Skip to main content

Is API integration management the next big cloud challenge?

This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.

Without cloud APIs, there can be no

hybrid cloud

- but all those links are going to need untangling, says Jessica Twentyman.

Don’t underestimate complexity: that’s the message from vendors of API management products, who daily see companies struggling to keep track of the spiralling numbers of links that exist between disparate IT systems. What’s needed, they say, is a system of management, to prevent these links working themselves into a spaghetti-like mess.

The problem isn’t a new one: APIs, or application programming interfaces, have long been a way for software developers to enable one system to ‘talk’ to another. Essentially, an API is a set of programming instructions for accessing a system, defining how other systems can communicate with it. Once an API is exposed by an application’s developers, other developers can use its specifications to link their applications to it.

What’s changed is that the uptake of

cloud technologies

has fuelled a rapid proliferation of APIs, according to a recent report from IT market research company



“Whether it is technology or service providers offering their functionality, or private companies giving access to some of their data according to different charging models, the number of APIs available publicly grows by the day. Their usage is multiplied by a growing population of mobile devices and computing platforms: Web, tablets, smartphones, TVs, video game consoles, cars and more, such as the

Internet of Things

,” explain Gartner analysts Paolo Malinverno, Daryl Plummer and Gordon van Huizen.

That calls for

API management

products (although Gartner prefers the term ‘application services governance’), which enable companies to better control the design, implementation, publication, operation, maintenance and retirement of APIs. Leading vendors in this market, according to the firm, include CA Technologies, which bought Layer 7 for API management in April 2013, and Intel, which announced its $180 million purchase of Mashery in the same month, along with


, Software AG, SOA Software and Axway.

The main purpose of API management is - as the name suggests - to keep control over APIs, and in particular, deal with version control and the consequences of change. If a developer changes an API on their app, there’s a knock-on effect for other applications that use that API to swap data. In other words, the link is broken.

But good API management isn’t just an integration issue; it’s also a security issue, says Luke Forsyth, vice president of security services in EMEA at CA Technologies. “There’s quite a lot of research that shows that a major reason for resistance to cloud technologies is security, but more specifically, API security,” he says.

“Many of the integration issues, while not being inconsequential, are a matter of transmission capability and processing capability - getting data from one place to another, in other words,” Forsyth explains.

“Once integration is achieved, it’s relatively straightforward. Where the security issue comes in is, once we’ve achieved all this marvellous interconnectivity between cloud systems, for example, how do we secure it and how do we stop it from being abused? And after all, the richer the integration, the more attractive it is as a target and the easier it is to abuse it, with potentially disastrous effects.”

Either way, Gartner expects demand for API management to be brisk as cloud uptake continues: its preliminary estimates indicated a market size of a modest $70 million in 2012, but a robust year-on-year growth rate of 40 percent throughout 2013.

“Governance, as a word, is in fashion,” say Gartner’s analysts. “To enforce


through everyday decisions, companies devise several policies that must be adhered to, and technology can help a lot here. Application services governance is about tracking and monitoring the artifacts in an service-oriented architecture or an API project, enforcing and ensuring compliance with the policies associated with the artifacts and measuring the outcomes related to their use.”