Dennis Wisnosky Cross Talk Presentation D Wiz 09262008 For Publication

710 views

Published on

Published in: Business, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
710
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Dennis Wisnosky Cross Talk Presentation D Wiz 09262008 For Publication

  1. 1. 10/24/2008 This Presentation Courtesy of the International SOA Symposium October 7-8, 2008 Amsterdam Arena www.soasymposium.com info@soasymposium.com Founding Sponsors Platinum Sponsors Gold Sponsors Silver Sponsors CrossTalk: Market Research into SOA State of the Art Dennis E. Wisnosky, DoD BMA CTO & Chief Architect October 7, 2008 1
  2. 2. 10/24/2008 Background Reach of the Business Mission Area "The Secretary of Defense is responsible for a half- trillion dollar enterprise that is roughly an order of magnitude larger than any commercial corporation that has ever existed. DoD estimates that business support activities—the Defense Agencies and the business support operations within the Military Departments—comprise 53% of the DoD enterprise.‖ DWiz DoD BMA CTO/CA 2 The Challenge Many DoD systems are a decade old and strain to support today’s operations. Many new systems are so massive a decade passes before they show results. Our enemies change at the pace of technology. WE MUST ALSO. DWiz DoD BMA CTO/CA 3 2
  3. 3. 10/24/2008 A Small Slice of the As-Is This is only the BTA DBSAE systems and Transaction flows. Add to this all the DoD Business Systems in the Army, Navy, Air Force, USMC and all of the Defense Agencies. DWiz DoD BMA CTO/CA 5 Current State and as services intoEnvironment (BOE).Now Services are Future Vision: Its Happening Over the lifecycle, capabilities are deployed from Scalable, Conceptually we Discoverable, Composable, new and have designed a common operating transformed the Business Operating this environment. environment, systems Reusable, commonly Managed and Secured. AS -IS B us ines s . C apabilities 1 2 B us ines s S1 S ervices T O -B E Defense Business Systems Acquisition Executive S2 3 B us ines s O perating S3 E nvironment (B O E ) S4 4 BTA DoD & BMA Federated Portal Business Applications and Services Service Interface BMA Business Operating Environment (BOE) S5 Service Wrapper New & Business Business Service Business Legacy Transformed Service Service Applications Applications Information Assurance Stand-alone Independent Business Services S6 B us ines s Business Transformation Infrastructure DoD & BMA Other BMA Common Services Federated C apability P rioritization & Business Activity Monitoring (BAM) Service Orchestration: Business Process & Business Infrastructure Services Registry, Data Catalog, & Metadata Registry S7 Workflow Automation Business E xtraction Harmonization Development Transformation High Volume Engine Batch & XML- based Data Services: Data Virtualization Layer Transformation Services S8 Interoperability Controller Distributed Integration Brokers Connected by Robust Messaging (MOM – Message Oriented Middleware) Broker Broker Broker Broker Broker Broker Broker Machine-to-Machine Messaging Service Mediation S9 Discovery DoD Enterprise Services Enterprise Service Management S 10 S 11 S 12 … DWiz DoD BMA CTO/CA 6 3
  4. 4. 10/24/2008 This is a Concept of Operations for Services Included in our SOA Work for DoD – Is it viable? Will DoD BMA Guidance This is the infrastructure. Can commercially available technology support its operation in DoD? Or is it justTransformation Infrastructure Business another pretty picture? Business Service Other BMA Common Services DoD & BMA Federated Services Registry, Activity Orchestration: Business Infrastructure Data Catalog, & Monitoring Business Process & Metadata Workflow Registry (BAM) Business Development Automation Transformation High Volume Engine Batch & XML- based Data Services: Data Virtualization Layer Transformation Services Interoperability Controller Distributed Integration Brokers Connected by Robust Messaging (MOM – Message Oriented Middleware) We decided to conduct research Broker Broker Broker Broker Broker Broker Broker Mediation the state of the art of SOA. into Machine-to-Machine Messaging Service Discovery will addressServices DoD Enterprise Here weEIEMA Computing Infrastructure Domain the concepts and the findings. Enterprise Service Management DWiz DoD BMA CTO/CA 7 This illustration shows the Environment Business Operating details of the BOE. The