Software as a Service

Software as a service (or SaaS) is a way of delivering applications over the Internet—as a service. Instead of installing and maintaining software, you simply access it via the Internet, freeing yourself from complex software and hardware management.

SaaS applications are sometimes called Web-based software, on-demand software, or hosted software. Whatever the name, SaaS applications run on a SaaS provider’s servers. The provider manages access to the application, including security, availability, and performance.

SaaS: The Payoff

SaaS customers have no hardware or software to buy, install, maintain, or update. Access to applications is easy: You just need an Internet connection.

SaaS Characteristics

A good way to understand the SaaS model is by thinking of a bank, which protects the privacy of each customer while providing service that is reliable and secure—on a massive scale. A bank’s customers all use the same financial systems and technology without worrying about anyone accessing their personal information without authorization.

A “bank” meets the key characteristics of the SaaS model:

Multitenant Architecture

A multitenant architecture, in which all users and applications share a single, common infrastructure and code base that is centrally maintained. Because SaaS vendor clients are all on the same infrastructure and code base, vendors can innovate more quickly and save the valuable development time previously spent on maintaining numerous versions of outdated code.

Easy Customization

The ability for each user to easily customize applications to fit their business processes without affecting the common infrastructure. Because of the way SaaS is architected, these customizations are unique to each company or user and are always preserved through upgrades. That means SaaS providers can make upgrades more often, with less customer risk and much lower adoption cost.

Better Access

Improved access to data from any networked device while making it easier to manage privileges, monitor data use, and ensure everyone sees the same information at the same time.

SaaS Harnesses the Consumer Web

Anyone familiar with Amazon.com or My Yahoo! will be familiar with the Web interface of typical SaaS applications. With the SaaS model, you can customize with point-and-click ease, making the weeks or months it takes to update traditional business software seem hopelessly old fashioned.

SaaS Trends

Organizations are now developing SaaS integration platforms (or SIPs) for building additional SaaS applications. The consulting firm Saugatuck Technology calls this the “third wave” in software adoption: when SaaS moves beyond standalone software functionality to become a platform for mission-critical applications.

Application Architecture

Our working definition of software as a service is: "Software deployed as a hosted service and accessed over the Internet." Depending on how one defines words such as software and access, this definition can encompass a lot of things… perhaps too many. To an application architect, certainly, it doesn't really shed any light on what exactly makes a SaaS application work, the thing that makes the difference between a successful SaaS application and an unsuccessful one. A line-of-business application with a decade-old code base mated to a jury-rigged HTML front end may fit the broad definition of software as a service, but most such applications run into problems when they are unable to scale well or cost-effectively. To define what might be called a mature SaaS application, therefore, we must introduce some additional criteria.

The Three Attributes of a Single-Instance Multi-Tenant Architecture

From an application architect's point of view, there are three key differentiators that separate a well-designed SaaS application from a poorly designed one. A well-designed SaaS application is scalable, multi-tenant-efficient, and configurable.

Scaling the application means maximizing concurrency, and using application resources more efficiently—for example, optimizing locking duration, statelessness, sharing pooled resources such as threads and network connections, caching reference data, and partitioning large databases.

Multi-tenancy may be the most significant paradigm shift that an architect accustomed to designing isolated, single-tenant applications has to make. For example, when a user at one company accesses customer information by using a CRM application service, the application instance that the user connects to may be accommodating users from dozens, or even hundreds, of other companies—all completely unbeknownst to any of the users. This requires an architecture that maximizes the sharing of resources across tenants, but that is still able to differentiate data belonging to different customers.

Of course, if a single application instance on a single server has to accommodate users from several different companies at once, you can't simply write custom code to customize the end-user experience—anything you do to customize the application for one customer will change the application for other customers as well. Instead of customizing the application in the traditional sense, then, each customer uses metadata to configure the way the application appears and behaves for its users. The challenge for the SaaS architect is to ensure that the task of configuring applications is simple and easy for the customers, without incurring extra development or operation costs for each configuration.

The Software as a Service Maturity Model

We've enhanced our working definition of SaaS by identifying the important attributes of a mature SaaS application. But maturity isn't an all-or-nothing proposition. An application can possess just one or two of these attributes and still meet all necessary business requirements, in which case the application architects may actively choose not to fulfill the other attributes, if doing so would not be cost-effective.

Broadly speaking, SaaS application maturity can be expressed using a model with four distinct levels. Each level is distinguished from the previous one by the addition of one of the three attributes listed above.

Figure 8. Four-level Saas maturity model

Level I: Ad Hoc/Custom

The first level of maturity is similar to the traditional application service provider (ASP) model of software delivery, dating back to the 1990s. At this level, each customer has its own customized version of the hosted application, and runs its own instance of the application on the host's servers. Architecturally, software at this maturity level is very similar to traditionally-sold line-of-business software, in that different clients within an organization connect to a single instance running on the server, but that instance is wholly independent of any other instances or processes that the host is running on behalf of its other customers.

