Service-Oriented Architecture Rationalization (SOAR)


Published on

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Service-Oriented Architecture Rationalization (SOAR)

  1. 1. SOA Symposium October 22, 2009 Tony Shan Enterprise Architect/Adjunct Professor Keane Inc USA
  2. 2. Agenda  Speaker’s Background  SOA Proliferation  Reality Check  Architecture Challenges and Barriers  Pragmatic Framework  Framework Components  Inner Ring  Middle Ring  Outer Ring  Summary  Final Thoughts  Q&A 2
  3. 3. SOA ecosystem The Open Group OASIS • Service-Oriented Architecture • SOA is a paradigm for (SOA) is an architectural style organizing and utilizing that supports service distributed capabilities that orientation, which is a way of may be under the control of thinking in terms of services different ownership domains. It and service-based development provides a uniform means to and the outcomes of services. offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations. 3
  4. 4. Reality Check 56% of executives at 32% of those using SOA companies deploying said those projects fell Only 37% of 106 SOA admit that at least short of expectations organizations surveyed half of the code or (2007 InformationWeek actually were realizing artifacts developed survey of 278 IT pros) ROI from their under their roofs are not • 58% said their SOA projects investments in SOA reviewed for compliance introduced more technology and before moving into complexity into their IT programming. (Nucleus environments. production. (SOA Forum • 30% said they cost more Research 2007 Report) 2007) than expected. 4
  5. 5. Real-world Architecture Page 1 of 2 Complexity 5
  6. 6. Barriers to Successful SOA Product lock-in with Initiatives solely led Home-grown no or limited and driven by techies reference models interoperability Ad-hoc governance Inability to quantify Insufficient semantics (dictatorship or ROI/TCO and in service composition anarchy) improper-sizing Disconnection Project-centric between traditional Gap between logical execution without education and real- architecture and reuse/sharing world SOA infrastructure disciplines implementation needs Lack of well-defined Absence of holistic Immature service models roadmaps with specifications and (business and specificity standardization technical) 6
  7. 7. In Search for a Methodical Approach We can't solve problems by using the same kind of thinking we used when we created them. [Albert Einstein] Conquering Complexity – one of five “deliberately monumental" research challenges, each requiring "at Tomorrow’s computing least a decade of concentrated systems cannot be built using research in order to make methods of today. [Computing substantive progress”. [“Grand IT Research Association (CRA) Research Challenges” report supported report] by NSF] 7
  8. 8. Pragmatic Framework Reusable Enterprise System Platform & Extensible Component Technology Hybrid Enablement, Aggregation, Realization, &  Inner Ring: key Transformation principles and Ente Realig tenets Met ng hod i New and Emerging Technologies tect gineer rpri X- ram d a ss ap e F s a n ce rd pl wo se A ment ing ic St ro & A ices En at rk P Design Accelerator io Service-Oriented rchi n n rchi  Middle Ring: core tect SOAR Se r v Framework e ur methods and Ar b st ch ra er o A g ne li in ite cti gi rtfo models ct o n En Po ur D i Se r ns e sc vic r te ov e P at er Ide y, try an ntifi us d ca d En tio In &  Outer Ring: best se n, e m bl r vic e Se practices and disciplines Stack of Standards 8
  9. 9. Principles and Tenets Inner Ring Architecture abstraction: Process standard: effective model-driven enforceable governance mechanism to simplify the process to measure and architecture complexity, to monitor the IT development reduce the total cost of efforts, to assure the ownership (TCO) of IT compliance of policies, solutions. standards and regulations. Portfolio engineering: Cross-application software/service engineering framework: common discipline to generalize and foundation for sustainable optimize the technical application development architecture and practices and runtime methodology, to better equip environment infrastructure, to IT assets with flexibility and expedite the delivery and agility in alignment with the improve the quality of business domain models. services. 9
