You are previewing Service-Oriented Architecture Compass: Business Value, Planning, and Enterprise Roadmap.
O'Reilly logo
Service-Oriented Architecture Compass: Business Value, Planning, and Enterprise Roadmap

Book Description

Praise for Service-Oriented Architecture Compass

"A comprehensive roadmap to Service-Oriented Architecture (SOA). SOA is, in reality, a business architecture to be used by those enterprises intending to prosper in the 21st century. Decision makers who desire that their business become flexible can jumpstart that process by adopting the best practices and rules of thumb described in SOA Compass."

–Bob Laird, MCI IT Chief Architect

"The book Service-Oriented Architecture Compass shows very clearly by means of real projects how agile business processes can be implemented using Service-Oriented Architectures. The entire development cycle from planning through implementation is presented very close to practice and the critical success factors are presented very convincingly."

–Professor Dr. Thomas Obermeier, Vice Dean of FHDW Bergisch Gladbach, Germany

"This book is a major improvement in the field. It gives a clear view and all the key points on how to really face a SOA deployment in today's organizations."

–Mario Moreno, IT Architect Leader, Generali France

"Service-Oriented Architecture enables organizations to be agile and flexible enough to adopt new business strategies and produce new services to overcome the challenges created by business dynamism today. CIOs have to consider SOA as a foundation of their Enterprise Applications Architecture primarily because it demonstrates that IT aligns to business processes and also because it positions IT as a service enabler and maximizes previous investments on business applications.

To understand and profit from SOA, this book provides CIOs with the necessary concepts and knowledge needed to understand and adapt it into their IT organizations."

–Sabri Hamed Al-Azazi, CIO of Dubai Holding, Sabri

"I am extremely impressed by the depth and scale of this book! The title is perfect–when you know where you want to go, you need a compass to guide you there! After good IT strategy leads you to SOA, this book is the perfect vehicle that will drive you from dream to reality. We in DSK Bank will use it as our SOA bible in the ongoing project."

–Miro Vichev, CIO, DSK Bank, Bulgaria, member of OTP Group

"Service-Oriented Architecture offers a pathway to networking of intra- and inter-corporate business systems. The standards have the potential to create far more flexible and resilient business information systems than have been possible in the past. This book is a must-read for those who care about the future of business IT."

–Elizabeth Hackenson, CIO, MCI

"Service-Oriented Architecture is key to help customers become on demand businesses–a business that can quickly respond to competitive threats and be first to take advantage of marketplace opportunities. SOA Compass is a must-read for those individuals looking to bridge the gap between IT and business in order to help their enterprises become more flexible and responsive."

–Michael Liebow, Vice President, Web Services and Service-Oriented Architecture, IBM Business Consulting Services

"This book is a welcome addition to SOA literature. It articulates the business case and provides practical proven real-world advice, guidance, tips, and techniques for organizations to make the evolution from simple point-to-point web services to true SOA by addressing such topics as planning, organization, analysis and design, security, and systems management."

–Denis O'Sullivan, Fireman's Fund Enterprise Architect

Maximize the business value and flexibility of your SOA deployment

In this book, IBM Enterprise Integration Team experts present a start-to-finish guide to planning, implementing, and managing Service-Oriented Architecture. Drawing on their extensive experience helping enterprise customers migrate to SOA, the authors share hard-earned lessons and best practices for architects, project managers, and software development leaders alike.

Well-written and practical, Service-Oriented Architecture Compass offers the perfect blend of principles and "how-to" guidance for transitioning your infrastructure to SOA. The authors clearly explain what SOA is, the opportunities it offers, and how it differs from earlier approaches. Using detailed examples from IBM consulting engagements, they show how to deploy SOA solutions that tightly integrate with your processes and operations, delivering maximum flexibility and value. With detailed coverage of topics ranging from policy-based management to workflow implementation, no other SOA book offers comparable value to workingIT professionals.

Coverage includes

  • SOA from both a business and technical standpoint–and how to make the business case

  • Planning your SOA project: best practices and pitfalls to avoid

  • SOA analysis and design for superior flexibility and value

  • Securing and managing your SOA environment

  • Using SOA to simplify enterprise application integration

  • Implementing business processes and workflow in SOA environments

  • Case studies in SOA deployment

  • After you've deployed: delivering better collaboration, greater scalability, and more sophisticated applications

  • The IBM Press developerWorks® Series is a unique undertaking in which print books and the Web are mutually supportive. The publications in this series are complemented by resources on the developerWorks Web site on ibm.com. Icons throughout the book alert the reader to these valuable resources.

