http://www.soamag.com The SOA Magazine is a monthly online publication provided by SOA Systems Inc. and Prentice Hall/PearsonPTR and is officially associated with the "Prentice Hall Service-Oriented Computing Series from Thomas Erl." SOA en-us Copyright 2011, SOA Systems Inc. http://www.soamag.com I'm very pleased to announce that we'll be making as series of papers available that explore how the service-orientation paradigm relates to other established models, methodologies, and paradigms. This body of work will provide concrete mapping of principles, characteristics, and mechanisms between service-orientation and the service-oriented architectural model and elements of other models and frameworks, such as those provided by RUP, TOGAF, ITIL, and others. These papers are official supplements of SOA School courses, but will also be published via the SOA Magazine and other publications, including the upcoming serviceorientation.com community site that is under development. In this issue we kick things off with contributions from Filippos Santas, Prasad Jayakumar, and Jose Luiz Berg. I met with both Filippos and Jose at last month's SOA + Cloud Symposium in Brasilia, where we were able to further discuss plans for the roll-out of these important documents. The Brazil event was highly successful with our largest turnout so far. We'll be looking forward to the next symposium in Spring, 2012. SOA http://www.soamag.com/default.php#When:05.18.11 http://www.soamag.com/I50/0511-1.php In this series of articles we examine the correspondence, synergies and gaps of Service Orientation and The Open Group Architecture Framework. In this first set of articles we go through the phases, methods, iterations, layers, principles and roles. In part II of this article, we continue with governance issues. The part III of this article, we examines how services are architected and developed providing traceability to the business processes. SOA http://www.soamag.com/I50/0511-1.php#When:05.018.11 http://www.soamag.com/I50/0511-2.php World-renowned SOA expert Thomas Erl had stated the following on Service Reusability, "A service capability can be reused in two different ways. It can be repeatedly invoked by the same service consumer program automating the same business task or it can be invoked by different service consumers automating different business tasks." Based on this thought, services are generally classified into Shared Services and Internal Services. SOA http://www.soamag.com/I50/0511-2.php#When:05.018.11 http://www.soamag.com/I50/0511-3.php As previously stated, the data model in EAI deserves a separate chapter. A common mistake in systems integration is to transfer their job is requirements as the systems communicate. It is common to hear from integration teams, "they are only the pipe, and don't care about what's going on inside it". In fact, the integration concerns the exchange of information (represented by your data) between systems. This is your goal and that is what adds value to the business... SOA http://www.soamag.com/I50/0511-3.php#When:05.018.11 http://www.soamag.com All eyes will be on Brasilia later this month as speakers will converge on this historical city for the next International SOA + Cloud Symposium event. I will look forward to finally launching the SOA Governance book with several of the co-authors, and it will be interesting to see how much governance becomes a topic of discussion throughout the conference sessions. Although there is a track dedicated to SOA governance, the more general topic area of IT governance usually finds its way into a range of talks, from technology to practice to business strategy. More than in previous symposium events, this year we have seen the program agenda mix and merge sessions relating to service-oriented architecture and cloud computing. This is a positive indication that there is a growing realization of the synergy between these two fields of practice. The more awareness of this synergy, the greater we are empowered to leverage it when it makes sense to do so, and to decide not to when it doesn’t. It all comes down to making educated decisions based on concrete facts. I’m hopeful this next symposium will take us all a step further in that regard. See you there. SOA http://www.soamag.com/default.php#When:04.14.11 http://www.soamag.com/I49/0411-2.php This article is intended to present the relationship between Service-Oriented Architecture (SOA) and Enterprise Application Integration (EAI). Some people have recently said that EAI is dead, it was than replaced by SOA, creating some confusion and enforcing a culture of "forgeting all the past". SOA http://www.soamag.com/I49/0411-2.php#When:04.014.11 http://www.soamag.com/I49/0411-3.php Many aspects of SOA governance adoption depend on tight integration between various SOA platforms. As you can see from the governance adoption framework, the SOA governance platform plays a central role in solidifying governance mechanisms, automating governance processes, and driving governance adoption. SOA http://www.soamag.com/I49/0411-3.php#When:04.13.11 http://www.soamag.com/I49/0411-4.php SOA governance should ensure that there is an appropriate process in place by which services described by the service model become candidates to enter the Service Portfolio. SOA http://www.soamag.com/I49/0411-4.php#When:04.14.11 http://www.soamag.com While completing the manuscript for the SOA Governance: Governing Shared Services On-Premise and in the Cloud, we ran into an interesting requirement to continually make a distinction between SOA governance and cloud computing governance. The governance controls documented in the book were specific to realizing the target state of SOA – that which we strive to achieve by applying the method service-orientation in a manner that realizes our business goals. If cloud platforms are part of that target state, then we build and plan for them accordingly, but never losing sight of the fact that we are establishing service-oriented solutions and service-oriented technology architecture with very specific characteristics. However, cloud computing governance (or just "cloud governance") is distinct from this, in that it represents governance controls required to regulate and evolve any type of cloud-based IT resources and systems, regardless of whether they are service-oriented. So although there is obvious synergy between these two areas of expertise, they are also clearly independent. SOA http://www.soamag.com/default.php#When:03.09.11 