SOA Overarching Trends : IDC• SOA adoption moving from project and applicationlevel to system and enterprise scale• Short and long term impact of SOA, along with expectations, need to be better understood• While technologies are key enablers, most studyparticipants focus on organization and program dynamics• Success can be defined by multiple dimensions,Including • pervasiveness of SOA adoption in the enterprise and • clear business results
SOA Success Factor : IDC Research• Business Alignment• Organizational Change• Management• Communication• Trust• Architecture• Scale and Sustainability• Governance
Why SOA Governance ?• Enterprise Governance is business-oriented.• In moving towards integrated business initiatives (outsourcing, strategic supplier collaboration, value and supply chain,…etc) and IT initiatives (XML, Web Services, EAI, SOA…etc), companies want to ensure continuity of • business operations • manage security exposure • align technology implementation with business requirements • manage liabilities and dependencies, • reduce the cost of operations.
SOA Challenges• It is so easy to create and utilize web services.• Evolving Standards for Business Compliance, IT Standards and Web Service Technologies .• Lack of one Standards enforcement .• A Variety of Vendors.• Inadequate Tooling .• New Layer - New Challenges
SOA Governance : Definition• The processes used to oversee and control the adoption and implementation of SOA in accordance with recognized practices, principles and government regulations.• SOA governance provides optimum service quality, consistency, predictability and performance
SOA Governance : Components• SOA registry : an evolving catalog of information about the available services in the SOA implementation.• SOA policy : a set of behavioral restrictions intended to ensure that services remain consistent.• SOA testing : a comprehensive schedule of audits and performance-monitoring procedures.
SOA Governance : Phases• SOA governance is divided between design time governance and runtime governance.• One way to make both design and runtime governance more effective is through centralized policy management.• If the architecture is designed with all the policies in an easily accessible location, then making updates to an SOA after it has been implemented is much easier.
Enterprise SOA Policies• Policies set the goals that you use to direct and measure success.• Without policies, there is no Governance• Policies need to address the overall impact to the business of the Services that are being created and deployed.• Policies need to create a strong connection between the business and technology.
Enterprise SOA Policies (cont.)• Policies might start at the business level: • Projects must comply with Internal Architecture guidelines • Security and regulatory compliance policy reviews are mandatory for all IT projects• Policies could represent more specific regulatory compliance issues: (SOX, HIPPA)
SOA Governance : Benefits• Greater alignment with business objectives• Greater control over creation, deployment and consumption of services• Centralized management of policies and regulation• Can embed compliance with government and indus try regulations • Sarbanes‐Oxley, MiFID, HIPAA, GLBA
Technologies behind SOA Governance• Enterprise Service Bus (ESB)• Repository• Registry
Role of ESB in Governance• Security • Ensure Privacy, Authenticity, Authorization and Auditing of all Message exchanged• Mediation • Policy based mediation (protocol/invocation)• Management • Holistic view of Transactions that passes through • Intercept Service call
Role of Service Registry/Repository• Where all Services are published• Implements process to publish service that matches Governance model• Contains Policies applicable to each service
Benefit of Integrating Registry/Repository• Consistent view of service definition• No duplication of Data• No need for data synchronization• Discover both Service info and dependencies
Key Features of SOA Governance Product• Versioning• Publishing & Discovery• Associations & Dependencies • Relationship between resources• Federation• Control (Permission, Life Cycle, Validations)• Monitoring (Notifications, Dashboard)• Auditing
SOA Governance Product (Cont.)• Most important of all..• Governance cannot be bought, you need to customize it..• Extensibility Features • BAM (Business Activity Monitoring) • BI (Business Intelligence) gathering • CEP (Complex Event Processing)
Gartner Magic Quadrant for Integrated SOA Governance Technology Sets
SOA Governance Products : Example• SOA Software • Portfolio Manager • Policy Manager • Repository Manager • Service Manager• Oracle SOA Governance • Oracle Enterprise Repository • Oracle Web Services Manager • Oracle Service Registry
SOA Governance Product : Example• SOA Software • Portfolio Manager • Policy Manager • Repository Manager • Service Manager• Oracle SOA Governance • Oracle Enterprise Repository • Oracle Web Services Manager • Oracle Service Registry• WSO2 (Open source) • Governance Registry
SOA Governance : Checklist -1• Registry/Repository: • Service Meta‐Data setup and Validation • Service Relationship and Dependency Management• Access to Service: • Workflow based Request Process • User Configurable Policies
SOA Governance : Checklist -2• Publishing Service • Workflow based Notification • WSDL validation and Conformance Reporting • Wizards for Publication• Delivery of Service • Provider/Consumer Binding • SLA enforcement, Versioning, Deployment • Centralized monitoring • Routing Management • Failover /Load Balancing • Logging and Audit Trailing
SOA Governance : Checklist -3• Service Change Management • Service subscription management • Service Metadata subscription• Replication strategy • Selective synchronization / promo. • Master/Slave based
SOA Governance : Checklist -4• Enforcement of Security • Role based • ACL • Fixed and Configurable Roles • Support for LDAP• Interoperability • Handling any URI data • Java Rule Engine API
SOA Governance : Best Practices• Establish early• Organizational acceptance for Governance• Communicate relentlessly• Automate• Govern the entire service lifecycle• Anticipate mixed technologies• Monitory, access & report business value• Consider cross organizational boundaries
SOA Governance Success Factors• Align with internal software development methodology.• Minimize overhead.• Maximize synergy with existing IT governance processes.• Gain visibility of project pipeline as early as possible.• Prefer influence over enforcement.
Resources SOA Governance, WSO2 SOA Workshop, 2009 Governance: Fundamental to SOA’s Success, Ari Roy, DATA Inc. Policy Based Governance for the Enterprise, Web Layers
Thank you firstname.lastname@example.org twitter.com/thanachartwww.facebook.com/thanachart www.thaijavadev.com