Service-Oriented Architecture


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Service-Oriented Architecture

  1. 1. 1105 Government Information Group Custom Report SOA Service-Oriented Architecture
  2. 2. 1105 Government Information Group Custom Report Architecture: A 12 Letter Word For Having A Plan Breaking down silos is a major objective of Service Oriented Architecture (SOA) He calls his office the Office of Horizontal Government. by The Federal CIO Council in collaboration with The Kshemendra Paul’s job title is Chief Architect at OMB. American Council for Technology and the Industry And he is leading the broad-based adoption and Advisory Council: advancement of Service Oriented Architecture (SOA) “SOA promises to help agencies rapidly reconfigure their capabilities throughout the federal government. business and more easily position IT resources to serve it. “I work in the Office of E-Government and Information Through it they will improve business agility – through the Technology, but most days I think of it as the Office of sharing and reuse of infrastructure, services, information, Horizontal Government,” said Paul during the recent Federal and solutions.” Executive Forum on SOA. The PGFSOA further states that SOA is a key component For Paul, a major challenge for government is moving of any Federal EA whose need will become increasingly from being a vertical organization – steeped in silos – to critical in the future. one that thinks and acts horizontally. And while “these benefits have been promised in past “We are organized by agencies, bureaus and programs. waves of IT innovation. This time, they are enabled by the Money is appropriated that way, people grew up that way. Getting people to think across boundaries and being able to SOA promises to help agencies rapidly work across boundaries is really the key challenge.” reconfigure their business and more easily While government has made horizontal progress, there is still much to be done to break down barriers and break position IT resources to serve it. Through it down silos. they will improve business agility – through “One of the things that we see is that we have to guard the sharing and reuse of infrastructure, against the siloing of management processes. We need to go from good intentions to societal impact; there’s a lot of services, information, and solutions. different management processes and many of those processes are overseen by OMB.” concurrent maturation of Internet-based IT standards Paul talks about things such as the strategic planning and best practices and the adoption of those interoperable activity, program performance analysis, architecture activity, standards as a common fabric by stakeholders – Citizens, capital planning and budgeting and program oversight. Government, Industry.” “We need to make sure that the outcomes at each step of those processes are linked to the next step. That’s how we Defining SOA move out of the compliance sort of architecture to the There are a number of things that must work together in results-oriented architecture, by making those linkages order for SOA to succeed. Just adopting service-based clear,” said Paul. technologies alone will not enable agencies to achieve the SOA is a key ingredient in government’s move to a benefits associated with SOA. results-oriented architecture. The PGFSOA defines a service as “The means by which the needs of a consumer are brought together with the What SOA Promises capabilities of a provider.” Service Oriented Architecture is not a new concept. A It employs an industry standard definition of SOA: service-oriented architecture is essentially a collection of “Service Oriented Architecture is a paradigm for organizing services. These services communicate with each other. The and utilizing distributed capabilities that may be under the communication can involve either simple data passing or control of different ownership domains.” it could involve two or more services coordinating some SOA has organizational, governance, business process, activity. Some means of connecting services to each other structural, and technical dimensions that must be managed is needed. and synchronized according to the PGFSOA. It was created According to the Practical Guide to Federal Service to help Federal chief architects and CIOs in “their efforts to Oriented Architecture (PGFSOA) published in June 2008 adopt SOA best practices to further their organization’s s2
  3. 3. 1105 Government Information Group Custom Report mission, meet increasingly demanding compliance clear on and we are communicating through our Practical requirements, introduce more agility into their architecture, Guide.” and optimize their IT architectures.” “You still have to do the hard work of understanding your business, being able to articulate it, getting in place across SOA Rationale the organization and being able to justify the investment,” By adopting and advancing the SOA capability said Paul. “Then you can say now I need to come up with a governmentwide according to the PGFSOA, the federal solution architecture; and SOA approaches are a good way government will enable: to go at that point; they represent the culmination of the best Improved government responsiveness: By employing practices.” services to establish a flexible architecture centered on business and technology capabilities, business processes can be more easily modified to meet business and mission SOA – Not Scary performance requirements. So, what does this all mean? When asked by 1105 