This two-part article series discusses real-world challenges of applying service-oriented principles and patterns. Informed by case studies of SOA wins and losses, this article contrasts the SOA ideal to its realization and suggests that strong leadership must drive a successful SOA. It proposes a new way to represent SOA principles and patterns using symbolic notation. This article supplements two textbooks by Thomas Erl, "SOA Principles of Service Design" and "SOA Design Patterns", which expand on that synergy between principles and patterns.
This article discusses real world challenges of working with SOA principles and design patterns based on personal project experience and published cases. We'll try to understand the shadow between funding SOA and the spasm of its failure. "This is the way the world ends," Eliot says in his poem. "Not with a bang but a whimper." A company's SOA can also end with a whimper, not failing but bringing little value to the company. An architecture that seems good in theory but fails in practice is a bad theory. Thus, a theory for how we craft an SOA must align with road-tested practice.
In the first article in this series, we'll contrast the SOA ideal to its realization and suggest a way to represent SOA patterns with symbolic notation. In the second article, we'll apply two principles to an example of a claims service using thirteen patterns.
Service-oriented architecture (SOA) tries to solve the problem of poorly planned systems and fragile chains of dependency. SOA provides a two-fold benefit to our enterprise. First, SOA requires a process of deep scrutiny that exposes waste and obsolescence. Secondly, it provides an innovative platform to meet strategic goals. The promise of SOA is that it creates conditions for cutting costs, increasing profits, and responding to the marketplace. We build SOA using a framework, an agile life cycle, principles, and patterns...
In this article we’ll conduct a deep analysis on a number of topics in virtualized cloud data centers providing analytical tools for readers interested in architecting solutions related to their present environment. We’ll start with power considerations for virtualized environments, refine the notion of power versus energy management, define concepts of efficiency applicable to virtualized pools, and introduce the approach of composite usage models as an optimizing analytic tool to tailor power related technical solutions to match a specific business goal.
Given the recent intense focus in the industry around data center power management and the furious pace of the adoption of virtualization, it is remarkable that the subject of power management in virtualized cloud environments has received relatively little attention.
It is fair to say at the time of writing that power management technology has not caught up with the needs of the virtualized data center. For historical reasons the power management technology available today had its inception in the physical world where watts consumed in a server can be traced to the watts that came through the power utility infrastructure. Unfortunately, the semantics of power in virtual machines have yet to be comprehensively defined to industry consensus.
For instance, assume that the operating system running in a virtual image decides to transition the system to the ACPI S3 state, sleep to memory. What we have now is the state of the virtual image preserved in the image's memory with the virtual CPU turned off.
Assuming that the system is not paravirtualized, the operating system won't be able to differentiate whether it's running in a physical or virtual instance. The effect of transitioning to S3 will be purely local to the virtual machine. If the intent of the virtualized application was to transition the machine to S3 to save power, it does not work this way...
This article describes the foundations of SOA security testing including functional, performance, interoperability, and vulnerability testing. As service-oriented architecture (SOA) begins to form the fabric of IT infrastructure, active and aggressive testing has become crucial to ensure that services are exposed safely without compromising security. Robust security testing ensures that trust (identity, privacy and integrity) is maintained within systems and threats (denial of service, mal-ware and data leaks) are eliminated from SOA deployments.
Rich internet applications, service APIs, virtualization, and cloud services provide extensive integration of data for real-time information access. This drive to open up business applications for integration comes at a cost: service security. This article focuses on SOA security testing. The trustworthiness of a service is a crucial factor determined by whether or not a potential consumer makes use of a service offering. Interestingly, many service providers neglect this fact. They assume that functionally rich services are good enough for their customers. However, non-functional requirements often make the difference between successful service offerings and fruitless, academic attempts to push SOA into an organization.
SOA security testing requires significant rigor and discipline because of the complex nature of SOA that involves many systems, protocols, content-types, identity tokens, encryption mechanisms, and signature techniques. Detailed business transactions exposed through services contain complex business structures in areas such as customer data, purchase orders, change requests, tax returns, financial reports, and MRI scans. Testing such complex structures' security provisions (along with identity, privacy and integrity) across functional, performance, interoperability and vulnerability domains is necessary for building a secure SOA...
In today's IT world, service-oriented architecture is not a new term for enterprises. It has been adopted widely and quickly by many. However, most SOA adoptions focus only on the pilot phase and production implementation to meet immediate business needs. Because of the requirements posted by the business team, very few are adopting SOA for enterprise standardization. Since most adoptions are triggered by business, IT departments do not have enough time to think through post-implementation strategies, such as infrastructure optimization. In addition, many of us have been practicing traditional software development methodologies for decades, which do not reflect the specific needs for SOA adoption phases in pre and post implementation. In reality, the payback and higher ROI will only happen if there is accurate monitoring, measuring and optimization during adoption phases, and proper governance must follow. This is where many enterprises have failed to have appropriate strategy and governance models. The purpose of this article is to shed light on the importance of service and process monitoring, measuring and optimization, which will lead to better results.
In order to understand the importance of optimizing the enterprise services and business processes, we should understand some common issues of SOA implementation. How can SOA help to monitor the business functions and processes? How can it provide opportunities to build mature business processes? In this article, we are going to explore the answers to these questions and more, including topics such as:
Purpose of the service and business process optimization
Measure to identify the service and business process improvements
Service and business process optimization
SOA governance lifecycle for optimization
Key roles in service and business process optimization
Benefits of service and process optimization...