    Table of Contents

    1. Copyright
      1. Dedication
    2. Praise for Service-Oriented Architecture Compass
    3. More Praise for Service-Oriented Architecture Compass
    4. IBM Press: The developerWorks® Series
    5. IBM Press
      1. WebSphere Books
      2. On Demand Computing Books
      3. Rational
      4. More Books from IBM Press
      5. DB2® Books
    6. Forewords
    7. Preface
      1. Trademarks and Notices
      2. developerWorks® Link Icons Used in This Book
    8. Acknowledgments
    9. About the Authors
    10. developerWorks and SOA
    11. 1. Introducing SOA
      1. 1.1. SOA to the Rescue
      2. 1.2. Exploring SOA
        1. 1.2.1. The Term “SOA”
        2. 1.2.2. Dimensions of SOA
          1. 1.2.2.1. Business Value
          2. 1.2.2.2. Reach and Range
          3. 1.2.2.3. Maturity and Adoption Strategies
      3. 1.3. A Preview of the Service-Oriented Architecture Compass
      4. 1.4. Summary
      5. 1.5. References
    12. 2. Explaining the Business Value of SOA
      1. 2.1. The Forces of Change
        1. 2.1.1. Enterprise Reconstruction
        2. 2.1.2. Industry Deconstruction
        3. 2.1.3. The Impact of the Enterprise Reconstruction and Industry Deconstruction Trends
        4. 2.1.4. The Trend Toward Business Components and Services
      2. 2.2. Common Questions About SOA
        1. 2.2.1. What Is SOA?
        2. 2.2.2. Why Do Companies Need SOA?
        3. 2.2.3. What Benefits Will Businesses Receive if They Implement SOA?
        4. 2.2.4. What Opportunities Will Companies Miss if They Don’t Implement SOA?
        5. 2.2.5. What Is Different with SOA Compared to Previous Approaches?
        6. 2.2.6. Rethinking Components for Business and Applications
        7. 2.2.7. When Not to Implement an SOA
      3. 2.3. SOA Value Roadmap
        1. 2.3.1. Explaining SOA to Business People
        2. 2.3.2. A Checklist for Business Change Agility
          1. 2.3.2.1. Unraveling the Concept of Architecture
          2. 2.3.2.2. Clarifying the Architect’s Role
          3. 2.3.2.3. Realigning IT Around Services
          4. 2.3.2.4. IT-to-Business Services Alignment
          5. 2.3.2.5. Creating the Digital Model of the Business
          6. 2.3.2.6. Aligning IT with Business Processes and Metrics
          7. 2.3.2.7. Aligning IT with Business via Incremental Delivery
      4. 2.4. The Nine Business Rules of Thumb for SOAs
      5. 2.5. Summary
      6. 2.6. References
    13. 3. Architecture Elements
      1. 3.1. Refining SOA Characteristics
        1. 3.1.1. Platform
        2. 3.1.2. Location
        3. 3.1.3. Protocols
        4. 3.1.4. Programming Language
        5. 3.1.5. Invocation Patterns
        6. 3.1.6. Security
        7. 3.1.7. Service Versioning
        8. 3.1.8. Service Model
        9. 3.1.9. Information Model
        10. 3.1.10. Data Format
        11. 3.1.11. Applying the SOA Characteristics
      2. 3.2. Infrastructure Services
        1. 3.2.1. Resource Virtualization Services
        2. 3.2.2. Service-Level Automation and Orchestration
        3. 3.2.3. Utility Business Services
      3. 3.3. The Enterprise Service Bus (ESB)
        1. 3.3.1. Transport
        2. 3.3.2. Quality-of-Service-Based Routing
        3. 3.3.3. Mediation
        4. 3.3.4. Web Services Gateway
      4. 3.4. SOA Enterprise Software Models
        1. 3.4.1. Industry Models
        2. 3.4.2. Platform-Independent Realization
        3. 3.4.3. Platform-Specific Realization
        4. 3.4.4. J2EE Realization
        5. 3.4.5. Services Integration on the WebSphere Application Server
        6. 3.4.6. The Information Management Domain
          1. 3.4.6.1. Information Management
