WHIR.COM | BLOGS | WEB HOST NEWS | FIND WEB HOSTS | RESELLER HOSTING | MAGAZINE | WHIR TV | NEWSLETTER | rss feeds
whir blogs
WHIR BLOGS OFFERS INSIGHTFUL COMMENTARY FROM WEB HOST INDUSTRY EXPERTS    
CURRENT WEB HOSTING JOBS:  
Systems Administrator/Support TechnicianWeb Designer (Level II)Perl Web Application Developer
March 16, 2007 | Posted By : Mathew Baldwin at 12:00 AM PERMALINK | Blog Comments (1)

Trust Relationships Between Business-to-Business Mashups

A topic that I have been thinking about lately involves how companies can "mash-up" their B2B applications in a secure manner.

It is critical to understand, I think, that some core differences between a consumer mash-up like those that apply statistical information over, say, Google Maps and a B2B scenario might be: 1) business applications will commonly employ some type of authentication system to gain access to the data within the application and 2) customers could have the ability to alter data within either application.

Within the B2B mash-up model I can see applications participating in both a unidirectional manner, where application A pulls data from application B, and a bidirectional manner, where application A pulls data from application B and application B pulls data from application A -- think of a pair of applications that need to stay in sync with some or all of their data, i.e. a hosted billing solution such as the one offered by Aria Systems and a hosted Sugar CRM solution like the one offered by RPS Technology.

Now, in both scenarios how should we manage identity? When application A pulls data from application B on the behalf of the user in application A how does application B ensure that the end-user has authorized application A to pull that data at that moment in time? I'm thinking about how we protect against fraud or misbehaving applications that might be holding onto credentials and performing actions without the explicit authorization of the end-user.

This is a situation where a SaaS Hosting provider could come to market with an identity solution that could sign the authorization credentials via some type of proxy service that sits in front of the application and issues tickets for that current session. Both applications would trust that ticket of the 3rd party (the SHP) and allow the interaction between the two applications. Once the ticket expires, then application A and application B break the trust and become silos again. The proxy service would also have the benefit of allowing the end-user to utilize a single logon for both applications; it could abstract the credentials and do handle the authentication and hand-off to the application.

I think we will begin to see more and more B2B mash-ups. It will most likely start as narrow contracts between the companies offering the services, but will hopefully expand into a more generalized manner where any ISV can build their application to pull data from another application using some type of trust system. I could see ISVs publishing their API(s) into a service catalogue in which other ISVs can find the API and begin mashing up data points within their applications, creating ad-hoc suites of applications that share segments of data between each other.

Print | Send | del.icio.us | Linking Blogs
February 22, 2007 | Posted By : Mathew Baldwin at 12:05 AM PERMALINK | Blog Comments (3)

SaaS Hosting Cost Model and Other Questions

One of the things that troubles me when I think about SaaS Hosting and how traditional hosts can move into this market is what does the pricing model look like -- that is, how much should we charge each SaaS ISV?

In SaaS Hosting, the ISV is off-loading a majority, if not all, of their infrastructure needs to the hosting partner. In some cases, they may also utilize on-behalf-of services such as billing, support, provisioning, and other unique services the hosting provider has experience with that the SaaS ISV does not. Each of these things has some type of cost associated with it to the hosting company, therefore this cost should be passed onto the ISV with some margin on top so we make a little money off of our SaaS Hosting Platform.

For larger ISVs that are moving into the SaaS space, the pricing is usually done via some type of up-front professional services contract to get the system online and then reoccurring revenue once the application is up and being sold. But, my concern is how do you address the other ISVs out there who may not have the capital for a professional services contract or no existing revenue stream to draw off of to fund their SaaS initiative? Should these ISVs be ignored and told to go it alone? The risk I see here as a hoster is that I may be missing out on that "next-big-idea" that I can get a slice of if I were to host that ISV's application and incubate them for a period of time.

This is where an argument could be made for a standardized, shared infrastructure that small to medium sized SaaS applications can live within while they grow. The hosting company would determine a flat, monthly rate based upon the amount of resources used during the start-up phase of the application and charge that to the ISV. Once the ISV has reached a certain point, they would shift into a revenue sharing price structure where the host receives x percent per hosted seat.

Another question I have is, should hosts give away some of their services initially to bring on some of the smaller ISVs? If this is done, what type of profiling process should be done to determine if the ISV might be a possible win? There'll be some risk in here, but there could also be a home run if the hosting company is smart enough to recognize a solid idea and work with the ISV to bring that idea to market.

Thoughts?

Print | Send | del.icio.us | Linking Blogs
 
 
AUTHOR NAME
Mathew Baldwin

rss feeds
 Mathew Baldwin, of Affinity Internet, talks hosted architectures, the evolution of existing platforms to address the needs of ISVs bringing their applications online. Click here to read his full biography.
WHIR BLOGGERS
Recent Entries
No recent entries.
Archives By Subject

Find Web Hosts | Reseller Hosting | Personal Web Hosting | Small Business Web Hosting | Dedicated Servers | Managed Hosting | Adult Web Hosting
Reseller Hosting | Web Hosting Automation | Wholesale Domain Names | Private Label Web Hosting | Web Host Advertising Agencies | Host Services


About WHIR | Online Advertising | Print Advertising | Print Subscription | Email Newsletters | RSS Feeds 		 
Submit News | Privacy Policy | Buy Reprints
Web Host Industry Review, Inc. is not responsible for the content of comment submitted by our users.

   © Copyright Web Host Industry Review, Inc.