Custom Simplified delivery of enhanced government services: Media during a 2007 interview, “what are three things you SOA and the “service” business model enable collaboration need to know about SOA”, noted SOA expert and consultant by simplifying access to services and streamlined value David Linthicum said: chains across organizational boundaries. “Number one is SOA is nothing scary, and it’s basically a More efficient government: SOA facilitates mutually different way of doing many of the things that we’ve been leveraged public and private sector investment; reuse of doing for the last 30 years. No need to panic. That’s the key capability; elimination of undesirable redundancies; and a thing. We have tried to get services reuse for a long time and more focused model for on-going IT recapitalization. agility for a long time and none of that has changed. We are Information sharing: SOA provides an effective and just doing that with a new set of technologies and a new efficient approach to implementing reusable data exchanges. approach. Transparency, security, and resilience: SOA is predicated Number two is success of SOA is directly linked with on a shared, standards-based infrastructure. This will enable good planning, design, and architecture. And then I would consolidation, simplification, and optimization of IT say SOA is something you do, not something you buy. That’s Infrastructure a key thing. The primary risk of SOA is when its application is not And number three is you need to justify the use of SOA effectively governed with purposeful intent – in other words, within the business context; that means calculate the short the business agility SOA promises cannot be achieved term and the long term return on the investment, considering through ad-hoc application of SOA technologies. both the concepts of agility and reuse.” “Business agility must be purposefully designed into each organization’s Enterprise Architecture, IT Governance, and IT Policy framework and implemented incrementally with each step tied to delivered business value. The Business Context Paul counseled that SOA is not just a “silver bullet” solution you can go out and buy. “It’s got unique characteristics and you don’t get the benefits of any of those business cases just by saying I’m going to go out and buy a SOA from my local vendor.” “It’s got to be in the context of a business project with a business sponsor,” explained Paul. “So SOA is a technique, but it helps you enable those benefits and realize those benefits and but in and of itself you don’t get those benefits by doing SOA. So that’s a really important idea that we are s3
  4. 4. 1105 Government Information Group Custom Report Establishing Common Ground The goal of the Practical Guide to Federal Service-Oriented Architecture is to provide government with a road map to implementing SOA. Systems should be designed, developed and integrated so that’s a rational for SOA, so that gives us some tools for that in essence they act as if they are one single information doing that,” Paul said. system. That’s a major objective of SOA – the sharing and Second is sharing information. “It’s a big, big driver. It’s reuse of services rather than building unique systems. There huge across the federal government and SOA is a best is no reason one system should not be able to link to another practices implementation framework to do that”, so that’s system through a service to share information. another rational for doing SOA.” “The Practical Guide for Federal Services Oriented Then there is sharing infrastructure. “We spend a lot of Architecture (PGFSOA) came out of a realization that SOA money across the government on infrastructure and there’s vocabulary, approaches, technologies, techniques are getting a real opportunity to share infrastructure because of the more mature,” said Kshemendra Paul’s Chief Architect at standards based approaches with SOA so that the computer OMB. infrastructures can be shared.” “But there are a lot of different approaches; there’s a lot of A great example of that in the private sector are Amazon hype in the marketplace and a lot of things that are unique and Google, where in their “cloud” they provide the ability and not unique about the federal government,” explained for developers to build and use storage and compute cycles Paul. on a pay-per-use basis, the so-called utility model for “We felt that it would be a useful service to the IT com- computing. “You enable with a SOA framework,” said Paul. munity across the federal space to try to put out a common vocabulary for how to think about SOA in the federal space; The PGFSOA has been developed to meet a reference that established a body of knowledge that repre- the unique challenges the federal IT sents best practices that are out there, whether they are in the community has to address. academic community or the technical standards community.” The PGFSOA has been developed to meet the unique “A fourth rational is to share acquisition power,” Paul challenges the federal IT community has to address. “One continued. “One of the pretty exciting ideas behind SOA is thing that is unique about the federal government is the you can enable a market place where you can actually buy degree of mandates that we have to work through in the specific services. You see this in the private sector where security space, the architecture space and so on,” noted Paul. there are so called mash-ups. There’s a whole ecosystem Paul also noted that the government built vertical IT around Google