http://www.soamag.com/I48/0311-1.php As governance introduces new rules, processes, and precepts, people that must comply with them often do not accept the change easily. In general, people like status quo. Change is hard. It requires people to learn new things, follow new rules, and modify their behavior. This dislike for change leads to rebellion in many forms – outright rejection, quiet noncompliance, behind the scenes subversion, or complete disregard. SOA http://www.soamag.com/I48/0311-1.php#When:03.09.11 http://www.soamag.com/I48/0311-2.php As the web is becoming more pervasive and persuasive, there is a rush to position customer-facing business applications on remote and reliable servers. This allows it to be accessed by hundreds of thousands of users simultaneously at global scale SOA http://www.soamag.com/I48/0311-2.php#When:03.09.11 http://www.soamag.com/I48/0311-3.php Another aspect that governance should monitor is the creation of static business models that define the information (data) that each organization uses to conduct its affairs. The techniques of data modeling are well established, and data models can be readily implemented as they translate directly to physical relational database structures. SOA http://www.soamag.com/I48/0311-3.php#When:03.09.11 http://www.soamag.com While completing the manuscript for the SOA Governance: Governing Shared Services On-Premise and in the Cloud, we ran into an interesting requirement to continually make a distinction between SOA governance and cloud computing governance. The governance controls documented in the book were specific to realizing the target state of SOA – that which we strive to achieve by applying the method service-orientation in a manner that realizes our business goals. If cloud platforms are part of that target state, then we build and plan for them accordingly, but never losing sight of the fact that we are establishing service-oriented solutions and service-oriented technology architecture with very specific characteristics. However, cloud computing governance (or just "cloud governance") is distinct from this, in that it represents governance controls required to regulate and evolve any type of cloud-based IT resources and systems, regardless of whether they are service-oriented. So although there is obvious synergy between these two areas of expertise, they are also clearly independent. SOA http://www.soamag.com/default.php#When:02.17.11 http://www.soamag.com/I47/0211-1.php No matter what type of cloud services or deployment models you are considering as part of your overall IT strategy, you must have a cloud services adoption roadmap to guide your journey. A cloud services adoption roadmap provides guidance that enables multiple projects to progress in parallel yet remain coordinated and ultimately result in a common end goal. The cloud services adoption roadmap consists of program-level efforts and a portfolio of cloud services. The program-level effort creates strategic assets such as the cloud architecture, cloud infrastructure, cloud governance, risk, and compliance (GRC) processes, and security policies that are leveraged across all the individual projects. The program-level efforts provide and enforce the necessary consistency required to succeed at cloud service adoption. A delicate balance needs to be struck between too little control and too much control. With too little control, cloud services adoption will be haphazard.... SOA http://www.soamag.com/default.php#When:2.17.11 http://www.soamag.com/I47/0211-2.php Cloud computing has been making waves in the business-enabling IT arena. Its impacts on both business and IT are definitely multifaceted and mesmerizing. Conceptually, the cloud style has inspired scores of nimbler business, delivery, consumption and pricing models. On the infrastructural side, cloud has emerged as the robust and resilient infrastructure for optimally hosting, managing, and delivering next-generation services and applications. Cloud is being positioned as the consolidated, virtualised, automated, shared, and quality of service (QoS)-compliant infrastructure. Having understood its strategically sound business and technical benefits, global enterprises are quick in embracing this disruptive and transformative IT platform. Following the footsteps of the enterprise IT, embedded IT (the device space) very positively and progressively jumps into the cloud bandwagon. There are several transnational and transformational initiatives for producing competent open architectures with frameworks..... SOA http://www.soamag.com/default.php#When:2.17.11 http://www.soamag.com/I47/0211-3.php At this stage, the conceptual services identified are at a very high level, containing little or no details of the underlying business functional requirements. SOA governance must see to it that much more analysis is performed before we can create a service model that would be of any practical benefit to the organization. Both dynamic models and static models of how the organization currently performs its 'hot' business processes are needed to define a realistic service model. Dynamic models describe business processes, activities and tasks, while static models describe the entities (collections of data) that the organization needs to record and manage. These entities are used as inputs and outputs for the tasks and processes contained in the dynamic business model..... SOA http://www.soamag.com/default.php#When:2.17.11 http://www.soamag.com/I47/0211-4.php Building upon the Portuguese-translated version of the SOA Manifesto authored by Ricardo Puttini, the Portuguese translation of the entire Annotated SOA Manifesto was just completed by IT Consultant, Eduardo Xavier. Both versions of the Manifesto were created in Portuguese and their release follows the publication of the Dutch, Spanish,Portuguese Chinese, French, and Russian translated versions of the SOA Manifesto and Annotated SOA Manifesto. SOA http://www.soamag.com/default.php#When:2.17.11 http://www.soamag.com I'm pleased to announce a new working group initiative by the APQC dedicated to establishing a new model that will be used to assess organizations' service-orientation maturity levels. The Service-Orientation Maturity Model (SOMM)will be developed throughout 2011, as part of an international collaborative effort, with numerous on-site working group sessions being planned in different countries. A number of these sessions will be carried out during the upcoming International SOA + Cloud