Welcome!

Government Cloud Authors: Elizabeth White, Liz McMillan, Gopala Krishna Behara, Raju Myadam, Kevin Jackson

Related Topics: Microservices Expo, Java IoT, Containers Expo Blog, Agile Computing, @CloudExpo, SDN Journal

Microservices Expo: Blog Feed Post

API Management for Obamacare and Healthcare.gov

For the uninitiated API here is a programming interface that represents just the server side of the Healthcare.gov functionality

It's not every day that you hear about a software project on public media, but NPR and other public outlets are covering the troubled rollout of the Healthcare.gov website nearly hourly. As a software professional, the problems I was hearing about are common in a large software project, where multiple pieces of the final product are built independently and then integrated together at the end.

API Management for Obamacare

We are in the Post-Website Era. APIs Can Help.

The practical problem here is that it is too easy for disparate contractors working on just their piece to even understand how the whole will fit together. In fact, the nature of computing and programming relies on this to some extent: Treating individual components as modules assumes a certain amount of ignorance on how inputs to one particular module are derived and where outputs are used in other parts of the system. This means developers can focus on making their piece meets the appropriate functional and non-functional requirements which makes them "cogs in the machine." All of them are performing essential functions, but can't see the forest for the trees. They can't step outside of their own cog.

API-Management-Cog-In-The-Machine

Multiple contractors can be a cog in the machine

This type of result can actually be predicted. In 1968, Computer Scientist Walter Conway described an assertion later known as Conway's Law:  "organizations which design systems ... are constrained to produce designs which are copies of the communication structures of these organizations.

This implies that the resultant software system will inherit communication (or non-communication) properties of the organization that designed it. In this case if we had dozens of private contractors with inadequate communication, you will end up with a system not properly tested end-to-end, which is exactly what happened here. Further, testing  that occurs only ‘at the end' of a software project is reminiscent of a waterfall software model, which is great for designing nuclear missiles, but extremely bad for designing a dynamic, highly scalable software system with heavy user-interface and usability requirements like Healthcare.gov.

So what happened with Healthcare.gov? Reuters' technology review suggests that the core design problem with the Healthcare.gov website was not the scalability of the server-side architecture, but the sheer amount of client logic pushed down to the browser, citing 92 separate files and plugins, including over 50 JavaScript files. By design, this means that your experience on Healthcare.gov is not just a function of how the website was designed, but also the client processor power, memory and client side factors, not to mention your available network bandwidth and round-trip latency. In short, the current architecture of the website appears to place too much work, and consequently blame, on the client. This also means the website may work better for some if you have a beefier client system.

Before the public fiasco, I mused that an Obamacare API and an API Management architecture might be a good thing based on lowered expectations of a smooth rollout of Healthcare.gov. Now I think it's more than a good thing, API Management just might be a savior. How? Rather than build a user interface, the government should have made an API and had the contractors compete to build the best interface. Here, the API could be a RESTful API launched as an open API allowing anyone to take a crack at using it to make the best possible experience for the user. This architecture cleanly separates the concerns - the government runs the server side and manages the API, data and transactional services and someone else writes the client piece.

For the uninitiated, API here is a programming interface that represents just the server side of the Healthcare.gov functionality. The API would consist of a set of interfaces that provide all of the necessary data and transaction methods to allow a client consumer to purchase healthcare through the exchange. It could use well-established, highly scalable technologies such as an API Management Gateway for handling traffic and API Catalog and Developer on-boarding portal for on-boarding public and internal developers. For reference, Intel's API gateway can handle over 18 billion calls per month, per node. Moreover, the current technology offerings for a developer catalog and portal would effectively allow internal developers working at the government to compete with external developers to build the best user interface.

The best part about this approach is that the government would not have to worry about the user interface and client experience. This could be left up to people who know how to design great user interfaces and would open the way to making the Healthcare.gov application available not just through a browser, but with an HTML5 or native mobile application. This is a true win-win. The government won't be blamed for a bad website and consumers get the best possible experience.

API Management for Healthcare.gov

 

The post API Management for Obamacare and Healthcare.gov appeared first on Application Security.

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

@ThingsExpo Stories
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessio...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
DXWorldEXPO LLC announced today that the upcoming DXWorldEXPO | CloudEXPO New York event will feature 10 companies from Poland to participate at the "Poland Digital Transformation Pavilion" on November 12-13, 2018.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
The best way to leverage your CloudEXPO | DXWorldEXPO presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering CloudEXPO | DXWorldEXPO will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at CloudEXPO. Product announcements during our show provide your company with the most reach through our targeted audienc...
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and ...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. All In Mobile is a mobile app development company from Poland. Since 2014, they maintain passion for developing mobile applications for enterprises and startups worldwide.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
DXWorldEXPO LLC announced today that ICC-USA, a computer systems integrator and server manufacturing company focused on developing products and product appliances, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City. ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of ...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.