Enterprise Information Portal.<br />
A joint venture between Nokia, Ericsson, Mo<strong>to</strong>rola,<br />
Matsushita, Psion and Symbian for a mobile terminal<br />
operating system (developed by Symbian).<br />
Enterprise Resource Planning.<br />
Food and Beverage.<br />
Frequency Modulation.<br />
General Comprehensive Operating Supervisor.<br />
General Packet Radio System.<br />
Global System For Mobile Communications.<br />
Graphical User Interface.<br />
Health Care Organization.<br />
Handheld Device Markup Language.<br />
Health Level 7.<br />
Human Resources Management System.<br />
Hypertext Markup Language.
HTTP Hyper-Text Transport Pro<strong>to</strong>col.<br />
I/O Input/Output.<br />
IAI Internet Application <strong>Integration</strong>.<br />
IBX Internet Business Exchange.<br />
IDL Interface Definition Language.<br />
IETF Internet Engineering Task Force.<br />
HOP Internet Inter-ORB Pro<strong>to</strong>col.<br />
IM Instant Messaging.<br />
IP Internet Pro<strong>to</strong>col.<br />
IPC Interprocess Communication.<br />
ISP Internet Service Provider.<br />
ISV Independent Software Vendor.<br />
LAN Local Area Network.<br />
LDAP Lightweight Direc<strong>to</strong>ry Access Pro<strong>to</strong>col.<br />
LTL Less Than Truckload.<br />
M-<strong>commerce</strong> Mobile E-Commerce.<br />
MOM Message-Oriented Middleware.<br />
MRO Maintenance, Repair and Operations.<br />
NFS Network File System.<br />
NMT Nordic Mobile Telephone.<br />
OAG Open Applications Group.<br />
OBI Open Buying on the Internet.<br />
ODBC Open Database Connectivity.<br />
OLTP Online Transaction Processing.<br />
OMG Object Management Group. .<br />
00 Object-Oriented.<br />
ORB Object Request Broker.<br />
ORMS Operating Resource Management System.<br />
ORMX Operating Resource Management Exchange.<br />
OS Operating System.<br />
OTM Object Transaction Manager.<br />
P2P Peer-To-Peer.<br />
PC Personal Computer.<br />
PCS Personal Communications System.<br />
PDA Personal Digital Assistant.<br />
PDC Personal Digital Communications.<br />
PIM Personal Information Manager.
490 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
RDF Resource Definition Framework.<br />
RFQ Request For Quote.<br />
RIM Research In Motion.<br />
RMI Remote Method Invocation.<br />
ROI Return On Investment.<br />
RPC Remote Procedure Call.<br />
SCE Supply Chain Execution.<br />
SCIV Supply Chain Inven<strong>to</strong>ry Visibility.<br />
SCM Supply Chain Management.<br />
SCP Supply Chain Planning.<br />
SCS Supply Chain Solutions.<br />
SFA Sales Force Au<strong>to</strong>mation.<br />
SGML Standardized General Markup Language.<br />
SI Systems Integra<strong>to</strong>r.<br />
SIM Subscriber Identification Module.<br />
SKU S<strong>to</strong>ck-Keeping Unit.<br />
SMC Supplier-Managed Content.<br />
SMS Short Message Service.<br />
SNMP Simple Network Management Pro<strong>to</strong>col.<br />
SOAP Simple Object Access Pro<strong>to</strong>col.<br />
SPX/IPX Sequenced Packet Exchange/Internetwork Packet<br />
Exchange.<br />
SQL Structured Query Language.<br />
SSL Secure Sockets Layer.<br />
TACS Total Access Communication System.<br />
TCP/IP Transmission Control Pro<strong>to</strong>col/ Internet Pro<strong>to</strong>col.<br />
TDMA Time Division Multiple Access.<br />
TMS Transportation Management Systems.<br />
TP Transaction Processing.<br />
UNSPSC United Nations Standard Products and Services<br />
Classification.<br />
UP Unwired Planet (Former Name Of Phone.Com).<br />
UPS United Parcel Service.<br />
URL Universal Resource Loca<strong>to</strong>r.<br />
USB Universal Serial Bus.<br />
VAN Value-Added Network.<br />
VoXML Voice Extensible Markup Language.
W3C World Wide Web Coalition.<br />
WAP Wireless Application Pro<strong>to</strong>col.<br />
WDP Wireless Data Pro<strong>to</strong>col.<br />
WML Wireless Markup Language.<br />
WMLScript Scripting Wireless Markup Language.<br />
WTLS Wireless Transmission Layer Security.<br />
xCBL XML Common Business Library.<br />
XML Extensible Markup Language.
This page is intentionally left blank
Appendix A<br />
493
494 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
R^SLTTANET<br />
ungua tranca f or- eBusmess<br />
PIP SPECIFICATION<br />
CLUSTER 2: PRODUCT INTRODUCTION<br />
SEGMENT A: PREPARATION FOR DISTRIBUTION<br />
PIP2A1 : DISTRIBUTE NEW PRODUCT<br />
INFORMATION
Table of Contents<br />
Appendix A 495<br />
1. Document Management 497<br />
1.1. Legal disclaimer 497<br />
1.2. Copyright 497<br />
1.3. Trademarks 497<br />
1.4. Acknowledgments 497<br />
1.5. Prerequisites 497<br />
1.6. Related documents 498<br />
1.7. Document version his<strong>to</strong>ry 498<br />
2. Introduction 499<br />
3. Business Operational View 500<br />
3.1. Business process definition 500<br />
3.2. PIP purpose 501<br />
3.3. PIP business process flow diagram 501<br />
3.4. PIP start state 501<br />
3.5. PIP end states 502<br />
3.6. Partner role descriptions 502<br />
3.7. Business process activity controls 502<br />
3.8. PIP business information 503<br />
3.8.1. PIP business documents 503<br />
3.8.2. Business data entities 504<br />
4. Functional Service View 505<br />
4.1. Network component design 505<br />
4.1.1. Business data entities 505<br />
4.1.2. Network component specification 506<br />
4.2. Business action and business signal specification 506<br />
4.3. Business transaction dialog specification 507<br />
4.3.1. Distribute new product information dialog:<br />
service-service 508<br />
4.3.2. Distribute new product information dialog:<br />
service-service-agent 509<br />
4.3.3. Distribute new product information dialog:<br />
service-agent-service 510
496 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
43.4. Distribute new product resources dialog:<br />
service-service 511<br />
4.3.5. Distribute new product resources dialog:<br />
service-service-ageent 512<br />
4.3.6. Distribute new product resources dialog:<br />
service-agent-service 513<br />
5. Implementation Framework View 515<br />
5.1. Distribute new product information dialog:<br />
service-service 515<br />
5.2. Distribute new product information dialog:<br />
service-service-agent 515<br />
5.3. Distribute new product information dialog:<br />
service-agent-service 516<br />
5.4. Distribute new product resource dialog:<br />
service-service 516<br />
5.5. Distribute new product resource dialog:<br />
service-service-agent 517<br />
5.6. Distribute new product resource dialog:<br />
service-agent-service 517
1. Document Management<br />
1.1. Legal disclaimer<br />
Appendix A 497<br />
The draft specifications set forth herein are for discussion purposes<br />
only. This is a working document and is not intended for commercial<br />
use or public dissemination. Neither RosettaNet nor its members shall<br />
be responsible for any loss resulting from any use of this document or<br />
the specifications herein.<br />
1.2. Copyright<br />
©1999 RosettaNet. All rights reserved. No part of this publication may<br />
be reproduced, s<strong>to</strong>red in a retrieval system, or transmitted, in any form<br />
or by any means, electronic, mechanical, pho<strong>to</strong>copying, recording, or<br />
otherwise, without the prior written permission of the publisher. Printed<br />
in the United States of America.<br />
1.3. Trademarks<br />
In the best effort, all terms mentioned in this document that are known<br />
<strong>to</strong> be trademarks or registered trademarks have been appropriately<br />
recognized in the first occurrence of the term.<br />
1.4. Acknowledgments<br />
This document has been prepared by Edifecs Commerce (http://<br />
www.edifecs.com, http://www.CommerceDesk.com) from requirements<br />
gathered during the cluster/segment workshops and in conformance<br />
with the RosettaNet methodology.<br />
1.5. Prerequisites<br />
The audience should be familiar with the RosettaNet User's <strong>Guide</strong>,<br />
"Understanding a PIP Blueprint." This document can be downloaded<br />
from the RosettaNet EConcert Document Library at the following<br />
web address.
498 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
http://www.rosettanet.org/usersguides/<br />
1.6. Related documents<br />
• Associated PIP Message <strong>Guide</strong>lines (included with PIP Blueprint and<br />
PIP Specification)<br />
• Associated PIP Message Schemas (included with PIP Specification<br />
only)<br />
• RosettaNet Technical Dictionaries<br />
http://www.rosettanet.org/techdictionaries/<br />
• RosettaNet Business Dictionary<br />
http://www.rosettanet.org/businessdictionary/<br />
1.7. Document version his<strong>to</strong>ry<br />
Version Date PIP Specification Development<br />
Release 1.0 14 Nov 1999 RosettaNet: Approved Standard<br />
authorized for publication.<br />
Version unchanged 2 Jun 2000 Edifecs Commerce: Updated URLs<br />
in Prerequisites and Related Docs<br />
sections
2. Introduction<br />
Appendix A 499<br />
A Partner Interface Process (PIP) Specification comprises the following<br />
three views of the eBusiness PIP model.<br />
1. Business Operational View (BOV). Captures the semantics of<br />
business data entities and their flow of exchange between roles as<br />
they perform business activities. The content of the BOV section is<br />
based on the PIP Blueprint document created for RosettaNet's business<br />
community.<br />
2. Functional Service View (FSV). Specifies the network component<br />
services and agents and the interactions necessary <strong>to</strong> execute PIPs.<br />
The FSV includes all of the transaction dialogs in a PIP Pro<strong>to</strong>col.<br />
The purpose of the FSV is <strong>to</strong> specify a PIP Pro<strong>to</strong>col that is<br />
systematically derived from the BOV. The two major components<br />
within the FSV are the network component design and network<br />
component interactions.<br />
3. Implementation Framework View (IFV). Specifies the network<br />
pro<strong>to</strong>col message formats and communications requirements between<br />
peer-pro<strong>to</strong>cols supported by network components in the RosettaNet<br />
Implementation Framework. These messages are exchanged when<br />
software programs execute a PIP; RosettaNet distributes these as<br />
XML Message <strong>Guide</strong>lines.
500 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
3. Business Operational View<br />
3.1. Business process definition<br />
Using this PIP <strong>to</strong> distribute new product information <strong>to</strong> partners in the<br />
supply chain has a number of advantages.<br />
1. The time <strong>to</strong> add new products <strong>to</strong> partner sales catalogs decreases,<br />
and the time <strong>to</strong> prepare for promotion and sales in the supply chain<br />
can be shortened.<br />
2. There is a reduction in the cost of creating and maintaining sales<br />
catalogs and configuration engines.<br />
3. Buyers are notified of new product announcements in a timely<br />
manner so that they can create SKUs (S<strong>to</strong>ck Keeping Units) for<br />
products in time <strong>to</strong> take cus<strong>to</strong>mer orders.<br />
Information is distributed <strong>to</strong> partners as both structured and unstructured<br />
information. Unstructured information is used <strong>to</strong> notify employees (e.g.,<br />
buyers) of new products introduced in<strong>to</strong> the supply chain. A receiving<br />
partner can send this information <strong>to</strong> employees internally using a mail<br />
service or workflow system. Structured information, called resources<br />
(also known as assets), is used <strong>to</strong> replicate product technical information<br />
so that a partner can integrate structured information from all supplier<br />
catalogs in<strong>to</strong> the partner's own electronic catalogs.<br />
Two categories of structured product information are listed below.<br />
1. Sales catalog information typically used <strong>to</strong> promote products <strong>to</strong> nontechnical<br />
cus<strong>to</strong>mers. Sales catalog information can include quantities,<br />
prices and marketing information.<br />
2. Technical specifications that are used <strong>to</strong> promote products <strong>to</strong> technical<br />
products and <strong>to</strong> create content for configuration catalogs. Technical<br />
specifications only comprise the qualitative and quantitative properties.<br />
Product information is typically exchanged with partners who have<br />
subscribed for new announcements.