maps where they are building applications stovepipes in the past built to meet program needs perceived where they take data and mapping services and put those to be unique. “A lot of our challenges are more horizontal, together.” where we have to go across organizational boundaries, so While the Google model is advertising supported, the how do we make that work?” asks Paul. time has come where you can buy specific services such Those kinds of issues, which often come under the as mapping services, data analytic services, credit card heading of governance, are really what make SOA in the services, procurement and purchasing services and pay for federal space different. “So we wanted the PGFSOA to tell those on a per-service basis and so that’s the kind of idea the story in the way the chief architects around the federal that SOA helps you enable. government communicate to their program executives in “The last one is sharing technology practices,” Paul said. their departments and their CIOs and other stakeholders in “Again there is a rich body of best practices and standards the process.” that are open standards around SOA so there’s an opportunity there to look at how we build systems and Six Tenets how we manage the development process and the like. So Paul said the PGFSOA focuses on six areas. those are the five key drivers.” “The first is we all have the mandate across the federal The sixth are the mandates, the EA mandates, the security space to share business solutions. We need to make sure that mandates and again SOA gives you a way to be able to look when we build applications, whether it’s case management at those mandates and be able to address them effectively applications, whatever, that we are doing the best we can to according to Paul. share those solutions across organizational boundaries and s4
  5. 5. 1105 Government Information Group Custom Report Three Layers So what does this all look like? Paul said they are divided into three layers: service oriented infrastructure, service oriented architecture and service oriented enterprise. “In each of those layers we are putting out guidance again rooted in what we think is leading best practices and open standards.” Paul said. “Service oriented infrastructure is a classic formulation. It looks at things like enterprise services and basic types of coding standards.” “Service oriented architecture represents a style of how you decompose business requirements in the services,” explained Paul. “One of the classic areas in service oriented architecture is how you go from high level business services to fine grained services that you actually code to. So that process again is very much driven by what are your requirements. What are you trying to build? So that’s kind of service oriented architecture.” “Service oriented enterprise goes to a lot of the organizational transformation and governance issues,” noted Paul. “How do you work charge back models? How do you work service levels? How do you do cost accounting? How do you make sure you drive the road map for the require- ments in a way that all the stakeholders across the different organizational boundaries, their equities are represented?” According to Paul a lot of people talk about governance being the hot button inside of SOA. “But if we think about that as a service oriented enterprise. One of the observations is that to really realize a lot of the benefits; there’s a degree of organizational transformation that has to occur.” This goes back to the idea of what’s unique about the federal government and crossing organizational boundaries. People have to learn how to share across organizational boundaries. “You can’t take that as a given. That’s the thing that requires organizational change. It is a cultural change. So even though the technology enables it, it doesn’t mean that the organization is ready to implement it successfully.” s5
  6. 6. 1105 Government Information Group Custom Report SOA: Health Care Enabler SOA is at the heart of the health information exchange movement. Having the right patient information in the right hands at survivor has to go through multiple specialties and the right time does make a difference. The drive to electronic information is critical there. I need to make sure the health records and the seamless sharing of patient information information is all connected,” explained Sankaran. is on ongoing movement within the American healthcare “Think of a wounded soldier who comes back who needs, community. But it has not been easy, nor or we ready to who lacks cognitive skills. And who becomes the health declare victory. information exchange for all these people? How do you That’s why we should be cheering the efforts of dedicated make sure the information flows from different specialties professionals such as Vish Sankaran, the program director within the hospital? It is their families. So these are for Federal Health Architecture at HHS. challenges that we have in health care today,” Sankaran said. During a recent appearance on the Federal Executive Even though the benefits are obvious, Forum on SOA, Sankaran spoke about his role in Federal Health Architecture. “It is made up of over 20 federal major challenges exist to make health agencies. And the role here is to build tools and solutions information available online at the different for federal agencies, to have cross agency collaboration and stages of patient care. also to implement interoperable health information solutions across the federal government.” “We will never have