Imagine a world with no Postal Service nor Federal Express. Whenever you wanted to send a document to someone, you'd have to find out how they accepted documents, find a trustworthy carrier to transport the document, and then negotiate delivery mechanisms, notification requirements, and security measures. This is the current situation of Web services. Sure, transport is available and there are some basic standards about envelopes and how to look up an address, but there's not much else. In fact, unanswered questions about security, reliability, trust, and coordination abound. [Full story at InfoWorld...]
One of the best parts of doing this review was my interactions with Grand Central CTO John McDowall. Its clear that John's primary objectives are guaranteed message delivery and 100% uptime. In addition to these primary objectives, his engineering team works hard to ensure that the network delivers some other important features:
- Security. The network provides authentication and authorization services on three levels: HTTP with password authentication, HTTPS with password authentication, and HTTPS with a host-verified SSL certificate from Verisign.
- Logging. The network logs details about every transaction that goes through it. Each transaction is assigned a unique tracking ID. These logs can be reviewed online, accessed as a web service, or exported for use elsewhere. This is useful for debugging but, more importantly, provides for monitoring and auditing. Grand Central maintains these logs for a year with a standard contract.
- Interoperability. The network supports SOAP via HTTP, of course, but also allows connections to and from partners who use FTP or even SMTP.
The Grand Central engineering team follows some important principals in building the network:
- Multi-dimensional scaling. The network is a distributed collection of servers that can be scaled for performance and reliability in small steps.
- Clean service oriented architecture. Grand Central creates the features in the network as Web Services and treats things like alerts and events as first class citizens---that is they're just SOAP messages that can be fed into the network and treated like any other SOAP message. This creates enormous power through extensibility and service re-use.
- User self-service. The network is designed so that all of the features can be accessed and configured by users using a web interface without interaction with the humans at Grand Central. Future extensions will expose these interfaces as web services so users can control their network programmatically.
In speaking with John, the answer to many questions is "when customers demand it, we'll deliver it." This kind of customer driven product management has served a number of companies well. Success in this strategy depends on having a solidly built foundation on which to hang features and Grand Central has the basics done.