opening up clearpath forward - unisys · mulesoft, boomi, wso2 … cloud services ….. with...
Post on 22-May-2020
6 Views
Preview:
TRANSCRIPT
Opening Up ClearPath ForwardEnabling Secure Omni-channel Integration
Alan Hood, Unisys Enterprise Services and Technology, Global Major Accounts 11 September, 2019
2© 2019 Unisys Corporation. All rights reserved. |
Motor Vehicle Registration System
Case Study
Typical Data Held in a Vehicle
Registration System
• VIN
• Make, Model, Type, other
details
• Current Registration / License ⁃ Status⁃ Fees⁃ Due Date
• Owner / Co-owner(s)⁃ Addresses
• History of Owners
• History of Transfers⁃ Date, Owners, Value, Mileage
• Warrants / Judgements
• Government Inspection Status⁃ History
• Much more…
Historically this data has been
available to selected users only
• Call Center
• Clerical
• Law
Enforcement
We could just make it
available to everyone on the
Internet
We have the technology
Would that be a problem?
3© 2019 Unisys Corporation. All rights reserved. |
Motor Vehicle Registration System – Results of one transaction
Case Study
What I wanted to know
• Is the car currently licensed /
registered, and to whom?
• If not, when was it licensed
most recently?
• Is the car still in this country?
What the system told me
• No current registration
• The date of the last registration
• The history of ownership
⁃ Name and address of every owner since the car was first registered
⁃ Mileage at the time of transfer
⁃ Some inspection history
• No record of shipment
Why is that a problem?
• More information than I
requested
• Personal Identification data
in the message that I should
not have been able to view
• No significant check that I
had a valid need for this
information
Using only the vehicle registration number, from the license plate, I was able to learn a tremendous
amount about this vehicle and current/previous owners.
• Some of this data is valid and useful – to the owner, to government agencies, to law enforcement
• But imagine how a ‘bad actor’ could misuse the data
4© 2019 Unisys Corporation. All rights reserved. |
The rules have changed • Access to data must be more
tightly controlled than in the past
⁃ Especially personal or proprietary data
• You need to understand
⁃ Who is using it
⁃ How they are using it
⁃ If they have a business need for all of it
• And yet …
⁃ Providing your end users with current, swift access to critical systems and data is even more important
• When they want it
• Where they want it
• In the form they want it
Enterprise Application Architectures
6© 2019 Unisys Corporation. All rights reserved. |
“Green Screen”GUI ClientWebForms
ClearPath Forward®
Environment
Systems of Record
End-user Interfaces
ClearPath Forward
Systems of Record
Point to Point Integration with simple GUI and Browser Clients
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Point to Point Connections
• Typically use Sessions
• Proprietary Protocols
Other Systems of Record
7© 2019 Unisys Corporation. All rights reserved. |
Transactional
Client Interfaces(e.g. Java EE,
Client Tools,
ePortal)
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Improve User Experience through automation and “smart” clients
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Client Integration Technologies
• Standards / Web Based
• Stateful or Stateless
• Introduce “Smart” Clients
Other Systems of Record
8© 2019 Unisys Corporation. All rights reserved. |
ClearPath Modernization Examples
• Replace character based emulators with updated browser based transactions
• Provide browser based mobile interfaces and native mobile apps
Requiring little/no change to core application logic
• GUI Controls enhance User Experience and efficiency⁃ Buttons, Lists, Images…
replace hard to remember characters code fields
9© 2019 Unisys Corporation. All rights reserved. |
Transactional
Client Interfaces(e.g. Java EE,
Client Tools,
ePortal)
----
Export Service APIs
(e.g. WS, MS, MQ)
----
Orchestration• Consolidate
Transactions
• Include other
services
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Increase flexibility of client devices and applications by exposing transactions as Services
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Expose Service APIs
• Stateful Transactions become
Stateless Services
• Orchestration allows rapid
development without changes to
existing transactions
• Enables inclusion of other external
services
Other Systems of Record
Client ExampleMobile Fleet Management for
US Federal Agency
11© 2019 Unisys Corporation. All rights reserved. |
Business Functions and Benefits of New Mobile App
• Mobile app for GSA Fleet drivers
• Easy access to the vehicle information when the
drivers are on the move
⁃ Preventive Maintenance and Repair recall
• Provide functionalities like driving directions,
location specific information, call dialing facilities ,
push notification and other device functionalities.