Symposium in Brazil this April, and several of the working group members will be speaking at that event as well. We hope to be able to release a first draft of the SOMM by Fall 2011 for public review. A survey has been issued this month to collect input for the working group, as well as the SOMM Advisory Council that is being assembled as a supervisory body. I encourage you all to participate in this survey. With this model we will finally be able to evaluate maturity levels pertaining to the actual adoption of the principles and practices used to realize the method of service-orientation. SOA http://www.soamag.com/default.php#When:1.14.11 http://www.soamag.com/I46/0111-1.php Service portfolio management is the discipline whereby an organization creates and maintains the optimum set of services to support its mission of solving specific business problems and enhancing overall business agility, flexibility and operational efficiency. This article will focus on two important SOA constructs, the business service model and the service portfolio itself: Business Service Model - is an abstract representation of how an organization conducts its business operations, which describes the workings of part or all of the organization in terms of a set of business services. Business services represent functional capabilities exhibited by one part of the organization (the service provider), that provide value to other parts of the organization (service consumers). The service model is purely conceptual; it describes what the functions of the business services are, but contains no information as to how they are implemented.. SOA http://www.soamag.com/default.php#When:1.14.11 http://www.soamag.com/I46/0111-2.php Arguably computation models seen in client space are much more diverse than those in the server space proper. For servers, there are essentially two, the earlier model of static consolidation and the more recent dynamic model where virtual machines lightly bound to their physical hosts and can be moved around with relative ease. With virtualized clients there are also two main models, depending on whether the application execution takes place in servers in a data center or on the physical client. Beyond that we have identified at least seven distinct variants, each architected to address specific management, security and TCO needs and with usage models with specific business scenarios in mind. At least for server-based clients, their presence may be an indication of technology convergence between clients and server products in cloud space, a continuation of the trend that started when clients were used as presentation devices for traditional three-tier applications. This article examines some of the general issues and concerns regarding client virtualization... SOA http://www.soamag.com/default.php#When:1.14.11 http://www.soamag.com/I46/0111-3.php This interview podcast features David Chou, program committee member for the 2nd International Cloud Symposium, and architect in the Developer and Platform Evangelism organization at Microsoft. This discussion delves into David's role at Microsoft, different products that are in the works, and Microsoft's unique approach to cloud computing. Davis's co-authorship with the upcoming "SOA with Java" and the recently released "SOA with .Net and Windows Azure" books are also covered, revealing some interesting facts about both. We also get a teaser on David's presentation, "Architecting Cloudy Application". Microsoft is usually, from a cloud company perspective, delivering offerings across the entire specturm. Now windows Azure falls into the platform Azure service area and primarily is the public cloud offering. What we are doing with Windows Azure is our position on the Windows Azure is that it's really sort of the fine-tune definition of cloud computing in terms of the computing themselves. What we mean by that is cloud computing is not really just a virtualized Azure hosting... SOA http://www.soamag.com/default.php#When:1.14.11 http://www.soamag.com It's becoming common for CIOs and CTOs to link dynamic scalability to organizational agility. The rationale being that if we can create an "elastic" IT enterprise, our IT resources can scale automatically, on-demand in response to consumer usage requirements. Scalability certainly can be a factor, but it just one of several building blocks for establishing an agile enterprise. Organizational agility begins with how IT resources are initially created, both individually and in relation to each other. Partitioning logic into software programs so that each has a distinct, complementary and aligned functional boundary results in a normalized playing field that, when further underpinned by baseline layers of interoperability, enables us to combine these software programs into endless configurations. That is the foundation of organizational agility, upon which we can add scalability and elasticity as bonus layers. SOA http://www.soamag.com/default.php#When:12.08.10 http://www.soamag.com/I45/1207-1.php "Am I politic?" asks the host of the Garter Inn in Shakespeare's Merry Wives of Windsor. "Am I subtle? Am I Machiavel?" Over the last four centuries, Niccolò Machiavelli (1469-1527) has been called worse things than "subtle". Machiavelli's name has become a synonym for intrigue and his most famous book The Prince has been regarded as a blueprint for amorality. Joseph Stalin had a copy of this book on his bed stand and Benito Mussolini incorporated Machiavelli's ideas into his fascist regime. On the other hand, progressives such as presidents Woodrow Wilson and Theodore Roosevelt praised the Italian diplomat for his republican ideals. But the challenge of his slender volume is that it may not be what it purports to be-a manual for newcomers to power and a plea to the Medici to drive foreigners from Italy. It could be satire or a practical joke, and more than one tyrant has dug his grave on Machiavelli's bum steers. But The Prince is also bestrewn with insights... SOA http://www.soamag.com/default.php#When:12.08.10 http://www.soamag.com/I45/1207-2.php A company's information assets have become more valuable over time as we continue to evolve into a knowledge-based economy. Protecting these assets has become an industry unto itself. What started as IT security -- keeping the "bad guys" out of our networks -- has become full-blown risk management as the business implications of compromised information assets have been realized. SOA magnifies risks associated with information