David S. Linthicum david@linthicumgroup linthicumgroup

37
6 The Linthicum Group. All Rights Reserved. duction without prior written permission is strictly prohibited. ® Linthicum Group David S. Linthicum [email protected] www.linthicumgroup.com US Government…SOA To the Rescue?

description

US Government…SOA To the Rescue?. David S. Linthicum [email protected] www.linthicumgroup.com. References. Blogs: eBizq.net “Linthicum Channel” InfoWorld “Real World SOA” Weekly Podcast InfoWorld SOA Report Columns Web Services Journal Business Integration Journal - PowerPoint PPT Presentation

Transcript of David S. Linthicum david@linthicumgroup linthicumgroup

© 2006 The Linthicum Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

® Linthicum Group

David S. Linthicum

[email protected]

www.linthicumgroup.com

US Government…SOA

To the Rescue?

2© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

References

• Blogs:– eBizq.net “Linthicum Channel”– InfoWorld “Real World SOA”

• Weekly Podcast– InfoWorld SOA Report

• Columns– Web Services Journal– Business Integration Journal

• You can download this presentation, and the 12 Steps to SOA at www.linthicumgroup.com.

3© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Integration of

Internal Systems

Integration with

External Systems

Pervasive Integration

SOA

SaaS/Web Services

Web 2.0

1995 2000 2006

4© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Current State of Things

The survey was of 196 Information Technology (IT) decision makers in the Federal government.

"Indicators point to the fact that Federal IT professionals overwhelmingly support the SOA concept with 56 percent reporting they believe their agency would benefit from a SOA. Among those who have experienced a SOA implementation, 73 percent would recommend other agencies follow suit and adopt a SOA approach. “

5© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Current State of Things…Real World

• Hype is huge, and management by magazine is the way of the world these days.– “I got to git me one of them SOAs”– “A SOA will fix that.”– “SOA 2.0”

• Bad practices:– Selecting technology before understanding your

requirements and needs.– Not creating a business case.– Using the wrong people.– Lacking funding and empowerment.

6© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Why SOA Fails

1. The enterprise/agency considers SOA a project versus what it is; a more holistic notion.

2. They use 2nd tier talent.

3. They are under-resourced.

4. They allow the vendors to define their solution.

5. Requirements are not fully gathered.

7© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understanding the Pain Points

“A recent survey by the Business Performance Management Institute found that:

• Only 11 percent of executives say they're able to keep up with business demand to change technology-enabled processes.

• 40 percent of which, according to the survey, are currently in need of IT attention.

• Worse, 36 percent report that their company's IT departments are having either "significant difficulties" (27 percent) or "can't keep up at all" (9 percent).”– CIO Magazine

8© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Challenges of Government IT

• Layers of technology are causing significant integration issues.

• Mandates for resource utilization.• Unique business models limits “of-the-

shelf” business processes. • Procurement processes lag best practices.• Talent is there…just need know how to

leverage it.• Funding not realistic in many instances.

9© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

SOA to the Rescue?Goals and Characteristics of a SOA

• Improved Adaptability and Agility– Respond to business needs in near real-time

• Functional Reusability– Eliminate the need for large scale rip and replace

• Independent Change Management– Focus on configuration rather than programming

• Interoperability instead of point-to-point integration– Loosely-coupled framework, services in network

• Orchestrate rather than integrate– Configuration rather than development to deliver business needs

10© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Data Abstraction

Data Data

Data Services/Messaging

LegacyLegacy LegacyLegacy

Services

Process/Orchestration

Monitoring/Event Management

Govern

ance

Rep

Secu

rity

Internet-

Based

ServicesNew Services

SOA Meta Model

11© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Pick a Standard…(WS-*)

• XACML v2.0* • BPEL v1.1, Business Process Execution

Language• WSDM, Web Services Distributed Management

– MUWS: Management Using Web Services– MOWS: Management of Web Services

• SOAP v1.2, Simple Object Access Protocol• WSDL v 2.0, Web Services Description

Language• WSRP, Web Services for Remote Portlets• ID-WSF 1.0, Identity Web Services Framework• SPML v1.0, Service Provisioning Markup

Language• XCBF v1.1, XML Common Biometric Format• XPath v2.0, XML Path Language• WS-Manageability -Concepts, -Representation• WS-BrokeredNotification• WS-BaseNotification• WS-Federation Language –Active –Passive

Requestor Profile• WS-Addressing• WS-Naming• WS-Attachments• WS-Inspection

• WS-Policy• WS-Policy Framework

– WS-PolicyAssertions– WS-PolicyAttachments

• WS-Provisioning• WS-Privacy• WS-MetadataExchange• WS-Topics• WS-SecurityPolicy• WS-Trust• WS-SecureConversation• WS-Federation• WS-Transaction

– WS-Coordination – WS-AtomicTransactions – WS-BusinessActivity

• WS-Composite Application Framework– WS-Context– WS-Service Coordination Framework– WS-Transaction Management

• WS-Choreography• WS-Eventing• WS-Reliability• WS-ReliableMessaging• iECM Interoperable Content Management

12© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

5 Ways to Make Your SOA a Success

1. Understand the pain.

2. Define the value.

3. Focus on understanding (Steps to SOA).

4. Remember the people.

5. Focus longer term.

13© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand your business objectives and define success.