BOE, includes the foundational SOA infrastructure, the BTI, portal and service-presenting applications. DoD Federated Portal BMA Business Operating Environment (BOE) Business Applications and Services Service Interface Service Wrapper DoD Federated Portal Business Service New & Business Business Legacy Transformed Service Service Applications Applications Information Assurance Business Operating Environment (BOE) Stand-alone Independent Business Services Business Transformation Infrastructure DoD & BMA Other BMA Common Services … Federated Service Services Registry, Business Activity Business Infrastructure Data Catalog, & Orchestration: Application 1 (BAM) Monitoring Application 2 Business Process & Application 3 Application 4 Application Registry Metadata n Workflow Automation Business Development Transformation High Volume Engine Batch & XML- based Data Services: Data Virtualization Layer Transformation Services Interoperability Controller Distributed Integration Brokers Connected by Robust Messaging (MOM – Message Oriented Middleware) Broker Business Transformation Infrastructure Broker Broker Broker Broker Broker Broker Machine-to-Machine Messaging Service Mediation Discovery DoD Enterprise Services DoD Enterprise Services EIEMA Computing Infrastructure Domain Enterprise DoD BMAManagement DWiz Service CTO/CA 8 4
  5. 5. 10/24/2008 Business Transformation Infrastructure Vendors were asked to demonstrate technologies and answer specific inquiries against components of this infrastructure. Business Transformation Infrastructure 3 DoD & BMA Federated 4 6 Other BMA Common Services Services Registry, Business Activity Business Process & Business Infrastructure Data Catalog, & Monitoring (BAM) Workflow Automation Metadata Registry Business Development Transformation High Volume Engine Batch & XML- based 7 Data Services: Data Virtualization Layer Transformation Services 1 Interoperability Controller Distributed Integration Brokers Connected by Robust Messaging (MOM – Message Oriented Middleware) Broker Broker Broker Broker Broker Broker Broker 2 Machine-to-Machine Messaging Service Mediation Discovery DoD Enterprise Services EIEMA Computing Infrastructure Domain 5 Enterprise Service Management 1. Interoperability 2. Mediation – Standard 3. Service Discovery, 4. Business Activity Controller & High Volume Data Catalog & MDR Monitoring 5. Enterprise Services 6. Business Process & 7. Data Virtualization & Management Workflow AutomationCTO/CA DWiz DoD BMA Data Services 9 Findings: Patterns and Conclusions We will present patterns and conclusions for each of these components and our findings based on the research. BTI Components: 1. Interoperability Controller 2. Mediation 3. Service Discovery 3a. Service Registry 3b. Metadata Registry 3c. Enterprise Catalog 4. Business Activity Monitoring 5. Enterprise Services Management 6. Business Process and Workflow Automation 7. Data Virtualization and Data Services BOE Components: 8. Information Assurance 9. Governance DWiz DoD BMA CTO/CA 10 5
  6. 6. 10/24/2008 1. Interoperability Controller Vision of Standardized Enterprise Information Exchanges Through the BTI System Messaging Navy USAF Etc. 5 Inbound Messaging Standards: HTTP/HTTPS XML/XSD Ontology BMA SOAP 1.1 (Note) Mediation Transforms Mediation Mediation SOAP 1.2 (Specification) Service Interoperability Controller Service SOAP with Attachments Mn≠Mc Mo≠Mc MIME/SMIME Local REST Common 4 Message Message Broker Broker AF Broker Broker Broker Broker Broker 2 Web Services Addressing Vocabulary Vocabulary (WS-BrokeredNotification, Web Services Notification WS-BaseNotification, WS-Topics SOAP Message Transmission Optimization Canonical Messages across Machine-to-Machine Messaging Mechanism (MTOM) 3 UDDI 3.0 WSDL 1.1 Canonical Outbound WSDL 1.2 Messaging Messaging WSDL 2.0 Web Services Reliable Messaging 1 Etc. USAF Web Services Security 1.0 USTC Security Assertion Markup Language (SAML) Business Process Execution Language (BPEL) for Web Services V1.1 Message Recipients WS-BPEL Extension for People DWiz DoD BMA CTO/CA 11 1. Interoperability Controller - Conclusions SOA Infrastructure must provide for: Extensible set of integration brokers interconnected on the network by robust messaging middleware Execution of brokering, routing, and processing messages and service invocations State of the Technology: Products which most closely support the Interoperability Controller pattern are Enterprise Service Bus, and Enterprise Application Integration and Message-Oriented Middleware components Industry products are reasonably mature Industry challenge is a standards-based SOA stack leveraging Web technologies, rather than an ESB-based solution 12 DWiz DoD BMA CTO/CA 6
