Welcome!

Java IoT Authors: Carmen Gonzalez, Liz McMillan, Pat Romanski, Jnan Dash, Elizabeth White

Related Topics: Microservices Expo, Java IoT

Microservices Expo: Article

The Right End of REST

REST is all about distributed hypermedia applications. They’re the point of REST.

One of our Licensed ZapThink Architects, Michael Poulin, struggled with our recent ZapFlash, Where is the SOA in REST-Based SOA? In a forum post, Poulin asked:

If we have a UI that works with the middle- and back-end resources, do we care if … REST or Web Services are used behind the UI? If [the] UI all of a sudden becomes the orchestrator on its own (which contradicts the essence of Service with interfaces where one of [them is the] UI), how [may the] UI journey/workflow … be attributed to the communication channels - REST calls - running behind it? What constitute[s] “A REST application” … and how [does it differ] from non-REST application[s], especially from the architecture perspective? Where [is] the Architecture and where [is] the architecture Implementation?

Poulin is not alone in his confusion. The topic of REST is a minefield: it seems that most people don't understand it, even when they write authoritatively on the subject. And the true authoritative source, Dr. Roy Fielding, speaks in the precise yet obscure prose of an academic, often sowing as much confusion as he does clarity. And yet, the answers lie in Fielding's explanations, even though studying them feels a bit like sitting at the feet of the Buddha, hoping for enlightenment.

Unraveling REST
Let's begin with Wikipedia, a source Fielding bemoans as being a poor substitute for truth. Be that as it may, it's an expedient starting point. Wikipedia defines REST as "a style of software architecture for distributed hypermedia systems such as the World Wide Web." I always thought this definition was rather silly: after all, how many distributed hypermedia systems can you think of other than the Web? But in fact, this definition leads us to the answers to both of Poulin's core questions: first, what constitutes a REST application, and second, where is the architecture and where is its implementation?

Of course, Fielding's precise definition of REST differs from the Wikipedia simplification. According to Fielding, "the Representational State Transfer (REST) style is an abstraction of the architectural elements within a distributed hypermedia system." And therein lies the key to Poulin's second question: REST is an abstraction.

Of course, abstractions are nothing new-they are the basic tool of any architect, and a topic ZapThink has spoken about numerous times. But most people don't quite grok just how abstract REST is. For example, do you think that REST is HTTP-specific? No, it's not. It deals with abstracted hypertext protocols, of which HTTP is the most familiar. Does REST call for uniform interfaces consisting of GET, POST, PUT, and DELETE operations? No again. Those are examples of uniform interface operations, but REST itself doesn't specify them, other than an abstracted GET operation. And of course, resources are abstractions of server capabilities or entities, not the capabilities or entities themselves, while representations are abstractions of media type instances, not the instances themselves. Even the terms "client" and "server" are abstractions: a REST client may actually run on a physical server, and a REST server may serve as a client. In fact, there's nothing "client/server" about REST.

So when Wikipedia uses the phrase "a style of software architecture for distributed hypermedia systems such as the World Wide Web," it's pointing out that REST applies constraints to abstracted distributed hypermedia systems, of which the Web is only the most familiar example.

Confused yet? You're not alone, and that's the point. Architects look at the level of abstraction behind REST and wonder, "how can this mess be useful?" while developers look at it and think, "OK whatever, let's build a RESTful API and go from there." At that point, the architects take off their architect hats and dive into the technical details alongside the coders. The result? A lot of noise and confusion, ostensible RESTful APIs that are not really RESTful at all, and the mistaken belief that you can comply with some of the REST architectural constraints but not all of them, and still be doing some kind of REST.

And that brings us to Poulin's first question: what is a REST application anyway?

REST Applications: More than Bricks & Mortar
A REST application is a distributed hypermedia application, of course - something you apply a distributed hypermedia system to in order to accomplish some goal. Easy to say, but deceptively difficult to understand, until you realize that REST is all about distributed hypermedia applications. They're the point of REST. If you think you're "doing" REST without the goal of building a distributed hypermedia application, you're missing the point of REST entirely.

Unfortunately, most people who are trying to do REST, simply put, are missing the point of REST entirely!

It's as though we're trying to build a brick building, so we hire an architect who comes up with plans for a brick building. But we look at the plans and we don't really understand them, but we know we want to build with bricks, so we spend all our time figuring out the best way to mix mortar. Once we've come up with really good mortar, we convince ourselves we know how to build the building, even though we still don't understand the plan.

That's the state of REST today. People look at REST's four architectural constraints, and say, hmm, I don't understand the fourth one - Hypermedia as the Engine of Application State (HATEOAS). But I think I can figure out the bits about resources and representations. What they're failing to realize is the hypermedia bit is the point of what they're doing, just as actually building the building according to plan is the point of the mortar.

The mortar-first approach to REST has been institutionalized in the form of the Richardson Maturity Model, which suggests that HATEOAS is at the highest level of maturity, and it's perfectly fine to start at the lower levels and work your way up. In other words, it's fine to start construction once you have good mortar; you'll figure out the plan eventually. Clearly, that's no way to build a house!

