zapthink llc take credit code: archdd -...

1

Copyright © 2005, ZapThink, LLC

Architecture Deep Dive

Jason Bloomberg & Ron SchmelzerZapThink LLC

Take Credit Code: ARCHDD


What is Architecture?

The fundamental organization of a system embodied by its components, their relationships to each other and to the environment and the principles guiding its design and evolution. (IEEE P1471/D5.3)

2


In Particular, SOA is Enterprise Architecture

Enterprise architecture includes:

• An aggregated architecture of all the individual IT systems within an organization

• The human element within the enterprise

• Systems, people, and organizational constructs at other companies that have relationships with the enterprise

• Individual consumers who are that enterprise’s customers

• Corporate governance


CompositeApplication

Delivery

BusinessServices

BusinessProcesses

SOA Fabric AtomicServices

Data Integration

Legacy Applications

and Middleware

A closer Look at SOA

Databases

Governance and Security InfrastructureGovernance and Security Infrastructure

SecuritySecurity

ManagementManagement

RoutingRouting

TransformTransform

AA

BBCC

DD

EE

AA

BBCC

DD

EE

MessagingMessaging

Rich Rich ClientsClients

Composite Composite AppsApps

DiscoveryDiscovery

Source: MW2 Consulting

3


SOA Foundation: Model-Driven Architecture

• Object Management Group (OMG) initiative

• Concepts of models, metamodels, and the Meta-Object Facility, which is a meta-metamodel

• Platform independent model and platform dependent models

• Model-driven development

• Weakness: Doesn’t (yet) take into account changing requirements


The SOA Metamodel

Business Model(Use Cases) Service Model Platform

Dependent Models

Deployment View

System Architects &System Engineers

Implementation View

Technical Architects & Developers

Process View

Business Analysts

Logical View

Line-of-Business Users

TechnologyViews

BusinessViews

Use-case View

Service-Oriented Architects

Copyright © 2003 ZapThink LLC

4


• Consumer and Provider of Services controlled by different people

• Changing one doesn’t break the other

• Build one without being aware of the other

• Loose coupling on various levels:

– Application interface

– Data formats

– Security

– Governance and Policies

J

SOA Idées Fortes: Loose Coupling


• The Web is synchronous: click a button and wait for a response

• Services can also be asynchronous: allow for long-running processes

• SOA should be event-driven– SOA vs. EDA is an inappropriate distinction

J

SOA Idées Fortes: Asynchrony

5


• Technical sense + business sense

• Business-oriented requests and responses

• Blocks of information exchanged

• Encapsulate APIs into fine-grained, atomic Services and compose them into coarse-grained, business Services

• Coarse granularity implies composability

J

SOA Idées Fortes: Coarse Granularity


Top-Down & Bottom-Up Approaches

• Top-down only: have the plan, may not be able to execute

• Bottom-up only: build Services, may not be reusable

• SOA planning must be both– Develop the vision (but not the details) ahead

of time– Service development should be iterative

6


Contract-First Development

• Service contracts specify required functionality to IT and provided functionality to the business

• Service model represents the clearinghouse for information about IT environment

• Contracts go beyond WSDL:– Usage policies– Security policies– Consumer delivery contracts– Service-level agreements, etc.


The Role of the Registry

• Design time !" Runtime

• Role of repository/registry

• UDDI and beyond

Service Model

Service Metadata

ExistingInfrastructure

Lines ofBusiness

7


Metadata Management Requirements

• In an SOA, business logic is in metadata, not code• Types of metadata

– Service interfaces– Business process flows– Policy definitions– Event messages and types– Schema and semantics

• Need: development tools and methodologies

This is the state of the art for SOAThis is the state of the art for SOA


Enterprise Governance: Managing the People of SOA

• Governance: the new business mandate– Establish and communicate policies that employees must follow– Give employees the tools they need to be compliant with those

policies– Provide visibility into the levels of compliance in the organization– Mitigate any deviations from established policy

• SOA-enabled Governance:– Policy management

• SOA configured & controlled via metadata, including policy– Visibility

• Services abstract heterogeneous data sources, providing necessary business intelligence

