SOA Governance Essentials - Total Architecturetotal-architecture.com/indexFiles/Governance/SOA...

Post on 09-Apr-2018

221 views 5 download

Transcript of SOA Governance Essentials - Total Architecturetotal-architecture.com/indexFiles/Governance/SOA...

SOA Governance Essentials

Paul C. BrownPrincipal Software ArchitectPrincipal Software Architect

© 2008 TIBCO Software Inc. All Rights Reserved.

Agenda

SOA Governance Overview

Run-Time Governance

Design-Time Governance

Organizational Issues

Summary

© 2008 TIBCO Software Inc. All Rights Reserved.

2

SOA Governance Overview

SOA = Sharing: the producer is not the consumer

Sharing requires Governance: rule creation andenforcement

R Ti D i TiRun-TimeGovernance

Design-TimeGovernance

ServiceUsage

ServiceOperation

ServiceEmployment

ServiceCreation

© 2008 TIBCO Software Inc. All Rights Reserved.

3

SOA Governance Overview

SOA = Sharing: the producer is not the consumer

Sharing requires Governance: rule creation andenforcement

Run-TimeGovernance

Design-TimeGovernance

ServiceUsage

ServiceOperation

ServiceEmployment

ServiceCreation

Enforced by systems

Enforced by procedures

© 2008 TIBCO Software Inc. All Rights Reserved.

4

Organizational Issues

SOA Governance Overview

SOA = Sharing: the producer is not the consumer

Sharing requires Governance: rule creation andenforcement

R Ti D i TiRun-TimeGovernance

Design-TimeGovernance

ServiceUsage

ServiceOperation

ServiceEmployment

ServiceCreation

Enforced by systems

Enforced by procedures

© 2008 TIBCO Software Inc. All Rights Reserved.

5

Organizational Issues

R TiRun-Time Governance

© 2008 TIBCO Software Inc. All Rights Reserved.

Typical Types of Run-Time Rules

Access controlAuthenticationAuthorizationAuthorization

EncryptionDigital signaturesDigital signaturesData filteringLoggingogg gStatistics gathering

Invocation rateResponse times

Th li t i d d!

© 2008 TIBCO Software Inc. All Rights Reserved.

7

The list is open-ended!

It Is Possible to Enforce Policies Within the Service

S iServiceLife-Cycle

ArchitectModify the service architecture to make provision for policyArchitect

Design

to make provision for policy enforcement

Design the manner in Design

Implement/

gwhich the rule will be implemented

Implement/Test Implement and test the

rule

Deploy the revised serviceDeploy Deploy the revised service(may be disruptive!)

© 2008 TIBCO Software Inc. All Rights Reserved.

8

Operate Service enforces the rule

Enforcing Policies Within the Service Is Expensive!

S iServiceLife-Cycle

ArchitectModify the service architecture to makeArchitect

Design

architecture to make provision for policy enforcementDesign the manner inDesign

Implement/

Design the manner in which the rule will be implemented

Implement/Test Implement and test the

rule

Deploy the revisedDeploy Deploy the revised service(may be disruptive!)

© 2008 TIBCO Software Inc. All Rights Reserved.

9

Operate Service enforces the rule

Solution: Separate Policy Enforcement From Service

Service Consumer

PolicyAgent

Service Providerg

Policy f tenforcement

Interface must still be

guarded

© 2008 TIBCO Software Inc. All Rights Reserved.

10

Solution: Separate Policy Enforcement From Service

Single Process Space

Service Consumer

PolicyAgent

Service Provider

Single Process Space

g

Policy f tenforcement

Interface is now fully protected

© 2008 TIBCO Software Inc. All Rights Reserved.

11

Enforcing Policies with a Policy Agent

ServiceLife-Cycle

Architect

PolicyLife-Cycle

Put the infrastructure in Architect

D i

place to use Policy Agents

Select or create theDesign

Implement/

Select or create the template for the type of rule you need

Implement/Test Configure the rule

Associate the rule with theDeploy Associate the rule with the services it governs

P li A t f th

© 2008 TIBCO Software Inc. All Rights Reserved.

12

OperatePolicy Agent enforces the rule

D i TiDesign-Time Governance

© 2008 TIBCO Software Inc. All Rights Reserved.

Governance During Service Development

ServiceLife-Cycle

ArchitectArchitect

D i

• Will the service fit multiple usages?• Will the interface remain stable over time?

Design

Implement/Implement/Test• Is the testing adequate?• Is the documentation adequate?