assets by exposing those assets more readily to a broad audience. While this is beneficial to business operations, it is cause for greater concern for security and risk management professionals. It is critical that the SOA governance team partners with risk management teams to assess risks that are brought about or intensified by SOA. Organizations new to SOA may have sophisticated risk management policies and practices but often do not fully recognize the implications of SOA... SOA http://www.soamag.com/default.php#When:12.08.10 http://www.soamag.com/I45/1207-3.php Many users of computer technology-and for that matter, many technology creators and administrators-complain about the rapid pace of change in information technology. The most recent example of a new technology trend bursting upon the scene is cloud computing. Setting a record for going from "what is it?" to "I've got to have it," cloud computing for many people seems to represent a revolution in how computing will be done in the future. It's important; however, to understand that despite its sudden arrival, cloud computing is actually the latest manifestation of well-established trends, each of which has brought new benefits and new challenges to those working in IT. It is Crucial to understand that cloud computing signifies a movement away from IT-centric product focus and signals a re-engagement with computing users, made possible by those long-established trends... SOA http://www.soamag.com/default.php#When:12.08.10 http://www.soa-manifesto.org/default_chinese.htm Building upon the Chinese-translated version of the SOA Manifesto authored by Tony Shan, the Chinese translation of the entire Annotated SOA Manifesto was just completed by Stockholm-based IT Consultant, Yue Yuan. Both versions of the Manifesto were created in Simplified Chinese and their release follows the publication of the Dutch, Spanish, Chinese, French, and Russian translated versions of the SOA Manifesto and Annotated SOA Manifesto. SOA http://www.soamag.com/default.php#When:12.08.10 http://www.soamag.com One of the greatest discussion points during the symposium was not related to new technology innovation (cloud-based or otherwise), but instead it was about the importance and necessity of IT governance. SOA has been responsible for highlighting the need for governance policies, processes and precepts, simply because it demands it. Among SOA practitioners it's become common knowledge that without these parts in place, any meaningful SOA initiative is doomed. However, what we are starting to see is an increasing awareness that governance is required in other parts of IT. This is because governance frameworks are not new to SOA; the concern of IT governance applies to all of IT. When we venture to establish service domains within an IT enterprise, we can have services that either encapsulate or reside alongside legacy or modern IT resources. This can result in the need for us to converge or align different types of IT governance programs, each perhaps associated with a different type of methodology. Properly defined governance programs help us take our IT enterprise through controlled evolution in on-going support of business needs. For many organizations, the adoption of SOA has turned out to be the spark to achieving this. SOA http://www.soamag.com/default.php#When:11.05.10 http://www.soamag.com/I44/1010-1.php Companies are ready to start benefitting from the third stage of commercial use of the Internet. The third stage offers a new channel for the Business Partner, and has the potential to change the competitive landscape of an industry. This stage is often called the Integration Stage. In this stage companies can take the lead by understanding and benefitting from the internet's full potential. This stage will change the internet from primarily supplying content through a homepage to primarily supplying automatic business functionality as services directly in the internal tools Business Partner's employees' use. However, many companies do not understand the potential consequence of their competitive situation and leave it to the IT-department to utilise the technology. The IT-department has kidnapped the stages external potential and has focused its potential on internal efficiency purposes, keeping it captured in the machine room. [The communications stage] is about transforming communication with customers and increasing the size of the markets you can reach. Users can go online and interact. All that is required is a browser and internet access on the user's side and a simple homepage on the company's side... SOA http://www.soamag.com/I44/1010-1.php#When:11.05.10 http://www.soamag.com/I44/1010-2.php This article features dialogues from the International SOA & Cloud Symposium podcast series. The interviews focus on cloud computing related topics, each guest offering their own unique perspective on the industry. Anthony discusses his research in cloud computing and where he sees it headed, as well as his co-authorship with the upcoming book "SOA and Cloud Computing". Naveen from TheCloudTutorial.com discusses issues such as the lack of industry standards, different definitions of cloud computing, and the educational value of vendor neutrality. Herbjorn Wilhelmsen from the Forefront Consulting Group covers a range of topics, including how cloud computing began, how it's evolved since it's first conception and where it is heading. Another important point he discusses is SOA in relation to cloud computing. Check out these cloudy discussions with the International Cloud Symposium's very own contributors... SOA http://www.soamag.com/I44/1010-2.php#When:11.08.10 http://www.soamag.com/I44/1010-3.php This article features dialogues from the International SOA & Cloud Symposium podcast series. The interviews focus on cloud computing related topics, each guest offering their own unique perspective on the industry. Anthony discusses his research in cloud computing and where he sees it headed, as well as his co-authorship with the upcoming book "SOA and Cloud Computing". Naveen from TheCloudTutorial.com discusses issues such as the lack of industry standards, different definitions of cloud computing, and the educational value of vendor neutrality. Herbjorn Wilhelmsen from the Forefront Consulting Group covers a range of topics, including how cloud computing began, how it's evolved since it's first conception and where it is heading. Another important point he discusses is SOA in relation to cloud computing. Check