Reality check: Old quote but still valid – makes even more of a point! Flexibility, whether through procedural programming, object programming, component programming, etc
Fast forward 5 years. Normal maturation cycle is part of the problem.
That’s why you buy software! Delegate to it!
Caveat: We’re not proposing a solution. There might be non-Policy mechanisms to solve these use cases, but it is important to have them in mind so that any solution we come up with does not preclude these use cases.
Need to have a protocol and faults MetaDataExchange could be it.
There are three stages to SOA implementation: Web Services Enablement phase is about implementing individual endpoints Developers enable existing applications by implementing web service interfaces on top of them. There is no organized approach to web services that are used rather opportunistically for communication and basic QoS interoperability.
In the Business Services Enablement phase companies start realizing that in order to fully leverage web services, they need to make sure that there is more to interoperability Customers start figuring out that they can easily get to the same (interoperable) islands of applications that they had before if they not start looking at services visibility, discoverability, manageability and compliance The SOA starts to touch all aspects of the organization: business analyst, architect/developer and operations The need for governance, compliance and manageability becomes a key focus There exists a need to express constraints and capabilities The use case as presented does not recognize the dynamic nature of SOA-based deployments nor does it enact what is required to govern an enterprise’s SOA. Though the use case identifies the need for expressing constraints and capabilities, along with the need to exchange this metadata, it does not go far enough and state the additional requirement to make this information discoverable. By making policy discoverable a consumer can select for example between otherwise identical Web services the instance that exhibits the constraints for which the consumer has the capability of supporting. Constraint and capability discovery is a key enabler to this phase.
In the SOA Enablement phase corporations fine-tune integration of all infrastructure services (end-to-end security, reliability, discovery etc.) and start exposing business services towards internal users and external partners or customers. In this phase corporation start leveraging dynamic interoperability to improve its overall agility. In other words corporation can quickly and efficiently assemble business applications that aligns with their ever-changing business needs.
Enterprises are building and deploying their SOA architecture based on the implementation of higher level business services composing them with infrastructure services; This composition is driving the need to express and make discoverable capabilities and constraints of the constituent pieces of the architecture It is thus imperative that policy be expressible and discoverable Distributing constraints and capabilities in the form of policy expressed exclusively at the end points is not scalable and manageable for an enterprise. While the end point typically represents the policy enforcement point motivating the need for the ability to support the means of exchanging this policy with consumers and the author of the policy, the policy must be discoverable for consumers. The inability to support discoverability of policy by consumers significantly reduces the value of the SOA proposition. Furthermore value for the enterprise in terms of governance would be greatly enhanced by supporting the means of effecting a global policy change that can be pushed to or pulled by end points; for this to be scalable a Web services registry is required to support the need of discovering Web services and their policies.
Today, governance is a key business driver for enterprises Governance is driving the need to leverage registry: Governing Reuse: Proper identification and categorization of Business Services Governing Compliance: Corporate standards, WS-I, Sarbanes-Oxley Governing Conformance: To local and domain specific requirements; To Security needs Governing Assurance: Service Level Agreements; Quality of Service Registry as a means of enabling discovery of capabilities and constraints is a key requirement of enterprises: Credentialing mechanisms; Security (non-repudiation; confidentiality); Preferred transport mechanisms; Reliability rules; Transactional rules; Privacy rules; Auditing and logging rules
Why is registry so important? A: Policy in terms of capabilities and constraints permeates the organization – which must be implemented and enforced across people, process and software For this to scale, a centralized view of policy is required Capabilities and Constraints are key facets of SOA governance