> Archive > Issue XXI: August 2008

Issue XXI August 2008

Enterprise Mashups Part II: Why SOA Architects Should Care

Chris Warner, John Crupi

Chris Warner John Crupi

Gartner recently named Enterprise Mashups a "Top 10 Strategic Technology for 2008", noting that "by 2010, Web mashups will be the dominant model (80 percent) for the creation of composite enterprise applications." [REF-1] This should make any SOA architect sit up and wonder: Can I describe the value of mashups? Can I outline the relationship between mashups and existing enterprise technology like SOA? Knowing the answers to these questions can advance you well down the road to embracing this exciting technology in your organization. In Part 1 of this three-part series, we defined a mashup in the context of the enterprise, contrasted it against other common data integration technologies, and outlined some of the more important architectural elements of an enterprise-grade mashup solution. Now, in Part 2, we'll discuss why SOA architects should care about enterprise mashups. To understand the value and relationship between enterprise mashups and SOA, it is helpful to first understand why we need enterprise mashups at all. To recap what we covered in the preceding article: • mashups give you faster answers • mashups improve your resource use (of both personnel and soft/hard computing resources) • mashups help you address new business opportunities by letting users assemble internal and external data in an opportunistic way. In a mashup world, SOA can provide the "service cloud" that supplies the raw materials to...

Project-Oriented SOA

Leo Shuster

Leo Shuster

Projects are the lifeblood of an IT department. Almost everything in IT is measured through a project lens. SOA, due to its global-centric nature, is often viewed as incompatible with project-based software delivery lifecycles. Thus, most companies find themselves with the dilemma of how to effectively advance an SOA initiatives and continue to deliver projects at the same time. The solution is to combine service lifecycle management, architecture, SOA governance, funding, and SOA metrics into a single comprehensive program. The ultimate goal is to ensure that through addressing project needs services are being effectively designed and implemented and that leverage takes place and is verifiable and that the overall SOA program objectives are being achieved. This article introduces an effective technique for moving your SOA program forward through an incremental, project-based approach. Everyone, from the CEO to the developer, understands the benefits of SOA and why it should be used. However, many companies still struggle with questions on how to correctly start, shape, and advance an SOA program. Even with careful and expert guidance, SOA initiatives face mounting challenges. The most critical barrier to SOA success is the very basic unit of IT operations – a project. Projects are the oldest and most widely accepted way to deliver work in an IT organization. Projects are time bound and...

SOA Security 101: Patching the Firewall Hole

Atif Ghauri

Atif Ghauri

Service-oriented architectures have opened and connected "black box" software implementations across enterprises, resulting in a new set of interoperable heterogeneous solutions with the common thread of standard protocols. While this level of integration is unprecedented for enterprise systems, it further muddies the water for application security. The objective of this article is to first introduce the new threats associated with service-oriented solutions, and then provide fundamental design considerations to mitigate the risks resulting from these threats. It's 2008 and it's become clear that SOA is here to stay. The first to implement are realizing the benefits of an open architecture as well as the complexity involved with mapping business functionality to services. Security, however, is often still an afterthought. If considered at all, it is approached with conventional application security mechanisms, such as network and host system controls, identity and access management controls, and data encryption during storage and transit. Is this enough to mitigate the security risks in an SOA? Well, if the security considerations that applied to traditional application architectures applied to SOAs, then the aforementioned controls would be sufficient. But unfortunately service-oriented solutions are different. Unlike the interoperability challenges that stunted the growth of...

2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006