In this project, the topic ESA - or the SAP’s version of Service-oriented Archeticture – is going to be discussed in great details
At the beginning, we’ll briefly talk about overview history of SOA and how it emergence. After that, several definitions will be presented to explain thoroughly the concept of SOA. Then, we will discuss the numerous benefits of SOA and the reasons supporting its implementation in an organization. Afterwards, real-life case studies of ESA implementations will be provided. Upon those case studies we will talk about the challenges that arises during the implementation of ESA and then list a number of crucial points and information on how to obtain a successful implementation.
The processing of information in a database, first started in the 1950s with the batch processing. In batch processing, a group of transactions are collected, entered, processed over a period of time and then the batch results are generated. And all this required no human interaction. Batch processing was associated with mainframe computers. An example of that – on a large scale - would be payroll processing, where nearly every master file record is affected. The data is collected over a period of time, then input and verified by H.R. employees (verified means input by someone else and then both inputs are compared by computer) and processed centrally. In the early 1970s, real-time processing was established. In real-time processing, there is a ongoing input, process and output of data. Data has to be processed in a short particular period of time (real time), otherwise it will create issues for the system. In the 1950s, mainframe computers were built, with the feature of batch processing, and the focus being on each department of a company individually as well as for orientation of the applications. What SOA concept brought is a fundamental shift using web-services , which developed the processing into becoming service-oriented and the focus has transferred into outside the company and became process-driven. As for the main difference between mainframe computers and SOA, is that services – in the latter- have the capability of being distributed across heterogeneous platforms maximizing both I.T and business agility. This can be done through the technical toolset that supports people, information, and process integration in an SAP system, which is called SAP Netweaver.
Enterprise SOA is a business-driven architecture that increases flexibility, adaptability, and cost efficiency. With an enterprise SOA, companies can compose applications (xAPPS) and integrate business processes rapidly using enterprise services. With enterprise SOA, organizations can improve their reuse of softwares and become more responsive to change. It supports the idea of loosely-coupled and coarse-grained services with well-defined interfaces that provides business functionality and can be discovered and accessed through a supportive infrastructure (XI) to support end-to-end business processes.“ In other words, it is a collection of services. These services communicate with each other. The communication can involve either simple data passing or it could involve two or more services coordinating some activity. Some means of connecting services to each other is needed. It is important to note that SOA is not a technology, but rather an approach to software design that involves assembling systems from reusable components or services that may originate from different sources.
The analogy of LEGO pieces has been widely used in the business industry solutions in reference to SOA. Before establishing the concept of SOA, softwares, hardwares, and networks were rigidly integrated, and as a result were hard to change or modify. SOA treats softwares, hardwares, and networks as buidling blocks that can be easily put together, rearranged or improved. It is looked at as services, instead of incompatible elements. SOA is like a modern software Lego set. If you need a testing tool, it can be arranged by adding a certain testing software. If you need to improve security, it can be done by easily adding features to the old one, or replacing it.
Benefits of ESA: The two major benefits of SOA is saving both, time & money. Business Process Driven: From a technical perspective, SOA emerges as a new definition of IT infrastructure. It uses the IT base to develop a services oriented organization that Is based on constantly changing business processes. So the main purpose is to serve the business processes using a new type of IT infrastructure. Reusability : Since the method of loose coupling is used. Programs that are used at one part of the system, do not have to be written again and can be reused in another part of the system. Applications can be used in almost any department with no constraints of being attached to only one department or working at only one module. flexibility and ease of restructuring Legacy systems don’t have to be thrown away and start from scratch. New programs can be added to the legacy systems. whenever an organization needs change; it can simply add more services to the system. And if for some reason it needs to impalement change, services can be reorganized in a way that meets the needs of the organization. This serves the organization in adapting to change and become extremely flexible as well as providing it with the necessary business agility to compete in the marketplace. Attract new customers : With service-oriented architecture, acquiring the advantage of Web services can deliver core competencies to new customer segments – while reducing IT costs and increasing efficiency. This can be done on the basis of end to end business processes. Out-task your services: Service-oriented architecture allows an enterprise to connect to external partners, enabling it to access expert services, reducing costs and asset liabilities, and focusing on its core competencies – all while retaining visibility and control into critical processes. External services such as on-line-banking or even internal ones like security can be out-tasked to specialized parties that would manage those services.