The Right End of REST
What is it about HATEOAS that's so difficult? State engines? Computer Science 101, puhleeze. Hypermedia? Not really that confusing, either. After all, hypertext is just a document with links in it to other documents, and by generalizing hypertext to the term hypermedia, we're simply allowing for media other than HTML documents and the like. After all, a video or sound file could have a link in it, right? So, where's the confusion?

The confusion lies in the second letter A - application. As in distributed hypermedia application. The point of REST, remember? The architectural starting point for any implementation that REST constraints are appropriate for is the design of the hypermedia application that meets the given business requirements. If you look at the business requirements, and your expertise as an architect tells you that a distributed hypermedia application isn't the right thing to build, then don't use REST.

On the other hand, a distributed hypermedia application might be just the ticket. The next question you should ask is: how dynamic should this application be? In other words, what agility does the business require? Put the analysis that provides the answer to that question in your Agility Model. Then let the Agility Model - not the Richardson Maturity Model - guide your design.

RESTful Agility Levels
To illustrate the agility levels for distributed hypermedia applications that should frame your Agility Model, let's work through some concrete examples. As you go through these levels, compare them to the Richardson model.

Level 1: Static hypermedia application, consisting of a set of static Web pages containing nothing but HTML, interconnected by links. Not particularly agile. Is it REST? Yes, but in a very simplistic way. Does it meet your requirements? Probably not. (Level 1 is good enough for our ZapFlashes, however, in case you hadn't noticed.)

Level 2: Hypermedia application consisting of static Web pages that contain HTML and client-side JavaScript (no funky Ajax or the like). Pages link to each other, and the links may be dynamic, based upon client-side logic in the JavaScript.

Level 3: Hypermedia application consisting of dynamic Web pages built on the fly on the Web server, using php or Java Server Pages or whatever server scripting environment floats your boat. Pages link to each other, but the links may be dynamic, based upon server-side logic.

Level 4: Hypermedia application consisting of a set of dynamic representations that conform to a variety of media types (HTML documents, XML documents, images, video, you name it), where those representations have links to other representations, and furthermore, the links may be dynamic, based upon client-side or server-side logic or both, as appropriate.

Once you have determined the agility requirements for your application, now you may think about how best to implement its components - the hyperlinked representations. Answering that question finally leads you to a consideration of the resources that generate those representations. But you don't start with the resources, you start with the hypermedia application. You finish with the resources.

The ZapThink Take
The examples in the agility levels above are just that: examples. Particular implementation decisions that may be appropriate for a given situation. The architecture, however, is the overall, best practice-driven approach for beginning with the business challenge and working through the levels of abstraction to come up with a working implementation at the end. As an architectural style, REST is simply a set of constraints on the architecture: one way of doing things that makes it easier to solve certain problems. The architect must decide whether REST or any other style is appropriate for the problem at hand, but if you choose REST, then you must begin with the distributed hypermedia application you wish to build.

Hopefully I've answered Poulin's questions (I'm sure he'll let us know if I haven't). But there's still a part of his post left to address. If you read to the end, you'll see he wonders what happened to ZapThink. Well, Michael, we're a part of a larger company now, to be sure, but I'm still here, and I continue to do my best to push the envelope of architectural understanding. That's why we continue to update our Licensed ZapThink Architect course, which is now at version 9, and includes expanded content on REST-Based SOA, as you might expect. We hope to see you in a future class - and if you're in the Washington DC area, please come to our ZapForum networking event on October 12th and meet the "new" ZapThink. RSVP to [email protected] if you'd like to join us!

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

@ThingsExpo Stories
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2017 New York. The 20th Cloud Expo and 7th @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Internet to enable us all to im...
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, will share examples from a wide range of industries – includin...
"We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Internet of @ThingsExpo has announced today that Chris Matthieu has been named tech chair of Internet of @ThingsExpo 2017 New York The 7th Internet of @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, New York. Chris Matthieu is the co-founder and CTO of Octoblu, a revolutionary real-time IoT platform recently acquired by Citrix. Octoblu connects things, systems, people and clouds to a global mesh network allowing users to automate and control design flo...
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.
With 15% of enterprises adopting a hybrid IT strategy, you need to set a plan to integrate hybrid cloud throughout your infrastructure. In his session at 18th Cloud Expo, Steven Dreher, Director of Solutions Architecture at Green House Data, discussed how to plan for shifting resource requirements, overcome challenges, and implement hybrid IT alongside your existing data center assets. Highlights included anticipating workload, cost and resource calculations, integrating services on both sides...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web co...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
"Once customers get a year into their IoT deployments, they start to realize that they may have been shortsighted in the ways they built out their deployment and the key thing I see a lot of people looking at is - how can I take equipment data, pull it back in an IoT solution and show it in a dashboard," stated Dave McCarthy, Director of Products at Bsquare Corporation, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...