The BSR will be the source of record for service metadata. Dev tools could, for example, use and write to a different kind of repository, such as an asset repository, but once a service exits development, often at deployment to a post-development environment, the service metadata will usually be copied to the BSR. This slide shows different aspects of the service metadata life cycle. Tools (probably development, config, deployment, admin ones) are responsible for controlling Test and Classify activities. The contributors are listed on the left and include software config and deployment tools, asset/develop tools, discovery utilities, and UIs. The act of publishing from one of these sources places a new or modified service description in the BSR. What gets published could be documents containing interfaces, endpoints and policies. Relationships between artifacts in the BSR or between BSR artifacts and external artifacts such as assets or portals could be what is published. Properties and classifications can also be published. A status is assigned at the time of publishing and will usually be ‘pending approval’ due to incompletely specified metadata, unknown reconciliation with partial data already there, or identity conflicts. If change is being driven through a structured process management, the process would take over to address those things I just mentioned -- resolving identity conflicts, duplicates, missing metadata, etc). Also need to consider some might want to have separate physical registries and the approval process (light weight as well as PRISM) might want to promote entities to different instances as they transition through the process. Could even be promotion from heterogenous registries. Some of the tasks identified to get a service artifact approved, and thus ready to be used, like impact analysis, can be performed by the BSR UI (lightweight) as well as the formal change and release process manager. The BSR will support promotion from one BSR instance to another.
Basic definitions of CEI and CBE
Basic definitions of CEI and CBE
SOA Governance Xiaoying Bai Department of Computer Science and Technology Tsinghua University March 2007
The concept of “governance” is as old as human civilization.
Establishing chains of responsibility, authority and communication to empower people (decision rights)
Establishing measurement, policy and control mechanisms to enable people to carry out their roles and responsibilities.
E.g. “European governance” refers to the rules, processes and behavior that affect the way in which powers are exercised at European level, particularly as regards openness, participation, accountability, effectiveness and coherence.
Information Technology (IT) has been one of the foundational pillars of most business today
Enterprise’s IT investment is greater that 4.2% of annual revenue in a average.
Business and IT can be viewed as two cogs of the same wheel.
A change in motion of one mandates that the other respond in kind.
IT needs to be flexible, extensible, responsive, resilient, and dynamically reconfigurable.
Businesses measure the success of IT not only by how well it is being leveraged for business-as-usual activities, but also by how it is utilized to facilitate the enterprise to be a key differentiator in the market.
“ IT Governance is a collection of management, planning and performance reporting and review processes with associated decision rights, which establish controls and performance metrics over key investments, operational and delivery services and new or change authorizations and compliance with regulations, laws and organizational policies. It formalizes and clarifies oversight, accountability and decision rights.”
Gad J. Selig, “IT Governance – An integrated framework and roadmap:
how to plan, deploy and sustain for competitive advantage”, 2006.
What decisions must be made to ensure effective management and use of IT?
“ SOA governance is an extension of IT governance specifically focused on the lifecycle of services, metadata and composite applications in an organization’s service-oriented architecture.
As a specialization of IT governance, SOA governance addresses how an organization’s IT governance decision rights, policies and measure need to be modified and augmented for a successful adoption of SOA, thus forming an effective SOA governance model. ”
“ Service-oriented architecture built opportunistically with the purpose of ‘getting it over with’ as soon as possible, and at as low a cost as possible, will prove to be a disaster for enterprises’ software infrastructures.”
“ In 2006, enterprises worldwide will have spent nearly $3 billion on failed and redesigned Web services projects because of poorly implemented service-oriented architectures.”
“ An enterprise chock-full of services is not an SOA. For that, you need the matrix of rules and policies that make up SOA governance. InfoWorld
Large enterprises must achieve a true Service Oriented Architecture. Governance is a critical element in meeting this goal.
“ Doing lots of little Web Services projects all over the place with no governance isn’t SOA, it’s just playing.” (Thomas Manes, Burton Group)
The impact of ungoverned integration projects can be significant to a company’s operation.
“ The breakdown couldn’t have come at a worse time for AT&T wireless. It deprived the Telco of thousands of potential new customers and cost the company an estimated $100 million in lost revenue.” (AT&T Wireless)
“ Without an effective governance approach, organizations could quickly face a rather messy and dysfunctional situation with uncontrolled, ad-hoc development of services, undermining the potential benefits of SOA.”
-- Marianne Hedin, “The impact of SOA on the consulting Services Market”, IDC, Dec. 2005.
“ SOA is an inherently distributed approach to architecture, and therefore the requirements for governance are even more critical than in more centralized environment.”
-- David Sprott, “The SOA Governance Framework”, CDBI, Sep. 2004
“ In 2006, lack of working governance machanisms in midsize-to-large (greater than 50 services) post-pilot SOA projects will be the most common reason for project failure.”
--Paolo Malinverno, “The strategic Impact of SOA Broadens”, Gartner, Nov. 2005
“ Through 2008, 70 percent of IT organizations will fail to successfully select and implement an SOA strategy on the first try. There organizations must be prepared to use software services tactically while planning for strategic evolution of their architecture.”
--Daryl C. Plummer, “Six Missteps That Can Result in SOA Strategy Failure”, Gartner, June 2005
Service orientation alone cannot bring about the effect of improved productivity, faster time to market and reuse because there are other forces at play that operate as impediments and constraints.
Effective governance of services through policies, principles, standards, procedures, processes, and cultural and organizational change will enable the full benefit of service orientation to be realized.
WSRR – SOA Governance Interactions Test and classify 2 Production Registry & Repository 7 Change impact Analysis Life Cycle Management Processes Development Registry & Repository Archive Registry & Repository 1. Service metadata artifacts are created 2. Tools, utilities and users publish servicemetadata to the Service Registry & Repository 3. LCM processes enforce testing, classifying and validation. 4. Service and metadata is Published 5. Service is assigned a state of AWAITING APPROVAL
10. LCM processes drive: Deployment Production configuration
Service is promoted to production environment
Service is assigned an OPERATIONAL state.
13. LCM processes drive: impact of retiring retirement policy
Service is retired
Service is assigned a RETIRED state.
Change impact Analysis Retirement policy conformance 13 Publish from UI Publish from deployment tools Discover from deployments and Publish Publish from Development Tools 2 Create 1 WSDL XSD SCDL BPEL Policy MXSD Change impact analysis Compliance checks Change policy conformance Scheduling 6 Test and classify Validate Artifacts 3 Deployment Production configuration 10 Publish Awaiting Approval 5 4 Approved 8 9 Approve 7 Notify Promote 11 Operational 12 Notify Retire Retired 14 15 Notify
IBM Websphere Business Monitor Continuous Business Process optimization - Round trip Process Execution/Choreography Services Interaction Glue Process Modeling Monitor Analysis V Optimize Existing Components Process Requirements Manage Execution Participate