• Access to the following information from a mobile
device:
• Maintenance and Repair
• Fleet Service Representatives (FSRs)
• Roadside Assistance
• Accident Reporting
• One single source of information
• Instant access to drivers when they are mobile
• Lesser burden for FSRs
• Cost savings as drivers have better access to
vendor information for repair and maintenance
• Timely preventive maintenance and vehicle recall
information pushed to the drivers
• Real-time access of latest data using Fleet
Management System (FMS) database on Unisys
ClearPath Forward
12© 2019 Unisys Corporation. All rights reserved. |
Functional Modules
Unisys
ClearPath Forward
Platform
iOS and Android
Restful Web Services
(JSON)
Modules Description
User RegistrationUser registration for GSA Fleet Drivers to use the
mobile app.
User ProfileMaintain user information including the preferred
vehicle list
Maintenance &
Repair
Provide maintenance and repair vendor information
based on the current GPS location
Roadside
Assistance
Roadside Assistance information based on vehicle
warranty and mileage.
FSR/FMC Provide details about FSR/FMC for that vehicle
Vehicle
Reminders
Helps with times preventive maintenance and
vehicle recall.
Accident
ReportingReal-time accident reporting feature (Phase II).
Miscellaneous WEX app link, Contact, FAQs etc.
13© 2019 Unisys Corporation. All rights reserved. |
Transactional
Client Interfaces(e.g. Java EE,
Client Tools,
ePortal)
----
Export Service APIs
(e.g. WS, MS, MQ)
----
Orchestration• Consolidate
Transactions
• Include other
services
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Introducing an Integration Layer / Enterprise Service Bus continues to improve flexibility
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Other Systems of Record
Enterprise
Integration
ESB / EiPaas
Mulesoft,
Boomi,
WSO2
…
Cloud Services…..
14© 2019 Unisys Corporation. All rights reserved. |
Transactional
Client Interfaces(e.g. Java EE,
Client Tools,
ePortal)
----
Export Service APIs
(e.g. WS, MS, MQ)
----
Orchestration• Consolidate
Transactions
• Include other
services
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Introducing an Integration Layer / Enterprise Service Bus continues to improve flexibility
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Other Systems of Record
Enterprise
Integration
ESB / EiPaas
Mulesoft,
Boomi,
WSO2
…
Cloud Services…..
With orchestration and the ability to treat transactions as services you can simplify the interfaces to external
clients and applications.
Hide data that is not required by the user.
Combine multiple stateful transactions into one stateless client exchange.
Hosting APIs using an Enterprise Service Bus makes them easy to distribute, access, and maintain.
Effectively converting your System of Record online transactions into Microservices.
15© 2019 Unisys Corporation. All rights reserved. |
ClearPath ePortal Orchestration
• Allows you to consolidate several
Ispecs or transactions into a single
user web page, mobile page or web
service invocation
• Orchestration potentially executes
multiple transactions on behalf of a
client request
• Visual environment for orchestrating
interactions
• Events, Loops, Conditionals…
Get Ispec1
Data
Get Ispec2
Data
Start
End
Get Ispec
Data
Start
End
More?
