SOA Governance Essentials

Similar documents

Open Group SOA Governance. San Diego 2009

Issues Vital to SOA and BPM Success

Improved SOA Portfolio Management with Enterprise Architecture and webmethods

Driving SOA Governance - Part II: Operational Considerations

Policy Driven Practices for SOA

Approach to Service Management

AquaLogic ESB Design and Integration (3 Days)

SOACertifiedProfessional.Braindumps.S90-03A.v by.JANET.100q. Exam Code: S90-03A. Exam Name: SOA Design & Architecture

Model driven Security of Service Oriented Systems based on Security as a Service

Data Mining Governance for Service Oriented Architecture

The Way to SOA Concept, Architectural Components and Organization

Guiding SOA Evolution through Governance From SOA 101 to Virtualization to Cloud Computing

Integrating Project Management and Service Management

A Practical Roadmap to SOA Governance Enterprise Integration Services

Microsoft SOA Roadmap

Copyright 2009 TIBCO Software Inc. All rights reserved

LR120 Load Runner 12.0 Essentials Instructor-Led Training Version 12.0

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT

HP SOA Systinet software

Realizing business flexibility through integrated SOA policy management.

NCTA Cloud Architecture

The DoD CIO Charter:

LR120 LoadRunner 12.0 Essentials

Reuse in Oracle SOA Suite 12c: Templates, Libraries or Services?

SOA Management with Oracle Enterpise Manager. An Oracle White Paper March 2007

Contents. viii. 4 Service Design processes 57. List of figures. List of tables. OGC s foreword. Chief Architect s foreword. Preface.

Oracle Reference Architecture and Oracle Cloud

Customer Cloud Architecture for Mobile.

BEA BPM an integrated solution for business processes modelling. Frederik Frederiksen Principal PreSales Consultant BEA Systems

Approach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera

SOA management challenges. After completing this topic, you should be able to: Explain the challenges of managing an SOA environment

Biometric Single Sign-on using SAML Architecture & Design Strategies

Recommendations for the PIA. Process for Enterprise Services Bus. Development

AUDITING TECHNIQUES TO ASSESS FRAUD RISKS IN ELECTRONIC HEALTH RECORDS

Automated Data Ingestion. Bernhard Disselhoff Enterprise Sales Engineer

IaaS Federation. Contrail project. IaaS Federation! Objectives and Challenges! & SLA management in Federations 5/23/11

The Business Impact of Reuse in SOA

SOA for Healthcare: Promises and Pitfalls

What s new in AM 9.30 Accelerating business outcomes

ITIL: Planning, Protection & Optimization (PPO) (Revision 1.6)

Service Governance and Virtualization For SOA

OFFICE OF THE CIO. PROCEDURE Informational VERSION: 1.0

Domain 1 The Process of Auditing Information Systems

ITIL v3 - Service Transition Lifecycle

Oracle Data Integrator 12c: Integration and Administration

Web Application Hosting Cloud Solution Architecture.

Setting up an Effective Enterprise Architecture capability. Simon Townson Principal Enterprise Architect SAP

MINNESOTA STATE STANDARD

Security It s an ecosystem thing

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

Oracle Data Integrator 11g: Integration and Administration

Independent Insight for Service Oriented Practice. An SOA Roadmap. John C. Butler Chief Architect. A CBDI Partner Company.

SOA REFERENCE ARCHITECTURE: SERVICE TIER

Software Application Control and SDLC

Forthcoming EU Data Protection Law

D83167 Oracle Data Integrator 12c: Integration and Administration

Verfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK,

Making Your Organization Open Source-Ready

SOA Governance: What s Required To Govern And Manage A Service-Oriented Architecture. An Oracle White Paper October 2006

REFERENCE ARCHITECTURE FOR SMAC SOLUTIONS

Chapter 1 The Principles of Auditing 1

IBM WebSphere ILOG Rules for.net

Securing Web Services From Encryption to a Web Service Security Infrastructure

Essential Elements of a Master Data Management Architecture

Corresponding Author

Service Virtualization: Managing Change in a Service-Oriented Architecture

Concept Proposal. A standards based SOA Framework for Interoperable Enterprise Content Management

Enterprise Management Solutions Protection Profiles

Anypoint Platform Cloud Security and Compliance. Whitepaper

Service Oriented Enterprise Architecture

Security Issues in Cloud Computing

Figure 1: Illustration of service management conceptual framework

Glassfish Architecture.

Biometric Single Sign-on using SAML

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Satisfying business needs while maintaining the

DEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE

Introduction to SOA governance and service lifecycle management.