          2. 3.4.6.2. Information Management Services
          3. 3.4.6.3. Reengineering Information Management into Services
          4. 3.4.6.4. Considerations of Meta-Data Management
          5. 3.4.6.5. Meta-Data Integration
      5. 3.5. The IBM On Demand Operating Environment
      6. 3.6. Summary
      7. 3.7. Links to developerWorks
      8. 3.8. References
    14. 4. SOA Project Planning Aspects
      1. 4.1. Organizing Your SOA Project Office
      2. 4.2. SOA Adoption Roadmap
      3. 4.3. The Need for SOA Governance
        1. 4.3.1. SOA Governance Motivation and Objectives
        2. 4.3.2. An SOA Governance Model
        3. 4.3.3. Strategic Direction and SOA Governance Principles
        4. 4.3.4. Empowerment and Funding
        5. 4.3.5. Managing the Risk of an SOA Roadmap
        6. 4.3.6. SOA Governance Processes
        7. 4.3.7. Launching the Governance Model
        8. 4.3.8. Hints and Tips for Success
      4. 4.4. SOA Technical Governance
        1. 4.4.1. Reducing Impact by Modularization
        2. 4.4.2. Achieving Middleware Independence with Explicit Process State
        3. 4.4.3. Business Exceptions Monitoring and Handling
      5. 4.5. SOA Project Roles
        1. 4.5.1. The Function of Roles
        2. 4.5.2. Roles and Skills
        3. 4.5.3. Project Phases
        4. 4.5.4. Examining and Adapting Roles
        5. 4.5.5. A Look at Existing Roles
          1. 4.5.5.1. The IT Project Manager
          2. 4.5.5.2. The Business Analyst
          3. 4.5.5.3. The Architect
          4. 4.5.5.4. The Developer
          5. 4.5.5.5. The Security Specialist
          6. 4.5.5.6. The System and Database Administrator
          7. 4.5.5.7. The Service Deployer
          8. 4.5.5.8. The Service Integration Tester
          9. 4.5.5.9. The Toolsmith
          10. 4.5.5.10. The Knowledge Transfer Facilitator
          11. 4.5.5.11. The SOA Project Manager
          12. 4.5.5.12. The SOA System Administrator
        6. 4.5.6. A Look at New Roles
          1. 4.5.6.1. The SOA Architect
          2. 4.5.6.2. The Service Modeler or Designer
          3. 4.5.6.3. The Process Flow Designer
          4. 4.5.6.4. The Service Developer
          5. 4.5.6.5. The Integration Specialist
          6. 4.5.6.6. The Interoperability Tester
          7. 4.5.6.7. The UDDI Administrator
          8. 4.5.6.8. The UDDI Designer
          9. 4.5.6.9. The Services Governor
        7. 4.5.7. Integrating Existing and New Roles
      6. 4.6. Summary
      7. 4.7. Links to developerWorks
      8. 4.8. References
    15. 5. Aspects of Analysis and Design
      1. 5.1. Service-Oriented Analysis and Design
        1. 5.1.1. On Modeling
        2. 5.1.2. Layers of Abstraction
          1. 5.1.2.1. Enterprise Layer
          2. 5.1.2.2. Process Layer
          3. 5.1.2.3. Service Layer
          4. 5.1.2.4. Component Layer
          5. 5.1.2.5. Object Layer
        3. 5.1.3. Reuse
        4. 5.1.4. Service Encapsulation
        5. 5.1.5. Loose-Coupling
        6. 5.1.6. Strong Cohesion
        7. 5.1.7. Service Granularity
        8. 5.1.8. Well-Designed Services
      2. 5.2. Service-Oriented Analysis and Design—Activities
        1. 5.2.1. Identifying Services
          1. 5.2.1.1. Top-Down Analysis
          2. 5.2.1.2. Building a Taxonomy
          3. 5.2.1.3. Bottom-Up Synthesis
        2. 5.2.2. Categorization of Services
        3. 5.2.3. Specification of Services
        4. 5.2.4. Realization of Services
      3. 5.3. Summary
      4. 5.4. Links to developerWorks
      5. 5.5. References
    16. 6. Enterprise Solution Assets
      1. 6.1. Architect’s Perspective
        1. 6.1.1. Selecting the Architectural Methodology
