cloud computing specialist certification kit

SaaS and Web Applications Specialist Level Complete

Certification Kit:

Software as a Service Study Guide Book and Online Course

Notice of Rights: Copyright © The Art Of Service. All rights reserved. No part of

this book may be reproduced or transmitted in any form by any means,

electronic, mechanical, photocopying, recording, or otherwise, without the prior

written permission of the publisher.

Notice of Liability: The information in this book is distributed on an “As Is” basis

without warranty. While every precaution has been taken in the preparation of the

book, neither the author nor the publisher shall have any liability to any person or

entity with respect to any loss or damage caused or alleged to be caused directly

or indirectly by the instructions contained in this book or by the products

described in it.

Trademarks: Many of the designations used by manufacturers and sellers to

distinguish their products are claimed as trademarks. Where those designations

appear in this book, and the publisher was aware of a trademark claim, the

designations appear as requested by the owner of the trademark. All other

product names and services identified throughout this book are used in editorial

fashion only and for the benefit of such companies with no intention of

infringement of the trademark. No such use, or the use of any trade name, is

intended to convey endorsement or other affiliation with this book. ITIL® is a

Registered Community Trade Mark of OGC (Office of Government Commerce,

London, UK), and is Registered in the U.S. Patent and Trademark Office.

Write a Review and Receive a Bonus Emereo

eBook of Your Choice

Up to $99 RRP – Absolutely Free

If you recently bought this book we would love to hear from you – submit

a review of this title and you’ll receive an additional free ebook of your

choice from our catalog at http://www.emereo.org.

How Does it Work?

Submit your review of this title via the online store where you purchased

it. For example, to post a review on Amazon, just log in to your account

and click on the ‘Create Your Own Review’ button (under ‘Customer

Reviews’) on the relevant product page (you’ll find plenty of example

product reviews on Amazon). If you purchased from a different online

store, simply follow their procedures.

What Happens When I Submit my Review?

Once you have submitted your review, send us an email via

[email protected], and include a link to your review and a link to the

free eBook you’d like as our thank-you (from http://www.emereo.org –

choose any book you like from the catalog, up to $99 RRP). You will then

receive a reply email back from us, complete with your bonus ebook

download link. It's that simple!

http://www.emereo.org/�

mailto:[email protected]�

http://www.emereo.org/�

Foreword

As an education and training organization within the IT Service

Management (ITSM) industry, we have watched with enthusiasm as

cloud computing, Software as a Service (SaaS) and Web Applications

have evolved over the years. The opportunities provided through SaaS

and Web Applications have allowed for significant growth within an

industry that continues to mature and develop at a rapid pace.

Our primary goal is to provide the quality education and support

materials needed to enable the understanding and application of SaaS

and Web Applications within a wide range of contexts.

This comprehensive book is designed to complement the in-depth

eLearn SaaS and Web Applications Specialist program provided by The

Art of Service. The interactive eLearn course uses a combination of

narrated PowerPoint presentations with flat text supplements and

multiple choice assessments which will ultimately prepare you for the

SaaS and Web Applications Specialist Level certification exam.

We hope you find this book to be a useful tool in your educational library

and wish you well in your IT Service Management career!

The Art of Service

http://www.theartofservice.com/

http://www.theartofservice.com/�

SaaS and Web Applications Specialist Level Complete Certification Kit - Study Guide 3

How does the Certification Kit work?

Welcome to the Software as a Service and Web Applications Specialist Level Complete

Certification Kit. This book is part of the series of books around Cloud Computing and

managing the services that are involved in, or utilize, Cloud Computing.

The certification kits are in line with the Cloud Computing Certification Scheme.

After you‟ve read this book, studied the eLearning materials and successfully passed

your exam, you can continue with your qualifications through the specialist programs

and work toward your Cloud Computing Executive Level Certification.

In addition to the certification kits, The Art of Service has also developed a series of

books on the subject of Cloud Computing. All books are available as e-book, PDF

download, audio book and paperback.


eLearn Component

This certification kit comes with FREE access to the eLearning program. The following

page explains how to access the program materials online.

The Software as a Service and Web Applications Specialist Level Exam

Chapter 8 of this book provides more detail about the certification exam and what the

requirements are to pass.

How to access the associated Software as a Service and Web Applications

Special Level eLearning Program:

1. Direct your browser to: www.theartofservice.org

2. Click „login‟ (found at the top right of the page)

3. Click „Create New Account‟. If you already have an existing account, please

move on to step 5.

4. Follow the instructions to create a new account. You will need a valid email

address to confirm your account creation. If you do not receive the confirmation

email check that it has not been automatically moved to a Junk Mail or Spam

folder.

5. Once your account has been confirmed, email your User-ID for your new

account to [email protected].

6. We will add your account to the Software as a Service and Web Applications

eLearning Program and let you know how to access the program from then on.


Minimum system requirements for accessing the eLearning Program:

Processor Pentium III (600 MHz) or higher

RAM 128MB (256MB recommended)

OS Windows 98, NT, 2000, ME, XP, 2003, Mac OSX

Browser Internet Explorer 5.x or higher (Cookies and JavaScript Enabled),

Safari

Plug-Ins Macromedia Flash Player 8

Other 16-bit sound card, mouse, speakers or headphones

Display

Settings

1024x768 pixels

Internet

Connection

Due to multimedia content of the site, a minimum connection speed of

256kbs is recommended. If you are behind a firewall and face

problems accessing the course or the learning portal, please contact

your network administrator for help.

If you are experiencing difficulties with the Flash Presentations within the

eLearning Programs please make sure that:

1) You have the latest version of Flash Player installed, by visiting www.adobe.com and

following the links.

2) You check that your security settings in your web browser don't prevent these flash

modules playing. There is support for these issues on the Adobe webpage.


Contents

1 INTRODUCTION 14

1.1 WHAT IS SAAS? 14

1.2 THE HISTORY OF SAAS 17

1.3 GOALS AND OBJECTIVES OF SAAS 19

2 COMMON TERMINOLOGY 21

3 WHAT SAAS IS AND WHAT IT IS NOT 25

3.1 SAAS VS. SOFTWARE + SERVICE 25

3.2 SAAS VS. ASP 27

4 BENEFITS OF SAAS 30

4.1 SAVING MONEY 30

4.2 SAVING TIME 31

4.3 ALLOWING A BUSINESS TO USE THEIR BUDGET MORE EFFECTIVELY 31

4.4 GIVING BUSINESSES ACCESS TO THE VERY LATEST SOFTWARE VERSIONS 32

5 RELATED FORMS OF CLOUD COMPUTING 34

5.1 CLOUD COMPUTING 34

5.2 VIRTUALIZATION 35

5.3 GRID COMPUTING 35

5.4 UTILITY COMPUTING 35

6 COMPANIES INVOLVED WITH SAAS 36

6.1 ADOBE SYSTEMS 36

6.2 AXENTIS 36

6.3 GOOGLE 37

6.4 MICROSOFT 37

6.5 NETSUITE 38

6.6 SALESFORCE 38


6.7 SUCCESSFACTORS 39

7 TECHNOLOGIES THAT INCORPORATE SAAS 41

7.1 SOFTWARE AS A SERVICE 41

7.2 SAAS HOSTING 42

7.3 SAAS PLATFORM 44

7.4 TENANCY PARTITIONING 45

7.5 MONITORING AND METERING 45

7.6 SCALING 46

7.7 GOOGLE APPS 46

7.8 GMAIL 46

7.8.1 Google Talk 46

7.8.2 Google Calendar 47

7.8.3 Google Docs 47

7.8.4 Google Sites 47

7.9 GOOGLE MAPS 48

7.10 WINDOWS LIVE 49

7.10.1 Windows Live Messenger 49

7.10.2 Windows Live Hotmail 51

7.10.3 Windows Live Calendar 51

7.10.4 Windows Live Spaces 51

7.10.5 Windows Live ID 52

7.11 MICROSOFT OFFICE LIVE SMALL BUSINESS 52

7.11.1 Web site design tool and hosting space 52

7.11.2 Domain name registration and business email creation tools 53

7.11.3 Contact Manager 53

7.11.4 Document Manager 53

7.11.5 Workspaces 53

7.11.6 Project Manager 54

7.11.7 Resources as well as support 54

7.11.8 Store Manager 54

7.11.9 E-Mail Marketing 54

7.11.10 adManager 55

7.12 A BRIEF COMPARISON BETWEEN TECHNOLOGIES 55

7.13 INTRODUCTION REVIEW QUESTIONS 58

8 HOW TO ACCOMPLISH SAAS 59


8.1 MIGRATING FROM A STANDARD SOFTWARE ENVIRONMENT TO A SAAS ONE (BEFORE AND AFTER) 59

8.1.1 Things to do and consider before migration 59

8.1.2 Things to do after migration 61

8.2 A SIMPLE HOW TO GUIDE 62

8.3 TOP 10 THINGS TO DO AND CONSIDER WHEN IMPLEMENTING SAAS 67

8.4 TOP 10 SAAS PITFALLS 71

8.5 SOME OF THE PROBLEMS THAT YOU MAY ENCOUNTER WITH SAAS 76

9 MANAGING A SAAS ENVIRONMENT 79

9.1 SUPPORT ISSUES 79

9.2 HOW TO MEASURE CAPACITY AND PERFORMANCE 81

9.3 CONTRACTS AND AGREEMENTS SUCH AS LICENSING 82

9.4 ORGANIZATIONAL ASPECTS – SUCH AS THE ROLES & RESPONSIBILITIES THAT PEOPLE HAVE IN A SAAS

ENVIRONMENT 83

10 INTRODUCING APPLICATIONS ON THE WEB 86

10.1 STARTED WITH THE INTERNET 87

10.2 HISTORY OF WORLD WIDE WEB 89

10.3 EVOLUTION OF THE WEB APPLICATIONS 91

11 EXPANDING ON WEB 2.0 93

11.1 HARNESS THE COLLECTIVE INTELLIGENCE OF THE COMMUNITY 95

11.2 THE ADVANCEMENT OF BLOGGING 97

11.3 A NEW CENTRAL INTELLIGENCE 98

11.4 OBTAINING DYNAMIC CONTINUOUS IMPROVEMENT

100

11.5 CREATING PROGRAMMING MODELS THAT ARE LIGHTWEIGHT

101

11.6 NO LONGER BOUND TO A SINGLE CUSTOMER

102

11.7 STRIVING FOR A BETTER EXPERIENCE

103

12 DISTINGUISHING WEB APPLICATIONS 105


13 INTRODUCTION WEB APPLICATION FRAMEWORK 107

14 A NEW SUCCESS FOR WEB APPLICATIONS IN AJAX 109

15 A SURVEY OF WEB APPLICATION FRAMEWORKS 111

15.1 ACTIONSCRIPT

111

15.2 ASP.NET

112

15.3 COLDFUSION

113

15.4 COMMON LISP

114

15.5 GROOVY

115

15.6 JAVA

115

15.7 JAVASCRIPT

117

15.8 LUA

117

15.9 PERL

118

15.10 PHP

118

15.11 PYTHON

119

15.12 RUBY

120

15.13 SCHEME

120

15.14 SMALLTALK

120

15.15 CONCLUSION TO WEB APPLICATIONS FRAMEWORKS

121

16 INTRODUCTION TO MARKUP LANGUAGES 123


16.1 SGML/HTML

123

16.2 XML/XHTML

124

16.3 CONCLUSION TO MARKUP LANGUAGES

125

17 BENEFITS FOR WEB APPLICATIONS 126

17.1 PROGRESS REVIEW QUESTIONS

128

18 SERVICE MANAGEMENT PROCESSES 129

18.1 IT FINANCIAL MANAGEMENT

129

18.1.1 IT Financial Management and SaaS 131

18.2 INFORMATION SECURITY MANAGEMENT

132

18.2.1 Information Security Management and SaaS 136

18.3 RELEASE & DEPLOYMENT MANAGEMENT

137

18.3.1 Release and Deployment and SaaS 141

18.3.2 Release Management and Web Applications 141

18.4 KNOWLEDGE MANAGEMENT

142

18.4.1 Knowledge Management and SaaS 146

18.5 INCIDENT MANAGEMENT

146

18.5.1 Incident Management and SaaS 149

18.5.2 Incident Management and Web Applications 149

18.6 CHANGE MANAGEMENT

150

18.6.1 Change Management and SaaS 158


18.6.2 Change Management and Web Applications 159

18.7 CAPACITY MANAGEMENT

159

18.7.1 Capacity Management and SaaS 161

18.7.2 Capacity Management and Web Applications 162

18.8 AVAILABILITY MANAGEMENT

162

18.8.1 Availability Management and SaaS 164

18.8.2 Availability Management and Web Applications 165

19 USING THE WEB TO PROMOTE ITIL 165

19.1 IT SERVICE CONTINUITY MANAGEMENT (ITSCM)

169

19.1.1 IT Service Continuity Management and SaaS 170

20 APPLYING CLOUD COMPUTING TO PROJECT MANAGEMENT 172

20.1 BENEFITING FROM CLOUD COMPUTING

172

20.2 THE EASE OF LINKING (HYPERLINKS)

173

20.3 SUBSCRIBING TO SUCCESS (BLOGGING)

174

20.4 INTERFACING WITH THE PROJECT (MASHUPS)

176

20.5 EVERYONE IS A PROJECT MANAGER (OPEN SOURCE)

177

20.6 TREATING THE PROJECT AS PARTS, NOT THE WHOLE (REUSE)

178

20.7 TESTING THE LIMITS (PORTABILITY)

179

20.8 FINAL REVIEW QUESTIONS

181

21 ANSWERS 182


INTRODUCTION REVIEW QUESTIONS

182

PROGRESS REVIEW QUESTIONS

182

FINAL REVIEW QUESTIONS

182

22 CERTIFICATION 183

22.1 CLOUD COMPUTING CERTIFICATION PATHWAYS

183

ITIL® CERTIFICATION PATHWAYS

185

22.2 ISO/IEC 20000 CERTIFICATION PATHWAYS

186

23 SAAS AND WEB APPLICATIONS SPECIALIST EXAM TIPS 187

24 REFERENCES 188

Also from Emereo Publishing and The Art of Service:

ITIL V3 Foundation Complete Certification Kit:

2009 Edition Study Guide Book and Online Course

2009 Edition ITIL V3 Foundation Certification exam prep guide, including

refreshed study guide, online eLearning program, new examples, instructions,

and cautionary advice.


1 Introduction

1.1 What is Saas?

SaaS (Software as a service) changes the way software applications are stored and

accessed. Traditionally software applications would be installed and reside on the

same host machine, where they would be accessed from. However, SaaS changes this

by hosting software applications on a remote server. These software applications and

services are then accessed by remote users via the Internet.

A simple example of SaaS:

Although most people probably don‟t realize it, SaaS is more commonly used than they

actually think. One of the most common uses of SaaS is for web-based email services.

Popular web-based email service providers include Microsoft, Hotmail, Gmail, Yahoo

Mail and many others.

These web-based email services are a good example of what SaaS basically is. Each

web-based email service provider hosts all of their programs, information and data that

are linked to the services they are providing (in this case web-based email access), in a

remote centralized location.

End-users can then remotely access these web-based email services and data which

relates to them, via the World Wide Web using any normal web browser. To summarize

things, there are a few basic points that are common to all SaaS implementation.

1. Software applications or services are stored remotely.

2. A user can then access these services or software applications from anywhere

in the world, via the Internet.

3. In most cases, a user does not have to install anything onto their host machine,

all they require is a web browser to access these services (although in some

cases, a web browsers may require an additional plug-in or add-on for certain

services).

These simple set of points are common for all SaaS implementations, whether they are

for business and enterprise use or even just for individual use.

Categories of SaaS


Currently, there are two main categories of SaaS; these are business-orientated

services and customer-orientated services.

Business-orientated services

This type of SaaS involves offering software solutions to companies or enterprises. The

software is either sold in a traditional commerce way or it is made available to

companies on a subscription basis. A number of applications and software services fall

under this first category. However, in most cases they relate to business processes

such as product management services or customer relations applications.

Customer-orientated services

Customer orientated SaaS involves offering software solutions or services to the

general public. Sometimes these services are offered on a subscription basis but in a

lot of cases they are offered for free.

Often, advertising is what make it possible for these types of consumer orientated

services, to be offered for free.

Who has ownership of software in a SaaS Solution?

Normally a customer will purchase software along with a license (or licenses depending

on how many copies they require), by paying a one-off fee. This is similar to buying any

other product, whether it is software-based or hardware-based.

A customer buys a software product and once purchased, that software product then

becomes the property of the buyer. The customer now has full ownership of that

software solution and can effectively use the software in any way they wish, as long as

they do not break any of the terms and conditions (i.e. copyright terms) or licensing

terms for that software. In most cases, once a software solution has been purchased,

the vendor for that software solution will still provide software support in the form of

upgrades and patches.

In the case of SaaS, ownership of software solutions remains in the vendor‟s hands. A

customer does not buy a software solution or any licenses through a one-off fee.

Instead they pay a recurring fee in the form a subscription (if the software solution is

not one that is offered for free). The user then has access and permission to use that

particular software solution, until either their subscription period runs out or they cancel

their recurring payment.


In a SaaS solution, ownership of software applications and services remain in the

vendor‟s hands because the software is not downloaded onto a user‟s computer in any

way. Instead it is accessed by a user remotely through the Internet using their web

browser. This means that software vendors now have full control of their software

solutions and do not have worry about consumers breaching their copyright terms or

licensing terms.

The main advantages of SaaS for software clients

Briefly mentioned below are a few of the main advantages for of SaaS for software

users.

Lower costs – If a user only needed to use a software application for one month, it

would be a waste of money for them to completely purchase this software application

(especially for expensive software applications such as video editing, graphics, etc.).

By using SaaS software solutions, consumers can save a lot of money. All they have to

do is pay a subscription fee for one month or for the duration of time that they will be

using an application for. This is a very cost-effective solution for users who may only

use a particular software application on rare occasions.

Reduced storage requirements – Some applications can take up a lot of hard drive

space. By using SaaS software solutions, consumers can save a lot of hard drive

space and in the long run this can save them money. Also, users do not have to worry

about constantly backing up software data as this is all handled by the SaaS vendors.

The main advantages of SaaS for software vendors

Continuous income and greater profits – SaaS allows software vendors to profit like

never before. Traditionally a client would purchase a software application, along with

the number of licenses that they required and then that was it. A software vendor

received very little from their clients after this initial purchase. However, SaaS now

allows software vendors to receive a continuous stream of income in the form of

subscriptions. In the long run, this means that software vendors are able to profit far

more than they could before.

A reduction in piracy and unlicensed software – By keeping ownership of software

applications in their own hands, software vendors can benefit from a reduction in piracy

and unlicensed copies of their software being distributed. Again, this increases their

profits because the amount of money that they are losing through piracy can be greatly

reduced.


There are many more benefits to using SaaS software solutions for both clients and

vendors and only a few of the main ones were mentioned above.

1.2 The History of SaaS

SaaS is a technology that first came of age during the 1990s. However, it was nearly

lost in obscurity like many other new technologies that were emerging at that time, due

to the dot com bubble bursting. Fortunately, SaaS was able to recover and it is now a

software methodology that is widely used across the Internet.

Issues that were holding SaaS back during the 90s

The initial problems for SaaS during the late 90s included the fact that most software

applications were never designed to be remotely accessible. Software applications

would always be installed on to the same machines on which they were going to be run

on.

Other factors which greatly hindered the progress of SaaS, being widely implemented

during the 1990s included limited bandwidth availability and Internet speeds. Many

clients and potential users of SaaS accepted the subscription approach to software

services and hosted delivery of software services.

However, because Internet connections were so slow at the time (maximum of 56kbs

for most users), SaaS just wasn‟t practical. Bandwidth was also quite expensive, which

made SaaS a very expensive solution at the time. It was far quicker and cheaper for

businesses and individual users to install applications onto their local machines.

Finally, software vendors were just not interested in changing their pricing models. At

the time, most software vendors were happy with receiving immediate up-front payment

for their software applications and tended to overlook the benefits that a subscription-

based model would have for them. The major software companies like Microsoft,

Oracle, etc., also just ignored SaaS and did not take it seriously.

The resurgence of SaaS in the millennium

As mentioned, a lot of technologies and concepts just faded with the burst of the dot

com bubble, but SaaS was not one of these. To begin with, SaaS was just used in

niche markets. SaaS was being used to address specific software problems and

provide specific software services, in small specialized areas of a business.


However with time, vendors like Salesforce, NetSuite and many more, began to

develop purpose-built SaaS solutions, delivering them to customers in the form of

subscriptions. This meant that businesses now had access to entire software solutions

and could subscribe to as many of these services or as few of these services as

required. This is one of the main reasons why SaaS solutions became widely adopted

in the new millennium, because of the flexibility that SaaS offered.

Of course this wasn‟t the only reason why SaaS solutions became so widely adopted in

the new millennium. There were a few other important reasons which are briefly

detailed below.

Improvements in Internet speeds and an increase in availability

In the new millennium, Internet speeds rapidly increased through the use of broadband

technologies. The price of bandwidth was also getting cheaper which meant

businesses could now purchase more bandwidth than ever before.

This meant that SaaS could not only be implemented cheaply but it could now also

work efficiently, without any lag or time delays that dial-up Internet connections would

have caused.

Also, more and more people were now connecting to the Internet and where there

might not have been a market for SaaS before (because most people worked offline);

there was one now (because people started to spend more time connected to the

Internet online).

Seeing things from a different perspective

At first, software vendors were against using a subscription-based model for their

software, they were happy receiving upfront payments. However, as the demand for

Internet-based services increased, software vendors decided to change their stance by

offering software services to consumers using a subscription-based model. This

allowed software vendors to receive a continuous stream of income and profit far more

than they could have by just using their traditional software sales model.

Also, consumers were much happier using a subscription-based model because they

would not have to pay large amounts of money upfront and had the ability to only pay

for the services that they required. A subscription model in most cases also ensured

that consumers would not be locked in by any licensing terms or a software vendor‟s

terms and conditions.

For example, some software vendors would not offer refunds once a software

application had been purchased. This meant that if a client purchased a software


application and it was not as it was advertised making it useless to the client, then that

client would have effectively lost their money.

However, using a subscription-based model, a client has the ability to pay a fraction of

a software application‟s full price, without being locked in to their subscription in any

way. This means that if a software application ends up being useless for a client, then

they can cancel their subscription with a minimal loss of funds.

SaaS is a relatively new technology when compared to other technologies, but it is now

starting to be widely adopted by both businesses and home users. Advances in Internet

speeds and bandwidth availability have made it both a very feasible software solution

and a cheap software solution and it is now backed by major software and Internet

companies such as Microsoft and Google.

1.3 Goals and Objectives of SaaS

Detailed below are some of the main reasons why SaaS was initially developed.

To make the management and control of software easier

Traditionally, software vendors would sell their software applications in the same way

that any other product would be sold. Once a software vendor sold a copy of their

software application, that was it, it was gone and the software vendor would lose

control of it.

Of course, by losing control of their software applications, these applications could now

be easily manipulated or even illegally duplicated. By using SaaS, software vendors

have complete control over their software applications. This also means that they can

easily be managed and piracy can be controlled to a certain extent.

To take the management strain away from consumers

A lot of time and money is spent by businesses on the deployment, management and

updating of their software applications. SaaS completely eliminates this on the

customer‟s side, because it is now the software vendor who deals with these issues

when a SaaS solution is used. This is much better for both parties because software

vendors are better equipped to deal with the management issues for their software

applications while customers have one less strain on them.

To make software services available globally


Because of the fact that SaaS operates across the Internet, software services can be

accessed by anyone from anywhere in the world as long as they have an Internet

connection. For people who travel often or constantly switch between machines that

have different software applications installed onto them, this is very beneficial.

To provide a single instance of a software service to multiple users

The great thing about SaaS for software vendors is that multiple users can access the

same instance of a software service. Each user will see their own instance of a

software service and their own data, without interfering with any other user‟s data. This

means that software vendors can save a lot of money and resources by running just a

single instance of a software service, which can then be accessed by many users.

To create flexible payment models for software services

Using SaaS, there are many different ways that a client can pay for software. For

example they could pay a monthly fee, they could be charged based on the features

that they use or on how much they used a particular software service, i.e. using a pay-

as-you-go model. The good thing about this flexibility in pricing models is that the

needs of many different users can be accommodated for. For example, larger

companies could pay bigger upfront fees to save them money in the long run, while

individual users could use a pay-as-you-go payment model to save them money in the

short term and avoid paying large upfront fees.

These were some of the main goals and objectives for SaaS when it was initially

implemented. The main aim for SaaS however, was to take the management strains of

software maintenance and deployment away from consumers, while at the same time

putting control of software services back into the hands of software vendors.


2 Common Terminology

Below are some of the terms that you should be familiar with and may come across

when dealing with SaaS.

Term

Definition

ASP (Application

Service Provider

aka Application

Host)

Application Service Providers control, host and manage software

applications from a centralized location. ASPs can deliver software

applications using either a traditional license-based model or a

subscription-based model.

CRM (Customer

Relationship

Management)

CRM is a term that is often used when dealing with SaaS. Simply

put, it refers to the methods or processes that a company uses, in

order to communicate and remain in contact with their customers.

Due to the nature of the Internet, often some kind of CRM

software will be used so that businesses can efficiently manage

their customers. Some of the most well known SaaS organizations

offer CRM software services and CRM is quite a large niche for

SaaS.

Grid Computing Grid computing works by pooling together the resources of

individual machines, allowing these resources to be combined

together. These combined resources can then be used to provide

massive amounts of processing power, storage capacity, etc.

SETI (Search for Extraterrestrial Life Initiative) is a one of the most

well known examples of grid computing.

LAMP Stack

LAMP is an acronym for Linux (operating system), Apache (web

server), MySQL (database) and Perl/PHP (language). The term

LAMP Stack refers to a low cost or free development framework

that consists of a number of open source applications, which can

be used to help deliver on demand software services across the

web.

Multi-Instance

This term is used to refer to an application that is running multiple

„copies‟ of itself.


These different „copies‟ of a software application can be accessed

simultaneously by a number of different users. Application Servers

are usually used to manage Multi-Instance Software.

Net-Native

Net-Native describes software applications or services that can

only be accessed via the Internet using a web browser. Unlike

some other SaaS solutions, Net-Native software applications

cannot be run without using a web browser or offline.

MSP (Managed

Service Provider)

An MSP deals with the delivery and management of network-

based services, software applications and equipment. MSPs will

usually offer a number of different software services such as

telephony services, messaging services, firewall software or even

security applications.

Multi-Tenant

On Demand

On-Premise

Software

Single Instance

This term refers to an application that has the ability to serve

multiple different end-users at the same time.

The term „on demand‟ can be used in a number of different

phrases. However, the phrase „on demand software‟ refers to a

fully integrated application, service or technology that can easily

be used or accessed across the Internet, when it is required.

On-Premise Software is effectively the opposite of Software as a

Service. It refers to software that is either stored or installed on a

businesses or users machines, locally.

This refers to an application that can only be run on its own

dedicated server and can only be accessed by just one end-user.


SLA (Service

Level Agreement)

SOA (Service-

Orientated

Architecture)

Web Services

This is a formal written agreement that is made between a service

provider and their customer. It is used to make clear the standards

that will be used, to help measure the performance of services and

their delivery.

The content of an SLA will differ from service to service, however

all Service Level Agreements will have a set of guarantees or

promises made by a service provider to their customers. If a

service provider does not meet these guarantees set out in the

SLA, then they will usually reimburse their customers in some

way.

For example, some service providers might have set out in their

SLA, that they will provide 99 percent uptime of a particular

service to their customers each month. Now if that software

application was available for less than 99 percent in a particular

month, then that service provider would usually refund the

subscription amount for that month or credit their customer‟s

accounts, to keep them happy and avoid losing them.

This term simply refers to an architecture type, where numerous

services are collected together. These different services usually

communicate with each other, for example by passing data

between one another to complete a much larger process or to

provide a much more complex service. Simply, an SOA is a

collection of software services.

Web Services are simply web-based applications that can interact

with other web-based applications dynamically, using open

standards such as XML (extensible markup language), UDDI

(Universal Description Discovery and Integration) and so on. Web

service processes are usually carried out away from a user‟s eyes,

behind the scenes. For example, when one software service

communicates with another software application, a user does not

usually see this process occurring.

Some of the major development platforms that currently support

Web Services include LAMP (Linux, Apache, MySQL, Perl/PHP),

Microsoft‟s .NET Framework and Sun‟s J2EE (Java 2 Platform

Enterprise Edition) platform.


Utility Computing

(Also sometimes

referred to as On-

Demand-

Computing)

XML (Extensible

Markup Language)

This refers to a model where a MSP (Managed Service Provider),

makes a number of different computer resources and services

available to customers. Instead of charging their customers for all

of these services, an MSP then only charges their customers

based on the resources and services that they use. If a customer

does not use a particular service, then they are not charged for it.

XML is a markup language that is similar to HTML (Hyper Text

Markup Language). However, the key difference between the two

is that HTML deals with how elements are displayed, while XML

deals with what data these elements contain. XML is an open

source language and because it deals specifically with data, it is

often the language used for data interchange between different

web services.


3 What SaaS is and what it is not

3.1 SaaS vs. Software + Service

SaaS (Software as a Service), involves making an application an entirely hosted one,

which resides remotely outside of an organization‟s internal infrastructure. Although

Software plus Service has a similar concept to SaaS, it is not quite the same.

Software plus Service is something of a middle ground technology, where it provides

the complete functionality of traditional software applications but also the benefits of

external hosted software applications. This is achieved by installing an application in a

traditional way, where they reside on a machine locally but by also complementing

them with remote services, similar to the way in which a SaaS applications services are

delivered.

There are a number of benefits to using a Software plus Service model, instead of just

using a traditional software model or Software as a Service model. The main benefits

are detailed below.

More feature rich applications can be provided

SaaS is great because it means that businesses do not have to install any application

data onto their machines; however, there are a few setbacks to this (mainly because

SaaS is still in its infancy). One of these setbacks is that certain features are currently

just too difficult to implement across the Internet or run within web browsers efficiently.

By installing certain features locally and then complementing these features with web-

based features as well, a business can receive the best of both worlds. This is a good

compromise for businesses who do not want to fully change their software application

model to a SaaS-based one or for businesses who want to wait until SaaS catches up

to the point where software services can be delivered with the same efficiency as if

they resided locally.

Users can work offline

With a SaaS-based software delivery model, users must be connected to the Internet

whenever they want to use their software application services. Obviously this means

that if a user is offline, then they are unable to access their software applications, which

also means that it is very unlikely that they are able to get any work done (unless of


course they have local backup applications but this would defeat the purpose of using

SaaS-based applications in the first place).

Software plus Service on the other hand, allows users to work offline (because

important application data is stored locally). Once these users connect online, their

data can then automatically be synchronized with their software service provider‟s

servers. This is very advantageous to users who work remotely or users who are

constantly on the move, because they can complete all of their work offline. They can

then connect to the Internet when it is convenient for them and synchronize their data

online, so that they can receive the same collaboration benefits that SaaS provides but

of course without having to be constantly connected to the Internet.

Less Privacy Concerns

One concern that most businesses have when switching over to a SaaS-based

software delivery model, is how secure their data is. This is because when using a

SaaS-based software delivery model, all of a business‟s data resides externally and it

is up to the SaaS service providers to secure this data.

By using the Software plus Service software delivery model, businesses have the

option of controlling what data will reside locally and what data will reside externally.

This means that a business could choose to keep private sensitive data stored

internally, while less sensitive data could be stored on their software service provider‟s

servers, to improve the efficiency of their software services.

Greater Customizability

Traditional software applications are more difficult to customize for a business than

SaaS software applications are. Although SaaS software services offer businesses

more flexibility and the ability to customize their software experience (by picking and

choosing the services that they want), SaaS does not quite offer the same level of

customizability as Software plus Service does. Software plus Service allows

businesses to customize their in house software, while also receiving the services that

they require from a third party service provider, giving them a much more unique

software experience that is specifically geared towards their business.

It is clear that Software plus Service offers some advantages that SaaS cannot

currently offer. Software plus Service offers the benefits of being able to collaborate

with a wide range of users via the Internet, while also taking advantage of more

powerful PCs by running core application code locally. It is a great compromise

between the traditional in house software approach and the Software as a Service

approach. Software plus Service is great for businesses that want to receive similar


benefits to having a SaaS software delivery model and for businesses that do not want

to completely change their software delivery model to an outsourced external one.

3.2 SaaS vs. ASP

SaaS (Software as a Service) providers and ASP (Application Service Providers) are

two terms that are often used to describe the same thing (the delivery of outsourced

software applications via the Internet). Although both SaaS and ASP are very similar to

one another, there are important differences between the two software delivery models.

SaaS developed from ASPs and it was ASPs that first created the outsourced software

delivery model.

Understanding ASP

The ASP software delivery model first started being widely implemented during the

early 90s. It was the ASP software delivery model that created the whole idea of

hosting third party client/server software applications within an ASP organizations data

centers, and then delivering these software applications to their clients via the Internet.

However, initially ASP was not very successful. The problem with the ASP software

delivery model was that each client‟s applications or set of applications would require

their own mini-data centre within an ASPs premises. This meant that ASPs would

require massive data centers if they were going to host software applications for many

clients.

Because so many different customer specific applications were being run within an

ASPs data centre, ASPs just could not provide any help or documentation for each one

of their clients‟ software applications. This meant that the clients of an Application

Service Provider would still require their own in-house software experts and would still

need to implement their own set of troubleshooting procedures, both of which were

very costly.

This is one of the major reasons why many businesses decided not to use an ASP to

outsource their applications and instead decided to keep their software applications in-

house. Businesses would have to pay software professionals regardless of whether

they stored their software applications in-house or not, therefore instead of paying the

additional cost of out-sourcing their software applications, most businesses decided to

stick with their traditional software storage approach, by storing them within their own

data centers.


A lot of ASPs failed because of two main reasons: firstly, because of the reason

mentioned above. Most businesses decided not to use an ASP because the savings

were just not enough to justify the decision to outsource their software applications.

The second reason was that ASPs did not benefit from economies of scale. The more

clients that an ASP had, the more expensive things became for them, because they

would have to keep enlarging their data centers to meet their client‟s needs. In most

cases this would eventually lead to an ASP not profiting at all or in the worst case

scenario, even going bankrupt.

How SaaS resolved the problems of the ASP software delivery model

SaaS software applications and services are different in the way that they are designed

to be delivered, when compared to ASP software applications. Application Service

Providers delivered their software applications on a one-to-one basis to their

customers.

However, SaaS software services and applications are designed to be delivered to

multiple customers. This means that SaaS service providers can benefit from

economies of scale (many clients can access the same software application, while

each client is delivered their own unique software experience). Also, SaaS service

providers do not need to constantly keep increasing the size of their data centers, to

meet their client‟s needs, which again improves their profits.

Because SaaS providers are dealing with less software applications and services, they

can also provide their clients with more application-specific documentation and can

maintain and manage software applications themselves, preventing their clients from

having to do all this, which of course saves them money.

The SaaS software delivery model also provides clients with cheaper upfront costs

when compared to the ASP software delivery model. This is because when a client

uses an ASP, they still have to pay the full cost for the software applications that they

are going to be using, because the ASP is only hosting a single copy of these software

applications for them and no other clients.

However, when a SaaS software delivery model is used, service providers can provide

the same set of services or software applications to many users. This means that the

cost of these services can be divided up among a SaaS service provider‟s clients and

they can be provided with much cheaper upfront costs.

Modern day ASPs

Although SaaS has effectively taken over from ASP as the dominant software delivery

service, ASPs still exist today. However, the modern ASPs differ from the ASPs of the

past, which failed.


These days, ASPs either concentrate on a narrow range of software services instead of

many different types of software services; ASPs offer their own set of specific software

services, similar to the way in which SaaS vendors deliver their own set of software

services. Most modern ASPs will function in a very similar way to SaaS service

providers. This is mainly because the SaaS software delivery model has been proven

to be a successful one and can provide benefits to both service providers and a service

provider‟s clients.

In closing, using SaaS service providers to deliver software services, in most cases, is

the best choice for businesses. SaaS software applications have a quick deployment

time (no need to install the applications) and are much cheaper than ASP software

services (due to economies of scale). However, in some cases, using an ASP may be

the only choice that a business has. For example, if a business wanted to outsource a

particular software application or set of software applications but these applications

were not currently offered by any SaaS service providers, then they would have to use

an ASP to outsource these software applications for them.


4 Benefits of SaaS

SaaS provides clients and businesses with a number of benefits. The main benefits of

SaaS include:

The potential to save money.

The potential to save time.

The ability to use your budget on business processes rather than on

infrastructure-related processes.

Access to the very latest technologies for a fraction of what this would normally

cost.

4.1 Saving money

SaaS allows businesses to save money in a number of different ways. Firstly there are

lower IT related costs when using SaaS software solutions in place of traditional

software solutions.

When a business purchases software applications in the traditional way, as well as the

initial costs of purchasing this software (and licenses), there are a whole host of other

costs.

For example a business may have to purchase additional hardware to run this software

on their machines, they have to secure the machines on which these software services

run on and IT professionals are required to manage or troubleshoot this new software.

Installing software in a traditional way can end up costing businesses a lot of money

and often these extra costs are unforeseen.

SaaS can save businesses money in the area of software management and

installation, because software is installed and managed by SaaS software vendors.

This means that all a business has to worry about when purchasing or subscribing to

SaaS services, is how much the fee for the software service is. There are no hidden

costs, no extra costs and businesses do not have to worry about licensing issues.


Multi-tenancy or using multiple-tenant software services is another way in which

businesses can save money. Multi-tenant software is any software application that can

be used by more than one user or multiple users. Due to the fact that multiple users

can share the same software application/service, subscription levels can be offered by

SaaS vendors at much lower rates than if a software application was being used by

users in a 1:1 ratio.

The third way in which businesses can save money using SaaS is by using a pay-as-

you-go subscription model. A pay-as-you-go subscription model prevents the need for

a large initial investment by clients when purchasing software services. Instead,

businesses can either pay a monthly subscription fee (which they should be able to

cancel at any time) or they can pay for exactly what they use.

The good thing about paying for SaaS software services is that they offer flexible

payment methods, meaning that businesses can choose the payment method that

offers them the most benefits or the method that can save them the most money.

4.2 Saving time

Due to the fact that you do not need to install software applications yourself, you can

save a lot of time. SaaS software solutions are already up and running on a SaaS

vendor‟s data centre, therefore you can begin using SaaS software solutions almost

instantly.

However, installation is not the only area in which time is saved. Time and valuable

resources are also saved in other areas. For example a business does not need to

waste time on managing or updating software applications, because once more, it is

the software vendor who deals with these issues.

Also, traditionally when software applications had to be used on a number of different

machines, they would usually have to be installed on to each one of these machines

(which is a time consuming process). However, by using SaaS a business can access

the same software services on multiple machines without having to install anything.

This can save businesses a lot of time, resources and even money.

4.3 Allowing a business to use their budget more effectively

As mentioned before, when using SaaS, a business can save money and time on

certain IT related processes or tasks (which can sometimes even be completely

eliminated). A business can save money on or even completely eliminate the following

procedures:


Purchasing Servers or additional Server hardware to support the new software

services in-house.

Ensuring that the new software services are running in a secure, reliable and

conflict-free stable environment.

Maintaining and updating software services.

The above-mentioned procedures often have hidden costs and consequences that are

not easily spotted by businesses. For example, it can be so easy to overlook or forget

about the extra costs that maintaining software services, installing software patches

and troubleshooting entail.

By using SaaS, all of the above problems and procedures are virtually eliminated. This

means that businesses can use their budget far more effectively on business-related

processes, and a business‟s workforce can concentrate fully on core business

processes, rather than on software-related tasks and activities.

4.4 Giving businesses access to the very latest software versions

With traditional software applications, you often have to wait a while for the latest

version of that software application to be released. This is because it is not efficient for

software vendors to release new versions of their software applications every time they

make changes.

Therefore software vendors release new versions periodically or after making a certain

number of changes. Of course this means that businesses have to wait for new

features to be released.