3.2. PIP purpose<br />
Appendix A 501<br />
The purpose of this PIP is <strong>to</strong> specify the process for distributing new<br />
product information <strong>to</strong> Buyers so that enterprise systems can be<br />
established <strong>to</strong> accept product orders, and for product information users<br />
<strong>to</strong> populate the Buyer's online sales catalogs.<br />
3.3. PIP business process flow diagram<br />
- Product Information Distributior -<br />
Subscription.<br />
DistributionFormat<br />
Unstructured<br />
?<br />
v ~^> What is Distribution Format ?<br />
I Subscription.DistributionFormat<br />
I = Structured<br />
f <br />
I Distribute New Product<br />
_ ~~r<br />
Success Fail<br />
l l<br />
O End Failed O<br />
<br />
Product Resource<br />
Update<br />
\<br />
Distribute New Product )<br />
Information y<br />
Success<br />
I<br />
O<br />
End<br />
Fail<br />
\<br />
G<br />
Failed<br />
3.4. PIP start state<br />
C <br />
Product Resource<br />
[^ Notification<br />
- Product<br />
Information<br />
User-<br />
Process New^<br />
Product<br />
Resources j<br />
Figure 3.1. Distribute new product information<br />
The start state is comprised of the following conditions:<br />
• Distribution address exists.<br />
• New product information exists.<br />
• New product resources exist.<br />
• Buyer -<br />
Process<br />
Product<br />
Information
502 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
3.5. PIP end states<br />
End states are comprised of one or more conditions:<br />
END<br />
• Acknowledgement of receipt exists.<br />
FAILED<br />
• The "Notification of Failure" PIP has been executed. (This a<br />
RosettaNet convention.)<br />
• Acknowledgement of receipt does not exist.<br />
3.6. Partner role descriptions<br />
Table 3.1 describes the activities performed by each role in this PIP.<br />
Role Name<br />
Product Information<br />
Distribu<strong>to</strong>r<br />
Product Information<br />
User<br />
Buyer<br />
Table 3.1. Partner role descriptions<br />
Role Description<br />
The partner role that distributes new<br />
product information <strong>to</strong> product<br />
information users and buyers.<br />
The partner role that uses received<br />
product information <strong>to</strong> create online sales<br />
catalogs.<br />
An employee that buys products for a<br />
partner type in the supply chain.<br />
3.7. Business process activity controls<br />
Role Type<br />
Organizational<br />
Organizational<br />
Functional<br />
Table 3.2 describes the interaction contract between roles performing<br />
business activities in this PIP.<br />
Table 3.3 details the security, audit and process controls relating <strong>to</strong><br />
activities performed in the PIP.
Role<br />
Name<br />
Product<br />
Information<br />
Distribu<strong>to</strong>r<br />
Product<br />
Information<br />
Distribu<strong>to</strong>r<br />
Role<br />
Name<br />
Product<br />
Information<br />
Distribu<strong>to</strong>r<br />
Product<br />
Information<br />
Distribu<strong>to</strong>r<br />
Activity Name<br />
Distribute New<br />
Product<br />
Information<br />
Distribute New<br />
Product<br />
Resources<br />
Table 3.2. Business activity descriptions<br />
Activity Description<br />
Activity distributes new<br />
product information <strong>to</strong><br />
buyers in the supply<br />
chain.<br />
Activity distributes new<br />
product resources <strong>to</strong><br />
product information users<br />
in the supply chain.<br />
Preconditions<br />
Distribution<br />
address is<br />
provided.<br />
New product<br />
information is<br />
provided.<br />
Distribution<br />
address is<br />
provided.<br />
New product<br />
resources are<br />
provided.<br />
Table 3.3. Business activity performance controls<br />
Activity<br />
Name<br />
Distribute<br />
New Product<br />
Resources<br />
Distribute<br />
New Product<br />
Information<br />
Acknowledgment<br />
of Receipt<br />
Non-Repudiation<br />
Required?<br />
N<br />
N<br />
Time <strong>to</strong><br />
Acknowledge<br />
2hr<br />
2hr<br />
3.8. PIP business information<br />
3.8.1. PIP business documents<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Perform<br />
2hr<br />
2hr<br />
Retry Count<br />
3<br />
3<br />
Appendix A 503<br />
Post-Conditions<br />
Acknowledgement<br />
of receipt is<br />
received.<br />
Acknowledgement<br />
of receipt is<br />
received.<br />
Is Authorization<br />
Required?<br />
N<br />
N<br />
Non-Repudiation<br />
of Origin and'<br />
Content?<br />
Business documents listed in Table 3.4 are exchanged by roles performing<br />
activities in this PIP. The business documents can be downloaded from<br />
N<br />
N
504 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Business Document<br />
Product Resource Update<br />
Product Information Notification<br />
Table 3.4. PIP business documents<br />
Description<br />
A product resource update contains structured<br />
technical information or sales catalog<br />
information for updating online sales catalogs<br />
and enterprise systems.<br />
A product information notification contains<br />
unstructured sales catalog information.<br />
the RosettaNet business document reposi<strong>to</strong>ry using the Uniform Resource<br />
Loca<strong>to</strong>r (URL) specified in Section 1.6, 'Related Documents'.<br />
3.8.2. Business data entities<br />
The business data entities, fundamental business data entities, and<br />
global identifying properties can be found in the RosettaNet business<br />
dictionary using the URL specified in Section 1.6, 'Related Documents'.<br />
Business data entity security<br />
There are no security controls specified for this PIR
4. Functional Service View<br />
Appendix A 505<br />
The two major components in the FSV are the network component<br />
design and possible network component interactions, listed in Sections<br />
4.1 and 4.3.<br />
4.1. Network component design<br />
A network component design specifies the network components necessary<br />
<strong>to</strong> execute the PIP and the network component collaboration. A network<br />
component design is comprised of Agent components and Business<br />
Service components that enable roles <strong>to</strong> perform business activities in a<br />
networked environment. Network components collaborate by exchanging<br />
business action messages and business signal messages.<br />
4.1.1. Network component collaboration<br />
Figure 4.1 specifies the network components and their message exchange.<br />
Buyer<br />
Product Information<br />
Distribu<strong>to</strong>r<br />
1. Product Information 2. Product Resource<br />
Notification Update<br />
Product Information<br />
User<br />
Figure 4.1. — Distribute new product information
506 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
4.1.2. Network component specification<br />
Each network component maps on<strong>to</strong> a role in the BOV of the PIP<br />
model. Table 4.1 specifies the mapping between roles in the BOV and<br />
network components in the FSV.<br />
4.2. Business action and business signal specification<br />
Each business action maps on<strong>to</strong> a Business Document in the BOV of<br />
the PIP model. Table 4.2 specifies the mapping between Business<br />
Documents in the BOV and business actions in the FSV.<br />
Network Component<br />
in FSV<br />
Buyer Agent<br />
Buyer Service<br />
Product Information<br />
User Agent<br />
Product Information<br />
User Service<br />
Product Information<br />
Distribu<strong>to</strong>r Agent<br />
Product Information<br />
Distribu<strong>to</strong>r Service<br />
Table 4.1. Network component specification<br />
Classification<br />
Agent<br />
Business Service<br />
Agent<br />
Business Service<br />
Agent<br />
Business Service<br />
Buyer<br />
Buyer<br />
Maps <strong>to</strong> Role in BOY<br />
Product Information User<br />
Product Information User<br />
Product Information Distribu<strong>to</strong>r<br />
Product Information Distribu<strong>to</strong>r<br />
Table 4.2. Business action — business document mapping<br />
Business Action in FSV<br />
Product Information Notification Action<br />
Product Resource Update Action<br />
Maps To Business Document<br />
in BOV<br />
Product Information Notification<br />
Product Resource Update
4.3. Business transaction dialog specification<br />
Appendix A 507<br />
Each business activity between roles in the BOV is specified as a<br />
business transaction dialog between network components. There are<br />
two fundamental network components modeled in the Functional Service<br />
View.<br />
1. Service network component. Implements pro<strong>to</strong>cols that include the<br />
service layer, transaction and action layer. A service has 'network<br />
identity' as a business service. The service has an identity URI that<br />
can be registered in direc<strong>to</strong>ries and used for component communication<br />
in a distributed computer system.<br />
2. Agent network component. Implements pro<strong>to</strong>cols that include the<br />
action layer and the agent layer. There is no service layer or transaction<br />
layer.<br />
The FSV allows the following network component interaction<br />
configurations.<br />
1. Agent-Service interaction configuration. An agent can request<br />
service from a service component and a service can respond <strong>to</strong> the<br />
request. Agents cannot respond <strong>to</strong> requests for service.<br />
2. Service-Service interaction configuration. There can be any number<br />
of services between end-point services, but no agents. Services both<br />
provide services <strong>to</strong> agents and other requesting services as well as<br />
requesting services for other services.<br />
3. Agent-Agent interaction configuration. One agent can transfer an<br />
action <strong>to</strong> another agent.<br />
From these three interaction configurations it is possible <strong>to</strong> derive three<br />
additional network-component configurations specific <strong>to</strong> a trading partner<br />
agreement.<br />
1. Service-Agent-Service interaction configuration. Services interact<br />
using two or more agents as a bridge. This configuration is typical in<br />
configurations where the two services do not know each other's<br />
identity, or when an employee must include additional private<br />
information <strong>to</strong> an action that is sent <strong>to</strong> another service.
