1. SOLEA Service-Oriented Locally adapted Enterprise Architecture Innovative Marriage of Security and Performance in SOA Based Dynamic Enterprises Sponsors: Presented by: -Helsinki University of Technology Dr. Mehmet Yildiz -University of Kuopio IBM Certified Executive IT Architect myildizmel@gmail.com Abridged version Proposed Abstract: All enterprise systems have two key concerns: security and performance. All CIO / CTOs have these two in their daily agenda through the life cycle of their mission critical business systems. These two aspects hardly go along well unless specialised design considerations, innovative techniques and methodical practices are applied. Finding the right balance for security and performance marriage is a significant challenge for dynamic enterprises especially when the Service Oriented Architecture (SOA) is the key enabler of it. This paper aims at identifying key security and performance factors for SOA projects in dynamic enterprises and how they can be efficiently architected for desired business outcomes. In this paper, the experience based claims are substantiated with industry based literature review and a sample case study from the field. 1

2. SOLEA Agenda -Introduction -Theme 1: EA and SOA in Dynamic Enterprise -Theme 2: SOA Performance Research -Theme 3: SOA Security Focus SOA Reference Architecture QoS -Conclusion Layer 7 Perf/Sec 2

3. SOLEA Introduction and Methodology Purpose Share experience SOA and EA are important Data collection, analysis and validation of results Lessons learnt out of over 50 projects Interaction (surveys and interviews) with over 100 architects Industry literature Academic research papers Invention disclosures Experience from 3 full cycle SOA and 10 EA engagements Leader of Architecture Lessons Learnt CoP harvesting IP from field Validation of findings with selected top 10 SOA practitioners from diverse organisations and industries Still so much to learn! 3

4. SOLEA Theme 1: EA and SOA in Dynamic Enterprise S A O EA ESB 4

5. SOLEA Evaluation of Current Architecture Frameworks CS1 None of the assessed frameworks fully meets the major criteria in the Regensburg study. Hence use of combination of frameworks is suggested. 5 Ref: Susanne Leist and Gregor Zellner University of Regensburg, Institute of Information Management, Germany

6. SOLEA SOA Vendors for New Systematic Applications Gartners Magic Quadrant for Application Infrastructure for New Systematic SOA Application Projects There are many vendors investing on SOA Application Projects. Leveraging their experience is important 6 Ref: Gartners Magic Quadrant for New Systematic Applications

7. SOLEA Key SOA Concepts a service? service orientation? A way of integrating your A repeatable business business as linked Composable services task e.g., check customer credit; open and the outcomes that new account they bring Interoperable SOA SOA Re-Usable Re- Loosely service oriented Coupled a composite architecture (SOA)? application? An IT architectural style A set of related & that supports integrated services that service orientation support a business process built on an SOA 7

8. SOLEA Definition of Service and System - Technically Extract from Webster Service A service is a program we interact with via message exchanges System A system is a set of deployed services cooperating in a given task Services Science An interdisciplinary approach to the study, design, and implementation of services systems complex systems in which specific arrangements of people and technologies take actions that provide value for others. 8 Ref: Webster Dictionary

9. SOLEA Service Integration Maturity Model (SIMM ) Typical SOA Projects SOA Maturity Assessment Dynamically Composite Virtualized Re-Configurable Silo Integrated Componentized Services Services Services Services Componentized Processes Provided Mix & match Outsourced Isolated Business Business Process Componentized Business Provides & Consumed via business capabilities Business services; BPM Line Driven Integration Business & Consumes Composite Business via context-aware and BAM Services services services SOA and IT Governance Ad hoc LOB IT Ad hoc Enterprise Common SOA and IT Organization Emerging SOA Infrastructure Implemented Strategy & IT Strategy & Governance Governance Governance Governance using automated Governance Governance processes Alignment Alignment Policies Service Structured Object Component Service Service Grammar Oriented Methods Analysis & Oriented Based Oriented Oriented Oriented Modeling for Design Modeling Development Modeling Modeling Modeling infrastructure Dynamic Applications Application Applications composed of Virtualized Modules Objects Components Services Assembly; Composite Services context-aware Services invocation Dynamically Re- Architecture Monolithic Layered Component Emerging Grid Enabled SOA Configurable Architecture Architecture Architecture SOA SOA Architecture Enterprise Virtualized Application LOB or Enterprise Information as a Business Data Semantic Data Information Canonical Models Information Specific Specific Service Dictionary & Vocabularies Services Repository Context-aware Common Project-based SOA Infrastructure LOB Platform Platform Common SOA Event-based Reusable SOA Environment; Specific Specific Environment Sense & Infrastructure Environment Sense & Respond Respond 9 http://www.opengroup.org/projects/osimm/ 3 Level 1 Level 2 Level Level 4 Level 5 Level 6 Level 7