  7. 7. 10/24/2008 2. Mediation Messages typically are not Canonical Message Model Vision all Standardized BOE in a common format, and If of use common vocabulary and format, no require mediation/transformation. transformation is needed: faster, cheaper. and Mediator BTI Canonical Message Model and Mediator Canonical Messages are in Joint Program of RecordsModel Defense Business Systems COI Canonical Data send (CDM) message local formats specific to COI CDM common messages in formats, using the Joint their component or vocabulary tier architectures. program based on DoD Universal Core and Business Core common vocabulary standards. Business Transformation Infrastructure invoking the Mediation Service 5 Route 1 Message Army In Army Canonical Format? 2 Yes Business Business Transformation Transformation Navy No 3 No Navy Engine Engine Need Yes Use Canonical Local Transform Common Transform Message Format? Format USAF Vocabulary? Format Format USAF Yes 4 No No Other Common Need Yes Transform Other Transform Vocabulary Local Vocab. Vocabulary Vocabulary & Format? Source & Format Non-Standard & Format Joint COI CDM Standards: Message Flow OWL OWL-S ISO 11179 ebXML RDF 13 XSLT DWiz DoD BMA CTO/CA 2. Mediation – Conclusions SOA Infrastructure must provide for: Short term need for translating and transforming (mediation) of information exchanges/messages Dynamic generation of transformations on a semantic basis State of the Technology: Good vendor support of this pattern in both the standard and high volume variations. Transformation engines focused on XML messaging and the use of XSLT transformation engines quite capable Advanced parallel processing capabilities allows for high performance straight-through mediation services Semantic mediation / semantic technology is immature, only build time currently supported DWiz DoD BMA CTO/CA 14 .. 7
  8. 8. 10/24/2008 3. Service Discovery AssetDoDor Service Registry is aitsclearing-houseUDDI Service service theand standardized descriptive infofor facilitate This isDoD service Enterprise Catalog. It houses storage of The The registers Registry (MDR) is a interface infor instances Metadata DoD publishes schema Assetordone in providespublishes UDDI- and Web Services to storage, visibility using WSDL by DoD is built DoD Data Assets & spec, has metadata schematic formats. It users. to the ebXML reg/rep Services. and discovery for Web Services. of DDMS-compliantinformation exchange formats. descriptions of format, transactions, and compliant registry. Web Services interface and Web GUI. Registered Data Asset/Service . DoD Metadata Store Discovery Mechanism 1 Discovery via DoD Enterprise Enterprise Catalog Catalog 2 DoD Data Asset/Service DoD Metadata Discovery of schemas via Registry Federated Search 3 DoD Service Registry Discovery via Service Standards: Registry OWL UDDI XML Schemas RDF DDMS WSDL 15 DWiz DoD BMA CTO/CA Service are discoverableRegistrywhat the state 3a. Service (Information Assurance). Service discovery provides based on the lifecyclewe of for identifying reach and discovery must transcend must provide for classification of allow a consumer categorization. to have the service. services. Service Discovery Prioritize Model Requirements against BEA Services by Consumer Reach Local/Regio Service nal Operate Service Adoption Share Unsh or Promotion Enterprise d Service ared Local/Regional Develop Deployment Services Service Service Core Non-Core Shared Certification Unshared Composition, Orchestration Standards: Universal Description and Discovery Interface (UDDI) ebXML Registry Information Model (RIM) 16 Registry Services (RS) DWiz DoD BMA CTO/CA 8
  9. 9. 10/24/2008 3b. Metadata Registry Both known and unanticipated data consumers can “Pull” The Metadata Registry provides a location for the publishing and semantic Metadata from the MDR. structural of structural and semantic Metadata. Other Developers/ 2 Applications Data Consumers including MDR Users/Developers Server-side ebXML Web Services Application 1 Layer 3 Metadata Registry ebXML Reference 5 Implementation Metadata 4 Artifacts Standards: SOAP/JAXR ebXML Registry Information Model (RIM) 17 DWiz DoD BMA CTO/CA 3c. Enterprise Data Catalog Capture terms and definitions at the beginning of the architecture process from Authoritative Sources. Make them discoverable and reusable through toolsets. Standards: OWL XML Schema 18 RDF DDMS DWiz DoD BMA CTO/CA 9