508 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
2. Service-Service-Agent interaction configuration. The second service<br />
acts as a mailbox for the agent.<br />
3. Agent-Service-Service interaction configuration. A service-<strong>to</strong>service<br />
transaction is a sub-transaction of a larger agent-service<br />
transaction.<br />
The rest of Section 4.3 specifies the network component configurations<br />
possible for this PIP. Each figure specifies the message exchange<br />
sequence as network components collaborate <strong>to</strong> execute this PIP. Each<br />
table shows the properties for each of the messages exchanged by the<br />
interactions in the corresponding figure.<br />
4.3.1. Distribute new product information dialog:<br />
service-service<br />
Product Information<br />
Distribu<strong>to</strong>r Service<br />
1. request (ProductlnformationNotificationAction)<br />
1.1 signal (ReceiptAcknowledgement)<br />
Buyer Service<br />
Figure 4.2. — Distribute new product information interactions: service-service
Appendix A 509<br />
Table 4.3. Message exchange controls — distribute new product information<br />
1.<br />
#<br />
1.1<br />
Name<br />
Product<br />
Information<br />
Notification<br />
Action<br />
Receipt<br />
Acknowledgement<br />
Time <strong>to</strong> Acknowledge<br />
Receipt Signal<br />
2hr<br />
N/A<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance Signal<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Respond <strong>to</strong><br />
Action<br />
N/A<br />
N/A<br />
Included in Time <strong>to</strong><br />
Perform<br />
Y<br />
Y<br />
Is Authorization<br />
Required?<br />
4.3.2. Distribute new product information dialog:<br />
service-service-agent<br />
Product Information<br />
Distribu<strong>to</strong>r Service<br />
1. request (ProductlnformationNotificationAction)<br />
• 2.<br />
1.1 signal (ReceiptAcknowledgement)<br />
N<br />
N<br />
Is Non-Repudiation<br />
Required?<br />
N<br />
N<br />
Is Secure Transport<br />
Required<br />
Buyer Service Buyer Agent<br />
callTxn()<br />
2.1. return()<br />
Figure 4.3. — Distribute new product information interactions: service-serviceagent<br />
0<br />
Y<br />
Y
510 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Table 4.4. Message exchange controls — distribute new product information<br />
1.<br />
#<br />
1.1<br />
Name<br />
Product<br />
Information<br />
Notification<br />
Action<br />
Receipt<br />
Acknowledgement<br />
Time <strong>to</strong> Acknowledge<br />
Receipt Signal<br />
2hr<br />
N/A<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance Signal<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Respond <strong>to</strong><br />
Action<br />
N/A<br />
N/A<br />
Included in Time <strong>to</strong><br />
Perform<br />
Y<br />
Y<br />
Is Authorization<br />
Required?<br />
4.3.3. Distribute new product information dialog:<br />
service-agent-service<br />
Product Information<br />
Distribu<strong>to</strong>r Service<br />
1. callTnx()<br />
1.1 return<br />
(Productlnformation<br />
NotificationAction)<br />
Product Information<br />
Distribu<strong>to</strong>r Agent<br />
1.1.1. transfer<br />
(Productlnformation<br />
NotificationAction)<br />
1.1.1.1.1. signal<br />
(ReciptAcknowledgement)<br />
Buyer Agent<br />
N<br />
N<br />
Is Non-Repudiation<br />
Required?<br />
1.1.1.1. request<br />
(Productlnformation<br />
NotificationAction)<br />
N<br />
N<br />
Is Secure Transport<br />
Required<br />
Y<br />
Y<br />
Buyer Service<br />
Figure 4.4. — Distribute new product information interactions: service-serviceagent
Appendix A 511<br />
Table 4.5. Message exchange controls — distribute new product information<br />
1.1<br />
#<br />
1.1.1.<br />
1.1.1.1.<br />
1.1.1.1.1.<br />
Name<br />
Product<br />
Information<br />
Notification<br />
Action<br />
Product<br />
Information<br />
Notification<br />
Action<br />
Product<br />
Information<br />
Notification<br />
Action<br />
Receipt<br />
Acknowledgement<br />
Time <strong>to</strong> Acknowledge<br />
Receipt Signal<br />
2hr<br />
N/A<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance Signal<br />
N/A<br />
N/A<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Respond <strong>to</strong><br />
Action<br />
N/A<br />
N/A<br />
N/A<br />
N/A<br />
Included in Time <strong>to</strong><br />
Perform<br />
Y<br />
Y<br />
Y<br />
Y<br />
Is Authorization<br />
Required?<br />
4.3.4. Distribute new product resources dialog:<br />
service-service<br />
N/A<br />
N/A<br />
N<br />
N<br />
Is Non-Repudiation<br />
Required?<br />
N/A<br />
N/A<br />
N<br />
N<br />
Is Secure Transport<br />
Required<br />
Figure 4.5. — Distribute new product resources interactions: service-service<br />
Y<br />
Y<br />
Y<br />
Y
512 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Table 4.6. Message exchange controls — distribute new product resources<br />
1.<br />
#<br />
1.1<br />
Name<br />
Product<br />
Resource<br />
Update Action<br />
Receipt<br />
Acknowledgement<br />
Time <strong>to</strong> Acknowledge<br />
Receipt Signal<br />
2hr<br />
N/A<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance Signal<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Respond <strong>to</strong><br />
Action<br />
N/A<br />
N/A<br />
Included in Time <strong>to</strong><br />
Perform<br />
Y<br />
Y<br />
Is Authorization<br />
Required?<br />
4.3.5. Distribute new product resources dialog:<br />
service-service-agent<br />
Product Information Distribu<strong>to</strong>r<br />
Service<br />
1. rpquest(:ProductResourceUpdateActiori)<br />
1.|1. signal( :ReceiptAcknowledgementj)<br />
N<br />
N<br />
Is Non-Repudiation<br />
Required?<br />
N<br />
N<br />
Is Secure Transport<br />
Required<br />
: Product Information User I : Product Information<br />
Service j User Agent<br />
2. callTxn()<br />
2.1. returnQ<br />
Figure 4.6. — Distribute new product resources interaction: service-serviceagent<br />
^<br />
Y<br />
Y
Appendix A 513<br />
Table 4.7. Message exchange controls — distribute new product resources<br />
1.<br />
#<br />
1.1<br />
Name<br />
Product<br />
Resource<br />
Update Action<br />
Receipt<br />
Acknowledgement<br />
Time <strong>to</strong> Acknowledge<br />
Receipt Signal<br />
•<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance Signal<br />
2hr<br />
N/A<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Respond <strong>to</strong><br />
Action<br />
N/A<br />
N/A<br />
Included in Time <strong>to</strong><br />
Perform<br />
Y<br />
Y<br />
Is Authorization<br />
Required?<br />
4.3.6. Distribute new product resources dialog:<br />
service-agent-service<br />
-. Product Information Distribu<strong>to</strong>r : Product Informati<br />
Agent<br />
r<br />
.: Product Information •<br />
User Agent .<br />
N<br />
N<br />
Is Non-Repudiation<br />
Required?<br />
N<br />
N<br />
Is Secure Transport<br />
Required<br />
Y<br />
Y<br />
: Produci Informati<br />
User Service<br />
1.1. return(:ProductResourceUpdateActii<br />
1. transfer(:ProductResourceUpdati[Action)<br />
p.- , 1.1.1.1. request(:ProductfiesourceUpdi iteAction)<br />
1.1.1.1.1. signal(:ReceiptAcknowledgement)<br />
Figure 4.7. — Distribute new product resources interations: service-serviceagent
514 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Table 4.8. Message exchange controls — distribute new product resources<br />
1.1<br />
#<br />
1.1.1.<br />
1.1.1.1.<br />
1.1.1.1.1.<br />
Name<br />
Product<br />
Resource<br />
Update Action<br />
Product<br />
Resource<br />
Update Action<br />
Product<br />
Resource<br />
Update Action<br />
Receipt<br />
Acknowledgement<br />
Time <strong>to</strong> Acknowledge<br />
Receipt Signal<br />
2hr<br />
N/A<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Acknowledge<br />
Acceptance Signal<br />
N/A<br />
N/A<br />
N/A<br />
N/A<br />
Time <strong>to</strong> Respond <strong>to</strong><br />
Action<br />
N/A<br />
N/A<br />
N/A<br />
N/A<br />
Included in Time <strong>to</strong><br />
Perform<br />
Y<br />
Y<br />
Y<br />
Y<br />
Is Authorization<br />
Required?<br />
N/A<br />
N/A<br />
N<br />
N<br />
Is Non-Repudiation<br />
Required?<br />
N/A<br />
N/A<br />
N/A<br />
N<br />
Is Secure Transport<br />
Required<br />
Y<br />
Y<br />
Y<br />
Y
5. Implementation Framework View<br />
Appendix A 515<br />
The tables in Section 5 specify the business messages and their<br />
communications requirements for executing this PIP.<br />
5.1. Distribute new product information dialog:<br />
service-service<br />
1.<br />
1.1<br />
#<br />
Table 5.1. Business message and communications specification<br />
Business Message <strong>Guide</strong>line<br />
Product Information Notification <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
5.2. Distribute new product information dialog:<br />
service-service-agent<br />
1.<br />
1.1<br />
#<br />
Digital Signature<br />
Required?<br />
Table 5.2. Business message and communications specification<br />
Business Message <strong>Guide</strong>line<br />
Product Information Notification <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
N<br />
Y<br />
Digital Signature<br />
Required?<br />
Y<br />
Y<br />
SSL Required?<br />
Y<br />
Y<br />
SSL Required?<br />
Y<br />
Y
516 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
5.3. Distribute new product information diaiog:<br />
service-agent-service<br />
1.<br />
2.<br />
3.<br />
4.<br />
#<br />
Table 5.3. Business message and communications specification<br />
Business Message <strong>Guide</strong>line<br />
Product Information Notification <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
Product Information Notification <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
5.4. Distribute new product resource dialog:<br />
service-service<br />
1.<br />
1.1<br />
#<br />
Digital Signature<br />
Required?<br />
Table 5.4. Business message and communications specification<br />
Business Message <strong>Guide</strong>line<br />
Product Information Notification <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
Y<br />
Y<br />
Y<br />
Y<br />
Digital Signature<br />
Required?<br />
Y<br />
Y<br />
K; SSL Required?<br />
1<br />
Y<br />
Y<br />
Y<br />
SSL Required?<br />
Y<br />
Y
5.5. Distribute new product resource dialog:<br />
service-service-agent<br />
1.<br />
1.1<br />
#<br />
Appendix A 517<br />
Table 5.5. Business message and communications specification<br />
Business Message <strong>Guide</strong>line<br />
Product Resource Update <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
5.6. Distribute new product resource dialog:<br />
service-agent-service<br />
1.<br />
2.<br />
3.<br />
4.<br />
#<br />
Digital Signature<br />
Required?<br />
Table 5.6. Business message and communications specification<br />
Business Message <strong>Guide</strong>line<br />
Product Resource Update <strong>Guide</strong>line<br />
Receipt Resource Update <strong>Guide</strong>line<br />
Product Resource Update <strong>Guide</strong>line<br />
Receipt Acknowledgement <strong>Guide</strong>line<br />
Y<br />
Y<br />
Digital Signature<br />
Required?<br />
Y<br />
Y<br />
Y<br />
Y<br />
SSL Required?<br />
Y<br />
Y<br />
SSL Required?<br />
Y<br />
Y<br />
Y<br />
Y
This page is intentionally left blank
Appendix B<br />
519
520 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
© COPYRIGHT 2000 BY ARIBA, INC., INTERNATIONAL BUSINESS MACHINES CORPORATION<br />
AND MICROSOFT CORPORATION.<br />
ALL RIGHTS RESERVED.<br />
UDDI Technical White<br />
Paper<br />
September 6, 2000<br />
SEPTEMBER 6, 2000 PAGE 1<br />
© COPYRIGHT 2000 BY ARIBA, INC., INTERNATIONAL BUSINESS MACHINES CORPORATION<br />
AND MICROSOFT CORPORATION.<br />
ALL RIGHTS RESERVED.
Appendix B 521<br />
Note: Only parts of the paper have been reproduced verbatim here. The<br />
contents have been formatted <strong>to</strong> be consistent with the book style.<br />
Technical Overview<br />
The Universal Description, Discovery and <strong>Integration</strong> (UDDI)<br />
specifications consist of an XML schema for SOAP messages, and a<br />
description of the UDDI API specification. Together, these form a base<br />
information model and interaction framework that provides the ability<br />
<strong>to</strong> publish information about a broad array of Web services.<br />
Four Information Types<br />
The core information model used by the UDDI registries is defined in<br />
an XML schema. XML was chosen because it offers a platform-neutral<br />
view of data and allows hierarchical relationships <strong>to</strong> be described in a<br />
natural way. The emerging XML schema standard was chosen because<br />
of its support for rich data types as well as its ability <strong>to</strong> easily describe<br />
and validate information based on information models represented in<br />
schemas.<br />
The UDDI XML schema defines four core types of information that<br />
provide the kind of information that a technical person would need <strong>to</strong><br />
know in order <strong>to</strong> use a partner's Web services. These are: business<br />
information; service information, binding information; and information<br />
about specifications for services.<br />
The information hierarchy and the key XML element names that are<br />
used <strong>to</strong> describe and discover information about Web services are<br />
shown in Figure 1.<br />
Business Information: The businessEntity Element<br />
Many partners will need <strong>to</strong> be able <strong>to</strong> locate information about your<br />
services and will have as starting information a small set of facts about<br />
your business. Technical staff, programmers or application programs<br />
themselves will know either your business name or perhaps your business<br />
name and some key identifiers, as well as optional categorization and
522 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
BusinessEntity: Information about the<br />
party who publishes information about a<br />
service<br />
businessService: Descriptive<br />
information about a particular<br />
family of technical services<br />
M<br />
bindngTempi ate: Technical<br />
information about a service entry<br />
point and construction ^Dedications<br />
Figure 1. —<br />
| tModei: Descriptions of specifications<br />
' fo r se rvices o r taxon om i es. Ba sis for<br />
techn ica I fi n gerp rints<br />
bindingTemplate data contains references<br />
<strong>to</strong>tModels, These references designate the<br />
interface specifieationsfor a service.<br />
contact information. The core XML elements for supporting, publishing<br />
and discovering information about a business — the UDDI Business<br />
Registration — are contained in a structure named 'businessEntity.'<br />
This structure serves as the <strong>to</strong>p-level information manager for all of the<br />
information about a particular set of information related <strong>to</strong> a business<br />
unit.<br />
The overall businessEntity information includes support for 'yellow<br />
pages' taxonomies, so that searches can be performed <strong>to</strong> locate businesses<br />
who service a particular industry or product category, or who are<br />
located within a specific geographic region.<br />
Service Information: The businessService and<br />
bindingTemplate Elements<br />
Technical and business descriptions of Web services — the 'green<br />
pages' data — live within substructures of the businessEntity information.<br />
Two structures are defined: businessService and bindingTemplate. The<br />
businessService structure is a descriptive container that is used <strong>to</strong> group<br />
a series of related Web services related <strong>to</strong> either a business process or<br />
category of services. Examples of business processes that would include<br />
related Web service information include purchasing services, shipping<br />
services, and other high-level business processes.