a large data base holding all the That collaboration was demonstrated at HHS headquarters medical records of patients.” in Washington, DC in front of two cabinet level secretaries But we have to connect all these existing networks around on September 23. “I’m happy to report that we were able to the country said Sankaran. “We have made some great demonstrate live exchange of health data,” proclaimed strides towards agreeing on common principles on how you Sankaran. “These were tests with live data across the identify a patient across different systems.” country around 15 different health information exchanges. “The secretary of HHS will be releasing a privacy and That is something we can all be proud of. It’s a new chapter security framework by the end of this year, for health infor- in the ongoing effort to improve quality of health care for mation. Along with that we are also looking at the FISMA the citizens of this country.” and HIPPA kind of security controls that are required by the Sankaran is working within a SOA model to enable health federal agencies compared to the private sector,” Sankaran IT collaboration and firmly believes that the architecture continued. must be business driven. But questions remain. “How do you make sure there is “We have learned that the hard way with the Federal some kind of a baseline that all the agencies can agree upon Health Architecture Initiative, where it was initially focused when we start moving into this production world of moving on just architecture work,” explained Sankaran. health information?” queried Sankaran. “But over the years the way we have brought agencies together is by looking at the business priorities of these Down The Road agencies. Every agency has their own set of requirements Sankaran is confident that we are moving in the right that they need to meet and the mission goals that they need direction and a few years down the road, we are going to be to meet. What we did is look at the business drivers and then able to point back and say that came from this. try to use architecture to achieve that particular goal and “Think of a world where it’s more of a consumer centric build solutions along with it.” health care system; where we have control of our health and How do you build a SOA for this kind of activity? “It was we know where we can get the best services at a cheaper very interesting when we started but as we started looking at cost and a higher quality,” he pondered. business priorities and giving more emphasis on business Sankaran is optimistic because he sees a lot more needs, and then using architecture to support it, there was a collaboration going on right now, because now agencies lot more buy in from the agencies,” Sankaran noted. are focusing more on the citizens’ needs. “Because if you take a wounded soldier, it doesn’t stop Exchanging Private Information with the DOD,” said Sankaran. “From DOD it moves over to “We walk into hospital and we all have to fill out those 8 VA and then there are interactions with Social Security, and or 9 page clipboards. Or someone like me who is a cancer interactions with CMS.” s6
  7. 7. 1105 Government Information Group Custom Report SOA: Evolving Challenges SOA faces a number of challenges as it moves from conceptual guidelines to practical mainstream use. Understanding leads to implementation. Understanding can be reused? Who has control over that service? Who has SOA however has not been easy. It is shared services? Is it the rights and access to that service?” software reuse? Does it mean I lose control of my system? It’s not easy for executives to give up the control over Implementing SOA is filled with challenges. resources they deem important to the success of their Understanding the relationship between EA and SOA and mission. It’s hard for them to say “I’m going to have to trust then using both of those to improve mission performance is an external organization that’s going to provision a service, a real challenge according to Scott Bernard, Deputy CIO at and manage to a service level, as opposed to managing the Federal Railroad Administration during the Federal directly people and other resources. Executive Forum on SOA. “SOA is a good way to integrate the business data and SOA is a good way to integrate the business application levels into that enterprise wide architecture. And data and application levels into that enterprise there are a lot of mature best practices now on how to do wide architecture. And there are a lot of SOA within the context of EA,” explained Bernard. “The other challenge is getting executives to be involved with the mature best practices now on how to do SOA architecture and to support it and understand the value of the within the context of EA. SOA effort within the EA context.” Kshemendra Paul, Chief Architect at OMB agrees. “A lot of the time as you are moving towards SOA is “Looking at it from the OMB perspective, we see really spent on some of those organizational issues, some things across government as well as across all the different of those definitional issues,” added Muzilla. management processes,” declared Paul. “We want to break But when you do a shift to SOA you can end up having down the barriers and break down the silos.” individual business units that end up provisioning a shared Paul warns that we need to guard against siloing of service that become a center of excellence or a shared management processes in areas such as the strategic service center because they deliver a particular service at planning