zapthink llc take credit code: archdd -...
TRANSCRIPT
1
Copyright © 2005, ZapThink, LLC
Architecture Deep Dive
Jason Bloomberg & Ron SchmelzerZapThink LLC
Take Credit Code: ARCHDD
Copyright © 2005, ZapThink, LLC
What is Architecture?
The fundamental organization of a system embodied by its components, their relationships to each other and to the environment and the principles guiding its design and evolution. (IEEE P1471/D5.3)
2
Copyright © 2005, ZapThink, LLC
In Particular, SOA is Enterprise Architecture
Enterprise architecture includes:
• An aggregated architecture of all the individual IT systems within an organization
• The human element within the enterprise
• Systems, people, and organizational constructs at other companies that have relationships with the enterprise
• Individual consumers who are that enterprise’s customers
• Corporate governance
Copyright © 2005, ZapThink, LLC
CompositeApplication
Delivery
BusinessServices
BusinessProcesses
SOA Fabric AtomicServices
Data Integration
Legacy Applications
and Middleware
A closer Look at SOA
Databases
Governance and Security InfrastructureGovernance and Security Infrastructure
SecuritySecurity
ManagementManagement
RoutingRouting
TransformTransform
AA
BBCC
DD
EE
AA
BBCC
DD
EE
MessagingMessaging
Rich Rich ClientsClients
Composite Composite AppsApps
DiscoveryDiscovery
Source: MW2 Consulting
3
Copyright © 2005, ZapThink, LLC
SOA Foundation: Model-Driven Architecture
• Object Management Group (OMG) initiative
• Concepts of models, metamodels, and the Meta-Object Facility, which is a meta-metamodel
• Platform independent model and platform dependent models
• Model-driven development
• Weakness: Doesn’t (yet) take into account changing requirements
Copyright © 2005, ZapThink, LLC
The SOA Metamodel
Business Model(Use Cases) Service Model Platform
Dependent Models
Deployment View
System Architects &System Engineers
Implementation View
Technical Architects & Developers
Process View
Business Analysts
Logical View
Line-of-Business Users
TechnologyViews
BusinessViews
Use-case View
Service-Oriented Architects
Copyright © 2003 ZapThink LLC
4
Copyright © 2005, ZapThink, LLC
• Consumer and Provider of Services controlled by different people
• Changing one doesn’t break the other
• Build one without being aware of the other
• Loose coupling on various levels:
– Application interface
– Data formats
– Security
– Governance and Policies
J
SOA Idées Fortes: Loose Coupling
Copyright © 2005, ZapThink, LLC
• The Web is synchronous: click a button and wait for a response
• Services can also be asynchronous: allow for long-running processes
• SOA should be event-driven– SOA vs. EDA is an inappropriate distinction
J
SOA Idées Fortes: Asynchrony
5
Copyright © 2005, ZapThink, LLC
• Technical sense + business sense
• Business-oriented requests and responses
• Blocks of information exchanged
• Encapsulate APIs into fine-grained, atomic Services and compose them into coarse-grained, business Services
• Coarse granularity implies composability
J
SOA Idées Fortes: Coarse Granularity
Copyright © 2005, ZapThink, LLC
Top-Down & Bottom-Up Approaches
• Top-down only: have the plan, may not be able to execute
• Bottom-up only: build Services, may not be reusable
• SOA planning must be both– Develop the vision (but not the details) ahead
of time– Service development should be iterative
6
Copyright © 2005, ZapThink, LLC
Contract-First Development
• Service contracts specify required functionality to IT and provided functionality to the business
• Service model represents the clearinghouse for information about IT environment
• Contracts go beyond WSDL:– Usage policies– Security policies– Consumer delivery contracts– Service-level agreements, etc.