Appendix B 523<br />
These businessService information sets can each be further categorized<br />
— allowing Web service descriptions <strong>to</strong> be segmented along combinations<br />
of industry, product and service or geographic category boundaries.<br />
Within each businessService live one or more technical Web service<br />
descriptions. These contain the information that is relevant for application<br />
programs that need <strong>to</strong> connect <strong>to</strong> and then communicate with a remote<br />
Web service. This information includes the address <strong>to</strong> make contact<br />
with a Web service, as well as support for option information that can<br />
be used <strong>to</strong> describe both hosted services and services that require<br />
additional values <strong>to</strong> be discovered prior <strong>to</strong> invoking a service. Additional<br />
features are defined that allow for complex routing options such as load<br />
balancing.<br />
Specification Pointers and Technical Fingerprints<br />
The information required <strong>to</strong> actually invoke a service is described in the<br />
information element named bindingTemplate. This was described in the<br />
previous section. However, it is not always enough <strong>to</strong> simply know<br />
where <strong>to</strong> contact a particular Web service. For instance, if I know that a<br />
business partner has a Web service that lets me send them a purchase<br />
order, knowing the URL for that service is not very useful unless I<br />
know a great deal about what format the purchase order should be sent<br />
in, what pro<strong>to</strong>cols are appropriate, what security is required, and what<br />
form of response will result after sending the purchase order. Integrating<br />
all parts of two systems that interact via Web services can become<br />
quite complex.<br />
As a program or programmer interested in specific Web services,<br />
information about compatibility with a given specification is required <strong>to</strong><br />
make sure that the right Web service is invoked for a particular need.<br />
For this reason, each bindingTemplate element contains a special element<br />
that is a list of references <strong>to</strong> information about specifications. Used as<br />
an opaque set of identifiers, these references form a technical fingerprint<br />
that can be used <strong>to</strong> recognize a Web service that implements a particular<br />
behavior or programming interface.<br />
In our purchase order example, the Web service that accepts the<br />
purchase order exhibits a set of well-defined behaviors if the proper<br />
document format is sent <strong>to</strong> the proper address in the right way. A UDDI
524 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
registration for this service would consist of an entry for the business<br />
partner, a logical service entry that describes the purchasing service,<br />
and a bindingTemplate entry that describes the purchase order service<br />
by listing its URL and a reference <strong>to</strong> a tModel.<br />
These references are actually the keys that can be used <strong>to</strong> access<br />
information about a specification. Called 'tModels,' this information<br />
is metadata about a specification, including its name, publishing<br />
organization, and URL pointers <strong>to</strong> the actual specifications themselves.<br />
In our example, the tModel reference found in the bindingTemplate is a<br />
pointer <strong>to</strong> information about the specifics of this purchase order Web<br />
service. The reference itself is a pledge by the company that exposes<br />
the Web service that they have implemented a service that is compatible<br />
with the tModel that is referenced. In this way, many companies can<br />
provide Web services that are compatible with the same specifications.<br />
The Programmer's API<br />
The UDDI specifications include definitions for Web service interfaces<br />
that allow programmatic access <strong>to</strong> the UDDI registry information. The<br />
full definition of the programmer's API is found in the Programmer's<br />
API Specification document. The API capabilities are briefly discussed<br />
below. The API is divided in<strong>to</strong> two logical parts. These are the Inquiry<br />
API and the Publishers' API. The Inquiry API is further divisible in<strong>to</strong><br />
two parts — one part used for constructing programs that let you search<br />
and browse information found in a UDDI registry, and another part that<br />
is useful in the event that Web service invocations experience failures.<br />
Programmers can use the Publishers API <strong>to</strong> create rich interfaces for<br />
<strong>to</strong>ols that interact directly with a UDDI registry, letting a technical<br />
person manage the information published about either a businessEntity<br />
or a tModel structure.<br />
Built on SOAP<br />
The Simple Object Access Pro<strong>to</strong>col (SOAP) is a W3C draft note<br />
describing a way <strong>to</strong> use XML and HTTP <strong>to</strong> create an information<br />
delivery and remote procedure mechanism. Several companies, including
Appendix B 525<br />
IBM, Microsoft, DevelopMen<strong>to</strong>r and Userland Software, submitted<br />
this draft note <strong>to</strong> the W3C for the purpose of, among other things,<br />
standardizing RPC (simple messaging) conventions on the World Wide<br />
Web. In its current state, the draft note describes a specification that is<br />
useful for describing a Web service. The companies that collaborated<br />
on UDDI decided <strong>to</strong> base the UDDI APIs on this SOAP specification.<br />
The specifics of how SOAP and XML are used by UDDI registry<br />
Opera<strong>to</strong>rs are defined in the appendices in the API specification itself.<br />
All of the API calls defined by the UDDI Programmer's API<br />
Specification behave synchronously — and all of the distributed UDDI<br />
registry Opera<strong>to</strong>r Sites support all of the calls described in the<br />
Programmer's API Specification.<br />
The Inquiry API<br />
The Inquiry API consists of two types of calls that let a program<br />
quickly locate candidate businesses, Web services and specifications,<br />
and then drill in<strong>to</strong> specifics based on overview information provided in<br />
initial calls. The APIs named fi.nd._xx provide the caller with a broad<br />
overview of registration data based on a variety of search criteria.<br />
Alternately, if the actual keys of specific data are known ahead of time,<br />
up <strong>to</strong> date copies of a particular structure (e.g., businessEntity,<br />
businessService, bindingTemplate, tModel) can be retrieved in full via a<br />
direct call. These direct calls are called the get_xx APIs.<br />
The UDDI Invocation Model<br />
Each individually advertised Web service is modeled in a<br />
bindingTemplate structure. Invocation of a Web service is typically<br />
performed based on cached bindingTemplate data. With this in mind,<br />
the general scenario for using UDDI becomes clear when you consider<br />
the preparation required <strong>to</strong> write a program that uses a specific Web<br />
service. The following outlines these steps:<br />
1. The programmer, chartered <strong>to</strong> write a program that uses a remote<br />
Web service, uses the UDDI business registry (either via a Web<br />
interface or other <strong>to</strong>ol that uses the Inquiry API) <strong>to</strong> locate the
526 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
businessEntity information registered by or for the appropriate business<br />
partner that is advertising the Web service.<br />
2. The programmer either drills down for more detail about a<br />
businessService or requests a full businessEntity structure. Since<br />
businessEntity structures contain all information about advertised<br />
Web services, the programmer selects a particular bindingTemplatelO<br />
and saves this for later use.<br />
3. The programmer prepares the program based on the knowledge of<br />
the specifications for the Web service. This information may be<br />
obtained by using the tModel key information contained in the<br />
bindingTemplate for a service.<br />
4. At runtime, the program invokes the Web service as planned, using<br />
the cached bindingTemplate information (as appropriate). In general,<br />
assuming the remote Web service and the calling program each<br />
accurately implement the required interface conventions (as defined<br />
in the specification referenced in the tModel information), the calls<br />
<strong>to</strong> the remote service will function successfully. The special case of<br />
failures and recovery is outlined next.<br />
Recovery After Remote Web Service Call Failure<br />
One of the key benefits of maintaining information about Web services<br />
in a distributed UDDI Registry is the 'self service' capability provided<br />
<strong>to</strong> technical personnel. The steps in the previous section outlined the<br />
tasks that the programmer is able <strong>to</strong> accomplish using the information<br />
found in the UDDI registry.<br />
This is all fine and well, but additional benefits are possible. These<br />
benefits of using a distributed UDDI registry with information hosted at<br />
an Opera<strong>to</strong>r Site are manifested in disaster recovery scenarios.<br />
Web services businesses using Web services <strong>to</strong> do <strong>commerce</strong> with<br />
their partners need <strong>to</strong> be able <strong>to</strong> detect and manage communication<br />
problems or other failures. A key concern is the inability <strong>to</strong> predict,<br />
detect, or recover from failures within the systems of the remote<br />
partner. Even simple situations, such as temporary outages caused by<br />
nightly maintenance or back-ups can make the decision <strong>to</strong> migrate <strong>to</strong><br />
Web services difficult.
Appendix B 527<br />
On the other hand, if you are the company that makes direct Web<br />
service connections possible, disaster recovery and the ability <strong>to</strong> migrate<br />
all of your business partners <strong>to</strong> a back-up system are prime concerns.<br />
UDDI starts <strong>to</strong> address these 'quality of service' issues by defining a<br />
calling convention that involves using cached bindingTemplate<br />
information, and when failures occur, refreshing the cached information<br />
with current information from a UDDI Web registry. The steps for this<br />
convention are as follows:<br />
1. Prepare program for Web service, caching the required<br />
bindingTemplate data for use at run-time.<br />
2. When calling the remote Web service, use the cached bindingTemplate<br />
data that was obtained from a UDDI Web registry.<br />
3. If the call fails, use the bindingKey value and the get_bindingTemplate<br />
API call <strong>to</strong> get a fresh copy of a bindingTemplate for this unique<br />
Web service.<br />
4. Compare the new information with the old — if it is different, retry<br />
the failed call. If the retry succeeds, replace the cached data with the<br />
new data.<br />
Behind the scenes, when a business needs <strong>to</strong> redirect traffic <strong>to</strong> a new<br />
location or backup system, they only need <strong>to</strong> activate the backup system<br />
and then change the published location information for the affected<br />
bindingTemplates. This approach is called retry on failure and is more<br />
efficient than getting a fresh copy of bindingTemplate data prior <strong>to</strong><br />
each call.<br />
The Publication API<br />
The Publication API consists of four sove_xx functions and four delete_xx<br />
functions, one each for the four key UDDI data structures (businessEntity,<br />
businessService, bindingTemplate, tModel). Once authorized, an individual<br />
party can register any number of businessEntity or tModel information<br />
sets, and can alter information previously published. The API<br />
design model is simple — changes <strong>to</strong> specific related information can<br />
be made and new information saved using save. Complete structure<br />
deletion is accommodated by the delete calls.
528 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Security: Identity and Authorization<br />
The key operating principal for the UDDI Publishers' API is <strong>to</strong> only<br />
allow authorized individuals <strong>to</strong> publish or change information within<br />
the UDDI business registry. Each of the individual implementations of<br />
the distributed UDDI business registry maintains a unique list of<br />
authorized parties and tracks which businessEntity or tModel data was<br />
created by a particular individual. Changes and deletions are only<br />
allowed if a change request (via API call) is made by the same<br />
individual who created the affected information.<br />
Each instance of a UDDI business registry, called an Opera<strong>to</strong>r Site,<br />
is allowed <strong>to</strong> define its own end user authentication mechanismll, but<br />
all of the contracted UDDI Opera<strong>to</strong>r Sites are required <strong>to</strong> meet certain<br />
minimum criteria that provide similar security protections.<br />
For more details on the UDDI schema or the UDDI Programmer's<br />
API Specification, consult the documents that are available on the<br />
uddi.org Web site.<br />
These specifications are published as a set of linked HTML<br />
documents, with specific tModels defined for related sub service<br />
offerings. The individual tModel references are actually overview<br />
information with shared links <strong>to</strong> overview, API call, and appendix<br />
information within the overall specification.