Typically, traditional client–server applications can be moved to a SaaS model at the first level of maturity, with relatively little development effort, and without re-architecting the entire system from the ground up. Although this level offers few of the benefits of a fully mature SaaS solution, it does allow vendors to reduce costs by consolidating server hardware and administration.

Level II: Configurable

At the second level of maturity, the vendor hosts a separate instance of the application for each customer (or tenant). Whereas in the first level each instance is individually customized for the tenant, at this level, all instances use the same code implementation, and the vendor meets customers' needs by providing detailed configuration options that allow the customer to change how the application looks and behaves to its users. Despite being identical to one another at the code level, each instance remains wholly isolated from all the others.

Moving to a single code base for all of a vendor's customers greatly reduces a SaaS application's service requirements, because any changes made to the code base can be easily provided to all of the vendor's customers at once, thereby eliminating the need to upgrade or slipstream individual customized instances. However, repositioning a traditional application as SaaS at the second maturity level can require significantly more re-architecting than at the first level, if the application has been designed for individual customization rather than configuration metadata.

Similarly to the first maturity level, the second level requires that the vendor provide sufficient hardware and storage to support a potentially large number of application instances running concurrently.

Level III: Configurable, Multi-Tenant-Efficient

At the third level of maturity, the vendor runs a single instance that serves every customer, with configurable metadata providing a unique user experience and feature set for each one. Authorization and security policies ensure that each customer's data is kept separate from that of other customers; and, from the end user's perspective, there is no indication that the application instance is being shared among multiple tenants.

This approach eliminates the need to provide server space for as many instances as the vendor has customers, allowing for much more efficient use of computing resources than the second level, which translates directly to lower costs. A significant disadvantage of this approach is that the scalability of the application is limited. Unless partitioning is used to manage database performance, the application can be scaled only by moving it to a more powerful server (scaling up), until diminishing returns make it impossible to add more power cost-effectively.

Level IV: Scalable, Configurable, Multi-Tenant-Efficient

At the fourth and final level of maturity, the vendor hosts multiple customers on a load-balanced farm of identical instances, with each customer's data kept separate, and with configurable metadata providing a unique user experience and feature set for each customer. A SaaS system is scalable to an arbitrarily large number of customers, because the number of servers and instances on the back end can be increased or decreased as necessary to match demand, without requiring additional re-architecting of the application, and changes or fixes can be rolled out to thousands of tenants as easily as a single tenant.

Choosing a Maturity Level

What maturity level should you target for your application? One might expect the fourth level to be the ultimate goal for any SaaS application, but this isn't always the case. It may be more helpful to think of SaaS maturity as a continuum between isolated data and code on one end, and shared data and code on the other (see Figure 9).

Figure 9. SaaS maturity as a continuum

Where your application should fall along this continuum depends on your business, architectural, and operational needs, and on customer considerations. As you'll be able to see even from this simple explanation, all of these considerations are interrelated to some degree.

• Business model—Does an isolated approach make financial sense? Forsaking the economic and management benefits of a shared approach means offering your application to the consumer at a higher cost; however, under some circumstances, it may be worth it to meet other needs. In addition, customers may have strong legal or cultural resistance to an architectural model in which multiple tenants share access to an application, even if you can demonstrate that it does not place confidential data at risk. Ultimately, of course, you'll need a business model that shows how your application can make money at whichever maturity level you've targeted.
• Architectural model—Can your application be made to run in a single logical instance? If you are seeking to move a desktop-based or traditional client–server application to an Internet-based delivery system, it may be fundamentally incompatible with a single-instance, metadata-centric approach, and you may determine that it will never make financial sense to invest the development effort necessary to transform it into a fully mature SaaS application. If you are designing and building a net-native application from the ground up, you will probably have a lot more freedom to take a single-instance approach.
• Operational model—Can you guarantee your service level agreements (SLAs) without isolation? Carefully examine the obligations imposed by any existing SLAs that you have with customers, with regard to considerations such as downtime, support options, and disaster recovery, and determine whether these obligations can be met under an application architecture in which multiple unrelated customers share access to a single application instance.

High-Level Architecture

Architecturally, SaaS applications are largely similar to other applications built using service-oriented design principles (see Figure 10).

Figure 10. SaaS application architecture

Most of the components depicted in Figure 10 should be familiar to most application architects. The process services expose interfaces that smart clients and/or the Web presentation tier can invoke, and kick off a synchronous workflow or long-running transaction that will invoke other business services, which interact with the respective data stores in order to read and write business data. Security services are responsible for controlling access to end-user and back-end software services.

The most significant difference is the addition of metadata services, which are responsible for managing application configuration for individual tenants. Services and smart clients interact with the metadata services in order to retrieve information that describes configurations and extensions that are specific to each tenant.