out these cloudy discussions with the International Cloud Symposium's very own contributors... SOA http://www.soamag.com/I44/1010-3.php#When:11.08.10 http://www.soa-manifesto.org/default_russian.html Following the release of the Dutch, Spanish, Chinese, and French translated versions of the SOA Manifesto and Annotated SOA Manifesto, another version has been added to the growing list of available languages. Leonid Felikson, a Russian-speaking SOA expert, has produced fully translated versions of the SOA Manifesto and the Annotated SOA Manifesto. Leonid delivered several keynotes at the 6th International Eastern European Software Engineering Conference in Moscow discussing the importance of the SOA Manifesto to the IT community. His talks, held in Russian, referenced this newly translated version. SOA http://www.soa-manifesto.org/default_russian.html#When:11.08.10 http://www.soamag.com/I43/default.php Presenting the new podcast series from the International SOA & Cloud Symposium, featuring interviews with some of the SOA Magazine's very own contributors. Art describes the evolution of the SOA & Cloud Symposium and his experience being the conference chair. The discussion delves into Art's role as a partner at Ordina, his work as a principle consultant and his upcoming books and projects. Art also talks about the conception of the SOA Manifesto, the maturity of SOA, best practices, and more. Another edition discusses BPM, BPMN, and SOA with SOA expert Volker Stiehl, a member of the solutions management team from SAP AG. Volker explains the essential distinction of BPMN from BPM, and the relationship between SOA and BPM as such. In the next interview, Stefan talks about the impact and buzz around RESTful services and SOA, his invlovement in the new "SOA with REST" book and as a committe member and speaker at this years SOA & Cloud Symposium. Stefan will be speaking on "RESTful HTTP: Using the Web for SOA" and will be participating in the "Revisiting the SOA Manifesto" and "Rest Services vs. Web Services - A Live Debate" panels... SOA http://www.soamag.com/I43/default.php#When:11.08.10 http://www.soamag.com/I43/0910-2.php In general, people will entrust their personal information freely to you only if they are satisfied that you will use it with respect for them. If they suspect that you don't respect them and expect that your competitor will, it is likely that you will lose business to that competitor, particularly if doing business with you requires them to divulge personal information. And if you can't lose business because your customers have nowhere to turn, the expectation of not being respected will lead many customers to hold back information whenever they can, thereby reducing your effectiveness. Providing your customers with the experience of being respected delivers pure business value. Showing respect has, however, consequences that go wider than your business. Showing respect is a statement about the society you want to live in and about the values you hold dear. Do you want to live in a society where your privacy is respected as a matter of course? Then think further than your bottom line. The current information systems consultancy industry approach does not contain the concept 'respect'. The nearest it gets is the concept 'confidentiality', and that is not the same thing... SOA http://www.soamag.com/I43/0910-2.php#When:11.08.10 http://www.soamag.com/I43/0910-3.php Instead of taking the approach of "build it and they will come" for services in your domain inventory, only build services when there is a known consumer. While planning upgrades to existing consumers, support backward compatibility using service wrappers and co-existence using versioning. Doing so will reduce the burden on service development team. Additionally, your new consumers access to the upgraded service while not breaking existing users. Providing adequate time window for co-existence will help stagger migration to a new version. Deliver business value early with service orientation by releasing high priority services during the initial part of a release. Bundle multiple enhancements to both new and existing services in the domain inventory as part of a release plan. By releasing early and often you enhance the reuse potential of services across initiatives. Iterations help build reusable services over time greatly minimizing schedule risk. Plan the scope of an iteration using a prioritized list of user stories. Based on the tasks identified, you can come up with new services needing development and updates to existing ones. Be cognizant of actual work effort... SOA http://www.soamag.com/I43/0910-3.php#When:11.08.10 http://www.soa-manifesto.com/ Instead of taking the approach of "build it and they will come" for services in your domain inventory, only build services when there is a known consumer. While planning upgrades to existing consumers, support backward compatibility using service wrappers and co-existence using versioning. Doing so will reduce the burden on service development team. Additionally, your new consumers access to the upgraded service while not breaking existing users. Providing adequate time window for co-existence will help stagger migration to a new version. Deliver business value early with service orientation by releasing high priority services during the initial part of a release. Bundle multiple enhancements to both new and existing services in the domain inventory as part of a release plan. By releasing early and often you enhance the reuse potential of services across initiatives. Iterations help build reusable services over time greatly minimizing schedule risk. Plan the scope of an iteration using a prioritized list of user stories. Based on the tasks identified, you can come up with new services needing development and updates to existing ones. Be cognizant of actual work effort... SOA http://www.soa-manifesto.com/#When:11.08.10 http://www.soamag.com/I42/0810-1.php Current conceptions of what information security is all about - such as are embodied in CRAMM, the ISO 27000 family of standards and COBIT - are too systems-centric to be effective in the Internet age. The key terms - confidentiality, integrity and availability (CIA) - describe properties of systems and do not adequately address the collective business value of information security. We suggest replacing them with a service-centered approach based on the terms trust, respect and utility (TRU), in order that the security impact of the totality of our information