  10. 10. Core Methods Hybrid Methodology • A combination of the top-down and and Models Middle Ring bottom-up designs not only provides the forward-thinking direction, but also leverages the existing IT investments to the maximum extent. Enterprise Services Engineering & Architecture Architecting Method Realignment • Service • A multi-level identification, architecture model analysis, design, effectively copes with development, the architecture composition, complexity in diverse operations, IT solutions across rationalization, the lines of business management and in a large sunset Middle Ring organization. Service Identification, Discovery, Ensemble Service and Industry • The logical service Patterns model is built across • Systems/applications the lines of business are categorized into and channels based specific groups for on the service efficient portfolio patterns identified, management and following the Hybrid cross-application Methodology reusability. defined. 10
  11. 11. Hybrid Methodology Middle Ring Business Operations Model n d ow p- To Business Process Model Platform-independent Technical Model Platform-specific Technical Model Interaction Collaborative Process on Portal & siti er po y Mashup Computing Choreography C om n La vice natio Ser ordi Service Service Co Aggregation Orchestration & New Service Service Service Service Service Service Service Consolidated Screen Mediator Decomposed Wrapper Scraping up m- tto Existing Existing Existing Existing Existing Existing Bo App App App App App App 11
  12. 12. Enterprise Architecture Middle Ring Realignment Model - High-level enterprise-wide business and technical model 1 Enterprise Business & Technical - Operation policy and Governance - Corporate standards & Strategy Architecture - Network, data center, IT security, infrastructure assets, inventory - Implementation: service patterns - Channel-independent functionality - LOB-neutral business services - Technical capabilities 2 - Current and target state Cross Channel/LOB Architecture - Roadmap - Implementation: enterprise service model - Domain-specific architecture - Common foundation 3 Reusable Enterprise System Platform & - Address >80% system concerns - Quality of services Extensible Component Technology - Best practices - Implementation: domain-specific (RESPECT) model Auto Online - Application-specific architecture Online Kana/ PFM/ Push Profile Enroll/ ODPS Banking/ Billpay ECCS OFX - Business functionality ICCA ICID - Business logic realization 4 - Implementation: systems/ application architecture 12
  13. 13. Service & Industry Patterns Pattern Description Characteristics Exemplary Solution Implementation Commonality P2B Self- enable users to use the business - Onboarding - Auto Enrollment - Self-service Service functionalities via the graphical - Enrollment process - Online Deposit Products Services - User interface user interfaces of a thin client - E-sign - Yodlee service registration - Predominantly web-based (web browsers), thick client - E-disclosure - Alerts subscription - Rich Internet Application (Ajax- (typically Windows GUI - Profile management - MyProfile driven) applications), and rich client - Customer management - Online Banking and Billpay - Web app frameworks (rich Internet applications) as - Alerts via email, pager, & cell - Internet Check Card Activation - Transactions well as other pervasive platforms phone - Prepaid Debit Card - Statefulness like personal digital assistants - External services - Personal Financial Manager - Volume (PDA) and mobile devices such - Subscription/Shopping cart (PFM): Money & Quicken - Real-time response as cell phones - Billing - Device profiles P2P enable users to communicate - Email collaboration - Kana - User-centric Collaboration with other people in an online - Secure message box - Secure - Social computing community or customer services - Online chat, conferencing - Alerts - Web 2.0, e.g. Wiki representatives electronically - Agent assistance - ServiceProfile P2D Data enable users to access product - View e-statements - Internet Check Image Delivery - Data-centric Aggregation information, service details, - Aggregation for service - ServiceProfile - Largely read-only access directory, contents of interest, agents - Reporting - Analytics and info aggregation and data summary - Centralized reporting services B2B enable business partners to - B2B single sign-on solution - Yodlee seamless router - Partnering Enterprise collaboratively provide services - Supply chain integration for - Check Reorder (Harland) - Federated auth and auz mgmt with seamless navigations product/service orders - Onestop shopping - Seamless integration between sites - B2B partnership - Credit