SaaS changes this, because software vendors can immediately offer their updated

software solutions to clients online in a cost-effective and efficient way. This means that

clients can benefit from software innovations on an ongoing basis, because as soon as

a software vendor makes changes or offers new and improved features, their clients

can begin using them right away.

Sometimes, when a business installs software traditionally they face problems; for

example, the latest version of a particular software application may not work as

intended with their existing operating environment or with their existing infrastructure.

This means that a business would have to completely upgrade their existing

infrastructure or operating environment, to allow the latest version of a particular

software application to function correctly.


This is obviously very expensive and although there are other ways around this, SaaS

is a great method to avoid having the problem mentioned above. By using SaaS, a

business does not need to change their existing operating environment or infrastructure

in any way. All incompatibility issues are dealt with on the software vendor‟s side of

things and they are the ones who will ensure that the software services they are

providing run stably within their data centers.


5 Related forms of Cloud Computing

To view this picture as a moving GIF, go to

http://theartofservice.net/index.php?option=com_content&task=view&id=142

5.1 Cloud Computing

Cloud computing refers to the processing and storage of data through the Internet.

Computing and storage become „services‟ rather than physical resources. Files and

other data can be stored in the cloud and be accessed from any Internet connection. It

is a style of computing where IT-related capabilities are provided „as a service‟,

allowing users to access technology-enabled services from the Internet, or cloud,

http://theartofservice.net/index.php?option=com_content&task=view&id=142


without knowledge of, expertise with, or control over the technology infrastructure that

supports them.

5.2 Virtualization

Virtualization, in its broadest sense, is the emulation of one of more

workstations/servers within a single physical computer. Put simply, virtualization is the

emulation of hardware within a software platform. This allows a single computer to take

on the role of multiple computers. This type of virtualization is often referred to as full

virtualization, allowing one physical computer to share its resources across a multitude

of environments. This means that a single computer can essentially take the role of

multiple computers.

5.3 Grid Computing

Cloud computing is often confused with grid computing, a form of distributed computing

whereby a „super and virtual computer‟ is composed of a cluster of networked, loosely-

coupled computers, acting in concert to perform very large tasks.

Grid computing has been used in environments where users make few but large

allocation requests. For example, a lab may have a 1000 node cluster and users make

allocations for all 1000, or 500, or 200, etc. So only a few of these allocations can be

serviced at a time and others need to be scheduled for when resources are released.

This results in sophisticated batch job scheduling algorithms of parallel computations.

5.4 Utility Computing

Many cloud computing offerings have adopted the utility computing model. Utility

computing can be analogized to traditional computing such as the consummation of

electricity or gas. IT computing becomes a utility, similar to power, and organizations

are billed either based on usage of resources or through subscription.


6 Companies Involved with SaaS

When talking about companies that are involved with SaaS, there are a number of

different companies that provide a number of different software services. Unlike other

computer technology niches, SaaS does not have a clear market leader. Instead, SaaS

has a number of different service providers, who each provide useful services for a

number of different scenarios. Detailed below are some of the more well known SaaS

companies and information about what software services they provide.

6.1 Adobe Systems

Location: San Jose, California

Adobe is one of the most well known software-related companies in the entire world.

Founded in 1982, Adobe‟s main foothold is in the market area of desktop publishing.

However, great success has allowed Adobe to branch out into other areas and

avenues of technology including SaaS.

Although Adobe is not currently viewed as being a market leader in the area of SaaS,

they have both the potential and the resources to lead the way. At the moment, around

10 to 15 percent of Adobe‟s resources are invested into SaaS. This is mainly through

their Acrobat Connect and Adobe Document Centre Applications. However, Adobe

does have plans to make available some of their most popular applications, online.

Again, as mentioned above, this gives Adobe the potential to lead the way in SaaS, as

they already have quite a large customer base.

Adobe is in a stable position and by offering some of their most popular desktop

applications online, they are sure to win over more customers. However, Adobe is

being smart about things and will only offer their popular software applications online as

supplements, rather than replacements to their existing software applications. This

means that they can keep both traditional offline desktop-based software users, and

modern online web-based software users, happy at the same time.

Website: http://www.adobe.com/

6.2 Axentis

Location: Cleveland, Ohio

http://www.adobe.com/


Axentis was founded in 1999. They are a popular organization for SaaS services and

provide a wide range of SaaS software services. Axentis is expected to continue

growing and prospering in the future. Axentis specialize in GRC (governance, risk and

compliance) software solutions.

Website: http://www.axentis.com/

6.3 Google

Location: Mountain View, California

Google is a major force and anyone who uses the Internet will have heard of Google at

some point (if it is not already their default search engine site). Google first entered the

SaaS market area in early 2006 with the introduction of Gmail (in beta form). Since

then Google have not looked back.

They now offer an entire SaaS suite known as Google Apps, which is available either

for free (with limited features) or for a subscription fee (with full features). Google Apps

offers a number of services, such as web-mail, instant messaging (IM), word

processing and much more.

Due to the strong position that Google are generally in, their SaaS solutions have been

a success and Google will look to continue to prosper in the future, by staying one step

ahead of their competitors.

Website: http://www.google.com/apps/intl/en/business/index.html (The Google Apps

web site).

6.4 Microsoft

Location: Redmond, Washington

Microsoft has offered SaaS, in at least one form or another, since around 1997. In

1997, Microsoft acquired Hotmail (a web-based email service) and renamed it as MSN

Hotmail. Since 1997, Hotmail has either been offered as a free service (providing a

limited set of features) or as a subscription-based service (providing a full set of

features).

In 2005, Microsoft offered Windows Live Hotmail (which was intended to replace the

existing but somewhat outdated Microsoft Hotmail web-email service), for beta testing.

Microsoft Windows Live was officially made available in 2006-2007 and although it

http://www.axentis.com/

http://www.google.com/apps/intl/en/business/index.html


offered the same basic web-based email features, it provided users with much more.

For example, Windows Live offered users their own personal spaces, a calendar

application and the ability to create contacts, among many other things.

Although Microsoft has always had a solid footing in web-based email services, they

have just recently started to expand into other SaaS based market areas. For example

they now offer some of their more popular applications like Microsoft Office, online and

they have also created online workspace utility that is intended to be used to share files

online.

Microsoft have dominated so many computer-related niches and market areas in the

past, that it would be hard not to envision them taking up a large and important role in

the market area of SaaS. However, they do have strong competition from Google, as

well as many other SaaS-related companies. This will make things interesting and is

also likely to make SaaS software solutions develop much more rapidly due to the

competition.

Website: http://www.microsoft.com/serviceproviders/saas/default.mspx

6.5 NetSuite

Location: San Mateo, California

NetSuite is another well known SaaS company that offers software services to its

customers, while continuing to grow. The company was founded in 1998. Just like

Salesforce, NetSuite offers customer relationship management tools. However,

NetSuite also offers Accounting and Ecommerce-related software services.

NetSuite is another SaaS company that is definitely one to look out for in the near

future. One thing of great interest to clients is NetSuite's relatively new SuiteFlex

offering. This tool allows customers to customize NetSuite's existing SaaS services, for

example by using software add-ons or plug-ins. Although not quite as well known as

SaaS companies such as Salesforce, NetSuite is still a decent SaaS company and is

definitely worth considering if you are looking for a company that offers SaaS.

Website: http://www.netsuite.com/

6.6 Salesforce

Location: San Francisco

http://www.microsoft.com/serviceproviders/saas/default.mspx

http://www.netsuite.com/


Salesforce is one company that is most often associated with SaaS. Founded in 1999

by a former Oracle executive (Marc Benioff), Salesforce deals specifically with

customer relationship management (CRM) tools.

Research has shown that CRM is one of the largest SaaS offerings, followed closely by

content software service offerings and communications software service offerings. A

few of the main CRM software services that Salesforce offer include sales services,

marketing services and call centre operation services. Using these SaaS tools,

businesses can streamline their customer relationship management, providing much

higher levels of satisfaction for their customers.

Salesforce is the one company that has the potential to dominate the SaaS market

area and they are even diversifying in their approach. For example, they are working on

a new approach known as platform-as-a-service. Using this approach, Salesforce have

the ability to offer entire platforms of services to their clients, rather than just individual

services (as they currently offer using SaaS).

Website: http://www.salesforce.com/

6.7 SuccessFactors

Location: San Mateo, California

SuccessFactors was a relatively quiet and „under the radar‟ SaaS company. However,

with an increase in revenue by around 95 percent in between the financial years of

2006-2007, SuccessFactors are looking like they will be a force to be reckoned with in

the SaaS market area.

SuccessFactors deal specifically with performance and talent management software

services, in other words, human resources (HR) software services. They can offer

software services to a wide range of business, from the small (1-500 employees), to the

very large (20,000 plus employees). Due to their impressive growth, SuccessFactors

are also looking to increase their workforce from around 600 employees to 1000

employees.

Human resources are usually a standalone department of a business and do not need

to communicate or integrate with applications from other departments. The great thing

about SuccessFactors software services (and other HR software SaaS solutions for

that matter), is that they allow HR managers to easily manage their workforce, without

having to purchase expensive applications that are designed to communicate with all

other areas of a business.

Website: http://www.successfactors.com/

http://www.salesforce.com/

http://www.successfactors.com/


freya.dixon

BLANK


7 Technologies that Incorporate SaaS

There are various different SaaS companies and various different SaaS services.

However, each SaaS-related technology has the same basic fundamentals. Google

and Microsoft are major IT companies that now provide their own SaaS solutions, while

SaaS specific companies such as Salesforce provide their own services. Regardless of

this, detailed below are the fundamental SaaS-related technologies that are common to

most (if not all) software as a service providers.

7.1 Software as a Service

In general terms, SaaS is a software distribution model in which software applications

are hosted externally by a software vendor or service provider and are then accessed

by an organization, via a network (which is most commonly the Internet).

SaaS is more popular than ever before and this is partly due to a shift in thinking along

with the acceptance, as well as the implementation of web services and service

orientated architectures. New developments such as Ajax (Asynchronous JavaScript

and XML) for example, have also helped SaaS to become more popular and more

widely deployed.

Ajax is a method for creating web-based interactive applications that can immediately

process a user‟s input. As its name suggests, Ajax uses a number of different

programming languages and tools making it fairly versatile. The good thing about Ajax

applications is that they are independent of normal HTTP (hypertext transfer protocol)

requests. This means that they can dynamically and instantly process a users request

but an entire web page does not have to be reloaded for this to be carried out. One of

the most well known web-based applications that use Ajax is Google Maps.

SaaS is also very closely linked with ASP (Application Service Provider) and on

demand computing software application delivery methods. Simply put, an ASP is a

company that offers software applications and services to individual users or

businesses via the Internet.

On demand (OD) computing is a little different. An OD software solution can either be

maintained by a business from within or externally using a software service provider.

Using an on demand model, software services are only made available when they are

needed or „on demand‟. On demand applications are quickly becoming popular


because they provide businesses with the flexibility and ability to adapt and not remain

static, in the way that a traditional licensed software solution would keep them.

Of course, both of these service providing models are linked to SaaS and provide

businesses with similar benefits such as:

Simpler administration of software applications.

Automatic software updates and easier management of software updates.

Worldwide accessibility.

Easier deployment of software services, because a single instance of a software

service can be use by multiple users on multiple machines.

SaaS is a software delivery model that is here to stay and as other related technologies

and methodologies (such as Ajax, on demand delivery, etc.) mature over time, SaaS

can only be improved and advance over time as well.

7.2 SaaS hosting

SaaS hosting simply refers to the method in which software vendors offer their software

solutions to customers in the form of a service, as opposed to a product. No one knows

more about a software application than that software application‟s own vendor.

Therefore it makes sense for them to host and mange their own software solutions.

This also takes away the expense and stress of managing and maintaining a software

application from a software vendor‟s clients, while allowing them to receive maximum

benefits from that particular software application.

For software vendors (especially smaller independent ones), shifting from a product-

orientated model, to a service-orientated model is no easy feat. Not only do software

vendors have to completely change their payment models in order to support SaaS but

they also have to ensure that their services can be accessed by a wide range of users

all across the globe and that their software services provide 24/7 availability (or as

close as possible to 24/7 availability).

On top of all this, software vendors have to deal with new Service Level Agreements

(SLAs), ensuring that they are delivering to their customers exactly what they paid for.

If a software vendor does not measure up to these Service Level Agreements in any


way, then a SaaS delivery model can end up costing them more than it is actually

worth.

For software vendors who want to avoid all of these problems but still want to change

their software delivery model to a SaaS-based one, then they should consider using a

SaaS hosting company. A SaaS hosting company can take a lot of the strain of away

from software vendors by dealing with the migration process from a product-based

delivery model to a service-based delivery model.

Often SaaS hosting companies will help software vendor‟s fine tune their software

applications so that they are optimized for Internet access, while also providing them

with the hardware infrastructure and dedicated servers for their customers new hosted

software delivery model. Using a SaaS hosting company instead of offering software

solutions in the traditional way, provides software vendors with many benefits. The

main benefits of using a SaaS hosting company are detailed below.

Most SaaS hosting companies will offer multi-tenant hosting or shared hosting,

meaning that many users can access a single instance of a software application.

This is much cheaper than traditional software product-based delivery models,

where a software vendor often has to pay for storage mediums such as CDs or

DVDs and packaging.

Selling software products or software services online, is much more convenient

than selling software products in retail outlets. This is because online, software

vendors can often allow potential clients to try out or sample their software for

free. This makes them much more likely to actually purchase or subscribe to a

software service. Also, it is cheaper for a business to make their software

available online. Therefore they can also pass these savings on to their

customers.

Marketing software services on the Internet is much cheaper and easier than

marketing software applications in the traditional way. For example a software

vendor can use Pay-Per-Click (PPC), Google Adwords and many other

innovative web-based marketing methods. Pay-Per-Click is where a client only

pays their advertiser, each time their ad is clicked. This is obviously very efficient

and cost effective because clients are only paying for when someone actually

clicks on their advertisement and views their software service. Google Adwords

is similar to Pay-Per-Click but is Google‟s own advertising service.

Software services are hosted on a SaaS hosting companies‟ servers and data

centre. This means that software vendors do not have to purchase any new

machines or upgrade their existing infrastructure in any way, when offering their

software services as part of a hosted solution. Management costs are also


reduced because a business does not have to manage or maintain these

servers and this means that they can concentrate fully on business-related

processes.

As you can see, software vendors can benefit greatly by using a SaaS hosting

company. For larger companies (such as Microsoft, Google, etc.), hosting software

services from within their own data centers and using their own servers is no problem,

simply because of the almost limitless resources that they possess.

However, for smaller software vendors, it can often be very expensive and time

consuming to completely change their business model from a product-based software

model to a service-based software model. It is indeed smaller businesses or even

medium sized businesses that can benefit the most from using a SaaS hosting

company, to host their software services and is something that they should seriously

consider using.

7.3 SaaS platform

A SaaS platform is a software program (which can be thought of as a layer of

software), that is used to host other software applications. It deals with all the SaaS-

related management processes such as offering software services on demand, making

a software service accessible to multiple users and so on.

When traditional software applications are coded, they are usually coded in such a way

that they can only work or function properly when accessed by a single user. Of course

when a software vendor changes their business model to a SaaS software distribution

model, it is usually in their best interest to allow as many users as possible to access a

single instance of a particular software application.

It is the SaaS platform that takes care of this and manages a software application so

that it can be accessed by multiple users across the Internet. A SaaS platform can be

thought of as being similar to a traditional operating system, the only difference being

that it runs and manages applications which are designed to be accessed over a

network or the Internet, rather than being accessed locally.

Of course, aside from making a single software service or application available to many

users, a SaaS platform also has other responsibilities and carries out a number of other

tasks. The main tasks that a SaaS platform carries out are detailed below.


7.4 Tenancy Partitioning

Most SaaS platforms (if not all), will usually perform tenancy partitioning processes if

they are hosting multi-tenant software services. Software applications that were coded

to only serve a single user will often work in a way that conflicts with the multi-tenant

way of doing things. For example, an application may store all of its user data in a

single database which means that multiple users may overwrite each other‟s

application data or an application could accidentally show one users data to another

user.

Tenancy partitioning solves this problem, because a SaaS platform will separate each

individual user‟s data into separate „partitions‟. Each user is still using the same

instance of a software service or application but they now have their own application

database (thanks to the SaaS platform) and their data is separated from every other

user‟s data, preventing conflicts.

7.5 Monitoring and Metering

A SaaS platform should be able to both monitor and measure usage of software

services from a number of different standpoints and perspectives. For example a SaaS

platform should be able to measure data usage, bandwidth usage, hardware usage and

so on.

There are two reasons why this is important. Firstly it allows a software vendor to

determine if their existing hardware infrastructure can handle the load of multiple users

accessing a particular software service and if so, how many users can access this

service.

Using the above information, a software vendor can then fine tune the efficiency of their

software service delivery solutions. For example if they find out that when five users

access a particular software service, the server load on which these applications reside

is at fifty percent, then they can allow more users to access this single software service

without a drop in performance.

Secondly, by monitoring and metering the usage of software applications, a software

vendor has some sort of basis which they can use to charge their clients. For example

a software vendor could charge users based on how much storage capacity they use,

how much bandwidth they use or even how much processing power they use.

By using a SaaS platform, the process of monitoring and metering the usage of

software applications becomes much easier for software vendors to carry out, because


a SaaS platform makes it an automated process. This saves software vendors a lot of

time and resources, which they can then use more effectively elsewhere.

7.6 Scaling

Scaling involves aggregating the demand from multiple users into one physical or

virtual location. This makes things much simpler to manage from a software vendor‟s

point of view. Most SaaS platforms should be designed in such a way so that they can

offer support for software scaling, making the whole process a simple and automated

one. By doing this, SaaS platforms can offer software vendors all the benefits of

scaling, without putting much effort into this area, allowing them to concentrate on more

important business-related processes.

These days there are a number of software vendors that offer their own SaaS

platforms. For example Microsoft and Oracle, among many other software vendors,

offer their very own SaaS platforms.

7.7 Google Apps

Google Apps refers to Google‟s own collection of software services. Google offers a

number of different software services. Their main services are briefly mentioned below.

7.8 Gmail

This is Google‟s own web-based email service. It is a fairly recent application, having

first been introduced for invitation only beta use in 2004. Initially Google provided 1 GB

of storage capacity with their Gmail accounts (which at that time was much larger than

other web-based email services, including Hotmail and Yahoo mail).

These days, Google provide over 7 GB of free storage with their Gmail accounts and

can provide more even storage for users at varying subscription rates. Gmail is Ajax

(Asynchronous JavaScript and XML) based and offers users the ability to quickly

search through their emails, while also reducing spam.

7.8.1 Google Talk


Google Talk is Google‟s instant messaging and VOIP (voice over Internet protocol)

software solution. It was first made available in 2005 as a beta application. At first,

Google talk was only available to Windows-based users and for certain handheld

devices such as the Blackberry, iPhone and WinCE (Windows Embedded Compact)

devices. However, recently Google Talk has been made available on the Internet and

anyone who can run Adobe Flash Player on their system can access Google Talk

online.

7.8.2 Google Calendar

This application service is fairly self explanatory. It is Google‟s own online calendar

service. Google calendar is marketed as a free contact and time management web-

based application. Using Google calendar, users can integrate their existing Gmail

contacts data with the Google Calendar application service.

7.8.3 Google Docs

Google Docs is a complete web-based application suite that is made available to users

for free. It consists of a word processor application, a spreadsheet application and a

presentation application. The great thing about Google Docs is not only does it allow

users to create and edit documents online for free but it also allows users to share their

documents or even collaborate with other users in real time.

By default Google Doc applications are saved onto Google‟s servers. However a user

can save documents onto their own machine. Also, Google Docs offers support for a

number of different file formats including the ISO standard ODF (OpenDocument

format), the .doc (Word Document file format) and the .xls (Excel file format).

Google Docs can even be accessed by users using their mobile phones. However,

currently users can only view documents but not edit them. Also, at the moment mobile

phone users can only view word processing documents and spreadsheets but not

presentations. Of course there is a possibility that this is changed in the future, in fact

the iPhone is actually able to view presentations using a specific version of Google

Docs. However the iPhone is currently the only mobile phone device that can view

presentations using Google Apps (accurate up until October 2008).

7.8.4 Google Sites

Google Sites is Google‟s own website creation application service and it can be used to

create websites or secure wikis (a shared whiteboard which users can create, add or


remove content from). Google Sites is a fairly recent software service and was first

released as a beta application in February 2008. It directly replaces Google‟s previous

webpage creation service which was known as Google Page Creator.

As of October 2008, Google offered the following with their Google Sites service:

A unique address in the form of http://sites.google.com/site/username/

23 web design themes.

Limited use of HTML. At the moment CSS (Cascading Style Sheets) cannot be

used to change the design or layout web pages created with Google Sites.

There are also a number of limitations but Google Sites is still in its beta testing stage,

meaning that many of these limitations could be overcome once the application

completes its beta testing cycle.

Some of these limitations include not being able to add HTML from other sources to

create your pages (only the Google Sites web page editor can currently be used). Once

a site has been created it cannot easily be copied or cloned. For people to edit wikis,

they must first be invited by the proprietor of the Google wiki they created. This means

that users cannot just come along and edit pages if they spot any inaccuracies.

However, this can also be a good thing because by requiring permission from a wikis

creator to edit web pages, abuse can be eliminated or at least limited. The final

limitation is the fact that all sites must currently use Google‟s own set of themes and

layouts, making all pages and sites created by the Google Site application, appear

similar.

Currently, Google Sites offers its users up to 100Mb of storage space for free. However

once again, more space is available (up to 10 GB) if required.

7.9 Google Maps

Google Maps is a web-based mapping application that is currently offered by Google

for free. It provides a number of useful services for users including street maps, route

planning for both cyclists (including walking pedestrians) and users in vehicles. Google

Maps also allows users to find building, stores, landmarks, etc. all over the world.

High resolution images are provided for most urban areas across the entire globe,

allowing users to make themselves more familiar with foreign locations without having


to even visit them. The current technology behind Google Maps includes JavaScript, as

well as Ajax.

Google Maps is also available on mobile devices using a Java-based application called

“Google Maps for Mobile”. If a mobile device supports GPS, then users can also use

the “Google Maps for Mobile” software service to provide their mobile device with

mapping information in conjunction with their GPS service.

7.10 Windows Live

Before Microsoft introduced their Windows Live software service solution, most of their

software services such as Hotmail (for web-based email) and MSN messenger (for

instant messaging) were completely separate from one another. Windows Live (which

was first announced in November 2005) brings together all of Microsoft‟s core software

services and integrates them into a single package.

There are numerous software services that Windows Live offers to its users. A few of

the most popular software services offered by Windows Live are briefly detailed below.

7.10.1 Windows Live Messenger

Formerly known as MSN messenger, Windows Live Messenger is Microsoft‟s premiere

instant messaging application and is a part of the Windows Live software service suite

(although it is also offered as a standalone application). It is currently able to work on

all of Microsoft‟s major desktop operating systems (including server editions) as well as

on Windows Mobile operating systems.

The current version of Windows Live Messenger (version 8.5 as of October 2008)

offers its users with a number of features which complement the basic instant

messaging service that is on offer. The most popular features offered by Windows Live

Messenger in addition to the basic instant messaging service include, “Sharing

Folders”, “Windows Live Call”, Offline messaging, as well as games and applications.

Sharing Folders is as its name suggests, a way to share files and folders. In the past,

Windows Live Messenger (when it was known as MSN messenger) did allow users to

share files, but only single files could be transferred between users at any moment

time.

Because Internet speeds were relatively slow during this time period, most users were

never going to send or receive more than one file at a time and therefore this was not a


problem. However as Internet speeds increased, the amount of data that users could

send and receive at any moment in time also increased. The “Sharing Folders” feature

was introduced so that users could share multiple files or entire directories in one go.

Windows Live Call is a service that allows users to make calls from PC-to-PC (which

older versions of MSN messenger were also capable of) and more recently PC-to-

Phone calls (which older versions of MSN messenger were not capable of). VOIP

(Voice over Internet Protocol) is used by Microsoft so that users are able to make

inexpensive calls to both local and international telephone devices. There is no charge

for PC-to-PC phone calls, however users are charged for PC-to-Phone, phone calls.

Microsoft has also released a handset known as the Windows Live Messenger Phone.

This device is capable of acting as an extension to the Windows Live Call service or

can be used as any other normal telephone would be (by plugging into any regular

telephone wall jack).

Offline messaging is a relatively new feature that a lot of older versions of Microsoft‟s

instant messaging software did not have. In the past, when a user was offline, instant

messages could not be sent to them. However, these days‟ instant messages can still

be sent to a user, even when they are offline. The user who the message was sent to,

will receive the message as soon as they are online.

Finally we have the games and applications service for Windows Live Messenger.

Again, this service enhances a user‟s overall instant messaging experience by not only

allowing them to send text based messages to one another, but by allowing them to

also share applications and collaborate with each other in ways that were not made

possible in the past.

Using the games and applications service, users can easily offer remote assistance to

one another or they can share applications with one another. For example, users can

browse the web together, share a whiteboard and share other desktop-based

applications with each other.

The above mentioned features are available in the Windows Live Messenger, desktop-

based application. A web-based instant messaging software service (which omits some

of the above features) is also offered by Microsoft and is known as Windows Live Web

Messenger (formerly known as MSN Web Messenger).

Windows Live Messenger can be accessed by anyone who is connected to the

Internet, via their web browser without having to install anything (although certain plug-

ins may be required in order for certain features to work correctly).


7.10.2 Windows Live Hotmail

Formerly referred to as just Hotmail or MSN Hotmail, this is Microsoft‟s web-based

email service and is one of the most well known web-based email services in the world

today. These days, Microsoft offers up to 5GB for free, with their hotmail accounts.

Microsoft also offers a number of unique features with their Windows Live Hotmail

service. For example they include an integrated audio player with all accounts, allowing

audio attachments to be listened to right away. They offer color schemes, which means

that users can customize their web-based email accounts. A spell checker is also

integrated into accounts, as well as a search feature which allows users to quickly and

easily find and keep track of their emails.

Users can also create their own folders to organize and archive their emails or even

store photos for example. Microsoft also offer a number of security features with their

web-based email service. For example each Hotmail or Windows Live account comes

with its own Trend Micro virus scanner. Each time an attachment is going to be

downloaded, it is automatically scanned for any viruses. Emails that may appear

unsafe are also blocked until a user verifies that they are safe or were sent from a

known user.

7.10.3 Windows Live Calendar

This is a time management web-based application that is by default, provided with all

Windows Live Hotmail accounts. It is an Ajax-based web application which means that

users can add or remove calendar entries without having to reload their entire web

page. Users can create multiple calendars if necessary and each calendar can have

different levels of access permissions set.

For example a user can privately share web based calendar with other users who can

add, remove and edit entries or a user can set a view-only permission level, where only

certain users can view the calendar but cannot modify it in any way. Finally a calendar

can be publicly shared which means that it is available for viewing by anyone.

7.10.4 Windows Live Spaces

This is Microsoft‟s own blogging and social networking service. Windows Live Spaces

offers users with a number of different features. Support for blogs is offered, as well as

support for photo sharing.


Users can create their own photo albums and share photos (in a similar way to other

popular social networking sites). Users also have their own personal profile, where they

can provide information about themselves (by default these profiles are made non-

public).

7.10.5 Windows Live ID

Formerly known as Microsoft Passport and then .Net Passport, Windows Live ID is

Microsoft‟s single sign-on service which allows users to log-on into many websites and

services using one account. It is mainly Microsoft-related sites that use the Windows

Live ID service (such as Hotmail, MSN, MSNBC, etc). However, there are other

companies that are affiliated with Microsoft who also use the Windows Live ID service.

The Windows XP operating system currently allows users to link a Windows Live ID to

their desktop based account. This means that whenever a user logs-on into their

desktop-based account, they are automatically logged-on into their Windows Live ID

account that is associated with that particular desktop-based account (if they allow their

applications and services that use Windows Live ID to log-on automatically).

7.11 Microsoft Office Live Small Business

Microsoft Office Live Small Business is a suite of web-based services that are offered

by Microsoft, which are specifically aimed towards small businesses. The entire suite is

designed in such a way so that small businesses can easily create a solid online

presence.

This is achieved by providing small businesses with their own domain name and

hosting space so that they can create and host their own website. By carrying out

marketing so that businesses can have a constant flow of potential customers visiting

their website and finally by allowing businesses to manage their business activities

online by using free web based business applications.

Currently Microsoft offers a core set of services for free with their Microsoft Office Live

Small Business solution, along with other add-on services that users can pay for on a

subscription basis or on a single payment basis. The core services that Microsoft offers

with their Microsoft Office Live Small Business solution are briefly detailed below.

7.11.1 Web site design tool and hosting space


Microsoft provides its users with access to a free online website design tool. This

design tool allows users to create a website using customizable templates or by

allowing users to upload their own HTML code. Currently Microsoft provides it users

with 2GB of free hosting space. However, more space can be purchased if it is

required.

7.11.2 Domain name registration and business email creation tools

If a business does not have their own domain name, Microsoft also allows them to

select and create their own domain name. The domain that a business registers is free

of charge for the first 12 months after registering. However, after this period, there is a

charge at the rate of $14.95 per year (as of October 2008).

Alternatively, if a business does have an existing domain name, then Microsoft allows

its users to direct this domain name towards their Office Live Small Business solution.

Included as part of their core service, Microsoft also allows its users to create up to 100

domain based email accounts free of charge. If it is necessary, additional email

accounts can be purchased.

7.11.3 Contact Manager

This is a web-based service that allows small businesses to manage their customer

information online. For example sales information, customer history and customer

information can all be stored in a single location online, making it easier for entire

organizations to access their customer or contact information using nothing but a web

browser.

7.11.4 Document Manager

Similar in function to contact manager, Document Manager allows documents to be

stored in a single location online. Users from within an organization can then easily

access these documents using just their web browsers.

7.11.5 Workspaces

Workspaces allow small business to share work-related information and data with

customers, employees and other businesses for example. A workspace is basically a

website which a number of users can access remotely. Large work related files (for

example video, images, etc.) can then be posted onto this workspace website. This is

much more convenient than having to transfer large work-related files via email.


7.11.6 Project Manager

As the name suggests, this is a project management tool. Accessible online, project

manager allows small businesses to track the progress of their projects monitor their

projects and also easily keep track of which groups or employee‟s tasks have been

allocated to.

7.11.7 Resources as well as support

This is Microsoft‟s 24/7 support service that is available as part of its Office Live Small

Business core service (meaning it is free). Online resources such as how to articles,

community boards and FAQs (frequently asked questions) are also offered by

Microsoft, free of charge.

Microsoft currently offers the above mentioned web-based services for free as a part of

their Office Live Small Business software solution. However, there are a few software

services that users must purchase as add-ons or subscribe to, if these services are

required. A few of these add-on services are briefly mentioned below.

7.11.8 Store Manager

This is an e-commerce software service that allows small businesses to create a list of

products on their free Office Live Small Business website. There are many different

features and ways for a business to customize their products using Store Manager. For

example, a business can customize the way that their products are displayed on their

website, it allows businesses to create their own postage or tax terms and an online

shopping cart can even be created to make it easier for customers to buy multiple

products.

Store Manager is also compatible with eBay which means that a business can also

easily market their products on eBay, reaching a wider range of customers. Currently,

store Manager is available as an add-on, at the rate of $14.95 a month. However,

Microsoft do give their customers one month for free, which means that businesses can

get a feel for using Store Manager before having to make any payments.

7.11.9 E-Mail Marketing


This is a software service that makes it easy for a small business to market their

website, products or services via email. Using the E-Mail Marketing tool, a business

can easily create a newsletter or a promotional email for example. They can then use

the Contact Manager tool, to determine which particular emails will be sent to which

group of customers or clients.

As well as allowing businesses to easily create marketing emails, the E-Mail Marketing

tool also allows businesses to easily monitor how successful a particular email is. For

example a business can keep track of the number of subscribers to a particular

newsletter. They can keep track of the number of unsubscribed users to a particular

newsletter and they can even keep track of the open percentage for a particular email.

Using all this information, a business can then fine tune their email marketing

strategies, to ensure that they are as successful as possible.

Currently there are three pricing levels for the E-Mail Marketing service which consist of

a standard, plus and premium subscription level.

7.11.10 adManager

This is an advertising service that allows small businesses to advertise in search

engine results. A number of popular search engines are affiliated with adManager

including, MSN Live Search, Ask.com, Facebook and various other search engine

websites (or websites that have a search facility). Businesses can choose to pay either

by setting a monthly budget, which basically means once their budget has been

reached then their ads are no longer displayed in search engine results or by using a

pay-per-click payment model.

As you can see, Office Live Small Business is an entire suite of web-based software

services that are designed in such a way, so that is easy for an offline-based business

to easily migrate online or at least integrate the use of web-based technologies into

their everyday business activities. The Office Live Small Business suite consists of a

number of different services, some of these services may be used alone as standalone

services (such as Office Live Workspaces), while other services are only made

available as a part of the Office Live Business suite (for example, website design tools).

7.12 A Brief Comparison between Technologies

There are many different companies that now offer a number of different software

services. Most desktop-based applications that are used for everyday use (such as


word processing applications, calendar applications, etc.) can now be made available

online as a service, in one form or another.

Microsoft and Google are two major companies that are involved with SaaS and they

have released various different web-based software services. Some of which directly

compete with each other. For example Hotmail (now known as Windows Live Hotmail)

was one of the most widely used web-based email services but when Google made

their Gmail service available to users (which provided a much larger storage capacity

than Hotmail) many users began using Google‟s email service.

Currently, Google offers 7 Gigabytes of storage space with their Gmail email service for

free and allow users to send attachments of up to 20 Megabytes in size. Microsoft

currently offers its users with 5 Gigabytes of storage space for free and attachment

sizes of up to 10 Megabytes in size. It is obvious why Gmail is favored by many users.

However, Hotmail still remains the dominant web-based email service, simply because

of its popularity and history and because it provides an interface that many people are

familiar with (Hotmail‟s interface is very similar to the interface that Outlook has, which

is a very well known and widely used POP3 email application).

Of course, web-based email is not the only software service area in which Google and

Microsoft directly compete in with one another. In fact, both Google Apps Premiere

(Google‟s subscription-based application suite) and Microsoft Office Live Essentials

(Microsoft‟s first tier subscription level for their Office Live suite) offer similar services at

around the same price. Below is a comparison between the two sets of suites.

Google Apps

Premiere

Microsoft Office Live

Essentials

Domain Name

Included

Yes Yes

Website Design Tool

Included

Yes Yes

Email Storage

Capacity

10 Gigabytes of storage

capacity per user.

2 Gigabytes of storage

capacity per user.

Workspace Storage

Capacity

Currently no limit on

document storage.

1 Gigabyte of workspace

storage.

Number of Email

Accounts Included

Unlimited domain

based email accounts.

A limit of 50 domain-based

email accounts (more can be

purchased if necessary).


Additional Services

or Features

Google Docs and

Spreadsheet document

collaboration services.

A contact manager as well as

workspaces for up to 10 users

and a calendar application.

Cost

$50.00 per year, per

user.

$19.95 per month for up to a

maximum of 10 users (which

adds up to $239.40 per year).

As you can see, both companies offer a very similar set of services with their

subscription based software suites. It is once again Google that provide a much larger

storage capacity for both email and workspaces, than Microsoft currently do. However,

despite this, Microsoft‟s service is actually cheaper for an organization in the long run, if

they consist of 5-10 employees. Google‟s service on the other hand, is only cheaper if

an organization consists of less than 5 employees.

Microsoft‟s Office Live Essentials software service is best utilized by businesses that do

not already have a website or an online presence and want to create one in a quick,

easy and cost-effective manner. It is also best utilized by businesses that use

Windows-based operating systems or by businesses that primarily work in a Windows-

based operating environment. Finally, Microsoft‟s Office Live Essentials software

service is best utilized by businesses that have a model based around a traditional

business model, i.e. attracting customers, interacting with them and then keeping them.

On the other hand, the Google Apps Premier software service is best utilized by

businesses that already have an online presence or website and want to improve their

web-based business through the use of email tools and workspace collaboration tools.

Google‟s software service also supports a wide range of operating systems which

means that the service would still work for businesses even if they primarily used Linux-

based distributions or Mac OS X operating systems, instead of Windows-based

operating systems for example. Finally, if a business, for whatever reason did not use a

traditional based business model and did not need to keep track of customers or

customer transactions, then Google‟s software service could be an ideal service for

them to use.

Google and Microsoft are the major „players‟ in the SaaS market area, however there

are various other independent software service vendors such as Axentis, Salesforce

and NetSuite for example, that each offer their own unique set of software services.

The software service vendor that a business or client chooses all depends on the

software service (or set of services) that they require and on their own unique business

needs.


7.13 Introduction Review Questions

1. What service includes software on the computer, as well as additional services via

the Internet?

a) SaaS

b) Utility Computing

c) Software + Service

d) ASP

TRUE or FALSE

2. SaaS is Software as a Service

3. What are the two main categories of SaaS?

a) Customer and Business orientated

b) Private and Business orientated

c) Pay-as-you-go and Subscription

d) ASP and Software + Service

4. If JavaScript and Perl are scripting languages, what is Ajax?

a) A scripting language b) Object-orient programming language c) Web development technique d) Web application framework


8 How to Accomplish SaaS

When a business migrates from a traditional on-premises software application model,

to Software as a Service software delivery model, there are a few changes that a

business will need to make to their existing software environment, along with a few

tasks and processes that they will need to carry out, to ensure that they have a smooth

transition. However, these processes will be of benefit to them in the long term,

because they will eliminate the unnecessary loads that on-premises software

applications place on their data centers and will greatly reduce software management

related issues.

8.1 Migrating from a standard software environment to a SaaS one (before and after)

The great thing about migrating from a traditional on-premises software application

model, to a hosted SaaS application delivery model, is that most of the work is already

done for you. In other words, software applications are already installed, secured and

are up and running, ready to be used. Customers do not have to purchase additional

hardware or new servers, they do not need to install operating systems onto these

servers and they do not have to waste time configuring these servers.

However this does not mean that a migration from a standard software environment to

a SaaS-based software environment entails no work. Businesses still have to clearly

define what their business processes are and get their workforce behind the new

software environment, among a host of other things.

8.1.1 Things to do and consider before migration

The first thing that a business will want to do, before even weighing up whether their

existing hardware infrastructure will meet the requirements of their new SaaS

application services, is clearly define what their actual business processes are.

Using any type of new technology or software can easily confuse a business and its

employees about which business processes this new software application deals with

and which employees will deal with this new software. By clearly defining each one of

their processes and assigning roles to each one of their employees for their new SaaS


infrastructure before it is actually rolled out, a business can avoid confusion at a later

stage.

As well as clearly defining the roles of their new SaaS applications and employees in

the larger scheme of things, a business should also be able to answer a number of

important questions before they actually implement SaaS within their business

environment. These questions are briefly detailed below.

Why are they implementing SaaS?

A business should be clear about why they are implementing SaaS and they should be

able to justify its implementation by listing the benefits that it will provide (by carrying

out a cost benefit analysis for example). If the benefits of implementing SaaS outweigh

the costs of implementing it (including upfront costs, subscription costs, costs related to

changes in their own infrastructure, etc.), then a business can go ahead and implement

SaaS within their business environment, if they wish.

Do they know what they want to get out of implementing SaaS?

It is no good implementing SaaS but then not knowing what you are going to get out of

it. Businesses should have a number of aims and objectives that they want to

accomplish, through the use of their new software services. For example a business

may want their SaaS software applications to reduce their software management costs

or to improve data collaboration between various different business sites of theirs that

they may have. A business should be clear on what they want to get out of using their

software applications, regardless of what this may actually be.

Have they considered the true cost of implementing SaaS?

Although it may not initially seem like it, when SaaS is implemented, businesses have

more costs than just their upfront subscription costs. For example, they may need to

consider licensing issues, depending on how many instances of a particular software

service that they require and depending on how many users that a SaaS service

provider allows, to access a single instance of that software service.

They need to consider internal costs such as the labor costs of implementing SaaS or

any costs due to a change in their infrastructure (for example they may require quicker

network connections to support their SaaS services). They need to think about training

costs and finally how their users are going to access these software services (for

example will they require new laptops to access these services remotely), as well as

storage related costs. Clearly there are various different costs that a business is faced

with when implementing SaaS and they should try their best not to overlook any of

these costs.