Save
Data
Build
Reply
Benefits of OrchestrationClient Example
17© 2019 Unisys Corporation. All rights reserved. |
Client Example – Processing a Business Loan
Benefits of Orchestration
• An applicant requesting a business loan
must come into a local office
• Loan officer collects relevant details from
the applicant, while working through the
application process
⁃ 10 to 12 individual transactions
Before
• Applicant enters required details into a
custom-built, secure, Web page
⁃ All data that might be required from the member is included in that one entry form
• ePortal orchestration is used to process
the request using the original transactions
After
• Provisional approval
received after about
one hour or more
⁃ Excluding travel time
⁃ And delays and extra trips for missing data
• Provisional approval
received in minutes
⁃ No travel time
⁃ Additional data can be included in the decision process (e.g. calling external Credit Rating Service
18© 2019 Unisys Corporation. All rights reserved. |
ePortal
IIS
Service(SOAP,
REST)
OrchestrationWeb
AB Suite / EAE
Connector
Mobile(iOS,
Android,)
ClearPath MCP
ClearPath OS 2200
AB Suite Windows
Orchestration enables you to combine different ClearPath resources into a single application
or transaction
Terminal
Connector
COBOL
Connector
ClearPath ePortal Runtime Architecture
Other
External
Resources
ClearPath ePortal Platform
Systems of RecordSystems of Engagement
19© 2019 Unisys Corporation. All rights reserved. |
ClearPath Forward ePortal Benefits
Extensive automation for superior business agility
• No user written code required for a complete solution
• Automated staging and deployment including OS loading and performance optimization
• Web based monitoring with automated alerts and remote monitoring options
Accelerated time-to-market
• Completely eliminates the need for evaluating and sourcing integration technologies
• Applications do not need to be taken down for updates
• Mobile, Web, and Web Services options can be generated from one project giving high reuse
No new skills required
• Application specific design tailored for the ClearPath architecture
• Web-based manager means no new operations skills are required
• Point-and-click developer generates a complete solution ready to deploy
Increased ROI
• Reduced testing time and enhanced staff productivity
• Improved competitive posture
• Reduced costs compared with traditional middleware integration approaches
20© 2019 Unisys Corporation. All rights reserved. |
Beginning with… In ePortal we could…
Example – Add Order Fulfillment to Online Sales System
• AB Suite Order Entry Application
• Transactions include
⁃ MENU – sign on form
⁃ PROD – product details
⁃ CUST – customer details
⁃ SALE – sale of product to customer
⁃ SINQ – stock inquiry (recent history)
• Challenge: Define one REST service for
Order Fulfillment
• Create ePortal Data Source project
• Create ePortal RESTful Web Service
project
• Define a new “transaction” – Delivery
⁃ Inputs include: Customer Number, Product Number, and Quantity Purchased
⁃ Outputs include: Status, Product Name, Customer Name, Delivery Address
• Develop and Test the new transaction using
REST Test Client in ePortal Developer
21© 2019 Unisys Corporation. All rights reserved. |
_connect
Start
End
STOCKBAL
< QUANTITY?
Build
Reply
SelectIspec (PROD)
PROD(PRODNUMBER, INQ)
(STOCKBAL, PRODNAME)
ERROR:
Insufficient Stock
SelectIspec (CUST)
CUST(CUSTNUMBER, INQ)
(CUSTNAME, ADDRESS)
_disconnect
Input: Product Code,
Customer Number
Quantity
Output: STATUS,
PRODNAME,
CUSTNAME,
ADDRESS
New Order_Fulfillment Service
Example Orchestration Flow
• A new Order_Fulfillment service message
type is defined in ePortal
• Uses existing transactions and security to
access ClearPath Forward application
• Orchestration filters out sensitive and
unnecessary data from the client
• Order_Fulfillment client can be deployed
as a REST or SOAP service, used in a
Web page or Mobile app
• Used by shipping and warehouse
functions, delivery drivers, order tracking
• Can be combined with other services
Order_Fulfillment
Server Message
22© 2019 Unisys Corporation. All rights reserved. |
Enterprise
Integration
ESB / EiPaas
Transactional
Client Interfaces
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Outbound APIs enable Systems of Record to call other Services
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Other Systems of Record
Mulesoft,
Boomi,
WSO2
…
Cloud Services…..