        2. 6.1.2. Formalizing Architectural Decisions
        3. 6.1.3. Identifying Architectural Best Practices
        4. 6.1.4. Performing the Product and Package Mappings
      2. 6.2. Enterprise Solution Assets Explained
      3. 6.3. A Catalog of Enterprise Solution Assets
      4. 6.4. How Does an ESA Solve Enterprise Problems?
      5. 6.5. Selecting an Enterprise Solution Asset
      6. 6.6. Using an Enterprise Solution Asset
      7. 6.7. Multitiered Disconnected Operation
        1. 6.7.1. Problem Synopsis
        2. 6.7.2. Context
        3. 6.7.3. Forces
        4. 6.7.4. Solution
        5. 6.7.5. Consequences
      8. 6.8. Request Response Template
        1. 6.8.1. Problem Synopsis
        2. 6.8.2. Context
        3. 6.8.3. Forces
        4. 6.8.4. Solution
          1. 6.8.4.1. Participants
        5. 6.8.5. Consequences
      9. 6.9. Summary
      10. 6.10. Links to developerWorks
      11. 6.11. References
    17. 7. Determining Non-Functional Requirements
      1. 7.1. Business Constraints
        1. 7.1.1. Operating Ranges
        2. 7.1.2. Legal Constraints
        3. 7.1.3. Industry Business Standards
      2. 7.2. Technology Constraints
        1. 7.2.1. Operating Environment Constraints
        2. 7.2.2. Technical Model Constraints
        3. 7.2.3. Access Constraints
        4. 7.2.4. Expertise Constraints
      3. 7.3. Runtime Qualities
        1. 7.3.1. Performance NFRs
          1. 7.3.1.1. The Impact of Service Granularity and Placement on Performance
          2. 7.3.1.2. The Impact of Binding Choices on Performance
          3. 7.3.1.3. The Impact on Parsing and Data Volume on Performance
          4. 7.3.1.4. The Impact of Security on Performance
          5. 7.3.1.5. The Impact of Network Bandwidth on Performance
        2. 7.3.2. Scalability NFRs
        3. 7.3.3. Transactional Integrity NFRs
        4. 7.3.4. Security NFRs
      4. 7.4. Nonruntime Qualities
        1. 7.4.1. Manageability NFRs
          1. 7.4.1.1. The Requirements for Services Management
        2. 7.4.2. Version Management NFRs
        3. 7.4.3. Disaster-Recovery NFRs
      5. 7.5. Summary
      6. 7.6. Links to developerWorks
      7. 7.7. References
    18. 8. Securing the SOA Environment
      1. 8.1. Architectural Considerations for an SOA Security Model
      2. 8.2. Concepts and Elements of Security
        1. 8.2.1. Integrity
        2. 8.2.2. Confidentiality
        3. 8.2.3. Identity and Authentication
        4. 8.2.4. Message Authentication
        5. 8.2.5. Session Management
        6. 8.2.6. Authorization
        7. 8.2.7. Privacy
        8. 8.2.8. Non-Repudiation
        9. 8.2.9. Cryptography
        10. 8.2.10. Trust
        11. 8.2.11. Federation
      3. 8.3. Implementation Requirements for SOA Security
        1. 8.3.1. Managing Security Policies
        2. 8.3.2. Defining Transport Security Policies
        3. 8.3.3. Defining Message Layer Security Policies
        4. 8.3.4. Defining Data Protection Policies
        5. 8.3.5. Defining Security Token Policies
        6. 8.3.6. Defining Cryptographic Key Policies
        7. 8.3.7. Coordinating Policies Between Business Partners
      4. 8.4. Standards and Mechanisms for SOA Security
        1. 8.4.1. The Basic Security Standard: WS-Security
          1. 8.4.1.1. WS-Security Tokens
          2. 8.4.1.2. Signatures: XML Digital Signatures
          3. 8.4.1.3. Message-Level and Element-Level Encryption: XML Encryption
          4. 8.4.1.4. Leveraging WS-Security
        2. 8.4.2. Trust Domains: WS-Trust
          1. 8.4.2.1. Leveraging WS-Trust
        3. 8.4.3. Federated Security: WS-Federation
          1. 8.4.3.1. Leveraging WS-Federation