card (MBNA) - rebranding Front-end enable the integration of front - Homepage for online services - Online Services Homepage - Portal and content aggregation Access ends of servicing applications, - Single sign-on - SSO - Customization and personalization Integration typically at the web server tier - Portal for customization and - Service representatives portals - Business process automation personalization (ServiceProfile) - One-time login - Mashups - PFM Back-end enable inter-system integrations - Synchronous HTTP - MyProfile Web - Service-oriented Application and synchronizations - Asynchronous message - Protocol Translation Server - Scalability and availability Integration queues - Push Messaging & message queue - Interoperability - Mainframe access - Kana - Legacy system modernization - Multi-channel adapter design - DocCentral - Integration - Web Services - Cimphony/Tibo/Integration Hub - Packaged suites 13
  14. 14. Service Identification, Middle Ring Discovery, & Ensemble Service mining Enterprise Technical Infrastructure Domain-specific Channel Services and repository Service Assets Services Services Services • Classification • Core business • Cross-channel • Basic technical • Operations • Shared services • Taxonomy services core services services • Security • Atomic services •Reuse rate •Specialized •Cross-channel •Advanced •Management •Composite • Dependency business services common technical • Quality services chain • Common services services • Service • Naming business services • Channel-specific orchestration convention services • Service access • Versioning • Granularity •Registry • Publishing 14
  15. 15. Financial Service Model Middle Ring Access Points Email/Pager/ Intranet Blackberry/ Branch Internet VRU ATM Wireless Browser/ Ubiquitous Platform Browser/PFM Telephony Kiosk phone/Voice Rich Client Devices/PDA Teller Basic Technical Channel-specific Services Service Infrastructure Services Availability Internet Agent VRU ATM Branch Partner Authentication Throttling Channel Access Call Center Processing Platform Access Authorization Load balancing Logging Failover Component Content-based monitoring Cross Channel Common Services routing Metrics gathering Customer Profile Ledger inquiry Contextual routing Service Check image Credential recovery/reset Service stabilization management eStatements Bill payment Closed loop control Application Check Reorder Brokerage Operations management Cross Channel Core Services Auditing ID management Basic access services Service aggregator Monitoring QoS Composite access services Service transformation Alerting Persistence Provisioning Advanced Technical Metering Services Reporting Common Business Services Workflow Root cause Rationalized products parity Advanced Business Services Process analysis ATM locator Transactional services orchestration Funds transfer Account opening Security Grid computing Institutional business rules Account transactions Attack prevention Caching Virtualization Denial of service Integration Core Business Services Customer Relationship Services mitigation Secure Banking Customer management Content inspection communication Payment processing Contact management Policy management Self-hearing Card processing Campaign management Privacy protection Performance Tamper proofing optimization Nonrepudiation Lines of Business Session Versioning management Capacity planning Duplicate requests Retail Commercial Securities Wealth Investment Impact analysis Fraud detection Tailoring 15
  16. 16. Domain-Specific Model Middle Ring Service-Oriented Architecture for Internet Channel Designed by Tony Shan Customer /Prospective Customer /User Non-authenticated Space Authenticated Space Convergence Client Banking Service Center SSO Online Service (Log-in App via Homepage PAPI) (OSH) Unified Universal Unified Internet Unified Enrollment Subscription Banking Message Center Management eDisclosure Service Center Center Center Center POP3/IMAP Servers Electronic Web-based Internet Check Account Online Alerts Online Internet Check address, Money InBox (Secure Card Activation Opening Services Enroll (Push Banking/ Online BillPay Image Delivery PFM newsletter Movement Message (ICCA) (ODPS) (Auto Enroll) Messaging) eStatement (ICID) (MyProfile) Center) WAP Message Fax Profile Data Service-oriented Gateway Delivery Service Gateway Services Integration Server (Push Alert Svc) (eProfile) WDA Message WDA Message ServiceProfile Service Service-oriented Archive (Kana) Management Voice Media Email (orchestration, Gateway Gateway Retail Wholesale metering/acct) Service Reporting Customer Pervasive Universal Enterprise Online Service Communication Center Service Portal Interaction Authorization Reporting Service Directory Service (event, queuing, Service 16 distributed log) PSR