There are three main challenges that generally face enterprises which intend to implement ESA. SOA Governance : (SOA) governance is the concept of the activities related to exercising authority over services in an SOA. SOA governance can be seen as a subset of IT governance which itself is a subset of Corporate governance. It portrays the structure of relationships and processes to control in an enterprise in order to achieve value-creation while balancing risk versus return over IT and its processes. Governance only gets harder the more an organization moves towards a service-based architecture. A good understanding of governance concepts is essential to implementing and operating a successful SOA. Reliable governance for SOA serves as the backbone that supports the increase of an enterprise's ability to achieve the goal of business agility through SOA. SOA governance is responsible for setting the rules that run the business processes. In theory, setting the rules of Governance is easy and flexible as adding more rules would reduce risks. However, it could complicated as well. Reducing dependencies and assumptions of applications is a must. This will result in flexible services that can be used outside the current scope of work and become adjustable during future growth SOA Testing: Prior to ESA, determinants to select the right testing technology was based on it meeting the current testing objectives, being easy to use, cost-effective, and extensible for future testing scenarios. In a traditional Quality Assurance testing process, engineers or managers are usually used to testing complete applications. Testers will expect to be given a full build of a running application where everything fits together. However, SOA testing is completely different. Services are developed and set up by various programmers. Instead of a complete application, a tester will be given a collection of services, which may or may not make up a complete application, and which may or may not be interdependent on one another. a tester needs to figure out in what order and how they need to be tested as well as discover when an output of a specific service feeds into a subsequent service—or services. Since Web services can be quickly set up independent of one another, instead of one big release, many little releases will be issued. And each Web service component as well as its interactions with other services in the SOA application will need to be tested. -Security: Typically, within an enterprise, users are enabled to use specific applications or parts of applications. With SOA, it is no longer thought of in terms of applications but of services and end-to-end processes. This means that the application security mechanisms that were in use prior to SOA are unlikely to work, because an end-to-end process is likely to involve multiple applications and each could have different user security mechanisms. In other words, old security mechanisms are unlikely to work under SOA. One of the main benefits of SOA is to eliminate application boundaries and technology differences. In its very nature, SOA operates among multiple applications with many different security mechanisms and vulnerabilities in real time. Where it is open to the web and enabled to the reuse of information. This often exposes enormous and hidden applications. Thus, the more integration points an application has, the more attack points it has. Two issues almost always need to be tackled in any SOA implementation. The first one is identity management, and the other is webservices security. Identity management : Since SOA allows users from all departments or outside the enterprise to access the system freely, it should be very clear on which kind of authorization that user attains. Having users to access unauthorized pile of information causes enterprises serious troubles. Deliberate or accidental destruction of data as well as cases of fraud are a very common result of that. Web services security: One other benefit of SOA is ease of accessibility from users over the web. However, putting out a web service may also put the heart of the system under the mercy of any people out there with access to the Internet. Two opposite forces which create confusion to managers. On one side, the force of business pushes you to keep it simple for future customers. As more checks and crosschecks, boundaries, warnings, and limitations would bother those customers and might turn them away. Maximizing the outreach of a business to customers increase business profits, and having investments made on software and Web services paying off quickly and effectively is one goal. On the other side, the force of security suggests staying on the safe side and raising the bar higher and higher not to compromise the core business and the core information system. Dealing with this dilemma is talked about in more details in the next slides.