– Flexibility• Ability to build Services that address compliance issues and adjust them

as regulations or business needs change

8


The SOA Implementation Roadmap

Heterogeneous Systems with Proprietary Interfaces

Manage Services

Implement the SOA Metamodel

Service-Oriented Process

Dynamic Service Discovery

Business-Oriented Services

Just-In-Time Integration

Secure Service Interfaces

Wrap Legacy Systems in Services Interfaces

Service-Oriented Enterprise

Enterprise SOA Buildout

SOA Pilots

Mission-Critical Web Services

“Grass Roots” Web Services Implementations


Putting SOA Together

Service-OrientedArchitecture

Service-OrientedProcess

Service-OrientedManagement

SOM enables and managesbusiness Services and theprocesses that link them

SOM enables loosecoupling and coarse

granularity

SOAs abstract the softwarefunctionality that business processes

compose and orchestrate

Web Services Security & Identity ManagementEssential prerequisite for SOAs

Service-OrientedIntegration

SOM enforces the Qualityof Service of SOI

SOAs abstract theadaptation layer with alogical Service network

9


The Security Context Challenge

rschmelzer

RonSchmelzer

rschm123

Selective

Read / Write

Read Only

Full Read/Write???

???


Identity Management: Kill Two Birds…

• Many enterprises already dealing with “Single Sign-On”– “Sticky Note” problem: too many

passwords for too many systems– Problems administering users– Too many people with root access– Unknown security holes

• Now: need enterprise ID & access management to prepare for an SOA

10


Service-Oriented Management

• Are your Services up and running?

• Are the right consumers accessing the right Services?

• How do you keep consumers & producers of Services loosely coupled when Services change?

• How do you fix things when something goes wrong?

• Are you providing the required quality of Service?

• SOA enablement…


SOA Enablement…

• Provide and enforce the SOA layer of abstraction

• Combine fine-grained APIs into coarse-grained business Services

• Mask complexity of underlying technology: message protocols, adapters, APIs, etc.

• Handle quality of service, scalability, etc. “behind the scenes”

11


The State of the Market

• All balls must be in the air at once

• Web Services do not create a permanent, distinct market

• New entrants jockeying for position while incumbents wait/build/acquire

Security

Inte

gra

tion

Proce

ssM

anag

emen

t

Tool

s


Introducing the SOAIF…

• The SOA implementation framework is a product or set of products that offer everything companies need to build, run & manage their SOA

• No vendor offers a complete SOAIF (yet)

• Leverages Service orientation for modularity

• Today’s markets are converging on the SOAIF

12


The Road to the SOAIF

SOAImplementation

Framework

SO Mgmt

WSManagement

SystemsManagement

SOAEnablement

SOAI

ESB

IntegrationBrokers

App Server"Platforms"

ApplicationServers

Message-Oriented

Middleware

TransactionMonitors

EAI

SOProcess

BPM

BPI

SOSecurity

WS Security

PKI

IAM

EII

BI Analytics

BAM

SOA Tools

ModelingTools

ApplicationFrameworks

RAD Arch.Tools SO

Development

WS Tools

IDEs

XMLAppliances

NetworkAppliances

SemanticIntegration

DataIntegration

ETL

Portals

PresentationTools

CMS

OLAP

NXDs

Databases

OperationalData Stores

DataWarehouses


B2Bi

SOII

SO Content

Core SOMarkets

MarketsRemaining

Distinct

TransitionalWS Markets

EstablishedMarkets


Security, Management & SOAIF

SOAImplementation

Framework

SOManagement

WSManagement

SystemsManagement

SOAEnablement

SOAI

ESB App Server"Platforms"