Outbound APIs----
(BI, AIS, ePortal)
----
23© 2019 Unisys Corporation. All rights reserved. |
ClearPath Application Integration Services (AIS)Windows .NET and Java calling in to ClearPath MCP and OS 2200
Windows ClearPath MCP / OS 2200
Programs,
Libraries, Batch
Jobs
COBOL, C,
ALGOL,
NEWP
Transaction
Server
(COMS, TIP)
Transactions
.NET Runtime
Application
Application
Application
Integration
ServicesJava Virtual
Machine
Application
Application
Application
Integration
Services
Files
24© 2019 Unisys Corporation. All rights reserved. |
New feature in AIS 4.1 – Call Out Services
Request Calls
Windows .NET Framework
Response ResponseWeb ServicesClearPath
Call Out Services
• Enables ClearPath applications to reach web services using a .NET bridge
• Provides outbound web access and other .NET capabilities
• Allows existing COBOL, EAE, AB Suite applications to be extended with newer capabilities
25© 2019 Unisys Corporation. All rights reserved. |
Systems of
Reference
Enterprise
Integration
ESB / EiPaas
Transactional
Client Interfaces
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Enable Data Analytics, Data Warehouse, Speed Layer, though Secure ETL Data Extract
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Other Systems of Record
Mulesoft,
Boomi,
WSO2
…
Cloud Services…..
Outbound APIs----
(BI, AIS, ePortal)
----
Data Analytics
Data
Warehouse
Speed Layer
ETL Data
Replication
26© 2019 Unisys Corporation. All rights reserved. |
Secure data transfers - Changed Data Transformation
Windows Partition
Administrative Service
MCP Partition
Windows Partition
Windows Partition
Runtime Service
OS 2200 Partition
OS 2200
Agent
Windows Partition
DE Agent
for SQL
Server
MCP Partition
MCP
Agent
Administration Site
Windows / Linux Partition
DEMS
OracleSQL Server DMSII
27© 2019 Unisys Corporation. All rights reserved. |
Data Exchange with
OS 2200 or MCP
DMS II
MCP
DMS II
SVG
SVG
Data Exchange
Runtime
Environment
Data
Exchange
Management
RDMS
Stealth Agent
SVG Stealth Virtual Gateway• Cloak Endpoints to reduce attack surface
• Encrypt Data In Motion
28© 2019 Unisys Corporation. All rights reserved. |
Systems of
Reference
Enterprise
Integration
ESB / EiPaas
Transactional
Client Interfaces
Mobile PhonePOS
Self CheckoutSmart Clients
…..
Systems of Record
Systems of Engagement
(OmnichannelEndpoints)ClearPath Forward
Systems of Record
Enable Data Analytics, Data Warehouse, Speed Layer, though Secure ETL Data Extract
Evolving Enterprise Architectures
Database(s)
Applications
Online and
Batch
Other Systems of Record
Mulesoft,
Boomi,
WSO2
…
Cloud Services…..
Outbound APIs----
(BI, AIS, ePortal)
----
Data Analytics
Data
Warehouse
Speed Layer
ETL Data
Replication
Unisys technologies that enable this type of deep integration include:
• AB Suite Client Tools, Application Integration Services (AIS), ClearPath ePortal, Data Exchange, Java
Resource Adapters, and X/Open DTP
29© 2019 Unisys Corporation. All rights reserved. |
Enterprise Output Manager (EOM)
Enterprise Output Manager
File
Custom
Web Archive
DDA LibraryXSL Library
HTTP / FTP
Application Barcode/
QR code
Charts and
Graphics
Data File
XML
Don’t forget about managing your output – it doesn’t have to all be
printed on paper:
• You can define custom output, producing forms, including
images, graphs, barcodes and QR codes, secure Web and FTP,
email (Input as well as Output), and more… and print too!
