Download - Roadmap to SOA - doveltech.com
1
Copyright © 2006, ZapThink, LLC 1
Roadmap to SOA
Jason Bloomberg & Ron SchmelzerSenior AnalystsZapThink, LLC
Take Credit Code: DKROAD
Copyright © 2006, ZapThink, LLC 2
Purpose of the Roadmap
• An SOA roadmap provides a customizable, visual guide to SOA implementation
• The ZapThink Roadmap represents One approach to SOA implementation
• The goal of roadmapping is to visually represent implementation; the ZapThink roadmap goal is to minimize risk
• The actual roadmap order is flexible and depends on company situation & needs
2
Copyright © 2006, ZapThink, LLC 3
The ZapThink SOA Roadmap
Copyright © 2006, ZapThink, LLC 4
Roadmap: Business Benefit
• It’s important to show business benefits at each step in a SOA rollout
• What business benefits can you target?
• Which benefits are easier to justify?
• How should you phase the business benefits?
3
Copyright © 2006, ZapThink, LLC 5
Increasing Business Benefits of SOA
Reduce Cost of Application Maintenance
Reduce Cost of Point-to-Point Integration
Increase Efficiency thru Service Reuse
Increase Visibility & Control Improve Business Agility
Copyright © 2006, ZapThink, LLC 6
Benefit: Reduce Cost of Point-to-Point Integration
• Some cost reduction possible simply by implementing Web Services, but larger, more durable reductions result from SOA
• Relatively straightforward to calculate ROI
• Good starting point in environments with IT skepticism
Source: Copyright © 2002 ZapThink, LLC
ContentManagement
Web Site
File System
RDBMS
Office Documents
B2B Exchanges
Directory
ERP / CRMSystems
Mainframe / Legacy
NetworkedDevices
No
N- o
r S
EM
I-S
TR
UC
TU
RE
D
ST
RU
CT
UR
ED
4
Copyright © 2006, ZapThink, LLC 7
Benefit: Reduce Cost of Application Maintenance
• Legacy rejuvenation/legacy enablement/legacy migration as appropriate
• Reduce dependency on proprietary middleware
• Improve manageability of existing IT assets
Copyright © 2006, ZapThink, LLC 8
Service-Oriented Business Applications
Benefit: Increasing Efficiency Thru Service Reuse
Existing Applications
Service Catalog
Service Model
Data Access Services Legacy API Services
Coarse-Grained Business Services
Presentation Services
1 32 4 5 6 987
1
1
1
1
1
2
2
2
2
3
3
3
3
4
4
4
5
5
5
5
6
6
6
6
7
7
7
7
8
8
88
9
9
9
9
Source: BEA Systems
5
Copyright © 2006, ZapThink, LLC 9
Benefit: Increase Visibility & Control
• Visibility & control go hand-in-hand
• Compliance & governance business drivers depend upon visibility & control
• Heterogeneity impacts both visibility as well as control of the business
Copyright © 2006, ZapThink, LLC 10
Benefit: Improve Business Agility
• Potentially the biggest benefit of SOA long-term
• Of all the benefits of SOA, the most difficult to calculate the ROI for
• A truly agile company is better able to address all of its other problems
6
Copyright © 2006, ZapThink, LLC 11
Review: SOA Business Benefit
• Look for business benefits from each phase of your SOA rollout
• Some benefits have more straightforward ROI than others
• Approach to business justification often depends on level of executive buy-in/skepticism about IT effectiveness
Copyright © 2006, ZapThink, LLC 12
Phases of SOA Maturity
• Taking an iterative approach to SOA is a fundamental best practice
• How do you avoid fragmenting your SOA efforts?
• How do you keep the “big picture” in mind through as the SOA implementation matures?
