This presentation is about performance and security aspect of SOA (Service Oriented Architecture) in developing an end to end EA (Enterprise Architecture) for large organisations.
Enterprise Architecture, SOA, and their relationships
Apply SOA to Enterprise Architecture – Service Oriented Enterprise Architecture
Service Oriented Enterprise
Service Oriented Applications and Systems
Service Oriented Infrastructure
Enterprise Architecture, SOA, and their relationships
Apply SOA to Enterprise Architecture – Service Oriented Enterprise Architecture
Service Oriented Enterprise
Service Oriented Applications and Systems
Service Oriented Infrastructure
Cloud Computing - A Pragmatic Approach to Cloud AdoptionBob Rhubart
The road to Cloud Computing is not without a few bumps. This session will help to smooth out your journey by tackling some of the potential complications. We'll examine whether standardization is a prerequisite for the Cloud. We'll look at why refactoring isn't just for application code. We'll check out deployable entities and their simplification via higher levels of abstraction. And we'll close out the session with a look at engineered systems and modular clouds.
Modernisation Strategy for Science at RBG Kew. The presentation is part of a "toolkit" delivered to help Kew to rationalise, consolidate and integrate disparate & legacy Science Applications and Data.
Cloud Computing - A Pragmatic Approach to Cloud AdoptionBob Rhubart
The road to Cloud Computing is not without a few bumps. This session will help to smooth out your journey by tackling some of the potential complications. We'll examine whether standardization is a prerequisite for the Cloud. We'll look at why refactoring isn't just for application code. We'll check out deployable entities and their simplification via higher levels of abstraction. And we'll close out the session with a look at engineered systems and modular clouds.
Modernisation Strategy for Science at RBG Kew. The presentation is part of a "toolkit" delivered to help Kew to rationalise, consolidate and integrate disparate & legacy Science Applications and Data.
The classroom activities to think and plan business plan for sample company. This business plan not related to the real plan for Adidas AG. For more exchange in ideas please comment. Thank you.
This is a presentation for the paper "Governance of Information Security Elements inService-Oriented Enterprise Architecture" published in the proceedings of 10th International Symposium on Pervasive Systems, Algorithms, and Networks
Executive Overview Using Soa To Improve Operational Efficiencysean.mcclowry
Overview on how services oriented architectures can be applied to improve operational efficiency. Introduced in the context of the MIKE2.0 Methodology.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Innovative Marriage of Security and Performance in SOA Based Dynamic Enterprises
1. SOLEA
Service-Oriented Locally adapted Enterprise Architecture
Innovative Marriage of Security and Performance
in SOA Based Dynamic Enterprises
Sponsors: Presented by:
-Helsinki University of Technology Dr. Mehmet Yildiz
-University of Kuopio IBM Certified Executive IT Architect
myildizmel@gmail.com
Abridged version
Proposed Abstract: “All enterprise systems have two key concerns: security and performance. All CIO / CTOs have these two in
their daily agenda through the life cycle of their mission critical business systems. These two aspects hardly go along well unless
specialised design considerations, innovative techniques and methodical practices are applied. Finding the right balance for security
and performance marriage is a significant challenge for dynamic enterprises especially when the Service Oriented Architecture
(SOA) is the key enabler of it. This paper aims at identifying key security and performance factors for SOA projects in dynamic
enterprises and how they can be efficiently architected for desired business outcomes. In this paper, the experience based claims are
substantiated with industry based literature review and a sample case study from the field.”
1
2. SOLEA
Agenda
-Introduction
-Theme 1: EA and SOA in Dynamic Enterprise
-Theme 2: SOA Performance
Research
-Theme 3: SOA Security Focus
SOA
Reference
Architecture QoS
-Conclusion Layer 7 Perf/Sec
2
3. SOLEA
Introduction and Methodology
• Purpose
–Share experience
–SOA and EA are important
• Data collection, analysis and validation of results
–Lessons learnt out of over 50 projects
–Interaction (surveys and interviews) with over 100 architects
–Industry literature
–Academic research papers
–Invention disclosures
–Experience from 3 full cycle SOA and 10 EA engagements
–Leader of Architecture Lessons Learnt CoP harvesting IP from field
–Validation of findings with selected top 10 SOA practitioners from diverse
organisations and industries
• Still so much to learn!