Putting it all togetherRecent Client Example
31© 2019 Unisys Corporation. All rights reserved. |
Client ExampleClearPath MCP
AB Suite
Runtime
ClearPath
ePortalPrint
Tax
Receipt
EOM
DMS II
Data
Exchange
Azure Data LakeSQL Server
AB Suite Application Running on ClearPath MCP
Web/Mobile UX via ClearPath ePortal
Remote printing of tax receipts and other docs (including images and QR codes) via EOM
Near Real Time Data extracted to Cloud Data Lake to Produce Dashboard of products and sales
System of Record Systems of EngagementSystems of Engagement
Recommendations
33© 2019 Unisys Corporation. All rights reserved. |
• Keep critical data in the secure ClearPath
Forward system (System of Record)
• Share only the data that needs to be
shared through transformations
• Support for Systems of Engagement and
Big Data Analytics without changing the
System of Record
Best Practices
34© 2019 Unisys Corporation. All rights reserved. |
Consider these important factors
• Ease of Use / Ease of Change
⁃ The interface you prefer may be harder to implement or modify, or harder for your partners to implement
• Security
⁃ Really should be the first consideration
⁃ You don’t want to use any interface, no matter how fast and easy to use, if it opens your system up to malicious or accidental cyber attacks
• Performance and SLAs
⁃ Is the interface you are considering fast enough to support the transaction/batch throughput your business requires?
⁃ If it involves external servers, Web Services, or third party interactions, be sure it can handle a ‘server not responding’ condition – you may need to add logic to do that
• Adherence to Standards
⁃ Do you have internal standards, or standards that have been mandated externally?
• Sometimes the interface technology that seems best for you isn’t possible because your external partners can’t or won’t support it
35© 2019 Unisys Corporation. All rights reserved. |
A partial list of good practices
Many ways to improve security in ClearPath Forward applications
• Starts with good security practices on ClearPath Forward
⁃ User codes, Charge codes, Password ageing, File access…
⁃ Eliminate cross over between applications using Application Groups
⁃ Establish good procedures for secure backups and security updates
• Local Network security
⁃ Limit access to known ports and access points
• Further restrict access to key applications by View, App Group or COMS PI
⁃ Encrypt or hide data in motion with SSL/TLS, Stealth
• Including logs and traces
⁃ Single Sign on, Kerberos, Multifactor identification
⁃ Hide endpoints from users outside of Community of Interest using micro segmentation with Stealth
• File and Database security
⁃ Control access via users and work groups, Read/Write access keys…
⁃ Mask or encrypt data at rest
• Always consider security and protection of sensitive data and IP in
your application development activities (DevSecOps procedures)
• Mask, hide, or encrypt data fields in transactions that are not critical
to the user’s task
• Use orchestration to filter out transaction details that may be
required by the application but are not needed by the user
• Transactions exposed to Systems of Engagement never access
ClearPath Forward directly
⁃ May be possible to eliminate all direct external access to ClearPath
• Application level security
⁃ Limit functions by user role
⁃ Implement record or field level encryption on data in motion and data at rest
• ETL Data extract
⁃ With Transform, filter out data that should not be shared
• You can have multiple Transforms for different business needs
• Not necessary to expose all of the ClearPath Forward data
• Control Updates to System of Record data
⁃ Allow queries through Systems of Reference, but always go to transactions (e.g. exposed by Microservices) to be sure business rules are followed for all updates
36© 2019 Unisys Corporation. All rights reserved. |
ClearPath Forward Application Modernization and Integration
• Your ClearPath / AB Suite application is likely the core of your business. It provides your System of
Record.
• In today’s hybrid world, few applications stand entirely alone. It is easy to integrate with other
applications and data.
• Whether it is incorporating 3rd party content into your application, integrating with other applications
and data, providing new GUI, Web and Mobile client interfaces, or even more, you have a lot of
options
• Existing transactions can easily be exposed as Web Services or Microservices using REST and
SOAP APIs – Use orchestration to limit data and services to only what is required by the user
• Minimal change to your business critical, core applications and data – less impact to the business,
lower cost, lower risk, faster time to market
• Consider ease of use, ease of change, adherence to standards, performance and SLAs, and of
course always consider Security
37© 2019 Unisys Corporation. All rights reserved. |
It isn’t necessary to lock your ClearPath Systems in a vault.
You can maintain the integrity and security of your ClearPath Systems of Records, and
still make the information available to users, according to their business needs:
When they want it. Where they want it. And in form in which they want it.
Thank You
top related