The Application Layer
The top layer in our model refers to the application infrastructure. Applications are programs used to support business processes either directly, as in the case of a financial bookkeeping application, or indirectly, as in the case of a spooler program that manages the orderly printing of documents.
There are many ways to categorize application software that reference such criteria as
How the software is used: multiuser versus single user
Degree of customization: customized versus "vanilla" or "shrink wrapped"
Fit with the requirements of a specific industry: vertical software used by medical clinics versus horizontal software used across all industry segments
Degree of "integration": an integrated software suite versus a "point" product or standalone application
Application software may also be divided into functional groups:
Utility application software assists in coordinating or managing the operation of system processes or extends the operating system.
Communications software facilitates the connection to and use of communications "facilities" such as electronic bulletin board systems, email systems, the Internet, and so on.
Graphics software provides the means to draw pictures, create graphs and charts, develop electronic slide shows, capture and manipulate electronic photos, and so on.
Business application software enables, supports, or augments a business process.
Yet another classification method refers to "enterprise" application softwareproducts designed for companywide supply chain management (SCM), enterprise resource planning (ERP), customer relationship management (CRM), manufacturing resource planning (MRP), or decision support (data warehousing and data mining)to distinguish software of this type from less comprehensive application software packages.
Most of these taxonomies serve less to enlighten than to obfuscate, which is one reason why they are used extensively in the marketing literature of vendors. From a coding perspective, all applications are the same. They are all programs written in a programming language that is either compiled, then executed, or interpreted when executed, by a server.
Structurally applications may be quite different. Some applications are architected for use on a single server by a single user: Most PC-based applications are of this type. Some are designed for use by many users but reside on a single server host. Many database-driven products are of this type.
Application architecture may establish a "client-server" relationship in which the application itself is divided into discrete components that may be hosted on two or more distributed servers. In operation, these components send messages to one another across the network. Middleware may be used to facilitate this messaging. In such client-server applications, users access applications using a software "client" that may provide a user-friendly interface that conceals from them the complexity of the distributed application altogether.
The term "Web-enabled" has recently become connected with application software to describe software that, at a minimum, has been enabled to work with a Web browser application familiar to anyone who has used the Internet and World Wide Web. In connection with this description, the Web browser is frequently referred to as a "universal client."
The purpose here is not to teach how application software is designed, but to provide some insight into the ways that application selection or development influences the overall IT service. Application software provides the direct interface between the business user and the IT infrastructure overall. It also dictates to a large extent the requirementsincluding capacity, bandwidth, throughput, security, and quality of servicethat must be met by the network, server, and storage infrastructures. There is a time-honored dictum among systems developers that applications software should be selected (or designed) before platform design and acquisition commences.
The application layer must also be secured and managed. Application layer security consists of access and authentication routines, such as application-specific logins and user identifications (IDs), which are implemented to prevent unauthorized access to applications themselves.
In some cases, organizations elect to perform authentication checks at the network or system layer, then to grant authorized users with the necessary access to storage and applications automatically. For sensitive applications, the application itself may be designed to challenge the user for an additional proof of identity before granting access. In some cases, application layer security may control the time of day that a user can access the application, or it may rechallenge the user on a periodic basis for additional validation information. Permutations of these approaches are numerous and are dictated by the perceived sensitivity of the application and of the risk that its unauthorized use represents to the organization.
Application management is also a key infrastructure requirement. Applications are designed to initiate processes, perform instructions, and deliver results. From time to time, it is possible for a process to abend (to quit working), or to continue running after it was programmed to cease operation. Application-related errorswhether due to "bugs" in the program itself, or problems with the server hardware or operating system software, or network-based problemsneed to be identified quickly and rectified as proactively as possible to avoid both erroneous output and expensive downtime.
Figure 15 describes the functions of the application layer. It can be argued persuasively that the application infrastructure is what makes the other layers of IT purposeful. Application services are the heart of corporate IT, though they are impossible to provide without a sound and capable platform provided by the other layers.
Figure 15 Application infrastructure functions.