Metadata Services

In a mature SaaS application, the metadata service provides customers with the primary means of customizing and configuring the application to meet their needs. Typically, customers can make configuration changes in four broad areas:

• User interface and branding—Customers often appreciate the ability to modify the user interface to reflect their corporate branding, and therefore SaaS applications typically offer features that allow customers to change things such as graphics, colors, fonts, and so on.
• Workflow and business rules—To be of use to a wide range of potential customers, a business-critical SaaS application has to be able to accommodate differences in workflow. For example, one customer of an invoice tracking application may require each invoice to be approved by a manager; a second customer may require each invoice to be approved by two managers in sequence; a third may require two managers to approve each invoice, but allow them to work in parallel. When appropriate, customers should be able to configure the way in which the application's workflow aligns with their business processes.
• Extensions to the data model—For many data-driven SaaS applications, one size definitely doesn't fit all. Even with relatively simple, task-specific applications, customers may chafe under the restrictions imposed by a static, unchanging set of data fields and tables. An extensible data model gives customers the freedom to make an application work their way, instead of forcing them to work its way. Later in this paper, you'll learn a bit more about how a customer-extensible data model is architected.
• Access control—Typically, each customer is responsible for creating individual accounts for end users, and for determining which resources and functions each user should be allowed to access. Access rights and restrictions for each user are tracked by using security policies, which should be configurable by each tenant.

To provide customers with flexibility in configuring the software as necessary, these options are organized into hierarchical configuration units known as scopes, each of which contains options for making changes in each of the four areas listed above. Every customer has a top-level scope that it can configure as needed, and the customer may establish one or more scopes underneath the top level in an arbitrary hierarchy. A relationship strategy determines how and whether child nodes inherit and override configuration settings from parent nodes.

For example, a typical customer that purchases enterprise-wide access to your application may have several business units with distinct needs, all of which must follow certain company-wide standards, but also must be able to configure some aspects of the application individually. Within each business unit as well, there may be organizational groups that have their own special configuration needs. For each of these identified organizational units, the customer can establish a scope that gives the group access to the configuration options that it may set or change.

Unlike traditional vendor-customized line-of-business applications, SaaS applications are much more likely to be configured by customers themselves. Designing the configuration interface is therefore almost as important as designing the interface for end users. Ideally, customers should be able to configure the application through a wizard, or through simple, intuitive screens that present all available options without causing information overload, and that clearly distinguish between options that can and cannot be changed within a given scope.

Security Services

As important as security is in any software context, the nature of SaaS makes security both a paramount concern for customers, and a high priority for application architects. Following some basic guidelines can help ensure that tenants remain in control of their private data.

Authentication

The SaaS provider typically delegates to each tenant the responsibility for creating and maintaining its own user accounts, a process known as delegated administration. Delegated administration creates a situation in which the customer is responsible for creating individual user accounts, but the vendor has to authenticate them. To accommodate this delegated-administration model, SaaS designers use two general approaches for handling authentication: a centralized authentication system, or a decentralized authentication system. The approach that you choose will have ramifications for the complexity of your architecture and the way end users experience the application, and you should consider what your business model says about the needs of the application, customers, and end users when making a decision.

In a centralized authentication system, the provider manages a central user account database that serves all of the application's tenants. Each tenant's administrator is granted permission to create, manage, and delete user accounts for that tenant in the user account directory. A user signing on to the application provides his or her credentials to the application, which authenticates the credentials against the central directory and grants the user access if the credentials are valid (see Figure 11).

Figure 11. Centralized authentication system

This approach requires a relatively simple authentication infrastructure that is comparatively easy to design and implement, and that does not require any changes to the tenant's own user infrastructure. An important disadvantage to this approach is that a centralized authentication system makes it much more difficult to implement single sign-on, in which the application accepts the credentials that the user has already entered to gain access to his or her corporate network. Without single sign-on, users are frequently presented with an inconvenient login prompt when logging in to the application, and they must enter their credentials manually.

In a decentralized authentication system, the tenant deploys a federation service that interfaces with the tenant's own user directory service. When an end user attempts to access the application, the federation service authenticates the user locally and issues a security token, which the SaaS provider's authentication system accepts and allows the user to access the application (see Figure 12).

Figure 12. Decentralized authentication system

This is an ideal approach when single sign-on is important, because authentication is handled behind the scenes, and it doesn't require the user to remember and enter a special set of credentials. The decentralized approach is more complex than the centralized approach, however, and a SaaS application with thousands of customers will require individual trust relationships with each of the thousands of tenant federation services.

In many cases, the SaaS provider may want to consider a hybrid approach—using the centralized approach to authenticate and manage users of smaller tenants, and the federated approach for larger enterprises that demand, and will pay for, the single sign-on experience.

Authorization

Typically, access to resources and business functions in a SaaS application is managed by using roles that map to specific job functions within an organization. Each role is given one or more permissions that enable users assigned to the role to perform actions in accordance with any relevant business rules (see Figure 13).

Figure 13. Access control

Roles are managed within the SaaS application itself; they can contain individual user accounts, as well as user groups. Individual user accounts and groups can be assigned several different roles as required.