systems can be adequately assessed and managed from a business perspective. On the 30th of April, 2009, a lone assailant attempted to crash his car into an open bus containing the Dutch royal family. The next working day, thousands of municipal workers, driven by nothing but personal curiosity, accessed the personal details of the assailant using the national citizens registry. They could see where he was born, who his parents were, whether he had ever been married, and his current and previous residential addresses... SOA http://www.soamag.com/I42/0810-1.php#When:11.08.10 http://www.soamag.com/I42/0810-2.php Enterprises large and small are adopting Service Oriented Architecture (SOA) in recent years in order to gain cost savings from streamlined processes as well as create opportunities for revenue generation. Unlike previous information technology (IT) initiatives SOA places business goals front and center of the adoption strategy. Pursuing SOA as a technology-only effort will result in tactical wins for the enterprise but obtaining effective business results will remain elusive. The importance of SOA being relevant to business drivers and strategies cannot be overstated. Success with SOA hinges on several key considerations such as the scope of the overall initiative, development methodology chosen, and the extent to which the effort is tailored to the enterprise's environment. There are a variety of SOA methodologies: All these methodologies provide specific techniques to identify, specify, and realize services that make up your enterprise's SOA. They provide guidance on analysis and design activities that can be used to model services (using business, service, and technology perspectives) and implement them. Additionally, they provide architectural guidance for implementing services using a layered approach that leverages existing capabilities in the enterprise... SOA http://www.soamag.com/I42/0810-2.php#When:11.08.10 http://www.soamag.com/I42/0810-3.php Today's service architectures lead to services that directly talk to data sources and avoid service reuse. This can be achieved either by replicating business rules into each and every isolated service, or by reusing behavior at component level While this design is acceptable in small organizations, it suffers from complexity introduced by deployment and management of reusable components. This is the approach of most component and object oriented methodologies. Data is processed by in memory reusable objects. This design also suffers from increasing response time due to increasing processing. This shows SOA's service reuse approach which basically removes the deployment and version management issues of component oriented and object oriented approaches. However, it has a chronic and terminal illness caused by the accumulating latencies at every service reuse... SOA http://www.soamag.com/I42/0810-3.php#When:11.08.10 http://www.soa-manifesto.com/ Following the release of the Spanish and Chinese versions of the SOA Manifesto, a group of French-speaking SOA experts and IT professionals have collaborated to produce fully translated versions of the SOA Manifesto and the Annotated SOA Manifesto. This team of inter-continental translators addressed many of the nuances required for the accurate interpretation of the manifesto declaration, guiding principles, and the many annotated comments added soon after the original announcement of the SOA Manifesto last October in Rotterdam as part of the 2nd International SOA Symposium. The team was comprised of Anthony Assi from Logica, Jean-Paul De Baets from FEDICT, Yves Chaix, Florent Georges, and Mario Moreno from Logica. Several of these authors will also be speaking at the 3rd International SOA Symposium, which is occurring in Berlin and is expected to have many attendees from French-speaking countries, such as France and Belgium. The French SOA Manifesto is further being adopted overseas in other French-speaking regions, such as Quebec, Canada. SOA http://www.soa-manifesto.com/#When:11.08.10 http://www.soamag.com/I41/0710-1.php In the recent times of economic instability and recession, one of the core requirements of many enterprises has been to get business agility with cost efficiency. Agility of business systems depended on how modular and well organized the systems are and how "SMART" they are. Smartness of the systems arises from being self aware of their functionality and data, which helps them to take decisions with minimal human intervention at runtime. One core requirement is the ability to understand data (of any kind, not necessarily only business data) and its relationship, in a flexible/dynamic manner. The science and technology of Semantics will enable systems to address this requirement. Semantics and the underlining science of ontology have existed for a quite a few years now and have been studied widely in research areas. Though ontologies in various fields like biomedical sciences have been explored in depth, their application to industry has been slow due to the evolution of standards and adoption by vendors and the willingness of the industry/enterprises to understand its relevance and adopt it... SOA http://www.soamag.com/I41/0710-1.php#When:11.08.10 http://www.soamag.com/I41/0710-2.php As organizations continually build their software integration architecture based on the SOA paradigm, more and more services are being developed and reused to build other services. Just as OOD and CBD paradigms introduced code reuse in applications and component reuse across applications, SOA has brought the advantage of enabling reuse across distributed applications and platforms with flexibility and agility. However, as systematic reuse of such services become more and more widespread, performance is becoming a real concern; Latencies introduced at each back-end call are accumulated, large units of work hinder utilization of parallelism, chained service calls cause large amounts of wasted resources deteriorating scalability. SOA has to address these problems to advance to the next level of maturity. This article analyzes some of the important bottlenecks and proposes a new approach for rethinking and redesigning existing services to use a stream-oriented... SOA http://www.soamag.com/I41/0710-2.php#When:11.08.10 http://www.soamag.com/I41/0710-3.php Many service-oriented architecture efforts today are focusing on implementing synchronous request-response interaction patterns (sometimes using asynchronous message delivery) to connect