Do their SaaS software service providers provide them with a solid SLA?

Without a solid SLA (Service Level Agreement) in place, SaaS software service

providers are not bound to provide customers with the service that they paid for. Yes, a

software vendor will still offer their software services to their customers but the quality

and availability of these software services is not guaranteed. Businesses should

choose a SaaS service provider that has a solid Service Level Agreement in place,

which defines the exact quality and availability of the software services that they will

deliver to their clients, along with any repercussions that they will face if they fail to

meet these requirements.

It is clear that most of the tasks that a business carries out, before implementing SaaS

as a part of their infrastructure, are planning-based tasks. A business needs to carefully

plan and figure out why they are implementing SaaS. Only when their reasons justify

the costs of implementing SaaS and highlight the benefits that a business will receive

when SaaS is implemented, should they then actually incorporate SaaS as a part of

their infrastructure.

8.1.2 Things to do after migration

When implementing traditional on-premises software applications, a business first has

to set up their hardware, and then install the software applications onto their hardware

platforms. They then have to configure the software applications and finally secure

them and test run them.

Implementing SaaS is much simpler than this and is very quick. The only real trade off

is that SaaS software applications currently do not offer the same level of

customizability that traditional on-premises software applications do. However, most

software vendors can live with this fact.

Most SaaS service providers do provide their customers with „point and click‟

customizability options. Customization is the main thing that a business should do once

their SaaS software services have been rolled out, so that these software application

services can meet their own specific set of needs and more efficiently help a business.

Lastly, the business should test these software application services. For example,

testing their default Internet browser‟s compatibility, how efficiently it works on mobile

devices such as laptops, and general load testing.


8.2 A simple how to guide

The actual implementation and rollout of SaaS software applications is a relatively

quick and easy process. In fact, businesses will spend more time on processes that are

related to planning and determining why and whether it is worth being implemented,

rather than the actual implementation. There are a number of different ways that a

business can go about implementing SaaS but most methods will include the stages

detailed below.

1. Justify the implementation of SaaS using a wide range of criteria

There are two main software implementation models for businesses and these consist

of an on-premises software implementation model and a hosted SaaS software

implementation model. When a business decides that they want to implement SaaS,

they should carry out extensive research, determining whether SaaS will be of benefit

to them or not.

Not only should a business match SaaS software services against their research

criteria but they should also match traditional on-premises software applications against

their research criteria. By doing this, a business can then compare and contrast both

software implementation models, which will then put them in a better position to justify

which will be the of the most benefit to them.

Cost is an obvious research criterion, and the software implementation model with the

cheapest upfront costs will be favored by most businesses. However, businesses

should not just base their final selection on cost alone. Other research criteria should

also be considered, including:

The flexibility that each software implementation model offers. On-premises

software applications generally offer businesses with more flexibility but they

usually have higher upfront costs than SaaS applications.

Potential risks that each software implementation model may pose. For example

a SaaS implementation model may potentially threaten a businesses‟ privacy,

because their business-related data is being transferred across the Internet, and

in most cases is being stored within a software vendors data centers.

Licensing-related issues. For example, how many users can access a single

instance of a particular software application if SaaS is being used, and will a

SaaS service provider charge extra if more users than what are allowed use a

single instance of a particular software service?


How much storage capacity will SaaS service providers give to their customers

and what are the costs for additional storage?

What kind of support is offered by the software vendor and is this support free?

Additional costs which may not be as obvious, for example, the cost of an IT

professional to manage on-premises software applications, or the costs of

providing training to teach employees how to connect to and use SaaS software

application services.

A business should compare both software implementation models (where applicable) to

the research criteria above. Once this is done, a business will be able to see more

clearly, which software implementation model is best for them. Two other research

criteria that a business can use (which are applicable to SaaS), is whether they will be

able to easily migrate back to an on-premises software implementation model in the

future, once SaaS has been implemented and what the long-term prospects of their

SaaS service provider are.

2. Negotiate a contract that is right for them

So a business has now justified their reason for implementing SaaS. The next step for

them involves negotiating a suitable contract with their SaaS service provider.

Most SaaS service providers often do not provide formal Service Level Agreements

(SLAs) to their clients. The reason for this is because they do not want to take up the

additional responsibility that a Service Level Agreement provides them with. Instead

SaaS service providers will often have best effort delivery clauses in their contracts, but

this guarantees nothing to a client and can be easily abused by a software vendor. In

order to protect themselves and ensure that they get exactly what they pay for, a

business should request a reasonable Service Level Agreement contract from their

SaaS service provider.

Businesses will also want to ensure that there are no hidden costs in their contract. For

example, is there a clause which states that their subscription only includes a certain

number of transactions per month and that additional transactions will incur charges?

Will customer support remain free or will a business be charged after a certain number

of support tickets have been used up (if a ticket-based support system is used)?

Finally, a business will want to confirm what recovery and security related clauses are

in their contract. For example, what backup procedures does a SaaS service provider

have in place, if any? Will the service provider be liable for the breach or corruption of

their client‟s data when it is stored within their own data centers (after all it should be

the service providers own responsibility to secure their own data centers).


These are all important considerations for a business to make when they are

negotiating their SaaS contract and if they are unhappy with anything then they should

request the changes that they require.

3. Use best practice implementation methods

Once a business has justified their reason for implementing SaaS and have negotiated

a suitable contract, they can then actually implement SaaS as a part of their software

infrastructure. The actual implementation of SaaS software services is a relatively

straightforward process. However, businesses should still follow generalized best

practice procedures that they would follow when implementing on-premises software

(or any other new technology for that matter), in order to help minimize the chances of

any problems occurring.

Some of these best practice procedures are briefly detailed on the following page.

Re-confirming the aims and objectives that the new SaaS solution will help them

to achieve

A business should already have a good idea right at the very beginning, about what

their new SaaS software services will help them to achieve and accomplish. However,

after negotiating a suitable contract, a business should once again confirm that the

SaaS services will still help them in meeting their goals and objectives. If this is still the

case, then a business can go ahead and implement SaaS as a part of their software

infrastructure.


Building a suitable team

Once SaaS has been implemented, a business will require a number of IT

professionals to manage and maintain their new software services. A business should

define roles within their organization and a business should also create a team (or

group of teams) that will look after their new SaaS offerings, before their SaaS software

services have actually been implemented.

Some of the roles within a business that has a SaaS-based software infrastructure,

include a SaaS software administrator (who will look after SaaS software services), a

user group committee (who will suggest changes in order to fine tune software services

for a business), as well as a SaaS software developer (who will be able to make the

changes that the user group committee suggests).

Defining a clear timeline

Even though implementing SaaS is a relatively quick and straightforward procedure, a

business should still define a clear timeline for their actual implementation procedure

(they could use a work break down structure in order to do this, for example). A

business should clearly define milestone dates as well as dates for when important

tasks should be completed, so that they can avoid being sidetracked when

implementing SaaS and making the required changes to their existing infrastructure.

Configuring the SaaS solution to meet their specific needs

Once a business has implemented their SaaS software services, they will want to

configure these software services to meet their own specific needs (just as they would

configure any other new software application or technology). A business may also need

to carry out configurations to their existing infrastructure before implementing the new

SaaS software services.

\Some of these configurations and changes might consist of hardware-based changes,

network-based changes or even software-based changes. No matter what changes

and configurations a business has to make to their infrastructure, both before and after

the implementation of SaaS, they should always plan for these changes beforehand by

carrying out research in order to avoid any unforeseen problems.

Again, it is not the actual implementation of SaaS that is a challenge to businesses (the

SaaS software services that they are going to use are already in place and ready to

use). Instead, the challenge that a business faces, is making sure that the SaaS

software services are the right software services for them and will easily integrate into


their existing business infrastructure. If this is not the case, then as detailed before, a

business should make the necessary changes, either to their own existing

infrastructure or to their new SaaS software services (using whichever method is the

most practical and the most cost-effective).

Adopting solid data security practices

Once SaaS has been implemented, it doesn‟t mean that a business‟s work stops there.

Security is the next thing that a business should be thinking about. Although the

security of a business‟s software services and the data that these software services

use, are in the hands of a business‟ SaaS service provider, this doesn‟t meant that a

business has no power at all when it comes to security.

Some of the things that a business can do to help ensure that their software services

and data is secure, include ensuring that their SaaS service provider, provides them

with a data protection guarantee, and also ensuring the provider complies with industry

standards. Businesses should look into their SaaS service provider‟s background and

find out what levels of security they have in place to protect their data centers, what

backup and disaster recovery procedures they have in place, if any, and how they go

about securing each one of their client‟s data.

Finally a business should clearly define roles and access rights within their own

organization (again this is a process that would also be carried for on-premises

software solutions). For example, no users without the correct credentials should be

able to access more than what they are allowed access. Workstation users may only

have access to restricted versions of a software service, while administrators would

have access to the full versions of these software services.

Adopting a solid support structure

The final task that a business wants to do when implementing SaaS is to adopt a solid

support structure for their SaaS services. For example a business will want to decide

how they are going to support their SaaS software services, which employees will

support these SaaS software services (i.e. existing employees or additional IT

professionals) and how these SaaS services will integrate with software from third-party

software vendors.

One mistake that businesses can easily make when adopting SaaS is to think that they

no longer have to carry out software support and maintenance related procedures. This

is not entirely true. Although SaaS service providers will carry out software upgrade

procedures, data management procedures and support-related tasks, it is still down to

the end-user of these software services, to ensure that they provide any additional


support for these software services, in order to make sure that these software services

meet their exact needs (rather than just vaguely meeting them).

Finally, businesses that are implementing SaaS should always have a second or third

choice SaaS service provider in their mind. This is because when changes affect their

SaaS service provider, then they will also be affected by these changes. The SaaS

software market is still maturing and it is very likely that a SaaS service provider could

merge with another company or even be taken over. By having a second or third SaaS

service provider in the wings, businesses are ready to shift service providers if any

changes do occur or if their existing SaaS service provider can no longer deliver the

software services.

8.3 Top 10 things to do and consider when implementing SaaS

There are a number of processes and tasks that a business must complete in order for

them to successfully implement SaaS as a part of their infrastructure. Ten of these

considerations and processes are detailed below.

1. Ensure that you understand exactly why you are implementing SaaS

Whether it is a hardware-based technology or in this case a software service-based

technology, there is always a reason (or number of reasons) exactly why a business is

implementing SaaS. Some business might want to improve their efficiency by being

able to concentrate more on business-related processes rather than on software

management processes, while others may want to improve the collaboration of

geographically separated business sites.

No matter what reason a business has for wanting to implement SaaS, they should be

clear about exactly what this reason is. A business should also have a very good

understanding about how their existing processes and infrastructure work. This

information is required so that SaaS software services can be integrated into their

existing infrastructure at a later stage but with an absolute minimum of problems.


2. Note down exactly what you need in order to know why you are implementing

SaaS in the first place

Once a business knows why they are implementing SaaS, they can then go about

finding exactly what they need in order to accomplish this. Firstly, a business should be

able to answer exactly what their SaaS software services need to be able to do.

Secondly, a business should be able to answer exactly what kind of features these

software services will need to have.

For example if a business wanted to improve data collaboration between various

business sites, they would want a SaaS software solution that could be accessed by

many users. However, if a business wanted a highly efficient software solution, similar

in performance to traditional on-premises software solutions, then they would probably

want a SaaS software service that could only be accessed by a few users at a time

(more efficient than software solutions which are offered by many different users at the

same time).

3. Request a Service Level Agreement before signing any contracts

The Service Level Agreement is an important agreement document because it clearly

defines what a SaaS service provider is offering, and also what consequences they will

face if they fail to deliver these services to the agreed standard. To avoid problems at a

later time and to ensure they are getting exactly what they paid for, a business should

request a Service Level Agreement before actually signing any contracts. Only when a

business is happy with the terms in their Service Level Agreement, should they

continue with the implementation process of SaaS.

4. Make sure that agreement clauses meet your needs and not just the software

vendors needs

Because SaaS software vendors can be located anywhere in the world, their customs

and agreements may be differ from what a business (located elsewhere) thinks that

these terms mean. For example, if a business was located in the US and their SaaS

service provider was located in the UK (or any other part of the world other than the

US), then there will be a time difference (among other differences) between the two

organizations.

This has a number of consequences when dealing with availability agreements or any

other types of agreement clauses for that matter. For example, a SaaS service provider

may have a clause stating that they guarantee the availability of software services

during business hours. However, a business should be clear about what exactly is


meant by phrase „business hours‟. For example, does it mean that these software

services will be available during the SaaS service provider‟s business hours or during

their client‟s business hours (which may differ due to geographical differences)?

Also, still using the same example above, a SaaS service provider may have a different

interpretation of what the term „business hours‟ means, when compared to what their

client actually needs. For example a SaaS service provider may define the term

business hours meaning nine till five. However if a business operated 24/7, then

obviously this clause is unsuited to them.

If a SaaS service provider has any vaguely written agreement clauses, then a business

should clarify exactly what these clauses mean. If they are not happy with these

clauses, then they should negotiate their own agreement clauses or select another

service provider that better matches their needs.

5. Consider IT support requirements

Businesses should consider what level of IT professionals they will need, as well as

what the expectations of their SaaS service provider actually are. For example, will a

business be able to continue operating with their existing workforce once SaaS has

been implemented or will they need to bring in additional IT professionals? Will a

business‟ SaaS service provider expect a business to have technical geniuses on

hand, or will anyone with a basic knowledge of IT be able to use their software

services?

The level of support that a business will have to provide for SaaS software services

depends on what level of support their SaaS software vendor can provide them with. If

a SaaS software vendor just delivers their software services but with very little support

or documentation, then a business will need to employ a solid IT support workforce.

However, if a SaaS software vendor provides clear instructions and documentation in

clear English (with very little technical jargon) then a business should be able to

continue operating without the need to bring in additional IT support professionals.

6. Find out if anything has to be done if your service provider fails to deliver the

standard of services that they promised

A business should have already negotiated the consequences that a SaaS service

provider will face if they fail to deliver the standard of software services that they

promised.

Businesses should be clear about whether the process is an automated one or not. If it

is not an automated process, then a business should be clear about exactly what action


they have to take when their SaaS service provider fails to deliver their services up to

the standard that was guaranteed by them in their Service Level Agreement contract.

7. Make sure that employees are properly trained

Because implementing SaaS is such a relatively straightforward procedure, businesses

can easily forget to train their staff. To avoid problems once SaaS software services

have been implemented, a business should train its staff on how to access and use

these new software services, during their initial setup stage. Once SaaS has been

implemented, additional training should be available.

8. Consider what exit strategies you have

Is a business able to leave their SaaS service provider at any time? Will they easily be

able to migrate to another SaaS service provider or return back to an on-premises

software infrastructure?

A business should also consider the fate of their data that was stored on their SaaS

service provider‟s data centers. Will they be able to easily restore this data back on to

their own data centers or will some of their data remain on their SaaS service provider‟s

data centers? Some SaaS service providers may choose to keep certain amounts of a

client‟s data on their own data centers (for a limited period of time), should they return

in the future. If a business is not happy with this policy, then they should request that all

of their data is erased from their SaaS service provider‟s data centers.

9. Decrease the number of existing machines within your internal infrastructure

The great thing about SaaS is that a business doesn‟t need to host their software

applications. This means that a business no longer requires as many physical servers

or software licenses for their on-premises software applications or operating systems

as they did before.

By decreasing the number of physical and licensed software operating systems or

licensed software applications that a business is running within its internal

infrastructure, a business can save money in the long run. Not only will they save

money on buying new hardware for their servers or paying for additional software

licenses but they will also save money on the administration of these machines, in

power consumption and cooling requirements, as well as many other aspects.


10. Know exactly what you will be paying

With traditional software applications, businesses pay a single upfront cost for and for

any licenses that they require, depending on how many instances of that particular

software application they need to run. With SaaS software services, when it comes to

payment, things are not as straightforward.

For example, businesses may pay a monthly fee to use their SaaS service provider‟s

software services or they may only pay for what they use, by using a pay-as-you-go

payment model. Businesses may also have to deal with licensing-related issues if

multiple users are going to access a single instance of a software application and they

may also have to pay for storage space within their software vendor‟s data centers.

In order to save money a business should clearly know beforehand how frequently they

will be using these data services, what their data storage requirements are and what

payment method would be the best for them (i.e. a monthly fixed rate or a pay-as-you-

go payment model). Finally, businesses should not forget about other costs, including

costs that relate to staffing requirements, training, backing up requirements and any

other process that are not in their software vendors hands.

8.4 Top 10 SaaS pitfalls

Although SaaS has many advantages, just like any other technology, it is not perfect

and there are a number of pitfalls that businesses can face, both before and after

implementing SaaS. Detailed below are ten of the most common pitfalls that

businesses can face when implementing SaaS and what they can do to avoid these

problems.

1. Not knowing what they are agreeing to

In most cases, SaaS service providers will provide clients with an agreement „button‟

allowing them to sign up for a SaaS service provider‟s software services with very little

hassle. A SaaS service provider will provide terms and conditions to their potential

customers, however most of the time, people don‟t bother reading it and usually end up

clicking agree, without actually thinking about what they are agreeing to.

A business that is not properly controlled and does not allow information to be easily

passed on between departments could end up agreeing to something they aren‟t happy

with or something that would affect them negatively in the future.


To ensure that this does not occur, businesses should make sure that a representative

from each one their affected departments reads their potential SaaS software vendor‟s

terms and conditions carefully. If all of the individual departments of a business are

happy with these terms and conditions and are not affected negatively by these terms

and conditions in any way, then a business can agree because they now have a better

idea of what they are agreeing to as a whole.

2. Paying more than they should be, for their software services

One of the great things about SaaS is that a business does not have to pay massive

upfront costs in order to start using software services or SaaS-based applications. Most

SaaS service providers will offer various different payment plans to their clients,

including monthly, quarterly or annual payment options.

Although the monthly plan seems like the best option (because it gives more freedom

than the other payment options), a business can actually end up paying more in the

long term. If a business knows that they are going to be using a software application for

a year or longer, and have the budget to pay for their software services annually, then

they should select this payment option because, when compared to paying for their

software services using the monthly payment option, they can save up to 15 percent

per year.

Sometimes businesses end up paying more than they should because they do not

research enough what software service or what payment option would be the best for

them. For example if a business chose a pay-as-you-go payment model but used their

SaaS software services frequently, then they could be paying a lot more than if they

had chosen a monthly payment option.

3. Not having a Service Level Agreement

Service Level Agreements are very important to a business because they define

exactly what level and quality of service is acceptable and what is not. Some software

vendors will provide Service Level Agreements as a part of their main contract, while

others will not. If a software vendor does not initially provide a Service Level

Agreement, then the business should request a Service Level Agreement from their

software vendor. If necessary, businesses should modify any clauses that they are not

happy with or even create their own clauses, so that a software vendor can better meet

their requirements.

Businesses should also ensure that the Service Level Agreement states what penalties

a SaaS service provider will face if they fail to deliver their software services to the

agreed standard. Will a SaaS service provider reduce the subscription rate of their


client for the next month, or will they give credits their clients in some other form? If this

information is not present in the Service Level Agreement document, then a business

should request it.

4. Not knowing how their SaaS service provider performs and what state they are

in

Again this ties into the not having a Service Level Agreement with any performance-

related clauses. However, clients should also request information about their SaaS

service provider‟s past levels of performance, uptime, etc. By researching into a SaaS

service providers, a business can get a better idea of their service provider can provide

them with (rather than just having a vague estimate).

Businesses should also try to find out what state their SaaS service provider will be in,

both in the short term and in the long term. For example is their SaaS service provider

going to be making any investments within the next year, merging with another

business anytime soon or are they going to be enhancing the software services that

they currently have on offer. All of these activities could affect a SaaS service providers

clients, one way or another, therefore it is important that a SaaS service providers

clients know what state their service provider is in and also know what activities or

tasks they will be carrying (at least one year in advance).

Clients should also find out how they will be contacted if the performance or delivery of

their software services is affected in any way and whether they will have to take any

actions in order to receive the credits that they are entitled to. Finally a client should

find out how long their SaaS service provider will have to fix any problems that do

occur. For a business that needs to operate close to 24/7, a few days to fix a problem

can seem like a very long time. Therefore, once again a business should ensure that

their SaaS service provider can meet their needs, by fixing any service delivery

problems within a few hours, rather than a few days (if they are a business that

requires maximum uptime).

5. Not taking into account hidden costs

Although SaaS service providers do have cheaper upfront costs, they usually make up

for these cheaper costs in other ways. Businesses can end up paying more than they

should have to, defeating the purpose of implementing SaaS in the first place. To avoid

having to pay unforeseen costs in the future, a business should ensure that they

carefully read their SaaS service provider‟s fine print, and terms and conditions.

There are various hidden costs that a SaaS service provider could charge their clients.

For example, some SaaS software vendors may end up charging their clients for

configuring and setting up their software services. Other software vendors may charge


extra based on what types of device a client will access their software services from,

such as a mobile device. Software vendors may also charge their clients extra if they

go over their agreed storage limit and they may even charge them for technical

support.

When buying SaaS software services, a lot of businesses only look at the upfront

subscription rate that and forget to take into account the cost of additional features or

add-ons. To avoid this pitfall, businesses should make sure that they carefully research

how much their SaaS software services will cost, taking into account all of their needs,

as well as the purchase of any add-ons to meet these needs.

6. Not taking into account integration costs

In most cases, when a business implements SaaS, they will still have some of their

existing on-premises software applications running in parallel with their new SaaS

software services. This means that it is very likely a business will want to integrate

these two software services and applications, so that they can work together.

Of course this may not be a straightforward process and can end up costing a business

more then they initially thought it would (another hidden cost). Although a business‟

SaaS service provider usually can deal with integration-related issues, they charge

extra for this type of work. It may be more feasible for a business to use a third-party

company that can carry out this type of work.

7. Not knowing what their data rights are

Whenever a business uses SaaS-based software services, at least some of their data

will be stored on their SaaS service provider‟s data centers. Customers should ensure

that the rights to access their own data remains with them and they should also make

sure that their data can still be recovered or restored if their SaaS service provider went

out of business (or if any other similar scenario occurred where a client would be at risk

of losing their data).

Finally, a SaaS service provider‟s clients should also confirm how their data will be

secured by their service provider, from a privacy standpoint and a disaster recovery

standpoint. Again, this links into the Service Level Agreement document and a client

should ensure that both data security and data backup related clauses are included in

their Service Level Agreement.


8. The lack of control that businesses have over SaaS software services

The great thing about SaaS is that it takes away the hassle of having to configure,

maintain and upgrade software applications. However, this can also be a pitfall,

because businesses no longer have the same level of control over their software

applications and data, as they do with their on-premises software applications.

For example a business now has to go through their SaaS service provider in order to

access their data and the level of customizability for these software services also

varies, depending on what their SaaS service provider allows.

Businesses should make sure that they know exactly what level of customizability their

SaaS service provider will allow them to have.

9. Having to rely on the Internet

Due to the fact that SaaS software services are delivered over the Internet, a business

has to ensure that their Internet Service Provider (ISP) provides them with an

uninterrupted and high quality Internet connection. The amount of available bandwidth

that ISPs have also varies depending on the time of the day. For example, during peak

hours, it is a very real possibility that a business Internet connection will slow down

significantly and this will obviously have an effect on the ability of a business to access

their SaaS software services.

To minimize Internet connection-related problems, a business should ensure that they

have a high speed/high quality link in place. Businesses that use SaaS should also

consider implementing a dedicated Internet connection, so that they don‟t have to

share bandwidth with other users (of course this will require a larger budget). Finally,

businesses should consider implementing a redundant Internet connection, so that if

their initial connection does go down or has a problem, they will be able to continue

operating until their initial link is restored.

10. Not taking into account exit costs

This is another thing that businesses can easily overlook. Before signing their SaaS

software vendor‟s contract, a business should look out for any exit costs or problems

they may face if they choose to back out.

For example, if they signed a contract for one year but backed out half way through,

would they get a partial refund or would they lose the rest of their money for the

remaining six months? Also, would they have any problems retrieving their own data


that is stored on their SaaS service provider‟s data centers? Some SaaS service

providers have exit charges and will charge their clients before they can actually

retrieve data.

To avoid being stung by exit costs, once again a business should carefully check the

fine print of their SaaS service provider‟s terms and conditions. Businesses should also

try to keep as much control of their own data as possible and keep their data in their

own hands. By doing this, if a business does stop using a SaaS service provider‟s

software services at a later date, they can easily back out without losing too much data.

8.5 Some of the problems that you may encounter with SaaS

SaaS has many advantages but there are still a number of problems that a business

may encounter when dealing with SaaS. Detailed below are some of the most common

problems that business may face when using SaaS.

An Internet connection is required at all times

One of the biggest drawbacks of SaaS is that employees can no longer work offline

when SaaS software services are used. For employees working from within their

businesses headquarters or those who have a dedicated Internet connection at home,

this is not too much of a problem.

However, for employees who work from a mobile device such as a laptop or for

employees who are constantly on the move, this is obviously a problem. For example,

how will an employee who is constantly travelling be able to get any work done? Will

they have to keep paying for single day Internet access in an Internet café or in their

hotel? The costs for single day Internet access can very quickly add up and completely

negate the cost saving benefits of SaaS.

One way for those employees to receive the benefits of SaaS involves using Software

plus Service. This is a compromise between having a complete SaaS solution and

having a complete traditional on-premises software solution, and it gives businesses

the best of both worlds.


The security and control of your data is no longer in your own hands

When using SaaS, some, if not all of the data of a business will be stored on their SaaS

service provider‟s data centers. Although some businesses are happy not to have to

deal with the management of software applications, most businesses will not like the

idea of giving control of their data to someone else.

A business has no idea how their SaaS service provider will secure their data and what

backup procedures will be in place. The only thing that a business can go by is the

word of their service provider confirming that they will ensure that their client‟s data will

be well looked after. To ensure that their data is well looked after, a business must

ensure that their service provider writes down exactly how their clients data will be

secured in their Service Level Agreement contract.

Selecting a well known SaaS vendor or a software service provider with a good

reputation will also give businesses peace of mind. For example a business is much

more likely to feel comfortable allowing a massively popular and well known

organization like Microsoft or Google to look after their data, rather than an obscure

software service provider without any history. Businesses should always try to find out

as much background information about their SaaS service provider that they can before

signing any contracts, to ensure that their SaaS service provider is a good, honest and

reliable company.

You can no longer control what version of a software application that you are

going to use

Although SaaS is great because software applications are constantly up-to-date,

sometimes a business is better off using an older version of a software application but

SaaS just does not allow this. For example businesses may wish to use an older

version of a software application because this older version is stable or because it is

compatible with their existing software applications but with SaaS, businesses only

have access to the most current versions of an application.

The general policy for many businesses when a new software application comes out is

to wait a little while before installing this software application so that any bugs or

„teething problems‟ can be fixed. However, with SaaS, businesses do not have this

option and are stuck with the very latest version of a software application (even though

this may have bugs).


You lose your freedom and are effectively at the control of your software vendor

The main problem with SaaS is the fact that businesses lose their freedom and are

effectively at the will of their SaaS service provider. For example, with a traditional

software application, a business pays for this software application with a single upfront

payment. After this, the software application is in their control and they can do what

they want with it (as long as they are not breaching their software vendor‟s terms and

conditions, such as copyright, licensing, etc.).

However, with SaaS software services a business must continuously keep paying their

SaaS service provider in order to access the software services that they require. If they

fail to pay their service provider for one month (if they are paying monthly), then they

risk losing their software services.

If their SaaS service provider changes its payment rate, then a business has to pay for

their software services at this revised payment rate. If a SaaS service provider faces

internal problems, then their clients will also be affected by these problems. SaaS is not

perfect and at times it may seem that it is the service provider who benefits the most

out SaaS (because they are the ones who are in control and calling all the „shots‟).

However, businesses can still benefit from implementing SaaS as long as they choose

a reputable SaaS service provider and have a solid Service Level Agreement contract

in place. By having a solid Service Level Agreement contract in place, businesses can

prevent their SaaS service provider, from abusing their position of power.


9 Managing a SaaS Environment

9.1 Support Issues

Most of the time when a business implements SaaS, it is the SaaS service provider that

deals with support-related issues. A business needs to understand what level of

support their SaaS service provider will provide them with, what level of support they

will have to provide themselves and how much support-related issues will cost them.

These three factors are detailed below.

What level of support will their service provider, provide them with

Some SaaS service providers will offer little support (for free), while others will offer full

support to their clients. A business should be clear about what level of support their

SaaS service provider will provide them with. For example, will their service provider

only provide them with support for the initial setup of their software services or

continuous on-going support?

Businesses should also be clear about the type of support technologies that their SaaS

service provider uses, so that they can implement any of these support technologies of

necessary. For example does a SaaS service provider use VOIP to deliver their

support services, will they use email or even instant messaging technology? Most

SaaS service providers will usually offer a basic level of email support, however other

SaaS service providers (with larger budgets), will usually offer more practical support

technologies such as VOIP or even remote assistance.

What level of support will the business provide?

Although support-related issues are mainly in the hands of a business‟ SaaS service

provider, there are processes that a business can carry out on their own. These

support-related processes usually involve a business modifying their own internal

infrastructure so that SaaS software services can be better supported by them.

For example a business may upgrade or update the software that they already have

installed on their existing hardware, such as web browser software (along with the

installation any plug-ins that may be required by them, in order for them to access their

new SaaS software services).


A business may also make changes to their physical infrastructure, so that SaaS

software services can be better accessed and supported by them. For example a

business may choose to upgrade their existing network connections with one that

provides more bandwidth, or upgrade their existing network-related devices such as

their routers or switches, with ones that can better handle their new stream of SaaS-

related traffic.

Although technical support will usually be offered by a business‟ SaaS service provider,

some businesses may decide to develop their own internal technical support team. The

advantage to this is that a business does not have to always contact their SaaS service

provider whenever they face a problem.

It is not always convenient for a SaaS service provider to answer the support-related

queries of their clients immediately, simply due to the number of requests that they will

usually receive. However, the disadvantage to a business when setting up their own

support team is that in most cases, a business will have to bring in a new set of IT

support professionals, and this is often expensive.

How much will support related issues cost

Businesses should be clear about how much support-related issues will cost them.

Some SaaS service providers charge for technical support, some offer it for free. Will a

business be setting up their own support team and if so, how much will this cost them?

Businesses should also take into account any costs that are related to actually

supporting the running of their new software services. For example, a business should

take into account the costs of installing new hardware or software (if necessary), as

well as the costs for making any changes to their infrastructure.

Although a business may benefit from making changes to their infrastructure now, they

should always take into account how this will affect them in the future. For example if a

business makes changes to their physical infrastructure in order to support their new

SaaS software services, how would this effect them at a later time, if they wished to

revert back to a non-SaaS based software environment?


9.2 How to measure capacity and performance

The ability for a business to easily manage and monitor the performance levels of their

SaaS software applications is an important factor. It is an important factor because it

allows a business to determine whether performance-related problems are caused by

them or whether they are caused by their SaaS service provider (in which case a

business should invoke the penalty clause in their Service Level Agreement).

However, traditional network troubleshooting and software monitoring tools are not very

effective at monitoring off-site SaaS software services, as they were never designed

and intended to be used to monitor off-site software services.

New technologies are available which can efficiently monitor the performance level of

SaaS software services and these are what businesses should use. The performance

of SaaS software services can be negatively affected by two things, hardware platform-

related bottlenecks and network connection-related bottlenecks.

Hardware platform-related bottlenecks

Hardware platform-related bottlenecks, refers to how the performance levels of SaaS

software services are affected by the machines that they run on, both at the SaaS

service provider‟s end and at a client‟s end.

Sometimes the performance levels of a software service are negatively affected at the

SaaS service provider‟s end. For example, when multiple users are trying to access the

same service causing performance levels for all users to decrease significantly.

At other times, the performance levels of a software service may be negatively affected

at the client‟s end (due to them not having hardware that is powerful enough to support

their new software services).

One way a client can determine whether hardware performance-related issues are at

their end or their SaaS service provider‟s is by running their software services on two

separate machines (one machine being significantly more powerful than the other).

If the performance levels of their SaaS software service are the same on both

machines, then it is clear that the issues are due to the SaaS service provider.

However, if their SaaS software service runs more smoothly and more efficiently on the

more powerful test machine, than it does on the less powerful test machine, then the

hardware bottleneck issue is obviously related to the client.


Network connection-related bottlenecks

The second thing that can affect the performance of a SaaS software service is the

network connection that a business has (or network-related issues). A business should

carry out all hardware performance related tests before testing the network.

Using traditional network monitoring tools, it is hard for a business to determine

whether their SaaS service provider is up and running, if they have direct connectivity

to their SaaS service provider, or if they have direct connectivity to their software

services and so on. However, new tools have been developed specifically for SaaS

performance monitoring purpose, which allow businesses to quickly determine whether

it is network related issues that are affecting the performance levels of their software

services or something else.

Measuring storage capacity

Software vendors will usually provide some kind of indication to their clients, about how

much available storage capacity they have used. However, some businesses may want

more detailed information about the total storage space or the total bandwidth that they

have used up, for a particular month.

As mentioned above, there are tools which have specifically been designed to make

the monitoring of SaaS related services easier and businesses should use these tools if

they want to monitor in detail both their storage capacity usage and their bandwidth

capacity usage.

9.3 Contracts and agreements such as licensing

When dealing with SaaS software services, licensing agreements (as in the traditional

sense) do not really exist. Instead, software vendors provide different subscription

levels and types which businesses can then choose from accordingly, based on how

many users, need to access a single instance of a software service. This differs from

the way in which businesses purchase traditional software applications. When a

business purchases a traditional on-premises software application, they need to buy

licenses depending on how many instances of a particular software application that

they are going to run.

However with SaaS, things are done differently and in most cases, there are no

licensing agreements. SaaS service providers will usually determine in their terms and

conditions for each one their subscription types, how many users will be able to access

a single instance of each one of their software services. For example a SaaS service

provider may only allow five users to access a single instance of their software service


when a particular subscription type is selected, while they may allow up to ten users,

when another subscription type is selected.

Similar to licensing agreements for traditional software applications, subscription

agreements are negotiable. For example if a business needed twenty different

employees to be able to access a single instance of a software service but no contract

for this existed, then a business could negotiate one with their SaaS service provider.

Also, the more individuals that a business has, who need to all access the same

software service, the cheaper per „head‟ their SaaS subscription rate should be.

Other contract-related issues that businesses need to deal with include the control and

security of their data as well as clauses which allow them to easily end their

relationship with their SaaS service provider if necessary. For example, businesses

should ensure that their SaaS service provider will keep their data secure and will allow

them to easily leave their service provider with all of their data and without having to

pay any additional cost (as long as they have met their minimum contract terms).

9.4 Organizational aspects – such as the Roles & Responsibilities that people have in a SaaS environment

The roles and responsibilities that people have in a SaaS-based environment are not

that much different from the roles and responsibilities that people will have in other

software-based environments. However, it is true that in most cases, businesses can

reduce their workforce and the number of machines that they have running internally

when SaaS is implemented.

One of the major advantages of SaaS is that employees can access their software

services and data related to these software services from any machine (whether it is a

desktop machine, laptop machine or even a PDA type device), as long as they have a

connection to the Internet.

Businesses need to define how users will access these software services and who will

have access to them. Will a business use business-wide access credentials where

every user can access a particular software service using the same login information,

or will each individual user have their own set of login credentials?

It should be noted by businesses, that using business-wide access credentials is

obviously less secure than using individual access credentials, because all it takes is

for one person to accidentally leak their access information and an entire business‟

SaaS software services are compromised.


In most cases, businesses will assign individuals with their own software service

access credentials. This is because not only is this more secure, but it also allows

businesses to more easily monitor their employees data usage and it allows

businesses to more practically assign roles to each one of their employees (by

controlling what employees with different roles can actually access).

Businesses can also assign different access rights to each one of their employees

when each user has their own set of software service access credentials. For example

some employees may only be allowed to access restricted versions of a software

service, while other employees are allowed to access the full versions of these

applications. This means that businesses can control which departments or employees,

can see what data.

SaaS also provides businesses with the option to reduce their workforce if they wish to.

For example, employees who previously dealt with updating and keeping a business‟

traditional on-premises software applications secure would no longer be required.

A business can also cut down on the number of servers and workstations they have

running, when SaaS is implemented. This is simply because a business no longer

needs to run as many application servers as they did before (as their software services

are now being hosted externally). This means that a business can also save money,

both in terms of hardware usage requirements and in terms of power usage

requirements.

The roles of employees and different workgroups that a business will have when

implementing SaaS will be similar to the roles and workgroups that they previously had.

For example, businesses will still have the same sales personnel, IT administrators,

etc., but a business may also want to consider creating a new support group for their

new SaaS-based services.

Although most SaaS service providers will provide their clients with support, this

support can often be labored and time consuming (simply due to the number of clients

that most SaaS service providers have to deal with). By setting up their own on-

premises SaaS support team a business can save a lot of time and hassle and quickly

resolve common problems they may face from time to time.

In the end, when SaaS is implemented, the roles and responsibilities that employees

have within a business are not that much different from the roles and responsibilities

that they had before. A problem that a business faces is whether they should lay off

their employees who have been made redundant or whether they should move them to

other more important business related activities. Depending on how much support that

their SaaS service provider provides them with, a businesses may also want to

consider setting up their own specialized SaaS support team (if they have the budget

for it of course).


freya.dixon

BLANK


10 Introducing Applications on the Web

The task of computing has to apply logic to inputs in order to provide a consistent and

acceptable output. Programming code is set up to create a processing method that

can be used and reused. In early days, the code may have been self-contained by

individual machines, where one machine would provide processing for one task while

another machine is used for another task. Eventually, programming code became self-

contained into files called applications.

The advantage to computing was that multiple applications could be found on a single

machine. Use of the application was derived by accessing the file that contains the

desired programming code. The primary focus of applications in these early days was

scientific research and statistical analysis.

Networking allowed programming code to be shared by multiple users. To do this, the

application sat on a single machine that was connected to each of the users. To

access the application, the users simply needed to be connected to the server and

access the file on the single machine, usually called a server. The machine that the

user used to connect to the server was referred to as a dumb terminal. As technology

progressed, many dumb terminals started to have more capacity and processing power

so that applications could be loaded and accessed on the user's terminal. Most

applications were created to provide greater office productivity, manage business sales

and finances, though scientific research was still a priority.

The 1980s brought computing into the home and, as a result, new markets for

applications were instantly available. The introduction of General User Interfaces

(GUIs) and eventually the Internet created even more markets for application

development and use. Graphic Design, gaming, personal office and financial

management, calendaring and email, and publishing became major interests for

business and personal usage.

There are two types of websites. The first type is used to simply publish and

disseminate information in digital format, in the same manner that newspapers and

magazines do the same thing using paper. In fact, many such publications have their

issues presented in both paper and digital formats today. The second type of website

is applications.

The most familiar applications may be calendaring and email features. There are

several key distinctions that define a web application.


The first distinction is that a web application is located in the World Wide Web.

Secondly, the user must have a resident application on their system to access

the World Wide Web, called a browser.

Web applications are portable, meaning they can be used by the same user from

different computers that can access the World Wide Web through a browser.

Web applications are scalable in that they can allow the usage to one user or

multiple users concurrently.

The rising concept of cloud computing and specifically software-as-a-service has also

created a platform for developing more web applications. Historically, the companies

utilized the web as a marketing tool to reach users with information, products, and

surveying. With the advent of cloud computing and Web 2.0, companies are now

embracing the power and flexibility of the web to deliver software packages that used to

be delivered through traditional means as desktop or server applications.

10.1 Started with the Internet

The Internet essentially started on October 4, 1957 when the Soviet Union launched

Sputnik 1, the first artificial satellite orbiting Earth. At the time, the United States was

considered the leader in every technology. As a result of Sputnik, the United States

had to regain their supremacy. In February 1958, the Advanced Research Projects

Agency (ARPA) was created. Through ARPA, the Information Processing Technology

Office (IPTO) was created to continue research started by the Semi Automatic Ground

Environment (SAGE) program. SAGE had already networked the country's radar

systems. The next step of the IPTO was to fulfill the vision of its new head, J. C. R.