Depending on the roles to which a user is assigned, he or she is granted one or more permissions to perform specific operations or actions. These actions typically map directly to important business functions, or to the management of the application itself. For example, a purchasing application might include permissions for creating, submitting, approving, and rejecting purchase orders; an application for mortgage brokers might include permissions for checking a borrower's credit and granting a loan; and so forth. A single permission can be assigned to one or several roles, as necessary; each user will be granted the union of the permissions assigned to all roles to which the user belongs.

Applications can use business rules to control access to actions and resources at a finer level than permissions allow. Business rules introduce conditions that must be satisfied before access is granted. For example, you can use a business rule that allows a user to transfer funds between different accounts only during normal business hours, or if the amount being transferred does not exceed a certain figure.

Access control is managed at the scope level. Each scope inherits roles, permissions, and business rules from any parent scopes, according to the application's relationship strategy, and it can modify, add, and delete them as appropriate. For example, consider a customer based in the United States, with a branch office in Toronto, Canada. The root scope has a role named Benefits Administrator that has a number of permissions related to managing employee benefits, including the administration of the company's 401(k) retirement savings plan. Because 401(k) plans are a creation of U.S. tax law, they are not used in Canada. Therefore, a child scope is created for the Canadian office that inherits the Benefits Administrator role and its permissions, with the exception of the permission that allows the role to modify 401(k) offerings. In place of this permission, the customer adds a permission that allows the role to modify Registered Retirement Savings Plan (RRSP) offerings, the Canadian equivalent of the U.S. 401(k).

Figure 14. Example of root scope permissions vs. child scope permissions

As a best practice, your application should include a default set of roles, permissions, and business rules that are available to all tenants, and it should allow individual tenants to customize these rules and create more rules through a useful and intuitive user interface.

A Closer Look: Multi-Tenant Data Model

Thus far, we've been covering application architecture at a fairly high level, so let's examine a particular challenge in greater detail: that of creating a data model that customers can extend in a multi-tenant environment. This is by no means a comprehensive exploration of the data model extension process, but it should help give you an idea of the kinds of architectural issues that must be considered when designing SaaS applications.

As designed, your application will naturally include a standard database setup, with default tables, fields, queries, and relationships that are appropriate to the nature of your solution. But different organizations have their own unique needs, which a rigid, inextensible default data model won't be able to address. For example, one customer of a SaaS job-tracking system might have to store an externally-generated classification code string with each record in order to fully integrate the system with their other processes. A different customer may have no need for a classification string field, but might require support for tracking a category ID number, an integer. Therefore, in all but a few specialized cases, you will have to develop and implement a method by which customers can extend your default data model to meet their needs, without affecting the data model as used by other customers. We'll look at three general approaches to solving this problem: a dedicated tenant database, a shared database with a fixed extension set, and a shared database with custom extensions.

Dedicated Tenant Database

The first approach involves simply giving each tenant its own database, which the tenant can extend as necessary.

With this approach, a new standard default database is created for a new tenant as part of the provisioning process, and the metadata service keeps track of which database is assigned to which tenant. Once the new database is created, the tenant is free to modify it as extensively as your application's user interface and program logic allows, potentially creating new fields, new queries, and even new tables and relationships.

If the cost of providing services is not a factor, this would be the only approach to consider, because it is the simplest arrangement to build, and it offers customers the maximum freedom to extend your default data model. Moreover, customers in fields such as banking or medical records management may have very strong data isolation requirements, and may not even consider an application that does not supply each customer with its own individual database. The disadvantage of this approach is that you will be able to support only a limited number of databases for each server, and therefore your infrastructure cost will be higher, and it will rise more quickly than it would otherwise.

Shared Database, Fixed Extension Set

The second approach involves building a single database that is shared by all of your tenants, and that includes a preset number of custom fields that tenants can assign and use as desired (see Figure 15).

Figure 15. Custom fields in a shared database

In Figure 15, records from different customers are intermingled in a single table; a TenantID field associates each record with an individual tenant. In addition to the standard set of fields, a number of custom fields are provided, and each customer can choose what to use these fields for, and how data will be collected for them.

Custom fields can by typed, so that the customer can use any available built-in type checking and verification functions that the application and database provide in order to validate the data. Alternatively, the fields can be untyped, so that the customer can use them to store any type of data. (The customer can optionally provide its own validation logic, to prevent users from accidentally entering invalid data).

A shared database carries a much lower cost of providing services than the isolated approach does, because it allows a single database engine to support a larger number of customers before partitioning becomes necessary. The biggest disadvantage to this approach is that the extensibility of the data model is limited to the number of custom fields you provide. Choosing this number wisely requires carefully assessing your customers' potential needs. If there are too few custom fields, your customers will not be able to use your application effectively; if there are too many, the result is a sparse, wasteful database with many unused fields.

Shared Database, Custom Extensions

The third approach involves building a single, shared database, and allowing customers to extend the data model arbitrarily, storing custom data as name–value pairs in a separate table (see Figure 16).