Appendix A: UDDI Information Model<br />
Appendix B 529<br />
The diagram below shows the relationships between the different core<br />
information elements that make up the UDDI information model.<br />
businessEntity<br />
BusinessKey<br />
name<br />
description<br />
bu si nessS ervi ces<br />
categoryBag<br />
identifier Bag<br />
0..n i 0. ,1<br />
LJ<br />
businessService<br />
seiviceKey<br />
businessKey<br />
name<br />
description<br />
bi nd in gTernpl ates<br />
categoryBag<br />
0..n<br />
bi nd in gTemp! ate<br />
bindingKey<br />
serviceKey<br />
description<br />
accessPoint<br />
0..1<br />
hosti n gRed ir ee<strong>to</strong>r<br />
.0..1<br />
a.n<br />
"<br />
identifierBag<br />
categoryBag<br />
Figure 2. —<br />
1., n
530 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Resources<br />
This section contains the locations of various specifications, document<br />
references and useful information where you can learn more about this<br />
subject.<br />
• W3C XML and related recommendations: http://www.w3.org/TR<br />
• SOAP 1.1 W3C note: http://www.w3.Org/TR/#Notes<br />
• UDDI Web site: http://www.uddi.org<br />
• UDDI Programmer's API Specification:<br />
http://www.uddi.org/pubs/UDDI_Programmers_API_Specification.pdf<br />
• UDDI Data Structure Reference:<br />
http://www.uddi.org/pubs/UDDI_XML_Structure_Reference.pdf<br />
• UDDI Revision 1.0 schema: http://www.uddi.org/schema/uddi_l.xsd
Bibliography<br />
1. Atkins D.E. et al., 'Toward Inquiry-Based Education Through<br />
Interacting Software Agents', University of Michigan Publication,<br />
(2000).<br />
2. Atkinson H., 'The Evolution of NTE', JOC Week, (February 2001).<br />
3. Babcock C, 'RosettaNet Gets Businesses <strong>to</strong> Talk in XML',<br />
Inter@ctive Week — ZdNet, (Oc<strong>to</strong>ber 2000).<br />
4. BadBlue, 'A Standards-based, P2P Approach <strong>to</strong> Marketplaces and<br />
Exchanges', BadBlue Position Paper, (February 2001).<br />
5. Baker S., CORBA Distributed Objects: Using Orbix (Addison-<br />
Wesley, 1997).<br />
6. Balasubramanian S. and Norrie D.H., 'A Multi-Agent Intelligent<br />
Design System Integrating Manufacturing And Shop-Floor Control',<br />
Division of Manufacturing Engineering Publication, (Department<br />
of Mechanical Engineering, University of Calgary, 2001).<br />
7. Baldwin CM., 'Data <strong>Integration</strong> Software Speeds Web', Network<br />
World, (November 2000).<br />
8. Barlas D., '<strong>Collaborative</strong> As Marketplace Planned', Line56, (January<br />
2001).<br />
9. BEA Systems, 'Future-Proof Your Business with the BEA<br />
WebLogic E-business Platform', BEA.com, (April 2001).<br />
10. BEA Systems, 'Enterprise Application <strong>Integration</strong> (EAI) Providing<br />
Stability in a Whirlwind of E-Commerce', BEA.com, (May 2000).<br />
11. BEA Systems, 'Proposal for Business Transaction Pro<strong>to</strong>col —<br />
Version 1.0', BEA.com, (March 2001).<br />
12. Berryman K. and Heck S., 'Is The Third Time The Charm For<br />
<strong>B2B</strong>?', Internet Week, (March 2001).<br />
13. Bharat A.K. and Cardelli L., 'Migra<strong>to</strong>ry Applications', SRC<br />
Research Report, (February 1996).<br />
531
532 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
14. Boardman R., An XML/XSL Architecture for Language-neutral<br />
Document Authoring, Translation and Online Publishing (Centre<br />
for Cognitive Science, Edinburgh University, UK, 1999).<br />
15. Bois G.D. and McCright J.S., 'Exchanges turning <strong>to</strong> P2P platforms',<br />
eWeek, (March 2001).<br />
16. Bonde A., 'Building An E-biz Strategy', PlanetIT, (August 2000).<br />
17. Bosak J., 'XML — Questions & Answers', Sun Microsystems<br />
Publication, (1999).<br />
18. Breithaupt J. and Merkow M.S., 'The Complete <strong>Guide</strong> <strong>to</strong> Internet<br />
Security (Juillet)\ (2000).<br />
19. Brit<strong>to</strong>n C, IT Architectures and Middleware: Strategies for Building<br />
Large, Integrated Systems (Addison-Wesley, 2000).<br />
20. Brown T., Temkin B., Lief V. and McCarthy K., 'Net Marketplaces<br />
Grow Up', The Forrester Report, (December 1999).<br />
21. Bryan M., An Introduction <strong>to</strong> the Extensible Markup Language<br />
(XML) (The SGML Centre, 1997).<br />
22. Business Wire, '@YourCommand Introduces New Search Engine<br />
With Certified Privacy', Business Wire, (Oc<strong>to</strong>ber 1998).<br />
23. Butler S., '<strong>B2B</strong>: The Year That Was', eMarketer.com, (December<br />
2000).<br />
24. Choi S.Y. and Whins<strong>to</strong>n A.B., 'Is P2P Right for <strong>B2B</strong>?', Cisco.com,<br />
(April 2001).<br />
25. Chung M.H., Lee L. and Turban E., Electronic Commerce — A<br />
Managerial Perspective (Prentice Hall, 1999).<br />
26. Chung T.L., Lee J., King D. and Chung H., Electronic Commerce<br />
— A Managerial Perspective (Prentice-Hall, 1999).<br />
27. Cover R., 'Web Services Flow Language (WSFL)', XML Cover<br />
Pages, (June 2001).<br />
28. Cox J., 'Browserless Web is the future of <strong>B2B</strong>', Work World,<br />
(January 2001).<br />
29. Craig T., 'Supply Chain Management Six Issues That Impact Its<br />
Effectiveness', A publication of Round Table Group, (August 1998).<br />
30. Dasgupta P., Narasimhan N., Moser L.E. and Melliar-Smith P.M.,<br />
'A Supplier-Driven Electronic Marketplace Using Mobile Agents',<br />
Department of Electrical and Computer Engineering Publication,<br />
(University of California, Santa Barbara, 2001).
Bibliography 533<br />
31. Davidson J., 'Driving Logistics Online Markets', Traffic World,<br />
(April 2001).<br />
32. Dejesus E.X., 'EDI? XML? Or Both?', Computer World, (January<br />
2001).<br />
33. Dhawan R.K. et al., 'The Asian difference in <strong>B2B</strong>', The McKinsey<br />
Quarterly Number 4 Asia, (2000).<br />
34. Draenos S., 'The b-<strong>to</strong>-b chameleons', Upside Magazine, (May<br />
2001).<br />
35. Drakos N., 'P2P Networks: One Step Forward, Two Steps Back?',<br />
Gartner Group Publication, (April 2001).<br />
36. Dumbill E., 'XML, Standards and You', Xml.com, (April 2000).<br />
37. EAI Journal, 'Extricity Software Solution for Adaptec — Best<br />
E-business Solution', EAI Journal, (2000).<br />
38. ebXML.org, 'Business Process and Business Information Analysis<br />
Overview vl.0.', ebXML.org, (May 2001).<br />
39. Eichmann D., 'Ethical Web Agents', Reposi<strong>to</strong>ry Based Software<br />
Engineering Program Research Institute for Computing and<br />
Information Science, (University of Hous<strong>to</strong>n, 2000).<br />
40. Einsiedler H.J. and Gleizes M.P., 'ABROSE: A Co-operative Multi-<br />
Agent Based Framework for Electronic Marketplace', France<br />
Telecom CNET Publication, (Univ. Toulouse, 1998).<br />
41. Enslow B., 'Managing Visibility <strong>to</strong> Improve Supply Chain Performance',<br />
Software Solutions Business World Conference., (2000).<br />
42. Enslow B., 'The Internet's effect on Supply Chain Power',<br />
Achieving Supply Chain Excellence through Technology (ASCET),<br />
(2000).<br />
43. Extricity, '<strong>B2B</strong> <strong>Integration</strong> Overview', Extricity.com, (January<br />
2000).<br />
44. Extricity, 'Exporing the challenges of <strong>B2B</strong> <strong>Integration</strong>',<br />
Extricity.com, (July 1999).<br />
45. Fingar P., A CEO's <strong>Guide</strong> <strong>to</strong> eCommerce Using Object-Oriented<br />
Intelligent Agent Technology, (June 1998).<br />
46. Fluss D. and Knox R., 'Why CRM Executives will Care About<br />
XML', Gartner Group Publication, (November 1999).<br />
47. Ford W. and Baum M.S., Secure Electronic Commerce (2nd Ed.),<br />
(2001).
534 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
48. Frawley A., 'Evolving <strong>to</strong> eCRM: How <strong>to</strong> Optimize Interactive<br />
Relationships Between You and Your Cus<strong>to</strong>mers', Xchange Inc.,<br />
(2001).<br />
49. Freter T., 'XML: It's the Future of HTML', Sun Microsystems<br />
Publication, (April 2000).<br />
50. Freter T., 'XML: Mastering Information on the Web', Sun<br />
Microsystems Publication, (April 2000).<br />
51. Gartner Consulting, 'A Model for Determining the Financial<br />
Benefit of an <strong>Integration</strong> Broker Implementation', Gartner Group<br />
Publication, (January 2000).<br />
52. Ghosh A., E-<strong>commerce</strong> Security Weak Links, Best Defenses (John<br />
Wiley & Sons, 1998).<br />
53. Gisolfi D., 'Web Services Architect, Part 1: An Introduction <strong>to</strong><br />
Dynamic E-business', IBM Publication, (April 2001).<br />
54. Gomes V.W, 'JXTA: Getting across <strong>to</strong> your peer', Cyber India<br />
on-line Limited Publication, (May 2001).<br />
55. Gong Li, 'Project JXTA: A technology overview', Sun Microsystems<br />
Publication, (2001).<br />
56. Gonzales M.L., 'A Data Strategy for the Enterprise', DB2 Magazine,<br />
(Winter 2000).<br />
57. Grosof B, 'Business Rules for E-Commerce: Interoperability and<br />
Conflict Handling', IBM T.J. Watson Research Center Publication,<br />
(2001).<br />
58. Hackbarth G. and Kettinger W.J., 'Building an E-business Strategy',<br />
Information Systems Management, (Summer 2000).<br />
59. Hammer K., 'Data Integrity in E-business', EAI Journal, (2001).<br />
60. Hau L.L., Whang S. and Padmanabhan V., 'The Bull Whip Effects<br />
in Supply Chain', Sloan Management Review, (Spring 1997).<br />
61. Hoffman M., 'How XML Will Redefine the E-Commerce Market',<br />
CommerceOne.com, (2001).<br />
62. Horowitz B., 'Managing the Security Risks of Your E-business',<br />
Ebizq.net, (August 2000).<br />
63. IBM Corporation, 'B-<strong>to</strong>-B E-<strong>commerce</strong>: Offering Suppliers New<br />
Opportunities <strong>to</strong> Connect With Buyers', IBM Publication, (May<br />
2000).<br />
64. IBM Data Management Group, 'Dynamic e-business with DB2<br />
and Web Services', IBM Publication, (2001).
Bibliography 535<br />
65. Kalakota R. and Robinson M., E-business Roadmap for success<br />
(Addison-Wesley, 1996).<br />
66. Kasrel B., Bernoff J., Monson E. and Gerson M., 'P2P's Pervasive<br />
Future', The Forrester Report, (January 2001).<br />
67. Kay E., 'From EDI <strong>to</strong> XML', Computer World, (June 2000).<br />
68. Kennedy S., '<strong>B2B</strong> exchanges that failed <strong>to</strong> deliver', Cyber India<br />
on-line Limited Publication, (April 2001).<br />
69. Kestelyn J., 'RosettaNet: Hardly a Dead Language', Intelligent<br />
Enterprise Magazine — Volume 3, Number 18, (December 2000).<br />
70. King D., 'Electronic Commerce and Supply Chain Management',<br />
part of the Internet and the Digital Economy Track of The Thirty<br />
Third Annual Hawaii International Conference on Systems Sciences<br />
(HICSS), (2001).<br />
71. Kohtz D. and Gray R.S., 'Mobile Agents and the Future of the<br />
Internet', Department of Computer Science Publication, (Thayer<br />
School of Engineering, Dartmouth College, 2001).<br />
72. Ko<strong>to</strong>k A., 'XML and EDI Lessons Learned and Baggage <strong>to</strong> Leave<br />
Behind', O'Rielly Xml.com, (August 1999).<br />
73. Law<strong>to</strong>n G., 'BizTalk, RosettaNet and the Holy Grail of E-<strong>commerce</strong><br />
<strong>Integration</strong>', eBizQ, (November 2001).<br />
74. Leibman L., 'EAI Goes <strong>B2B</strong>', Internet Week, (September 2000).<br />
75. Lengel K., '<strong>B2B</strong> Basics', CIO Magazine, (August 2000).<br />
76. Lenzmann B., Wachmuth I. and Cao Y., 'An intelligent interface for<br />
a virtual environment', University of Bielefeld, Faculty of Technology<br />
Publication, (2000).<br />
77. Leung L., 'Move Over ERP, Here Comes ERP IF, Gartner<br />
Symposium/ITxpo, (Oc<strong>to</strong>ber 2000).<br />
78. Lewis B., 'Beyond E-mail: Enterprise <strong>Integration</strong> Issues for Mobile<br />
E-Commerce', Transactions Marketing Inc. Publication, (2001).<br />
79. Lheureux B., 'XML will Ultimately Pay for Itself in Application<br />
<strong>Integration</strong>', Gartner Group Publication, (June 1999).<br />
80. Linthicum D.S., <strong>B2B</strong> Application <strong>Integration</strong> (Addison-Wesley,<br />
2001).<br />
81. Linthicum D.S., Enterprise Application <strong>Integration</strong> (Addison-<br />
Wesley, 2000).<br />
82. Lipis L.J., 'E-marketplaces services profile series', IDC Bulletin<br />
#22399, (May 2000).