Copyright © 2005, ZapThink, LLC
The Role of the Registry
• Design time !" Runtime
• Role of repository/registry
• UDDI and beyond
Service Model
Service Metadata
ExistingInfrastructure
Lines ofBusiness
7
Copyright © 2005, ZapThink, LLC
Metadata Management Requirements
• In an SOA, business logic is in metadata, not code• Types of metadata
– Service interfaces– Business process flows– Policy definitions– Event messages and types– Schema and semantics
• Need: development tools and methodologies
This is the state of the art for SOAThis is the state of the art for SOA
Copyright © 2005, ZapThink, LLC
Enterprise Governance: Managing the People of SOA
• Governance: the new business mandate– Establish and communicate policies that employees must follow– Give employees the tools they need to be compliant with those
policies– Provide visibility into the levels of compliance in the organization– Mitigate any deviations from established policy
• SOA-enabled Governance:– Policy management
• SOA configured & controlled via metadata, including policy– Visibility
• Services abstract heterogeneous data sources, providing necessary business intelligence
– Flexibility• Ability to build Services that address compliance issues and adjust them
as regulations or business needs change
8
Copyright © 2005, ZapThink, LLC
The SOA Implementation Roadmap
Heterogeneous Systems with Proprietary Interfaces
Manage Services
Implement the SOA Metamodel
Service-Oriented Process
Dynamic Service Discovery
Business-Oriented Services
Just-In-Time Integration
Secure Service Interfaces
Wrap Legacy Systems in Services Interfaces
Service-Oriented Enterprise
Enterprise SOA Buildout
SOA Pilots
Mission-Critical Web Services
“Grass Roots” Web Services Implementations
Copyright © 2005, ZapThink, LLC
Putting SOA Together
Service-OrientedArchitecture
Service-OrientedProcess
Service-OrientedManagement
SOM enables and managesbusiness Services and theprocesses that link them
SOM enables loosecoupling and coarse
granularity
SOAs abstract the softwarefunctionality that business processes
compose and orchestrate
Web Services Security & Identity ManagementEssential prerequisite for SOAs
Service-OrientedIntegration
SOM enforces the Qualityof Service of SOI
SOAs abstract theadaptation layer with alogical Service network
9
Copyright © 2005, ZapThink, LLC
The Security Context Challenge
rschmelzer
RonSchmelzer
rschm123
Selective
Read / Write
Read Only
Full Read/Write???
???
Copyright © 2005, ZapThink, LLC
Identity Management: Kill Two Birds…
• Many enterprises already dealing with “Single Sign-On”– “Sticky Note” problem: too many
passwords for too many systems– Problems administering users– Too many people with root access– Unknown security holes
• Now: need enterprise ID & access management to prepare for an SOA
10
Copyright © 2005, ZapThink, LLC
Service-Oriented Management
• Are your Services up and running?
• Are the right consumers accessing the right Services?
• How do you keep consumers & producers of Services loosely coupled when Services change?
• How do you fix things when something goes wrong?
• Are you providing the required quality of Service?
• SOA enablement…
Copyright © 2005, ZapThink, LLC
SOA Enablement…
• Provide and enforce the SOA layer of abstraction
• Combine fine-grained APIs into coarse-grained business Services
• Mask complexity of underlying technology: message protocols, adapters, APIs, etc.