Figure 16. Custom data stored in a separate extension table

Here, each customer record that includes custom data is assigned a unique record ID, which matches one or more rows in a separate extension table. For each row in this table, a name–value pair is stored. Each customer can create as many of these name–value pairs as necessary to meet their business needs. When the application retrieves a customer record, it performs a lookup in the custom data table, selects all rows corresponding to the record ID, and returns them to be treated as ordinary field data. Obviously, data in the custom data table cannot be typed, because it is likely to contain data in many different forms for different customers. To work around this limitation, a third column can optionally hold a data type identifier, so that the data can be cast to the appropriate data type once it is retrieved.

This approach makes the data model arbitrarily extensible, while retaining the cost benefits of using a shared database. The main disadvantage is an added level of complexity for database functions, such as searching, indexing, querying, and updating records. This is typically the best approach to take if you anticipate that your customers will require a considerable degree of flexibility in extending the default data model, but that they won't require data isolation.

When developing an extensibility approach for your data model, remember that any extension implemented by a customer will require a corresponding extension to the business logic (so that the application can use the custom data), as well as an extension to the presentation logic (so that users have a way to enter the custom data as input and receive it as output). The configuration interface that you present to the customer should therefore provide mechanisms for updating all three, preferably in an integrated fashion. (Providing mechanisms by which customers may extend the business logic and user interface will be addressed in a future paper.)

Scalability

Large-scale enterprise software is intended to be used by thousands of people simultaneously. If you have experience building enterprise applications of this sort, you've gotten to know first-hand the challenges of creating a scalable architecture. For a SaaS application, scalability is even more important: you'll have to support the average user base of a single customer, multiplied by the total number of customers that you have. For ISVs accustomed to building on-premise enterprise software, supporting this kind of user base is like moving from the minor leagues to the majors: the rules may be familiar, but the game is played on an entirely different level. Instead of a widely deployed, business-critical enterprise application, you're really building an Internet-scale system that needs to actively support a user base potentially numbering in the millions.

Scaling the Application

Of course, it's very unlikely that you'll end up supporting as many users as Hotmail does (though if you do, congratulations!). But the scalability challenges are actually quite similar.

Applications can be scaled up (by moving the application to a larger, more powerful server) and scaled out (by running the application on more servers). Scaling up, a familiar solution to anyone who's ever replaced an aging computer with a brand-new model, is often the better choice for smaller applications that don't have to serve very many concurrent users. At the SaaS level, though, scaling out is almost always the best way to add capacity, as depicted in the SaaS maturity model. A well-designed SaaS application can be scaled out to an arbitrarily large number of servers, each running one or more identical instances of the application. The following are some guidelines for designing an application for "scale out":

• Design the application to run in a stateless fashion, with any necessary user and session data stored either on the client side, or in a distributed store that's accessible to any application instance. Statelessness means that each transaction can be handled by one instance as well as any other; a user may transact with dozens of different instances during a single session, without ever knowing it.
• Design the application to conduct I/O operations asynchronously, so that the application can perform useful work while waiting for input and output to complete.
• Pool resources such as threads, network connections, and database connections; this helps maximize your computing resources, and it improves your ability to predict resource usage.
• Write your database operations in such a way as to maximize concurrency and minimize exclusive locking. For example, don't lock records when performing read-only operations.

Of course, this is only the very briefest of examinations of the topic; volumes could be (and have been) written about implementing a scalable architecture.

Scaling the Data

As databases serve more users concurrently and grow in size, the amount of time it takes to perform operations such as querying and searching increases significantly. SaaS applications, which often use the same databases to serve thousands of customers, are particularly susceptible to these types of performance degradation, and therefore it's important to plan adequately for growth.

One fairly simple way to scale a database is through partitioning, dividing the data into smaller "chunks" in order to improve the efficiency of queries and updates. Consider developing a partitioning strategy to determine the best way to partition your data. For example, if an application has customers from around the world, a geographic partitioning strategy might be appropriate, with data belonging to European customers in one partition, data belonging to Asian customers in another, and so on.

In most situations, it is likely that database size will keep growing. Therefore, it is also important to have dynamic repartitioning strategies in place, to ensure that already-partitioned data can be repartitioned in order to keep up with performance and scale metrics.

Operational Structure

The third important shift in thinking has to do with the operational structure of the application: what it takes to deliver the application to customers, and to keep it available and running well at a cost-effective level. For many ISVs, which have never had to run a data center for their customers, this may be the most unfamiliar aspect of SaaS. SaaS providers not only have to be experts in building software and bringing it to market, they must also become experts in operating and managing it.

Resources such as the Microsoft Operations Framework (MOF) provide a great deal of relevant guidance for maintaining system reliability, availability, supportability, and manageability. In addition to the common operation issues that MOF is designed to address, SaaS presents some unique challenges of its own.

Shared Services

If you've had experience with an enterprise-level World Wide Web presence, you're already familiar with the fundamentals of Web hosting and middleware services, in which an organization either hosts a site internally, or contracts with an external provider for equipment co-location or full-service hosting, including hardware, storage, and network bandwidth. The hosting service is responsible for the availability of the site, but it is typically not otherwise responsible for the site's operation and maintenance.