remote processes in distributed systems. While this approach works for highly centralized environments, and can create loose coupling for distributed software components at a technical level, it tends to create tight coupling and added dependencies for business processes at a functional level. Furthermore, in the migration towards real-time enterprises, which are also constantly connected and always available on the Web, organizations are encountering more diverse business scenarios and discovering needs for alternative design patterns in addition to synchronous request-driven SOA... SOA http://www.soamag.com/I41/0710-3.php#When:11.08.10 http://www.soa-manifesto.com/ Since it was originally announced at the 2nd Annual SOA Symposium in Rotterdam last year, the SOA Manifesto has been signed by over 700 IT professionals from over 30 countries. Its success has been attributed to its simplicity and conciseness in establishing the values and priorities that underlie service-oriented architecture and in making a clear and explicit distinction between SOA as a form of technology architecture and service orientation as a design paradigm. The wide-spread adoption of the SOA Manifesto has resulted in the need for it to be translated into different languages. Most recently, Yves Chaix and Ivan Alfonso Guarin V have successfully collaborated with Sandra Milena Baron N. and Angel Maria Guarin M. to produce Spanish versions of the original SOA Manifesto and the Annotated SOA Manifesto. SOA http://www.soa-manifesto.com/#When:11.08.10 http://www.soamag.com I'd like to encourage those of you in the social media space to visit the Official Facebook Group for the Prentice Hall Service-Oriented Computing Series. As most of you know, the original site mysteriously disappeared a few weeks ago, along with a rather large membership. The newly rebuilt site is being supported by Prentice Hall and SOA School with regular book and SOACP self-study kit giveaway contests. I'd also like to congratulate Brian Loesgen, John deVadoss and Christoph Schittko for a successful launch of the "SOA with .NET & Windows Azure" book at last week's TechEd conference in New Orleans (he TechEd bookstore reported that the title remained on their top-seller list during the event). The next book planned for release is "SOA Governance", set to be launched at the upcoming 3rd International SOA Symposium. SOA http://www.soamag.com/default.php#When:10.03.10 http://soamag.com/I40/0610-1.php Measuring the performance of any initiative is imperative for its success. "If you don't measure it, you won't improve it" is something that we've found to continually be true. In the past few years, the Service Oriented Architecture (SOA) has become an accepted architectural paradigm, but SOA metrics have not kept up. While, some organizations have had success utilizing SOA, this has typically been in spite of lack of SOA metrics, not because of it. Organizations often struggle in translating technology value of an initiative into business value that the business organization can really understand. Though SOA is supposed to help in technology connecting with the business, there is very minimal prescriptive literature and framework that can guide us in terms of aligning the business and IT. This article looks at utilizing a strategic performance management tool. A "Balanced Scorecard" is a concept that has been around for some time, used for measuring the overall impact of an initiative or department (for example, an "IT Balanced Scorecard"). Extending this concept to SOA makes sense and will be useful for measuring the performance of SOA. Instead of looking at which specific business initiatives SOA can support to drive the revenue numbers, this article looks at SOA itself as a business and should help you to initiate the creation of a Balanced Scorecard for SOA... SOA http://soamag.com/I40/0610-1.php#When:10.03.10 http://soamag.com/I40/0610-2.php Effective governance is a critical element in fostering a successful SOA initiative. SOA promises to deliver a number of important business benefits, including faster time-to-market, lower costs, better consistency, and increased agility. But with great benefits come high risks. SOA requires fundamental changes to the planning, development, and operation of application systems, and it requires new levels of collaboration among project teams within the IT department and across lines of business. In fact, current IT practices, which typically focus on individual projects, time-to-market, and cost containment, frequently discourage SOA adoption. SOA governance helps the organization succeed with SOA by mitigating these risks through established rules, processes, and decision-making authority. A SOA governance program helps people do things according to the organization's goals and best practices. An effective governance program empowers people to handle ambiguity, balance short- and long-range goals, and reduce conflict within the organization. This following article (an excerpt from the upcoming book "SOA Governance" as part of the Prentice Hall Service-Oriented Computing Series from Thomas Erl) provides an introduction to governance, explains how it works, and differentiates it from management. You will find this content useful if you have not been involved in establishing a governance program before or if you would like to gain another perspective on the mechanics of governance... SOA http://soamag.com/I40/0610-2.php#When:10.03.10 http://soamag.com/I40/0610-3.php To their detriment many service-oriented architecture efforts tend to prioritize and focus on the technology connectivity (such as SOAP, HTTP, and WS-*), between and across services, over the business connectivity (such as, the task of exchanging and communicating business concepts and entities and their semantics). The ability to harmonize business entities and concepts across multiple services is critical to successful service composition. How does this manifest itself? Let us once again consider the self-service application scenario; but this time, let us consider a customer scenario in a large bank. The customer service representatives require a single view of the customer in order to enable superior customer service, to enable better decision making and to enhance the relationship with the customer, both to retain existing customers as well as to acquire new ones. The challenge with building a service-oriented architecture to support these requirements is that often there is no single store of