• Handle quality of service, scalability, etc. “behind the scenes”
11
Copyright © 2005, ZapThink, LLC
The State of the Market
• All balls must be in the air at once
• Web Services do not create a permanent, distinct market
• New entrants jockeying for position while incumbents wait/build/acquire
Security
Inte
gra
tion
Proce
ssM
anag
emen
t
Tool
s
Copyright © 2005, ZapThink, LLC
Introducing the SOAIF…
• The SOA implementation framework is a product or set of products that offer everything companies need to build, run & manage their SOA
• No vendor offers a complete SOAIF (yet)
• Leverages Service orientation for modularity
• Today’s markets are converging on the SOAIF
12
Copyright © 2005, ZapThink, LLC
The Road to the SOAIF
SOAImplementation
Framework
SO Mgmt
WSManagement
SystemsManagement
SOAEnablement
SOAI
ESB
IntegrationBrokers
App Server"Platforms"
ApplicationServers
Message-Oriented
Middleware
TransactionMonitors
EAI
SOProcess
BPM
BPI
SOSecurity
WS Security
PKI
IAM
EII
BI Analytics
BAM
SOA Tools
ModelingTools
ApplicationFrameworks
RAD Arch.Tools SO
Development
WS Tools
IDEs
XMLAppliances
NetworkAppliances
SemanticIntegration
DataIntegration
ETL
Portals
PresentationTools
CMS
OLAP
NXDs
Databases
OperationalData Stores
DataWarehouses
Copyright © 2003 ZapThink LLC
B2Bi
SOII
SO Content
Core SOMarkets
MarketsRemaining
Distinct
TransitionalWS Markets
EstablishedMarkets
Copyright © 2005, ZapThink, LLC
Security, Management & SOAIF
SOAImplementation
Framework
SOManagement
WSManagement
SystemsManagement
SOAEnablement
SOAI
ESB App Server"Platforms"
ApplicationServers
SO SecurityWS Security
BIBAM
Copyright © 2004 ZapThink LLC
Core SOMarkets
MarketsRemaining
Distinct
TransitionalWS Markets
EstablishedMarkets
13
Copyright © 2005, ZapThink, LLC
WS Security Market Map –2002
Enterprise SecurityServices
TruSecure, IBMEDS, ISS, CA
Global Trust Services
VerisignEntrust
beTRUSTed
Web Services Security Platforms
Westbridge TechnologyQuadrasis, Primordial
Entrust, ActionalBaltimore Technologies
Web Services InfrastructureManagement Vendors
Systinet, AmberPointCape Clear, Iona
Bowstreet, Flamenco
Private Web ServicesNetwork Providers
Bang NetworksFlamenco Networks
Grand CentralSlam Dunk Networks
Source: Copyright © 2002 ZapThink, LLC
Secure Integration/EAIVendors
webMethodsVitria, SeeBeyond
Tibco, IBMActional, BEA
Software XML Firewalls
ReactivityQuadrasis
Westbridge TechnologyVordel
Access & Policy MgmtVendors
Waveset
PKI Vendors
RSA SecurityVeriSign
Baltimore TechnologiesEntrust, CA
Web Services SecurityToolkit Vendors
RSA SecurityIBM, Systinet, Entrust
Netegrity, nCipherPhaos Technology
Security ServiceProviders
McAfeeSymantec
Identity/Single Sign-onVendors
Netegrity, OblixOpen Network
Entegrity, EntrustOneName, CA
Novell, RSA Security
Copyright © 2005, ZapThink, LLC
WS Security Market Map –2005
Enterprise SecurityServices
TruSecure, IBMEDS, ISS, CA
Global Trust Services
VerisignEntrust
beTRUSTed
Web Services Security Platforms
Westbridge TechnologyQuadrasis, Primordial
Entrust, ActionalBaltimore Technologies
Web Services InfrastructureManagement Vendors
Systinet, AmberPointCape Clear, Iona
Bowstreet, Flamenco
Private Web ServicesNetwork Providers
Bang NetworksFlamenco Networks
Grand CentralSlam Dunk Networks
Source: Copyright © 2002 ZapThink, LLC
Secure Integration/EAIVendors
webMethodsVitria, SeeBeyond
Tibco, IBMActional, BEA
Software XML Firewalls
ReactivityQuadrasis
Westbridge TechnologyVordel
Access & Policy MgmtVendors
Waveset
PKI Vendors
RSA SecurityVeriSign
Baltimore TechnologiesEntrust, CA
Web Services SecurityToolkit Vendors
RSA SecurityIBM, Systinet, Entrust
