Application Integration, Data

fizzlargeSecurity

Nov 3, 2013 (3 years and 7 months ago)

62 views

Application Integration, Data
Access, and Process Change

2

Thesis


Service
-
Oriented Architecture will become an
assumed infrastructure


Web Services will be the near
-
term technology
of choice for SOA deployment


With planning, SOA can enable real
-
time
processes, allow secure access to data
elements, and support distributed development


The University’s rate of deployment will depend
upon central technologies and access policies


3

Agenda


What is Service
-
Oriented Architecture?


What are Web Services?


How will these technologies mesh with
NUIT’s architecture plans?


What steps should application developers
and planners be taking today?

4

Agenda


What is Service
-
Oriented Architecture?


What are Web Services?


How will these technologies mesh with
NUIT’s architecture plans?


What steps should application developers
and planners be taking today?

5

Service
-
Oriented Architecture


Distributed functionality exposed as
shared, reusable services


Goal is to streamline deployment, reduce
duplication of functions, and allow
execution of business processes across
diverse application platforms in a network

6

“SOA” circa 1970s


Subroutine/function
libraries (IMSL)


OS services (I/O)



Tightly
-
bound to
object representation


Embedded instances

7

Network SOA

Application A
Application B
School
Application
Application
C
Application
D
Division
Application
External Partner
X
University Network
Communication Infrastructure
External Partner
Y
Central Business Functions
8

Agenda


What is Service
-
Oriented Architecture?


What are Web Services?


How will these technologies mesh with
NUIT’s architecture plans?


What steps should application developers
and planners be taking today?

9

Web Services for Implementing a
Service
-
Oriented Architecture


Document
-
oriented messaging scheme
using http/https transport and security


Documents are self
-
describing XML
streams combining payload and control
information


Separates external interface (behaviors,
logic) from internal objects, structures, and
implementation (“Loose coupling”)

10

A Web Service …


Has a URL


Is described through a Web Service
Definition Language (WDSL) “contract” for
the benefit of potential consumers


Uses SOAP messages over http/https


Can be secured based upon polices in the
WSDL description or external frameworks

11

SOAP Messages

WS
-Security header
WS
-
ReliableMessaging
header
SOAP Headers
SOAP Body
Payload
SOAP Envelope

XML document


Construction &
decoding
within tools
and run
-
time
services


Message may
be encrypted
via https
and/or under
WS
-
Security

12

SOAP Interceptors and Handlers

Transport Layer
Message Processing
Subsystem
Serialization Framework
Application Dispatcher
Web Service Agent
Transport Interceptors
(encryption, compression, logging ...)
Message Interceptors
(validation, transformation ...)
Header Processor
(security, session mgmt, reliability...)
XML
to language mapping
After Burton Group

13

Web Service Can …


Be created through:


.NET (Visual Studio)


J2EE authoring environments (Eclipse)


C++ & Visual Basic 3
rd

party wrapers


PeopleSoft Component Interfaces


PeopleSoft Integration Points


Be invoked through:


Dynamic discovery (UDDI)


Compiled WSDL definition

14

Web Services Require…


New approaches to development


Services, not components


Flat documents, not structured data


Chunky, not chatty


New infrastructure


WSDL


UDDI


Enterprise Service Bus / Integration Broker



15

Interface Granularity

Interactive client
Interactive server
Interactive server
Web services client
Business
Interface
Submit Order
Create Order
Add Item
Add Item
Add Item
Process order
After Burton Group

16

Web Services for SOA

Application A
Application B
School
Application
Application
C
Application
D
Division
Application
External Partner
X
University Network
Transport over http/
https
External Partner
Y
Central Business Functions
UDDI
Service
WSDL
Service
Integration
broker
17

Agenda


What is Service
-
Oriented Architecture?


What are Web Services?


How will these technologies mesh with
NUIT’s architecture plans?


What steps should application developers
and planners be taking today?

18

Architectural Direction


Business Drivers


Security


Mobility


Self
-
service


Real
-
time processes


Data availability


Rapid deployment



Architecture


Central identity and
authentication


Portal navigation


Web
-
Service
integration


Standards
-
based
environment


Abstraction or
virtualization

19

System Architecture

Systems
Management
Identity
Security
Core Enterprise Systems
Core Enterprise Systems
Specialized
Enterprise Applications
Specialized
Enterprise Applications
School/Department/Division
Applications
School/Department/Division
Applications
User Devices
Network
Processing Capacity
Data Management
Integration
Platforms
Business
Framework
IP
,
VoIP
, http,
wireless, cellular
Application
Servers
Virtual data
services
Service bus,
federation
Business logic,
composite
applications,
service
providers and
consumers,
reporting
20

Abstraction or Virtualization


Convert an application
-
specific service into
a general infrastructure service


Role-Based Business Rules
Enterprise Service Bus
Unified Identity Management
and Authentication
Application
Business Rules
Application
Business Rules
Databases
Application
Business Rules
Users
Processing
Functional
Unit
Responsibilities
IT
Responsibilities
IT
Responsibilities