7
Copyright © 2006, ZapThink, LLC 13
Phases of SOA Maturity
Enterprise SOA Buildout
Mission-Critical SOA
SOA Pilots“Grass Roots” Web Services Implementations
Cross-Departmental SOA
Copyright © 2006, ZapThink, LLC 14
Getting Started with SOA
• Identify the business problems
• Determine the overall scope of SOA initiative
• SOA is no silver bullet – target problems that SOA is particularly good at solving– Problems with heterogeneity– Problems with inflexibility– Problems with lack of visibility
8
Copyright © 2006, ZapThink, LLC 15
Building SOA the Right Way: Take an Iterative Approach
• Top-down only: have the plan, may not be able to execute
• Bottom-up only: build Services, may not be reusable
• SOA planning must be both– Develop the vision (but not the
details) ahead of time– Service development should be
iterative
Copyright © 2006, ZapThink, LLC 16
SOA Pilots
• A few high ROI Services• Build acceptance for SOA• Get team up to speed• Work out the kinks• Pilot the governance model• Part of an iterative approach to SOA
• Piloting only the Services instead of the architecture• Remember, the pilot is one step on the roadmap
DANGER! Avoid the SOA Pilot PitfallDANGER! Avoid the SOA Pilot Pitfall
9
Copyright © 2006, ZapThink, LLC 17
Mission-Critical SOA
• Services incorporated into core business processes
• Issues of security, management, granularity resolved
• Provides ongoing agility – built to change
Copyright © 2006, ZapThink, LLC 18
Cross-Departmental SOA
• Organizational issues of governance and control become paramount
• Long-term architectural plan critical• Increased focus on semantic issues
10
Copyright © 2006, ZapThink, LLC 19
Enterprise SOA Buildout
• The corporate enterprise architecture becomes Service-Oriented
• Service lifecycle becomes dominant framework for IT change
• Service abstraction frees company to retire legacy as appropriate
State ofthe Art!
Copyright © 2006, ZapThink, LLC 20
The Service-Oriented Enterprise
• IT resources are available on demand to businesses as Services
• The Service-oriented abstraction layer enables companies to run their operations and conduct business with each other in a dynamic and automated fashion
• Business drives IT, and agile IT enables agile businesses State of
the Art!
11
Copyright © 2006, ZapThink, LLC 21
SOA Maturity Model: HP
Source: HP
Copyright © 2006, ZapThink, LLC 22
Service Integration Maturity Model: IBM
Source: IBM
12
Copyright © 2006, ZapThink, LLC 23
Roadmap: Implementation Milestones
• Implementing SOA requires many infrastructure, governance, and architecture elements in place
• What order should you roll out parts of the implementation?
• What approach should you take to make sure all the pieces are in place?
Copyright © 2006, ZapThink, LLC 24
SOA Milestones
Heterogeneous Systems with Proprietary Interfaces
Manage ServicesImplement the SOA Metamodel
Service-Oriented ProcessSemantic Integration
Dynamic Service Discovery
Secure Service Interfaces
Wrap Legacy Systems in Services Interfaces
Service-Oriented Enterprise
Create a Governance Framework
Contract-First Development
13
Copyright © 2006, ZapThink, LLC 25
• What is “legacy”?
– Host-based systems…
– SCM, CRM, and other business apps…
– Anything that’s in use…• Legacy systems enable a significant amount of mission-
critical functionality
• Rip-and-Replace vs. Maintain-and-Extend
The first step to extending functionality: abstracting The first step to extending functionality: abstracting the implementation the implementation –– aka aka ““Service WrappersService Wrappers””
J
Common First Step: Wrap Legacy with Web Services
Copyright © 2006, ZapThink, LLC 26
Secure Service Interfaces
• XML is text-based, human readable – give hackers the keys and the instructions
• Existing security inadequate to address content security issues
• Authorization, threat prevention, confidentiality key issues
14
Copyright © 2006, ZapThink, LLC 27
Build a Governance Framework
• How will you communicate corporate policies to your team?
• How will you enforce those policies?
• What is the role of SOA in your broader governance plan?