  10. 10. 10/24/2008 3. Service Discovery Conclusions SOA Infrastructure must provide for: Metadata registries and repositories must support discovery of services and information assets Ability to federate DoD UDDI service registry, Metadata Registry of structural and semantic metadata, and Enterprise Catalog specification metadata are standards-based State of the Technology: Vendors provide UDDI Service Registries, or include UDDI capability Vendors provide metadata management capabilities and repository, others specialize around semantic metadata Many vendors registries and repositories don’t federate 19 DWiz DoD BMA CTO/CA 4. Business Activity Monitoring BAM can govern End-to End process flows with Enterprise, Component or Program Services running in the BOE BAM Presentation; BAM: 5 Dashboards & Business Management Business Action Screens Activity Monitoring Level Transform process events to business events BPM: 4 Business Process Monitoring Level using architectural Business Primitives and patterns Enterprise Architecture 3 and Core Transform technical End to End Business Processes described in the BEA used as Business events to process events basis for abstraction into BPMN from BEA AV-2, OV-5, OV-6c, et. al Mission EA 2 Enterprise, ESM: Component … Enterprise and Program Service Mgmt Business Business Business Business Business Business Business 1 Services from Service Service Service Service Service Service Service Monitoring Business Level Systems Standards: Business Process Modeling Notation (BPMN) Business Process Execution Language (BPEL) 20 XML Process Definition Language (XPDL) DWiz DoD BMA CTO/CA 10
  11. 11. 10/24/2008 4. Business Activity Monitoring - Conclusions SOA Infrastructure must provide for: Modeling & execution of business processes through orchestration Monitoring of those business processes. State of the Technology: Tools provide for orchestration at build time and monitoring of those processes at run time While tools with semantic continuity from modeling to execution are not ready today, they are under development No vendor included Universal Modeling Language (UML) in either its list of product offerings 21 DWiz DoD BMA CTO/CA 5.of is closely linked to services’ operations in and Enterprisealso performance against SLAs. Service Management ESM makes visible BOEact providing fail safe and terms Agents be automated to and enables Governance error ESM health and handling mechanisms to ensure unbroken operations. Information Assurance Dashboards provide Human overall views of the health Service Manager and operation of the services in the BOE. Human Manager ESM Response Presentation; Dashboards & 4 Action Screens 3 Automated Response Automated 3 ESM Facilities Alerts & 2 Notifications Service 2 Service 2 Service 3 … Service n 1 ESM Agents Enterprise, Component or Program Services running in the BOE 22 DWiz DoD BMA CTO/CA 11
  12. 12. 10/24/2008 5. Enterprise Service Management Conclusions SOA Infrastructure must provide for: Necessary to manage the service lifecycle Is the foundation for SOA runtime governance Must integrate with Information Assurance products State of the Technology: Limited number of ESM vendors Vendors posses strong portfolios in traditional network management and Integrated Service extending to ESM Products differ on where in the OSI layer they focus, lower level IT service management or higher level business management Solutions stacks often combine multiple company products to provide end-to-end ESM 23 DWiz DoD BMA CTO/CA 6.Processes can be built End to End from disparate piece Businessby engineers AND business Automation parts Process and Workflow analysts From Business Workflow: Analysts/Modelers 1 Person Action Steps Orchestration Engine 2 Executing a Business Process Composite 3 Business Composite Service Composite Service Composite Service Services Services Layer Basic Business Business Business Business Business 4 Business Business Business Business Service Service Service Service Service Service Service Service Services Standards: Infrastructure Business Process Modeling Notation Services (BPMN) 5 Infra-structure Infra-structure Infra-structure Infra-structure Infra-structure Infra-structure e.g., DoD CESProcess Execution Language Business Service Service Service Service Service Service (BPEL) 24 DWiz DoD BMA CTO/CA XML Process Definition Language (XPDL) 24 12