Lichleder, to create a universal network solution. Lichleder believed that such a

network would be a potentially unifying human revolution.

October 29, 1969 brought the first interconnectivity between two nodes, specifically

University of California in Los Angeles (UCLA) and SRI International. This

interconnection eventually became known as ARPAnet. ARPAnet used packet

switching as its primary method for communicating data. Before this, such

communication was done through circuit switching where a dedicated circuit was tied

up for the duration of the communication and that communication was only possible

between two dedicated parties, or nodes.

Old telephone systems used to be entirely circuit-based. Packet switching allows data

to be separated in chunks of information, called packets. Each packet is labeled with

an identifier and destination address and then routed through a shared network. When

packets arrive at the desired destination, they are recompiled into its original form. The

use of packet switching allows a single network to support multiple nodes concurrently.


The concept of a universal network fulfilled by ARPAnet also found other solutions by

other countries. Eventually, ARPAnet architects realized the continued success would

require communication with these network solutions. Like human languages are

different and require translations from one to another, some form of translation method

was needed in order to communicate with these networks. Some form of agreement

was required. Up to this time, ARPAnet was already using Network Control Program

(NCP) to establish a reliable, flow-controlled communication link between two nodes.

NCP provided the physical data link, and the network layers of a protocol stack allowing

two nodes with a different interface and different communication specifications to

connect successfully. To communicate between multiple networks, a new suite of

protocols were required. On January 1, 1983, ARPAnet replaced NCP with TCP/IP.

Since ARPAnet was being managed by the U.S. Defense Department, its use was

highly restrictive. In the early 1980s, the U.S. National Science Foundation funded the

creation of an extension to ARPAnet called the Computer Science Network, or CSNET.

It had three primary components: a Phonenet mail system, a name server and a

TCP/IP-over-X.25 tunnel. The purpose of CSNET was to link academic Computer

Science departments together. In 1985, the National Science Foundation decided to

fund the creation of five new supercomputer centers.

The connection between these five centers became known as NSFNET. The purpose

of NSFNET was to open access to all academic researchers, not just computer

science. NSFNET eventually became the backbone for the Internet.

Though the world was already becoming digitally connected in the 1970s, the

introduction of TCP/IP made such connections easier to accomplish and the creation of

NSFNET provided universal motive. One hundred different networks were connected

by 1985. By 1987, the number of networks grew to two hundred networks. In 1989,

over five hundred networks were connected using TCP-IP established by ARPAnet. By

1990, 2,218 networks were connected together according to the Defense Data Net

Network Information Centre (DDN NIC). These interconnections of networks became

what have been commonly referred to as the Internet.

Commercial interest in the Internet began in 1988 when the US Federal Networking

Council approved the connection of NSFNET to the MCI Mail system. Other

commercial electronic email systems were soon connected and by the end of 1989,

three commercial Internet service providers were created: UUNET, PSINET, and

CERFNET. The promise for the Internet's continued presence in our modern age came

August 19, 1991 when the European Organization for Nuclear Research (CERN)

announced its World Wide Web project; a project aimed at facilitating sharing

information among researchers using the concept of hyper texting. Whatever their


intention, the World Wide Web was the primary driver of Internet usage, driving the

number of connected networks from a little more than 2000 networks in 1990 to over

50,000 networks by the end of the millennium.

10.2 History of World Wide Web

The emergence of the Internet provided the hardware and protocols necessary for

multiple users, systems, and networks to bridge the mass physical distances of a

geographical planet. Such a solution allowed two people separated by thousands of

miles to communicate as if they were enjoying tea in an evening parlor. The services

available to Internet users were still restrictive to today's standards. They included:

E-mail provided an easy, inexpensive way to communicate between Internet

users.

Telnet allowed users to connect into remote systems.

FTP provided a method to transfer almost every file type from one Internet-

connected computer to another.

Usenet managed a distributed bulletin board for news and discussion groups for

thousands of topics.

The use of the Internet exploded with the introduction of hyper texting from CERN's

World Wide Web project in 1991. Hypertext refers a method of dynamically organizing

information through links and connections called hyperlinks. Traditional text required

the use of content tables, indexes, and page references to connect various topics

together. Using hyperlinks, the user simply clicks on the reference and they are

transferred to a new page of information; if they “hover” over the hyperlink they can

have various actions occur including word definitions, the running of video clips, or

even the opening of applications.

Hyper texting is useless without some type of mechanism to the hyperlinks. This

mechanism is fulfilled by a Web browser where the user can view web pages that

contain any variety of text, images, videos, and other multimedia features. CERN

introduced the World Wide Web to the public and indicated that access to the Web was

free. Essentially, they created the first website as we understand the term today. As

new websites were created, new standards were rapidly required to ensure consistent

and reliable use of the project. The international standards for domain names and the

HTML language were formed.

The World Wide Web is really the brainchild of an English scientist, Sir Tim Berners-

Lee. In the early 1980s, Sir Berners-Lee built ENQUIRE, a database of information

with bidirectional hyperlinks and the ability to directly edit content from the server. In

1989, he wrote a proposal referencing ENQUIRE and describing an information


management system that was much more elaborate than seen before. A more formal

proposal was published on November 12, 1990 to build a “hypertext project” called

“Worldwide Web” or “W3.” The project was to create a web of nodes that stored data.

The data would be viewed in “hypertext pages” by line-mode or full screen browsers on

the computer network. The breakthrough obtained by Berners-Lee was the marriage of

hypertext and the Internet.

The World Wide Web project was not the first hypertext system available at the time

but it had some significant differences that set it apart from the rest. Berners-Lee

developed a system of unique identifiers for resources on the Web and elsewhere

called the Uniform Resource Identifier (URI). While other hypertext systems required

bidirectional links, the Web required only unidirectional links. Such a requirement

allows someone to link to a specific resource with any action needed by the owner of

that resource. As a result, the difficulty of implementing additional web servers and

browsers were greatly reduced. Additionally, the World Wide Web was non-proprietary

which allowed servers and clients to be developed independently without any licensing

restrictions.

Early use of the World Wide Web consisted of pure text documents hyperlinked to each

other. The introduction of the Mosaic web browser brought a new revolution to Web

usage. Mosaic was a result of the efforts by the National Centre for Supercomputing

Applications as led by Marc Andreessen. Mosaic introduced a graphical user interface

to the environment allowing web pages to contain both text and images. Such a

concept exploded the use of the World Wide Web making it the most popular Internet

protocol.

By October 1994, Tim Berners-Lee founded the World Wide Web Consortium (W3C)

with the Massachusetts Institute of Technology (MIT), the Defense Advanced Research

Projects Agency (DARPA), and the European Commission.


10.3 Evolution of the Web Applications

The inclusion of graphics in the Mosaic web browser led to pages that were built and

acted like a magazine. In 1995, Netscape introduced JavaScript which provided client-

side scripting to add more dynamic features to simple web pages. The next year,

Macromedia made available a vector animation player called Flash which allowed

programmers to embed animations on web pages. The breakthrough of JavaScript

and Flash was the use of a scripting language that allowed interactions at the client

without the need for communication with the server.

The concept of “web application” came about in 1999 with the Servlet Specification. By

this time, JavaScript and XML were already in use as web scripting languages. Web

applications at the start simply used the Internet as a tool to communicate with the

server. The idea of “web applications” came about during the height of the dot.com

rush where companies used the Internet to quickly obtain market share, or mind share,

for products and services. With the crash of the dot.com bubble, the promise of the

Internet was tainted and needed a fresh start. In 2004, Web 2.0 was introduced. Its

introduction was the start of using the web as a platform, enhancing the creativity,

communications, security, collaboration, and functionality of the web. Web 2.0 was not

a new version of the World Wide Web, just a different perspective on the part of

software developers and end-users for the usage of the web. The underlying

paradigm of Web 2.0 was to utilize the unique features of the Internet to build

applications and services. It promoted innovation and collaboration by assembling

features from independently distributed developers, creating an “open source” for web

features.

The explanation of Web 2.0 began with a summary by Tim O'Reilly and John Battelle.

Given at the first Web 2.0 conference sponsored by the O'Reilly Media Group, a

hierarchy of web applications was also described:

Level 3 web applications exist only on the Internet. Their effectiveness is based

on the increased interactions of human through the applications. Examples of

popular level 3 applications are eBay, Craiglist, Wikipedia, Skype, and AdSense.

Level 2 applications can operate when offline but work better when connected to

the Internet. Flickr is a level 2 application and its benefits stem from the shared

photo-database and community-generated tag database available through the

web.

Level 1 applications operate offline and gain features when online. One of the

most popular applications at this level is iTunes where users can listen and

categorize their music on their computers, and can go online to purchase music,

games, and books.

Level 0 works equally as well online as well as offline. MapQuest and Yahoo!


Local are examples of Level 0 applications.

Communication applications like email, instant-messaging clients, and telephony

products are considered non-web applications in that they may utilize the

Internet, but not the World Wide Web.

Building on the interactive facilities of the web, users could do more than retrieve

information within Web 2.0. Now software applications could be run entirely through a

browser and users could own and control data on the website instead of simply using

the data. The growth of a web application requires the participation of its user base to

succeed. This was a simple matter since Web 2.0 applications can provide a richer

experience with dynamic content, metadata, standards, and scalability. Users find

more freedom with Web 2.0 applications. One of the markets greatly impacted by the

Web 2.0 concept is social networking websites like YouTube, MySpace, and Facebook.

2005 brought the next major milestone for web application development when the term

Ajax was officially coined to describe a group of interrelated web development

techniques. These techniques opened the possibility of developing websites that can

mimic the features of traditional desktop applications such as word processing,

spreadsheets, and slide-show presentations. The particular advantage of Ajax is the

ability for web applications to retrieve data from the server asynchronously without

interfering with the display and behavior of the existing page.

The technology for developing web applications and the web itself is still relatively

young. The possibilities for future developments are endless. Cloud computing has

provided the motivation for many companies to expose the possibilities available to

them by developing web applications.


11 Expanding on Web 2.0

The introduction of Web 2.0 was a breakthrough milestone for Internet use and web

applications. The concept of Web 2.0 is naturally fluid because it is not some

replacement of a technology, software, or tangible items, but rather a new method of

viewing the resources of the web. As a result, some attempts at defining Web 2.0 have

been difficult to pin down as a solid tool for explaining the concept. The problem exists

in that with the concept of Web 2.0, came an explosion of user features that were not

known before, some Web 2.0 and some not.

The revolution could be viewed analogously to what may have happened when

Columbus found the New World, therefore changing the world view of the earth from

flat to round. The mere discovery of the New World permanently changed the

economy, political, and social context of the world. But for a few years after Columbus

announced his discovery, many did not know what to do with the discovery. The

introduction of Web 2.0 has a similar problem in that many are still attempting to identify

what is really possible.

Ultimately, Web 2.0 is a grouping of principles and practices that can be found in place

around a core purpose, namely utilizing the web as a platform. Inside this core purpose

is several competencies that make up the Web 2.0 concept, including:

Cost-effective scalability by creating services, not packaged software.

Data sources that are unique and difficult to recreate, but become richer as more

people use them.

Users as trusted co-developers.

Harnessing the collective intelligence of the sites‟ participants.

Leveraging customer self-service.

The creation of software that is not limited by a single device.

The creation of user interfaces, development models, and business models that

are lightweight and easily manageable.

The idea of treating the web as a platform existed before Web 2.0; in fact it was the

battle cry for Netscape. The strategy of Netscape was to use their web browser as a

springboard to control web standards over content and applications as well as providing

a number of costly server products. The idea was to replace the desktop environment

controlled by Microsoft through its Windows operating system with the “webtop”

provided by the browser provided by Netscape. Unfortunately, the web browser and

web servers simply became commodities. The true value of a web platform was

realized as services delivered over the web, such as realized by a competing company


Google. Unlike Netscape, Google did not have a desktop application, but a native web

application. Instead of selling server components, Google offered services that were

not sold or packaged as commodities. Ultimately, Google success is derived not by

owning any data, but by managing the data provided by its customers and is a prime

example of one of the key principles of Web 2.0 – the value of software is proportional

to the scale and dynamics of the data that it manages.

In the new era of web applications brought on by Web 2.0, the need for greater data

management has become a critical component. DoubleClick has a great competency

for data management and was a pioneer in providing web services to its customers.

However, its business model focused on publication, not participation. The company

felt that the advertisers control web content and not the customers; it also considered

that the size of the website was a major determiner of success. However, their efforts

were ultimately found to be restrictive and other companies like Yahoo! Search

Marketing and Google AdSense used the Web 2.0 concept to break open those

limitations. The key was the exploitation of the “long tail.” Referenced by Chris

Anderson, the long tail speaks to the power of a collection of small sites that make up

the bulk of web content. The idea behind the long tail is to leverage customer self-

service and data management to reach out to the entire web, the edges of the web as

well as the centre, to the long tail and not just the head on web content.

The final principle behind the transformation of the web as a platform is that the service

automatically gets better as more people start using it. The driver of this principle is the

creation of an “architecture of participation” where each web user brings to the table

their own resources for use by other users. Some users may participate more than

others, while others have contributions that have greater value than their neighbors.

These facts don't matter because the participants are the final decision makers on

participation and contribution. As a result the application becomes a richer field of

possibilities than traditional applications that are controlled and managed through the

limited imagination of its developers.

Websites that are designed within the concept of Web 2.0 typically include several

features or techniques that set them apart. Andrew McAfee, Associate Professor of the

Harvard Business School and author of Enterprise 2.0: the Dawn of Emergent

Collaboration, used the acronym SLATES to refer to most of these:

SEARCH: finding information easily using keywords.

LINKS: provision of guides to the most important pieces of information. The

best pages would be the ones most frequently visited.

AUTHORING: shifting the creation of content from the few to the many, allowing

a single work to become a series of interlinked work that is constantly being

updated. Wikis and blogs are just two examples of Web 2.0 implementations that

changed authorship rules.

TAGS: the creation of simple, one-word descriptions to assist in searching and


the categorization of content.

EXTENSIONS: the use of algorithms to match patterns or automate redundant

work.

SIGNALS: Notification to users of any changes to content. Usually done

through RSS (Real Simple Syndication) technology which sends an email to the

user.

11.1 Harness the Collective Intelligence of the Community

The survival of most major websites that existed before Web 2.0 depended on

reinvention to exploit the intelligence of their collective users. At the centre of this effort

were hyper linking and a need to control. The unique driver of the World Wide Web by

Berners-Lee was the use of hyperlinks, a method of connecting two bits of information

directly without the use of indexing or external referencing. As new content and sites

are added, there is also a need for users to discover the content and link to it. Like a

living organism, associations created by hyperlinks become stronger through repetition

and intensity. The connections grow organically because of the activity of all web

users.

Different companies have become the models for harnessing collective intelligence.

Yahoo! may be a simple directory of links, but its existence was the combined

efforts of millions of web users.

Google's search breakthrough used PageRank which focuses on the link

structure of the web rather than interpreting the characteristics of documents as

a way to obtain better search results.

EBay provides a product that is highly dependent on the collective activity of all

its users. The product itself grows organically in response to user activity. All

the company has to do is enable an appropriate context for the user activity.

The advantage of collective intelligence for establishing market share is

demonstrated very well by the success of eBay. The critical mass of buyers and

sellers on eBay make the introduction of any other provider of similar services

very difficult.

There are several Internet companies that sell almost any form of media found,

such as books, CDs, and movies, but Amazon is clearly a leader in the market.

The reason for their leadership is their focus for engaging the user. Nearly every

page has an invitation for the user to participate in reviewing, collecting, and

providing better search results.

Collaboration and trust is probably demonstrated best with the online

encyclopedia, Wikipedia. An article in this website can be added to by any web

user and edited by any other. Wikipedia has always been an experiment in the

dictum, “with enough eyeballs, all bugs are shallow, attributed to the open


source advocate Eric S Raymond.

Taxonomy is the science of classification; in computers, it refers to classifying

information. Folksonomy goes beyond taxonomy to establish and manage

collaboratively created tags attached to websites. Flickr and del.icio.us are two

pioneers of the folksonomy concepts. Tagging is based on the associations that

are natural since they are created by the user, instead of a preset grouping of

keywords created by the programmer.

Cloudmark utilize the decisions of email users to determine what is considered

spam and what is not. Such collaboration has allowed this spam filtering product

to outperform other systems that rely on analysis of the messages to make the

decision.

Collective intelligence is apparent in the success of many of the prominent Internet

companies today simply because most did not advertise their products – their

popularity was the result of “viral marketing” where recommendations were made from

one user to the next. Additionally, much of the infrastructure of the web is a product of

collective intelligence using the peer-production methods of open source. Over

100,000 open source software products can be found on the web and are listed on

SourceForge.net. Any product relying on Linux, Apache, MySql, Perl, PHP, or Python

could be a product of collective intelligence.

For enterprises looking for the advantages of the web, the exploitation of collective

intelligence is a highly prized motivator, whether the intelligence they are seeking to tap

into is their internal personnel, suppliers, partners, or their customers. Many

companies are already using the web to obtain invaluable information from several

communities seeking market advantage. Amazon.com, which is a pioneer in cloud

computing technologies, has been able to leverage the collective intelligence of their

users and publishers. Their ability to exploit the knowledge found within the

communities they work with has made them a key resource in the market to the point

where they have added their own identification method for books and media.


11.2 The Advancement of Blogging

In the early years of the World Wide Web, web pages were static: that is, they were

created once and were typically not updated for long periods of time. One of the

prominent features of Web 2.0 is the creation of dynamic web pages; the ability to

generate content without limits. The most common application is the weblog, or blog,

which turned personal home pages into personal diaries and daily opinion columns.

More importantly, blogging drives “an entirely different delivery, advertising and value

chain” as noted by the distinguished computer programmer Rich Skrenta.

At the centre of the blogging feature is the technology Really Simple Syndication

(RSS). This technology allows a user to not just link to a web page but subscribe to it

so that any time the web page changes, the user is notified of the change. Many refer

this as “live web.” The importance of blogging is not the dynamics of the web page, but

the links themselves. A link to a weblog is a point to a constantly changing page with

permanent links available for individual entries. An RSS feed allows these links to exist

with notifications made when the page the link points to is changed and as such, the

feed becomes a stronger link than individual bookmarks originally found on the Internet.

Because of the RSS technology, viewing web pages is not restricted to web browsers

only. Desktop clients are available as well as programs on portable devices which

deliver RSS notifications to the users. Personal diaries and opinion columns are not

the only sites that utilize RSS: any data that is constantly changing can use the

technology, such as stock quotes, weather information, news headlines, and photos.

RSS is not a new technology, but Web 2.0 has built on the concept to deliver on its

promise.

Another significant contribution from blogging is the permanent link, or permalink. The

traditional Usenet used NNTP (Network News Transfer Protocol) which allowed articles

to be read, posted, and transferred among multiple servers. The benefits of this

protocol allowed quick communication to multiple sources. Newsreaders became

available to users so that they can view these articles on their desktop. Through

permalinks and RSS, the benefits of NNTP are transferable to the web protocol, HTTP,

creating a new equivalent of Usenet, commonly referred to as the “blogosphere.” The

technology allows users to subscribe to other user‟s websites, link to individual

comments on a page, use “trackbacks” to links to the page by other users, and respond

to those other links. Thus the creation of two-way links within the Internet. There are

two methods that these links are managed. The first method is to require

acknowledgment of the return link as found in many social networking systems like

Friendster, Orkut, and LinkedIn. The second method allows notification, but not

necessarily approval of the return link as found in use by Flickr.


Analogously if collective intelligence is considered the growth of a global brain, the

blogosphere is the constant mental effort of the forebrain, the conscious voice of the

global body. As the consciousness of man is a powerful force to the perception of daily

life, the blogosphere is a powerful force for global life. Search engines use link

structures to predict useful pages; bloggers establishing links have an impact on

shaping results within search engines.

Through the two-way linkages promoted by the blogging community, individuals

essentially “amplify” their visibility and power within the blogosphere. Where PageRank

analyses the value of an individual document, the collectiveness of the blogosphere

creates the value of thought. Essentially blogging is another filter to harness collective

intelligence, creating a condition that American journalist, James Suriowecki, calls the

“wisdom of crowds.” The world of blogging has created a new competition – value is no

longer decided by a few people, but by a collection of users.

For enterprises, blogging technologies provide a mechanism for immediate interaction

between communities. Specifically in instances where information from the enterprise

needs to be pushed out into interested parties, subscriptions to relevant blogs

sponsored by the enterprise can contain valuable information to those parties. This

distribution can provide real-time value in relaying any level of data from any sector

within the company. The feedback capabilities of a blog also open immediate reaction

to any number of topics providing a solid communication path for doing business.

11.3 A New Central Intelligence

The 20th century brought out the importance of information and the data that supported

it. The more information available provided the opportunity for better analysis, better

decision making, and greater idea of impact and value. Because of its importance, the

value of a business or government entity was often attributed to amount of information

“owned” by the entity. This power of information has not disseminated with the new

century. Every major Internet application has proven the value of information. Each

application is backed with a database managing the information, whether talking about

Google, Yahoo!, Amazon, eBay, Mapquest, Napster, iTunes, or similar products.

Database management is a core competency required for Web 2.0 companies.

Ownership of information on the Internet can led to market control. The government

initially granted Network Solutions control over the registry of domain names. This

grant became a huge moneymaker for the company. MapQuest has the market on web

maps since 1995, but their data originally came from NavTeq, TeleAtlas, and Digital

Globe. But by licensing these data sources, Yahoo!, Microsoft, and Google have been


able to take a bite out of MapQuest's share of the market. Sometimes, the ownership

of the data isn't as important as how the data is presented. Amazon's original database

was sourced by R.R. Bowker, an ISBN registry provider, who was sharing the same

data with competitors, like Barnesandnoble.com. Amazon, however, enhanced the

data by adding data supplied by publishers and users. After over a decade's effort,

Amazon is now the go-to provider of information about books and media rather than

Bowker, so much so, that they have introduced their own identifier, the ASIN.

Information is so important and can be found in various sources, some web

applications have been created to simply compile data from multiple sources into a

single integrated tool. These applications are referred to as “mashups.” Mashups can

assist in switching market share from one presenter to another presenter as in the case

of Google and MapQuest. Google's software model is lightweight which allows it to be

easily linked to other applications, such as housingmaps.com. This site combines

Google Maps with Craiglist apartment rental and home purchase listing to create a

better housing search tool. Using MapQuest to do the same thing is more complex,

allowing Google to gain greater presence on the web. Also like the situation with

Amazon and Bowker, the presenter of the data may gain a greater market presence

than the source of the data itself. Still, the value of owning certain classes of core data

such as location, identity, calendaring, product identifiers, and namespaces is clearly

understood and object of competition.

The competition for owning specific data can be a costly endeavor. Of course, some

data, like maps, requires significant investment in simply obtaining the data. However

like Amazon, information on books and media can be obtained by collecting and

managing data from their user base. The winner of the competition for data is the

product that reaches critical mass because of the contributions of their user base and

turning that data into a demanded service. The rise of cloud computing allows

companies to apply the investments that would normally be earmarked for technology

maintenance and improvement to the core of the business: competitive knowledge in

the industry the business resides.

SaaS and Web Applications Specialist Level Complete Certification Kit - Study Guide

100

11.4 Obtaining Dynamic Continuous Improvement

The advent of Web 2.0 brings the need to provide services instead of products. With

every company already mentioned that has a significant Internet presence, the growth

of their product is considerably dependent on the efforts of the users of that product.

The growth of traditional software products is dependent on the imagination and efforts

of the developers, not the users. Because web applications rely on user contribution,

the offering provided these companies must transcend from product into a service for

their users. This requirement forces some fundamental changes to the business model

of Internet companies.

The first change is the requirement for making operations a core competency.

Traditionally, software companies had to have a competency in product development.

Though this is important, product development must be equally managed with expertise

in daily operations. The change is so prominent that there is a belief that software will

cease to perform if it is not maintained daily. This belief is backed by processes of

many companies who have a significant Web presence, like Google which has to crawl

the web and update indexes, filtering out spam and other undesired influences, and

respond appropriately to user queries in the millions. How these businesses manage

their processes are their fundamental advantage in the market place.

Another change brought on by the Web 2.0 model is the treatment of users as co-

developers. As products become services and growth determined by user participation,

most will find themselves in “perpetual beta.” Most products on the web are being

openly developed while users are using the product: the users are even becoming key

developers themselves. Monitoring of user activity in real time allow companies to

identify what features are being used and how those features are being used. Most

web developers are deploying new features every day. If users start immediately using

the feature, the new feature is transferred throughout the application; if the feature is

not used, it is removed. Companies like Microsoft which provide software updates

every two to three years will have difficulty competing against companies who provide

updates every day.

The advantages to these changes provided by Web 2.0 is the opportunity to provide

true continuous improvement to the products and services found on the web. Whether

the improvement is in response to providing greater functionality or in additional

participation from the user base doesn't matter – it is still improvement of the overall

system. Though they may still exist, the question by some whether a particular

improvement can be considered to hold any quality also doesn't matter, since the value

and quality of the improvement is determined by the participation of the user. All a


101

company has to be concerned with is implementing and enforcing process and

procedures that establish the controls required by any regulatory agencies, including

those focused on quality management. However, most of these regulations fully

support the principles of open source innovation.

The speed and dynamics of continuous improvement is further accelerated when

companies start relying on the web for services other than the simple distribution of

web applications. Simply developing and maintaining web applications in methods that

have traditionally been seen supporting legacy applications, a few advantages are

obtained. However, by fully exploiting the technologies and services of cloud

computing, the advantages are exponentially multiplied in favor of the enterprise. A

small business can obtain high shares of the market simply by applying diligent

attention to the web technologies that they utilize. They have an advantage over the

big enterprises of the industry; they are not encumbered by the traditional viewpoint.

The apt metaphor here is the comparison of turning a large ship in the ocean to the

turning of a rowboat. The rowboat will always win.

11.5 Creating Programming Models that are Lightweight

The success of web development is dependent on simplicity; using services, protocols,

and data that are easily deployable and interconnected. The use of RSS, Simple

Object Access Protocol (SOAP), and Representational State Transfer (REST) are just

some of the technologies that have been promoted by the concept of Web 2.0. Several

points are validated in the need for simplicity.

Loosely coupled systems can only be reached through the support of lightweight

programming models. Corporate-sponsored web services are designed to have

systems tightly coupled to manage security, confidentiality, reliability, and availability. In

many cases, these designs establish controls over the entire system creating a number

of complexities to maintain control while providing access that is dynamically growing.

While this level of control may be necessary in many cases, establishing controls in the

lower levels of a system can provide greater flexibility and adaptability to an application.

Paradigms around traditional software development have to change in this era of web

services. Most development was concerned with determining and controlling what the

user can and cannot do. However, the power of the web provides a vehicle in which

development simply needs to concentrate on getting the data into the hands of the user

and providing an environment for them to do whatever they wish to do. The ability to

syndicate data outwards is now the focus of most web applications and the idea is a

fundamental value to the Internet itself.


102

The systems found on the web and within web applications have a common theme:

there is very little in place to prevent re-usability. Much of the construction of these

products is in fact open source. When the construction is not open source, there is

very little in intellectual property to warrant significant protection from re-use. From the

beginnings of the World Wide Web, the ability to re-use each other‟s creations has

been a key growth advantage: from the “View Source” option in most browsers, to RSS

feeds that allow users to view information they want to see when they want to see it

without any protection from the information provider. Success in the web is typically

obtained by providing the greatest adaptability of the services by the user. Instead of

seeing the protection phrase “all rights reserved,” the future of web services will provide

more control towards the user with the accompanying phrase “some rights reserved.”

The rise of Web 2.0 is providing another interesting change to business: finding

innovation within the assembly of the product instead of the development of the

product. Traditionally, the business model of most companies would be to create a

product prototype and create same marketing around the prototype to encourage a

revenue stream. The focus on innovation is found within development. Now that

development is closer to the customer through open source technologies, innovation is

being found in the assembly of a product instead of the development. The change is

another reason why companies are being forced to change their business models in the

new era of web applications.

11.6 No Longer Bound to a Single Customer

For years, business and personal computer owners have been bound to the computer

and operating systems they have selected to fulfill their computer needs. For home

users, the choice between Windows and Apple has been an interesting feat with most

users choosing Windows simply because of the number of third-party products

available for the system. Businesses have had the same choice for their desktop

operations, but clearly more choices for their server selections. The inclusion of Web

2.0 as a standard for creating web applications is creating a new paradigm in choices

for computer ad operating system; simply put, the operations of the application is no

longer bound to the operating system as the platform but the web as the platform.

To be a web application naturally insinuates that there are two computer devices in

operation: the device hosting the application and the device using the application

through a browser. However similar to the times when applications were found on

servers and operated through dumb terminals, using the web as a platform allows the

ability to allowing the application to be utilized on multiple devices which have a

browser. In today's technology, those devices are no longer restricted to the desktop


103

and laptops, but include PDAs, cell phones, gaming consoles, and other Internet ready

devices. The web allows the user to no longer be bound to a single operating system

or for the application to a single device.

The greatest innovator for breaking the bounds is Apple with the introduction of iTunes.

The relationship between the handheld device, iPod, the personal computer and the

growing web database shows what‟s possible when the web platform is used to operate

across multiple devices as well as the importance of the personal computer in the

future. The personal computer used by the workhorse, but for iTunes it is simply a

cache and control station for music, books, and video. The workhorse is the handheld

device and, of course, the iTunes application. In 2009, Netflix will provide another great

innovation. Netflix started as an online renter of movies that could be sent to a

homeowner's location through the mail. Eventually, they provided a way for users to

instantly view a movie on a personal computer. Their newest innovation is to enable

the instant viewing of a movie directly onto a television without the need of a personal

computer; though a special device that can connect to the Internet is required. ITunes

and Netflix are just a couple of the innovative technologies that have been enabled by

the Web 2.0 revolution; though they are not web applications, they are taking full

advantage of the web platform.

11.7 Striving for a Better Experience

Since the commercialization of the Internet began, the technology of the web has

grown primarily to provide a better, richer, experience to the user. Active content, such

as applets, were available as early as 1992 with the introduction of the Viola browser.

In 1995, Java was introduced to provide the framework for delivering these applets.

Soon after, JavaScript and DHTML provided lightweight programming ability on the

client side. However, the web didn't produce any full scale web applications until

Google introduced Gmail and Google Maps. The technologies used by Google to

deliver these applications were coined AJAX by Jesse James Garrett of the web design

firm Adaptive Path.

Now the technologies of AJAX are being used to deliver more web applications to the

user. But the wall that prevented web applications from being delivered wasn't broken

down simply by the AJAX technologies. Many of the capabilities being found in web

applications have been around for many years. However, the struggle between

Microsoft and Netscape over web standards kept many of the capabilities from being

fully realized. The dot.com bubble scared many companies and users from trusting the

benefits of the web, but also showed the advantage of managing growth within the web

platform. But with new technologies, greater control on the standards, and a new


104

willingness to explore what's possible, the promise of applications built to operate on

the web platform is finally being realized with richer, more robust applications.

The current focus is to provide a richer experience to the user while providing novel, yet

practical, applications to market. Web applications may be as simple and small as

managing address book contacts to providing a word processor that allows for wiki-like

collaborative editing to enterprise scale applications like CRM. Web 2.0 provides an

opportunity for companies to provide products that are used by their customers, as well

as developed and marketed by their customers.


105

12 Distinguishing Web Applications

The Servlet Specification version 2.2 first introduced the concept of a web application,

or webapp. The definition from this document of a web application is “a collection of

servlets, html pages, classes, and other resources that can be bundled and run on

multiple containers from multiple users. A web application is rooted at a specific path

within a web server.” Though this may be the technical definition of a web application,

the more practical definition is provided by Hagan Rivers, a pioneer in Web Application

Design and a partner at Two Rivers Consulting: “web-based applications are web sites

with interactivity – the user is interacting...a web application is everything a website is,

and more.”

Most people would suspect that web applications can only be found within the confines

of a web browser and this is only partially true. Web applications do work within the

framework of web browser, but do not necessarily require opening a web browser

before accessing the application. A more truthful statement is that a web application

uses the web as its platform, as opposed to a traditional desktop application that uses

the operating system as the platform.

Applications found within the web platform can be either standalone or browser-

oriented. Standalone applications use the web as a platform but do not require a

browser to access the application. These applications typically are very simple and

have all the required components needed to perform. Most require some level of

communication with the web to provide or extract information from the platform and are

essentially simple interfaces for providing information. Some require a constant

connection to the Internet when being run.

The most basic web applications are interview applications, hub and spoke

applications, or hybrids of both. Interview type applications request information from

the participating user which is then processed and returned as some desired output to

the user. Hub and spoke applications provide the user with a hierarchy of the product.

The core web page, the hub, has a list from which the user is to choose a function. The

choice then goes to an area of the application for the user to attach to; the design

similar to the hub and spokes of a wheel. Still some applications are a combination of

both interview and hub and spoke designs. All these designs require the interaction of

the user to have the application perform.


106

But as the more technical definition of a web application hints at, the concept of

application utilizing the web platform is a collection of resources that are designed to

provide a definitive experience and result for the user. In many cases, these resources

are not inherent to the application itself but are borrowed from other locations within the

web. These resources are typically sharable between multiple applications, as they

may range from anything like protocols, applets, APIs, or even other web applications

or the results of other web applications. Some web applications are essentially a

combination of two of more other applications and are commonly referred to as a

“mashup.”


107

13 Introduction Web Application Framework

When choosing to develop a web application, the first step that an enterprise must take

is choosing an appropriate web application framework. Used to create and manage

web applications, a framework for web applications includes all the necessary

components required to accomplish any development task. Because all the

components already exist inside the framework, there is no need to procure any

additional tools for developing and maintaining the application. The framework can

include designing and launching web pages as well as making available any number of

applications to provide web services to their customers.

The software library is probably the key distinction of the web application framework.

Software libraries are central repository for every type of software utilized in the

creation and ongoing function of web services that can exist within the framework.

These software entries may provide security to web pages, help manage the creation

and maintenance of databases and provide mapping of pages.

Several features are inherent in a web application framework. Security is one of the

most important features for a framework to resolve any concern about the

confidentiality and reliability of the information that is used and distributed by the

application. Therefore, most frameworks provide proven methods for authenticating

and authorizing requests, through the server providing the appropriate restrictions

based on the user and the activity which the user is undertaking. Different frameworks

provide different methods for securing access to data and web pages. For applications

found within a cloud computing environment, the service provider of the web platform

may restrict the framework used to build the application so that the controls of security

are consistent between the platform and the application.

Nearly all applications used on the web today have a database which needs to be

connected to. In many cases, an application may need to access more than one

database to fulfill their computing purpose. Like applications, databases may be found

in a variety of capacities some of which may require a translation function to read and

write data to the database. Fortunately, most frameworks create a unifying API which is

attached to a database backend. Such an API allows applications and databases to

work together without additional code changes. How a framework manages the data

found on the database is a key decision maker for choosing the right framework.


108

The use of resources on the web focuses the user or application to utilize specific

features of the web. One of the most prevalent features is the URL. Unfortunately,

most URLs are a very complex set of alphanumerical characters and symbols. Web

application frameworks contain a mechanism of interpreting the URLs in the form of a

mapping facility. The purpose of most mapping facilities is to translate complex URLs

into easier ones that can be recognized by the application engine. Such a

simplification makes the URLs easier to read and to provide search engines with better

information around the structural mapping of the site.

Many of the applications created on the web contain a static part composed in HTML

and a dynamic part which is code that generates HTML. The code controlling the

dynamic part is usually based on variables in a template. The web application

framework typically houses a number of templates that can be used to ensure that

information is collected and displayed in a consistent fashion. For instance, a retail

store has 100 new products in for their spring sale. This influx of new products requires

that 100 new pages of text be generated. This can be done by hand with much effort or

by using a template within the framework, the product page simply will need to be

connected to a database with the product information and the product page is

automatically generated when the consumer requests to see the product information.

Every application developer has to be concerned with the performance of the

application and the development of web applications is no different. Most frameworks

handle the caching of web documents to improve bandwidth, server load, and lags

between page changes. A cache stores copies of documents passing through it,

allowing future requests for the same document to be pulled from the cache under the

right conditions rather than being pulled from the original source location. Some

frameworks not only cache documents for have mechanisms in place to bypass some

stages of a page's preparation when dealing with template interpretation or access to

the database.

Configuration of applications is another concern for most development projects.

Therefore, the web application framework must handle some level of configuration to

the application. Some frameworks actually handle such requirements by minimizing

the amount of configuration necessary to get the job done. For example, Java

frameworks use “hibernate” to generate a database scheme by creating business

objects instead.


109

14 A New Success for Web Applications in AJAX

Of all the features found in web application frameworks, one feature in particular is

growing in popularity and use. Ajax is itself a framework of interconnected web

development techniques that are intended to create interactive web applications. For

the most part, web applications tend to be slow and tedious because every request

made by the application must contact the server and the server has to think about what

needs to be sent back to the application. Ajax is a method of web programming that

greatly reduces the processing time that these requests take. An acronym for

Asynchronous JavaScript and XML, Ajax attempts to merge data, content, and design

into a collective and seamless unit. The result is nearly instant reaction to customer

requests.

Sometimes Ajax is referred to as a technology, but it is not. Instead, it is a new

paradigm for looking at existing technologies. Therefore, developers of existing

applications may be able to adapt the Ajax paradigm with very little effort. Ajax is a

method of developing applications for the web that combines:

XHTML and CSS standards-based presentation

Interaction with data using a Document Object Model (DOM)

Interchange of data with XML and XSLT

Asynchronous data retrieval with XMLHttpRequest

The use of JavaScript to bind everything together.

Since the first introduction of the Ajax paradigm, developments in the area opened

some additional technologies to be used within the Ajax framework. JavaScript can be

replaced with VBScript and EGL Programming Language to implement an Ajax

application. Data interchange does not require XML or XSLT in some conditions.

JavaScript Object Notation (JSON) is often used as a format for data interchange.

The Ajax engine works inside the web browser through JavaScript and the DOM. The

engine handles the customer requests to the server. To do this, most information

retrieved from the server sits within the engine. Subsequent requests for information

are handled asynchronously between the Ajax engine and the customer and are

independent of any interaction with the server. In standard web applications, the

interaction is typically synchronous so that all requests must go to the server, be

processed, and return back with the results. Each step is done one right after another

and repeated with the next request. With Ajax, the JavaScripting found in the loaded


110

page is handling the basic tasks required by the customer. While it is handling the

display changes with the customer, data is being sent back and forth to the server

without any need for action from the customer.


111

15 A Survey of Web Application Frameworks

The following pages are intended to identify some of the major frameworks used to

create web applications. Though these descriptions may provide some distinctions

between the frameworks, most distinctions are found within the technical foundations of

the programming languages themselves and the following descriptions are not intended

to provide too much technical information about the languages themselves.

Almost all of the frameworks mentioned here are general concepts to programming.

Actual implementation is typically managed through defined releases by corporations

and developers looking to provide structure and control to the development process

and libraries. In some instances, these implementations were critical and even

encouraged by the framework because of a desire to put more power into the hands of

the developer.

15.1 ActionScript

Originally developed by Macromedia in 2000, ActionScript is an object-oriented

programming language which is typically used when interactivity is desired in flash

movies found on a website. Initially designed to control 2D vector animations in

Macromedia Flash, which is now Adobe Flash. Improvements to the language allow

functionality used in web-based games and Internet applications with streaming media

capabilities. The programming language is free form and derived from ECMAScript.

The data types found within ActionScript are considered simple or “fundamental” and

are used to create other data types. The basic data types include:

String – a sequence of characters including letters, numbers, and symbol.

Display of the string requires the enclosure of single or double quotation marks.

Number – a display of a single number.

Boolean – a value that is either true or false or 1 and 0 when appropriate.

Object – a collection of properties. Each property requires a name and a value

which represents a Flash data type. Objects can be nested inside other objects.

MovieClip – symbols that play animation inside a Flash application. This data

type is the only one that refers to a graphic element in ActionScript.


112

Null – represents the lack of data.

Undefined – Has only one value and is automatically assigned to a variable that

does not have a defined value.