Copyright © 2006, ZapThink, LLC 28
Manage Services
• Loose coupling is a management problem: require Services to behave as expected
• Must handle infrastructure management issues “behind the scenes”
• If a business user knows how Services work, then something is wrong
15
Copyright © 2006, ZapThink, LLC 29
Contract-First Development
• Service contracts specify required functionality to IT and provide functionality to the business
• Service contract thus acts as a requirements document for all Service implementation activities
Copyright © 2006, ZapThink, LLC 30
Build the SOA Metamodel
• Architecture is design – requires a formal approach
• A metamodel is a model of models
• Models provide ongoing architectural guidance
• The core model of the SOA Metamodel is the Service Model, which represents Services in production andongoing requirements for Services
Service Model
Business ModelImplementation
Models
16
Copyright © 2006, ZapThink, LLC 31
Service-Oriented Process
• Create composite applications (Service-Oriented Business Applications, or SOBAs) by composing Services
• SOBAs implement business processes in an agile, business-focused way
• SOBAs are themselves Services, can be composed into more complex SOBAs
• Put responsibility for SOBAs into the hands of appropriate business users
• Business logic increasingly represented by SOBA configurations
Copyright © 2006, ZapThink, LLC 32
The Rise of the Service Consumer
• Rich Internet Applications (RIAs) built from technologies like AJAX and Flash as interfaces for SOBAs
• Service consumers can be RIAs, desktop apps (Excel, Outlook, e.g.), other Services or SOBAs, etc.
• “Mashups” are RIAs that compose Services; “Enterprise mashups”are mashups within a governance framework
State ofthe Art!
17
Copyright © 2006, ZapThink, LLC 33
Semantic Integration
• Balance loose coupling with semantic consistency
• Leverage industry standard vocabularies
• Tools still immature –still requires substantial manual work
State ofthe Art!
Copyright © 2006, ZapThink, LLC 34
Dynamic Discovery
• Service consumers identify and select appropriate Services dynamically at runtime
• Most applicable in business-to-business scenarios
• Advanced capability – many years away from a reality
State ofthe Art!
18
Copyright © 2006, ZapThink, LLC 35
Review: SOA Milestones
• Milestones should be taken iteratively
• Suggested order can lower risk, but is not the only order, or the best order for you
• Remember to achieve business value at every milestone
Copyright © 2006, ZapThink, LLC 36
Key Standards & Vendors
SecurityIn
tegra
tion
Proce
ss
Man
agem
ent
Tools
19
Copyright © 2006, ZapThink, LLC 37
Key Security/Policy Standards
• WS-Security (and associated)– Provide message integrity, message confidentiality, and single
message authentication via a mechanism for associating security tokens with messages
• SAML (Security Assertions Markup Language)– Framework for communicating user authentication, entitlement,
and attribute information
• Liberty ID-FF (Identity Federation Framework)– An approach for implementing single sign-on with federated
identities
• WS-Policy (and associated)– Provides a general purpose model and syntax to describe and
communicate the policies of a Web Service
Copyright © 2006, ZapThink, LLC 38
Key Security/Policy Vendors
• CA– eTrust product line (includes Netegrity)
• Forum Systems– XWall WS Firewall, Sentry WS Security Gateway
• Layer 7 Technologies– SecureSpan XML Accelerator, Data Screen, Firewall & VPN,
Networking Gateway• Reactivity
– Gateway, Manager• SOA Software
– Network Director• IBM
– DataPower acquisition• Intel
– Sarvega, Conformative acquisitions
20
Copyright © 2006, ZapThink, LLC 39
Lifecycle/Governance/Metadata
• BEA (Flashline)– Aqualogic Enterprise Repository
• webMethods (Infravio)– X-Registry
• LogicLibrary– Logidex
• Mindreef– SOAPscope Server
• SOA Software– Service Manager
• Mercury Systinet (Now HP)– Systinet 2
• WebLayers– Center
Copyright © 2006, ZapThink, LLC 40
Key Management/Lifecycle Standards
• WSDM (Web Services Distributed Management)– Seeks to unify management infrastructures by providing a
vendor, platform, network, and protocol neutral framework for enabling management technologies to access and receive notifications of management-enabled resources
• WS-Management– A general SOAP-based protocol for managing systems such as
PCs, servers, devices, Web services and other applications, and other manageable entities
• UDDI (Universal Description, Discovery & Integration)– A standard interoperable platform that enables companies and
applications to quickly, easily, and dynamically find and use Web services over the Internet, and also allows operational registries to be maintained for different purposes in different contexts
21
Copyright © 2006, ZapThink, LLC 41
Key SOA Management & Lifecycle Vendors
• Passive and Active Management– Actional (Sonic)
• SOAPstation, Looking Glass– AmberPoint
• Service Level Management, Exception Management– SOA Software
• Service Manager
• Quality and SOA Lifecycle– Mercury– iTKO– Solstice Software– Mindreef
Copyright © 2006, ZapThink, LLC 42
SO Integration/Process Standards
• WS-BPEL (Web Services Business Process Execution Language)– A language for the formal specification of business processes and business
interaction protocols.