Netegrity, nCipherPhaos Technology
Security ServiceProviders
McAfeeSymantec
Identity/Single Sign-onVendors
Netegrity, OblixOpen Network
Entegrity, EntrustOneName, CA
Novell, RSA SecurityXML Security AppliancesDataPowerForum SystemsReactivitySarvega
Forum SystemsLayer 7
SOA Enablement VendorsActionalAmberPointSOA Software
IBMOracle
14
Copyright © 2005, ZapThink, LLC
WS Management Market Map -2002
Web ServicesManagement Platforms
XML Proxies
Systems Management Platforms
Web ServicesDevelopment Platforms
& Tools
Web Services SecurityPlatforms
Private Web ServicesNetworks
Transaction/Workflow/BPMPlatforms & Tools
AdjoinBlue Titan
InfravioSwingTide
Talking BlocksWestGlobal
AmberPointDigital Evolution
Confluent SoftwareFlamenco Networks
ActionalPrimordial
Westbridge Technology
Baltimore TechnologiesEntrust
Netegrity
DataPowerForum Systems
QuadrasisReactivitySarvegaVordel
BMC SoftwareComputer Associates Unicenter
IBM TivoliHP Openview
Grand Central
BEABowstreet
Cape ClearIBM WebSphere App Developer
Microsoft Visual Studio .NETSystinet
The Mind ElectricWebPutty
BEAFuegoIBM
IDS Scheer ArisIntalioMega
Savvion
Copyright © 2005, ZapThink, LLC
WS Management Market Map -2005
Web ServicesManagement Platforms
XML Proxies
Systems Management Platforms
Web ServicesDevelopment Platforms
& Tools
Web Services SecurityPlatforms
Private Web ServicesNetworks
Transaction/Workflow/BPMPlatforms & Tools
AdjoinBlue Titan
InfravioSwingTide
Talking BlocksWestGlobal
AmberPointDigital Evolution
Confluent SoftwareFlamenco Networks
ActionalPrimordial
Westbridge Technology
Baltimore TechnologiesEntrust
Netegrity
DataPowerForum Systems
QuadrasisReactivitySarvegaVordel
BMC SoftwareComputer Associates Unicenter
IBM TivoliHP OpenView
Grand Central
BEABowstreet
Cape ClearIBM WebSphere App Developer
Microsoft Visual Studio .NETSystinet
The Mind ElectricWebPutty
BEAFuegoIBM
IDS Scheer ArisIntalioMega
Savvion
Collaxa
Cordys
OblixOracle
Service Integrity
Layer 7
SOA Software
SOA Governance ToolsInfravioLogicLibrarySystinetWebLayers
15
Copyright © 2005, ZapThink, LLC
Arch., Devt. Tools & SOAIF
SOAImplementation
Framework
SOProcess
BPM
SOA Tools
ModelingTools
ApplicationFrameworks
RAD Arch.Tools SO
Development
WS Tools
IDEsCore SOMarkets
MarketsRemaining
Distinct
TransitionalWS Markets
EstablishedMarkets
Copyright © 2005, ZapThink, LLC
SOA Tools Market Map - 2003
SOA Tools
Copyright © 2003 ZapThink LLC
Rapid DevelopmentPlatformsAltowebNovell
InstantisSilver Leap
UDICoWebPutty
Transaction/Workflow/BPMPlatforms & Tools
BEA SystemsFuegoIBM
IDS Scheer ArisIntalioMega
Savvion
Modeling/ArchitectureToolsAonix
BorlandInteractive Objects
MetaMatrixRational SoftwareSun Microsystems
SybaseTelelogic
Visible Systems
Service-OrientedIntegration Vendors
IONASonic Software
WRQ
Asset ManagementTools
FlashlineLogicLibrary
Legacy EncapsulationTools
ActionalAttachmateHostbridge
iWaySeagullWRQ
Web ServicesDevelopment Tools
BarbadoSoftBEA Systems
BowstreetCape Clear
ClearMethodsSybaseSystinet
The Mind ElectricWebPutty
SOA Knowledge/Training
IBMMicrosoft
SwingTide
Service-OrientedDevelopment/Runtime
PlatformsExadelKinzanNovell
The Mind ElectricWakesoftWebPutty
Zareus
SOA Enablement ProductsActional
AmberPointBlue Titan
Confluent SoftwareDigital Evolution
Flamenco NetworksInfravio
Talking BlocksWestbridge Technology
WestGlobal
Agile Testing ToolsMercury Interactive
ParasoftRational Software
Integrated DevelopmentEnvironments
BorlandRational Software
IBMMicrosoft
16
Copyright © 2005, ZapThink, LLC
SOA Tools Market Map - 2005
SOA Tools
Copyright © 2003 ZapThink LLC
Rapid DevelopmentPlatformsAltowebNovell
