SOA runtime governance requirements are best specified in a declarative form that describes the metrics the runtime governance system must capture, the constraints the service network must satisfy and the actions that must be taken in order to insure the continued satisfaction of the runtime governance constraints. Such declarative specifications are usually simpler, easier to understand and easier to evolve than more procedural specifications. In this presentation we discuss an approach to SOA runtime governance in which governance requirements are specified as policies.
Policies support the governance of both the technical aspects of the service network and the logical business systems supported by the service network. Specific policies supporting common runtime governance tasks including:
• Performance, availability and security monitoring
• Service virtualization
• Service network reconfiguration
• Service level agreements and contracts
• Security management
• Distributed fault detection, diagnosis and correction
In addition to the specification of particular governance behaviour, a flexible mechanism is required to bind the policies to particular services and transactions supported by the service network. In addition, the biding mechanism must support dynamic reconfiguration of the policy binding in response to changes in the service network’s changing state and evolving configuration.
Finally, the specification of policy can be further simplified by defining policy types which are then specialized for use in specific situations.