  17. 17. Services Engineering and Middle Ring Architecting Method Portfolio Assessment Service Analysis Service Modeling Service Realization Service Assembly Service Management • Business vision and goals • Business use cases • Enterprise common • Technology and products • Enterprise integration strategy • Service categorization scheme • Existing application portfolio • Applications suitable for service information model decision framework • Integration patterns • Service governance model inventory mining • Industry vertical services, • Service realization decision • Industry model (OGSA) • Service addition policies • Business strategy/architecture • Business trust requirement process, information model framework • Messaging methods • Service change policies (e.g. IFW, IFX, ACORD, Inputs • Technical issues • Business rules • Services’ level of reuse • Middleware strategy • Service maintenance process ebXML, OAGIS, NGOSS, • WS-* • User experience requirements • Business policies • Data source • Auditing procedures SCOR) • Nonfunctional requirements • Enterprise taxonomy • Application patterns • Enterprise resources • Event management • Composite patterns • Stakeholders’ preferences • Business patterns • Industry model (SCA, SDO) • Security policies • SDLC • Service patterns • Constraints and assumptions • Service meta-model • Tools • Integration testing standards • Asset inventory • Service reference model • CMDB • Wrap existing functionality • Service agreement • Project management • Business assessment • Domain decomposition • Interaction integration • Risk assessment • Service encapsulation • Legacy reengineering • Business process modeling • Business services identification • Portal integration • Risk mitigation • Service contract • Build new services • Technical assessment • Map application capabilities to • Process integration • Service ownership • Service data model • Componentization Activities • Application asset mining services • Data integration • Service versioning • Service usage interface • Identify/select architectural • Applications portfolio • Impedance • Information integration • Service rollout • Service usage policy patterns evaluation rationalization/consolidation • Service composition • Select technology • Foundation services • Impact analysis • Process-to-capability mapping • Define service granularity • Service input/output/pre- • Choose products • Service mediation • Service agreement • Capability-to-application • Classify services (conversation, financial terms, conditions/Effects (IOPE) • Perform proof-of-technology • Service chaining mapping • Service matching performance, delivery, • Service attributes • Define service deployment • Gap analysis • Rationalize services exception management) • Service metadata model • Recommendations formulation • Consolidate services • Capacity • Service-to-component mapping • Service transaction • Solution blueprinting • Service virtualization • Service reliability • Service specification • Service choreography • Current business architecture • Business services • Service continuity plan • Service NFRs • Service realization rationale • Service orchestration • Business issues and NFRs • Application services • Application retirement plan • Service descriptions • Service realization decisions • Service composition • Current technical architecture • Choreography/Orchestration • Service dependency matrix • Service hosting • Service interoperability Artifacts • Service flow specification • Application portfolio metadata • Composition • Service monitoring • Service registration • Service location • Service infrastructure • Root cause of technical pain • Atomic services • Service provisioning • WSDL • Service security • Integration bus points • Shared services • Service metering • Service semantics • Service quality • Data grid • Process-to-capability mapping • Domain services • Service configuration matrix • Component specification • Service publication • Data fabric • Portfolio/Channel services • Resource requirements and • Capability-to-application • Message and event • EII solution • Infrastructure services availability estimates mapping matrix specification • SOA fabric • Utility services • Standards • Target business architecture • SaaS • Best practice guidelines • Business and technology implications 17