InstantisSilver Leap
UDICoWebPutty
Transaction/Workflow/BPMPlatforms & Tools
BEA SystemsFuegoIBM
IDS Scheer ArisIntalioMega
Savvion
Modeling/ArchitectureToolsAonix
BorlandInteractive Objects
MetaMatrixRational SoftwareSun Microsystems
SybaseTelelogic
Visible Systems
Service-OrientedIntegration Vendors
IONASonic Software
WRQ
Asset ManagementTools
FlashlineLogicLibrary
Legacy EncapsulationTools
ActionalAttachmateHostbridge
iWaySeagullWRQ
Web ServicesDevelopment Tools
BarbadoSoftBEA Systems
BowstreetCape Clear
ClearMethodsSybaseSystinet
The Mind ElectricWebPutty
SOA Knowledge/Training
IBMMicrosoft
SwingTide
Service-OrientedDevelopment/Runtime
PlatformsExadelKinzanNovell
The Mind ElectricWakesoftWebPutty
Zareus
SOA Enablement ProductsActional
AmberPointBlue Titan
Confluent SoftwareDigital Evolution
Flamenco NetworksInfravio
Talking BlocksWestbridge Technology
WestGlobal
Agile Testing ToolsMercury Interactive
ParasoftRational Software
Integrated DevelopmentEnvironments
BorlandRational Software
IBMMicrosoft
Cordys
SOA SoftwareSystinet
ClientSoftGT SoftwareIONANeon SystemsNetManageOpenConnect
EmpirixOptimyzSegueSolsticeSpirent
Brunswick WDICordysFioranoJacadaKnowNowPolar LakeSoftware AGSybase
Composite Application PlatformsAbove All SoftwareCordysJacadaNetManagePrima SolutionsQuovadxWebify Solutions
Copyright © 2005, ZapThink, LLC
App. Integration, Process & SOAIF
SOAImplementation
Framework
SO Mgmt
SOAEnablement
SOAI
ESB
IntegrationBrokers
App Server"Platforms"
ApplicationServers
Message-Oriented
Middleware
TransactionMonitors
EAI
SOProcess
BPM
BPI
B2Bi
Core SOMarkets
MarketsRemaining
Distinct
TransitionalWS Markets
EstablishedMarkets
17
Copyright © 2005, ZapThink, LLC
SOP Market Map - 2003
Service-OrientedProcess
Service-Oriented ManaementActional
AmberPointBlue Titan
Confluent SoftwareDigital Evolution
Flamenco NetworksInfravio
Talking BlocksWestbridge Technology
WestGlobal
Enterprise ApplicationIntegrationSeeBeyond
TIBCOVitria
WebMethods
Enterprise Applications
PeopleSoftSAP
Siebel
B2B IntegrationCommerce One
Cyclone CommerceSterling Commerce
Service-OrientedProcess "Pure Plays"
ChoreologyCollaxaIntalio
Oak Grove SystemsVersata
Application ServerPlatforms
BEAIBM
MicrosoftNovellOracle
Sun
Service-OrientedIntegration Vendors
IONAPolar Lake
Sonic SoftwareWRQ
Transaction/Workflow/BPMPlatforms & Tools
AkaziFileNetFuego
HandySoftIBM
IDS Scheer ArisIntalioMega
MetastormSavvion
Copyright © 2005, ZapThink, LLC
SOP Market Map - 2005
Service-OrientedProcess
Service-Oriented ManaementActional
AmberPointBlue Titan
Confluent SoftwareDigital Evolution
Flamenco NetworksInfravio
Talking BlocksWestbridge Technology
WestGlobal
Enterprise ApplicationIntegrationSeeBeyond
TIBCOVitria
WebMethods
Enterprise Applications
PeopleSoftSAP
Siebel
B2B IntegrationCommerce One
Cyclone CommerceSterling Commerce
Service-OrientedProcess "Pure Plays"
ChoreologyCollaxaIntalio
Oak Grove SystemsVersata
Application ServerPlatforms
BEAIBM
MicrosoftNovellOracle
Sun
Service-OrientedIntegration Vendors
IONAPolar Lake
Sonic SoftwareWRQ
Transaction/Workflow/BPMPlatforms & Tools
AkaziFileNetFuego
HandySoftIBM
IDS Scheer ArisIntalioMega
MetastormSavvion
CordysOracle
Brunswick WDICordysFioranoJacadaKnowNowSoftware AGSybase
SOA Software
18
Copyright © 2005, ZapThink, LLC
Info. Integration, Content & SOAIF
SOAImplementation
Framework
SO Mgmt
EII
BI Analytics
BAM
SemanticIntegration
DataIntegration
ETL
CMS
OLAP
NXDs
Databases
OperationalData Stores
DataWarehouses
SOII
SO Content
Core SOMarkets
MarketsRemaining
Distinct
TransitionalWS Markets
EstablishedMarkets
Copyright © 2005, ZapThink, LLC
Next Steps?
