Key Characteristics of PaaS

The Software-as-a-Service (SaaS) industry continues to grow rapidly. The success of SaaS is driving broad change across the technology industry. Software vendors large and small are contemplating how to adapt to the new paradigms of the SaaS market, while a large number of developers across the world are moving to SaaS application development. In addition, the increase in SaaS application consumption and development is driving the need for a new set of platform technologies built specifically to support SaaS.

In this issue brief, we outline the key attributes that characterize a “best-in-class” Platform-as-a-Service (PaaS) offering – a cloud-enabled application development platform.

Key attributes of PaaS include:

1. Multi-tenant architecture

A PaaS offering must be multi-tenanted. A multi-tenant platform is one that uses common computing resources including hardware, operating system, software (i.e. application code), and a single underlying database with a shared schema to support multiple customers simultaneously. This is in direct contrast to the traditional client/server architecture, which requires an entire stack of hardware and software to be dedicated to each tenant (customer).

Multi-tenancy benefits enormously from the magic of something called collective innovation. When hundreds or even thousands of other businesses/customers are using exactly the same operational infrastructure, all of them benefit from each of the different ways in which they’re challenging and stretching that shared infrastructure. All of them have access to the newest functionality that’s introduced at the behest of the early adopter minority. All of them benefit from the hardening of the infrastructure after any of them come in contact with a newly detected threat.

The strength of multi-tenancy is that each of its individual tenants keeps it constantly evolving. This is in stark contrast to single tenancy, the whole point of which is to limit evolution only to those changes that are perceived to directly benefit the individual tenant. In truth, multi-tenancy makes the difference between a SaaS application that’s destined for rapid obsolescence and one that will continue to evolve with the cloud and all the wealth of possibility that’s opening up in the connected Web.


2. Customizable /Programmable User Interface

The PaaS offering should provide the ability to construct highly flexible user interfaces via a simple “drag & drop” methodology that permits the creation and configuration of UI components on the fly. In order to jump-start the construction of user interfaces/displays, pre-defined standard UI components should be available that can be assembled in building-block fashion with minimal coding. For further customization of the UI, which may be necessary to accommodate specific user requirements, there should be the option to easily leverage or invoke a tag library of other complementary, more sophisticated, reusable UI components (grids, tree-like hierarchies, etc.) through simple HTML code without the need of writing complex code.

Furthermore, given the growing set of Web devices, additional flexibility to use other technologies such as CSS, AJAX and Adobe Flex to specify the appearance of the application’s interface should be available to the UI designer. The PaaS offering must afford UI designers/developers complete fine-grained control to shape the presentation of data to a specific context – for example, displaying the data in one format when viewed on a hand-held device and in another format when viewed in a desktop Web browser.

This “drag & drop” paradigm of constructing user interfaces, an essential capability of a robust PaaS offering, provides UI designers/developers with better control over the appearance of the application’s interface and permits the creation of new and sophisticated presentation layers quickly and easily without requiring much custom coding.


3. Unlimited Database Customizations

Data persistence is core to many applications. Facilitating the creation, configuration and deployment of persistent objects without requiring programming expertise is a key characteristic of a powerful “cloud platform.” Thus, the PaaS offering must support the construction of objects, the definition of relationships between the objects and the configuration of advanced data behavior all from within the comfort of the Web browser via a “point and click” declarative paradigm.

As opposed to a relational database where tables are used to store data, objects constitute the fundamental building blocks for cloud-based applications. Through a declarative Web interface that provides complete visual control at the meta-data level, application designers/developers should be able to define objects along with the fields/attributes that determine what kind of data is stored within each object record. Specifying relationships between objects, a key requirement of any sophisticated business application, must be possible through the declarative Web-based interface as well. Other mandatory functions include the ability to incorporate validation rules and permissions at the object/field level and the ability to specify auditing behavior.


4. Robust Workflow engine/capabilities

Successful business process execution via process automation is the primary objective of any business application. A cloud platform must offer a business-logic engine that supports the definition of workflow processes and the specification of business rules to engender process automation.

A workflow process defines the different statuses a business object flows through during its life cycle. Workflow actions drive the object through different statuses within the context of a workflow process and can be triggered either through human intervention (assuming the user has the required permission to execute/invoke the action) or an event (the creation of a specific object record).

Using a combination of workflow processes, statuses, actions, events and the rules that govern actions, the application designer should be able to model almost any kind of business process using point-and-click tools within the Web browser. In addition to providing a declarative fashion to model sophisticated business conditions and application behavior, the PaaS offering must include the ability to programmatically define powerful trigger conditions using a scripting language such as JavaScript.


5. Granular control over security/sharing (permissions model)

The PaaS offering should provide a flexible access control system that allows detailed control over what users of the SaaS application can see and the data each user can access. Definition of access from the application level (including tabs, menus, objects, views, charts, reports and workflow actions) to the individual field level should be possible. Defining an access control model should be possible through the creation of groups and roles and the assignment of users to either groups or roles.

For complex large-scale implementations, the ability to define which features and data each user can access should be available so users can be segmented across common organizational structures to provide fine-grained access to data/application features.


6. Flexible “services-enabled” integration model

Platform-as-a-Service facilitates the rapid construction of applications in the cloud by providing foundational elements, such as data persistence and workflow capabilities, that are essential to the creation of any business application. However, given the complex IT environments that permeate most enterprises today, the PaaS offering should leverage Service Oriented Architecture (SOA) principles to enable seamless integration of cloud application data and functionality residing in the cloud platform with other on-premise/on-demand systems and applications.

At a minimum, the PaaS offering must support a flexible integration model enabled via both SOAP and REST API calls. The respective Web-based APIs should provide standard CRUD (create, read, update, delete) methods as well as search, binary file upload/download methods for working with file and image fields, methods for working with relationships, and a method for retrieving a full XML representation of an object definition and all of its components. The APIs must adhere to the same permissions and access control restrictions that have been specified via the security model.

Furthermore, to accelerate the integration between cloud applications and on-premise enterprise systems, the cloud platform should provide a range of pre-built connectors. For example: Utilize pre-built ERP connectors to send order information captured via a cloud-based CRM application to an on-premise order management system for order fulfillment (i.e. order delivery, invoicing and billing) to realize the order-to-cash business process.