        4. 8.4.4. Session Management: WS-SecureConversation
          1. 8.4.4.1. Leveraging WS-SecureConversation
        5. 8.4.5. Authorization and Policies: WS-Policy
          1. 8.4.5.1. Leveraging WS-Policy
      5. 8.5. Implementing Security in SOA Systems
        1. 8.5.1. Implementing Basic Security Services
        2. 8.5.2. Implementing Point-of-Contact Services
        3. 8.5.3. Implementing Message Layer Security Services
        4. 8.5.4. Implementing Trust Services
        5. 8.5.5. Implementing a Federation
      6. 8.6. Non-Functional Requirements Related to Security
        1. 8.6.1. The Performance Impact of Security
        2. 8.6.2. Managing Security
          1. 8.6.2.1. Trust Relationship Management
          2. 8.6.2.2. Security Tokens Used for Authentication
          3. 8.6.2.3. Security Tokens Used for Session Management
          4. 8.6.2.4. Credential Store Services
      7. 8.7. Technology and Product Mappings
        1. 8.7.1. Transport Layer Point of Contact
        2. 8.7.2. Web Services Layer Point of Contact
        3. 8.7.3. Trust Services
        4. 8.7.4. Federation Services
          1. 8.7.4.1. Liberty Alliance
      8. 8.8. Summary
      9. 8.9. Links to developerWorks
      10. 8.10. References
    19. 9. Managing the SOA Environment
      1. 9.1. Distributed Service Management and Monitoring Concepts
        1. 9.1.1. Event-Driven Management
        2. 9.1.2. Levels of SOA-Driven Management
      2. 9.2. Key Services Management Concepts
        1. 9.2.1. Managing the Enterprise Service Bus
        2. 9.2.2. Evolving Standards
      3. 9.3. Operational Management Challenges
        1. 9.3.1. Challenges with Respect to Management Perspectives
        2. 9.3.2. Phases of Deployment
      4. 9.4. Service-Level Agreement Considerations
      5. 9.5. SOA Management Products
        1. 9.5.1. Business Performance and Business Service Management
        2. 9.5.2. IT Application and Resource Management
          1. 9.5.2.1. Event Management
          2. 9.5.2.2. Provisioning and Orchestration
          3. 9.5.2.3. Security
        3. 9.5.3. Other Areas of Management
          1. 9.5.3.1. Transaction Performance
          2. 9.5.3.2. Web Services Management
          3. 9.5.3.3. Resource Monitoring
          4. 9.5.3.4. Additional IBM Monitoring Tools for IT Resource Management
        4. 9.5.4. External Product Relationships
      6. 9.6. Summary
      7. 9.7. Links to developerWorks
      8. 9.8. References
    20. 10. Case Studies in SOA Deployment
      1. 10.1. Case Study: SOA in the Insurance Industry
        1. 10.1.1. IT and Business Challenges
        2. 10.1.2. Solution Implementation
        3. 10.1.3. Impact of the Project
        4. 10.1.4. Lessons Learned
      2. 10.2. Case Study: SOA in Government Services
        1. 10.2.1. IT and Business Challenges
        2. 10.2.2. Technical Implementation
        3. 10.2.3. Impact of the Project
        4. 10.2.4. Lessons Learned
      3. 10.3. Summary
    21. 11. Navigating Forward
      1. 11.1. What We Learned
      2. 11.2. Guiding Principles
      3. 11.3. Future Directions
        1. 11.3.1. Technology Standards
        2. 11.3.2. Web Services Monitoring and Visualization
        3. 11.3.3. Semantic Web Services
        4. 11.3.4. Open Development Platforms
        5. 11.3.5. Services Assets
        6. 11.3.6. SOA Programming Models
        7. 11.3.7. Virtual Services Platform
        8. 11.3.8. Event-Driven Architectures
        9. 11.3.9. Model-Driven Architectures
        10. 11.3.10. Utility Services
        11. 11.3.11. Industry Adoption
      4. 11.4. Summary
      5. 11.5. Links to developerWorks
    22. Glossary