Providing software as a service adds an additional layer to consider when making hosting arrangements (see Figure 17). Depending on your business plan, you may need a metering and billing system in order to do the following:

• Accurately track customers' usage, and bill them for time or resources used.
• Restrict or throttle access at certain times of the day, or in order to meet other criteria.
• Monitor site access and performance, to ensure that SLAs are being met.
• Perform other functions in order to ensure a seamless experience for your customers that meets or exceeds expectations.

Collectively, the systems used to perform these functions are known as shared services.

Figure 17. Shared services layer for SaaS hosting

Shared services can be further classified into two subcategories:

• Operational support services (OSS)—Handle operational issues such as account activation, provisioning, service assurance, usage, and metering.
• Business support services (BSS)—Support billing (including invoicing, rating, taxation, and collections) and customer management (which includes order entry, customer self services, customer care, trouble ticketing, and customer relationship management).

As with traditional Web hosting, you will need to decide whether to build the shared services layer yourself and self-host your application, or to contract with an external hosting company (known as a SaaS provider) to provide it. SaaS providers offer a set of shared services to handle the business and operational issues identified above.

Monitoring

The SLAs that you enter into with your customers will quantify the operational standards that you are required to meet. SLAs are legally binding contracts, and failing to meet them can mean significant lost revenue and damage to your reputation. Monitoring your application architecture for any sign of trouble is therefore a vital tool for detecting problems, and fixing them before they result in significant outages or performance degradation.

Monitoring for Availability

Assuring high availability should be one of the most important priorities for any SaaS vendor. An outage that affects a single server or data center could lead to significant data or productivity losses for a large percentage of your customers—and maybe your entire customer base! For ISVs moving to SaaS from a background in traditional desktop or client–server software development, the high-availability requirements of a net-centric application model can involve new and unfamiliar challenges. It is recommended that you build support for basic techniques, such as heartbeat monitoring and alert mechanisms, into your application, and that you pay special attention to potential weak links, such as a connection to a database at a remote site not under your control.

Of course, technical mechanisms such as alerts are only a part of the process of ensuring high availability—and if an alert goes off, but nobody responds, it can't really be said to be part of the process at all. Ensure that there are processes in place at your operations center that prescribe specific courses of action, and standards to achieve, in the event of a system failure.

Monitoring for Performance

Your customers expect you to provide them with application access at an acceptable level of performance. To some extent, this expectation will be made explicit by the SLAs that you agree to honor as part of your contract with the customer. Beyond SLAs, however, if customers perceive your application to be slow or unresponsive, they will be more likely to terminate or decline to renew their subscriptions; disgruntled users may make their feelings known on websites and in the pages of industry publications, thus giving your application a negative reputation. Conversely, a fast, lean application that meets users' needs will please customers, and—if they've moved to your software from a less responsive traditional software package—even make them more receptive to SaaS as a category.

To ensure a high level of performance, build support for performance counters into your application directly, if at all possible. Set performance thresholds for metrics such as CPU usage and application response times, and use alerts to notify the appropriate personnel when management events are raised.

Establishing a baseline for performance is generally the most critical activity. With an established baseline, it is much easier to tell when something abnormal is happening, and where the problem is.

Conclusion

There's plenty more to be said about each of the topics addressed in this paper, but hopefully, by this point, you've read enough to begin developing a conceptual framework for understanding SaaS, and how you and your customers may benefit from it. SaaS represents a new paradigm in software delivery, an architectural model built on the principles of multi-tenant efficiency, massive scalability, and metadata-driven configurability to deliver good software inexpensively to existing and potential customers. Adopting these principles now can help put you well on the path to transforming the way you capture the long tail business.

Note: Content of this post is collected from salesforce.com and other sites. This is presented in a summarized way for your use.

Salesforce Introduction

What Is Salesforce.com?

Salesforce.com was founded in 1999 by former Oracel executive Marc Benioff . In June 2004, the company went public on the New York Stock Exchange under the stock symbol CRM. Initial investors in salesforce.com were Marc Benioff, Larry Ellison, Halsey Minor, Magdalena Yesil and Igor Sill, Geneva Venture Partners.

Products and Services

Customer Relationship Management

Salesforce.com's CRM solution is broken down into several applications: Sales, Service & Support, Partner Relationship Management, Marketing, Content, Ideas and Analytics.

Force.com Platform

Salesforce.com's Platform-as-a-Service product is known as the Force.com Platform. The platform allows external developers to create add-on applications that integrate into the main Salesforce application and are hosted on salesforce.com's infrastructure.

These applications are built using Apex (a proprietary Java-like programming language for the Force.com Platform) and Visualforce (an XML-like syntax for building user interfaces in HTML, AJAX or Flex).

AppExchange

Launched in 2005, AppExchange is a directory of applications built for Salesforce by third-party developers which users can purchase and add to their Salesforce environment. As of September 2008, there are over 800 applications available from over 450 ISVs.