10. SOLEA Why SOA An executive view The paradigm shift of using services instead of APIs Composable means simplified interaction, less communication, rs artne and reduced complexity le p ultip Interoperable SOA SOA Re-Usable Re- to m SOA necti ng Loosely con Resource Coupled Train* erfa c e e int Reuse Business es ingl ur gh sec Application Agility Throu Integration Infrastructure Flexibility Business Application Resources Standards-based approach Infrastructure Processes speeds business process Architecture automation SOI 10 *Concept created by Mehmet Yildiz, 2007, IBM

11. SOLEA A SOA Reference Architecture Sample CS1 Enterprise Architecture Ref Architecture for Ref Architecture for a Service Areas Ref Architecture for a Program Single Project 11Ref: IBM and Open Group

12. SOLEA 7 Concerns at Layer 7 - QoS CS1 1.Increased virtualization 2.Loose coupling Layer 7 3.Widespread use of XML 4.The composition of federated services 5.Heterogeneous computing infrastructures 6.Decentralized SLAs 7.The need to aggregate IT QoS metrics to produce business metrics 12Ref: IBM and Open Group SOA Reference Architecture

13. SOLEA Security and Performance Relationship Performance Belief: The harder the security the lower the performance in any SOA project Security 13

14. SOLEA Security vs Performance in Dynamic Enterprises CS1 Balance of Dynamic Enterprise Dynamic SOA* Supports Dynamic Applications Supports Dynamic Infrastructure Security Security Performance Supports Dynamic Operations Availability and Satisfaction Dynamic Dynamic Security Performance 14Concept introduced by Mehmet Yildiz, 2007, IBM

15. SOLEA Theme 2: SOA Performance heterogeneous abstraction infrastructures Performance federated open service standards ecosystem Compliance Internal Governance distributed Open computing protocols 15

16. SOLEA Major Source of Performance & Scalability Issues CS1 Architecture 19% Development 56% Production 25% 16 Ref: Optimizing Service-Level Performance, Jean-Pierre Garbani Forrester Research

17. SOLEA [An Observed] SOA Perf/Sec Effort Indication* CS P-H =Case Studies P-H S-H 1, 2, 3 S-H Operational Services Support Integration S-M P-M =Complexity Indicators P-M S-M Extreme Infrastructure P-M Build S-M High Application n Packaging esig P-M P-L e &D S-M Code Data Migrationtur S-L tec l Ar chi Medium t ua Ac d ne Plan Low 17Ref: SOA performance assessement research results by Mehmet Yildiz, 2008, IBM

18. SOLEA Performance Complexity Indication CS1, 2, 3 Code Application Operations / Infrastructure Production Services Integration 18Ref: Concept and research results by Mehmet Yildiz, 2008, IBM

19. SOLEA Performance with FastSOA SS FastSOA is an architecture and software coding practice that addresses 3 key problems: 1 Solves the SOAP binding 1 Solves the SOAP binding 2. Uses native XML 2. Uses native XML 3. Introduces a 3. Introduces a (proxy) performance problem (proxy) performance problem persistence to avoid persistence to avoid mid-tier service mid-tier service by reducing the need for Java by reducing the need for Java XML-to-relational cache to provide XML-to-relational cache to provide objects and increasing the use objects and increasing the use transformation transformation SOA service SOA service of native XML environments to of native XML environments to provide SOAP bindings. performance problems. performance problems. acceleration. acceleration. provide SOAP bindings. 19 Ref: http://www.ibm.com/developerworks/xml/library/x-accsoa/

20. SOLEA Benefits of SOA Appliances SS Hardened & specialized Meet Higher levels of hardware for helping to security assurance integrate, secure certifications (government Many functions FIPS Level 3 HSM) and accelerate SOA integrated into a single device Higher performance Simplified deployment with hardware and acceleration ongoing management (more security checks without slow downs) 20 Ref: Extracted from IBM Websphere Datapower White Paper