  13. 13. 10/24/2008 6. Business Process and Workflow Automation Conclusions SOA Infrastructure must provide for: Business process modeling execution engine or workflow engine Standards compliance very important Round-trip from architecture to implementation and back State of the Technology: Most vendors provide modeling and workflow environment, many are proprietary or proprietary extensions Some modeling tools are business analyst usable (truly WISWIG GUI), other tools require computer programmers Round-tripping not a capability to be provided in near future – remains the ―holy grail‖ 25 DWiz DoD BMA CTO/CA 7. Data Virtualization and Data Services Provide virtualized data based on operational needs and representative of the authoritative source in alignment with metadata and the BEA. Enterprise Applications (Data Consumer) 7 Consumer Consumer Consumer Consumer Consumer Consumer Consumer 6 Enterprise Service Management (external to Data Services) 5 Data 5 Business Business Business Business Business Business Business Business Service Service Service Service Service Service Service Service Services Data Virtualization Layer 3 Query Optimization and 4 Caching Processing Engine 2 Information Assurance (Security) (maybe external to Data Services) API Database (OLAP, etc.) Flat file Web Service Language specific (Java, C#...) 1 Data Business Business Business Business Data Business Business Business Business Systems System Service Service Service System System Providers Store Standards: SOAP OWL WSDL ODBC JDBC 26 DWiz DoD BMA CTO/CA 13
  14. 14. 10/24/2008 7. Data Virtualization Conclusions SOA Infrastructure must provide for: Virtualization of data sources not data warehousing Data trust through presentation of operationally staged data from authoritative sources Real-time availability when necessary operationally State of the Technology: Vendor products provide data virtualization relying on query optimization and or caching Vendors can provide high performance and robust data sources and services reducing latency in data availability No need for periodic loads 27 DWiz DoD BMA CTO/CA 8. Information Assurance Authorization Model Using Both Local and Enterprise-level Attributes 3 5 4 6 1 7 2 Standards: WS-* WS-Trust SOAP SAML eXtensible FROM DoD Security Reference Access Control Markup Language DWiz DoD BMA CTO/CA Architecture v1.0 28 (XACML) 14
  15. 15. 10/24/2008 8. Information Assurance Conclusions SOA Infrastructure must provide for: Net-Centric data sharing capabilities enabled by SOA are themselves potential points of vulnerability Standards and standard protocols to narrow the range of network capabilities that an attacker must subvert Survivability, reliability, availability and non-repudiation Policy enforcement including authorization control, redaction and auditing Federation to Public Key Infrastructure enabling single sign-on, and preservation of non-repudiation State of the Technology: Vendor products provide data virtualization relying on query optimization and or caching Vendors can provide high performance and robust data sources and services reducing latency in data availability No need for periodic loads 29 DWiz DoD BMA CTO/CA 9. Governance Governance is closely linked to Enterprise Service Governance is set by the service provider and designed in Policies desired Management and Information Assurance for the Human and Machine Service Consumer against SLA specified QoS Anticipated and Unanticipated Service Users, Human and Machine Human Data Governance Service Consumer Prioritize Model DoD Governance of DoD Core Data, UniversalPEO for a Service are Requirements against Machine Process SAE and Core BEA Lifecycle Service Consumer those of the program and system that Quality of Service actually provides the service, whether Governance Service atomic or composite, whether Run governed by SLA HCI for Local/Regio Build designated an enterprise or Warfighterby Service agreed to Service Business Enterprisefrom Design in nal Operate Service Adoption Common Core Metadata COI, component Biz Core Intelligence Provider (Web UI, Portlet) Communities Share Unsh or