536 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
83. Liu S., 'Scanning The Business Environment With Intelligent<br />
Software Agents', Turku Centre for Computer Science TUCS and<br />
Institute for Advanced Management Systems Research, (Abo<br />
Akademi University, Lemminkaisenkatu, Finland, 2000).<br />
84. Malone R., 'Trading Exchanges Empower Transportation Management',<br />
Logistics Magazine, (July 2000).<br />
85. McAfee A., 'The Napsterization of <strong>B2B</strong>', Harvard Business Review,<br />
(December 2000).<br />
86. McCarthy A., Zohar M., Dolan T. and Lee S., 'Mobile Internet<br />
Platforms Emerge', The Forrester Report, (November 2000).<br />
87. McCoy D., 'BPMI.org Attempts the Impossible: BPM Standards',<br />
Gartner Group Publication, (July 2001).<br />
88. Memishi R., '<strong>B2B</strong> Exchanges Survival <strong>Guide</strong> Introduction', Internet<br />
Magazine World, (January 2001).<br />
89. Meredith G., Christensen E. and Weerawarana S., 'Web Services<br />
Description Language (WSDL) 1.1', w3.org, 2001.<br />
90. Merkow M, '<strong>B2B</strong>, Privacy, and You', Internet.com, (December<br />
2000).<br />
91. Merkow M., 'What Can P2P Do For <strong>B2B</strong>', Redux, (2001).<br />
92. Merkow M., 'XML at Your Service', Webreference.com, (April<br />
1999).<br />
93. Mesher A., 'Supply Chain Evolution Will Require an <strong>Integration</strong><br />
Revolution', Supply Chain Excellence through Technology (ASCET),<br />
(2000).<br />
94. Microsoft, 'BizTalk Orchestration, A Technology for Orchestrating<br />
Business Interactions', Microsoft Publication, (June 2000).<br />
95. Microsoft, 'BizTalk Server 2000 Product Documentation', Microsoft<br />
Publication, (2001).<br />
96. Miller E., 'An Introduction <strong>to</strong> the Resource Description<br />
Framework', D-Lib Magazine, (May 1998).<br />
97. Mobilocity, Inc., 'Seizing the M-Commerce Opportunity —<br />
Strategies for Success on the Wireless Web', Mobilocity.net,<br />
(April 2000).<br />
98. Mobilocity, Inc., 'Fundamentals of Mobile Business <strong>to</strong> Employees<br />
(B2E) Applications, A Strategic Approach', Mobilocity.net, (January<br />
2001).<br />
99. Nelson M. and Holt S., 'RosettaNet Jumps on XML Bandwagon',<br />
InfoWorld Electric, (June 1999).
Bibliography 537<br />
100. Net-Centric Consulting Group LLC, 'Business Planning Services',<br />
Net-centric.net, (2001).<br />
101. Netfish Technologies, 'XDI EDI Data Sheet', Netfish Publication,<br />
(2001).<br />
102. Netscape, 'Integrating Netscape Application Server Solutions With<br />
Existing Enterprise Systems and Applications', Netscape.com, (July<br />
1999).<br />
103. Nordan M. and Favier J., 'Heralds Mobile <strong>B2B</strong> E-<strong>commerce</strong>', The<br />
Forrester Report, December 2000.<br />
104. Nortel Networks, 'VPNs Tu<strong>to</strong>rial', Nortel Networks Publication,<br />
(2001).<br />
105. Nwana S.H., 'Software Agents: An Overview', Intelligent Systems<br />
Research, Advanced Applications & Technology Department,<br />
(BT Labora<strong>to</strong>ries, Martlesham Heath Ipswich, Suffolk, September<br />
1996).<br />
106. Oliver D.D., 'Agent-Based Decentralized Coordination for Electronic<br />
Markets', Department of Information Systems Publication,<br />
(University of Erlangen-Nuremberg Lange Gasse, Germany, 2001).<br />
107. Olsen G., 'An Overview of <strong>B2B</strong> <strong>Integration</strong>', EAI Journal, (May<br />
2000).<br />
108. Oracle, 'E-business <strong>Integration</strong> Architecture', Oracle Magazine,<br />
(September 2000).<br />
109. Orfali, R., The Essential Client/Server Survival <strong>Guide</strong> (2nd Ed.),<br />
(John Wiley & Sons, 1996).<br />
110. Paat J., 'Clearinghouse Model Fills Need for <strong>B2B</strong> <strong>Integration</strong>',<br />
BizJournals, (Oc<strong>to</strong>ber 2000).<br />
111. Patsuris' P., '<strong>B2B</strong> Exchange Madness', Forbes Magazine, (April<br />
2000).<br />
112. Pretson R. and Yasin R., 'Dow's New Chemistry', InternetWeek,<br />
(July 2000).<br />
113. Progress Software Corporation, 'Benchmarking E-business<br />
Messaging Providers', Progress Software Publication, (2001).<br />
114. Quinn F.J., 'The Payoff Potential in Supply Chain Management',<br />
Achieving Supply Chain Excellence through Technology (ASCET),<br />
(2000).<br />
115. Quinn F.J., 'What's the buzz?', Supply-chain Management<br />
Report by Logistics Management & Distribution Report, (September<br />
1997).
538 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
116. Radeke M., 'Understanding <strong>B2B</strong> Online Exchanges', Workz.com,<br />
(September 2000).<br />
117. Ruh W.A. et al., Enterprise Application <strong>Integration</strong> (A Wiley<br />
Tech Brief, John Wiley & Sons, 2001).<br />
118. Rymer J., 'Why 90 Percent of XML Standards will Fail', ZdNet,<br />
(Feburary 2001).<br />
119. Sahay B.S., 'Supply Chain Management in the Twenty First<br />
Century', Twenty-First Century, (Macmillan, 2001).<br />
120. Sankaran S. and Bui T, 'Software Agents for Telemedicine',<br />
California State University Northridge Publication, (1999).<br />
121. Sari K., 'Its' Not Easy Being <strong>B2B</strong>', CIO Magazine, (Oc<strong>to</strong>ber 1999).<br />
122. Sayeed I., Sabatino G. and Boey P., 'Architecting E-business<br />
Solutions', 2nd International We-B Conference Proceeding Volume<br />
II No 7, (2001).<br />
123. Schmidt J., 'Enabling Next Generation Enterprises', EAI Journal,<br />
(July 2000).<br />
124. Schwartz K.D., 'It's a Bad, Bad, Bad, Bad World', CIO Magazine,<br />
(April 2001).<br />
125. ScreamingMedia, Tntarka Announces ProspectMiner 1.2 — a<br />
Powerful Web Mining Solution for Business', Business Wire,<br />
(September 1999).<br />
126. SeeBeyond, 'SeeBeyond E-business <strong>Integration</strong> Suite Product<br />
Datasheet', SeeBeyond.com, (2001).<br />
127. Shankarnarayanan, S., 'ERP Systems — Using IT <strong>to</strong> Gain a<br />
Competitive Advantage', Expressindia, (2001).<br />
128. Shih C, 'The Use of XML in E-Commerce', Gartner Group<br />
Publication, (May 1999).<br />
129. Shih C, 'The Use of XML in E-Commerce', Gartner Group<br />
Publication, (May 1999).<br />
130. Siegel, J., Ph.D., CORBA 3 Fundamentals and Programming (2nd<br />
Ed.), (John Wiley & Sons, 2000).<br />
131. Siepel P. and Borking J.J., 'Intelligent Software Agents: Turning a<br />
Privacy Threat in<strong>to</strong> a Privacy Protec<strong>to</strong>r', Intelligent Software Agents<br />
and Privacy Conference, The Hague, (1999).<br />
132. Sinmao M.V., Intelligent Agents and E-Commerce, (November<br />
1999).<br />
133. Sohn A., '<strong>Integration</strong> Challenge in <strong>B2B</strong> Commerce', EAI Journal,<br />
(2001).
Bibliography 539<br />
134. Sohn A., '<strong>Integration</strong> Challenges in <strong>B2B</strong> Commerce', EAI Journal,<br />
(2001).<br />
135. Sprague C. and Kinselia B, '<strong>B2B</strong> E-<strong>commerce</strong> Comes of Age and<br />
Drives Shareholder Value', Ascet Vol 2, (2001).<br />
136. Strange K. and Friedman T., 'Why the Virtual Data Warehouse<br />
Still Won't Work', Gartner Group Publication, (April 2001).<br />
137. Sundsted T., 'Agents on the move', Javaworld, (July 1998).<br />
138. Sundsted T., 'An introduction <strong>to</strong> agents', Javaworld, (June 1998).<br />
139. Surmacz J., 'One Is Not Enough', CIO Magazine, (May 2001).<br />
140. Thatte S., 'XLANG, Web Services for Business Process Design',<br />
Microsoft, (2001).<br />
141. The Software & Information Industry Association, Building the<br />
Net: Trends Report, (2000).<br />
142. Thompson C, 'Agents and e-<strong>commerce</strong>', ROB Magazine,<br />
(September 1999).<br />
143. Tibco, TIB®/Adapter SDK, A TIBCO ActiveEnterprise Product,<br />
Adapting Cus<strong>to</strong>m Applications in<strong>to</strong> the E-business Infrastructure,<br />
(2000).<br />
144. Timme G.S. and Williams-Timme C, 'The Financial SCM<br />
Connection', Supply Chain Management Review, (2000).<br />
145. Trudeau R. Jr., 'The Hidden Opportunity in Business-<strong>to</strong>-Business<br />
E-Commerce, George Stalk', The Bos<strong>to</strong>n Consulting Group, Inc.<br />
Publication, (1999).<br />
146. Tsve<strong>to</strong>vat M., Chen Y., Ying J. and Sycara K., 'Cus<strong>to</strong>mer Coalitions<br />
in the Electronic Marketplace', Carnegie Melon University<br />
Publication, (May 2000).<br />
147. Uchneat J., '<strong>Collaborative</strong> E-Commerce: Driving Productivity in<br />
2000 and Beyond', Achieving Supply Chain Excellence through<br />
Technology (ASCET) Volume 2, (2000).<br />
148. UDDI.org, 'Using WSDL in a UDDI Registry 1.02, UDDI Working<br />
Draft Best Practices Document', UDDI.org, (February 2001).<br />
149. Ulrich W., 'Business Process <strong>Integration</strong>: Time <strong>to</strong> Take a Holistic<br />
Approach', System Transformation, (2001).<br />
150. Vogle D., 'SAQQARA: Implementing RosettaNet — a Decision<br />
that Stands the Test of Time', Link2SemiConduc<strong>to</strong>r.com, (Oc<strong>to</strong>ber<br />
2000).<br />
151. Vollemer K., 'Don't Believe The Hype: EDI And XML Are Just<br />
Perfect Together', Internet Week, (January 2001).
540 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
152. Waltner C, 'B-To-B E-Payment Offers Benefits To Marketplaces',<br />
Information Week, (November 2000).<br />
153. Wal<strong>to</strong>n B. and Princi M., 'From Supply Chain <strong>to</strong> <strong>Collaborative</strong><br />
Network: Case Studies in the Food Industry', Achieving Supply<br />
Chain Excellence through Technology (ASCET), (2000).<br />
154. Webber D.R.R., Mikula N., Marchal B. and Peat B., '<strong>Guide</strong>lines<br />
for Using XML for Electronic Data Interchange', XML/EDI Group,<br />
(1998).<br />
155. webMethods, '<strong>B2B</strong>: Launch Any <strong>Integration</strong> Initiative',<br />
webMethods.com, (2001).<br />
156. webMethods, 'Enabling eBusiness Through Enterprise Application<br />
<strong>Integration</strong>', webMethods.com, (June 2001).<br />
157. webMethods, 'Transactional Integrity For E-business <strong>Integration</strong>',<br />
webMethods.com, (2001).<br />
158. webMethods, 'webMethods Enterprise: Scalable Enterprise<br />
Application <strong>Integration</strong>', webMethods.com, (2001).<br />
159. Wegner L., Temkin B. and Kafka S., '<strong>B2B</strong> Auctions Go Beyond<br />
Price', The Forrester Report, (May 2000).<br />
160. Wellman M.P., 'The Economic Approach <strong>to</strong> Artificial Intelligence',<br />
ACM Computing Surveys Symposium on Artificial Intelligence,<br />
(1995).<br />
161. White A., 'Introduction <strong>to</strong> Supply Chain Management',<br />
Business.com, (February 1995).<br />
162. Widom J., 'Data Management for XML', IEEE Data Engineering<br />
Bulletin, Special Issue on XML, 22(3):44-52, (September 1999).<br />
163. Windley M.V. et al, 'A programming and execution environment<br />
for distributed multi-agent systems', University of Delaware<br />
Publication, (2000).<br />
164. Wooldridge M. and Jennings N., 'Intelligent agents: theory and<br />
practice', The Knowledge Engineering Review, Vol.l0:2, (1995).<br />
165. XNS.org, 'How Web Agents work: A quick Primer', XNS.org,<br />
(September 2000).<br />
166. Yeamans L., 'Message Brokering, Should You Bet Your Business<br />
on It?', Ebizq.net, (2001).