3
5. SOLEA
Evaluation of Current Architecture Frameworks CS1
None of the assessed frameworks fully meets the major criteria
in the Regensburg study. Hence use of combination of
frameworks is suggested.
5 Ref: Susanne Leist and Gregor Zellner University of Regensburg, Institute of Information Management, Germany
6. SOLEA
SOA Vendors for New Systematic Applications
Gartner’s Magic
Quadrant for
Application
Infrastructure for New
Systematic SOA
Application Projects
There are many
vendors investing
on SOA Application
Projects.
Leveraging their
experience is
important
6 Ref: Gartner’s Magic Quadrant for New Systematic Applications
7. SOLEA
Key SOA Concepts
… a service? … service orientation?
A way of integrating your
A repeatable business business as linked
Composable services
task – e.g., check
customer credit; open and the outcomes that
new account they bring
Interoperable SOA
SOA Re-Usable
Re-
Loosely
… service oriented Coupled … a composite
architecture (SOA)? application?
An IT architectural style A set of related &
that supports integrated services that
service orientation support a business process
built on an SOA
7
8. SOLEA
Definition of Service and System - Technically
Extract from Webster Service
A service is a program we interact
with via message exchanges
System
A system is a set of deployed
services cooperating in a given task
Services Science
An interdisciplinary approach to the
study, design, and implementation
of services systems – complex
systems in which specific
arrangements of people and
technologies take actions that
provide value for others.
8 Ref: Webster Dictionary
9. SOLEA
Service Integration Maturity Model (SIMM )
Typical SOA Projects
SOA Maturity
Assessment
Dynamically
Composite Virtualized Re-Configurable
Silo Integrated Componentized Services Services Services Services
Componentized Processes Provided Mix & match
Outsourced
Isolated Business Business Process Componentized Business Provides & Consumed via business capabilities
Business services; BPM
Line Driven Integration Business & Consumes Composite Business via context-aware
and BAM
Services services services
SOA and IT Governance
Ad hoc LOB IT Ad hoc Enterprise Common SOA and IT
Organization Emerging SOA Infrastructure Implemented
Strategy & IT Strategy & Governance Governance
Governance Governance using automated
Governance Governance processes Alignment
Alignment Policies
Service
Structured Object Component Service Service Grammar
Oriented
Methods Analysis & Oriented Based Oriented Oriented Oriented
Modeling for
Design Modeling Development Modeling Modeling Modeling
infrastructure
Dynamic
Applications
Application
Applications composed of Virtualized
Modules Objects Components Services Assembly;
Composite Services
context-aware
Services
invocation
Dynamically Re-
Architecture Monolithic Layered Component Emerging Grid Enabled
SOA Configurable
Architecture Architecture Architecture SOA SOA
Architecture
Enterprise
Virtualized
Application LOB or Enterprise Information as a Business Data Semantic Data
Information Canonical Models Information
Specific Specific Service Dictionary & Vocabularies
Services
Repository
Context-aware
Common Project-based SOA
Infrastructure LOB Platform Platform Common SOA Event-based
Reusable SOA Environment;
Specific Specific Environment Sense &
Infrastructure Environment Sense & Respond
Respond
9 http://www.opengroup.org/projects/osimm/ 3
Level 1 Level 2 Level Level 4 Level 5 Level 6 Level 7
10. SOLEA
Why SOA – An executive view
The paradigm shift of using services instead of APIs Composable
means simplified interaction, less communication, rs
artne
and reduced complexity le p
ultip Interoperable SOA
SOA Re-Usable
Re-
to m
“SOA necti
ng
Loosely
con Resource Coupled
Train”* erfa
c e
e int Reuse Business
es ingl
ur
gh
sec
Application
Agility
Throu Integration
Infrastructure
Flexibility
Business
Application Resources
Standards-based approach
Infrastructure Processes speeds business process
Architecture automation
SOI
10
*Concept created by Mehmet Yildiz, 2007, IBM
11. SOLEA
A SOA Reference Architecture Sample CS1
Enterprise
Architecture Ref Architecture for
Ref Architecture for a
Service Areas Ref Architecture for a
Program
Single Project
11Ref: IBM and Open Group
12. SOLEA
7 Concerns at Layer 7 - QoS CS1
1.Increased virtualization
2.Loose coupling Layer
7
3.Widespread use of XML
4.The composition of federated services
5.Heterogeneous computing infrastructures
6.Decentralized SLAs