Promotion Communities Build Time Time of Interest of Interest Time d ared Service Consumers Service Deploymentthrough RunDevelop Services Service Providers FM COI HRM COI RP&ILM COI WSLM COI MSSLM COI Data Governance Data Governance Time to Data Governance Data Governance Enterprise, Component Data Governance Service Service or Program Services deprecation Certification Composite Service Composition, FM COI Info HRM COI Info Orchestration RP&ILM COI Info WSLM COI Info MSSLM COI Info Models Models Models Models Models Service Consumers Service Providers Atomic Service 1 Atomic Service 2 Atomic Service 3 Atomic Service 4 … Atomic Service n Enterprise, Component or Program Services Atomic or Base Services (non-composite) 30 DWiz DoD BMA CTO/CA 15
  16. 16. 10/24/2008 9. Governance Conclusions SOA Infrastructure must provide for: Assure that laws, regulations and policies are met in IT operations Build Time (Investment) Governance to allow for management of IT development policy and service reuse Run Time Governance State of the Technology: Tools have limited interoperability with design and develop services and no way of automated compliance checking or management of the transition between EA models and service designs Duplication Avoidance is met through tool access to service registries and repositories Service Verification for testing and verifying services against functional requirements and Service Level Agreement (SLA) exist with tradition testing tools. Tools integrate with registries to provide developers with service descriptions and specifications Support for capturing SLAs exists development tools for SLAs is limited 31 DWiz DoD BMA CTO/CA Results of the Research IA Authentication BOE Component Service BMA Common Service Wrapper & Authorization. Implementation Transformation Interoperability Complex Event EDA Enabling Orchestration Virtualization Management Management Composition High Volume Governance Services Processing Repository Integration Messaging Controller Mediation Metadata Registry Service Service Service Service Broker Build Time BAM Data Run Time structure Develop- Infra- ment SOA Tool Vendor Baseline: NCES CES  ?     Ab Initio          Active Endpoints   AmberPoint      BEA                     Composite Software   Corticon (Bus Rules) w/ Metastorm    Fiorano             GEFEG (9/12/07)   HP (Mercury / Systinet)      IBM - Telelogic (EA Tools) (9/19/07) IBM Websphere                     Information Builders / iWay             Iona           Lombardi     MetaStorm (BPM) Microsoft                    Mirius (9/14/07)     MuleSource      NexaWeb  OpenSpan      Oracle                  Red Hat-Jboss-Metamatrix     Revelytix  RogueWave    SAP    SOA Software   Software AG-webMethods                     Streambase         SUN            TIBCO                   DWiz DoD BMA CTO/CA 31 16
  17. 17. 10/24/2008 Conclusion ―The DoD BMA has embarked on an SOA strategy. The ―BMA Architecture Federation Strategy and Roadmap‖ provides guidance for the DoD BMA to quickly gain business value by delivering capability to support the warfighter through an SOA, while using a phased approach for transforming legacy systems. The market research performed by the BMA Office of the CTO and CA has found that industry capabilities to implement or enable the components defined in the BMA Service-Oriented Infrastructure have matured in the marketplace. While serious caution remains in the areas of IA and security, and the need for significant cultural change for successful SOA implementation cannot be overemphasized, it is clear that it is feasible for an enterprise the size of the DoD to move forward on implementing an SOA and to realize the business benefits of agility, interoperability, and net-centric data sharing that an SOA provides.‖ ~ CrossTalk, Oct. 2008 Issue Full article can be viewed at: http://www.stsc.hill.af.mil/crosstalk/2008/10/0810WisnoskyFeldshteynMancusoGoughRiutortStrassman.html DWiz DoD BMA CTO/CA 32 One Answer: Companies Supporting Standards Object Management Group (OMG), Windows Workflow Foundation, Organization for the Advancement of Structured Information Standards (OASIS), Workflow Management Coalition (WFMC), World Wide Web Consortium (W3C) WS-C …WS-X And, this requires World Wide collaboration! DWiz DoD BMA CTO/CA 33 17
  18. 18. 10/24/2008 Thank You for Your Time! Any Questions? Dennis.Wisnosky@osd.mil DWiz DoD BMA CTO/CA 18

×