Storage management


Authentication


Authorization


Computing platform


Database

21

Direct
-
to
-
Application Access

User
profiles
Extract
Manual Interface
Code
interface
(
API)
tight-coupling to schema
User
profiles
Database
queries
Remote
Procedure Call
Import
Batch transfer
tight-coupling to layout
Consuming Application (
LMIS
, etc.)
Response
Request
Download
Database engine
Application
Business rules
Upload
tight-coupling to objects
22

Repository Virtualization

User
profiles
Extract
Manual Interface
Code interface
User
profiles
Database
queries (views)
Coded queries
or transactions
Batch transfer
Download
Publish
Database engine
Application
Business rules
Repository Engine
User
profiles
Updates
Security perimeter
Request &
Response
ERP
Application
Consuming Application (
LMIS
, etc.)
23

Database Virtualization

Virtualization
Engine
User
profiles
User
profiles
User
profiles
User
profiles
Consuming Application (
LMIS
, etc.)
Request
Response
App A
App B
App
C
App D
24

Web Services Access

User
profiles
Code interface
API
User
profiles
Consuming Application (
LMIS
, etc.)
Database engine
Application
Business rules
Event/Transaction
Distributor
User
profiles
ERP
Application
Service
Abstraction
Service Abstraction
Code interface
API
Request/Response
Post
Post
Publish
Subscribe
XML
Service
definitions
& policies
25

Web Services Infrastructure

Source systems
Enterprise Service
Bus / Integration Broker
Downstream
Application
Extract/
Download
Upload
Monitoring &
policy enforcement
Data Transformation
Subscribe
Publish
UDDI
Registry
WSDL
Repository
Policy Repository
Downstream Applications
Direct invocation
Management
Real-time
messages
26

Abstraction of Business Processes


The next step after SOA is composite
applications and process orchestration


Once individual business functions are
exposed as Web Services, then new “meta
-
process” coding can be built “above” them


Combined with workflows, this can
substantially automate many functions


This will be addressed by Business Process
Execution Language (BPEL) tools

27

Meta
-
Processes

Application A
Application B
Application
C
Application
D
External Partner
X
External Partner
Y
Processing
Storage
Databases
Invocation
28

Distributed Development

Portal

Web Service for

data access

Authored

JSR 168

Portlet

Web Services

Infrastructure

Authored

Application

Database

29

Agenda


What is Service
-
Oriented Architecture?


What are Web Services?


How will these technologies mesh with
NUIT’s architecture plans?


What steps should application developers
and planners be taking today?

30

What Steps Should Planners and
Developers Take Today?

1.
Stop buying or creating applications with “silo”
approaches


use central services

2.
Stop copying data around the network

3.
Start serious discussions with your users about what
data access services they need and can justify

4.
Determine your vendor’s plans for Web Service
integration


and influence those plans

5.
Train your staff on SOA and Web Services

6.
Talk with NUIT and your NU peers about authoring
tools, test environments, and other infrastructure


don’t
“go it alone”

31

Stop Copying Data Around the
Network


Problem: send e
-
mail from within an application
to a set of users


Bad: Get all NetIDs and e
-
mail addresses from SES,
HRIS, SNAP, etc. an include in local database


Poor: Get e
-
mail addresses for current users every
day and include in local database


Correct: Get user’s e
-
mail address from directory
service when needed, even in large numbers


Future? Invoke a Web Service to send e
-
mail
messages based upon standard identity (NetID)

32

Forecasts


New financial system will rely first upon
Web Services for integration, but many
batch interfaces will take years to change
as software is replaced


Our community will push for real
-
time
processes, and service units will need time
to adjust

33

Questions?

Q

A

&

34

Professional Development Topics


SOA & Web Services


XML, SOAP & WSDL


OASIS and WS
-
*
standards


Enterprise Service
Bus (ESB)


Universal Description,
Discovery, and
Integration (UDDI)


Authoring tools for
Web Services


Microsoft .NET versus
J2EE solutions


Business Process
Execution Language
(BPEL)


SOA governance


35

Suggested Reading

Haddad, Chris, “Web Services and Service Oriented Architecture:
Collapsing Boundaries Between the J2EE and .NET Platforms”,
Burton Group presentation, 18 Dec 2003.

Katz, Richard, “What Does System Integration Really Mean for Higher
Education?”,
Educause Review
, Sep/Oct 2003.

Kobielus, James, “Orchestrating Web Services: Driving Distributed
Process Execution Through Workflow Technology”, Burton Group,
18 Dec 2003.

Manes, Anne Thomas, et al, “VantagePoint 2005
-
2006 SOA Reality
Check”, Burton Group, 29 Jun 2005.

Manes, Anne Thomas,
Web Services


A Manager’s Guide
, Addison
-
Wesley, 2003.

36

Local Documents

“University System Architecture for Integrated Enterprise
Systems”
http://www.it.northwestern.edu/bin/docs/UniversitySyste
msArchitecture.pdf

“System Management for the e
-
University”
http://www.it.northwestern.edu/bin/docs/systemmgmtfore
university.pdf