24/7 Availability 41, 448, 453<br />
A2A (application-<strong>to</strong>-application) 268,<br />
see application oriented integration<br />
access control 321<br />
adapters 30, 117<br />
administration <strong>to</strong>ol 266<br />
agent systems 387<br />
American National Standards Institute<br />
154<br />
Application Center Server 2000 241<br />
Application Programming Interfaces<br />
see APIs<br />
application<br />
adapters 262-263<br />
broker 82<br />
oriented integration 25, 49, 74-89,<br />
255<br />
APIs 74-82, 104, 339, 460<br />
classes 77-81<br />
component/object 79<br />
components 77-78<br />
data management 79<br />
file 80<br />
messaging 79<br />
method 78<br />
application servers 30<br />
Au<strong>to</strong>ma<strong>to</strong>r 143<br />
authentication 292, 309, 338<br />
authorization 338<br />
<strong>B2B</strong><br />
exchanges 34, 42, 130, 441-468<br />
integration 9-10, see <strong>B2B</strong>i<br />
Index<br />
541<br />
<strong>B2B</strong><br />
standards 20<br />
transaction 18-19<br />
wireless 368<br />
<strong>B2B</strong>i 9-10<br />
and e-marketplaces 459<br />
challenges 35-41<br />
components 25-32<br />
domains 35<br />
goals 451<br />
P2P 479-483<br />
patterns 48-49, see <strong>B2B</strong>i, types<br />
performance and scalability 40<br />
security risks 292<br />
SOA 328<br />
software agents 396<br />
solution 17-20<br />
strategy 14-15, 23, 68<br />
types 25<br />
XML-based 34<br />
B2C 6-8, 268<br />
wireless 368<br />
B2E 366-369<br />
back-office processing 105<br />
BAPI 109<br />
batch transfer 103<br />
BEA WebLogic 252-253<br />
integration 142<br />
BEA's eLink 115, 252<br />
BizTalk 148, 179, 189, 207-212<br />
Envelope 208<br />
Server 2000 240
542 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
BPI see business process oriented<br />
integration<br />
BPM see Business Process Management<br />
BPMI see Business Process<br />
Management Initiative<br />
BPML see Business Process Modeling<br />
Language<br />
BPQL see Business Process Query<br />
Language<br />
BPR see Business Process Reengineering<br />
broadcasting 222<br />
business<br />
models 7<br />
process au<strong>to</strong>mation 137<br />
process engine 92<br />
process life cycle 128<br />
Business Process Management 27, 34,<br />
74, 89, 120-141, 273<br />
internal 39<br />
Business Process Management Initiative<br />
148-149<br />
Business Process Modeling Language<br />
148<br />
business process oriented integration 25,<br />
39, 49, 89-92, 104<br />
patterns 89-90, see Open Processbased<br />
(Public Process) <strong>Integration</strong>,<br />
see Closed Process-based (Private<br />
Process) <strong>Integration</strong><br />
Business Process<br />
Query Language 149<br />
Reengineering 107<br />
Business Rules For Electronic Commerce<br />
(BRML) 406<br />
Business-<strong>to</strong>-Business see <strong>B2B</strong><br />
Business-<strong>to</strong>-Consumer see B2C<br />
Business-<strong>to</strong>-Employee see B2E<br />
callback functions 83<br />
Cascading Style Sheets (CSS) 175<br />
catalog 202<br />
management 15, 19<br />
Catalog Publishing 459<br />
certificate 301<br />
authorities (CAs) 300, 318<br />
server 371<br />
ciphers 302<br />
client/server systems 105<br />
closed process-based (private process)<br />
integration 89<br />
collaboration 479, 450<br />
collaborative<br />
agents 388, 399<br />
<strong>commerce</strong> 466<br />
e-<strong>commerce</strong> 464<br />
networks 42, 428, 462, 464<br />
<strong>Collaborative</strong> Partner Agreement (CPA)<br />
204<br />
<strong>Collaborative</strong> Planning and Forecasting<br />
see CPFR<br />
COM+ 233, 239-244<br />
<strong>commerce</strong> agents 389<br />
Commerce Extensible Markup Language<br />
see cXML<br />
Common Object Request Broker<br />
Architecture see CORBA<br />
communication pro<strong>to</strong>cols 268<br />
confidentiality 292<br />
content management services 454<br />
CORBA 233, 242<br />
application interfaces 238<br />
Component Model (CCM)<br />
pro<strong>to</strong>col 234<br />
domains 237<br />
horizontal facilities 237<br />
services 236<br />
CORBA3 235<br />
CORBA components package 239<br />
Java and Internet integration 238<br />
quality of service control 239<br />
CPFR 7, 433-435<br />
CRM see Cus<strong>to</strong>mer Relationship<br />
Management<br />
cryp<strong>to</strong>graphy 293, 311<br />
Cus<strong>to</strong>mer Relationship Management 15,<br />
99, 111-115, 364
cus<strong>to</strong>mer service 34<br />
cXML 163, 179, 183, 189, 202-203,<br />
329<br />
data oriented integration 25, 49-68, 89,<br />
103, 255<br />
<strong>B2B</strong>i 49, 67<br />
XML 66<br />
data<br />
protection 338<br />
replication 50-53, 103<br />
bi-directional 52<br />
marts 54, 59-62<br />
multi-site 53<br />
primary site 51-52<br />
transformation 461<br />
union 103<br />
warehouses 54, 59-62, 99, 112<br />
Data Transformation Component<br />
264-265<br />
DataMapper 265<br />
DB2 DataJoiner 64<br />
DCE see Distributed Computing<br />
Environment<br />
DCOM 243<br />
deliberative agents 388<br />
De-militarized Zone (DMZ) 312<br />
denial-of-service attack (DOS) 322<br />
departmentalized distributed computing<br />
98<br />
designer <strong>to</strong>ol 58<br />
digital certificates 300-301<br />
envelope 296<br />
signature 296-299, 301<br />
Direc<strong>to</strong>ry Services 269<br />
Distributed Authoring and Versioning<br />
Pro<strong>to</strong>col 149, see WebDAV<br />
distributed client-server systems 98, 105<br />
computing 141<br />
control 40<br />
objects and components 215,<br />
231-249<br />
systems 98<br />
Index 543<br />
Distributed Computing Environment 87<br />
Document Type Definition 164, 171,<br />
181, see XML, DTDs<br />
Domain Name Service (DNS) 407, 472<br />
DOMHASH 314<br />
DTD see Document Type Definition<br />
EAI 10, 26-27, 71, 96-124<br />
convergence and divergence with<br />
<strong>B2B</strong>i 121-123<br />
e-business see e-<strong>commerce</strong><br />
drivers 4<br />
ebXML 148, 150, 179, 188, 204<br />
e-<strong>commerce</strong><br />
<strong>B2B</strong> 5<br />
collaborative 4, 8, 39<br />
mobile 345-382, 364<br />
differences with m-<strong>commerce</strong> 346<br />
e-distribution sites see emarketplaces,<br />
supplier-centric<br />
e-logistics 429<br />
e-marketplaces see <strong>B2B</strong>, exchanges<br />
agent-based 401<br />
auction-services 455<br />
brokered 446<br />
buyer-centric 444<br />
credit worthiness 452<br />
governance 447<br />
horizontal 443<br />
liquidity 452<br />
neutral 445, 449, 453<br />
on-demand trading 366<br />
open 445<br />
pass-through 446<br />
private 446<br />
supplier-centric 444<br />
vertical 443<br />
e-payment 315<br />
e-procurement 42, 192, 426-428, 436,<br />
453, 460<br />
role of software agents 402<br />
e-procurement sites see e-marketplaces,<br />
buyer-centric
544 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
eCRM 113-114<br />
EDIFACT 179<br />
EDI 154-186, 174<br />
EJBs 233, 245-249<br />
Electronic Bill Presentment and Payment<br />
(EBPP) 457<br />
Electronic business Markup Language<br />
see ebXML<br />
electronic CRM see eCRM<br />
Electronic Component Technical<br />
Dictionary (ECTD) 197<br />
Electronic Data Interchange see EDI<br />
encryption 301, 309, see cryp<strong>to</strong>graphy<br />
private key 294<br />
public key 295<br />
Enterprise Application <strong>Integration</strong> see<br />
EAI<br />
enterprise business portals 102<br />
Enterprise JavaBeans see EJBs<br />
Enterprise Resource Planning see ERP<br />
Enterprise Systems 106-115<br />
entitlements management 312<br />
entity beans 249<br />
ERP 99, 106-115<br />
integration 109 -111<br />
systems 442, 462<br />
ERP II 108-109<br />
ETL 54-59<br />
ETL Engine 55-57<br />
event driven integration see business<br />
process oriented integration<br />
Extensible Name Service (XNS)<br />
407-408<br />
Extensible Markup Language see XML<br />
Extensible Stylesheet Language 175,<br />
see XSL<br />
Extract, Transform and Load Solution<br />
see ETL<br />
Extricity <strong>B2B</strong> Alliance Manager 144<br />
Fastenal<br />
XML EDI Case Study 183<br />
fault <strong>to</strong>lerant architecture 50<br />
Financial Information eXchange<br />
(FIXML) 183<br />
Financial Products Markup Language<br />
see FpML<br />
firewalls 302-307<br />
application level 305<br />
enterprise firewall appliance 306<br />
network level 304<br />
FpML 163, 183, 188, 200-201, 329<br />
GARTMORE<br />
Trade Processing Case Study<br />
118-120<br />
handheld device 347, 349, 367, 376, 471<br />
hash function 297<br />
host integration server 240<br />
HTML 157-158<br />
IBM WebSphere 249-251<br />
MQ Integra<strong>to</strong>r 118<br />
IDocs 110<br />
HOP 242<br />
HOP pro<strong>to</strong>col 209<br />
industry standards<br />
issues 40<br />
information agents 388, see software<br />
agents, information gathering<br />
information gathering 32<br />
discovery 483<br />
in-process server 242<br />
Instant messaging (IM) 348<br />
integration<br />
goals 14-16, 93-94<br />
hub-and-spoke 12-13, 115, 156,<br />
178, 256<br />
patterns see <strong>B2B</strong>i, patterns<br />
point-<strong>to</strong>-point 115, 442, 463<br />
integration brokers 30-31, 59, 255<br />
connectivity 271<br />
hub-and-spoke architecture 256-257<br />
message bus architecture 257-258<br />
multi-hub architecture 258-259
integrity 292<br />
intelligent agents 481, see software agents<br />
Interface Definition Language (IDL)<br />
234, 247<br />
internal application integration 36-37<br />
Internet Information Services (IIS) 240<br />
Internet Security and Acceleration Server<br />
2000 (ISA) 241<br />
intrusion detection 312<br />
inven<strong>to</strong>ry models 107<br />
ISO 15022 329<br />
Java 2 Enterprise Edition (J2EE) 148,<br />
233, 242, 244-253, 339<br />
J2EE Application Servers 233, 249-253<br />
Java 2 Platform, Micro Edition (J2ME)<br />
244<br />
Java 2 Platform, Standard Edition (J2SE)<br />
244<br />
Java Message Service (JMS) 229<br />
JNDI 214<br />
Just-In-Time (JIT) 433<br />
reporting 197<br />
delivery 429<br />
integration 328<br />
inven<strong>to</strong>ry model 107<br />
LDAP see Lightweight Direc<strong>to</strong>ry<br />
Access Pro<strong>to</strong>col<br />
legacy extension 17<br />
legacy systems 14-17, 97, 105<br />
use of software agents 403<br />
Lightweight Direc<strong>to</strong>ry Access Pro<strong>to</strong>col<br />
73<br />
Local Procedure Call (LPC) 242<br />
logistics 19, 141, 144, 328, 417, 436,<br />
450, 456, see e-logistics<br />
m-<strong>commerce</strong> see e-<strong>commerce</strong>, mobile<br />
3-G Networks 370<br />
enterprise integration issues 369<br />
solution providers 372-374<br />
market makers 446<br />
Index 545<br />
matchmaking agents 388<br />
Material Requirement Planning 107<br />
Message Authentication Codes (MACs)<br />
299<br />
message brokers 225, 255, see<br />
integration brokers<br />
message<br />
digest 297, 301<br />
passing 224<br />
queues 221, 224<br />
Message Oriented Middleware 30, 75,<br />
104, 215, 219-230<br />
messaging 141<br />
services 260-262<br />
metadata reposi<strong>to</strong>ry 58, 266<br />
Microsoft.NET 240, 274, 339<br />
Microsoft BizTalk Server Suite 274-277<br />
Microsoft Message Queue (MSMQ)<br />
228, 240<br />
mobile<br />
agents 388<br />
solutions 361<br />
MOM see Message Oriented Middleware<br />