Void – Also has only one value and is used when a function does not return a

value.

15.2 ASP.NET

In January 2002, Microsoft introduced ASP.NET as a web application framework for

developing dynamic web sites, web applications, and web services. The framework is

built on the Common Language Runtime (CLR). Programmers can use and support

.NET language to write ASP.NET code. The primary characteristic of ASP.NET is its

pages, officially called “web forms”. These pages are the main constructs for

developing web applications. These pages contain static (S) HTML markup, and server

side web and user controls where all the required static and dynamic content for a web

page is placed.

Microsoft recommends building applications where the presentation and content remain

separate. In this way, the interface is built so that it does not disturb the programming

code of the application itself. Referred to as a “code-behind” model of programming, it

provides an appropriate distinction between the code and how it‟s presented.

User Controls allow programmers to create reusable components in ASP.NET. A User

Control maintains the same structure as a Web Form. Within the User Control,

programmers can add properties, methods, and event handlers to provide proper

actions when user make a request of the application. ASP.NET supports the concept of

“master pages” which are template-like pages. A web application can have more than

one master page. When the template is used, the resulting page is referred to as a

“child page.”

ASP.NET provides for state management functionality within the applications. State

management handles how the application communicates with the server. The various

states for an application are defined as:

Application state defines a collection of user-defined variables which are set and

initialized at the first loading of the application.

During a user session, another collection of user-defined session variables are

in place that is commonly referred to as the session state. These variables are

in place as long as the user is active with the application and may automatically

be destroyed when activity discontinues. There are three modes for session

variables. In Process Mode are the fastest variables but cease to exist when the


113

ASP.NET process is shut down or recycled. ASPState Mode is separate from

the application and therefore impacts the performance of the application

negatively, but it allows the supports of multiple ASP.NET instances on the same

server as well as assists in balancing the application load across multiple

servers. SqlServer Mode has variables stored on database server and remains

in place even when a process instance discontinues. This mode also allows for

load balancing on a server cluster.

Page-level state management is available through view states. Its purpose is to

maintain the state of web form controls and widgets.

Despite its ability to handle most of the demands for web application processing, there

is criticism about its ability to maintain features and function across different types and

even versions of web browsers. For greatest benefits derived by ASP.NET

applications, Microsoft encourages the use of the latest version of Internet Explorer.

15.3 ColdFusion

If a programmer is looking to connect any database to dynamic web pages, they may

be looking at ColdFusion as the web application framework. The framework is based

on standard HTML. The advantages of ColdFusion are its ability to create ad hoc

pages based on user input, database lookups, or other criteria defined by the

programmer. ColdFusion is the forerunner of Microsoft ASP.NET, JavaServer Pages, or

PHP. It was first introduced by Allaire in 1996 and is now the intellectual property of

Adobe.

Creating applications in ColdFusion is as simple as creating a static web site. However

with ColdFusion, the programmers have access to functionality not available in a static

web site of even traditional client/server applications. An application built in ColdFusion

is a collection of pages created with HTML tags as well as server side ColdFusion

Markup Language (CFML) to control the behavior of the application, integrate server

technologies, and dynamically generate content.

ColdFusion provides a number of inherent features:

Database access is simplified

Management of client and server caching

Code generation for form widgets and validation

PDK and FlashPaper conversion

Data retrieval form common enterprise systems

File indexing and searching service

Administration of GUI

XML parsing, querying, validation, and transformation


114

Server clustering

Task scheduling

File manipulation made simple

Simplified web service implementation.

ColdFusion is a Java EE application, which allows the application code to interact with

Java classes so that a variety of applications can be built utilizing existing Java

libraries. Recent developments in ColdFusion provide native support of .NET.

Developers call a .NET assembly without any recompiling or altering of the assembly.

15.4 Common Lisp

Common Lisp is a framework that standardized the various iterations of Lisp. Originally

published in the ANSI standard document Information Technology – Programming

Language – Common Lisp, the framework serves as a general purpose, multiple

paradigm language supporting procedural, functional and object-oriented programming

simultaneously. Because of its diversification, Common Lisp facilitates rapid

development of efficient run-time applications.

The defining advantage of Common Lisp is the object-oriented programming is the

toolkit, Common Lisp Object System (CLOS). The toolkit started as an add-on

originally and was adopted fully as part of the ANSI standard. CLOS is a dynamic

object system with radical differences from similar facilities found in C++ and Java. The

toolkit allows for multiple dispatches where methods treat multiple arguments

simultaneously and multiple inheritances where programming classes can inherit

behaviors and features form more than one superclass. Methods, classes, and objects

can be added and changed appropriately during runtime.

Common Lisp is generally referred to as a specification and not an implementation.

Therefore, any implementation using Common Lisp may require additional functionality.

Free Software libraries have been created to provide additional features, most notably

Common-Lisp.net and the Common Lisp Open Code Project. Some of the

applications using Common Lisp are the Jak and Daxter video games for Sony

Playstation 2 and the low fare search engine used by Orbits, American Airlines,

Continental Airlines and US Airways.


115

15.5 Groovy

As an alternative to Java, a programmer can use the object-oriented programming

language called Groovy. It is dynamic with features similar to other languages like

Python, Ruby, Perl, and Smalltalk. Groovy was first conceived by James Strachan in

August 2003, but the final release of the framework did not occur until December 2007.

The framework opens levels of convenience, expedience, and agility over the

exactness and extensiveness required by Java. The language was created from the

ground up to utilize the existing code written in Java and Java-compatible languages.

The focus of Groovy is to create an agile development framework. Groovy attempts to

provide a wide range of tasks and be applicable in many ways by:

Removing any extensive requirements for compilation

Allowing dynamic data types to exist

Removing the constraints using found in the syntax

Creating compatibility with existing Java and Java-compatible applications

Providing an interpreter for programming shells.

For developers familiar with Java or inexperienced programmers hoping to program on

the Java platform, Groovy may the framework for creating new applications with relative

ease and flexibility.

15.6 Java

The term “Java” refers to the combination of the Java programming language, the Java

Virtual Machine (JVM), and the Java platform. The language is a high level, object-

oriented programming language. The JVM executes bytecodes on a computing

platform: the intention is to interpret native code for the host. The platform, Java, is

essentially a set of standard libraries. There are two libraries available from Sun

Microsystems, the developer of Java: The Standard Edition (SE) and the Enterprise

Edition (EE).

Java is probably the most well known of web languages; it popularity shown through

the number of programming languages that attempt to work with or emulate. It was

developed in 1995 and has derived most of its syntax from C and C++ with a simpler

object model. The creation was founded on five main goals:

The language has to be simple, object oriented, and familiar

The language has to be robust and secure

The language has to be architecturally neutral and portable

The language should allow high performance execution


116

The language has to be interpreted, threaded, and dynamic.

When Java was first introduced it was used to create applets within web pages,

required simple bytecode interpretation, was slow in performance, and had a few die

hard programmers tooting the benefits of the framework. Today, Java is used to create

a variety of web applications and web services, dynamically compiles code, provides

the basis for high performance, and involves a large independent open source

community.

The promise of Java is the ability to write the code once and run it on any supported

hardware or operating system. This flexibility is obtained by compiling the code to the

Java bytecode instead of the machine code. End-users can run Java applications

within a web browser or on their desktop using a Java Runtime Environment (JRE).

Standardized libraries provide simple access to host specific features like graphics,

threading, and networking.

In truth, using bytecode provides a generous porting benefit. Unfortunately, the

overhead system requirements to compile the code into something useful can result

into poor performance. Several advancements in optimization have allowed the

performance to increase. Typically, compilation is static, or ahead-of-time (AOT),

where the code bytecode is translated directly into native code like a traditional

compiler. One optimization technique is called just-in-time compilation (JIT). The

technique creates native code from the Java bytecode when the code is first executed

and then the code is cached for future use. As Virtual Machines became more

sophisticated, dynamic recompilation was accomplished where the VM monitors the

behavior of the program and recompiles and optimizes only parts of the program. The

result is greater performance for the overall Java application.

Most applications are built to be compatible with specified operating systems and

sometimes, the hardware that it sits on. As a result, developers who desire to have

their products reach a larger market, must develop different versions of the same

application for each operating system. This can be a very costly effort. The Java

Virtual Machine provides an environment where code can run independent of the

operating system and hardware. Essentially, converting code into something usable on

a platform is a two step process. The first step requires the developer to compile the

source into bytecode. The second step has the JVM converting the bytecode into

native code for the host platform. The step performed by the JVM used to be done

through interpretation: taking each instruction and converting it when needed. JIT

compilers later did the compiling when the program started up.

Many attempts have been made to find a language to succeed Java. Fortunately,

because of tips popularity and design, many of the principles and innovations remain


117

intact; primarily the JVM, especially since a VM approach provides security, portability,

interoperability, and extensibility. Since the JVM has already solved many of the

problems of traditional software design effectively, many of the successors of Java still

use the JVM instead of creating their own.

15.7 JavaScript

Scripting languages are programming languages that have only some control over a

software application. Where programs are executed independently from other

applications, scripts, are normally extensions to existing applications. The script is

separate from the source code of the application, usually written in a different language,

and change the behavior of the application to meet the user‟s needs. A script is

typically interpreted from the source code, rather than being compiled like the

application they are associated with. The more well-known of scripting languages is

JavaScript. Originally a dialect of the ECMAScript standard, it is a dynamic, prototype-

based language with first-class functions. JavaScript was designed to look like Java,

but was actually influenced by several languages. Though JavaScript can be used to

extend the functionality of any application, it is best known for its prolific use in

websites.

15.8 Lua

Another scripting language is Lua. Because of its characteristics to be lightweight,

reflective, imperative, and functional, it has become popular with the development of

video games, like World of Warcraft. The language is best known for its powerful C

API.

The language was created as a political and cultural resolution to Brazil's national

identity in 1993. For decades, the country restricted the trade of hardware and

software within its borders. The motivation was the sense that Brazil could and should

sustain its own technological leadership. As a result, customized software had to be

developed within the country and not obtained from third-party developers outside

Brazil. Added to the geographical isolation of the country, this forced three members of

the Computer Graphics Technology Group (Tecgraf) of the Pontifical University in Rio

De Janeiro to create a scripting language for use in customized software being created

for Brazilian companies.

The languages were based on Simple Object Language (SOL) and Data-Entry

Language (DEL), both also developed at Tecgraf independently of each other and Lua.


118

Later versions of the language gained semantics from Scheme and as a result is very

similar to JavaScript. Lua is a “multi-paradigm” language that provides a small set of

features that can be applied to different problem types. It is lightweight simply because

it allows flexible meta-features that can be extended when needed, rather than a

feature-set specification to one paradigm. The programming allows for first-class

functions, garbage collection, closures, coercion and co-routines.

15.9 Perl

In 1987, a system administrator for NASA created a scripting language based in Unix to

make reporting easier. The result was a high-level, dynamic, general purpose

programming language called Perl. The system administrator, Larry Wall, is still

involved in the development of future versions of Perl. The language borrows features

from several other programming languages but is most powerful at manipulating text

files. Its flexibility and adaptability has encouraged its use in graphics programming,

system administration, network programming and applications requiring data access

and CGI on the web.

The structure for Perl is borrowed from C and is procedural in design. It takes on

features from shell programming. Perl takes lists from Lisp, associative arrays from

AWK, and regular expressions from sed. In essence, the language is a potpourri of

several languages with its own spin on things to make it practical and supportive of the

developer. This may be one of the reasons that it is commonly referred to as either the

“Swiss Army Chainsaw of Programming Languages” or “The Duct Tape of the Internet.”

Perl is often used to tie together systems and interfaces that are not designed to

interoperate and for “data munging” which processes large amounts of data for tasks

like creating reports. Many high-traffic websites use Perl in their coding, including

Amazon.com, Ticketmaster, IMDb, and Craigslist.

15.10 PHP

Though it now has the capacity to handle command line interfaces and to be used for

standalone graphical applications, PHP was originally designed in 1995 to be a

scripting language for creating dynamic web pages. It is a widely used suited for web

development and can be embedded within any HTML code. PHP typically runs on a

web server and is used to create web pages on the fly. It can be deployed on any

operating system or platform.


119

The scripting language acts as a filter by taking data from a file containing text or PHP

instructions and creates an output in the form of another stream of data, commonly

HTML. The primary context of PHP is server-side scripting and is similar to other such

scripting languages like Microsoft's ASP.NET and Sun Microsystems' JavaServer

Pages. Many development platforms are attracted to PHP because of its building

blocks and structure that promote rapid application development. PHP can be found on

many of the most popular web sites including Facebook, Wikipedia, Yahoo!, Digg, and

Tagged.

15.11 Python

Python is a general purpose programming language that emphasizes programmer

productivity and code readability. The framework minimizes its core syntax and

semantics, while providing a large and comprehensive standard library. Multiple

programming paradigms are supported, namely object oriented, imperative, functional.

It also provides features similar to Perl, Ruby, Scheme, and Tcl-like dynamic-type

systems and automatic memory management. Python was released in 1991.

One can find Python being used as a scripting language for web applications. It has

seen extensive use in the information security industry. Several software products

embed Python into their product as a scripting language, specifically 3D animation

packages. Products like Houdini, TrueSpace, Poser, Blender, Paint Shop Pro,

Civilization IV, and Eve Online all use Python. Python ships as a standard component

in most Linux distributions and the Mac OS X, and NetBSD and OpenBSD. Python is

even used on YouTube, and by large organizations like Google, Yahoo!, CERN, and

NASA.

Python strives to be a readable language with an uncluttered layout visibly. By using

English keywords instead of punctuation or using whitespace indentation instead of

curly braces or keywords, the language delivers on its promise.


120

15.12 Ruby

Ruby is a general purpose object-oriented programming language with a syntax

inspired by Perl and features similar to those found in Smalltalk. It originally came out

of Japan in the mid-1990s. The framework supports multiple programming paradigms,

the primary ones being functional, object-oriented, imperative, and reflection.

The creator of Ruby, Yukihiro Matsumoto, said that language was designed for

programmer productivity and fun. The primary deliverer of this promise is the fulfillment

of principles for a good user interface design. Therefore, the framework attempts to put

the needs of the developer before the needs of the computer. It follows the principle of

least surprise (POLS); translated as the language behaves so that it creates the least

amount of confusion for experienced users. This POLS philosophy is not supported by

the creator.

15.13 Scheme

Scheme is a dialect of Lisp. Though it can be used in any number of programming

paradigms it is popularly used for functional programming. It was developed in the

1970s. The framework provides the minimal number of notions as possible, relying on

programming libraries.

Scheme is used by a number of schools for their introductory Computer Science

courses. There are relatively sparse examples where Scheme is used elsewhere.

15.14 SmallTalk

The 1970s brought an object-oriented reflective programming language called Smalltalk

out of the famed Xerox PARC. This new language was designed for constructionist

learning: an educational methodology that stands on the proposal that learning is an

active problem where students actively construct mental models and theories around

those models.

Smalltalk has influenced the world of computer programming in four main places.

It was the major inspiration behind the syntax and semantics of other

programming languages.


121

It introduced a model of computation known as message passing.

The WIMP GUI inspired the current personal computing operating systems. In

fact, the first Macintosh desktop looked like the MVC windows of Smalltalk-80.

The visual programming tools used today are modeled after the Smalltalk

integrated development environment.

Smalltalk laid the groundwork for the commercial success of Java, as well as providing

ideas and inspiration to Python, Ruby and Perl. As such, many of the computer

advancements found in today's society have some roots within Smalltalk.

15.15 Conclusion to Web Applications Frameworks

After identifying the major web application frameworks found on the web, some

common characteristics can be ascertained. The first characteristic is the level of

influence from one framework to the next. Except for cases where certain restrictions

originally prevented influence, such as the Brazilian creation Lua, almost every

framework borrows directly or emulates properties and ideas from other programming

languages. Of course, timelines and popularity also impact the level of influence

provided. Smalltalk was one of the first frameworks and Java one of the most popular.

As such, many of the frameworks are designed to work with the most prominent code

found on the web. Fortunately, influence is not defined in one direction but is rather

multi-directional, allowing influences to persist backwards to the original concept or

across programming languages.

The influences lend themselves to another characteristic: the motivation behind most

frameworks. Essentially, most developments were completed in order to make

programming and development easier for the developer or to create richer applications.

Some of the frameworks were created in parallel with each other by different

development groups. Others strove to comply with other frameworks as a way to

ensure universal use.

One of the general distinctions between the frameworks is the programming paradigms

utilized. Many attempted to support multiple paradigms while others supported one or

two. A programming paradigm is simple a fundamental style of programming. There is

a long list of styles that a programmer may focus on; the most common are listed here:

Functional – used primarily in mathematically-based applications because it

emphasizes the use of functions. Also used when states needed to be avoided

as well as mutable data, which is data that cannot be modified after it is created.

Imperative – focuses on the management of state changes.

Object-orient – uses defined classes and instances, inheritance, encapsulation,


122

polymorphism, and other specialized programming features.

Reflective - a special case of meta-programming where the program modifies or

extends itself.


123

16 Introduction to Markup Languages

Publishing companies and editors have for centuries used a specialized language to

provide instructions for handling the structure and display of text and graphics. With

the computer age and the World Wide Web, that language has become much more

sophisticated. The same concept persists and markup languages are the foundation of

every web page and site found on the web. The most well known markup language is

the HyperText Markup Language, or HTML. But it was not the first.

16.1 SGML/HTML

In the 1960s, IBM developed a metalanguage for computers that was referred to as

General Markup Language (GML). By 1986, this creation was standardized by the

International Standards Organization (ISO) and the name changed slightly to reflect the

move: now being called the Standardized General Markup Language (SGML). The

hook for SGML was its ability to provide an abstract syntax that can be used by several

concrete syntaxes. With this implemented, many aspects of SCML can be customized

by a programmer.

The original use for SGML was to allow machine-readable documents to be shared in

large projects in government, law and industry. Each of these business sectors

requires documents to be maintained and accessible for several decades. The printing

and publishing industries have also used SGML. Unfortunately, SGML is far too

complex for small-scale use.

SGML inspired the design of HTML, specifically in tagging. HTML is sometimes

referred to as an application of SGML but critics would argue that most HTML

documents are not considered proper SGML. When Tim Berners-Lee introduced the

Worldwide Web project in 1991, he introduced a hypertext language. He called it

HTML Tags.

HTML consists of several key components:

The basic structure of HTML is elements and consists of two basic properties:

attributes and content. Restrictions are in place for each of the properties in

order for the HTML document to be valid. An element has to have a start tag

and an end tag. The attribute has to be located in the start tag and the content


124

is located between tags.

Element content can consist of several data types, including IDs, names, URIs,

numbers, and the like.

HTML defines 252 character entity references and 1,114,050 numeric entity

references which allow multiple annotations to be added to HTML documents.

The document type of a HTML document is required to be declared at the

beginning of the page in order to allow proper rendering on a website.

16.2 XML/XHTML

When SGML was first created, its purpose was to provide a way to share large

deposits of documents. At the time of its introduction the Internet was not

commercialized and the World Wide Web was not existence. When the popularity of

these technologies rose, SGML was faced with a problem, fuelling the need to handle

documents on the Internet. To resolve the problem, The World Wide Web Consortium

created a new meta markup language called Extensible Markup Language, or XML.

Fortunately, adoption was easy since every XML document was also a SGML

document.

The language also resolved some international issues that were present with SGML.

There are two correctness levels for XML documents. If a document conforms to XML

syntax rules, it is considered well formed. If a document conforms to semantic rules, it

is valid. The importance of these conformities provides the reliability for the XML

document to be shared between information systems; therefore parsers, both

conforming and validating, will disallow any processing of the document if conformity

fails.

XML works best in semi-structured environments where documentation and publication

are the focus. However because of its balance between simplicity and flexibility, XML

has been adopted for other uses including communicating data between applications.

There are quite a few advantages for using XML, the least of which is its simplicity and

efficiency. The language supports Unicode allowing information written in any human

language to be communicated. It can represent common computer science structures,

such as records, lists and trees. XML can be used for document storage and

processing on and offline and is platform independent.

Businesses have adopted XML in the publishing arena as a single source of creating

and updating document content. The move significantly reduces the time and cost for

companies that need to print the same documents that are published on the web.

Governments use XML for large documentation and printing maps. Manufacturers in

the airplane and car manufacturers use the technology to print maintenance booklets.


125

XML has been modified to create eXtensible Business Reporting Language (XBRL)

which assists in facilitating the transferral of data and reporting financial results in the

financial world.

When XML was adopted over SGML, HTML had to be revisited to ensure compatibility.

The result was XHTML. There's not much difference between XHTML and HTML, the

former is just an effort to conform to the rising interest in XML.

16.3 Conclusion to Markup Languages

An essential foundation to any web-based product is the ability to display and share

text, graphics, and pictures. Markup languages allow this to happen without extensive

programming requirements. Additional features can be added by using scripting

languages to add dynamic content to an existing web page. The combined uses of a

markup language and a programming language can provide exciting new and dynamic

creations for users of the Internet and even standalone web-based products.


126

17 Benefits for Web Applications

The world is evolving and with it a demand for greater ease, accessibility, and

innovation. The Internet and World Wide Web have had a tremendous influence on

personal computing. Web 2.0 and cloud computing technologies have already

impacted business computing in various directions. Creating a web application within

this environment has numerous benefits to the developer and the user.

Scalability on the web is highly desirable. Traditionally, an application being distributed

to the business organization had to have license agreements for every instance of the

application in the environment. The more instances found, the more expensive the

application. Additionally, in order to support a server-based application in multiple

locations, a different server had to be in place that was geographically convenient.

Utilizing the web, scalability is much easier. First, an additional desktop application is

not required since all that is needed is a web browser which is usually already available

on a machine. Second, by using a web platform as a service, the use of servers is

based on use, not the entire machine; therefore, if only a tenth of the server is used,

the customer only pays for a tenth of its use. Most services already handle any

concerns for redundancy and duplicate instances, though some service providers will

even allow a company to instruct how many primary instances and their locations

should be supported. The use of a web service also covers the occasions where

usage spikes appear: the service simply reroutes the additional use to free resources

within the environment. Since most spikes are temporary, the impact is not

tremendous; however, if the increase persists then the resources are promised to be

there.

The primary technology behind web implementation is virtualization; that is, an abstract

rendering of the resources used. So instead of several dozen storage volumes, one

large storage volume is rendered. Out of one instance of an application, several

instances can be rendered. The benefit of virtualization is the reliability that it brings to

the environment. Along with workload balancing, redundancies, and any other

technologies, the ability to ensure that when a user wants to connect to a web

application, the more likely that will happen.

Security is one of the basic concerns for any business and having their applications

and databases hosted on a platform as public as the Internet and World Wide Web

increase the concerns. However, the Internet has not proven to be any more or less

secure than traditional networks connected to the Internet. Some proponents stand by


127

claims that the Internet is actually more secure than communication inside a business

network. This may be true since the majority of security threats experienced by IT

departments are from internal sources, mostly unintentional. If the application is placed

on the web, the application is now accessible from outside the network, thus increasing

the security.

Security on the web has proven the most secure of IT solutions. With the number of

businesses requiring account information, financial information, and the like, the

controls and protection placed into individual websites make them more secure than

many of the traditional networks a decade ago. And the technology around security is

only going to improve.

Availability on the web is another major concern. Fortunately, the web is available at

any time, in any location, with only a browser and a connection to the Internet. The

system controls on web platforms provide additional assurances that the applications

will remain available to the user.


128

17.1 Progress Review Questions

1. In Microsoft acquired Hotmail.

a) 1996

b) 1997

c) 1998

d) 1999

TRUE or FALSE 2. Google Sites service offers only a limited use of XML.

3. What has helped SaaS become more popular and widely developed in recent years?

a) ASP b) Ajax c) OD Computing d) None of the above

4. When cloud computing is used, control may be lost over:

a) Security

b) Storage

c) Privacy

d) All of the above


129

18 Service Management Processes

There are a number of service management processes from the ITIL framework that

can play a role in SaaS and Web Application development, support and delivery. This

chapter will explore some of those key processes. You will be familiar with some of

these processes from the Cloud Computing Foundation program. The most relevant

processes for SaaS and Web Applications have been selected to provide a refined

overview.

18.1 IT Financial Management

Objective: To provide cost-effective stewardship of the IT assets and the financial

resources used in providing IT services.

IT Financial Management enables an organization to fully account for the amount spent

on IT Services, and to attribute these costs to the services delivered to the

organization‟s customers.

Using IT Financial Management to provide services with cost transparency clearly

understood by the business and then rolled into the planning process for demand

modeling and funding is a powerful benefit for the organization. It enables the best

balance to be struck between the opportunities available for the business against the

capability levels of the IT organization.

Business Impact Analysis (BIA)

A BIA seeks to identify a company‟s most critical business services through analysis of

outage severity translated into a financial value, coupled with operational risk. This

information can help shape and enhance operational performance by enabling better

decision-making regarding prioritization of incident handling, problem management

focus, change and release management operations, project priority, and so on. It is a

beneficial tool for identifying the cost of service outage to a company, and the relative

worth of a service. These two concepts are not identical.

The cost of service outage is a financial value placed on a specific service, and is

meant to reflect the value of lost productivity and revenue over a specific period of time.

The worth of a service relative to other services in a portfolio may not result exclusively

from financial characteristics. Service Value, as discussed earlier, is derived from


130

characteristics that may go beyond Financial Management, and represent aspects such

as the ability to complete work or communicate with clients that may not be directly

related to revenue generation. Both of these elements can be identified to a very

adequate degree by the use of BIA. While this section will discuss and illustrate the

approach to creating a BIA format and output, these are not the only options and

alternative formats are visible throughout industry.

A number of steps need to be completed while generating a BIA. Some of the high-

level activities are as follows:

1. Arrange resources from the business and IT that will work together on the

analysis.

2. Identify all of the top candidate services for designation as critical, secondary or

tertiary (you do not need to designate them at this point).

3. Identify the core analysis points for use in assessing risk and impact, such as:

Lost sales revenue

Fines

Failure risk

Lost productivity

Lost opportunity

Number of users impacted

Visibility to shareholders, management, etc.

Risk of service obsolescence

Harm to reputation among customers, shareholders and regulatory

authorities.

4. With the business, weigh the identified elements of risk and impact.

5. Score the candidate services against the weighted elements of risk and impact,

and total their individual risk scores (you can utilize a FMEA for additional input

here).

6. Generate a list of services in order of risk profile.

7. Decide on a universal time period with which to standardize the translation of

service outage to financial cost (1minute, 1 hour, 1 day, etc.).

8. Calculate the financial impact of each service being analyzed within the BIA

using agreed methods, formulas and assumptions.

9. Generate a list of services in order of financial impact.

10. Utilize the risk and financial impact data generated to create charts that illustrate

the company‟s highest risk applications that also carry the greatest financial

impact.

A „chargeback‟ model for IT can provide accountability and transparency. However,

if the operating model currently provides for a more simplistic annual replenishment

of funds, then charging is often not necessary to provide accountability or

transparency.


131

Charging should be done to encourage behavioral changes related to steering

demand for IT services. Charging must add value to the business and be in

business terms, and it should have a degree of simplicity appropriate to the

business culture. The most difficult and critical requirement of the model is its

perceived fairness, which can be imparted if the model provides a level of

predictability that the business typically desires, coupled with the mutual

identification of services and service values.

Chargeback models vary based on the simplicity of the calculations and the ability

for the business to understand them. Some sample chargeback models and

components include:

Notational charging;

Tiered subscription;

Metered usage;

Direct Plus; and

Fixed or user cost.

No matter which methodology is used, or none at all, it is more important to make

certain that the overriding substantiation comes from providing value to the business.

18.1.1 IT Financial Management and SaaS

Financial Management for IT Services is used for the following:

ROI as part of the business case for the development of a Software Service

From a marketing point of view you will need to be able to communicate your

VOI or Value On Investment, which not only includes the monetary return but

also additional benefits to the clients.

Actual costing of the ongoing management and maintenance of the service

Based on this you will be able to create a pricelist for your services that

enables you to predict your profitability per product, region of client.

Make sure the total cost in delivering the service, including all variable costs for

maintenance and unplanned events, is known. Once the pricelist is set, it can‟t be

changed easily and ultimately, the business wants to make a profit.


132

18.2 Information Security Management

Objective: To align IT security with business security and ensure that information

security is effectively managed in all service and Service Management activities.

ISM needs to be considered within the overall corporate governance framework.

Corporate governance is the set of responsibilities and practices exercised by the

board and executive management with the goal of providing strategic direction,

ensuring the objectives are achieved, ascertaining the risks are being managed

appropriately and verifying that the enterprise‟s resources are used effectively.

Information security is a management activity within the corporate governance

framework, which provides the strategic direction for security activities and ensures

objectives are achieved. It further ensures that the information security risks are

appropriately managed and that enterprise information resources are used responsibly.

The purpose of ISM is to provide a focus for all aspects of IT security and manage all IT

security activities.

The term „information‟ is used as a general term and includes data stores, databases

and metadata. The objective of information security is to protect the interests of those

relying on information, and the systems and communications that deliver the

information, from harm resulting from failures of availability, confidentiality and integrity.

For most organizations, the security objective is met when:

Information is available and usable when required, and the systems that provide

it can appropriately resist attacks and recover from or prevent failures

(availability)

Information is observed by or disclosed to only those who have the right to know

(confidentiality)

Information is complete, accurate and protected against unauthorized

modification (integrity)

Business transactions, as well as information exchanges between enterprises,

or with partners, can be trusted (authenticity and non-repudiation).

Prioritization of confidentiality, integrity and availability must be considered in the

context of business and business process. The primary guide to defining what must be

protected and the level of protection has to come from the business. To be effective,

security must address entire business processes from end-to-end and cover the

physical and technical aspects. Only within the context of business needs and risks can

management define security.


133

freya.dixon

BLANK


134

Policies/principles/basic concepts

Prudent business practices require that IT processes and initiatives align with the

business processes and objectives. This is critical when it comes to information

security, which must be closely aligned with business security and business needs.

Additionally all processes within the IT organization must include security

considerations.

Executive management is ultimately responsible for the organization‟s information and

is tasked with responding to issues that affect its protection. In addition, boards of

directors are expected to make information security an integral part of corporate

governance. All IT service provider organizations must therefore ensure that they have

a comprehensive ISM policy(s) and the necessary security controls in place to monitor

and enforce the policies.

The Information Security Management process and framework will generally consist of:

An Information Security Policy and specific security policies that address each

aspect of strategy, controls and regulation

An Information Security Management System (ISMS), containing the standards,

management procedures and guidelines supporting the information security

policies

A comprehensive security strategy, closely linked to the business objectives,

strategies and plans

An effective security organizational structure

A set of security controls to support the policy

The management of security risks

Monitoring processes to ensure compliance and provide feedback on

effectiveness;

Communications strategy and plan for security

Training and awareness strategy and plan.

The Information Security Policy

Information Security Management activities should be focused on and driven by an

overall Information Security Policy and a set of underpinning specific security policies.

The ITP should have the full support of top executive IT management and ideally the

support and commitment of top executive business management. The policy should

cover all areas of security, be appropriate, meet the needs of the business and should

include:

An overall Information Security Policy

Use and misuse of IT assets policy

An access control policy

A password control policy


135

An email policy

An Internet policy

An anti-virus policy

An information classification policy

A document classification policy

A remote access policy

A policy with regard to supplier access of IT service information and components

An asset disposal policy.

These policies should be widely available to all customers and users, and their

compliance should be referred to in all SLRs, SLAs, contracts and agreements. The

policies should be authorized by top executive management within the business and IT,

and compliance to them should be endorsed on a regular basis. All security policies

should be reviewed – and, where necessary, revised – on at least an annual basis.

The Information Security Management Systems (ISMS)

The framework or the ISMS in turn provides a basis for the development of a cost-

effective information security program that supports the business objectives. It will

involve the Four Ps of People, Process, Products and technology as well as Partners

and suppliers to ensure high levels of security are in place.

ISO 27001 is the formal standard against which organizations may seek independent

certification of their ISMS (meaning their frameworks to design, implement, manage,

maintain and enforce information security processes and controls systematically and

consistently throughout the organizations). The ISMS in the following diagram shows

an approach that is widely used and is based on the advice and guidance described in

many sources, including ISO 27001.


136

Framework for managing IT security

18.2.1 Information Security Management and SaaS

This is a very important process for SaaS delivery. Not only do systems need to be secure to ensure the guaranteed availability of the service, but the business has the responsibility for the content, the information of the clients. As an example, when you provide a CRM solution, your clients want to make sure that nobody outside of their organization has access to their clients and sales records. So you need to keep your data centers, systems and software secure enough to be able to guarantee this.

This extends beyond the technical security of passwords and user IDs. This includes physical security at the data center or server room, it also includes organizational and procedural security measures.

Every time before you make a major change you will need to make a snapshot of the current security measures. You need to do this to enable a rollback scenario for Release and Deployment Management.


137

18.3 Release & Deployment Management

Objective: To deliver, distribute and track one or more changes in a release into the

live environment.

Often forgotten about or ignored in many IT Service Management implementations or

initiatives, Release and Deployment can be mistakenly seen as the poor cousin of

Change Management, being of less importance and priority to both the business and IT

organizations.

Much of the confusion and misunderstanding is perpetuated by the idea that Release

and Deployment only focuses on the actual distribution of changes to the live

environment. While timely and accurate distribution is indeed a goal of the process, the

actual scope includes all of the activities, systems and functions required to build, test

and deploy a release and enable effective handover to Service Operations.

In conjunction with Change Management, Release and Deployment will enhance an

organization‟s capabilities to develop, compile, reuse, distribute and rollback releases

in accordance with defined policies that improve efficiency and reduce business

disruption.

To deploy new releases into production, transition support to service operation, and

enable its effective use in order to deliver value to the customer.

Other objectives of Release and Deployment are:

To define and agree upon release policies, and Release and Deployment plans

with customers and stakeholders

Ensure the integrity of constructed release packages and that they are recorded

accurately in the Configuration Management System (CMS)

Ensure that all release packages can be tracked, installed, verified, uninstalled

or backed out if necessary

Ensure the required skills and knowledge is transferred to support staff,

customers, end-users, suppliers and any other relevant stakeholders

There is minimal unpredicted impact on the production services, customers and

service operations.

Release and Deployment works closely in conjunction with the other RCV processes to

enable the quality transition of services. The role played specifically by Release and

Deployment is to build, package, validate and distribute authorized service changes to

the target systems or users. A release is a collection of authorized changes to an IT

service.


138

When identifying the benefits that Release and Deployment provides, it is important to

remember that it should be utilized in conjunction with the other Service Transition

processes. As a result, improvements in the metrics defined for Release and

Deployment may be at the expense of the other transition processes. Typical benefits

seen as a result of improved Release and Deployment are:

Delivering change, faster, at optimum cost and minimized risk

Assuring customers and users they can use the new or changed service in a

way that supports the business goals

Improving consistency in implementation approach across the business change,

service teams, suppliers and customers

Contributing to meeting auditable requirements for traceability through Service

Transition.

Well planned and implemented release and deployment will make a significant

difference to an organization's service costs. A poorly designed release and

deployment will, at best, force IT personnel to spend significant amounts of time

troubleshooting problems and managing complexity. At worst, it can cripple the

environment and degrade the live services.

Release Unit:

A „release unit‟ describes the portion of a service or IT infrastructure that is normally

released together according to the organization‟s release policy. When defining the

most appropriate release unit structure, the following factors should be taken into

account:

The ease and amount of change necessary to release and deploy the release

unit

The amount of resources needed to build, test and distribute a release unit

The complexity of interfaces between the proposed unit and the rest of the

services and IT infrastructure

The storage and resources available in the build, test, distribution and live

environments.

Based on these factors, it may mean that for critical applications the release unit is the

complete set of application components, and for optional features or add-ons, only the

single component itself.


139

Release Package:

A release package may be a single release unit or a structured set of release units,

including the associated user or support documentation that is required. Like the

definition of release units, factors such as the modularity of components, the amount of

change occurring and resources required will be considered when formulating a

complete Release Package.

Release Identification:

The unique release identification scheme which is normally defined in the Release

Policy and conforms to any standards defined by Service Asset and Configuration

Management. Typical identification schemes include the following examples:

Major Release: Banking_System v1, v2, v3 etc.

o Major roll-out of new hardware and/or software.

Minor Release: Banking_System v1.1, v1.2, v1.3 etc.

o A few minor improvements and fixes to Known Errors.

Emergency Fix: Banking_System v1.1.1, v1.1.2 etc.

o A temporary or permanent Quick Fix for a Problem or Known Error.

Definitive Media Library (DML):

DML is the secure library where the definitive authorized versions of all media CIs

(typically software) are stored and protected. The DML should include definitive copies

of purchased software (along with license documents and any controlled information)

as well as software developed on site.


140

The DML includes both electronic and physical copies of definitive software releases,

with Release and Deployment being responsible for any additions, modifications,

removals or maintenance that needs to be performed.

Definitive Spares:

Physical storage of all spare IT components and assemblies maintained at the

same level as within the live environment. New IT assemblies are stored here until

ready for use, and additional components can be used when needed for additional

systems or in the recovery from incidents. Like the DML, details of these assemblies

are recorded in the CMDB, and their management and deployment the responsibility of

the Release and Deployment process.

Build Management:


141

The software, hardware and documentation that comprise a release unit should be

assembled in a controlled manner to ensure a repeatable process. This should include

automation where possible for its compilation and distribution, which for large

organizations can significantly reduce the Total Cost of Ownership (TCO) for the

services involved.

18.3.1 Release and Deployment and SaaS

Every piece of software goes through a lifecycle that is more or less predictable.

Especially with SaaS services, a business continually learns from its clients who use

the software within their own business processes. New patches, emergency releases,

security fixes or major upgrades will have to be implemented.

Release and Deployment Management in a SaaS environment is not easy, especially

since clients can be spread across every time zone so there is no good time to stop the

service to run an update or upgrade. Most important for the success of this process is

communication. Let the customer know what is going to happen and when it is going to

take place.

Example from our experience on how not to do Release and Deployment Management:

A SaaS provider decided to do a server upgrade over the weekend; however, they

failed to communicate this to their clients. On Monday morning the boss received a

phone call from the Sales Department complaining that the system was unavailable.

After a phone call to the SaaS provider, it turns out that the server upgrade had failed

and they were trying to roll back to the previous version. It was now after 10am on

Monday morning and the sales team still didn‟t have access to the data.

This incident was the start of a snowball effect that eventually resulted in cancellation of

the contract with the SaaS provider. A loss of revenue that could (and should) have

been avoided by proper Release and Deployment Management and proactive

communication with the clients.

Clients understand when things happen that are not supposed to, happen... but they

don‟t understand why a business can‟t proactively manage this!

18.3.2 Release Management and Web Applications


142

Release Management covers the distribution of software without limitation on platform

or other methods of distribution. The discipline concerns itself with ensuring that the

software is properly developed and tested before being introduced to the production

environment. Release Management also manages quality control over development

and implementation.

For purposes already mentioned, the definition of a release is ambiguous and may not

be resolved for quite some time. In reference to web applications, there might be a

significant number of functional changes to the application before the recognition of a

new release is even made. The trend is that new releases are announced when a new

standard, such as changing from HTML-based documentation to XML-based

documentation, is applied to the application code. For now, this may be the most

sufficient definition for major releases. An alternate solution is the tracking of mini-

releases in the form of new functions and features. In this situation, releases may

happen every day or once a month.

However the term release is defined, the goals of release management are the same:

Effectively planning the rollout of software

Establishing well designed procedures for distributing and installing changes to

the application, especially the core components

Managing the expectations of customers effectively including appropriate

communication

Controlling the distribution and installation of changes to ensure the change is

properly executed.

18.4 Knowledge Management

Objective: To enable organizations to improve the quality of management decision

making by ensuring that reliable and secure information and data is available

throughout the service lifecycle.

The primary purpose of Knowledge Management is to improve efficiency by reducing

the need to rediscover knowledge. This requires accessible, quality and relevant data

and information to be available to staff.