customer data in the bank; and, the customer data is fragmented across multiple legacy business systems. In the real world there is often no single identifier for the customer data - the bank may have built some applications in-house, such as it may have acquired some other applications off-the-shelf and some services have been brought on-board as part of recent mergers with other smaller banks. Combining data to provide a single view of the customer is hard enough, but without a common identifier it is that much harder... SOA http://soamag.com/I40/0610-3.php#When:10.03.10 http://soamag.com/I38/0410-1.php As with politics and religion, information technology has its armies that fight for great truths in the name of half-truths. And one great half truth is that Agile and SOA are incompatible. On the face of it, that seems true. Service-oriented architecture must be top-down in conception and execution for it to be effective. Agile is a bottom-up systems development methodology that emerges from self-organizing collectives. SOA and Agile have both demonstrated their value and have firmly established themselves in the marketplace. And yet the experience of more than a decade at many hundreds of firms has exposed flaws in how SOA and Agile are practiced in the real world where vast resources are at stake. The purpose of this article is to reconcile these two paradigms into a complementary partnership... SOA http://soamag.com/I38/0410-1.php#When:10.03.10 http://soamag.com/I38/0410-2.php Whenever a service composes another service, meaning that one service uses the capabilities of another service or services to perform its own tasks, usually by means of workflow technologies, autonomy will be affected. In other words, when your service directly depends on one or more services the level of freedom and control you have in developing the service will be limited. The level of control over different runtime characteristics may also be affected. If you make synchronous calls to another service you will affect the control over runtime resources, such as threads. If you need to wait for the response of another service before you can return a response from your service, you depend on that other service in terms of response times. That translates into reduced predictability of how your service performs. To make matters more challenging, response times are often regulated by SLAs... SOA http://soamag.com/I38/0410-2.php#When:10.03.10 http://soamag.com/I38/0410-3.php XML appliances are a type of SOA intermediary that typically comes in hardware form factor and addresses the security threats associated with modern XML architectures. They are primarily geared towards security enforcement, monitoring and transformation. More recently, XML appliances also made inroads into the area of SOA management and governance. XML appliances contain hardened chips that can process XML in specialized circuits, at "wire-speeds". This yields high throughput and low latency, which are relevant criteria for deployment at the network perimeter. Many SOA security issues and XML-specific threats can be detected very efficiently by XML appliances. They allow turn-key deployment because of the hardware form factor... SOA http://soamag.com/I38/0410-3.php#When:10.03.10 http://soamag.com/I39/0510-1.php The mantra of every customer-facing business in this planet is to do more with less. This notion has drawn considerable attention these days due to the pervasive economic slump. Worldwide enterprises down with sluggish economy are hence keenly looking out for trend-setting inventions, innovations and non-linear methods in order to be competitively ahead in their service and solution offerings. Executives are seeking out novel and nimbler business, pricing and delivery models. Technical managers and architects are on their toes in order to unearth unconventional development approaches for faster software realization, integration, and modernization. Professionals and pundits are coming out with cutting-edge technologies, simplifying patterns, enabling architectures, and facilitating frameworks... SOA http://soamag.com/I39/0510-1.php#When:10.03.10 http://soamag.com/I39/0510-2.php Services often enforce a trust boundary. A service typically does not trust another external service and will do its own due diligence with respect to granting access and execution privileges to service requests. Incoming messages will be inspected; fields will be validated; identity will be authenticated, and entitlements will be validated prior to allowing incoming service requests to be processed. There is typically a workflow of tasks that is prescribed prior to fulfilling external service requests, comprised of authentication (validating the identity of the incoming service request), authorization (validating the right to access resources and business functions), and auditing (recording and tracking who did what and when). In this context, dealing with trust and identity across multiple services is essential and commonly a pre-requisite to enabling service composition in the real world... SOA http://soamag.com/I39/0510-2.php#When:10.03.10 http://soamag.com/I39/0510-3.php System building is a search for truth, and SOAG is no exception. We must establish SOAG on a foundation of sound epistemology. SOAG must be above all a rational process, a process that binds us to principles of empirical adequacy and rational coherency without respect to what I believe or to what the team believes. Empirical adequacy requires that the concept under question be amendable to empirical verification and asks the question: does it meet the evidence? Rational coherency requires that the concept should be consistent with other concepts that were arrived at rationally. It asks the question: is it consistent within itself? SOAG asks us to think for ourselves. But, in contrast to Agile, SOAG makes the radical claim that we should not think for ourselves. "It is a profoundly erroneous truism, repeated by all copybooks and by eminent people when they are making speeches, that we should cultivate the habit of thinking of what we are doing," writes Alfred North Whitehead. "The precise opposite is the case. Civilization advances by extending the number of important operations that we can perform without thinking about them. Operations of thought are like cavalry charges in a battle-they are strictly limited in number, they require fresh horses and must only be made at decisive moments."... SOA http://soamag.com/I39/0510-3.php#When:10.03.10