7.The need to aggregate IT QoS metrics to produce
business metrics
12Ref: IBM and Open Group SOA Reference Architecture
13. SOLEA
Security and Performance Relationship
Performance
Belief: The harder the security the lower
the performance in any SOA project
Security
13
14. SOLEA
Security vs Performance in Dynamic Enterprises CS1
Balance of Dynamic Enterprise
Dynamic SOA*
Supports
Dynamic Applications
Supports
Dynamic Infrastructure
Security
Security Performance
Supports
Dynamic Operations
Availability and Satisfaction Dynamic Dynamic
Security Performance
14Concept introduced by Mehmet Yildiz, 2007, IBM
15. SOLEA
Theme 2: SOA Performance
heterogeneous
abstraction infrastructures
Performance
federated open
service standards
ecosystem
Compliance
Internal
Governance
distributed
Open computing
protocols
15
16. SOLEA
Major Source of Performance & Scalability Issues CS1
Architecture
19%
Development
56%
Production
25%
16
Ref: Optimizing Service-Level Performance, Jean-Pierre Garbani Forrester Research
17. SOLEA
[An Observed] SOA Perf/Sec Effort Indication*
CS P-H
=Case Studies P-H S-H
1, 2, 3 S-H
Operational
Services Support
Integration
S-M P-M =Complexity
Indicators
P-M
S-M Extreme
Infrastructure
P-M Build
S-M High
Application
n
Packaging esig
P-M
P-L
e &D S-M
Code Data Migrationtur
S-L
tec
l Ar chi Medium
t ua
Ac
d
ne
Plan Low
17Ref: SOA performance assessement research results by Mehmet Yildiz, 2008, IBM
18. SOLEA
Performance Complexity Indication
CS1,
2, 3
Code
Application Operations / Infrastructure
Production
Services
Integration
18Ref: Concept and research results by Mehmet Yildiz, 2008, IBM
19. SOLEA
Performance with FastSOA SS
FastSOA is an architecture and software coding practice that
addresses 3 key problems:
1 Solves the SOAP binding
1 Solves the SOAP binding 2. Uses native XML
2. Uses native XML 3. Introduces a
3. Introduces a
(proxy) performance problem
(proxy) performance problem persistence to avoid
persistence to avoid mid-tier service
mid-tier service
by reducing the need for Java
by reducing the need for Java XML-to-relational cache to provide
XML-to-relational cache to provide
objects and increasing the use
objects and increasing the use transformation
transformation SOA service
SOA service
of native XML environments to
of native XML environments to
provide SOAP bindings. performance problems.
performance problems. acceleration.
acceleration.
provide SOAP bindings.
19 Ref: http://www.ibm.com/developerworks/xml/library/x-accsoa/
20. SOLEA
Benefits of SOA Appliances SS
Hardened &
specialized Meet Higher levels of
hardware for helping to security assurance
integrate, secure certifications (government
Many functions FIPS Level 3 HSM)
and accelerate SOA
integrated into
a single device
Higher performance
Simplified deployment
with hardware
and
acceleration
ongoing management
(more security checks
without slow downs)
20 Ref: Extracted from IBM Websphere Datapower White Paper
22. SOLEA
Popular SOA Management Tools SS CS1
The complexity of SOA environments and applications demands management tools from
inception to deployment to operations and beyond.
Tools (Alphabetically) Summary of Key Functions
AmberPoint's A policy-based run-time governance software suite, SOA performance in production. Includes a run-
time repository, service network monitoring, SOA security, service-level monitoring.
SOA Management System:
BMC Software's AppSight: Performs automated problem resolution in SOA implementations to alleviate and eliminate application
problems.
CA's Wily SOA Solution: Monitors the performance and availability of Web services, application performance on client
machines and other components in the SOA environment.
HP's SOA Manager: The software can define and maintain a dynamic model of services, including software assets and
virtual servers; and manage application and Web services performance within that SOA model.
IBM's Tivoli Composite Application Monitors, manages and controls the Web-services layer of IT architectures, and identifies the source
of bottlenecks or failures.
Manager (ITCAM) for SOA:
iTKO's LISA Enterprise SOA Focuses on the software performs unit, regression, functional and load testing, as well as post
deployment monitoring tasks.
Testing platform:
Mindreef's SOAPscope Server: Enables task-oriented collaboration regardless of role, skill set or development environment -- which
makes it possible to find quickly and address any performance problems that arise, the company says.
