Professional Documents
Culture Documents
A Perspective On Emerging Industry SOA Best Practices: Software Engineering Technology
A Perspective On Emerging Industry SOA Best Practices: Software Engineering Technology
between internal schemas and a common needs. Heffner recommends to: fully conquered by dividing it into three
vocabulary across the community, and major areas and systematically tackling
paying special attention to the governance ... craft your SOA strategy so that each one: empowering unanticipated users
for maintaining data quality. investments are made: 1) in line (if an SOA will be used to implement an
A proper focus on data will enable with work done and business value information-sharing strategy, which
interoperability among consumers and delivered today on each business requires access privileges for unanticipat-
providers and lower implementation risks technology solution delivery pro- ed users), establishing trust across organi-
for the enterprise SOA. ject, and 2) as investments across a zational boundaries, and mitigating newly
portfolio of projects, maintaining a exposed vulnerabilities. Federal leaders
4. Start small, learn, and evolve significant trajectory ... toward your and security architects may need to estab-
Employing the big-bang approach to SOA long-term goals. [1] lish enterprise-wide authentication and
adoption is unlikely to be successful due authorization mechanisms in order to sup-
to the inherent risks of very large-scale SOA implementations should be de- port access by unanticipated users.
software development, requirements com- signed with the expectation that require- Attribute-based access control and other
plexity, and the challenges of establishing ments will evolve and should be built to modern security techniques can be lever-
a new architecture across large organiza- allow for scalability and new capabilities. aged to provide this capability.
tions with significant legacy infrastructure The successful implementation of an
and diverse computing needs. 6. Governance is a key component SOA requires that the right security mech-
These factors, coupled with the risk of of the SOA anisms are applied to the right services.
a large deployment, point us towards SOA technologies can be applied to indi- Also, security should be balanced with
starting small, learning, and evolving. vidual projects, but the changes necessary other considerations, such as performance
SOA initiatives should begin by address- for an enterprise-wide adoption can only and scalability.
ing a business problem constrained in be achieved by putting the right policies
scope, focusing on piloting the architec- and processes in place to bridge the enter- 8. Set realistic ROI expectations
ture, ensuring that clearly defined success prise architecture with the business strate- during SOA implementation
criteria exist, and capturing the lessons One motivation for moving to an SOA is
gy.
learned to educate the enterprise and the promise of cost reduction in opera-
Governance is an essential element of
improve future SOA implementations. tions, reuse, and future systems integra-
an SOA; it is the vehicle for creating, com-
Ron Schmelzer indicates that organiza- tion.
municating, and enforcing SOA policies,
tions should start with a small business While cost savings can be a realistic
roles, and responsibilities across the enter-
problem, adding: expectation, an organization should
prise. The Organization for the Advance- expect upfront costs when implementing
Service-oriented architects must ... ment of Structured Information Stan- SOA techniques for the first time. Causes
maintain a pragmatic mental pic- dards (OASIS) states that: of upfront costs can be the learning curve
ture for how the organization can associated with modifying legacy applica-
evolve iteratively while still main- SOA governance should be consid- tions to create service offerings, the lack
taining a single, cohesive vision of ered an extension of existing IT of technical staff familiarity with the tech-
the organization’s architecture. [4] governance that deals with the nologies, and the need for new infrastruc-
decision rights, processes, and poli- ture. Infrastructure costs may include mid-
Narrowing the initial scope of an SOA cies that are put into place to dleware (e.g., an enterprise service bus),
implementation to one or two business encourage the adoption and opera- security components, quality of service mon-
processes will help keep the SOA at a tion of a SOA that may cross own- itoring software, and hardware and net-
manageable and realistic size. ership boundaries. [5] work upgrades. James Kobielus articulates
Employing a start small, learn, and evolve the investment consideration well:
strategy will minimize risk and reduce the Example process areas that should be
time it takes an organization to realize governed include service life cycle, service The upside of SOA is that the mar-
value from its SOA investment. versioning, service monitoring, service ginal cost of building new applica-
registries, and service testing [6]. tions will continue to drop as the
5. When establishing an SOA, have a Governance is necessary for establish- service-reuse rate climbs. The
long-term vision ing trust so that consumers and producers catch is that there’s a significant
The long-term vision for an SOA imple- have a set of established expectations for ramp-up cost, because adopting an
mentation is frequently organizational IT services essential to meeting their busi- SOA means you’re going to need to
agility and reduced cost, allowing an orga- ness needs. rethink many of your traditional
nization to respond to changing needs approaches to application model-
quickly and utilize IT resources more 7. Integrate security throughout the ing, development, integration,
effectively. These objectives can be real- SOA life cycle deployment and management. [8]
ized through service reuse, ease of inter- A primary objective of applying service
operability, reduced integration and main- orientation to a system’s architecture is to Cost savings may occur at the enter-
tenance costs, and the ability to deploy facilitate broader user access to informa- prise-level eventually, but not necessarily
new capabilities quickly. tion stored within that system. A challenge at the project level.
An initial SOA implementation that is is enabling information sharing while pro- An organization adopting SOA
scalable and capable of expanding in tecting and securing the information being approaches needs to have a realistic expec-
scope and requirements will ensure its shared [7]. tation on how much investment is needed
growth to meet future and unanticipated This security challenge can be success- and the expected ROI.