• Take iterative approach to reduce risk• Security & management usually come first• Build SOA top-down (architectural plan) and
bottom-up (build Services from existing resources)
Security
Inte
gra
tion
Proce
ssM
anag
emen
t
Tool
s
19
Copyright © 2005, ZapThink, LLC
SOAIF Futures…
SOAImplementation
Framework
SO Mgmt
SOAEnablement
SOAI
SOProcess
SOSecurity
SOA Tools
SOII
SO Content
Core SOMarkets
MarketsRemaining
Distinct
TransitionalWS Markets
EstablishedMarkets
Copyright © 2005, ZapThink, LLC
Thank You!
ZapThink is an industry analysis firm focused exclusively on XML, Web Services, and Service-Oriented Architecture.
Jason Bloomberg
Ronald Schmelzer
20
Copyright © 2005, ZapThink, LLC
Appendix
Copyright © 2005, ZapThink, LLC
SOA is a discipline…
• Implementing a Service-Oriented Architecture is a journeyjourney
• Moving from proprietary interfaces to standards-based ones is just the first step…
• SOAs require a combination of security, management, integration, process, and architecture tools
• What are the right steps to guarantee overall success?
• How can you guarantee an ROI while reducing risk?
21
Copyright © 2005, ZapThink, LLC
SOA Abstracts the Plumbing
• Goal is reusable, composable business Services
• But what kind of infrastructure enables loosely coupled, composable, asynchronous Services?
• Many different approaches to implementation
Copyright © 2005, ZapThink, LLC
Don’t Get Lost in the Terminology
• There are many styles for SOA implementation
• Focus on your goals: Reuse? Governance? Reduced integration cost? Agility?
ESB? EAI?
SOA?SOA?SOA?SOA?EDA?EDA?
Fabric?
Abstraction?SOA Infrastructure?
Service Grid?Service Network?
22
Copyright © 2005, ZapThink, LLC
The 4+1 View Model of SOA
Logical ViewFunctional requirements
Deployment ViewPlatforms
Process ViewProcesses
Implementation ViewComponents
Use Case ViewSOAs
Data View
Information View
Copyright © 2005, ZapThink, LLC
SOA Enablement…
• Provide and enforce the SOA layer of abstraction
• Combine fine-grained APIs into coarse-grained business Services
• Mask complexity of underlying technology: message protocols, adapters, APIs, etc.
• Handle quality of service, scalability, etc. “behind the scenes”
23
Copyright © 2005, ZapThink, LLC
Important Points: Managing Services
• You need management when you offer your first “mission critical” Web Service (don’t wait!)
• Management is critical for building and running enterprise-class SOAs
• The Service-Oriented Management space is still in flux
Copyright © 2005, ZapThink, LLC
Enterprise Governance: Managing the People part of
SOA
• Governance: the new business mandate– Establish and communicate policies that employees must
follow– Give employees the tools they need to be compliant with
those policies– Provide visibility into the levels of compliance in the
organization– Mitigate any deviations from established policy
• SOA-enabled Governance:– Policy management
• SOA configured & controlled via metadata, including policy– Visibility
• Services abstract heterogeneous data sources, providing necessary business intelligence
– Flexibility• Ability to build Services that address compliance issues and
adjust them as regulations or business needs change
24
Copyright © 2005, ZapThink, LLC
Mandatory, Urgent, & Non-Negotiable
Return On Investment
Risk Of Incarceration