SOA Fundamentals

watermelonroachdaleInternet και Εφαρμογές Web

30 Ιουλ 2012 (πριν από 5 χρόνια και 11 μήνες)

325 εμφανίσεις


SOA Fundamentals




SOA Governance

RUP Modeling

SOA scenarios

Management and security


SOA governance defined

Governance comes from the root word “govern”

Governance is the structure of relationships and
processes to
SOA components
order to achieve the goal of the enterprises

The governance model defines:

What has to be done

How is it done

Who has the authority to do it

How is it measured

SOA governance challenges

No clear ownership for common services

Infrastructure is owned by IT, while clients and back
end systems are
owned by lines of business

Tends to result in a proliferation of variations of “common services”
dedicated to specific channels

Need for SOA governance

The SOA characteristics of loose coupling, reuse and
extensibility are the basis for providing an agile business

This agility can only be attained when each LOB maintains
its services entities and can be assured that other LOBs are
doing the same with their services

This assurance can only be realized through SOA

More on SOA governance

Aligns business and IT strategies and creates the communication paths
between them

A business
driven approach to making better IT decisions

Less time wasted due to poorly
managed conflicts

Institutes efficient and effective decision
making with clearlydefined roles
and responsibilities

Provides a framework for measuring the effectiveness of SOA

Planned checkpoints in the SOA project life cycle

Conformance checkpoints
deal with design, direction, decisions and funding, for

• Service ownership, service realization, security regulations

Vitality checkpoints
help ensure the architecture stays current

• Service impact, funding, reuse, training

SOA governance compared with IT governance

IT governance covers all aspects of IT, such as:

Data governance

IT security

IT resources are used responsibly

SOA governance is an extension of IT governance and addresses
aspects of the “service life cycle,” including:

Service registration

Service ownership

Service publishing and discovery

Service versioning

Deployment of services and composite applications

Security for services

driven transformation requires SOA governance

orientation is not easy to achieve, and requires significant
organizational change

New roles and responsibilities

New business partners

New skills

SOA adoption requires significant commitment

Structural and process change require executive level support

IT investment is needed for application restructuring

The most rapid economic returns comes from systems integration activities rather
than new systems development

Without governance there is anarchy

With governance you control the rate and direction of change

Without governance no one controls anything

Service domain definition and ownership

Classify services into logical domains and assign owners to each
domain, to simplify the management and implementation of an SOA

Business Service Domains

services that provide business value
such as request for information, and contain business logic

Infrastructure Service Domains

services that provide indirect
business value and do not contain business logic (for example,
authenticate user)

Domain owners monitor, define, and authorize changes to existing
services and decide when a new service in their domain is required

IT and business alignment with SOA governance

Roles and responsibilities in SOA governance

Who “owns” common services? How are they funded?

How is service reuse enforced?

A service directory is only part of the issue, reuse is also a cultural and
procedural issue

Who resolves different requirements for service behavior between
applications or business units?

Who owns, enforces and maintains service design, naming, development
and technology standards?

Who manages versioning and co
existence of services?

Who publishes services? Who manages the taxonomy and categorization
of services?

Who authorizes access to services?

Who assures the quality of the service?

The overall response time

The overall testing when composition is used

Governance aspects

Service versioning

As a service consumer, how do you identify which version of a service you want
to use? As a service provider, how do you identify which version of a service is
being requested?

Service dependency management

How do you synchronize changes between process models (BPEL), component
models (UML), data models (SQL), and service models (WSDL)?

Service ownership

How do you determine who owns which services? How do you align service and
business ownership in your organization?

Service testing

If SOA uses intermediaries to insulate service consumers from changes to
service implementations, how do service consumers know when to re

Service security

How can security protocols be made interoperable across service domains?