Customization

Salesforce users can customize their CRM application. In the system, there are tabs such as "Contacts", "Reports", and "Accounts". Each tab contains associated information. For example, "Contacts" has fields like First Name, Last Name, Email, etc.

Customization can be done on each tab, by adding user-defined custom fields.

Customization can also be done at the "platform" level by adding customized applications to a Salesforce.com instance, that is adding sets of customized / novel tabs for specific vertical- or function-level (Finance, Human Resources, etc) features.

Web Services

In addition to the web interface, Salesforce offers a Web Services API that enables integration with other systems.

Languages

English, Dutch, Spanish, German, French, Japanese, Italian, Portuguese, Korean, Russian, Simplified Chinese and Traditional Chinese.

Other

Other technologies in use at salesforce.com are Resin Application Server, and the in-house technologies Apex (a Java-like programming language and programming platform) and S-controls (Salesforce widgets - these are predominantly based on JavaScript).

If you're not in sales, you might not even know what Salesforce.com does or even what Customer Relationship Management (CRM) is. Salesforce started out primarily offering software for sales groups to manage their customer relationships. This included simple tools like address books, which are called contacts in the Salesforce world, and more complicated processes to track potential customers from lead to sale. Sales people also like reports with charts and graphs, so those are part of the package.

The interesting point from a developer's perspective is that the underlying technology is based around database concepts, with default actions and views. Salesforce has almost completely opened up this infrastructure. Even novice users can create custom objects that are the equivalent of database tables, and add or remove fields from the default objects.

This infrastructure includes a built-in customer base, built-in distribution through the AppExchange directory, built-in data and authentication models, developer support on the AppExchange Developer Network, and a slew of programming tools. That means developers can focus on solving new problems and not reinventing solutions to old ones.

This infrastructure has been flexible enough to allow Salesforce to branch out into other business applications like marketing and customer support. It has also been flexible enough to allow customers to build their own applications in areas like financial services and human resources.

An Introduction to Salesforce.com's AppExchange

Two main things set Salesforce apart from other companies building development platforms. The first is that their platform is entirely "on demand", meaning there's no installed software, it runs across the internet in a software as a service model. The other is the directory of Salesforce applications called AppExchange. You can build apps and keep them within your organization -- if, for example, you work in a corporate IT department. But if you want to share your application with the world, for profit or otherwise, the AppExchange directory is the answer. It's integrated directly into all Salesforce accounts. If you build an application inside your own account, you can package it directly to the AppExchange directory. Customers who find your application on AppExchange can install it directly into their accounts. Salesforce wants to remove the burden of customer acquisition and distribution so that developers can focus on what they do best: finding and solving problems. I met a number of small companies and individual consultants who all said that Salesforce is making it easier to sell software to the corporate world.

Signing Up

To get a feel for what Salesforce customers experience, you need to sign up for an account. This will also serve as a sandbox for developing your own applications. You might be tempted to sign up for the 30-day, free trial offer that is prominently advertised on their home page, but signing up for a developer account from the

AppExchange Developer Network

will give you an account that never expires. The account does come with a few limitations. You can only have two users, one an admin account so that you can build and install applications and the other a normal user account so you can test your work from the perspective of a normal user. The account has a 2MB data limit, which is enough space to add roughly 1500 contacts. There seem to be some other limitations--you can't send mass emails, for example--but I didn't notice any that would hinder development.

After you

sign up

for an account you'll be sent a confirmation email. Following the link in the email will give you your first look at your new Salesforce account.

Click for a larger view.

Browse the tabs to get a sense of the default functionality that comes with a Salesforce account.

Customizing

For most Salesforce customers, customizing their Salesforce account is a common and exciting experience that feels like application building. This functionality is available in the Setup area. Here users can add and remove fields, customize templates, and even create new database tables that come with automatically created forms and views. Salesforce provides a web UI for all of this functionality.

Don't worry, as a developer you're going to be able to build applications much more powerful than what most users are creating using the Salesforce customization forms. You should, however, know how to use these. You will need this familiarity if you want to extend the data schema, install AppExchange applications, or package your own AppExchange applications.

Start by clicking the Setup link located above the tabs.

Later in this article, we'll be using this area to install an application from AppExchange. For now let's get a feel for how the Setup area works by adding a

Website

field to the

Contacts

object, as many of our friends have their own websites.

Start by choosing Customize -> Contacts -> Fields in the left navigation bar. This will show a long list of the standard fields for the

Contacts

object.

Click for a larger view.

At the bottom of the list of fields is a list of custom fields and a New button. Clicking this button will start you on a four-step process for adding a field to the

Contacts

object.

The first step is to select a field type. I was expecting to make this a text field, but found that Salesforce has an explicit URL field type that ensures that the URL will be displayed as a link. Choose the URL field type.

The second step is to give the field a label and a name. The label is shown on displays and reports alongside the field contents. The name is what you're going to use to reference the field when you're writing code. I chose "Website" for the label and "website" for the name.

