SOA What? Why You Need SOA Governance Framework
- 04 December, 2008 08:32
Adopting services oriented architecture (SOA) in your enterprise without thinking through IT governance can cause something like the Gold Rush in the 1800s; extreme rates of growth and minimal law and order which produce unexpected outcomes.
The promise of SOA is that developers can write software code once and have that code re-used by many disparate systems for a variety of functions, thus saving time and money. Governance is a set of processes, tools, and organizational structure that allows for oversight of the IT operation and is essential for delivering on the SOA promise.
Let's say your developers create a new service to open and track a "case" whenever a customer contacts your enterprise (let's call this service the 'Open Case Process'). By the nature of SOA other developers within the organization (or sometimes across an eco-system such as government organizations) may leverage that same service for their similar processes. So a sales department may use the Open Case Process to track contacts in their sales workflow software. The billing department may use the Open Case Process to track billing disputes in their contact center software.
Without an established governance plan and policy, the original author and support organization may not even know this "use" of their software is happening. This can lead to a lawless environment where: 1.) Increased volume may cause a jump in users from hundreds to thousands overnight. Servers or networks being used for this process may not be able to handle the load; 2) Contrarily a service is created but "no one comes" to re-use it because there is no established procedure about how to communicate service availability within the enterprise; 3) Finally, it is easy for a developer to read a service definition and create a sample request message in minutes. In a SOA world, the data travels on the wire in the clear and even has tags identifying each and every data element. Ease of access to SOA services raises an important issue of security policies and SOA governance.
So without a well-thought out governance plan SOA can seem like the lawless Wild, Wild West.
The SOA Sheriff: A Governance Framework
To capture the maximum benefits of SOA while not opening up the enterprise to additional challenges, companies are adopting SOA governance frameworks.
Enforce, Set up, Deploy and Regiment is the 'mantra' for implementing a successful SOA Governance framework. The following are recommended best practices:
1) Enforce Architecture Governance a. Define SOA reference architecture b. Identify the infrastructure capabilities it will have c. Evaluate and identify vendor technologies that the SOA architecture will be built with d. Specify management, security, reliability and availability characteristics for the SOA infrastructure
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
CIOs to Become In-House Brokers -- and That's a Good Thing
The future of computing
10 Hot Hadoop Startups to Watch
The future of computing
Guide: 10 Essential Questions about Mobile App Containers
Mobile apps are the ultimate corporate dilemma: They turbo-charge productivity—but also bring significant security risks. How do you navigate the challenge and emerge with both? With a comprehensive approach to security.Learn the key areas to focus on as you build a mobile app security strategy.
Simple, Proven, Tranformative
A cheat Sheet for Google Apps for Business
Secure by design - How to dramatically simplify data protection, access control and other critical security tasks
This white paper examines how you can dramatically reduce the effort required to protect mission-critical information, while giving users fast, simple, flexible remote access that enhances business productivity.