IBM SOA governance life cycle

Governance in the IBM SOA Foundation

Motivation for a service registry and repository

As the number of services in SOA infrastructures increases, it
becomes increasingly important to have a system of services

A business service registry and repository manages the service
metadata, enabling selection, invocation, management,
governance, and reuse of services leading to a successful SOA

Business service registry overview

A business service registry and repository is an enterprisewide
service metadata repository that securely registers services and
relevant information, enabling SOA life cycle and governance by:

Publication of service endpoint capabilities

Management of service metadata

Finding and subscribing to the services

level agreement (SLA) and policy management and
registration of contracts


SOA Governance

RUP Modeling

SOA scenarios

Management and security


The need for modeling and types of models

Focused on solving key challenges

Integration through SOA

Core system renewal

Process transformation

Operational insight, risk and

Data governance and

Key Benefits

Reduces the time for process, use
case analysis

Accelerates stakeholder approval

Supports most of the data

Compresses time compared to
built projects

UML 2.0 Profile for Software Services

Is a profile for UML 2.0 which allows for the modeling of service
oriented solutions

Has been implemented in IBM Rational Software Architect

Aim to provide a common language for describing services

Has profiles consisting mainly of

A stereotype defines which UML class (meta
class) it is
associated with, properties of that class, and constraints on how
stereotyped elements may be associated with other elements

Use the stereotypes in the UML 2.0 Software Services profile to
model services

Service Model Contents: UML 2 Profile for Services

Concepts supported by the UML 2 Profile for Software

Service development using RUP/SOMA

Rational Unified Process for service
oriented modeling and architecture
(RUP for SOMA)

Provide technologies to enable the effective communication of the

UML 2 notation

Make the models widely available

Transformation authoring

Tools to build transformations from model
model based on architectural

Tools to transform models

Create and enforce rules which support the architecture

Process guidance

Visually compare model changes

Link requirements to design

What is RUP for SOMA?

oriented modeling and architecture (SOMA) is the IBM
SOA method

Delegates “business
usual” tasks to an underlying method such as Rational
Unified Process (RUP), a customer
specific method, or a combination of both

RUP/SOMA is an
integrated, commercially available version of
SOMA that relies on RUP
for business
usual tasks

SOMA includes support for the identification, specification, and
realization of:


The service components implementing them

The process flows that choreograph services into composite applications

All customers have access to RUP/SOMA through an IBM Rational
Method Composer license

Model types and usage

Key phases of RUP for SOMA

Approaches to service identification

Domain Decomposition (Top

Focuses on the business

Starts with models representing business processes

Business process are made up of business tasks, from which services can be

Existing Asset Analysis (Bottom

Examination of deployed applications to find candidates for reuse

Service Modeling

Identify goals and sub

Identify candidate services from sub

Identify existing assets that match the functionality required by the new
business goals

Example of roles, tasks and products used in RUP for SOMA

Using IBM WebSphere Business Modeler

WebSphere Business Modeler provides a flexible and
visual process modeling environment

Integration with Rational Software Architect

You can load a WebSphere Business Modeler project business
model as a UML 2.0 model file

You can then use model
driven development to extend,
implement, and realize the artifacts that the generated UML 2.0
model defines

Imported process models can be decomposed, compared with
the business goals defined in RUP, and then converted to a
model of services

What is a service model?

The service model is a key
work product used to
document the results of a
service modeling exercise

Various decisions are made
and models created during:

Identification of services

Specification of services

Realization of services

The service model
documents the decisions
made in this process, and
captures the design aspects
and models that will be
used in implementing the
creation and assembly of

Components of a service model

SOA model example: Analyze existing functions

SOA model example: Initial service specification

The activity
Service Identification
introduces a number of
techniques for identifying the services and operations on
services which are required to support a solution

This example is a form of legacy renewal, the transformation of
existing functionality to a services model

The first aspect is to develop the set of
that will provide the contracts for the services
implementing the required functions

SOA model example: Service design

In this step, you make the transition from the set of candidate
services that were identified earlier into the detailed design of
the services you intend to build

SOA model example: Message design

Captures the actual messages exchanged between the
operations described on the service specifications

SOA model example: Service realization

From the Service design model you can use tools to transform
the model into code. The code being generated can be an EJB
implementation for deployment in a J2EE environment

SOA model example: EJB implementation


SOA Governance

RUP Modeling

SOA scenarios

Management and security


The SOA Scenarios

The SOA scenarios can be used as a reference architecture
implementation (starting point) to accelerate the SOA
architecture and implementation of your customer scenario.