• BPMN (Business Process Modeling Notation)– Provides businesses with the capability of understanding their internal
business procedures in a graphical notation and will give organizations the ability to communicate these procedures in a standard manner
• WS-CDL (Web Services Choreography Description Language)– Describes peer-to-peer collaborations of parties by defining, from a global
viewpoint, their common and complementary observable behavior; where ordered message exchanges result in accomplishing a common business goal
• WSRP (Web Services for Remote Portlets)– Defines a set of interfaces and related semantics which standardize
interactions with components providing user-facing markup, including the processing of user interactions with that markup
22
Copyright © 2006, ZapThink, LLC 43
SO Integration/Process Key Vendors
• Active Endpoints– ActiveWebflow
• BEA Systems– Aqualogic product line
• SOA Software– Network Director
• IBM– WebSphere Business Integrator and others
• Intalio– Intalio|BPMS
• Oracle– Fusion
• Software AG– crossvision suite
• Sonic Software– Sonic ESB, SOA Suite
Copyright © 2006, ZapThink, LLC 44
The SOA Integration Spectrum
•Peer-to
-Peer In
tegratio
n
•Stan
dard
s-based
In
termed
iaries
•Stan
dard
s-based
ESBs
•ESBs w
ith
pro
prietary
messag
ing
•EAI su
ites with
Service su
pport
•Pro
prietary
Integ
ration
Mid
dlew
are
SOASoftware
CapeClear
SonicESB
TIBCO SunSeeBeyond
BEA AqualogicService Bus
IBM WebSphere ESB
SAPNetWeaver
webMethods
23
Copyright © 2006, ZapThink, LLC 45
ESB & Service Intermediaries
• Messaging Middleware Centric– Sonic Systems– Fiorano Software– TIBCO
• App Server Centric– IBM (WebSphere ESB)– Oracle (Fusion)– BEA (AquaLogic Service Bus)
• EAI Re-dos or Hub-and-Spoke Focused– Sun (SeeBeyond)– webMethods (Fabric)
• Web Services Centric / Service Interface focused– Cape Clear
• Service Intermediaries– SOA Software– Cisco?– IONA– Open Source tools
Copyright © 2006, ZapThink, LLC 46
Composite Application Key Vendors
• Above All Software– Composite Application Platform
• Cordys– ESB, BPM
• Digital Harbor– PiiE
• Prima Solutions– Platform
• IBM (Webify Solutions)– WebSphere Business Services Fabric
24
Copyright © 2006, ZapThink, LLC 47
Enterprise Web 2.0 Standards
• Asynchronous JavaScript and XML (Ajax)– Combination of standards more so than a
standard itself– Discovered, not invented!
• The Re-evaluation of the Portal– WS Remote Portlets (WSRP) – still necessary?
• The Rich Client– XAML– XUL– Flash?
Copyright © 2006, ZapThink, LLC 48
Enterprise Web 2.0 Vendors
• Corizon– User Process Management Platform
• JackBe– Presto REA Platform
• Nexaweb– Enterprise Web 2.0 Suite
• Software AG– Application Composer in crossvision suite
• Webalo– User Proxy
• Clear Methods– XSpec
25
Copyright © 2006, ZapThink, LLC 49
Thank You!
ZapThink is an advisory, analysis, & influence firm focused exclusively on Service-Oriented Architecture, Web Services, & Enterprise Web 2.0.
Read our new book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business.
Jason Bloomberg
[email protected] Schmelzer