21. SOLEA Simplification with SOA Appliances SS CS1 21 Ref: Extracted from IBM Websphere Datapower White Paper

22. SOLEA Popular SOA Management Tools SS CS1 The complexity of SOA environments and applications demands management tools from inception to deployment to operations and beyond. Tools (Alphabetically) Summary of Key Functions AmberPoint's A policy-based run-time governance software suite, SOA performance in production. Includes a run- time repository, service network monitoring, SOA security, service-level monitoring. SOA Management System: BMC Software's AppSight: Performs automated problem resolution in SOA implementations to alleviate and eliminate application problems. CA's Wily SOA Solution: Monitors the performance and availability of Web services, application performance on client machines and other components in the SOA environment. HP's SOA Manager: The software can define and maintain a dynamic model of services, including software assets and virtual servers; and manage application and Web services performance within that SOA model. IBM's Tivoli Composite Application Monitors, manages and controls the Web-services layer of IT architectures, and identifies the source of bottlenecks or failures. Manager (ITCAM) for SOA: iTKO's LISA Enterprise SOA Focuses on the software performs unit, regression, functional and load testing, as well as post deployment monitoring tasks. Testing platform: Mindreef's SOAPscope Server: Enables task-oriented collaboration regardless of role, skill set or development environment -- which makes it possible to find quickly and address any performance problems that arise, the company says. OpTier's CoreFirst Monitors the performance of services, components and transactions. Progress Software's Actional for Uses agent technology that watches messages entering and exiting XML appliances and application servers to build a map of what happens in an SOA infrastructure. Helps with performance alerting, SOA Operations dependency analysis, problem detection and resolution. Tidal Software's Intersperse Enables the proactive detection of problems, problem localization and root-cause analysis. http://www.javaworld.com/javaworld/jw-10-2007/jw-10-soa-management-tools.html?page=11 22

23. SOLEA Theme 3: SOA Security heterogeneous abstraction infrastructures federated open service standards ecosystem Compliance internal Governance Security distributed Open computing protocols 23

24. SOLEA Typical Security Architecture for an Enterprise CS1 Externally Highly Controlled Secure Zone External Business Zone External Internal Zone Uncontrolled Demilitarized Zone Special Domain 24

25. SOLEA Typical SOA Security Architecture CS1 25 Ref: IBM SOA Security Red Book, Dr. Paul Ashley et al

26. SOLEA SOA Security Reference Model by IBM CS1 26 Ref: IBM SOA Security Red Book, Dr. Paul Ashley et al

27. SOLEA Top 10 Security Principles for Dynamic Enterprises From National Institute of Standards and Technology Key Points Descriptions CS1 Only grant access to what is required. 1. Least Privilege Relying on more than one component or mechanism to be secure, failure of a 2. Defense in Depth single security solution may compromise the entire security. Forces attackers to use a narrow channel of access where actions can be 3. Choke Point monitored and controlled. Security is only as strong as the weakest link. Smart attackers will seek the 4. Weakest Link weakest point to attack. Systems should fail in such a way that it denies access to an attacker rather than 5. Fail-Safe Stance grants access. Everyone needs to be concerned with security. Failure from one person or or area 6. Universal Participation can be dramatic! Do not rely on only one (type of) system or application for security, no matter how 7. Diversity of Defense strong or comprehensive it may be. (e.g. one firewall). The more complex the security environment, the riskier it is for security. 8. Simplicity To minimize the amount of damage that can be done to an environment (or 9. Compartmentalization system), break the environment up (or system) into isolated units. Historically, insiders account for 65% of all attacks. Protections should make little 10 Inside/outside threats difference for an inside or outside attack. http://csrc.nist.gov/publications/nistpubs/800-27/sp800-27.pdf 27 There are 33 important principles by NIST!

28. SOLEA Granular Security Assessment feeding SM CS1 Subsystem Components and Elements for Each Subsystems and Functions Impact Likelihood Credential Subsystem Insignificant Minor Moderate Major Catastrophic Almost Certain Information Flow Control Subsystem Likely Access Control Subsystem Moderate Security Audit Unlikely Subsystem Integrity Rare Subsystem 28 Adapted from IBMs Systems Engineering Method

29. SOLEA SOA Security Architectural Decisions Samples Documenting and obtaining sign Decision 2: off for the architectural decisions Provide authorization at every layer at the very beginning of the SOA in the architecture Course grained project is essential at the point of contact servers Increasing more fine grained towards the back-end systems Decision 1: Use SAML 2.0 Browser Artifact Profile for Federated web single sign-on Decision 4: Use only standards based interconnections Decision 3: WS-Security Use point of contact servers in a DMZ environment for all in-coming and out- WS-Trust going transactions. Use hardware SAML appliances for dealing with web services messages WS-I Basic Security Profile 29

30. SOLEA Conclusion Messages PERFORMANCE & SECURITY IS (E2E) LONG TERM JOURNEY. Map PM to SM! A tight relationship for desired results! Target is SIMM Level 7! Security and performance EA is important SOA also helps EA to are like Ying & Yang, hence for successful be more efficient for require balance all the time SOA projects & an organisation provides a map Every marriage require Every marriage require Performance & Standards, policies, commitment. & lifetime commitment. & lifetime security work MUST models, compliance, agility and architecture support so does SOA marriage support so does SOA marriage start from inception! of security & performance of security & performance Any delay is a critical are very important factors factor for SOA QoS Beware, SOA projects require different Use of methodical and approach than traditional SOA projects are systematic approach projects and may take full of unknowns produce better results longer and may cost depending on for SOA more; it is not number of necessarily easiest! services. 30 Ref: Extracted from M. Yildiz SOA Performance and Security Paper, 2008