Creating and Reusing Services

The Reuse scenario involves exposing as a service:

The functionality of an existing application

New business logic

It addresses business needs to:

Outsource without impacting existing applications

Turn proprietary systems into marketable business assets

Leverage an existing IT investment

Consolidate redundant systems

Create new services from scratch

Business requirement

Create a service that represents new business function

Expose standards
based service to third
party consumers


Create a service implementation based on open standards

Deploy the service to a reliable, scalable, and secure application


Publish the Web service metadata in WebSphere Service Registry
and Repository

Create new services: Realization


Rational Application

Application Server
Network Deployment

Optional products

WebSphere Service
Registry and Repository

Consume external services solution pattern

Consume external services

Business requirement

Outsource non
key business function to third
party providers

Open standards are required to promote flexibility


Create an open standards based service consumer

Host the service consumer on a reliable, scalable, and secure
application server

Consume external services: Realization


Rational Application

WebSphere Application
Server Network

Implementation details

Generate the Web service
proxy from the WSDL
supplied by the third
service provider using
Rational Application

Implement the consumer
and deploy it on
WebSphere Application
Server ND

Internal connectivity based on open standards solution pattern

The Connectivity scenario integrates
service providers and consumers,
allowing for the reuse of services across
multiple channels.

It addresses business needs to:

Isolate modernization and conversion
of backend systems from applications

Speed up new application development
and integration

Manage traffic among services
consistently, with minimal redundancy

Change service implementations and
add service consumers

Strengthen governance of services

Enterprise service bus (ESB)
functionality is key in the
implementation of this scenario

An ESB gateway can be used with third
party service providers

Internal connectivity Realization


WebSphere Integration

WebSphere ESB

Optional products

WebSphere Service
Registry and Repository

Implementation details

Services communicate
using standards based

ESB provides protocol
and message
transformation and


SOA Governance

RUP Modeling

SOA scenarios

Management and security


SOA management objectives

Ensure service availability

Enforce policies and mediate services

Monitor response times

Collect key performance metrics

Prevent problems

Monitor and adjust resources

Identify and fix problems

Trace transactions and diagnose problems

SOA applications are composite applications

An SOA application is composed from services: Application components
with published interface definitions

These services require transactions to cross multiple host platforms in
order to complete their functions

Managing SOA is part of composite application management

The challenges of application management

Business processes are built on composite applications

Composite applications are difficult to design, build, test, and manage for high
performance and availability

Traditional management processes and tools only provide a resource
centric (silo)
view of performance

A composite Web application involving J2EE, integration middleware, and
legacy systems

SOA challenges in application life cycle

SOA management challenge: Abstraction level

SOA management requires dealing with increased levels of

IBM SOA management products

The ITCAM solution portfolio


Monitor, manage and
control the IT service layer:

Web Service
management views in the
Tivoli Enterprise Portal

Mediation Services
(start/stop, audit and

Analysis of historical
Web services data
(content and context)

Visualization of
WebSphere Platform
Messaging framework

ITCAM for RTT: Transaction management capabilities

Proactively recognize performance problems at the user level

Monitor end user response time

Continually verify that transactions are available and performing by comparing them
against a response time threshold

Alert you when performance at the user is degraded

Quickly isolate problems

Visualize entire transaction, end
end, as it crosses the nterprise

Automatically pinpoint source of bottlenecks

Prove transaction service level delivered at the user

Consistently test services and measure their response

Report results against committed service levels

SOA security: Part of SOA governance

Security considerations overview

SOA introduces additional challenges for security due to its very nature:

enterprise inter

• How can security context be shared across organizational boundaries?

Focuses on federated inter

• For example, where do you store shared security state within a

distributed network?

Involves human and automated service invocations

• How do components authenticate and apply access control to each

other and to human operators?

Affects and spans all architectural layers

• Enterprise, application, services, network and transport layers

You need to extend the traditional security models, taking into
consideration SOA requirements


unique security challenges

SOA involves an encapsulation of business aligned services

The intent is to provide a layer of abstraction between the service
view of an architecture (service interfaces) and the implementation
of those services

Web services security (WSS) standards address these


Security specification provides message
level security

Advantage over transport
level security is that it provides endto
message level security


Business Process Management: Modeling through Monitoring Using WebSphere
V6.0.2 Products, August 2007

Designing SOA Solutions with the IBM SOA Foundation,SOA590 /
RA911 ,December, 2006

Anthony Catts,Joseph St. Clair. Business Process Management Enabled by SOA.,2009

Anthony Catts, Joseph St. Clair. Business Process Management Enabled by SOA.,2009

Getting Started with SOA

SOA590 Designing SOA Solutions using IBM SOA Foundation

Using IBM WebSphere Business Modeler, Monitor and Process for BPM

Assessment Assets for Service Oriented Architecture