The goals of Knowledge Management are to:

Enable the service provider to be more efficient and improve quality of service,

increase satisfaction and reduce the cost of service

Ensure staff have a clear and common understanding of the value that their

services provide to customers, and the ways on which benefits are realized for

the use of those services


143

Ensure that, at a given time and location, service provider staff have adequate

information on:

o Who is currently using their services

o The current states of consumption

o Service delivery constraints

o Difficulties faced by the customer in fully realizing the benefits expected

from the service.

The quality of decision making within the Service Lifecycle depends on the ability and

understanding of those parties involved, the understanding of the benefits and

consequences of actions taken, and the analysis of any of the surrounding issues

involved. All of this, in turn, depends on the availability of accurate and timely

knowledge, information and data provided in a way that can be easily accessed and

interpreted by the appropriate parties.

Knowledge rests on the management of the information and data that underpins it. To

be efficient this process requires an understanding and maintenance of the following

key activities:

• Establishing data and information requirements

• Define the information architecture

• Establishing data and information management procedures.


144

Data, Information, Knowledge, Wisdom (DIKW)

Knowledge Management is usually seen within the context of the DIKW structure seen

below.

Data

Conte

xt

Understanding

Wisdom

Why?

Knowledge

How?

Information

Who, what,

when, where?

Data

Conte

xt

Understanding

Wisdom

Why?

Knowledge

How?

Information

Who, what,

when, where?

Data

Data is a set of discrete facts. Most organizations capture significant amounts of data

every day. Knowledge Management activities seek to improve the capabilities for

capturing, analyzing, synthesizing data and transforming it into information.

Information

Information comes from providing context to data. This usually requires capturing

various sources of data and applying some meaning or relevance to the set of facts.

Knowledge Management focuses on measures for capturing, finding and reusing

information so that work is not duplicated.

Knowledge

Knowledge is composed of the experiences, ideas, insights and judgments from

individuals and from their peers. This usually requires the analysis of information, and

is applied in such a way to facilitate decision making.


145

Wisdom

The ability to ultimately discern material and having the application and contextual

awareness to provide a strong common sense judgment. The use of wisdom ultimately

enables an organization to direct its strategy and growth in competitive market spaces.

We can use tools and databases to capture data, information and knowledge, but

wisdom cannot be captured this way, as wisdom is a concept relating to abilities to use

knowledge to make correct judgments and decisions.

The Service Knowledge Management System (SKMS)

The SKMS describes the complete set of tools and databases that are used to manage

knowledge and information, including the Configuration Management System as well

as other tools and databases. The SKMS stores, manages, updates and presents all

information that an IT service provider needs to manage the full lifecycle of its services.

The main purpose of the SKMS is to provide quality information so that informed

decisions can be made by the IT service provider.

Where the CMS focuses on providing information relating to the configuration of the IT

infrastructure, the SKMS has a broader scope (as implied by the diagram) which

includes anything pertaining to the needs of service management, including:

Experience of staff

Records of peripherals


146

Supplier and partner requirements and abilities

Typical and anticipated user skill levels.

18.4.1 Knowledge Management and SaaS

The ITIL process of Knowledge Management plays an important role in the capturing

and utilization of data, information and knowledge about systems, solutions, services,

processes and resources (including people). This process helps to understand how the

various IT components work together to deliver the solution or software as a service.

The knowledge extends beyond the software application and covers all support and

maintenance issues.

Knowledge Management also extends to client data and information. What type of

services do they use, why did they subscribe to it? It is important to keep a clear and

complete overview of all incidents relating to the customer so the right type of customer

service can be delivered. The knowledge base should ideally also be linked to your

Known Error and standard solutions database. This will help with the timeliness of

incident resolution and improved customer satisfaction.

Based on historical data of your customer (or customer group), a business can make

decisions on product development or marketing campaigns.

Ultimately the integration of various sources of information (from technical data to

customer satisfaction data) will give a business the opportunity to show a more human

face to customers and to tailor service delivery to various client groups.

18.5 Incident Management

Objective: To restore normal service operation as quickly as possible and minimize the

adverse impact on business operations, thus ensuring that the best possible levels of

service quality and availability are maintained.

In ITIL terminology, an „incident‟ is defined as an unplanned interruption to an IT

service or reduction in the quality of an IT service. Failure of a configuration item that

has not yet impacted service is also an incident. Incident Management is the process

for dealing with all incidents; this can include failures, questions or queries reported by

the users (usually via a telephone call to the Service Desk), by technical staff, or

automatically detected and reported by event monitoring tools.

The value of Incident Management includes:


147

The ability to detect and resolve incidents, which results in lower downtime to

the business, which in turn means higher availability of the service. This means

that the business is able to exploit the functionality of the service as designed.

The ability to align IT activity to real-time business priorities. This is because

Incident Management includes the capability to identify business priorities and

dynamically allocate resources as necessary.

The ability to identify potential improvements to services. This happens as a

result of understanding what constitutes an incident and also from being in

contact with the activities of business operational staff.

The Service Desk can, during its handling of incidents, identify additional service

or training requirements found in IT or the business.

Incident Management is highly visible to the business, and it is therefore easier to

demonstrate its value than most areas in Service Operation. For this reason, Incident

Management is often one of the first processes to be implemented in Service

Management projects. The added benefit of doing this is that Incident Management can

be used to highlight other areas that need attention – thereby providing a justification

for expenditure on implementing other processes.

Timescales

Timescales must be agreed for all incident-handling stages (these will differ depending

upon the priority level of the incident) – based upon the overall incident response and

resolution targets with the SLAs – and captured as targets within OLAs and

Underpinning Contracts (UCs). All support groups should be made fully aware of these

timescales. Service Management tools should be used to automate timescales and

escalate the incident as required based on pre-defined rules.

Incident Models

Many incidents are not new – they involve dealing with something that has happened

before and may well happen again. For this reason, many organizations will find it

helpful to pre-define „standard‟ Incident Models – and apply them to appropriate

incidents when they occur.

An Incident Model is a way of pre-defining the steps that should be taken to handle a

process (in this case a process for dealing with a particular type of incident) in an

agreed way. Support tools can then be used to manage the required process. This will

ensure that „standard‟ incidents are handled in a pre-defined path and within pre-

defined timescales.

Incidents which would require specialized handling can be treated in this way (for

example, security-related incidents can be routed to Information Security Management


148

and capacity- or performance-related incidents that would be routed to Capacity

Management).

The Incident Model should include:

The steps that should be taken to handle the incident

The chronological order these steps should be taken in, with any dependences

or co-processing defined

Responsibilities; who should do what

Timescales and thresholds for completion of the actions

Escalation procedures; who should be contacted and when

Any necessary evidence-preservation activities (particularly relevant for security-

and capacity-related incidents).

The models should be input to the incident-handling support tools in use and the tools

should then automate the handling, management and escalation of the process.

Major Incidents

A separate procedure, with shorter timescales and greater urgency, must be used for

„major‟ incidents. A definition of what constitutes a major incident must be agreed and

ideally mapped on to the overall incident prioritization system – such that they will be

dealt with through the major incident process.

Note: People sometimes use loose terminology and/or confuse major incident with a

problem. In reality, an incident remains an incident forever – it may grow in impact or

priority to become a major incident, but an incident never „becomes‟ a problem. A

problem is the underlying cause of one or more incidents and remains a separate entity

always!

Some lower-priority incidents may also have to be handled through this procedure –

due to potential business impact – and some major incidents may not need to be

handled in this way if the cause and resolutions are obvious and the normal incident

process can easily cope within agreed target resolution times – provided the impact

remains low!

Where necessary, the major incident procedure should include the dynamic

establishment of a separate major incident team under the direct leadership of the

Incident Manager, formulated to concentrate on this incident alone to ensure that

adequate resources and focus are provided to finding a swift resolution. If the Service

Desk Manager is also fulfilling the role of Incident Manager (say in a small

organization), then a separate person may need to be designated to lead the major

incident investigation team – so as to avoid conflict of time or priorities - but should

ultimately report back to the Incident Manager.


149

If the cause of the incident needs to be investigated at the same time, then the Problem

Manager would be involved as well but the Incident Manager must ensure that the

service restoration and underlying cause are kept separate. Throughout, the Service

Desk would ensure that all activities are recorded and users are kept fully informed of

progress.

18.5.1 Incident Management and SaaS

Incident Management for SaaS is an interesting process as a number of angles need to

be covered:

Incidents that occur in the internal organization. The IT group (both development

and support) as well as the internal business process groups will have incidents

(unplanned events that cause or may cause disruption or degradation of

service). Processes and procedures to deal with these incidents must be in

place.

Incidents that occur because external clients use those software services.

Both types of incidents are important to capture and manage, and you will need

to design your process to cater for both groups of incidents.

Also, how are external clients going to contact the business with their incidents?

Is there a helpdesk number or email address for support? Or are they expected

to contact their internal service desk which has access to your knowledge base?

18.5.2 Incident Management and Web Applications

The purpose of Incident Management is to restore service operations to normal

conditions are quickly as possible and to minimize the impact of interruptions on the

business. Normal conditions are defined by the Service Level Agreements. Incidents

beyond the capabilities of the Help Desk are assigned to a specialist support group to

be resolved quickly. Incidents end when a resolution or a work around to the problem

is in place.

Incidents and problems are distinguishable from each other. Incidents are a disruption

to service and are most often already associated with a known error. Because of this,

resolutions can be found easily and quickly. Unfortunately, there are times when the

source of the disruption is unknown and resolution is not in sight. In these situations, a

bypass is identified and implemented so that the service is no longer disrupted. The

use of redundant system is a simple method of bypassing incidents. Unfortunately, the


150

original problem still exists. This is where Problem Management takes over to identify

the root cause of the problem and find a resolution to prevent it from recurring.

18.6 Change Management

Objective: To ensure all changes are assessed, approved, implemented and reviewed

in a controlled manner.

The ability to control and manage changes to defined IT services and their supporting

elements is viewed as fundamental to quality service management. When reviewing

the typical strategic objectives defined for an IT service provider, most of these are

underpinned by the requirement of effective change control. These include strategies

focusing on time-to-market, increased market share or high availability and security

platforms, all of which require a controlled process by which to assess, control and

manage changes with varying levels of rigor.

Changes arise for a number of reasons, including:

Requests of the business or customers, seeking to improve services, reduce

costs or increasing ease and effectiveness of delivery and support

From internal IT groups looking to proactively improve services or to resolve

errors and correct service disruption.

The process of Change Management typically exists in order to:

Optimize risk exposure (defined from both business and IT perspectives)

Minimize the severity of any impact and disruption

Deliver successful changes at the first attempt.

To deliver these benefits it is important to consider the diverse types of changes that

will be assessed and how a balance can be maintained in regards to the varying needs

and potential impacts of changes. In light of this, it is important to interpret the following

Change Management guidance with the understanding that is intended to be scaled to

suit the organization and the size, complexity and risk of changes being assessed.

To ensure that standardized methods and procedures are used for controlled,

efficient and prompt handling of all changes, in order to minimize the impact of

change-related incidents upon service quality, and consequently to improve the day-to-

day operations of the organization.

“Remember: Not every change is an improvement, but every improvement is a

change!”


151

Change Management‟s purpose is also to ensure that:

All changes to service assets and configuration items (CIs) are recorded in the

Configuration Management Systems (CMS).

Overall business risk is optimized.

The term change is often defined in varying ways, however the best definition of a

service change is: “Any alteration in the state of a Configuration Item (CI). This includes

the addition, modification or removal of approved, supported or baselined hardware,

network, software, application, environment, system, desktop build or associated

documentation.”

It is important, however, that every organization defines those changes which lie

outside the scope of their service change process (such as operational or business

process and policy changes).

The figure above demonstrates the typical scope of the Change Management process

for an IT Service Provider and how it interfaces with the business and suppliers at

strategic, tactical and operational levels. As discussed in 4.1.4, Service Portfolios

provide the clear definition of all planned, current and retired services.

Designing and Planning


152

It is generally advised that the Change Management process should be planned in

conjunction with Release & Deployment, and Service Asset & Configuration

Management. These processes together will help in the evaluation of impact, needs,

timings and overall risk for changes being assessed.

The checklist of typical requirements when designing the Change Management

process includes:

Regulatory, policy or other compliance requirements

Documentation requirements

Identification of impact, urgency and priority codes for changes

Roles and responsibilities involved

Procedures required

Interfaces to other Service Management processes (e.g. Problem Management)

Toolset requirements to support Change Management

Configuration Management interfaces.

Change Management Activities

The following diagram represents the typical activities involved for normal changes that

have been identified. The actual steps and procedures need to be further refined

depending on any specific Change Models that have been created.


153

Overview of Important Steps

1. The RFC is recorded.

2. Review the RFC for classification and prioritization.

3. Assess and evaluate the change – may require involvement of CAB or ECAB.

4. Authorization or rejection of the change.

5. The change is scheduled.

6. Work orders are issued for the build of the change (but carried out by other

groups).

7. Change Management coordinates the work performed.

8. The change is reviewed.

9. The change is closed.

scheduled

Create

RFC

Change

proposal

(optional)

Record the RFC

Review RFC

Assess and evaluate

change

Authorize Change

Plan updates

Co-ordinate change*

Initiator requested

Change Management

Ready for evaluation

Change authority

Change Management

Change Management

Evaluation

report

implemented

Review and close

Work orders

Work orders

authorized

Ready for decision

Up

date

ch

an

ge a

nd

co

nfig

uratio

n in

form

atio

n in

CM

S

Authorize Change proposal


154

1. The RFC is recorded

The change is raised by a request from the initiator. The level of information recorded

for a change depends largely on the size and impact of the change. Some information

is recorded initially and some information updated as the change document progresses

through its lifecycle. This may be recorded directly on the RFC form and details of the

change and actions may be recorded in other documents and referenced from the RFC

such as business cases.

For a major change with significant organizational and/or financial applications, a

change proposal may be required, which will contain a full description of the change

together with a business and financial justification for the proposed change. The

change proposal will include sign off by appropriate levels of business management.

2. Review the RFC for classification and prioritization

To ensure Change Management is using an appropriate level of control based on

factors of risk, cost and complexity, an initial review should act as a filtering mechanism

to apply the correct Change Model (classification), identify the relative priority of the

change, and to ensure that the required details are supplied. Procedures should

stipulate that, as changes are logged, Change Management reviews each change

request and return any that are:

Totally impractical

Repeats of earlier RFCs

Incomplete submissions.

These requests will be returned to the initiator, together with brief details of the reason

for the rejection, and the log should record this fact. There should be an opportunity to

appeal, via normal management channels, and should be incorporated within the

procedures.

3. Assess and evaluate the change

All changes will be assessed for their relative potential impact, risk and resource

requirements. Depending on the Change Model that has been applied, this assessment

may require involvement from:

The Change Manager and Change Owner for local authorization

The Change Advisory Board (representing all key stakeholders)

The IT Management (Steering) Board

Business Executive Board.


155

The scope of potential impacts on services for failed changes is wide, so the

assessment needs to identify potential for:

Impact on customer‟s business operation

Effect on SLAs, baselines, service models, security etc.

Impact on other services

Impact on non-IT infrastructures

Effect of not implementing

Cost and staffing implications

Current Change Schedule

Ongoing resources required after implementation

Impact on continuity plan, capacity plan, security plan, test environments, and

any Service Operation practices.

The following table describes the type of hierarchical structures that may be used for

different levels of change authorization. A degree of delegated authority may also exist

within an authorization level. Formal authorization is obtained for each change from a

change authority that may be a role, person or a group of people. The levels of

authorization for a change should be judged by:

• Type

• Size

• Risk

• Financial implications

• Scope.

Level

Change Authority Potential Impact/Risk

1 Business Executive Board.

High cost/risk change

- Executive decision

2 The IT Management (Steering) Board

Change impacts multiple

services/ organizational divisions

3 Change Advisory Board (CAB) or

Emergency CAB (ECAB)

Change impacts only local/

service group

4 Change Manager Change to a specific component

of an IT Service

5 Local Authorization Standard Change


156

The 7 Rs of Change Management provides a set of guiding questions that need to be

answered as part of the overall assessment for changes. These questions are:

1. Who RAISED the change?

2. What is the REASON for the change?

3. What is the RETURN required from the change?

4. What are the RISKS involved in the change?

5. What RESOURCES are required to deliver the change?

6. Who is RESPONSIBLE for the build, test and implementation of the change?

7. What is the RELATIONSHIP between this change and other changes?

4. Authorization or rejection of the change

While the responsibility for authorization of changes lies with the Change Manager,

they in turn will ensure they have the approval of three main areas.

Financial Approval - What‟s it going to cost? And what‟s the cost of not doing it?

Business Approval - What are the consequences to the business? And not doing

it?

Technology Approval - What are the consequences to the infrastructure? And

not doing it?

When authorizing changes, it is important to consider both the implications of

performing the change, as well as the impacts of NOT implementing the change. This

also requires empowering the Change Manager with an appropriate level of authority,

as their primary role is to protect the integrity of the IT infrastructure and the services

provided to customers.

5. The Change is scheduled

The assessment of the change will have provided an estimation of the resource

requirements for delivering a successful change. Change Management will need to

coordinate with Release and Deployment Management so that any activities required

for the build, test or implementation of the change will be scheduled when resources

are available and when they least impact on live services or business critical times.

The timing of events and eventual implementation will be communicated via the

Change Schedule, and visible to the appropriate IT staff members, customers and end-

users. Any service disruption is documented in with the Projected Service Outage

(PSO). This details any revised Service Level Agreement and service availability

targets because of the events in the Change Schedule, in addition to any planned

downtime from other causes such as planned maintenance and data backups.


157

6. Work orders are issued for the build of the change (but carried out by

other groups)

Change Management will coordinate with Release and Deployment to identify the

groups or individuals responsible for the implementation of the various elements

making up the change. This will be greatly influenced by the availability of staff and any

Release policies defining how and when changes are released to the live environment.

7. Change Management coordinates the work performed

Change Management plays a co-ordination role as implementation is the responsibility

of others (under the direction of Release and Deployment management or from Project

Management groups).

This is an oversight role to ensure that all changes that can be and are thoroughly

tested. Special care needs to be taken during implementation in all cases involving

changes that have not been fully tested.

Remediation Planning is a critical element during the coordination of changes. Ideally,

no change should be approved without having explicitly addressed the question of what

to do if it is not successful. There should be a back-out plan that will restore the

organization to its initial situation, through reloading a baselined set of Configuration

Items.

Only by considering what remediation options are available before instigating a change,

and by establishing that the remediation is viable, can the risk of the proposed change

be determined and the appropriate actions taken.

8. The change is reviewed

On completion of the change, the results should be reported for evaluation to those

responsible for managing changes, and then presented as a completed change for

stakeholder agreement. Major changes will require more customer and stakeholder

input throughout the entire process.

The review should confirm that the change has met the defined objectives, the initiator

and stakeholders are happy with the results and there have been no unexpected side-

effects. Lessons learned should be embedded into future changes as part of

continuous improvement. This includes whether the request should be developed as a

standard change or whether another Change Model is more appropriate for future

management of similar requests.


158

Two types of reviews are performed for normal changes:

The review of a service change – immediately visible to the customer and

scheduled for discussion at the next service level management review meeting

An infrastructure change – concerned with how IT delivers rather that what IT

delivers, which will be (almost) invisible to the customer.

Change Management must review new or changed services after a predefined period

has elapsed. This process will involve Change Advisory Board (CAB) members, since

change reviews are a standard CAB agenda item. When a change has not achieved

its objectives, Change Management (or CAB) will decide what follow-up action is

required.

9. The change is closed

If the change review was satisfactory or the original change is abandoned (e.g. the

needs for the change is decreased or disappears) the RFC should be formally closed in

the logging system. These records will be kept for a period of time based on business,

compliance, archiving or other policy requirements that have been defined.

18.6.1 Change Management and SaaS

Change Management is one of the most important processes for a SaaS provider. All

changes must be managed with a global audience in mind.

For example, a supplier based in Europe might roll out their changes and releases over

night, not taking into consideration that overnight in Europe is during business hours in

Australia. During the Change Management process, client representatives should be

consulted to assess the risk to service continuity when the change is going ahead.

The Change Management process doesn‟t only cover changes to the source code of

the application, but also to critical documents like SLAs, Disaster Recovery Plans, and

the Service Catalogue. The process also covers changes to the delivery process as

this may impact the user experience.

With implementing Change Management, experience shows that it is important to put

a lot of emphasis on the early stages of the process – the information gathering and

decision making part of the process. Once the authorization criteria are crystal clear

and the early stages of the processes flow, attention can move towards the

coordination role of the process and the improved interaction with Release and

Deployment Management, Evaluation and Knowledge Management.


159

These processes together will ultimately deliver a positive experience for the clients

and end-users and encourage positive feedback. This supports the viral marketing

efforts which most SaaS providers utilize... and ultimately benefits the entire company!

18.6.2 Change Management and Web Applications

The purpose of change management is to ensure standardized methods and

procedures are used to handle changes effectively and efficiently. A change is defined

as any event that results in a new status of one or more configuration items. Change

Management is focused on:

Minimal disruption of services

Reduction in any activities requiring backing out of change

Efficient utilization of resources during the change.

18.7 Capacity Management

Objective: The goal of the Capacity Management process is to ensure that cost-

justifiable IT capacity in all areas of IT always exists and is matched to the current and

future agreed needs of the business, in a timely manner.

Capacity Management is an extremely technical, complex and demanding process, and

in order to achieve results, it requires three supporting sub-processes. One of the key

activities of Capacity Management is to produce a plan that documents the current

levels of resource utilization and service performance and, after consideration of the

Service Strategy and plans, forecasts the future requirements for new IT resources to

support the IT services that underpin the business activities. The plan should indicate

clearly any assumptions made. It should also include any recommendations quantified

in terms of resource required, cost, benefits, impact, etc.

The production and maintenance of a Capacity Plan should occur at pre-defined

intervals. It is, essentially, an investment plan and should therefore be published

annually, in line with the business or budget lifecycle, and completed before the start of

negotiations on future budgets. A quarterly re-issue of the updated plan may be

necessary to take into account changes in service plans, to report on the accuracy of

forecasts and to make or refine recommendations. This takes extra effort but, if it is

regularly updated, the Capacity Plan is more likely to be accurate and to reflect the

changing business need.


160

Business Capacity Management

This sub-process translates business needs and plans into requirements for service

and IT infrastructure, ensuring that the future business requirements for IT services are

quantified, designed, planned and implemented in a timely fashion. This can be

achieved by using the existing data on the current resource utilization by the various

services and resources to trend, forecast, model or predict future requirements. These

future requirements come from the Service Strategy and Service Portfolio detailing new

processes and service requirements, changes, improvements, and also the growth in

the existing services.

Service Capacity Management

The focus of this sub-process is the management, control and prediction of the end-to-

end performance and capacity of the live, operational IT service usage and workloads.

It ensures that the performance of all services, as detailed in the service targets within

SLAs and SLRs, is monitored and measured, and the collected data is recorded and

analyzed and reported. Wherever necessary, proactive and reactive action should be

instigated, to ensure that the performance of all services meets their agreed business

targets. This is performed by staff with knowledge of all the areas of technology used in

the delivery of end-to-end service, and often involves seeking advice from the

specialists involved in Component Capacity Management. Wherever possible,

automated thresholds should be used to manage all operational services, to ensure

that situations where service targets are breached or threatened are rapidly identified

and cost-effective actions to reduce or avoid their potential impact implemented.

Component Capacity Management

The focus in this sub-process is the management, control and prediction of the

performance, utilization and capacity of individual IT technology components. It

ensures that all components within the IT infrastructure that have finite resource are

monitored and measured, and that the collected data is recorded, analyzed and

reported. Again, wherever possible, automated thresholds should be implemented to

manage all components, to ensure that situations where service targets are breached

or threatened by component usage or performance are rapidly identified, and cost-

effective actions to reduce or avoid their potential impact are implemented.


161

Capacity Management sub-processes diagram

18.7.1 Capacity Management and SaaS

This process can make or break a SaaS organization. When a business doesn‟t

proactively forecast and manage the capacity requirements for a software service, it will

run the risk that customers will be unhappy with the services. The program might be too

slow, time out, or drop out.

Especially when dealing with a global client base, load balancing needs to take place

over a 24 hour period, as there is no downtime. Also when internal organizations use

the evening and night for batch processing, clients are using the system 24 hours per

day.


162

The connection between Demand Management – where the client demand is managed

at a strategic level – and Capacity Management is very important. Regular meetings

with the sales and customer teams need to be held to identify where the capacity

demand will come from and what the absolute need is going to be.

Your capacity planning should include the capacity needs for the disaster recovery site.

18.7.2 Capacity Management and Web Applications

For ensuring that resources are properly optimized and provisioned according to the

organization‟s requirements in a manner that provide a high level of performance and is

cost-effective, the process of Capacity Management is used. The high level activities

define how applications are sized, workloads are managed, capacity is planned, and

resources are managed, as well as performance.

18.8 Availability Management

Objectives: The goal of Availability Management process is to ensure that the level of

service availability delivered in all services is matched to or exceeds the current and

future agreed needs of the business, in a cost-effective manner.

The Availability Management process is continually trying to ensure that all operational

services meet their agreed availability targets, and that new or changed services are

designed appropriately to meet their intended targets, without compromising the

performance of existing services. In order to achieve this, Availability Management

should perform the reactive and proactive activities.

The reactive activities of Availability Management consist of monitoring, measuring,

analyzing, reporting and reviewing all aspects of component and service availability.

This is to ensure that all agreed service targets are measured and achieved. Wherever

deviations or breaches are detected, these are investigated and remedial action

instigated. Most of these activities are conducted within the Operations stage of the

lifecycle and are linked into the monitoring and control activities, Event and Incident

Management processes.

The proactive activities consist of producing recommendations, plans and documents

on design guidelines and criteria for new and changed services, and the continual

improvement of service and reduction of risk in existing services wherever it can be

cost-justified. These are key aspects to be considered within Service Design activities.


163

An effective Availability Management process, consisting of both the reactive and

proactive activities, can make a big difference and will be recognized as such by the

business, if the deployment of Availability Management within an IT organization has a

strong emphasis on the needs of the business and customers. To reinforce this

emphasis, there are several guiding principles that should underpin the Availability

Management process and its focus:

Service availability is at the core of customer satisfaction and business success:

there is a direct correlation in most organizations between the service availability

and customer and user satisfaction, where poor service performance is defined

as being unavailable.

Recognizing that when services fail, it is still possible to achieve business,

customer and user satisfaction and recognition: the way a service provider

reacts in a failure situation has a major influence on customer and user

perception and expectation.

Improving availability can only begin after understanding how the IT services

support the operation of the business.

Service availability is only as good as the weakest link on the chain: it can be

greatly increased by the elimination of Single Points of Failure (SPoFs) or an

unreliable or weak component.

Availability is not just a reactive process; the more proactive the process, the

better service availability will be. Availability should not purely react to service

and component failure. The more events and failures are predicted, pre-empted

and prevented, the higher the level of service availability.

It is cheaper to design the right level of service availability into a service from the

start rather than try and „bolt it on‟ subsequently. Adding resilience into a service

or component is invariably more expensive than designing it in from the start.

Also, once a service gets a name for unreliability, it becomes very difficult to

change the image. Resilience is a key consideration if ITSCM, and this should

be considered at the same time.

The scope of Availability Management covers the design, implementation,

measurement and management of IT service and infrastructure availability.

The Availability Management process has two key elements:

1. Reactive activities: the reactive aspect of Availability Management involves the

monitoring, measuring, analysis and management of all events, incidents and

problems involving unavailability. These activities are principally involved with

within operational roles.

2. Proactive activities: the proactive activities of Availability Management involve

the proactive planning, design and improvement of availability. These activities

are principally involved within design and planning roles.


164

The Availability Management process diagram

18.8.1 Availability Management and SaaS

When somebody purchases SaaS services, there is the unwritten expectation that the

software will be available 24x7. Most SaaS organizations don‟t proactively market or

communicate realistic availability targets or achievements.

Use this process for the clarification of definitions, terminology and understanding.

Make sure everybody is „on the same page‟ when it comes to Availability Management.

Where does a business‟ accountability stop, and where does the ISP take over? With

SaaS a business is always at the mercy of an Internet connection... in some countries

this is very reliable, in others it is not!


165

As discussed with Information Security Management, the security policies are within

the process of Availability Management. This is when security boundaries and limits are

created. How can ID/password policies be implemented in such a way that customers

feel that a business is doing the right thing?

What redundancy policies are in place? Especially when dealing with a virtualization

model, fail-over systems may need to be considered.

It is never acceptable to lose a customer‟s data, and this scenario needs to be covered

in your SLAs or OLAs that are in place to safeguard agreements and promises made to

customers.

The required reliability and resilience of a business‟ technical infrastructure must be

considered, as well as the quality of the internal (maintenance) processes and

qualifications / skill levels of IT staff members.

All of these components work towards high levels of availability in a complex SaaS

environment.

18.8.2 Availability Management and Web Applications

Availability Management is concerned with the delivery of the highest level of systems

availability at a justifiable cost. In particular, the process attempts to ensure that an IT

component performs at a specific level over a period of time as agreed between

customer and supplier. To maintain availability, the IT department needs to monitor the

following points:

Reliability – how well does the component function under normal and described

conditions?

Maintainability – how well can the component remain in or be restored to its

operational state?

Serviceability – how well can a component be maintained by an external supplier

under a third party contract?

Resilience – how well can the component resist operational failure?

Security – how well can the component maintain confidentiality, integrity, and

availability?

19 Using the Web to Promote ITIL

The technology of the web is very conducive for implementing and monitoring the

disciplines of ITIL. Three types of applications can be built to support the processes:

Monitoring


166

Workflow

Documentation Libraries.

ITIL is a standard which manages the IT environment effectively and efficiently. Being

evaluated for ITIL compliance adds a certain assurance that the disciplines will be

properly implemented. As a standard, some guarantees are in place. The first

guarantee is that data is available to show how the different aspects of the IT solution

are working to meet the service requirements placed on them. The second guarantee

is that the processes and its components are clearly defined, including roles and

responsibilities and cross process relationships. The third guarantee is that the

required databases are in place to support the IT service. These guarantees all

mention the existence of the components that make up the requirement framework for

effective ITIL implementation, but their existence does not guarantee that the

components are being used effectively.

Fortunately, with these guarantees in place, the foundation for creating a web

application around ITIL is also in place. The first type of application possible is

monitoring the services required by the customer. One of the web technologies for

applications is the mashup. With this technology, three possibilities can be fulfilled: the

ability to monitor two or more distinct functions in parallel; the ability to combine the

data for two or more distinct functions together to do trend analysis, for instance,

combining measurements for availability and capacity to identify the relationship

between the two; and the ability to combine the data of two of more distinct functions in

a cause and effect relationship, for instance the number of changes that are the result

of problems.

The advantage of the mashup for monitoring the IT infrastructure lies in the user

interface. In mashups, the user defines what they want to see in the interface and,

ultimately, the interface can be different for each user. This promotes supporting the

diverse responsibilities in business. For instance, a system administrator will want to

see more detail in what they are monitoring than the overview statistics appropriate to

an executive manager. It the same comparison, the system administrator is wants to

map data to ensure that the operation is intact, while the executive is looking to map

the data to finances. For each user, how the information is interpreted is just as

important as having the information available and the ability to build their own interface

only serves to have the data interpreted in the desire way.

Additionally, if the mashup component that allows the data to be interpreted in the

desired way does not exist, the development of such a component is made simpler

using web technologies. Even if the system from which the data is retrieved is a

traditional non-web implementation, the technologies of the web hold the keys for

tapping into these applications and retrieving the data necessary for monitoring. And


167

the web technologies do not stop there. If they can be used to retrieve information,

they can also be used to enter information into the system. One of the problems faced

in any IT organization is the diverse range of applications in place to ensure that

operations are maintained.

These applications are diverse in the languages they use, their handling of data, and

their functional purposes. Previously, to have two or more of these applications

communicating with each other required a bridge that was extensively developed and

acted as a third application. Web development can create this bridge as an add-on to

both applications or even all applications used within the environment. In creating

these “bridges,” the possibility of creating applications that contribute to workflow

management is realized.

Workflow management specifically focuses on moving work through several processes

and in doing so identifying bottlenecks for work and improvements to the support

infrastructure or processes. For IT support, workflow opportunities are everywhere.

For instance, when an incident happens, a “ticket” is created and routed to the first

level of support. If a resolution cannot be applied at this level, the ticket is routed to the

next level of support. This routing usually involves moving the ticket from one support

team's queue to the next. Depending on the context of the incident and its severity,

further notification may be required. Furthermore, if the incident is caused by a known

error, the resolution may be attached to the ticket for purposes of understanding how

often a particular resolution is utilized.

If the incident is not caused by a known error, then the resolution or workaround will be

placed in the ticket when it is found, allowing the database holding all known errors and

resolutions to be populated with the new information. But the workflow doesn't

necessarily end at this point. If an incident is unresolved, it is now taken over by the

problem management process where the problem is diagnosed and a resolution sought

out. Once a resolution is found, the change management process is now initiated to

implement the resolution accordingly. Since all changes are essentially changes to one

or more configuration items, the configuration management process is not evoked to

complete the change. The work can continue depending on the impact of the problem

and resolution, but this short description will suffice. Essentially, a single ticket can

move through the incident management, the problem management, the change

management, and the configuration processes. Unfortunately since the processes are

different, the likelihood exists that the databases supporting the processes are different

and may not communicate between each other. Using web technologies, a ticket can

be created, and based on sufficient checkpoints, be automatically routed through the

processes, updating the appropriate databases along the way.


168

Every ticket has specific information that can act as triggers for how it should be

handled. Severity, which describes the potential impact on the business from critical to

minor, will require that ticket be handled as a major event, even a disaster, if the

severity is considered critical. The normal processes for handling incidents are not

bypassed, but additional processes are invoked that run parallel. In a critical disruption

of service, the technical support teams are still attempting to resolve the incident and

potential problem and, at the same time, business management is attempting to

minimize the impact of the disruption. Tracking the activities of both groups may be

necessary for ensuring that everything is communicated and the results can be

analyzed at a later time. Web applications have already shown some success in build

components that allow successful collaboration.

Finally, a number of databases exist within the IT support environment with the goal of

supporting the processes. Each of these databases serves a specific purpose and is

typically assigned to a specific process. For instance, the Configuration Management

Database is assigned to the process called configuration management. Change

records are housed in a change management database that is assigned to Change

Management. Known errors are stored in their own database and assign to both the

incident management and problem management processes. These databases usually

consist of information that is similar and as such have relationships that are not usually

exploited by a service organization. Web application development can create a

solution that can assist in establishing their relationships, retrieving the information from

several databases to compile into a single record and updating the databases when

new information is created.

However, simply connecting databases and displaying the results is not the only

advantage to using the web for documentation purposes. First of all, the web has

always been a documentation-centric technology, using hyperlinks as a way to

holistically apply relationships inherent with information. With the advent of Web 2.0

technologies, the area of document management is advanced with blogs and wikis. A

combination of the two provides a method to distribute technical support information

through subscriptions and encourage obtaining technical information from every person

supporting IT. What if change management was essentially a blog with forms and the

reviewers and approvers could cater their subscriptions to allow only different types of

changes? What if the Known Error database was a wiki that fed the problem

management database and vice versa; so that resolutions would be readily available

depending on the problem description or the wiki could be updated and refined where

no resolution was found?

The benefits attributed to any web application are present with applications designed to

promote ITIL. Tapping into the collective intelligence of the entire technical support

group provides the foundation for collaboration during and in between incidents. In


169

traditional support architectures, the different levels of support are distinct and often

uncommunicative. This is typically due to the skill set difference and the organization

of the department. Tapping into the collective intelligence provides an opportunity to

not only communicate information but seek out information when knowledge is not

known or published. The objective is to create a richer set of support knowledge to

understand the application and the customer better.

19.1 IT Service Continuity Management (ITSCM)

Objective: The goal of ITSCM is to support the overall Business Continuity

Management process by ensuring that the required IT technical and service facilities

(including computer systems, networks, applications, data repositories,

telecommunications, environment, technical support and Service Desk) can be

resumed within required, and agreed, business timescales.

A lifecycle approach should be adopted to the setting up and operation of an ITSCM

process. ITSCM is a cyclic process through the lifecycle to ensure that once service

continuity and recovery plans have been developed they are kept aligned with the

Business Continuity Plans (BCPs) and business priorities.

Initiation and requirements stages are principally BCM activities. ITSCM should only be

involved in these stages to support the BCM activities and to understand the

relationship between the business processes and the impacts caused on them by loss

of IT service. As a result of these initial BIA and Risk Analysis activities, BCM should

produce a Business Continuity Strategy, and the first real ITSCM task is to produce an

ITSCM strategy that underpins the BCM strategy and its needs.

The Business Continuity Strategy should principally focus on business processes and

associated issues (e.g. business process continuity, staff continuity, buildings

continuity). Once the Business Continuity Strategy has been produced, and the role

that IT services has to provide within the strategy has been determined, an ITSCM

strategy can be produced that supports and enables the Business Continuity Strategy.

This ensures that cost-effective decisions can be made, considering all the „resources‟

to deliver a business process. Failure to do this tends to encourage ITSCM options that

are faster, more elaborate and expensive than are actually needed.

The activities to be considered during initiation depend on the extent to which continuity

facilities have been applied within the organization. Some parts of the business may

have established individual Business Continuity Plans based around manual work-

arounds, and IT may have developed continuity plans for systems perceived to be


170

critical. This is a good input to the process. However, effective ITSCM depends on

supporting critical business functions. The only way of implementing effective ITSCM is

through the identification of critical business processes and the analysis and

coordination of the required technology and supporting IT services.

The situation may be even more complicated in outsourcing situations where an ITSCM

process within an external service provider or outsourcer organization has to meet the

needs not only of the customer‟s BCM process and strategy, but also of the

outsourcer‟s own BCM process and strategy. These needs may be in conflict of with

one another, or may conflict with the BCM needs of one of the other outsourcing

organization‟s customers.

However, in many organizations BCM is absent or has very little focus, and often

ITSCM is required to fulfill many of the requirements and activities of BCM. The rest of

this section has assumed that ITSCM has had to perform many of the activities

required by BCM. Where a BCM process is established with Business Continuity

Strategies and Plans in place, these documents should provide the focus and drive for

establishing ITSCM.

IT Service Management diagram

19.1.1 IT Service Continuity Management and SaaS


171

In theory everybody understands that there are situations that are unusual and out of a

business‟ control. However, when these situations take place, your customers are not

as understanding as they could be. And that‟s their right. They subscribe to a business‟

software services because they trust that it‟s doing the right things. They don‟t want to

carry the cost and risk of managing & operating the software in-house – that‟s why they

pay the premium for the service. But this doesn‟t mean that they will accept everything!

SaaS clients are usually locked into a „pay as you go‟ contract or another relatively

short-term contract. So when the service is below par, it is easy for them to go

elsewhere.

This needs to be considered when designing and implementing the ITSCM processes,

plans and policies.

And don‟t forget that communication steps need to be built into the process. The client

is often the first to find out that something is wrong, so they must be given the courtesy

of proactive communication to let them know what is happening and how long it is

going to repair. The only way this can be achieved is by testing the procedures on a

regular basis.


172

20 Applying Cloud Computing to Project

Management

20.1 Benefiting from Cloud Computing

The benefits of cloud computing include quicker implementations and lower costs while

providing greater scalability, adaptability, and reliability to the environment. Especially

in terms of web applications, a solution can be available at any time, in any location, by

any person. As use of the application increases or decreases, the cloud solution

adjusts accordingly.

The previous pages attempted to show the benefits of project management applied to

cloud computing. The following pages will explore the benefits of cloud computing to

project management. Some of the ideas explored here have solutions found within the

cloud environment, especially in Independent Software Environments (IDEs) used for

software development. Cloud computing solutions exploit a number of distinct

technologies.

Virtualization is a technique used to create an abstract rendering of a physical

component. For instance, storage volumes can be virtualized. With a virtual

volume, the storage capacity can be increased, partitioned without partitioning

the physical drive, or merging the volume with other storage devices to create a

single large volume. Virtualization allows for increased scalability, reliability, and

portability to occur.

Web 2.0 is a perspective change for how to use the web. Often referred to as a

technology, Web 2.0 provides a number of options that make web applications

just as rich as desktop applications.