The last two steps are important if you're managing a Salesforce account with thousands of users. If that were the case, you would want to spend some time setting the access controls and templates. For our purposes, you should just choose the defaults and then save your changes. To see your handiwork, visit the Contacts tab and click the New button. You should see that your field has been automatically added to the form.

Installing an AppExchange Application

Before we can build our own application for the AppExchange, we need to figure out how to install other people's applications.

The first step is to visit the

AppExchange

. There are over 400 applications in the directory so far. Some of the applications require that you pay for them. Some require that you install software on your own server. But many are completely free applications that run entirely in your Salesforce instance. The Pricing section of each application entry will let you know if the application is free or not.

If you see a Get It Now button then you can install the application directly into your Salesforce account. Other applications have Download buttons instead. These are applications that you run on your desktop or server that access your Salesforce account through the API.

Let's install

Salesforce for Google AdWords

, an application that lets you create and track Google AdWords campaigns from within Salesforce. It's a good example of a mashup that combines an external service with the database and reporting features of Salesforce.

Click the Get It Now button to start the installation process. This will take you through a series of confirmation screens asking you to review legal terms, the contents of the package, and security settings. On step 3, choose "Grant access to all users," since we're installing into an account that doesn't have any users.

It turns out that you still have a little more work to do once you've finished the install process. You need to customize your account through the Setup area so that the new application is visible. It would be nice if applications came with a help document that walked you through this process. However, in my experience the next step is usually the same. Most applications come with their own tab, which you need to add to your visible tabs. In this case click the arrow on your last tab, which takes you to the All Tabs tab. Then click the Customize My Tabs button.

Click for a larger view.

This will give you a form for moving available tabs to your selected tabs. Choose Search Campaigns from the Available Tabs list and move it to the Selected Tabs list.

Once you have saved your choice you'll see a new Search Campaigns tab that will let you create and track AdWords campaigns.

Building Native Applications

The most common form of Salesforce application development is done entirely through the Salesforce.com interface. Native applications are built by extending Salesforce's data schema, by writing custom HTML, and by writing JavaScript. These native applications can be bundled and shared through AppExchange.

Extending the data schema can be as simple as adding a field to an existing object like we did when we added a website field to the

Contact

object. It can also mean creating your own objects. These are essentially database tables, called "custom objects" in Salesforce parlance. Whenever you make a schema change, Salesforce automatically creates or updates the related forms and pages. You don't need to build the standard CRUD actions like create, update, show, or list.

Like most customizations, you can add custom objects through the Setup area. Get started by visiting Setup and then Build -> Custom Objects in the left sidebar.

Click for a larger view.

Salesforce has just released a book that shows how to build an example recruiting application using native application techniques. They gave away hard copies of the book for free at their Dreamforce conference, but they've also just started including a link to a PDF copy as part of an advertising campaign on TechCrunch. Until they produce a more official page, you can download the book for free from their advertisement landing page.

Building Custom Pages with S-Controls

Congratulations on graduating from the basics. Most Salesforce development happens entirely through the Salesforce web UI. This gives incredible power to customize and build applications to people who wouldn't normally have any control over their application. However, you probably want to write code. For native applications, that starts with S-Controls.

S-Controls let you write your own HTML in order to build pages and forms. S-Controls include templating variables that let you access Salesforce data. The application-building part can be done in any web application technology, like Java applets or Flash. However, most people use JavaScript.

Salesforce is putting a lot of work into their Ajax toolkit. This toolkit allows you to call back to the Salesforce API in order to read and write data to the database. The beta release includes two excellent tutorials to get you started.

The Ajax toolkit will graduate from beta in Salesforce's Winter '07 release, due out in the next few months.

Accessing Data with SOQL

Many times when you're developing for Salesforce you'll be treating it like a database. Salesforce provides an SQL-like query language called SOQL that you use in combination with the API to query data. SOQL has been limited by the ability of Salesforce to host the high volume and unpredictable data queries of its users. The Winter '07 release will eliminate the biggest limitation, finally allowing users to join multiple tables. The other difference you'll notice right away is that queries won't return the full result of a large data set. Instead you'll have to use

queryMore

until you've retrieved everything you need.

The developer documentation has the basic syntax.

The Salesforce API

So far, we've been talking about building applications that are limited to filling out web forms and writing JavaScript. If you'd rather build an application in your favorite programming language, then you should plan on hosting the application on your own server and treating Salesforce as a database that you access through their API. This way you can access the data that your company or client is entering into the Salesforce application without having to be an expert yourself.

The

Salesforce Projects and Toolkits page

lists toolkits for almost every language including Java, .NET, Perl, PHP, and Ruby. Many of the toolkits hide the API behind a traditional Object Relational Model.

Before you get started, you need to generate and download a Salesforce WSDL file. Do this by going to the Setup area and then to Integrate -> AppExchange API.

Here's an example Perl script that would list the names, emails, and websites of all of our contacts. You could get going with a similar few lines of code in almost any language.

The

developer docs

will probably be your main reference when using the API.

Note: Content of this post is collected from salesforce.com and other sites. This is presented in a summarized way for your use.