• The technology you layer into that business should add value by supporting that business’ objectives and facilitating efficiencies. – The technology should help improve the

bottom line.– Thus, it’s very important to define these

objectives up front, including the goals for business success.

14© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

The Value Proposition of a SOA

• We implement SOA for two major reasons. First is the ability to save

development dollars through reuse of services. Second is the ability to change the IT infrastructure faster to adapt to changing needs of the

business, or agility.

15© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Reuse

• Under the concept of service reuse, we have a few things we need to determine to better define the value. These include:– The number of services that are reusable.

Complexity of the services. The degree of reuse from system to system.

• The number of reusable services is the actual number of new services created, or, existing services abstracted, that are potentially reusable from system to system.

• The complexity of the services is the number of functions or object points that make up the service.

• Finally, the degree of reuse from system to system is the number of times you actually reuse the services. We look at this number as a percentage.

16© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

So, What do you Do?

• In order to determine their value we must first determine the Number of Services that are available for Reuse (NSR), the Degree of Reuse (DR) from system to system, as well as the Complexity (C)of each service, as described above.

• The formula to determine value looks much like this:

Value = (NSR*DR) * C

• Thus, if you have 100 services available for reuse (NSR=100), and the degree of reuse at 50 percent (DR=.50), and complexity of each service is, on average, at 300 function points, the value would look like this:

Value = (100*.5) * 300Or

Value = 15,000, in terms of reuse.

• Moreover, the amount of money saved depends upon your development costs, which vary greatly from company to company. Typically, you should know what you’re paying for functions or object points, and thus it’s just a matter of multiplication to determine the amount of money we are saving by implementing a particular SOA.

17© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Agility• Agility is a strategic advantage that is difficult to measure in hard dollars, but

not impossible. We first need to determine a few things about the business, including:

• The degree of change over time is really the number of times over a particular period that the business reinvents itself to adapt to a market. Thus, why a paper production company may only have a degree of change of 5 percent over a 5 year period, a high technology company may have an 80 percent change over the same period.

• The ability to adapt to change is a number that states the company’s ability to react to the need for change over time. The notion being that the use of an SOA provides a better ability to change IT to adjust to needed changes in the business.

• Finally, the relative value of change is the amount of money made as a direct result of changing the business. For instance, a retail organization’s ability to establish a frequent buyer program to react to changing market expectations, and the resulting increases in revenue from making that change.

18© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand your business

objectives and

define success.

ROIROIDefine ROI

Create Business Case

Business

Case

Business

Case

19© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Define your problem domain.

• You can’t boil the ocean, thus you must define the scope of your SOA, within an enterprise.

• Most SOAs are best implemented in small steps, such as moving a single division, or portion of a division, to SOA, if needed, instead of an entire enterprise all at once.

• You need to establish the demarcation lines at the beginning of the project to provide better focus and understanding.

• Remember, a POC will have a POC domain.

20© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Define your problem domain

System

Descriptions

System

Descriptions

System Complexity Analysis

SOA POC

POC

Results

POC

Results

Domain

Descriptions

Domain

Descriptions

Vendors

21© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand all application semantics in your domain.

• You can’t deal with information you don’t understand, including information bound to behavior (services).

• It is extremely important for you to identify all application semantics—metadata, if you will--that exist in your domain, thus allowing you to properly deal with that data.

22© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand all application

semantics in your domain.

SOA

Metadata

SOA

MetadataMeta data analysis

Data abstraction

layer definition

Data

Abstraction

Layer

Data

Abstraction

Layer

Data services definition

Data

Services

Data

Services

Legacy

Metadata

Legacy

Metadata

External

Metadata

(B2B)

External

Metadata

(B2B)

23© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand all services available in your domain.

• Service interfaces are quirky. They differ greatly from application to application, custom or proprietary.

• What’s more, many interfaces, despite what the application vendors or developers may claim, are not really service interfaces at all, and you need to know the difference.

• Services provide behavior as well as information, thus they are service-oriented.

• There are some services that just produce information; those are information-oriented and should not be included in this step.

• It is important to devote time to validating assumptions about services, including:– Where they exist.– The purpose of the service.– Information bound to the service.– Dependencies (e.g., if it’s a composite service).– Security issues.

24© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand all services

in your domain.