Mortgage Industry Standards Maintenance<br />
Organization (MISMO) 183<br />
MQSeries 226, 251<br />
MRP see Material Requirement Planning<br />
MTS 243<br />
multi-agent environment 390-392<br />
multi-database server 60-65<br />
Napster 471<br />
negotiating agents 389<br />
Netfish XDI System 185, 313<br />
Next Generation Enterprises (NGEs)<br />
24, 439<br />
non-repudiation 35, 292, 338<br />
OASIS 150, 188, 204<br />
OBI 140<br />
Object Management Group — OMG 233<br />
ODBMS 165<br />
OMA — CORBA 3 233
546 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Open Applications Group (OAG) 183<br />
open process-based (public process)<br />
integration 90<br />
Open Software Foundation 87<br />
Open Travel Alliance (OTA) 183<br />
Oracle Transparent Gateway 63-64<br />
order<br />
fulfillment 141, 448<br />
management 15, 19, 89, 429, 456<br />
management cluster 191<br />
Organization for the Advancement<br />
of Structured Information<br />
Standards see OASIS<br />
OSF see Open Software Foundation<br />
out-of-process server 242<br />
Over-The-Counter (OTC) derivatives 200<br />
P2P 470-485<br />
peer discovery 472<br />
peer communication 472<br />
P2P applications<br />
NextPage — NXT 3 477<br />
FirstPeer — Professional Servant 478<br />
Groove networks — Groove 1.0 478<br />
Gnutella 478, 484<br />
Applied MetaComputing —<br />
Legion 478<br />
P2P case study — Datasynapse 480<br />
P2P marketplaces 481-482<br />
P2P pro<strong>to</strong>cols<br />
Jabber 473<br />
JXTA 474-477<br />
packet filters 305<br />
partner and enterprise management 141<br />
Partner Interface Processes 150, 190-195<br />
PDAs 175, 364, 371<br />
peer<br />
discovery pro<strong>to</strong>col 476<br />
endpoint pro<strong>to</strong>col 476<br />
group 471<br />
information pro<strong>to</strong>col 476<br />
membership pro<strong>to</strong>col 476<br />
resolver pro<strong>to</strong>col 476<br />
peer-<strong>to</strong>-peer computing see P2P<br />
peering portal 482<br />
Personal Digital Assistants see PDAs<br />
personalization 114, 269<br />
PIP clusters and segments 191<br />
pipe binding pro<strong>to</strong>col 476<br />
PIPs see Partner Interface Processes<br />
point-<strong>to</strong>-point 223<br />
portal oriented integration 25, 48, 68-74<br />
Portal Server Framework see Portal<br />
Server Platform<br />
Portal Server Platform 70-74<br />
collaboration 73<br />
connection layer 74<br />
personalization 73<br />
presentation layer 71<br />
services layer 71-72<br />
subscription and notification 73<br />
portals<br />
horizontal 69<br />
vertical 69, see <strong>B2B</strong>, exchanges<br />
wireless 365<br />
process<br />
administration <strong>to</strong>ol 140<br />
execution engine 139<br />
modeling <strong>to</strong>ol 139<br />
reporting <strong>to</strong>ol 140<br />
Process Paks 144<br />
procurement 15, 132, 141, 192, 442<br />
product collaboration 457<br />
pro<strong>to</strong>col tunneling 309<br />
proxies 305, 307<br />
publish/subscribe 222<br />
PunchOut 203<br />
purchase order 203<br />
purchasing 442<br />
quality assurance 130<br />
reactive agents 388<br />
real-time information 33<br />
refacing see user interface integration<br />
Remote Access Server (RAS) 308
Remote Procedure Calls 74, 82-88, 339<br />
Resource Description Framework<br />
case study 173<br />
Return on Investment 20-23, 273<br />
RosettaNet 179, 198<br />
RFC 110<br />
RFP/RFQ bidding 446, 456<br />
RMI 242<br />
ROI 102, 285, see Return On Investment<br />
RosettaNet 29, 140, 144, 148, 150, 183,<br />
188-200, 329<br />
HP Supply Chain Case Study 199<br />
ROI 198<br />
RosettaNet clusters 190<br />
RosettaNet Dictionary (ITTD) 196<br />
RosettaNet implementation framework<br />
195<br />
Routers 305<br />
RPCs see remote procedure calls<br />
Sales Force Au<strong>to</strong>mation (SFA) 364<br />
scalability<br />
integration brokers 270<br />
scheduler 58<br />
SciQuest<br />
EAI case study 122<br />
SCM see Supply Chain Management<br />
Secure Sockets Layer (SSL) 158, 301,<br />
338<br />
handshake sequence 302<br />
security 20, 30-31, 38<br />
<strong>B2B</strong>i 288-322, 311-314<br />
integration brokers 270<br />
P2P 484<br />
Portal Server Platform 74<br />
strategy 291<br />
trends 317<br />
Web services 337<br />
wireless 356-361<br />
Security Services Markup Language<br />
(S2ML) 315<br />
SeeBeyond eBusiness <strong>Integration</strong> Suite<br />
278<br />
Index 547<br />
Service Oriented Architecture (SOA)<br />
326-328<br />
service<br />
broker 326<br />
provider 326<br />
requester 326<br />
session beans 248-249<br />
SGML 160-161, 354<br />
Short Messaging Service (SMS) 364<br />
Single Sign-on 312<br />
small and medium enterprises 153<br />
SOAP 121, 123, 148, 205, 251, 331, 336<br />
software agents 32, 385-408<br />
<strong>B2B</strong> 396<br />
au<strong>to</strong>nomy 390<br />
characteristics 386<br />
information gathering 397<br />
mobile 394-395<br />
negotiation 392-393<br />
privacy 403<br />
types 387-389<br />
Standard Generalized Markup Language<br />
see SGML<br />
s<strong>to</strong>re and forward<br />
architecture 50<br />
messaging 352<br />
supply chain 441<br />
au<strong>to</strong>mation 21<br />
<strong>B2B</strong>i-enabled 419, 422<br />
collaboration 419, 422-423, 436,<br />
448, 453, 466<br />
downstream activities 417<br />
example 413-414<br />
execution (SCE) 425-426<br />
integration 432<br />
internal activities 416<br />
legacy 417-419<br />
operational stability 430<br />
planning (SCP) 424, 426, 436, 466<br />
pull-based network 421-422<br />
push-based network 417, 422<br />
synchronization 430, 432<br />
upstream activities 415
548 <strong>B2B</strong> <strong>Integration</strong> — A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong> <strong>Collaborative</strong> E-<strong>commerce</strong><br />
Supply Chain Management 15, 19, 41,<br />
99, 115, 412-439, 458<br />
principles 420<br />
short lifecycle products 431<br />
Supplier Relationship Management<br />
(SRM) 467<br />
symmetrical encryption see encryption,<br />
private key<br />
system heterogeneity 38<br />
TIBCO ActiveEnterprise 116-118<br />
TIBCO TIB/BusinessConnect 313<br />
tModels 332, 335<br />
trading partner management 269<br />
transaction<br />
costs 33<br />
integrity 38, 63<br />
extended model 131<br />
longlasting <strong>B2B</strong> 131<br />
open nested model 131<br />
transaction<br />
oriented middleware 30, 215<br />
processing reference model 217<br />
Transaction Processing (TP) moni<strong>to</strong>rs<br />
104, 216-219, 250<br />
transactional integrity<br />
integration brokers 270<br />
transportation management 449<br />
trusted third party entities 316<br />
TSMC<br />
BPM Case Study 145-147<br />
two-phase-commit pro<strong>to</strong>col 63, 131<br />
UDDI 121, 123, 251, 327, 330-334,<br />
336, 341<br />
inquiry API 333<br />
publishers' API 333<br />
UN/CEFACT 204<br />
unified workflows 43<br />
Uniform Resource Identifier 167<br />
Universal Data Access (UDA) 240<br />
Universal Data Access server see multidatabase<br />
server<br />
URI see Uniform Resource Identifier<br />
user interface<br />
agents 388<br />
integration 102<br />
Value Added Network see VAN<br />
value chain 43<br />
role of software agents 398<br />
VAN 155, 183<br />
Vendor Managed Inven<strong>to</strong>ry (VMI) 433<br />
Virtual Private Network see VPN<br />
Vitria BusinessWare 143<br />
Voice Extensible Markup Language<br />
(VoXML) 380<br />
vortal see portals, vertical<br />
VPN 304, 308-310<br />
WAP gateway 362<br />
WAP Server 362<br />
Web services 29, 121, 268, 327-341,<br />
471<br />
framework 336<br />
networks 340<br />
Web Services<br />
Flow Language (WSFL) 335<br />
Description Language see WSDL<br />
WebDAV 149, 277, see Distributed<br />
Authoring and Versioning Pro<strong>to</strong>col<br />
webmethods<br />
Juniper Networks case study<br />
280-283<br />
<strong>B2B</strong> Platform 279-283<br />
security 313<br />
Windows DNA 233, 239-244<br />
wireless 31-32<br />
workflow 133<br />
manager 266<br />
WSDL 251, 327, 333, 336<br />
schema 334<br />
wireless application architecture 350-353<br />
Wireless Application Pro<strong>to</strong>col (WAP)<br />
348, 353
wireless applications 363-369, 377<br />
push/pull 379<br />
testing 382<br />
user-level design 381<br />
wireless LANs 379<br />
wireless Internet 347-348, see<br />
e-<strong>commerce</strong>, mobile<br />
benefits 349-350<br />
Wireless Markup Language see WML<br />
wireless network middleware 351<br />
wireless security 371<br />
first generation systems 357<br />
second generation systems 357<br />
third generation systems 358<br />
WAP 358-361<br />
Wireless Transport layer Security<br />
(WTLS) 359<br />
WML 353-354<br />
WMLScript 355<br />
X.509 standard 300<br />
X/Open XA model 217<br />
X12 179<br />
Index 549<br />
xCBL 179, 183<br />
XLANG 149, 275<br />
XML 27, 158-186, 251, 331<br />
and software agents 405<br />
databases 65-66<br />
DTDs 66<br />
elements and attributes 168<br />
entities 170<br />
message oriented ERP integration 110<br />
namespaces 167<br />
Path Language see XPath<br />
schemas 66, 173, 330-331<br />
security 314<br />
SOAP 121<br />
standards 29, 461<br />
XMLT 123<br />
XPath 149, 176<br />
Xpointer 176<br />
XSD 334<br />
XSL 181<br />
transformations 176<br />
processor 175
This comprehensive guide reveals the bey<br />
elements of successful <strong>B2B</strong> integration and<br />
collaborative e-<strong>commerce</strong>, by<br />
highlighting business needs,<br />
technologies, and development<br />
strategies. It equips companies i J<br />
with practical guidelines for<br />
quickly implementing an<br />
effective <strong>B2B</strong>i strategy, and<br />
prepares them for the next wave<br />
of <strong>B2B</strong> integration and collaborative<br />
e-<strong>commerce</strong>. It clarifies the intricate<br />
dependencies among all the components of<br />
<strong>B2B</strong>i, including integration patterns, enterprise<br />
application integration (EAI), business process<br />
management (BPM), Internet security, XML,<br />
Web services, middleware technologies, and<br />
integration brokers. Included are future<br />
technologies that will have a significant impact<br />
on <strong>B2B</strong>i architectures, such as intelligent<br />
software agents, wireless technologies, and<br />
peer-<strong>to</strong>-peer computing. This reference<br />
provides a suitable framework for the design,<br />
development, and implementation of <strong>B2B</strong><br />
integration, along with several case studies.<br />
Imperial College Press<br />
www.icpress.co.uk<br />
&5km><br />
m><br />
A <strong>Practical</strong> <strong>Guide</strong> <strong>to</strong><br />
ollaborative E-<strong>commerce</strong><br />
About the Author<br />
Gunjan Samtani is Divisional Vice<br />
President, Information Technology<br />
at UBS PaineWebber, one<br />
of the world's leading financial<br />
services firms. He has several<br />
years of experience in the management,<br />
design, architecture and<br />
implementation of large-scale<br />
enterprise and business-<strong>to</strong>business<br />
application integration<br />
projects. He possesses multiple<br />
MS degrees in Computer Science,<br />
Management Information Systems<br />
and Computational Finance.<br />
P263 he<br />
"781860"943232"