Deploy

© 2008 TIBCO Software Inc. All Rights Reserved.

14

Operate• Manage service operation (start/stop)• Manage service versioning

Governance During Solution Development

ServiceLife-Cycle

Architect

SolutionLife-Cycle

Architect

D i

• Are existing services being used?• Are new services being built appropriately?Design

Implement/

appropriately?

Implement/Test

• Has service capacity planning been done?

Deploy • Have policies been put in place for service access?

© 2008 TIBCO Software Inc. All Rights Reserved.

15

Operate• Coordinate with service operation• Track service versioning

O i ti lOrganizational Issues

© 2008 TIBCO Software Inc. All Rights Reserved.

Who Manages Intra-Project Dependencies?

Solution XService A

Your Project•Project Manager•Business Process ArchitectSolution X(new) •Business Process Architect•Systems Architect

© 2008 TIBCO Software Inc. All Rights Reserved.

17

Who Manages Inter-Project Dependencies?

Solution XService A

Your Project•Project Manager•Business Process ArchitectSolution X(new) •Business Process Architect•Systems Architect

Sister Project

Service B( ) Solution Y

•Project Manager•Business Process Architect(new) •Systems Architect

Future Project

Service C(future) Solution Z

•Project Manager•Business Process ArchitectS t A hit t

© 2008 TIBCO Software Inc. All Rights Reserved.

18

(future) •Systems Architect

Enterprise Architecture Scope

E iEnterpriseArchitecture

Business ProcessArchitecture

SystemsArchitecture

DataArchitecture

SolutionArchitecture

InfrastructureArchitecture

ServiceArchitecture

Evaluate service opportunitiesParticipate in service specification

Provide technical coordination between projects

Provide look-ahead technical guidance (future

© 2008 TIBCO Software Inc. All Rights Reserved.

19

g (projects)

Common Architecture Issues

Project levelThere is no architect (i.e. nobody responsible for overall business process and systems architecture)process and systems architecture)The architect has no authority

• The project manager may ignore the advice

Architecture is treated as an after the fact reviewArchitecture is treated as an after-the-fact review• Too late to make substantial changes

Enterprise LevelNo participation in actual projects

• No opportunity to guide them towards common goals• No opportunity to recognize issues in standards and best practices

No authorityNo authority• Projects do as they please

Project participation is at a review level• Too late to make substantial changes

© 2008 TIBCO Software Inc. All Rights Reserved.

20

Too late to make substantial changes

Put All Architecture Under One Roof

Business Executive Sponsor

Total ArchitectureManagement

Sponsor

EnterpriseProjects

EnterpriseArchitecture

Business ProcessArchitecture

SystemsArchitecture

DataArchitecture

ProjectManager

ProjectManager

ProjectManager

Business Business Business Solution

ArchitectureInfrastructureArchitecture

Process Architect

Systems Architect

Process Architect

Systems Architect

Process Architect

Systems Architect

ServiceArchitecture

© 2008 TIBCO Software Inc. All Rights Reserved.

21

Summary

© 2008 TIBCO Software Inc. All Rights Reserved.

SOA Governance Overview

SOA Sh iSOA = Sharing: the producer is not the consumer

Sharing requires Governance: rule creation andf tenforcement

Run-TimeGovernance

Design-TimeGovernanceGovernance Governance

Service Service ServiceServiceUsage Operation EmploymentCreation

Enforced by Enforced by systems

yprocedures

Organizational Issues

© 2008 TIBCO Software Inc. All Rights Reserved.

23

SOA Governance Overview

SOA Sh i• Reuse SOA = Sharing: the producer is not the consumer

Sharing requires Governance: rule creation andf t

• Reuse• Isolation

enforcement

Run-TimeGovernance

Design-TimeGovernance

• Checkpoints

Governance Governance

Service Service ServiceServiceUsage Operation EmploymentCreation

Enforced by Enforced bysystems

Enforced by procedures

Organizational Issues• Separate policy from service

• Coordination

© 2008 TIBCO Software Inc. All Rights Reserved.

24

from service

For More Information…

Succeeding with SOA• The business and organizational

perspectiveperspective• For:

• CIO, COO, CEO, CTOManagers• Managers

• Enterprise and project architects

Implementing SOA• Creating the total architecture• ForFor

• Enterprise and project architects• CTOs

© 2008 TIBCO Software Inc. All Rights Reserved.

25www.total-architecture.com