Candidate

Services

Candidate

ServicesService analysis

Metadata and

services analysis

Services

And

Information

Services

And

Information

Performance analysis

Services

And

Performance

Services

And

Performance

Legacy

Services

Legacy

Services

External

Services

(B2B)

External

Services

(B2B)

SOA

Metadata

SOA

Metadata

25© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand all processes in your domain.

• You need to define and list all business processes that exist within your domain, either automated or not.

• This is important because, now that we know which services and information sources and sinks are available, we must define higher level mechanisms for interaction, including all high-level, mid-level, and low level processes.

• In many instance, these processes have yet to become automated or are only partially automated.

26© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Understand all processes

in your domain.

Candidate

Processes

Candidate

ProcessesProcess analysis.

Define metadata, services,

and processes

Processes,

Services,

And

Information

Processes,

Services,

And

Information

Process integration

analysis.

Process

Integration

Diagrams

Process

Integration

Diagrams

Candidate

Services

Candidate

Services

External

Processes

(B2B)

External

Processes

(B2B)

SOA

Metadata

SOA

Metadata

27© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Define new services and information bound to those services.

• You must define all new services that are to make up your SOA, these will fall into one of three categories. – First are services exposed out of existing

systems, or, legacy services, such as ERP, CRM, legacy, etc..

– The second type of services are composite services, which are services unto themselves that are made up of many different services.

– Finally, scratch built services are services that are built from the ground up to be a true service.

28© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Define new services.

Candidate

Processes

Candidate

Processes

Service definition.

Service design.

Processes,

Services,

And

Information

Processes,

Services,

And

Information

Service implementation.Process

Integration

Diagrams

Process

Integration

Diagrams

SOA

Metadata

SOA

Metadata

Candidate

Services

Candidate

Services

Service

Definition

Service

Definition

Service

Design

Service

Design

Service

Implementation

Service

Implementation

29© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Define new processes, as well as services and information bound to those processes.

• At this point we should understand most of what is needed to define new processes, as well as bind them to existing processes, and automate processes previously not automated.

• New processes should be defined that automate the interactions of services as well as information flows to automate a particular business event or sets of events.

• While you can define some very complex logic within new processes using today’s tools, the theme here is to orchestrate existing services and information flows rather than create new functionality.

• In essence, it’s a meta-application that sits on top of many smaller applications, defining interactions from lower to higher levels.

30© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Define new processes.

Candidate

Processes

Candidate

Processes

Process definition.

Process design.

Processes,

Services,

And

Information

Processes,

Services,

And

Information

Process implementation.Process

Integration

Diagrams

Process

Integration

Diagrams

MetadataMetadata

Candidate

Services

Candidate

Services

Process

Definition

Process

Definition

Process

Design

Process

Design

Process

Implementation

Process

Implementation

31© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

System

System

32© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Select your technology set.

• Many technologies are available, including application servers, distributed objects, and integration servers.

• The choice of technology will likely be a mix of products and vendors that, together, meet the needs of your SOA. – It is very rare for a single vendor to be able to solve all

problems--not that that reality has ever kept vendors from making the claim that they can.

– Technology selection is a difficult process which requires a great deal of time and effort.

– Creating the criteria for technology and products, understanding available solutions, and then matching the criteria to those products is hardly a piece of cake.

33© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Select your technology set.

Technology

Requirements

Technology

Requirements

Define requirements.

Technology analysis.

Technology

solution

Technology

solution

Vendors

Define candidate technology.

Technology selection.

Technology validation.

34© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Deploy SOA technology.

• This is the “just do it” step, meaning that you’ve understood everything that needs to be understood, defined new services and processes, selected the proper technology set, and now it’s time to build the thing.

35© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Test and evaluate.

• To insure proper testing, a test plan will have to be put in place.

• It is really just a step-by-step procedure detailing how the SOA will be tested when completed.

• A test plan is particularly important because of the challenges in testing an SOA solution. Most source and target systems are business-critical and therefore cannot be taken offline.

36© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Final Words

• Pay me now, or pay me later. Make sure you do it right the first time…get the help you need.

• Don’t be afraid to experiment, and admit you’re wrong…backup and try again.

• Keep your vendors working with you.• Empower those working, so they can work to get

things done. Avoid politics, if possible.• Learn all you can, but don’t get caught up in the hype.

• Put standards in their proper perspective. • Small battles win the war…Keep that in mind.• Give yourself plenty of time, never skimp on any of

the steps.

37© 2006 The Linthicum. Group. All Rights Reserved.Reproduction without prior written permission is strictly prohibited.

Thanks!

• Blogs:– eBizq.net “Linthicum Channel”

– InfoWorld “Real World SOA”

• Weekly Podcast– InfoWorld SOA Report

• Columns– Web Services Journal– Business Integration Journal

www.linthicumgroup.com