SOA Governance Essentials Paul C. Brown Principal Software Architect
Agenda SOA Governance Overview Run-Time Governance Design-Time Governance Organizational Issues Summary 2
SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Design-Time Governance Governance Usage Operation Creation Employment 3
SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Governance Design-Time Governance Usage Operation Creation Employment Enforced by systems Enforced by procedures Organizational Issues 4
SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Design-Time Governance Governance Usage Operation Creation Employment Enforced by systems Enforced by procedures Organizational Issues 5
Run-Time Governance
Typical Types of Run-Time Rules Access control Authentication Authorization Encryption Digital signatures Data filtering Logging g Statistics gathering Invocation rate Response times The list is open-ended! d! 7
It Is Possible to Enforce Policies Within the Life-Cycle Architect Design Implement/ Test Deploy Modify the service architecture to make provision for policy enforcement Design the manner in which the rule will be implemented Implement and test the rule Deploy the revised service (may be disruptive!) Operate enforces the rule 8
Enforcing Policies Within the Is Expensive! Life-Cycle Architect Design Implement/ Test Deploy Modify the service architecture to make provision for policy enforcement Design the manner in which the rule will be implemented Implement and test the rule Deploy the revised service (may be disruptive!) 9 Operate enforces the rule
Solution: Separate Policy Enforcement From Consumer Policy Agent Provider Policy enforcement Interface must still be guarded 10
Solution: Separate Policy Enforcement From Single Process Space Consumer Policy Agent Provider Policy enforcement Interface is now fully protected 11
Enforcing Policies with a Policy Agent Life-Cycle Policy Life-Cycle Architect Put the infrastructure in place to use Policy Agents Design Implement/ Test Select or create the template for the type of rule you need Configure the rule Deploy Associate the rule with the services it governs Operate Policy Agent enforces the rule 12
Design-Time Governance
Governance During Development Life-Cycle Architect Will the service fit multiple usages? Will the interface remain stable over time? Design Implement/ Test Is the testing adequate? Is the documentation adequate? Deploy 14 Operate Manage service operation (start/stop) Manage service versioning
Governance During Solution Development Life-Cycle Solution Life-Cycle Architect Design Are existing services being used? Are new services being built appropriately? Implement/ Test Deploy Has service capacity planning been done? Have policies been put in place for service access? 15 Operate Coordinate with service operation Track service versioning
Organizational Issues
Who Manages Intra-Project Dependencies? Your Project A (new) Solution X Project Manager Business Process Architect Systems Architect 17
Who Manages Inter-Project Dependencies? Your Project A (new) Solution X Project Manager Business Process Architect Systems Architect Sister Project B (new) Solution Y Project Manager Business Process Architect Systems Architect Future Project C (future) Solution Z Project Manager Business Process Architect Systems S t Architect t 18
Enterprise Scope Enterprise Business Process Systems Data Solution Infrastructure Evaluate service opportunities Participate in service specification Provide technical coordination between projects Provide look-ahead technical guidance (future projects) 19
Common Issues Project level There is no architect (i.e. nobody responsible for overall business process and systems architecture) The architect has no authority The project manager may ignore the advice is treated as an after-the-fact the fact review Too late to make substantial changes Enterprise Level No participation in actual projects No opportunity to guide them towards common goals No opportunity to recognize issues in standards and best practices No authority Projects do as they please Project participation is at a review level Too late to make substantial changes 20
Put All Under One Roof Business Executive Sponsor Total Management Enterprise Projects Enterprise Project Manager Project Manager Project Manager Business Process Systems Data Business Process Architect Business Process Architect Business Process Architect Solution Infrastructure Systems Architect Systems Architect Systems Architect 21
Summary
SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Governance Design-Time Governance Usage Operation Creation Employment Enforced by systems Enforced by procedures Organizational Issues 23
SOA Governance Overview Reuse Isolation SOA = Sharing: i the producer is not the consumer Sharing requires Governance: rule creation and Run-Time Design-Time Governance Governance enforcement Checkpoints Usage Operation Creation Employment Enforced by systems Separate policy from service Enforced by procedures Organizational Issues Coordination 24
For More Information Succeeding with SOA The business and organizational perspective For: CIO, COO, CEO, CTO Managers Enterprise and project architects Implementing SOA Creating the total architecture For Enterprise and project architects CTOs 25 www.total-architecture.com