Open source is a concept supporting total collaboration between developer and

user. Often attributed to application development, the concept is also applicable

to any number of solutions where user knowledge is utilized extensively to

generate the product that the user is concurrently using. The idea ultimately

encourages development in production.

Seven benefits are available to project management when adapting cloud computing

capabilities:

The ability to interlink distinct components together as a complete whole. For

instance, linking activity with cost, time, risks, quality, and resources. Many

project management solutions already do this to some extent; however, with

cloud computing the options can be expanded to include historical information,


173

feedback, and particular notes.

To support communication specifically with stakeholders requiring performance

reports, the use of subscription services allow distribution of information to have

greater potential and customizable by the stakeholders themselves.

Many aspects of project management can be present at any given time and with

an application, the possibility of an interface that allows each aspect to deliver is

highly probable with web applications.

One of the risks to project management is ensuring that all the right players are

involved in the project to ensure that everything that needs to be done on the

project has been planned. With cloud computing, participation by all parties is

possible.

The core tenet of cloud computing is the ability to focus on components as parts

of the whole allowing an individual component to be added, removed, expanded,

and reused without impact the whole.

The capabilities of the web allow portability. First of all, a web application can be

accessed anywhere, at anytime, by anyone with only a browser and a

connection to the Internet. Second, with the business logic of the application on

an Internet server, nothing is lost between multiple users.

A main drive of web applications and cloud computing is improved, richer user

experience. Improving the experience of individuals on a project will encourage

communication, productivity, and morale.

20.2 The Ease of Linking (Hyperlinks)

Looking at the construction of the web, one will see a series of documents in place,

basically organized through the URL hierarchy, and with some programming scripts to

provide some interest. Though all of these components make up an effective website

and web application, the one construct that makes the web, the web has always been

the ability to hyperlink. Hyperlinks are connections from an original page to a source

document. By clinking on a hyperlink, a user can be moved from one page to another.

By hovering over the link, information can be made available to the user. Through

searches, multiple hyperlinks can be generated on a single page based on relevancy

for users to peruse.

Hyperlinks can be used to transform basic pieces of data into rich volumes of

information by creating relationships. A database is usually found in the back end of an

application that holds data and created relationships, such as a person's name and

their job position. Using the web and hyperlinks, relationships can be expanded to

incorporate multiple databases. So in addition to a name and a job position, the

person's personal profile and the job description for the position can be connected.


174

This connection can be presented as links in a single page or the full or partial

renderings of the sources can be presented.

There are several perspectives that are prevalent in project management, each with

some level of importance to the users. But the perspectives all rely on the need to

understand the relationships with different pieces of data. Most project management

solutions handle the basic relationships, such as the relationship between activity, cost,

schedule, and resources. Some solutions even provide notes for referencing.

However with hyper linking, any document or parts of a document can be referenced

allowing risks and risk responses. Contractual terms, historical information,

procurement proposals and supplier information, quality requirements and the like can

be linked to a single activity. By having the activity show all related information

pertaining to it, all participants on the project can better understand and manage the

work expected. The greatest aspect of this solution is that the information can exist in

multiple databases and separate locations.

Even connections with existing and past projects can be made. In situations where

similar project are performed, like building a house with similar designs, connections

can be made very easily. Why make these connections? Each constructed building

can have its unique attributes: location, features, options, even contractors can be

different. Using the designs as the starting point, a construction company can identify

and compare the differences between buildings using the same design. The

opportunities available are to assist in understanding requirements, risks, and

unplanned threats to a particular project. For instance by referencing contractors

familiar with the design, a replacement contractor can be found quickly if the original

supplier is unable to do the job.

What is linked and to what extent the linkages are made is left only to the imagination

of the performing organization.

20.3 Subscribing to Success (Blogging)

Imagine compiling information into the next status report, categorizing it and posting it

out to the web. Without any extra effort, a notification of the report is sent to every

stakeholder interested in the project. Within minutes, responses to the report start to

show up in the next day, all the responses are compiled for the project team meeting to

review and answer. The situation just provided is just one of the ways blogs can assist

in project management. Blogs utilize a subscription web service to ensure that people,

who want to be informed, are. Used by many columnists, professional and amateur, on

the web, a blog is a mechanism used to post information; with logic to identify who is


175

interested in the information for a notice to be sent. The identity of interested parties

was provided by the people themselves when they “subscribed” to the blog. Since a

blog is basically a web page, the format of the report can include anything that a typical

web page can include.

Imagine again that the project is going along nicely. Coming into work early, the

computer is turned on, and waiting for you is a list of all the project activities that are

currently being performed, the ones that were completed the previous day, and the

ones that are late are highlighted. As a project manager, the list includes all the

activities of the project. As a project team member, the list includes only those which

are assigned to them or have a dependency on. The mechanism used to compile this

information from a project plan is the same used by blogs.

At the heart of the blogging feature is the RSS technology. Really Simple Syndication

(RSS) allow a person to subscribe to a web page so that when it changes, they are

notified. The technology is not attached to the webpage though, but to the link between

the user and the web page. A RSS feed allows these links to exist. Aside from

blogging, the RSS technology has made another significant contribution: permalinks,

or permanent links. With the permalink feature, users can link to other user‟s websites,

link to individual comments on a page, use “trackbacks” to other links to the page by

other others, or respond to those other links, thus creating a two-way link. In project

management, permalinks can provided a variety of associations between items. For

instance, dependencies within a project can use permalinks to make two way

associations possible, so that the project team can identify the activities and their

dependencies, both dependent upon as well as depended for.

Hyperlinks provided a way to show one way relationships between two items. RSS has

allowed two way associations to be made. The use of RSS in blogging solutions has

provided a new platform for gaining information within business. For project

management, it‟s a simple way of keeping stakeholders informed of what is going on

with the project.


176

20.4 Interfacing with the Project (Mashups)

During project management, the number of items to be monitored and controlled is

considerable. For the project manager, the concerns include:

Is the scope of the project intact? What are the current issues impacting scope?

Are we on schedule? What's late? What is about to start? What is about to

finish? What issues are impacting the schedule?

Are we in budget? Where are we about to go over? What threats are present

impacting project costs?

Who is supposed to be performing activities on the project today? Are all the

equipment and materials required available? What issues do we have against

resources?

What is the next milestone? How close are we?

When the next meeting? What information needs to be communicated?

What risks are important to monitor today?

This is just a sampling of what the project manager is looking at for the day, or the

week. And they are not alone. Though the focus of the information may be different,

the project team members and the stakeholders are looking at similar information.

Unfortunately, the information that any person is looking at is typically located in

several locations. In order to get the information, the source needs to be retrieved and

scanned to find the information.

Using a project management engine as a web application, the information from these

multiple sources can be retrieved, compiled, and presented to the user in a single

interface. The technique used to make this possible is commonly referred to as

“mashups.” They are web applications designed to allow the user to customize their

web interface to allow multiple sources of information to be presented at the same time.

With the ability to customize the interface, the user can determine what information

needs to be displayed at any given time. Each user could have a different interface to

the project, one specifically designed by them to meet their information concerns.

To allow mashups to work, the application developer simply needs to link the source of

the information to the application. Some translation may be required to build

relationships and associations, but once the information is readable and the criteria is

set for how it is read it is ready. At that point, the source becomes a component in the

list of components available for the user, like a catalogue. The developer can also

create relationships between multiple sets of data; for instance, mapping the project

plans to the risk responses to change requests. Each piece of data is found in different

sources, but is combined to show in the user's interface of the project.


177

20.5 Everyone is a Project Manager (Open Source)

One of the constraints of the tools used for project management is that they are built for

use by project managers. Though nothing is wrong in this, it does alienate other

people who are not familiar with project management needs and concerns. In some

cases, these people are simply involved to provide resources to the project.

Unfortunately, they are being asked to use these tools. And even with project

managers, one characteristic starts coming into play: the behaviors of the individual

start to change to accommodate the tool. This characteristic always becomes a

problem. Extreme adversity towards changing behaviors will result in the tool not being

used at all. Modest adversity often leads to not using it to its fullest capabilities or

incorrectly.

Though the initial focus is on a project management tool, the same characteristic can

be found inside a project. Many projects claim to fail because of lack of teamwork,

communication, and understanding. Though these reasons are valid, the more likely

source of failed projects is forced behavior changes. When an individual or group is

forced to behave contrary to their nature or experience, resistance starts to appear. If

the resistance is coming from one or two individuals on a project because they are new

to project management, concerns with project failure will not come up, though a risk

may be present. When the entire team are being asked to change their behavior, the

probability of failure increases.

An easy solution to this problem is readily available: encouraged participation in every

aspect of the project and the project management tool. The philosophy behind this

solution is “open sourcing” the project or tool. How is this done? Starting with the

project, it means making the project plan a truly living project. In many project

management situations, the individual contributions to the project plan are made and

compiled by the project manager. The organization of the project plan is completed by

the project manager and reviewed with the project team during a meeting when the

plan is distributed. Collaboration is controlled and input to the plan before, during, and

after. This is the traditional method of project planning. However, what if the project

plan is located in a central location that everyone updates? As people update,

feedback is provided on specific entries detailing requirements, dependencies, risks, or

questions. The critical components of the plan are quickly identified and agreed upon

by the team. The organization of the plan may be directed by the project manager, but

everyone has a say in its construction. And when the plan is complete, the

collaboration continues with change controls in place. Eventually, the project plan will

be complete and have a richer quality to them than available through traditional means.

And the trend of open sources has shown that the work is done in far less time than the

traditional method because the collaborative component has improved.


178

The same method can be applied to the project management tool. By allowing users to

input their needs into the project management tool, eventually a tool is available for use

by all users, not just project managers. The core of the tool or the project does not

change, but the behavior changes to match that of the project management team.

Such changes to behavior characteristics within an application required extensive

budgets to build and maintain customized applications, some of which were never fully

used by the users. In the cloud, the application is developed as it‟s being used as and

at a far less investment than traditionally required.

The underlining theme behind open sourcing is collaboration, at any time, for anything.

The theme continues during project execution. Traditionally, when a problem arises

during the performance of an activity, the performing party notifies the project manager

and the two may attempt to find a resolution. Other team members may get involved at

the request of the performing party or the project manager, but the group looking at the

problem is still restricted. In a collaborative environment, everyone has the opportunity

to be involved. In most cases, the problem will be resolved faster with a better, more

creative solution and in project management; the risks involved are minimized to the

greatest extent. Some people may claim that the old adage “too many cooks in the

kitchen...” but the truth is, in the largest, most prestigious kitchens of the world, there

are always more than one cook.

20.6 Treating the Project as Parts, not the Whole (Reuse)

With mashups, different components could be used to create a user interface. The

constructs of these components had to be designed and developed, but once done

could be used by anyone. Variables set in the components could be changed by the

user to allow for further focus on the information retrieved. With blogs and other RSS

feeds, users can identify the parts of the project that they want to be regularly informed.

The number of feeds available may reach the hundreds, but the user only wants one or

two that suit their needs. The concept of reusing predefined components is prevalent

in web design and cloud computing. It provides the development of a particular product

to be completed much quicker, at far less cost, and fewer risks.

Especially for organizations that perform projects of a similar nature repeatedly, such

as building a house, or application, or a prototype, the concept of reusing project plans

is an attractive notion. PMBOK even encourages the use of historical information and

templates to create the necessary documentation on a project. But every project is

unique, so some care has to be made to ensure that adoption of historical information

is not made blindly. This does not mean that reuse capabilities cannot be encouraged.


179

By separating a project into its core deliverables, a project can be split into

components. Each component will have its basic relationships, requirements,

dependencies, and risks defined. These interactions will exist internally to the

components as well as the external interactions identified. By having multiple

components available, a project team can identify the components that are required for

the project and add it. Changes to the component for a specific project can be noted

and used as historical data for the next project without changing the core component.

Thinking of the project as a product, the ability to reuse components provides a

cheaper, quicker product to market than recreation from scratch. By breaking projects

down into reusable components, the technique is now more scalable, flexible, and

reliable than traditional methods.

How does cloud computing support this endeavor? By using links, entire components

can be added to a project plan with the click of a mouse. In minutes, the majority of a

project can be created with all the relationships and pertinent information intact. At this

time, cloud computing solutions allow business applications to be built in a matter of

minutes using components already available. The concept is the same, using the

project as the basis for the application. Referring to the relationships is not restricted to

the relationships between information, and also the processes of project management.

The different components can include the various tools used by project management,

like a change control system, or risk response system, or project monitoring systems,

or performance reporting. Normally these systems are not interrelated. In web

applications, the business logic can stay where it exists, however the presentation layer

can show information, workflow, and indicators to be used actively by the project team

and stakeholders.

20.7 Testing the Limits (Portability)

Portability is a great advantage to any endeavor. Using the web as the basis for

building, monitoring, and executing a project, portability is automatically provided.

Using a browser and a connection to the Internet, a user can access a project from any

location in the world, at any time. In many situations, the performing party is executing

several tasks defined by a project at any given time. Many tasks, especially in

manufacturing and construction, require not being readily accessible to the project plan

to update the situation. So the performing party waits to the end of the day to update

the project plan and any related materials. This is particularly valid when the software

used to update the project plan is sitting on the computer at the office. However if the

performing party had a hand held device able to connect to the Internet like a phone,

they could make an update to the project plan on the spot.


180

The concept of portability is a simple one. More importantly are the benefits that

appear by using a web-based project management. Many project management

programs are very expensive and providing a license to every member of a project

management team may not be a cost-effective solution. Many project managers have

filled the gap by taking status updates from members and updating the plan

themselves. However, everyone typically has access to a browser allowing them to

update the plan as members of the project team. This potentially reduces the

administrative work performed by the project manager while also significantly reducing

the cost of licensing of the tools. In cloud computing solutions, the usage is typically

monitored and charged, so a company may have several full time project members with

a couple of dozen part time members. Traditionally, everyone had one full license

despite the usage. With a cloud solution, the usage of the members can be added up

and charged, so inactive members would not prove to be an additional cost to license

for the company.


181

20.8 Final Review Questions

1. Ensuring that cost-justifiable IT capacity in all areas of IT always exists and is

matched to the current and future agreed needs of the business, in a timely

manner is the goal of .

a) ITSCM

b) Financial Management

c) Capacity Management

d) Availability Management

TRUE or FALSE

2. Cloud costs are driven by processors and utilization of disk storage.

3. A Business Impact Analysis is performed during which process?

a) Capacity Management

b) IT Service Continuity Management

c) Service Level Management

d) IT Financial Management

4. Which of the following programming paradigms focuses on the management of

state changes?

a) Functional

b) Object-orient

c) Reflective

d) Imperative


182

21 Answers

Introduction Review Questions

ANSWERS

1c, 2T, 3a, 4c

Progress Review Questions

ANSWERS

1a, 2F, 3b, 4d

Final Review Questions

ANSWERS

1c, 2T, 3d, 4d


183

22 Certification

22.1 Cloud Computing Certification Pathways

IT professionals need to know a whole lot more about the various ways of delivering

services to the customers and end-users. It is no longer sufficient just to know the

differences between Windows-based or Linux-based architecture. These days, most

services will utilize some form of cloud computing, be it virtualization or SaaS offerings.

So with the change in computing and IT Service Delivery comes a whole new series of

qualifications and certification. The Cloud Computing Certification Scheme has been

created to support the IT Professional who needs to be a „niche generalist‟, especially

in a rapidly changing area like cloud computing.


184

How does the certification pathway work?

First, you need to create the foundation – The Cloud Computing Foundation

Program focuses on the fundamentals, general knowledge, terminology and BASIC

concepts used in cloud computing. This program earns you 2 points toward your Cloud

Computing Executive Level Certificate.

After this come the Cloud Computing Specialization options. The prerequisite for these

programs is that you have the Cloud Computing Foundation certificate.

We appreciate that you don‟t need to know everything about each area of the IT

organization so this is where the programs become more specialized:

Virtualization

Software as a Service and Web Applications

Platform and Storage Management

Each program in this series earns 3 points towards the Cloud Computing Executive

Certificate.

The next level is „Managing Services in the Cloud‟ and this program is specifically

aimed at Service Managers and IT Service Delivery Managers who wish to add cloud

computing as an option in their organization‟s delivery model. The program is worth 5

points.

How do I achieve my Executive level?

You must have a minimum of 16 points to achieve your executive certification. The

Foundation level, all Specialist level programs and Managing services in the cloud must

be completed in order to gain Executive level certification.

Each course provides preparation for the exam and successful candidates receive a

certificate results sheet.


185

ITIL® Certification Pathways

There are many pathway options that are available to you once you have acquired your

ITIL® Foundation Certification. Below illustrates the possible pathways that are

available to you. Currently it is intended that the highest certification is the ITIL® V3

Expert, considered to be equal to that of Diploma Status.


186

22.2 ISO/IEC 20000 Certification Pathways

ISO/IEC 20000 Standard is becoming a basic requirement for IT Service Providers and

is fast becoming the most recognized symbol of quality regarding IT Service

Management processes. ISO/IEC 20000 programs aim to assist IT professionals to

master and understand the standard and the issues relating to earning actual standard

compliance.

For more information on certification and available programs please visit our website

http://www.artofservice.com.au

http://www.artofservice.com.au/


187

23 SaaS and Web Applications Specialist Exam Tips

Exam Details

20 multiple-choice questions

The correct answer is only one of the four

30 minutes duration

16 out of 20 is a pass

Closed-book

No notes.

Practical Suggestions

Read the question CAREFULLY.

At this level of exam the obvious answer is often the correct answer (if you have

read the question carefully!!).

Beware of being misled by the preliminary text for the question.

If you think there should be another choice that would be the right answer, then

you have to choose the “most right”.

Use strategies such as “What comes first?” or “What doesn’t belong?” to help

with the more difficult questions.

Organizing your Exam

The Art of Service facilitates the SaaS and Web Applications Specialist exam. Please

contact us on +61 (7) 3252 2055 or email mail to: [email protected]

to arrange your examination.

Make sure that you prepare adequately in the lead up to your exam by reviewing your

notes, reading any available material and attempting the sample exams.

We wish you luck in your exam and future cloud computing, SaaS and Web

Applications career!

mailto:mail%20to:%[email protected]


188

24 References

SaaS

http://www.csc.com/mms/saas/en/mcs/mcs1924/index.jsp

http://networks.silicon.com/webwatch/0,39024667,39167326,00.htm

http://sqi-inc.com/ic/Glossary/SaaS#head-

da2efc9170ea2f5cf604fdd5331e00779bab4fb8

http://www.crn.com/software/18831096


http://itmanagement.earthweb.com/entdev/article.php/3729966/The+Top+Five+Vendor

s+Using+SaaS.htm

http://www.deitel.com/ResourceCenters/Web20/SoftwareasaServiceSaaS/Softwareasa

ServiceSaaSGoogleAppsPremier/tabid/1673/Default.aspx

http://www.connectria.com/saas.html

http://www.intrahost.co.uk/saas-hosting.html

http://www.microsoft.com/serviceproviders/saas/services.mspx

http://arstechnica.com/journals/microsoft.ars/2008/02/11/office-live-small-business-

gets-a-revamp-and-loses-price-tag

http://www.microsoft.com/presspass/press/2006/oct06/10-312007OfficeLivePR.mspx

http://msdn.microsoft.com/en-us/architecture/aa699384.aspx

http://ent.smallbusinessnewz.com/2008/1029.html

http://thinkitservices.blogspot.com/2008/10/securing-and-managing-saas-apps.html

http://www.redmonk.com/cote/2007/03/20/saas-it-management/

http://buildingsaas.typepad.com/blog/2006/08/software_suppor.html

http://seekingalpha.com/article/66151-the-complexities-of-selling-saas

http://www.csc.com/mms/saas/en/mcs/mcs1924/index.jsp

http://networks.silicon.com/webwatch/0,39024667,39167326,00.htm

http://sqi-inc.com/ic/Glossary/SaaS#head-da2efc9170ea2f5cf604fdd5331e00779bab4fb8

http://sqi-inc.com/ic/Glossary/SaaS#head-da2efc9170ea2f5cf604fdd5331e00779bab4fb8

http://www.crn.com/software/18831096


http://itmanagement.earthweb.com/entdev/article.php/3729966/The+Top+Five+Vendors+Using+SaaS.htm

http://itmanagement.earthweb.com/entdev/article.php/3729966/The+Top+Five+Vendors+Using+SaaS.htm

http://www.deitel.com/ResourceCenters/Web20/SoftwareasaServiceSaaS/SoftwareasaServiceSaaSGoogleAppsPremier/tabid/1673/Default.aspx

http://www.deitel.com/ResourceCenters/Web20/SoftwareasaServiceSaaS/SoftwareasaServiceSaaSGoogleAppsPremier/tabid/1673/Default.aspx

http://www.connectria.com/saas.html

http://www.intrahost.co.uk/saas-hosting.html

http://www.microsoft.com/serviceproviders/saas/services.mspx

http://arstechnica.com/journals/microsoft.ars/2008/02/11/office-live-small-business-gets-a-revamp-and-loses-price-tag

http://arstechnica.com/journals/microsoft.ars/2008/02/11/office-live-small-business-gets-a-revamp-and-loses-price-tag

http://www.microsoft.com/presspass/press/2006/oct06/10-312007OfficeLivePR.mspx

http://msdn.microsoft.com/en-us/architecture/aa699384.aspx

http://ent.smallbusinessnewz.com/2008/1029.html

http://thinkitservices.blogspot.com/2008/10/securing-and-managing-saas-apps.html

http://www.redmonk.com/cote/2007/03/20/saas-it-management/

http://buildingsaas.typepad.com/blog/2006/08/software_suppor.html

http://seekingalpha.com/article/66151-the-complexities-of-selling-saas


189

http://searchcio-midmarket.techtarget.com/tip/0,,sid183_gci1318991,00.html#

http://articles.bplans.com/index.php/business-articles/starting-a-business/top-10-tips-to-

know-before-you-buy-software-as-a-service-or-saas/244

http://www.extranetevolution.com/extranet_evolution/2008/10/a-saas-code-of-

conduct.html

http://www.worldtrademag.com/Articles/Software_and_Technology/BNP_GUID_9-5-

2006_A_10000000000000327137

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=

9042620

http://www.aspnews.com/news/weekly/article.php/3693571

http://www.saasblogs.com/2007/10/16/saas-101-the-drawbacks/

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=

9117322

http://wsuccess.typepad.com/webinarblog/2006/09/the_problem_wit.html

http://blogs.technet.com/matt_deacon/archive/2007/02/06/2-saas-licensing.aspx

http://msdn.microsoft.com/en-us/library/aa905332.aspx

http://en.wikipedia.org/wiki/Wiki (Various pages)

Web Applications

Group, Butler. Rich Web Applications: the business benefits of Web-enabled

application development. Software World: November 2007.

http://www.entrepreneur.com/tradejournals/article/172560689.html

Winer, Dave. What is a Web Application? March 12, 2000.

http://www.scripting.com/davenet/2000/03/12/whatIsAWebApplication.html

Indiana University Information Technology Services. What is the Internet?

http://kb.iu.edu/data/aasa.html.

O'Reilly, Tim. What is Web 2.0?: Design Patterns and Business Models for the Next

Generation of the Software. September 30, 2005.

http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html?page=1

http://searchcio-midmarket.techtarget.com/tip/0,,sid183_gci1318991,00.html

http://articles.bplans.com/index.php/business-articles/starting-a-business/top-10-tips-to-know-before-you-buy-software-as-a-service-or-saas/244

http://articles.bplans.com/index.php/business-articles/starting-a-business/top-10-tips-to-know-before-you-buy-software-as-a-service-or-saas/244

http://www.extranetevolution.com/extranet_evolution/2008/10/a-saas-code-of-conduct.html

http://www.extranetevolution.com/extranet_evolution/2008/10/a-saas-code-of-conduct.html

http://www.worldtrademag.com/Articles/Software_and_Technology/BNP_GUID_9-5-2006_A_10000000000000327137

http://www.worldtrademag.com/Articles/Software_and_Technology/BNP_GUID_9-5-2006_A_10000000000000327137

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9042620


http://www.aspnews.com/news/weekly/article.php/3693571

http://www.saasblogs.com/2007/10/16/saas-101-the-drawbacks/



http://wsuccess.typepad.com/webinarblog/2006/09/the_problem_wit.html

http://blogs.technet.com/matt_deacon/archive/2007/02/06/2-saas-licensing.aspx

http://msdn.microsoft.com/en-us/library/aa905332.aspx

http://en.wikipedia.org/wiki/Wiki

http://www.entrepreneur.com/tradejournals/article/172560689.html

http://www.scripting.com/davenet/2000/03/12/whatIsAWebApplication.html

http://kb.iu.edu/data/aasa.html

http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html?page=1


190

Porter, Joshua. UIConf: Web Application Types: Interview, Hub & Spoke, Hybrid.

http://bokardo.com/archives/uiconf-web-application-types/

Perfetti, Christine. Deconstructing Web Applications. August 11, 2005; User Interface

Engineering. http://www.uie.com/articles/deconstructing_web_applications/

Adamson, Chris. What is Java ? March, 08, 2006.

http://www.onjava.com/pub/a/onjava/2006/03/08/what-is-java.html?page=1

Proto. Mashups: Understanding Mashup Building Platforms for Business Applications.

June 2007. www.protosw.com/static/pdf/proto-mashup-whitepaper.pdf

JackBe Corporation. Introduction to Enterprise Mashups. June 2007.

http://www.jackbe.com/downloads/An%20Introduction%20to%20Enterprise%20Mashups.pdf

wiseGeek. What is a Web Application Framework? http://www.wisegeek.com/what-is-a-

web-application-framework.htm

Smith, Michael. What is ColdFusion? http://www.fusionauthority.com/cfintro.cfm

Glover, Andrew. Feeling Groovy: Introducing a new standard language for the Java

platform. http://www-128.ibm.com/developerworks/java/library/j-alj08034.html

Collins, Chris. Adapting ITIL to Distributed Web Applications. December 6, 2007.

http://ccollins.wordpress.com/2007/12/06/adapting-itil-to-distributed-web-applications/

Wily Technology. How to Adapt ITIL to Distributed Web Applications. May 1, 2006.

http://securitypark.bitpipe.com/detail/RES/1154707956_630.html

Wikipedia. Packet Switching. http://en.wikipedia.org/wiki/Packet_switching

Wikipedia. Web Application Framework.

http://en.wikipedia.org/wiki/Web_application_framework

Wikipedia. ARPANET. http://en.wikipedia.org/wiki/ARPANET

Wikipedia. Network Control Program.

http://en.wikipedia.org/wiki/Network_Control_Program

Wikipedia. Space Race. http://en.wikipedia.org/wiki/Space_Race

http://bokardo.com/archives/uiconf-web-application-types/

http://www.uie.com/articles/deconstructing_web_applications/

http://www.onjava.com/pub/a/onjava/2006/03/08/what-is-java.html?page=1

http://www.jackbe.com/downloads/An%20Introduction%20to%20Enterprise%20Mashups.pdf

http://www.wisegeek.com/what-is-a-web-application-framework.htm

http://www.wisegeek.com/what-is-a-web-application-framework.htm

http://www.fusionauthority.com/cfintro.cfm

http://www-128.ibm.com/developerworks/java/library/j-alj08034.html

http://ccollins.wordpress.com/2007/12/06/adapting-itil-to-distributed-web-applications/

http://en.wikipedia.org/wiki/Packet_switching

http://en.wikipedia.org/wiki/ARPANET

http://en.wikipedia.org/wiki/Network_Control_Program

http://en.wikipedia.org/wiki/Space_Race


191

Wikipedia. CSNET. http://en.wikipedia.org/wiki/CSNET

Wikipedia. NSFNET. http://en.wikipedia.org/wiki/NSFNET

Wikipedia. CERN. http://en.wikipedia.org/wiki/CERN

Wikipedia. Hypertext. http://en.wikipedia.org/wiki/Hypertext

Wikipedia. World Wide Web. http://en.wikipedia.org/wiki/World_Wide_Web

Wikipedia. Dot-com bubble. http://en.wikipedia.org/wiki/Dot-com_bubble

Wikipedia. Web 2.0. http://en.wikipedia.org/wiki/Web_2.0

Wikipedia. Web Application. http://en.wikipedia.org/wiki/Web_application

Wikipedia. AJAX. http://en.wikipedia.org/wiki/AJAX

Wikipedia. ITIL. http://en.wikipedia.org/wiki/ITIL

http://en.wikipedia.org/wiki/CSNET

http://en.wikipedia.org/wiki/NSFNET

http://en.wikipedia.org/wiki/CERN

http://en.wikipedia.org/wiki/Hypertext

http://en.wikipedia.org/wiki/World_Wide_Web

http://en.wikipedia.org/wiki/Dot-com_bubble

http://en.wikipedia.org/wiki/Web_2.0

http://en.wikipedia.org/wiki/Web_application

http://en.wikipedia.org/wiki/AJAX

http://en.wikipedia.org/wiki/ITIL


192

INDEX*

66151-the-complexities-of-selling-saas 186 A access SaaS 85 Accomplish SaaS 58 account 2, 4, 50-1, 72-3, 79, 128, 136 desktop-based 51

accountability 129 Acrobat Connect and Adobe Document Centre Applications 36 ActionScript 110 activities, proactive 160-1 Adapt ITIL to Distributed Web Applications 188 Adapting ITIL to Distributed Web Applications 188 add-ons 14, 53, 73, 113, 136, 165

adManager 7, 54

Adobe 36, 112 Advanced Research Projects Agency (ARPA) 86 Ajax 8, 40-1, 45, 48, 57, 91, 102, 108, 127, 189 Ajax applications 40, 108 Ajax-based web application 50

Ajax engine 108 Ajax paradigm 108 AJAX technologies 102 allocations 35 Amazon 2, 94, 97-8 ANSI 113 answer, correct 185

Apache 21, 23, 95 APIs 105-6, 116 Apple 101-2 applets 102, 105, 115 application code 113, 140

running core 26 application components 136

application data 25-6 other‟s 44 application database 44 application developer 107, 174 application development 85, 170 rapid 118

application engine 107 Application Host 21 application load 112 application servers 22, 83 application service 46 website creation 46 Application Service Providers 21, 27-8, 40

applications 15-16, 21-2, 25, 27-9, 43-5, 47-8, 85, 90-3, 97-108, 111-13, 115-17, 125-6, 163-7, 170-1, 176-7, 188-9 [17]

beta 46-7

building 111 client‟s 27 common 96 customer relations 15

customized 176 default Google Doc 46 demand 40 desktop-based 49


193

developing 108 efficient run-time 113

enterprise scale 103 expensive 39

financial 152 graphical 117 highest risk 129 install 17 integrated 22 interview 104 iTunes 102

legacy 100 local backup 25 manages 43 mathematically-based 120 multiple 85, 105 new 114

non-web 91 open source 21

popular 36, 38, 90 presentation 46 resident 85 robust 103 server 86

server-based 125 share 49 spreadsheet 46 subscription-based 55 third 165 traditional 93 traditional client/server 112

web-based interactive 40 web-based mapping 47 word processing 55 word processor 46 Communication 90 applications service 49

ARPA (Advanced Research Projects Agency) 86 ARPAnet 86-7 Art of Service 3, 185 ASP software applications 28 ASP software delivery model 27-8 ASP software services 29 ASP.NET 9, 111

ASP.NET applications 112 ASPs 6, 21, 27-9, 40, 57, 127 aspx 186-7 assemblies 101, 113, 138 assessment 152-4 associations 94-5, 173-4 attributes 122, 128

authorization 151, 153-4 automated process 45, 68 availability 18, 41, 60, 67, 100, 126, 131, 141, 144-5, 155, 161, 163-4

Availability Management 11, 160-3, 179 Availability Management and SaaS 11, 162 Availability Management and Web Applications 11, 163

Availability Management process 160-1, 163 Axentis 6, 36-7, 56 B bandwidth 17-18, 44, 74, 79, 107


194

Banking 137 BCM 167-8

BCM activities 167-8 BCM process 168

customer‟s 168 BCPs (Business Continuity Plans) 167 belief 99 benefits 2, 10, 13, 16-17, 25-32, 41-3, 45, 58-61, 77, 79, 96, 125, 136, 140-1, 157, 170 [8] Benefits for Web Applications 125 Benefits of SaaS 30 BENEFITS of SAAS 6

Berners-Lee 89, 94 beta 37, 47 BIA (Business Impact Analysis) 128-9, 179 blogging 8, 11, 50, 96-7, 172-3 blogosphere 96-7 blogs 50, 93, 96-7, 166, 172-3, 176

boards 131-2, 153 board business executive 152

Bowker 98 Brazil 116 bridge 88, 165 browser 4-5, 86, 89, 91-2, 101, 104, 126, 171, 177-8 budget 6, 30-2, 54, 71, 74, 78, 83, 157, 174, 176

bugs 76, 94 building 47, 64, 91, 172, 176-7 business activities 145, 157 everyday 54 business applications 177, 188 based 51 business benefits 187

business can‟t 139 Business Capacity Management 158 business cases 152 business change 136 Business Continuity Management process 167 Business Continuity Plans (BCPs) 167

Business Continuity Strategies and Plans 168 Business Continuity Strategy 167 business core service 53 business culture 130 business disruption 135 business doesn‟t 69, 159 business environment 59

Business Executive Board 153 business faces 64, 83 business functions 168 business goals Improving consistency 136 business hours 67, 156 business hours‟ 67-8 business impact, potential 146

Business Impact Analysis, see BIA business infrastructure 64 business installs software 32

business Internet connection 74 business logic 171, 177 business management 152, 166

executive 132 business models 43, 92-3, 99, 101, 187 traditional 56 traditional based 56 business network 125


195

business objectives 132-3 business objects 107

business operations 144 business organization 125

business priorities 145, 167 real-time 145 business process continuity 167 business processes 15, 30, 58, 131-2, 139, 149, 167-8 core 32 business purchases 81 business registers 52

business-related data 61 business-related processes 32, 43, 45, 66 business requirements 158 business risk 149 business sales 85 business sectors 122

business security 131-2 business sites 59, 67

separated 66 business solution 51-2 business success 161 business targets 158 business terms 130

business timescales 167 business website 53 business-wide access credentials 82 businesses 6-7, 17-19, 21-2, 25-7, 29-33, 39-43, 51-4, 56-83, 97-9, 101, 125-6, 128-35, 144-5,

147-9, 156-8, 160-4 [9] changing 157 context of 131

example 76 most 26-7, 61, 76 offline-based 54 save 31 sized 43 small 51-4, 100

unique 56 web-based 56 businesses access 6, 32 businesses headquarters 75 businesses lose 77 businesses peace 76 businesses purchase 81

businesses‟ privacy 61 business‟ 83, 163 business‟ accountability stop 162 business‟s data 26 business‟s work stops 65 bytecodes 114-15

C CAB (Change Advisory Board) 151-3, 156 calendar 50

calendar applications 37, 55-6 calendaring 85, 98 California 36-9

capabilities 102, 142, 145, 147, 171 capacity 85, 106, 117, 146, 157-8, 160, 164, 179 Capacity Management 11, 146, 157, 160, 179 Capacity Management and SaaS 11, 159 Capacity Management and Web Applications 11, 160


196

Capacity Management process 157, 160 capacity plan 153, 157

catalogue 2, 174 Categories of SaaS SaaS and Web Applications Specialist 14

centre 93-4, 96 CERN 87-8, 118, 189 certification 12, 181, 184 certification kits 3-4 Certification Pathways 12, 183-4 CFML (ColdFusion Markup Language) 112 Change Advisory Board, see CAB

change authority 151, 153 Change Management 10, 135, 148, 151-2, 154-7, 165-6 Change Management and SaaS 10, 156 Change Management and Web Applications 10, 157 Change Management process 148-50, 156, 165 Change Manager 153-4

Change Models 150, 152, 155 change proposal 151-2

Change Schedule 154 charge 24, 44, 49, 52-3, 62, 72-3, 75 Chris 188 CI, see Configuration Item CIs (configuration items) 149, 155, 157, 165

classification 94, 151-2 clauses 62, 67-8, 71, 73, 82 agreement 67-8 clients 16-20, 27-8, 30-2, 38-9, 42, 44, 54, 56, 62, 70-3, 77-81, 83, 89-90, 129-30, 134, 139 [7] service provider‟s 29 software vendor‟s 41 client‟s 28

client‟s business hours 68 client‟s data 62, 65, 69, 76 CLOS (Common Lisp Object System) 113 cloud 34, 170, 176, 182 cloud computing 3, 6, 11, 34-5, 86, 91, 98, 100, 127, 170-1, 176, 181-2, 185 benefits of 170

cloud computing solutions 177-8 CLR (Common Language Runtime) 111 CMS (Configuration Management System) 135, 143, 149, 151 code 52, 85, 107, 111, 114-15, 117, 120 native 114-15 programming 85, 111 ColdFusion 112-13, 188

ColdFusion Markup Language (CFML) 112 collaboration 66, 90, 95, 166, 175-6 collective intelligence 8, 92, 94-5, 97, 166-7 product of 95 Columbus 92 command 187 commodities 92-3

Common Language Runtime (CLR) 111 Common Lisp 9, 113 Common Lisp Object System (CLOS) 113

communication 86-7, 90, 96, 104, 125, 131, 139-40, 171, 175 communications software service offerings 38 communities 95, 97

companies 6, 13, 15, 20, 36, 38-40, 42-3, 51, 54-6, 66, 86, 90-1, 93-5, 97-9, 101-3, 178 [4] software-related 36 company‟s 128-9 competencies 92-3, 99 competition 38, 97-8


197

complementing 25 complexity 100, 136, 148, 152

compliance 37, 132-3, 156 Component Capacity Management 158

components 93, 106, 130, 137-8, 153, 158, 160-1, 163-4, 166, 171, 174-7 components work 144, 163 compromise 25-6, 75 computers 57, 86, 90, 94, 101, 119, 122, 173, 177 personal 102 single 35 computing 34-5, 40, 85, 181

grid 6, 21, 35 impacted business 125 concept 17, 25, 86-7, 89-93, 96, 100, 104, 110-11, 120, 122, 128, 143, 170, 176-8 Conclusion to Web Applications Frameworks 120 conditions 15, 18, 70-2, 75, 77, 81, 97, 108 normal 147

confidentiality 100, 106, 131, 163 Configuration Item (CI) 149, 155, 157, 165

configuration items (CIs) 149, 155, 157, 165 Configuration Management System, see CMS Configuration of applications 107 configurations 64, 107, 143 configure 60, 64, 74

conflict 44, 146, 168 conformities 123 conjunction 48, 135-6, 150 connect 26, 62, 85, 87-8, 102, 112, 125, 177 connections 20, 82, 87-8, 94, 126, 160, 171-2, 177 connectivity, direct 81 consequences 32, 67-8, 141, 154

consider 7-8, 42-3, 58-9, 66, 68-9, 74, 83, 148, 154 constraints, service delivery 141 construction 100-1, 171, 175, 177 consumers 15-16, 18-20 contact 5, 21, 37, 79, 108, 145, 147, 185 contact information 52

contact manager 7, 52, 54, 56 content 23, 47, 92-4, 96, 108, 111-12, 122, 134 content software service offerings 38 context 94, 142, 165 continuous improvement 99-100, 155 contracts 8, 62-3, 67, 71, 74, 76, 81-2, 133, 139 solid Service Level Agreement 77

contributions 93, 96, 98, 173, 175 control 16, 19-20, 34, 74-7, 82-3, 94, 99-102, 110, 112, 116, 126-7, 132-3, 148, 152, 158, 188 business‟ 169 copies‟ 21 Corporate-sponsored web services 100 cost-effective actions 158 costs 27-8, 30, 42, 56, 59-62, 70, 72-3, 75, 78-9, 82, 123, 128, 140, 154, 169-70, 178 [4]

exit 74-5 extra 30, 32 hidden 30, 32, 62, 72-3

countries 87, 116, 162 Creating applications in ColdFusion 112 creation 87, 92-3, 96, 106, 114, 122

creator 119 credits 23, 71-2 CRM (customer relationship management) 21, 38-9, 103 CRM software services 39 CRM software services and CRM 21


198

CSNET 87, 188 customer group 54, 144

customer relationship management, see CRM customers 15, 21, 23-4, 38-9, 41-2, 52-4, 56-8, 60-1, 93, 108-9, 135-6, 139-41, 144, 154-6, 161,