OpTier's CoreFirst Monitors the performance of services, components and transactions.
Progress Software's Actional for Uses agent technology that watches messages entering and exiting XML appliances and application
servers to build a map of what happens in an SOA infrastructure. Helps with performance alerting,
SOA Operations dependency analysis, problem detection and resolution.
Tidal Software's Intersperse Enables the proactive detection of problems, problem localization and root-cause analysis.
http://www.javaworld.com/javaworld/jw-10-2007/jw-10-soa-management-tools.html?page=11
22
23. SOLEA
Theme 3: SOA Security
heterogeneous
abstraction infrastructures
federated open
service standards
ecosystem
Compliance
internal
Governance
Security
distributed
Open computing
protocols
23
24. SOLEA
Typical Security Architecture for an Enterprise CS1
Externally Highly
Controlled Secure
Zone
External
Business
Zone
External Internal Zone
Uncontrolled
Demilitarized
Zone
Special Domain
24
27. SOLEA
Top 10 Security Principles for Dynamic Enterprises
From National Institute of Standards and Technology
Key Points Descriptions CS1
Only grant access to what is required.
1. Least Privilege
Relying on more than one component or mechanism to be secure, failure of a
2. Defense in Depth single security solution may compromise the entire security.
Forces attackers to use a narrow channel of access where actions can be
3. Choke Point monitored and controlled.
Security is only as strong as the weakest link. Smart attackers will seek the
4. Weakest Link weakest point to attack.
Systems should fail in such a way that it denies access to an attacker rather than
5. Fail-Safe Stance grants access.
Everyone needs to be concerned with security. Failure from one person or or area
6. Universal Participation can be dramatic!
Do not rely on only one (type of) system or application for security, no matter how
7. Diversity of Defense strong or comprehensive it may be. (e.g. one firewall).
The more complex the security environment, the riskier it is for security.
8. Simplicity
To minimize the amount of damage that can be done to an environment (or
9. Compartmentalization system), break the environment up (or system) into isolated units.
Historically, insiders account for 65% of all attacks. Protections should make little
10 Inside/outside threats difference for an inside or outside attack.
http://csrc.nist.gov/publications/nistpubs/800-27/sp800-27.pdf
27 There are 33 important principles by NIST!
28. SOLEA
Granular Security Assessment feeding SM CS1
Subsystem
Components and Elements for Each Subsystems and Functions
Impact
Likelihood Credential
Subsystem
Insignificant Minor Moderate Major Catastrophic
Almost
Certain Information
Flow Control
Subsystem
Likely
Access
Control
Subsystem
Moderate
Security
Audit
Unlikely Subsystem
Integrity
Rare Subsystem
28 Adapted from IBM’s Systems Engineering Method
29. SOLEA
SOA Security Architectural Decisions Samples
Documenting and obtaining sign Decision 2:
off for the architectural decisions Provide authorization at every layer
at the very beginning of the SOA in the architecture Course grained
project is essential at the point of contact servers
Increasing more fine grained
towards the back-end systems
Decision 1:
Use SAML 2.0 Browser Artifact Profile
for Federated web single sign-on Decision 4:
Use only standards based
interconnections
Decision 3:
WS-Security
Use point of contact servers in a DMZ
environment for all in-coming and out- WS-Trust
going transactions. Use hardware SAML
appliances for dealing with web services
messages WS-I Basic Security
Profile
29
30. SOLEA
Conclusion Messages
PERFORMANCE & SECURITY IS (E2E) LONG TERM JOURNEY. Map PM to SM! A tight
relationship for desired results! Target is SIMM Level 7!
Security and performance EA is important SOA also helps EA to
are like Ying & Yang, hence for successful be more efficient for
require balance all the time SOA projects & an organisation
provides a map
Every marriage require
Every marriage require Performance &
Standards, policies,
commitment. & lifetime
commitment. & lifetime security work MUST
models, compliance,
agility and architecture support so does SOA marriage
support so does SOA marriage start from inception!
of security & performance
of security & performance Any delay is a critical
are very important factors
factor
for SOA QoS
Beware, SOA projects
require different
Use of methodical and approach than traditional SOA projects are
systematic approach projects and may take full of unknowns
produce better results longer and may cost depending on
for SOA more; it is not number of
necessarily easiest! services.
30 Ref: Extracted from M. Yildiz’ SOA Performance and Security Paper, 2008