ApplicationServers

SO SecurityWS Security

BIBAM


Core SOMarkets

MarketsRemaining

Distinct


EstablishedMarkets

13


WS Security Market Map –2002

Enterprise SecurityServices

TruSecure, IBMEDS, ISS, CA

Global Trust Services

VerisignEntrust

beTRUSTed

Web Services Security Platforms

Westbridge TechnologyQuadrasis, Primordial

Entrust, ActionalBaltimore Technologies

Web Services InfrastructureManagement Vendors

Systinet, AmberPointCape Clear, Iona

Bowstreet, Flamenco

Private Web ServicesNetwork Providers

Bang NetworksFlamenco Networks

Grand CentralSlam Dunk Networks

Source: Copyright © 2002 ZapThink, LLC

Secure Integration/EAIVendors

webMethodsVitria, SeeBeyond

Tibco, IBMActional, BEA

Software XML Firewalls

ReactivityQuadrasis

Westbridge TechnologyVordel

Access & Policy MgmtVendors

Waveset

PKI Vendors

RSA SecurityVeriSign

Baltimore TechnologiesEntrust, CA

Web Services SecurityToolkit Vendors

RSA SecurityIBM, Systinet, Entrust

Netegrity, nCipherPhaos Technology

Security ServiceProviders

McAfeeSymantec

Identity/Single Sign-onVendors

Netegrity, OblixOpen Network

Entegrity, EntrustOneName, CA

Novell, RSA Security


WS Security Market Map –2005

Enterprise SecurityServices

TruSecure, IBMEDS, ISS, CA

Global Trust Services

VerisignEntrust

beTRUSTed

Web Services Security Platforms

Westbridge TechnologyQuadrasis, Primordial

Entrust, ActionalBaltimore Technologies

Web Services InfrastructureManagement Vendors

Systinet, AmberPointCape Clear, Iona

Bowstreet, Flamenco

Private Web ServicesNetwork Providers

Bang NetworksFlamenco Networks

Grand CentralSlam Dunk Networks

Source: Copyright © 2002 ZapThink, LLC

Secure Integration/EAIVendors

webMethodsVitria, SeeBeyond

Tibco, IBMActional, BEA

Software XML Firewalls

ReactivityQuadrasis

Westbridge TechnologyVordel

Access & Policy MgmtVendors

Waveset

PKI Vendors

RSA SecurityVeriSign

Baltimore TechnologiesEntrust, CA

Web Services SecurityToolkit Vendors

RSA SecurityIBM, Systinet, Entrust

Netegrity, nCipherPhaos Technology

Security ServiceProviders

McAfeeSymantec

Identity/Single Sign-onVendors

Netegrity, OblixOpen Network

Entegrity, EntrustOneName, CA

Novell, RSA SecurityXML Security AppliancesDataPowerForum SystemsReactivitySarvega