163-4 [17] potential 51, 70 customer‟s business operation xf0b7 Effect 153 customizability 26, 60, 74 customize 26, 50, 53, 174 D

DARPA (Defense Advanced Research Projects Agency) 89 data, collected 158 Data, Information, Knowledge, Wisdom (DIKW) 142 data centers 27-8, 33, 43, 58, 62, 65, 69, 134 Data-Entry Language (DEL) 116 data interchange 24, 108

data management 93 data services 70

data types 110, 122 databases 21, 88, 97-8, 106-7, 112, 125, 131, 143, 165-6, 171 multiple 171-2 days, early 85 Deconstructing Web Applications 188

Defense Advanced Research Projects Agency (DARPA) 89 Defense Data Net Network Information Centre 87 definition, technical 104 Definitive Media Library, see DML degree 129-30, 153 DEL (Data-Entry Language) 116 delivery 22-3, 27, 72, 96, 128, 148, 158, 163

tailor service 144 departments 39, 70-1, 83, 126, 163, 167 dependencies 173, 175, 177 deploy 135-6 deployment 10, 19-20, 41, 135-6, 138-9, 155, 161 Deployment Management 134, 139, 154-6

design 47, 100, 104, 108, 115, 117, 122, 133, 147, 161, 172 Design Patterns and Business Models 187 designations 13, 129 desktop applications 92, 125, 170 traditional 91, 104 developers 93, 99, 108, 110, 114-15, 117, 119-20, 125, 170, 174 devices 46, 49, 72, 101-2, 177

handheld 46, 102 mobile 48, 60, 73, 75 multiple 101-2 DIKW (Data, Information, Knowledge, Wisdom) 142 direction, strategic 131 disciplines 140, 163-4 discovery 92

display 91, 110, 122, 124 disruption 147, 166 Distinguishing Web Applications 8, 104

distribute 135-6, 166 distribution 97, 100, 135-6, 139-40, 171 DML (Definitive Media Library) 137-8

Document Manager 7, 52 Document Object Model (DOM) 108 documentation 27-8, 68, 123, 139, 176 documents 46, 52, 94, 97, 104, 107, 122-3, 152, 156-7, 160, 168, 171-2 doesn‟t 65, 169


199

DOM (Document Object Model) 108 domain 52

don‟t 14, 74, 139, 169, 182 dot 17

dynamic part 107 E E-Mail Marketing 7, 54 E-Mail Marketing SaaS and Web Applications Specialist 53 eBay 53, 90, 94, 97 eBook 2

ECAB (Emergency CAB) 151, 153 EE (Enterprise Edition) 114 eLearning Programs 5 Emergency CAB (ECAB) 151, 153 employees 39, 52, 56, 58-9, 65, 69, 75, 82-3 emulation 35

end-users 14, 22, 65, 90, 115, 135, 154, 157, 181 engine 108

Enterprise Edition (EE) 114 enterprises 15, 93, 95, 97, 100, 106, 131 ent.smallbusinessnewz.com 186 environment 8, 35, 89, 100, 115, 125, 136, 149, 164-5, 167, 170 live 135-6, 138, 155

operating 32-3 en.wikipedia.org/wiki/Web 188-9 errors, known 137, 144, 147, 165-6 Establishing data 141 Europe 156 evaluation 150-1, 155 Event and Incident Management processes 160

exam 3, 182, 185 experience 8, 91, 102-3, 139, 142, 156, 171, 175 exploit 94-5, 145 eXtensible Business Reporting Language 123 F

failures 131, 144, 161, 167, 175 fee, one-off 15 files 34, 48, 52, 85, 117 Final Review Questions 11-12, 179-80 financial impact 129 Financial Management 10, 85, 128, 130, 179 Financial Management and SaaS 10, 130

Flash 90 Flash application 110 flexibility 18, 20, 26, 41, 61, 86, 100, 114-15, 117, 123 Flickr 90, 95-6 forecasts 157-9 format, digital 85 foundation 122, 124, 164, 166, 182

frameworks 102, 104, 106-8, 110-15, 118-20, 132-4, 188 corporate governance 131 most 106-7, 120

freedom 71, 77, 91 function 29, 32, 43, 52, 104, 106, 111-12, 120, 135, 140 distinct 164

first-class 116-17 functionality 90, 110, 112-13, 116, 145 G games 48-9, 90


200

General Markup Language (GML) 122 General User Interfaces (GUIs) 85, 112

Gigabytes of storage capacity 55 Gigabytes of storage space 55

Gmail 7, 14, 37, 45, 55 Gmail accounts 45 Gmail email service 55 Gmail service 55 GML (General Markup Language) 122 Goals and Objectives of SaaS 19 Google 6, 19, 37-8, 40, 43, 45-7, 55-6, 76, 92, 97-9, 102, 118

Google Adwords 42 Google Apps 7, 37, 45-6 Google Apps Premiere 55 Google Calendar application service 46 Google Docs 7, 46 Google Docs and Spreadsheet document collaboration services 56

Google Maps 7, 40, 47-8, 98 Google SaaS and Web Applications Specialist 92

Google Site application 47 Google Sites 7, 46-7, 127 Google Talk SaaS and Web Applications Specialist 45 Google's software model 98 Google‟s 42, 45-7, 55

Google‟s email service 55 Google‟s service 56 Google‟s software service 56 governance, corporate 131-2 government 97, 122-3 GPS service 48 graphics 16, 90, 115, 122, 124

Groovy 9, 114, 188 groups 53, 64, 88, 91, 147-8, 151, 153, 155, 166, 175-6, 187 business process 147 growth 91, 97, 99, 143, 158 guarantees 23, 67, 134, 164 GUIs (General User Interfaces) 85, 112

H hardware 30, 35, 58, 60, 69, 78-80, 88, 115-16, 137, 139 Harvard Business School 93 History of SaaS 17 HISTORY of SAAS 6 host 21, 30, 41, 43, 51, 58, 69, 114-15

host machine 14 Hotmail 14, 37, 48, 50-1, 55 HR (human resources) 39 HR software SaaS solutions 39 hub 104, 187 human resources (HR) 39 hyper texting 87-8

hyperlinks 11, 88, 94, 166, 171, 173 hypertext 88-9, 189

I IM (instant messaging) 37, 48 images 52, 88-9, 161

impacting project costs 174 Imperative SaaS and Web Applications Specialist 179 implementation 40, 59, 93, 110, 113, 140, 154-5, 161 actual 61, 63-4, 110 service management 135


201

implementing 59, 64, 74, 99, 145, 153-4, 163, 169 implementing SaaS 59-67, 69-70, 72, 77, 83

Implementing Saas 8 Implementing SaaS 60

Incident Management 10, 144-5, 147, 165-6 Incident Management and SaaS 10, 147 Incident Management and Web Applications 10, 147 Incident Management for SaaS 147 incident management processes 160 Incident Manager 146-7 Incident Models 145-6

incident process 146 normal 146 incidents 138-9, 144-7, 161, 165-6 major 146 Indiana University Information Technology Services 187 individuals 82, 97, 142, 155, 171, 175

industry 98, 100, 122, 129 information 13-14, 36, 44, 51, 54, 86, 88, 93-5, 97-8, 106-8, 131, 140-4, 152, 164-7, 171-4, 176-

7 [10] background 76 compiling 172 configuration 151 controlled 137

customer 52 disseminate 85 example sales 52 extract 104 financial 126 historical 170, 172, 176 invaluable 95

login 82 mapping 48 organization‟s 132 pertinent 177 post 172 product 107

retrieve 91, 165 reusing 142 sharing 87 supplier 172 technical support 166 weather 96 work-related 52

information architecture 141 information exchanges 131 information gathering 156 information management procedures 141 information management system 88 Information Processing Technology Office (IPTO) 86 information provider 101

information security 131-2 information security industry 118 Information Security Management 10, 131, 163

Information Security Management activities 132 Information Security Management and SaaS 10, 134 Information Security Management process 132

Information Security Management SaaS and Web Applications Specialist 145 Information Security Management System, see ISMS Information Security Management Systems 132-3 information security policies 132 Information Security Policy 132


202

information security processes 133 information security risks 131

information‟ 131 infrastructure 25, 33, 59-60, 64-6, 69, 78-9, 95, 136, 143, 154, 158, 164

existing 32, 42, 64, 66 physical 78-9 initiation 167 initiator 151-2, 155 innovation 101-2, 115, 125 input 85, 129, 146, 168, 175-6 install 14, 25, 29, 31, 49, 58, 60

installation 30-1, 78, 140 instances 20, 44, 59, 70, 81, 97, 107, 110, 120, 125, 164-6, 170, 172-4 instant messaging (IM) 37, 48 integrity 131, 135, 154, 163 intelligence 8, 94-5 interfaces 55, 87, 104, 111, 117, 136, 149-50, 164, 171, 174

International Standards Organization (ISO) 46, 122, 133 Internet 8, 14, 16-19, 21-2, 25-7, 34, 37, 40, 42-3, 46, 74, 85-92, 96-7, 99-102, 123-6, 177 [8]

Internet access, single day 75 Internet and World Wide Web 125 Internet applications 97, 110 Internet-based services 18 Internet companies 19, 94-5, 99

Internet connection 17, 34, 75, 162 dedicated 74-5 Internet Explorer 5, 112 Internet SaaS and Web Applications Specialist 19 Internet Service Provider (ISPs) 74, 162 Internet speeds 17-19, 48-9 Internet users 88

introduction 37, 85, 87-90, 94, 102, 108, 123 Introduction Web Application 106 Introduction Web Application Framework 8 investments 72, 98, 130 iPhone 46 IPTO (Information Processing Technology Office) 86

ISM 131 ISMS (Information Security Management System) 132-3 ISO (International Standards Organization) 46, 122, 133 ISO/IEC 12, 184 ISPs (Internet Service Provider) 74, 162 IT SERVICE CONTINUITY MANAGEMENT, see ITSCM ITIL 11-12, 163-4, 166, 183, 189

ITSCM (IT SERVICE CONTINUITY MANAGEMENT) 11, 161, 167-8, 179 ITSCM processes 167-9 ITSCM strategy 167 iTunes 90, 97, 102 J Java 9, 23, 102, 113-16, 120, 188

Java applications 115 Java-based application 48 Java bytecode 115

Java-compatible applications Providing 114 Java EE application 113 Java platform 114, 188

Java Runtime Environment (JRE) 115 Java Virtual Machine, see JVM JavaScript 48, 57, 90, 102, 108, 116 JavaScript Object Notation (JSON) 108 job position 171


203

JRE (Java Runtime Environment) 115 JSON (JavaScript Object Notation) 108

judgments 142-3 JVM (Java Virtual Machine) 114-16

K keywords 93, 95, 118 knowledge 34, 95, 135, 141-4, 158, 167, 182 Knowledge Management 10, 140, 142, 144, 156 Knowledge Management and SaaS 10, 144

L language 21, 24, 88, 110, 114-19, 122-3, 165 laptops 59-60, 75, 101 leverage customer self-service 93 liability 13 licenses 15-16, 30, 70, 81, 178

licensing agreements 81-2 Lichleder 86

lightweight 8, 92, 98, 100, 116-17 limitations 47, 93, 140 links 2, 5, 51, 73, 87-9, 94, 96, 171, 173-4, 177 permanent 96, 173 return 96

Linux 21, 23, 95 Lisp 113, 117, 119 list 53, 104, 173-4 location 36-9, 98, 105, 125-6, 141, 170, 172, 174-5, 177 log-on 51 Lua 9, 116

M machines 17, 20-1, 25, 30-1, 42, 46, 69, 80, 82, 85, 125 maintenance 65, 106, 130, 138, 141, 157, 163 Managed Service Provider 22, 24 management 19, 22, 41, 76, 129-32, 138, 141, 146, 152-3, 155, 158, 161, 170 customer relationship 21, 38-9

executive 131-3 workflow 165 management strains 19-20 Managing Services 182 mapping facilities 107 MapQuest 90, 97-8 market 18, 53-4, 85, 91, 94-5, 97-8, 100, 103, 115, 162, 177

markup languages 9-10, 24, 122, 124 extensible 23-4, 123 mashups 11, 98, 105, 164, 174, 176, 188 Massachusetts Institute of Technology (MIT) 89 matter 39, 63-4, 66-7, 91, 93, 99, 130, 177 mechanism 88, 97, 107, 172-3 media 94-5, 98

meeting 63, 65, 136, 174-5 service level management review 156 Megabytes 55

members 116, 156, 178 Microsoft 6, 14, 17, 19, 37-8, 40, 43, 48-53, 55-6, 76, 92, 97, 99, 102, 111-12, 127 Microsoft Office Live Essentials 55

Microsoft‟s 23, 48, 50-1, 53, 55 Microsoft‟s core software services 48 Microsoft‟s instant messaging software 49 Microsoft‟s Office Live Essentials 56 Microsoft‟s premiere instant messaging application 48


204

Microsoft‟s service 56 migrating 7, 58

migration 7-8, 58, 60 millennium 17-18, 88

Minimal disruption of services Reduction 157 MIT (Massachusetts Institute of Technology) 89 Mobile 48 mobile phone users 46 models 24, 41, 56, 94, 99, 119, 130, 146, 158 hosted SaaS application delivery 58 pay-as-you-go payment 20, 70-1

product-based delivery 42 product-based software 43 service-based delivery 42 service-based software 43 service-orientated 41 subscription-based 17-19, 21

modes 111-12 Monday morning 139

money 16, 18-20, 28, 30-1, 74 save businesses 30 monitor 44, 54, 80-2, 132, 163-4, 174 monitoring 7, 44, 81, 160-1, 163-4, 177 Mosaic 89

Mosaic web browser 89-90 Most applications 85, 115 Most desktop-based applications 54 Most SaaS 42, 44-5, 60, 62, 71, 78 Most SaaS organizations don‟t 162 movies 94, 102 MSN messenger 48

older versions of 49 MSP 22, 24 mspx 38, 186 multiple computers, role of 35 multiple users 20, 30, 41, 43-5, 70, 80, 85-6, 88, 104, 171 multiple users accessing 44

N name, domain 51-2, 55, 88, 97 National Centre for Supercomputing Applications 89 National Science Foundation 87 NCP (Network Control Program) 87, 188 Net-Native 22

Net-Native software applications 22 Netflix 102 Netscape 90, 92, 102 NetSuite 17, 38, 56 network connections 79, 81 Network Control Program (NCP) 87, 188 networks 40, 43, 80-1, 86-8, 126, 149, 167

hundred 87 traditional 125-6 New Success for Web Applications in AJAX 108

New World 92 newsletter 54 NNTP 96

nodes 86-7, 89 non-SaaS 79 notification 94, 96, 165, 172 NSFNET 87, 189


205

O objectives 20, 59, 63, 131-2, 135, 156, 160

Objectives of SaaS 19 OBJECTIVES of SAAS 6

objects 98, 110, 113-14, 118 OD, see On demand Office Live Business 54 offline 18, 22, 25, 49, 90, 123 offline messaging 48-9 On demand (OD) 21-2, 40-1, 43 On-Premise Software 22

online 2, 36, 38, 42, 49, 55-6, 90 business activities 51 customer information 52 popular desktop applications 36 popular software applications 36 single location 52

users connect 26 open source software products 95

operating systems 21, 48, 51, 56, 58, 69, 92, 101, 104, 115, 117, 119 operations 99, 101, 148, 161, 164-5, 167 organizations 35, 40, 52, 56, 64-5, 67, 76, 128, 131-5, 140, 142-3, 145-9, 155, 161, 167, 175-6

[2] organization's service costs 136

organization‟s customers 128 outsourcing 168 outsource 27, 29 ownership 15 Ownership of information 97 ownership SaaS 97 owning 93, 98

P packets 86 pages 4, 47, 63, 88, 90-1, 94, 96-7, 104, 106-7, 110-12, 123, 170-1, 173, 187-8 master 111 single 171

participation 91, 93, 99, 171 particular software application 16, 29, 32, 41, 43, 61, 70, 81 parties 19, 97, 141, 171-2 partners 95, 104, 131, 133 party, performing 176-7 Pay-Per-Click (PPC) 42 paying 15, 27, 31, 42, 69-72, 75, 77

payment options 71 monthly 71 performance 8, 39, 44, 67, 72, 80-1, 107, 111, 115, 158, 160, 176-7 performance levels 80-1 performance SaaS 170 Perl 9, 57, 95, 114, 117-20 permalinks 96, 173

permission 13, 15, 47 person 13, 82, 146, 153, 166, 170-1, 173-4 personal diaries 96

perspectives 18, 44, 90, 148, 172 phone calls 49, 139 photos 50, 96

PHP 9, 95, 112, 117-18 phrase 22, 67, 101 pioneer 93, 95, 104 piracy 16, 19 pitfalls 70, 73-4


206

Planning SaaS and Web Applications Specialist 149 plans 36, 60, 64, 132, 157-8, 160, 168-9, 175, 178

platform 23, 39, 86, 90, 92-3, 101, 104, 106, 114-15, 117, 123, 125, 140, 173 platform-as-a-service 39

platform-related bottlenecks 80 policies 69, 76, 132-3, 150, 169 policy , information classification 133 POP3 email application 55 Popular web-based email service providers 14 popularity 55, 95, 108, 114, 120, 123 portability 11, 115, 170-1, 177-8

power 35, 65, 77, 86, 93, 97, 100, 110 PPC (Pay-Per-Click) 42 prediction 158 presentations 46, 91, 111 presenter 98 price 18-19, 55

pricelist 130 prioritization 128, 151-2

priority 85, 135, 146 problem management 148, 150, 165 problem management processes 165-6 problems 5, 8, 27-8, 32, 42-4, 63-4, 66-7, 69-70, 72, 74-5, 77, 92, 123, 146-8, 164-5, 175-6 [7] common 75, 83

processes 21, 23, 31, 40, 44-5, 58, 61, 65-6, 99, 128, 132-3, 139, 144-7, 155-9, 161-6, 168-9 [9] controlled 148 important 134, 156 straightforward 63, 73 support-related 78 processing power 21, 44, 85 productivity, lost 128-9

products 13, 15, 19, 41, 53-4, 86, 90-1, 94-5, 97-9, 101, 103-4, 107, 115, 118, 130, 176-7 [2] web-based 124 professionals 30, 64-5, 68, 181, 184 profits 16, 18, 28, 130 programmer productivity 118-19 programmers 90, 95, 111-12, 114, 120, 122

programming 110-11, 117, 120 object-oriented 113 programming languages 40, 110, 113-14, 116-17, 119-20, 124 object-oriented 110, 114, 119 programming paradigms 119-20, 179 multiple 118-19 programs 4, 14, 86, 96, 114-16, 159, 182, 184, 188

cost-effective information security 133 Progress Review Questions 10, 12, 127, 180 project 11, 53, 87-9, 170-7 project management 11, 155, 170-7 project management team 176, 178 project management tool 53, 175-6 project manager 7, 11, 53, 173-6, 178

project plan 173-5, 177 project team 173, 175, 177-8 project team members 173-4

Projected Service Outage (PSO) 154 promise 23, 87, 90, 96, 103, 115, 118-19, 163 properties 15, 110-11, 122

proposal 88-9, 119 protection 101, 126, 131-2 protocols 87-8, 96, 100, 105 providers 27, 60, 62, 71, 75, 78, 94 commercial Internet service 87


207

external service 168 shift service 66

third party service 26 Prudent business practices 132

PSO (Projected Service Outage) 154 publishers 13, 95, 98 purpose, core 92 purpose programming language 117-18 Python 9, 95, 114, 118, 120 Q

quality 60, 99, 140-1, 144, 163, 170, 175, 184 quality service management 148 R Really Simple Syndication, see RSS reason 18, 27, 56, 62-3, 66, 94, 101, 145, 152, 154

recommendations 95, 157 reduction 16, 144, 160

redundancies 125 rejection 151-2, 154 relationships 82, 102, 154, 164, 166-7, 171-2, 174, 177 release 32, 135-6, 140, 156 Release and Deployment 135-6, 138, 155

Release and Deployment and SaaS 10, 139 Release and Deployment Management 134, 139, 154, 156 Release Management 140 Release Management and Web Applications 10 Release Management and Web Applications SaaS 139 release packages 135, 137 release units 136-7, 139

reliability 100, 106, 123, 125, 170 request information 72 interview type applications 104 research, scientific 85 research criteria 61-2 resilience 161, 163

resistance 175 resolution 146-8, 165-6, 176 resource requirements 152, 154 resource utilization 157-8 resources 7, 20-1, 24, 31, 35-6, 45, 89, 92-3, 104-6, 125, 136-7, 144-6, 153-4, 157-8, 160, 174-5

[4] enterprise information 131

human 39 resources SaaS 104 responsibilities 43, 62, 82-3, 131, 134, 138, 150, 154-5, 164 restore service operations 147 restrictions 106, 120, 122 results 35, 85-6, 89, 92-3, 95, 104-5, 108, 115-17, 124, 128, 136, 145, 155, 157, 164, 166-7 [1] return 69, 108, 111, 152, 154

review 2, 151-2, 155-6, 172 RFC 151-2, 156 risks 37, 73, 77, 129, 131, 148, 150, 152-6, 159-60, 169-72, 174-7

roles 38, 59, 64-5, 82-3, 128, 135, 144, 146, 153, 155, 164, 167 rowboat 100 RSS (Really Simple Syndication) 94, 96, 100-1, 173, 176

RSS technology 96, 173 Ruby 9, 114, 118-20 S Saas 14


208

SaaS 14-21, 25-8, 30, 32, 36-8, 40-1, 55, 57-71, 73-8, 81-3, 102, 112, 162, 186 SAAS 6-8, 12

benefits of 30, 75 classifying 94

connection-related bottlenecks 80 eLearn Component 3 email policy 132 en.wikipedia.org/wiki/CSNET 188 formal 88 guide 60 helped 40, 127

hosting space 51 ignored 17 multiple users 30 orientated 15 popular 40 redundant 93

server 108 telephony 90

using 19, 31-2, 39, 75-6 www.artofservice.com.au 184 Monitoring 163 SaaS and Web Application development 128 SaaS and Web Applications 128, 185

SaaS and Web Applications Specialist 4-13, 15-18, 20-7, 31-4, 41-4, 46-50, 68-73, 75-9, 81-4, 98-101, 113-31, 133-8, 141-4, 150-62, 171-8, 180-9 [18]

SaaS application services 58 SaaS applications 59, 61 SaaS applications services 25 SaaS-based applications 25, 71 SaaS-based environment 82

SaaS-based services 83 SaaS-based software delivery model 25-6 SaaS-based software environment 58 SaaS-based software infrastructure 64 SaaS-based software services 73 SaaS changes 14, 32

SaaS clients 169 SaaS companies 36, 38 decent 38 radar‟ 39 SaaS contract 63 SaaS delivery 134 SaaS delivery model 42

Saas Environment 8 SaaS environment 82, 139 SaaS Environment 78 SaaS environment, complex 163 SaaS hosting 41 SAAS HOSTING 7 SaaS hosting companies‟ servers 42

SaaS hosting company 42-3 SaaS implementation model 61 SaaS implementations 14, 61, 64

SaaS infrastructure 58 SaaS market area 37-9, 56 SaaS offerings 64, 181

largest 38 SaaS organizations 21, 159 SaaS performance monitoring purpose 81 SaaS pitfalls 70 SAAS PITFALLS 8


209

SaaS platform 43-5 SAAS PLATFORM 7

SaaS provider 28, 139, 156-7 SaaS SaaS and Web Applications Specialist 35, 168

SaaS service provider 26, 28-9, 59-62, 65-74, 76-83 business‟ 65, 68, 73, 78-9 reputable 77 third 66 third choice 66 SaaS service provider changes 77 SaaS service provider charge 61

SaaS service provider faces 77 SaaS service providers charge 79 SaaS service providers clients 72 SaaS service provider‟s 72, 80 SaaS service provider‟s background 65 SaaS service provider‟s business hours 68

SaaS service provider‟s clients 28, 73 SaaS service provider‟s data centers 69, 73-4, 76

SaaS service provider‟s software services 70, 75 SaaS service provider‟s terms 75 SaaS service SaaS and Web Applications Specialist 74 SaaS services 30, 36, 38, 59, 63, 65, 139 purchases 162

SaaS software administrator 64 SaaS software application services 62 SaaS software applications 26, 28-9, 59-61, 80 SaaS software delivery model 26, 28-9 SaaS software developer 64 SaaS software distribution model 43 SaaS software market 66

SaaS software service providers 59-60 SaaS software services 26, 28, 31, 36, 60, 63-71, 73-5, 77-8, 80-1 business match 61 business‟ 82 monitoring off-site 80 new 63-5, 73, 78-9

SaaS software solutions 31, 38, 67 SaaS software vendors 30, 67-8, 72 SaaS software vendor‟s contract 74 SaaS Solution 15 SaaS solutions 15, 17-19, 22, 37, 40, 63-4 complete 75 SaaS subscription rate 82

SaaS tools 39 SaaS vendors 16, 28, 31, 76 SaaS vendor‟s data centre 31 SaaS.htm 186 [email protected] 4 SAGE (Semi Automatic Ground Environment) 86 Salesforce 6, 17, 38-40, 56

San Mateo 38-9 save 16, 20, 31, 71, 83 save money 30-1, 69-70, 83

scalability 91, 125 scale, economies of 27-9 scale web applications 102

scaling 7, 45 schedule 172, 174 Scheme 116, 118-19 scope 135, 143, 149, 153, 161, 174 scripting languages 57, 90, 116-18, 124


210

scripts 116 SE (Standard Edition) 114

search engine results 54 search engines 97, 107, 113

searching service Administration 112 security 62, 65, 76, 82, 90, 100, 106, 115, 125-7, 131-4, 139, 146, 153 security activities 131 security applications 22 security controls 106, 132 security policies 132-3, 163 semantics 116, 118-19

Semi Automatic Ground Environment (SAGE) 86 server upgrade 139 servers 31, 43, 58, 69, 83, 85, 88-91, 101, 106, 108, 111-12, 125 Service and Web Applications 4, 182 Service and Web Applications Special Level 4 Service and Web Applications Specialist 3

Service and Web Applications Specialist Level Exam 4 service approach 26

Service Asset 149 Service Asset & Configuration Management 150 Service Asset and Configuration Management 137 service availability 160-1 service availability targets 154

Service Capacity Management 158 Service Catalogue 156 service change 149, 156 service change process 149 service changes, authorized 135 service continuity 156, 167 Service Continuity Management 167

Service Delivery 181 Service Delivery Managers 182 service delivery problems 72 Service Design activities 160 Service Desk 144-5, 147, 167 Service Desk Manager 146

service disruption 154 correct 148 service facilities 167 service group 153 service information 133 Service Knowledge Management System (SKMS) 143 Service Level Agreement 23, 41, 60, 62, 67-8, 71-3, 76, 80, 147

formal 62 revised 154 solid 60 Service Level Agreement document 72-3 Service Level Agreement states 71 Service Level Agreements, see SLAs Service Level Management 179

service lifecycle 140-1 Service Management 143, 145, 168 service management activities 131

service management processes 10, 128, 150, 184 Service Managers 182 Service model 25, 153

service obsolescence Harm 129 service operation practices 153 service operations 135, 145 normal 144 service organization 166


211

Service-Orientated Architecture 23 service outage 129

cost of 128 service performance 23, 157, 161

service plans 157 Service Portfolios 149 service provider 23, 28-9, 36, 40, 62, 68, 72-3, 76-8, 82, 106, 125, 140, 143, 148-9, 161, 184 service provider organizations 132 service provider staff 141 service quality 71, 140, 144, 148 service requirements 158, 164

service restoration 147 service software delivery model 26, 58 service solution 48 Service Strategy 157 Service Strategy and Service Portfolio 158 service targets 158, 160

service teams 136 Service Transition processes 136

service usage 158 Service Value 128, 130 service 130 services 13-15, 22-9, 39-41, 47-9, 51, 53-7, 92-4, 99-101, 128, 130-1, 134-6, 139-41, 143-5, 147-

8, 157-61, 166-9 [17]

add-on 51, 53 advertising 42, 54 basic instant messaging 48 business-orientated 15 business‟ software 169 business‟s software 65 call centre operation 39

candidate 129 changed 136, 156, 160 complex 23 core 51-2 critical business 128 customer 144

customer-orientated 15 demanded 98 dominant software delivery 28 e-commerce software 53 end-to-end 158 free 37 hosting multi-tenant software 44

hosting software 43 ideal 56 impacted 144 list of 129 live 136, 154 maintaining software 32 management software 39

marketing 39 messaging 22 monitor off-site software 80

multiple 153 multiple-tenant software 30 network-based 22

new software 32, 59, 64, 69, 79-80 online calendar 46 operational 158, 160 orientated 15 outdated Microsoft Hotmail web-email 37


212

particular software 20, 44, 59, 61, 82 popular software 48

product management 15 production 135

remote 25 retired 149 right software 64 sales 39 single sign-on 51 single software 43-4 social networking 50

software application 25, 60 standalone 54 subscription 171 subscription-based 37 technology-enabled 34 telephony 22

tune software 64 updating software 32

web-based 51-3 web-based instant messaging software 49 web-based software 54-5 webpage creation 47 Marketing software 42

Software 42 services SaaS 140 services support 161 services Reduction 157 services‟ 34 service‟ 34 set 14, 23, 27-9, 37, 47, 50, 55-6, 60, 79, 82-3, 85, 89, 93, 111, 130-2, 142 [5]

setbacks 25 severity 148, 165-6 SGML (Standardized General Markup Language) 122-4 share files 48 shareholders 129 Sharing Folders 48

signing 67, 74, 76 Simple Object Access Protocol (SOAP) 100 Simple Object Language (SOL) 116 simplicity 100, 123, 130 Simplified web service implementation 113 Single Customer 8, 101 single instance 20, 22, 41-3, 59, 61, 70, 81-2

single machine 85 Single Points of Failure (SPoFs) 161 sites 5, 37, 47, 51, 93-4, 96, 98, 107, 122, 137 static web 112 situations 98, 140, 147, 158, 168-9, 172, 177 SKMS (Service Knowledge Management System) 143 SLAs (Service Level Agreements) 23, 41, 62, 71, 133, 145, 147, 153, 156, 158, 163

SLAs, solid 59-60 Smalltalk 9, 114, 119-20 SOA 23

SOAP (Simple Object Access Protocol) 100 software 3-4, 6-7, 14-15, 18-20, 22, 25-7, 30, 40, 42-3, 57-8, 65-6, 78-9, 92-3, 137, 139-40, 186-

7 [9]

software application model 25 traditional on-premises 58 software application/service 31 software applications 14, 16-23, 25, 27-32, 36, 40-4, 58-60, 64, 69-71, 74, 76-7, 91, 116, 144 business purchases 30


213

clients‟ 27 expensive 16

external hosted 25 host 27

hosting 14 implementing traditional on-premises 60 install 31 licensed 69 marketing 42 on-premises 61-2, 69, 73-4 outsourced 27

ownership of 15-16 third party client/server 27 traditional 25-6, 32, 43, 70, 77, 81-2 traditional on-premises 60-1, 81, 83 updating 31 upgrade 74

usage of 44 software applications in-house 27

software application‟s 19, 41 software-as-a-service 86 software clients 16 software companies 17, 99 software delivery model 26-7, 41-2

software environment 58 standard 7, 58 software experience, unique 26, 28 software implementation models 61-2 hosted SaaS 61 on-premises 61-2 software infrastructure 63

software libraries 106 software licenses 69 software management 30, 58 software management costs 59 software management processes 66 software problems 17

software products 15, 118 selling 42 traditional 99 Selling 42 software SaaS 28, 67 software service access credentials 82-3 software service area 55

software service provider 40, 76 obscure 76 software service provider‟s servers 26 software service vendor 56 software services 15, 17-20, 22-3, 25-6, 28-31, 33, 36, 38-45, 47-8, 53-4, 56, 59-60, 64-8, 71-4,

77-8, 80-3 [3] software services in-house 31

software services online 42 software solutions 15-17, 19, 37, 41-2, 46, 67 software support 15, 65

software updates 41, 99 software users 16 desktop-based 36

web-based 36 software vendors 16-20, 31-2, 40-5, 60, 62, 67, 71-3, 77, 81 software vendor‟s terms 18, 77 potential SaaS 71 SoftwareasaServiceSaaS/Softwareasa ServiceSaaSGoogleAppsPremier/tabid 186


214

SOL (Simple Object Language) 116 solutions 53, 87-8, 126, 140, 144, 164, 166, 170, 172, 175

software service delivery 44 source code 116, 156

sources 47, 98, 115, 126, 133, 142, 144, 147, 171, 174 multiple 96, 98, 174 open 11, 90, 94-5, 101, 170, 175 sourcing, open 175-6 space, hard drive 16 Specialist level programs and Managing services 182 SPoFs (Single Points of Failure) 161

sqi-inc.com/ic/Glossary/SaaS 186 staff 69, 140, 143, 155, 158 stages, early 156 stakeholders 135, 155, 170-4, 177 Standalone applications 48, 104 Standard Edition (SE) 114

Standardized General Markup Language, see SGML standards 23, 88, 91, 102, 132, 137

start 71, 90, 139, 157, 161, 174-5 start tag 122 storage 34, 45, 59, 61, 127, 136 storage capacity 21, 44-5, 55-6, 61, 81, 170 storage space 47, 55, 70

Store Manager 7, 53 structure 64, 110-11, 117-18, 122 solid support 65 subject 3 subscribe 17, 42, 53, 96, 144, 169, 173 subscription basis 15, 51 subscription types 81

subscription web service 172 subscriptions 15-17, 19, 35, 56-7, 62, 97, 166 success 11, 36-7, 87, 93-5, 100-1, 139, 166, 172 SuccessFactors 39 SuccessFactors software services 39 suppliers 95, 133, 135-6, 149, 156, 163, 172

support 5, 7, 31, 45-6, 50, 53, 62, 65, 68, 78-80, 83, 100, 132, 147-8, 163-5, 167 [9] little 68, 78 technical 73, 79, 167 support groups 83, 145 support professionals 68, 79 support-related issues 78-9 support SaaS 41

support services 53, 78 support team 79 on-premises SaaS 83 specialized SaaS 83 support technologies 78 support Web Services 23 Survey of Web Application 110

SURVEY of WEB APPLICATION FRAMEWORKS 9 symbols 107, 110 syntax 114, 119

system administrator 117, 164 systems 46, 85, 88-9, 95, 99-101, 117, 131, 134-5, 137-9, 144, 149, 159, 163-5, 167, 177 hypertext 89

T tags 112, 122 tail, long 93 tapping 164, 166-7


215

tasks 31, 43, 58, 60, 64, 66, 72, 85, 114, 117, 177 TCO (Total Cost of Ownership) 139

TCP/IP 87 team 64, 175

Tecgraf 116 technical information 110 obtaining 166 technical support teams 79, 166 technologies 7, 17, 19, 22, 36, 40-1, 48, 63-4, 85-6, 91-2, 96, 100-2, 108, 123, 125-6, 163-4 [10] service-based 66 standard document Information 113

templates 107, 111, 176 terms 15, 21-3, 27, 40, 67-8, 70-2, 81, 83, 88, 114, 131, 157, 170 test 60, 81, 135-6, 154 test machine 80 that‟s 169 theartofservice.net/index.php 34

themes 47, 176 thinkitservices.blogspot.com 186

thresholds, automated 158 ticket 165-6 timeline, clear 64 timescales 145-6 toolkit 113

tools 38, 40, 81, 90, 106, 128, 143, 146, 175-8 business email creation 7, 52 top 4, 8, 41, 66, 70, 132-3, 186 top candidate services 129 topics 88, 97 Total Cost of Ownership (TCO) 139 track 50, 53-4, 56, 135

trademarks 13 train 69 [email protected] 185 transactions 62 Business 131 transparency 129

U UCLA (University of California in Los Angeles) 86 UCs (Underpinning Contracts) 145 Underpinning Contracts (UCs) 145 Understanding Mashup Building Platforms for Business Applications 188 Uniform Resource Identifier (URIs) 89, 122

United States 86 University of California in Los Angeles (UCLA) 86 updates 78, 99, 139, 143, 175, 177-8 updating 19, 83, 165-6, 178 upfront costs, cheaper 28, 72 upgrade 15, 32, 42, 78-9, 139 URIs (Uniform Resource Identifier) 89, 122

URLs 106-7 usage 35, 86, 90, 178 user activity 94, 99

user base 91, 98-9 User Control 111 user group committee 64

user satisfaction 161 users 14-17, 20, 25-6, 34-5, 40-53, 55-6, 67, 80-3, 85-6, 88, 90-1, 93-104, 106, 124-6, 170-4,

176-7 [16] associated 137 charge 44


216

collective 94 email 95

home 19, 101 potential 17

remote 14 single 43-4 unsubscribed 54 users access 44 users data 44 users machines 22 users request 40

users start 99 user‟s data 20, 44 Using SaaS 20 using SaaS software solutions 16, 30-1 Utility Computing 6, 24, 35, 57

V value 2, 92-3, 97-9, 110-11, 128, 130, 135, 140, 144-5

financial 128 variables 107, 110-12 vendors 15-17, 41, 186 independent software service 56 vendor‟s hands 15

versions 32, 46, 48, 65, 76, 83, 90, 112, 115-17, 139 latest software 6, 32 older 49, 76 vice-or-saas 187 viewArticleBasic&articleId 187 virtualization 6, 35, 125, 170, 181 VOIP 49, 78

W wasn‟t 17-18 way software applications 14 web 8, 11, 21, 49, 85-6, 88-108, 111, 117, 120, 122-3, 125-6, 163-4, 166, 170-2, 177, 187-9 introduction of 92

Web Application Design 104 web application development 91, 107, 128, 166 Web application framework SaaS and Web Applications Specialist 57 web application frameworks 9, 106-8, 111-12, 120, 188 web application hints 104 web application processing 112 Web Application Types 187

web applications 4, 8, 10-11, 85-6, 90-2, 98-108, 110-11, 115, 118, 125, 163-4, 166, 170-1, 174, 185, 187 [8]

basic 104 developing 91, 111 interactive 108 maintaining 100 native 92

new era of 93, 101 prevented 102 standard 108

Web Applications Frameworks 9 Web Applications SaaS and Web Applications Specialist 139 Web Applications Special Level 4

Web Applications Specialist Exam Tips 12 Web Applications Specialist Level Complete Certification 2-38, 40-189 Web Applications Specialist Level Exam 4 web-based applications 23, 40, 46, 50, 104 complete 46


217

web-based email services 14, 37-8, 45, 50, 55 dominant 55

web browser 5, 14, 16, 22, 25, 49, 52, 88, 92, 96, 104, 108, 112, 115, 125 web content 93

Web-enabled application development 187 Web Form 111 web pages 40, 50, 88-90, 96, 106, 111, 115, 117, 122, 124, 173 web platform 92, 102-4, 106, 125-6 web service processes 23 web services 23-4, 40, 93, 100-1, 106, 111, 115, 125 web technologies 100, 164-5

web users 93-4 weblog 96 website 36-9, 46, 51-4, 56, 85, 88, 91, 93-5, 104, 110, 116, 123, 126, 184 Website Design Tool 54-5 what‟s 102, 154 Wikipedia 90, 94, 118, 188-9

wikis 46, 93, 166 Windows 5, 92, 101

Windows-based operating systems 56 Windows-based users 46 Windows Live 7, 37, 48, 51 Windows Live Call 48-9 Windows Live Hotmail 7, 37, 50, 55

Windows Live Messenger 7, 48-9 Windows Live Spaces 7, 50 wisdom 142-3 work 2-3, 18, 25-6, 32, 43-4, 48-9, 56, 58, 73, 75, 90, 94-5, 104, 106, 165, 172-5 [7] work offline 25-6, 75 work orders 151, 155 workforce 39, 58, 68, 82-3

business‟s 32 workgroups 83 workhorse 102 workloads 125, 158, 160 workspaces 7, 52, 56 Workstation users 65

World Wide Web 8, 14, 85-91, 94, 96, 101, 122-3, 189 worry 16, 30 www.computerworld.com/action/article.do 187 www.emereo.org 2 www.theartofservice.org 4

cloud computing specialist certification kit

Documents