Understand the benefits of SOA and make use of them: As professor Mike once said, that SAP system is so big that some consultants don’t know all of its features. Which results in reduce the ease of use and some great options you might utilize at SAP. Same thing goes for SOA, understanding the concept behind loose coupling, opens a tremendous amount value that enables an organization of using the same building blocks over and over again in many different ways by restructuring them based on your preferences. Think clearly about your goals: This may sound like a common sense point well defined business process is a critical success factor for a deploying SOA. viewing SOA from the perspective of business goals Since implementing SOA depends heavily on services, defining the business processes clearly is a major component of a successful implementation. ( this could be looked at as an advantage – if done properly – and a huge risk if not done poorly) Take a long term view and implement SOA incrementally One thing that has become clear in the last year is that SOA does not represent a quick fix to long-standing IT and business challenges. SOA is a long-term strategy, the impact and benefits of which cannot be realised over the short term. When I was doing the research on SOA, most of the articles I read recommended implementing SOA gradually I would recommend starting out on a small scale by first of all building the core infrastructure, skills and fundamental knowledge before moving on to the larger, more critical phases. This not only allows for tight management of risks associated with SOA, but also enables a business to learn from the experience and to improve its approach over time. Quality Assurance Is Key As I mentioned in a previous article. SOA creates all sorts of new challenges for the QA department . Successful SOA implementations require that proper QA best practices, such as load testing of each service, is performed. Performance, security and governance testing should be a part of your overall testing plan to ensure that both the business and technical requirements are met. Strong Executive Level Sponsorship and SOA Evangelist Each project had strong sponsorship from high ranking individuals from the business and/or IT. This is critical for driving change throughout the organization and removing roadblocks. Without top-level support, many SOA initiatives never get the momentum, the resources and the drive required to allow IT to deliver the promise of SOA to the business. Deliver Substantial Business Value In all cases, these award winning case studies delivered substantial business value. None of these case studies were focused on fixing IT infrastructure or based solely on reducing development costs through reuse. These may have been some side effects, but the value of the IT benefits are minuscule as compared to the business benefits which in some cases were in the billions of dollars over a given time period. Security: SOAPSonar Enterprise by Crosscheck Networks Comprehensive, code-free SOA and Web Services testing. SOAPSonar provides comprehensive code-free Web Services testing diagnostics within an intuitive .NET Framework interface. With run modes for Functional, Performance, Compliance and Vulnerability combined with test enrichment features such as SOAP Attachments, WS-Security, WSS-Tokens, XSLT and a DLL Plug-in API interface SOAPSonar addresses the full range of testing and diagnostic needs for the entire SOA lifecycle. Web Services are a fundamental shift in enabling applications to rapidly integrate and communicate. In the new era of Web Services with all Business Applications such as CRM & ERP Systems and IT components such as web servers, application servers and databases exposing their internals through Web Services (SOAP and WSDL), it has become critical to: Ensure the Web Services serve as advertised with reliable performance and availability Build Robust Web Services through Functional QA and Regression Testing And two other issues that we’re going to tackle in the SOA security section: which are: Proactively check for application vulnerabilities before they are exploited through verbose Web Services APIs (WSDL) Alert compliance officers when business transactions violate corporate policies SOAPSonar is a simple solution that can be installed and put to use in minutes, without modification to application code or network topology. It provides complete visibility into the existence, availability and health of Web services. Further, SOAPSonar can scan the contents of all Web service messages and express service health in terms business owners understand. SOAP messages that violate corporate policies are detected and decommissioned by system administrators. In this scenario a variety of standards such as SSL, WS-Security, and SAML, often take the place of the product's previously referenced security features,
Business Process driven: (Bepet) British Energy Power & Energy Trading had a tremendous success at inplementing SOA. A reason why it has succeeded was that it focused a process driven archeticture and used the IT to facilitate that. Jeremy Lock, IT manager at Bepet said: &quot;Processes are the DNA of our organisation. We had to focus on higher-value activities, rather than factory-type programming, to be in good shape for future business. There are no prizes for second place,&quot;
SOA Presented by : Tariq Abudayeh Mike Long
Agenda <ul><li>Brief Overview </li></ul><ul><li>Benefits of SOA </li></ul><ul><li>Case Studies </li></ul><ul><li>The Challeneges of SOA </li></ul><ul><li>How to Succeed in implementing SOA </li></ul><ul><li>2-3 Minutes of Q&A </li></ul>
History of SOA 1970 1980 1990 2000 Mainframe Client-Server Internet Batch Real-time SOA Company / Department Enterprise Extended HARDWARE PROCESSING FOCUS Application / Module Process ORIENTATION ERP H/W, NETWORK, COMM E-COMMERCE
The Challenges of SOA <ul><li>SOA Governance </li></ul><ul><li>SOA Testing </li></ul><ul><li>SOA Security </li></ul>
How to Succeed in SOA Implementation <ul><li>Think clearly about your goals: </li></ul><ul><li>Understand the benefits of SOA and make use of them </li></ul><ul><li>Strong Executive Level Sponsorship and SOA Evangelist </li></ul><ul><li>Take a long term view and implement SOA incrementally </li></ul><ul><li>Deliver Substantial Business Value- Quality Assurance Is Key </li></ul><ul><li>Never neglect Security </li></ul>
Case Studies <ul><li>(Bepet) British Energy Power & Energy Trading </li></ul>