Forum SystemsLayer 7

SOA Enablement VendorsActionalAmberPointSOA Software

IBMOracle

14


WS Management Market Map -2002

Web ServicesManagement Platforms

XML Proxies

Systems Management Platforms

Web ServicesDevelopment Platforms

& Tools

Web Services SecurityPlatforms

Private Web ServicesNetworks

Transaction/Workflow/BPMPlatforms & Tools

AdjoinBlue Titan

InfravioSwingTide

Talking BlocksWestGlobal

AmberPointDigital Evolution

Confluent SoftwareFlamenco Networks

ActionalPrimordial

Westbridge Technology

Baltimore TechnologiesEntrust

Netegrity

DataPowerForum Systems

QuadrasisReactivitySarvegaVordel

BMC SoftwareComputer Associates Unicenter

IBM TivoliHP Openview

Grand Central

BEABowstreet

Cape ClearIBM WebSphere App Developer

Microsoft Visual Studio .NETSystinet

The Mind ElectricWebPutty

BEAFuegoIBM

IDS Scheer ArisIntalioMega

Savvion


WS Management Market Map -2005

Web ServicesManagement Platforms

XML Proxies

Systems Management Platforms

Web ServicesDevelopment Platforms

& Tools

Web Services SecurityPlatforms

Private Web ServicesNetworks


AdjoinBlue Titan

InfravioSwingTide

Talking BlocksWestGlobal

AmberPointDigital Evolution

Confluent SoftwareFlamenco Networks

ActionalPrimordial

Westbridge Technology

Baltimore TechnologiesEntrust

Netegrity

DataPowerForum Systems

QuadrasisReactivitySarvegaVordel

BMC SoftwareComputer Associates Unicenter

IBM TivoliHP OpenView

Grand Central

BEABowstreet

Cape ClearIBM WebSphere App Developer

Microsoft Visual Studio .NETSystinet


BEAFuegoIBM


Savvion

Collaxa

Cordys

OblixOracle

Service Integrity

Layer 7

SOA Software

SOA Governance ToolsInfravioLogicLibrarySystinetWebLayers

15


Arch., Devt. Tools & SOAIF

SOAImplementation

Framework

SOProcess

BPM

SOA Tools

ModelingTools

ApplicationFrameworks

RAD Arch.Tools SO

Development

WS Tools

IDEsCore SOMarkets

MarketsRemaining

Distinct


EstablishedMarkets


SOA Tools Market Map - 2003

SOA Tools


Rapid DevelopmentPlatformsAltowebNovell

InstantisSilver Leap

UDICoWebPutty


BEA SystemsFuegoIBM


Savvion

Modeling/ArchitectureToolsAonix

BorlandInteractive Objects

MetaMatrixRational SoftwareSun Microsystems

SybaseTelelogic

Visible Systems

Service-OrientedIntegration Vendors

IONASonic Software

WRQ

Asset ManagementTools

FlashlineLogicLibrary

Legacy EncapsulationTools

ActionalAttachmateHostbridge

iWaySeagullWRQ

Web ServicesDevelopment Tools

BarbadoSoftBEA Systems

BowstreetCape Clear

ClearMethodsSybaseSystinet


SOA Knowledge/Training

IBMMicrosoft

SwingTide

Service-OrientedDevelopment/Runtime

PlatformsExadelKinzanNovell

The Mind ElectricWakesoftWebPutty

Zareus

SOA Enablement ProductsActional

AmberPointBlue Titan

Confluent SoftwareDigital Evolution

Flamenco NetworksInfravio

Talking BlocksWestbridge Technology

WestGlobal

Agile Testing ToolsMercury Interactive

ParasoftRational Software

Integrated DevelopmentEnvironments

BorlandRational Software

IBMMicrosoft

16


SOA Tools Market Map - 2005

SOA Tools


Rapid DevelopmentPlatformsAltowebNovell

InstantisSilver Leap

UDICoWebPutty


BEA SystemsFuegoIBM


Savvion

Modeling/ArchitectureToolsAonix

BorlandInteractive Objects

MetaMatrixRational SoftwareSun Microsystems

SybaseTelelogic

Visible Systems


IONASonic Software

WRQ

Asset ManagementTools

FlashlineLogicLibrary

Legacy EncapsulationTools

ActionalAttachmateHostbridge

iWaySeagullWRQ

Web ServicesDevelopment Tools

BarbadoSoftBEA Systems

BowstreetCape Clear

ClearMethodsSybaseSystinet


SOA Knowledge/Training

IBMMicrosoft

SwingTide

Service-OrientedDevelopment/Runtime

PlatformsExadelKinzanNovell

The Mind ElectricWakesoftWebPutty

Zareus

SOA Enablement ProductsActional





WestGlobal

Agile Testing ToolsMercury Interactive

ParasoftRational Software

Integrated DevelopmentEnvironments

BorlandRational Software

IBMMicrosoft

Cordys

SOA SoftwareSystinet

ClientSoftGT SoftwareIONANeon SystemsNetManageOpenConnect

EmpirixOptimyzSegueSolsticeSpirent

Brunswick WDICordysFioranoJacadaKnowNowPolar LakeSoftware AGSybase

Composite Application PlatformsAbove All SoftwareCordysJacadaNetManagePrima SolutionsQuovadxWebify Solutions


App. Integration, Process & SOAIF

SOAImplementation

Framework

SO Mgmt

SOAEnablement

SOAI

ESB

IntegrationBrokers

App Server"Platforms"

ApplicationServers

Message-Oriented

Middleware

TransactionMonitors

EAI

SOProcess

BPM

BPI

B2Bi

Core SOMarkets

MarketsRemaining

Distinct


EstablishedMarkets

17


SOP Market Map - 2003


Service-Oriented ManaementActional





WestGlobal

Enterprise ApplicationIntegrationSeeBeyond

TIBCOVitria

WebMethods

Enterprise Applications

PeopleSoftSAP

Siebel

B2B IntegrationCommerce One

Cyclone CommerceSterling Commerce

Service-OrientedProcess "Pure Plays"