Enterprise Service Specification

Oracle Database Security

Active Directory Rights Management Services integration (AD RMS)

HPE PC120 ALM Performance Center 12.0 Essentials

Contents Huntcliff, Suite 1350, Atlanta, Georgia, 30350, USA

Business Process Management IBM Business Process Manager V7.5

Security Controls What Works. Southside Virginia Community College: Security Awareness

Supplier Information Security Addendum for GE Restricted Data

LDAP Authentication Configuration Appendix

Roles for Maintenance and Evolution of SOA-Based Systems

OPC UA vs OPC Classic

Service Oriented Architecture (SOA) An Introduction

<Insert Picture Here> Oracle BPA Suite 11g Overview & New Features

Electronic Communication In Your Practice. How To Use & Mobile Devices While Maintaining Compliance & Security

PRiSM Security. Configuration and considerations

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution

ITIL Service Lifecycle Stream

SOA Governance and the Service Lifecycle

EA-ISP-012-Network Management Policy

Service Oriented Architecture (SOA) Architecture, Governance, Standards and Technologies

Service Oriented Architecture

Transcription:

SOA Governance Essentials Paul C. Brown Principal Software Architect

Agenda SOA Governance Overview Run-Time Governance Design-Time Governance Organizational Issues Summary 2

SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Design-Time Governance Governance Usage Operation Creation Employment 3

SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Governance Design-Time Governance Usage Operation Creation Employment Enforced by systems Enforced by procedures Organizational Issues 4

SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Design-Time Governance Governance Usage Operation Creation Employment Enforced by systems Enforced by procedures Organizational Issues 5

Run-Time Governance

Typical Types of Run-Time Rules Access control Authentication Authorization Encryption Digital signatures Data filtering Logging g Statistics gathering Invocation rate Response times The list is open-ended! d! 7

It Is Possible to Enforce Policies Within the Life-Cycle Architect Design Implement/ Test Deploy Modify the service architecture to make provision for policy enforcement Design the manner in which the rule will be implemented Implement and test the rule Deploy the revised service (may be disruptive!) Operate enforces the rule 8

Enforcing Policies Within the Is Expensive! Life-Cycle Architect Design Implement/ Test Deploy Modify the service architecture to make provision for policy enforcement Design the manner in which the rule will be implemented Implement and test the rule Deploy the revised service (may be disruptive!) 9 Operate enforces the rule

Solution: Separate Policy Enforcement From Consumer Policy Agent Provider Policy enforcement Interface must still be guarded 10

Solution: Separate Policy Enforcement From Single Process Space Consumer Policy Agent Provider Policy enforcement Interface is now fully protected 11

Enforcing Policies with a Policy Agent Life-Cycle Policy Life-Cycle Architect Put the infrastructure in place to use Policy Agents Design Implement/ Test Select or create the template for the type of rule you need Configure the rule Deploy Associate the rule with the services it governs Operate Policy Agent enforces the rule 12

Design-Time Governance

Governance During Development Life-Cycle Architect Will the service fit multiple usages? Will the interface remain stable over time? Design Implement/ Test Is the testing adequate? Is the documentation adequate? Deploy 14 Operate Manage service operation (start/stop) Manage service versioning

Governance During Solution Development Life-Cycle Solution Life-Cycle Architect Design Are existing services being used? Are new services being built appropriately? Implement/ Test Deploy Has service capacity planning been done? Have policies been put in place for service access? 15 Operate Coordinate with service operation Track service versioning

Organizational Issues

Who Manages Intra-Project Dependencies? Your Project A (new) Solution X Project Manager Business Process Architect Systems Architect 17

Who Manages Inter-Project Dependencies? Your Project A (new) Solution X Project Manager Business Process Architect Systems Architect Sister Project B (new) Solution Y Project Manager Business Process Architect Systems Architect Future Project C (future) Solution Z Project Manager Business Process Architect Systems S t Architect t 18

Enterprise Scope Enterprise Business Process Systems Data Solution Infrastructure Evaluate service opportunities Participate in service specification Provide technical coordination between projects Provide look-ahead technical guidance (future projects) 19

Common Issues Project level There is no architect (i.e. nobody responsible for overall business process and systems architecture) The architect has no authority The project manager may ignore the advice is treated as an after-the-fact the fact review Too late to make substantial changes Enterprise Level No participation in actual projects No opportunity to guide them towards common goals No opportunity to recognize issues in standards and best practices No authority Projects do as they please Project participation is at a review level Too late to make substantial changes 20

Put All Under One Roof Business Executive Sponsor Total Management Enterprise Projects Enterprise Project Manager Project Manager Project Manager Business Process Systems Data Business Process Architect Business Process Architect Business Process Architect Solution Infrastructure Systems Architect Systems Architect Systems Architect 21

Summary

SOA Governance Overview SOA = Sharing: the producer is not the consumer Sharing requires Governance: rule creation and enforcement Run-Time Governance Design-Time Governance Usage Operation Creation Employment Enforced by systems Enforced by procedures Organizational Issues 23

SOA Governance Overview Reuse Isolation SOA = Sharing: i the producer is not the consumer Sharing requires Governance: rule creation and Run-Time Design-Time Governance Governance enforcement Checkpoints Usage Operation Creation Employment Enforced by systems Separate policy from service Enforced by procedures Organizational Issues Coordination 24

For More Information Succeeding with SOA The business and organizational perspective For: CIO, COO, CEO, CTO Managers Enterprise and project architects Implementing SOA Creating the total architecture For Enterprise and project architects CTOs 25 www.total-architecture.com