activity, the program performance analysis, the a high quality. architecture activity, the capital planning, the budgeting, As a result they essentially become an IT support program oversight and year over year sort of analysis. organization and they have to learn to behave that way, “We need to make sure that the outcomes at each step of develop the customer service, guarantee a particular those processes are linked to the next step. That’s how we service level and that doesn’t come automatically. It move out of the compliance sort of architecture to the results requires training; it requires a governance framework that oriented architecture, by making those linkages clear,” requires appropriate policies and incentives to help manage counseled Paul. that cultural shift. Partners In Progress SOA is not a government only activity. To make it work takes solutions from the private sector. One of those companies involved in making SOA work is Red Hat. According to Craig Muzilla, VP of Red Hat’s Middleware Business Unit, some of the challenges from an industry side deal with the evolution of the technology that is working to catch up with some of the government’s real-life needs. “Things like security and some of the standards associated with SOA are still evolving,” said Muzilla. “But some of the biggest challenges are within the organizations that use SOA. For instance what granularity of service, how do you define the service? Is it really defined in such a manner that s7
  8. 8. 1105 Government Information Group Custom Report Governing Principles Governance is the key ingredient of the Practical Guide to Federal Service Oriented Architecture. As with any horizontal movement, getting consensus from Framework and be able to pull down shared architectures, the many stakeholders is never easy. solutions, services, information. And the vision we have for “We work very strongly with the CIO Council and we the FTF is really to become a market place for – at planning look to them to help us with governance related issues, time – matching demand and supply for IT services and particularly the Architecture & Infrastructure Committee,” solutions. So it’s an important idea.” said Kshemendra Paul, Chief Architect at OMB during the recent Federal Executive Forum on SOA. Reviewing The Portfolio The committee just published in The Practical Guide to At the Federal Railroad Administration (FRA), they are in Federal Service Oriented Architecture (PGFSOA) in their 6th year of a capital planning process that includes EA, partnership with the American Council for Technology and program management, work force management and cyber the Industry Advisory Council. security according to Scott Bernard, Deputy CIO. You can find it on the E-Gov web site said Paul. “We tried to identify what was unique about employing SOA in the The vision we have for the Federal Transition federal space along with the governance issues and things Framework is really to become a market place like that.” for matching demand and supply for IT Feds Are Unique services and solutions According to Craig Muzilla, VP Middleware Business Unit at Red Hat, part of what is unique about the Federal “The most important annual activities in agencies are the space are the up-front time in planning and setting an budget process and the capital planning process; and then administrative and planning process where new services reviewing our portfolio of investments in IT,” said Bernard. can be introduced. Bernard said the FRA has quarterly planning meetings in “I think there’s also some technology that can play a large which executive leadership takes part. “We use them as an role here,” said Muzilla. “When you look at governance in opportunity to ask the essential questions on the business SOA, you can look at it in two ways --design & build time and the technology side related to enterprise architecture.” and run time. And when you are looking at design and build “We start with the requirement solution fit, and then time, I think you need to have technology and processes that we talk about standards, and then we talk about earned address things like change management.” value management, cost and schedule, performance control A service is defined, but now there are always going to be and then we finish with risk management and security changes said Muzilla. “So how do you implement those solutions,” Bernard explained. changes? How do you map those dependencies? Do you “I think that leadership and program managers really know all the things that it ties to?” appreciate that it’s a mature process, that they know when “Some technology can help in that area,” explained things are going to happen, and they know that the oversight Muzilla. “On the run time side, you look at things like is really multifaceted and they are prepared for that and it’s service levels. So there’s a service level agreement, but really helped us to manage our investments and leverage our maybe one set of users has certain level of service that’s resources to the maximum level possible.” provided, and another set of users has another service level. So technology can play a role in the governance of the architecture.” Paul added there is one other factor to be considered in the federal space. “We also have to be concerned with plan time. We have long planning cycles and budgeting cycles. Paul highlighted the role of the Federal Transition Framework especially around looking at opportunities for collaboration. “Not to reinvent but to look at the Federal Transition s8