  18. 18. Best Practices & Disciplines Outer Ring Service-Oriented Design Accelerator • A set of step-by-step recipes, in the form of templates, checklists, cheat sheets, and reference cards, for expedited development of SOA solutions in a cookbook style. Reusable Enterprise System Stack of Standards Platform & Extensible • SOA Standards Stack to logically Component Technology categorize relevant specifications (RESPECT) • Model-driven Architecting Practices • Reference implementation model addressing the common design considerations and concerns New and Emerging Technologies • Web X.0 • Cloud Computing 18
  19. 19. WEBM Services Nagios XMOJO DMTF CIM JMX/SNMP Operational Management OpenSSL OpenSSH Jacksum OpenSAML Enhydra Oyster Security LAMP JBoss App Server Tomcat Xen Grid Engine, Globus Hosting Environment Accelerator Ac W Se Je tiv rv S- ts De Ax r p eB ice is BP by ee M d PE EL ix L R O Li ES pe jU jB M n fe T, ul ra DD e PM I y Aj CM a S x e O p bX Su Ac M en JO Dr L gr tiv -X o a e SS ol ch Re M s CR a O g Q M ist ng e ry O Sw M Ya Business Process Layer pe ee le on Sh Composite Services Layer SC Access & Interaction Layer a nJ dr tR Enterprise Resources Layer A rk u CA ia M n Services & Components Layer le S S s Integration/Communications Layer O pe Nx W Ja Ac n SD W ek BR eg O i a E E ES B Service-Oriented Design WebWork, Struts, JSF, Tapestry, DWR, Echo2, RIFE, Seam Keel Spring Beehive Wicket JSON-RPC, Dojo Reference Model of Solutions Architecture for N-Tier Applications Application & Service Frameworks AspectJ, Spring, Microsoft Enterprise Microsoft GoF design patterns Java EE patterns JBoss AOP Library Application Blocks Crosscutting Aspects & Patterns CVS, Subversion, JUnit, NUnit, Cruise ArgoUML, StarUML Eclipse, Netbeans Ant, Maven Bugzilla, FxCop Control Designed by Tony Shan Modeling & Development Tools Outer Ring 19
  20. 20. Application Framework Reference Card 20
  21. 21. Stack of Standards Outer Ring Management WS-Policy WS-Management WS-PolicyAttachment WSDM WS-SecurityPolicy WS-Provisioning WS-Manageability WSDM Presentation Interoperability Security WS-Security XForms WS-I Basic Profile WSRP WS- MXML WS-I Basic Security XUL SecureConversation Ajax Profile XAML WS-Federation WS-I Reliable Secure XBL SAML Profile Liberty Alliance IDFF Governance WS-Trust Interoperability XKMS Framework (GIF) XACML Process Reusable Asset XrML Specification (RAS) WS-Choreography WSCI EPAL DMTF CIM BPMN CDL4WS BPDM BMM BPML/BPQL UML Transaction XPDL OAGIS Resources WS-Coordination WSRF WS-Business Activity WSRF- WS-Atomic Transaction ResourceProperties WS-Context Composition/Orchestration/Construction WSRF- WS-CF ResourceLifetime WS-TXM BPEL JAX-WS WSRF-ServiceGroup WS-TX WS-CAF SAAJ WSRF-BasicFaults WSE SCA WS-Transfer WCF Axis RRSHB WS-Enumeration Semantics RDF WSDL-S SA-WSDL, SA-REST Messaging QoS OWL-S, RDF/S SWSO, WSMO SOAP SwA WS- SWSL, WSML REST WS-I Attachment Profile ReliableMessenging SOA-S, FEARMO, JSON XML Security: XML Encryption, XML Signature WS-Reliability ODM WS-RX Foundation XML Processing Description Discovery Communications and Events DOM .Net XML XML SML UDDI Transport: SSL/ WS-Eventing OWL SAX Serialization XML Schema DMCBX ebXML TLS WS-Notification WS-Discovery XPath JAXB WSDL RELAX NG SwSA Network: IPSec WS-Addressing WS- XSLT SDO XML Info Set Schematron MetadataExchange BEEP XQuery StAX XOP/MTOM Assertion Lang HTTP/IIOP/MQ 21
  22. 22. Reusable Enterprise System Platform & Extensible Component Technology System Technology Architecture Solutions System Management Development & Lifecycle Governance 22
  23. 23. RESPECT – Common SOA Design Outer Ring Intents, Styles and Considerations System Architecture: the fundamental organization Technology Solutions: and formal description of an module-level common IT system, components, techniques and methods to environment, resolve pervasive design interrelationships, decisions concerns and issues in an IT and their associated system. rationales about the overall structure. Development lifecycle: a systematic approach to System Management & developing an information Governance: enterprise- system, including wide administration and requirements, analysis, management of distributed modeling, design, computer resources, rules implementation, validation, and regulations as well as a rollout, training, user mechanism for compliance experience, system enforcement. ownership, and maintenance. 23