ChoreologyCollaxaIntalio

Oak Grove SystemsVersata

Application ServerPlatforms

BEAIBM

MicrosoftNovellOracle

Sun


IONAPolar Lake

Sonic SoftwareWRQ


AkaziFileNetFuego

HandySoftIBM


MetastormSavvion


SOP Market Map - 2005


Service-Oriented ManaementActional





WestGlobal

Enterprise ApplicationIntegrationSeeBeyond

TIBCOVitria

WebMethods

Enterprise Applications

PeopleSoftSAP

Siebel

B2B IntegrationCommerce One

Cyclone CommerceSterling Commerce

Service-OrientedProcess "Pure Plays"

ChoreologyCollaxaIntalio

Oak Grove SystemsVersata

Application ServerPlatforms

BEAIBM

MicrosoftNovellOracle

Sun


IONAPolar Lake

Sonic SoftwareWRQ


AkaziFileNetFuego

HandySoftIBM


MetastormSavvion

CordysOracle

Brunswick WDICordysFioranoJacadaKnowNowSoftware AGSybase

SOA Software

18


Info. Integration, Content & SOAIF

SOAImplementation

Framework

SO Mgmt

EII

BI Analytics

BAM

SemanticIntegration

DataIntegration

ETL

CMS

OLAP

NXDs

Databases

OperationalData Stores

DataWarehouses

SOII

SO Content

Core SOMarkets

MarketsRemaining

Distinct


EstablishedMarkets


Next Steps?

• Take iterative approach to reduce risk• Security & management usually come first• Build SOA top-down (architectural plan) and

bottom-up (build Services from existing resources)

Security

Inte

gra

tion

Proce

ssM

anag

emen

t

Tool

s

19


SOAIF Futures…

SOAImplementation

Framework

SO Mgmt

SOAEnablement

SOAI

SOProcess

SOSecurity

SOA Tools

SOII

SO Content

Core SOMarkets

MarketsRemaining

Distinct


EstablishedMarkets


Thank You!

ZapThink is an industry analysis firm focused exclusively on XML, Web Services, and Service-Oriented Architecture.

Jason Bloomberg

[email protected]

Ronald Schmelzer

[email protected]

20


Appendix


SOA is a discipline…

• Implementing a Service-Oriented Architecture is a journeyjourney

• Moving from proprietary interfaces to standards-based ones is just the first step…

• SOAs require a combination of security, management, integration, process, and architecture tools

• What are the right steps to guarantee overall success?

• How can you guarantee an ROI while reducing risk?

21


SOA Abstracts the Plumbing

• Goal is reusable, composable business Services

• But what kind of infrastructure enables loosely coupled, composable, asynchronous Services?

• Many different approaches to implementation


Don’t Get Lost in the Terminology

• There are many styles for SOA implementation

• Focus on your goals: Reuse? Governance? Reduced integration cost? Agility?

ESB? EAI?

SOA?SOA?SOA?SOA?EDA?EDA?

Fabric?

Abstraction?SOA Infrastructure?

Service Grid?Service Network?

22


The 4+1 View Model of SOA

Logical ViewFunctional requirements

Deployment ViewPlatforms

Process ViewProcesses

Implementation ViewComponents

Use Case ViewSOAs

Data View

Information View


SOA Enablement…

• Provide and enforce the SOA layer of abstraction

• Combine fine-grained APIs into coarse-grained business Services

• Mask complexity of underlying technology: message protocols, adapters, APIs, etc.

• Handle quality of service, scalability, etc. “behind the scenes”

23


Important Points: Managing Services

• You need management when you offer your first “mission critical” Web Service (don’t wait!)

• Management is critical for building and running enterprise-class SOAs

• The Service-Oriented Management space is still in flux


Enterprise Governance: Managing the People part of

SOA

• Governance: the new business mandate– Establish and communicate policies that employees must

follow– Give employees the tools they need to be compliant with

those policies– Provide visibility into the levels of compliance in the

organization– Mitigate any deviations from established policy

• SOA-enabled Governance:– Policy management

• SOA configured & controlled via metadata, including policy– Visibility

• Services abstract heterogeneous data sources, providing necessary business intelligence

– Flexibility• Ability to build Services that address compliance issues and

adjust them as regulations or business needs change

24


Mandatory, Urgent, & Non-Negotiable

Return On Investment

Risk Of Incarceration

zapthink llc take credit code: archdd -...

Documents