Miko Matsumura

1
Web Services/SOA on Wall Street

• Miko Matsumura
• VP SOA Products
• webMethods

2
Introduction
3
Introducing Miko Matsumura

• VP of Technology Standards, Infravio
• VP of Marketing, Infravio
• Chair of OASIS SOA Adoption Blueprints
• VP of SOA Product, webMethods
• Chief Java Evangelist, Sun Microsystems
• Software RD at Hotwired
• Limited Partner, Focus Ventures
• Advisor, TogetherSoft, Asia Java Fund, Kendara,
  Dejima
• M.S. in Neuroscience from Yale University (Neural
  Networks research)
• MBA, San Francisco State University

4
Introducing Leonid Felikson

• SOA/Web services evangelist, Technical Analyst
  Lead at Freddie Mac.
• Since 2005 Mr. Felikson represents Freddie Mac in
  WS-I organization.
• 25 years of experience working in IT field from
  application programming to database design and
  development, from systems design and architecture
  to messaging middleware and systems integration
  and management, and lately Web services and SOA.
• He has developed numerous curriculums and taught
  lectures on Java and J2EE, software middleware
  and Web services technologies.
• He holds BS and a Master degree in Computer
  Science.

5
webMethods at a Glance

• Global Business Integration Company
• Improve Business Process Productivity and
  Visibility via B2B, Integration, BPM, BAM and SOA
• 1,400 blue-chip customers 7,000 overall
  customers
• 9 of the Fortune 20 100 of the Fortune 500
• Recognized as a Leader in the Industry (by
  analysts and customers)
• Help companies Increase Revenue, Customer
  Satisfaction, Operational Efficiency and Cut
  Costs
• Headquartered in Fairfax, VA, and has offices
  throughout the United States, Europe, Asia
  Pacific and Japan 850 employees
• Financial Strength
• Approximately 210M in annual revenue
• 150M in the bank
• Cerebra, Infravio Acquisitions
• In FY Q4 2006, 25 year over year revenue growth

6
Two customer projects go live every business day
730 Production Deployment Events in the last year
190
190
185
180
181
174
170
172
169
160
166
164
150
157
140
130
120
110
100
90
80
70
60
50
40
30
20
10
0
SEP 04
SEP 06
DEC 04
MAR 05
JUN 05
SEP 05
DEC 05
MAR 06
JUN 06
7
webMethods Enables SOA Success

• Real Success - 70 of our customers
• use webMethods for SOA

And 1/3 have been getting re-use for over 2 years!
2005 Customer Survey, webMethods
Sony Pictures We are already building
architecture that allows us to join applications
and business processes in a next generation SOA
8
SOA Foundation of an Architecture
Dependent
Interdependent
Management and Control
Independent
Codependent
Agility and Freedom
9

SOA Defined
Service Oriented Architecture is a paradigm for
organizing and utilizing distributed capabilities
that may be under the control of different
ownership domains. It provides a uniform means to
offer, discover, interact with and use
capabilities to produce desired effects
consistent with measurable preconditions and
expectations. OASIS SOA Reference Model
Technical Committee
10
Freddie Mac
11
Provider and Consumer Patterns
12
Core Patterns

• Consumer Patterns
• Service Discovery Pattern
• The Service Consumption Pattern
• Provider Patterns
• Service Registration Pattern
• The Service Provider Pattern
• Governance Patterns
• The Management (run time) Pattern
• The Validation (design time) Pattern
• The Lifecycle (change time) Pattern
• The Federation Pattern

13
Reference Architecture Burton Group
Service mediation systems
Acceleration
Routing
Transform
Security
Other
Service management
14
Consumer Pattern Service Discovery
Service Consumer
15
Consumer Pattern Service Discovery
Service Consumer
Registry
Lookup Request
16
Consumer Pattern Service Discovery
Service Registry
Service Consumer
Service Provider
Discovery
17
Consumer Pattern Consumption
Service Consuming Application
Service Provider
Service Request
18
Consumer Pattern Consumption
Service Consuming Application
Service Provider
Service Request
Service Response
19
Provider Pattern Service Registration
Service Registry
Service Provider
Registration Request
20
Provider Pattern Composition or Orchestration
Service A
Service Consuming Application
Composite Service
Service Request
Service B
Service Response
Composition can be synchronous or asynchronous
21
Governance Patterns
22

SOA Governance Defined
Service Oriented Architecture Governance is the
art and discipline of applying structured
relationships, procedures, and policies to
produce managed outcomes for services consistent
with measurable preconditions and
expectations. Mikos Definition
23
Governance is the key obstacle

• An InfoWorld 2006 SOA Trend Survey indicates that
  Lack of Governance is the main inhibitor for SOA
  adoption (48)
• Infoworld Research

24
Governance is the key obstacle

• Prediction In 2006, lack of working governance
  mechanisms in midsize-to-large (greater than 50
  services) post-pilot SOA projects will be the
  most common reason for project failure (0.8
  probability)..
• Jess Thompson, Research Director, Gartner

25
SOA Governance is Cross-cutting
Corporate Governance
Business Governance
IT Governance
SOA Governance
26
Governance Pattern Management (Run Time)
Service Consuming Application
Service Provider
Service Request
Service Response
Broker
XML Messages enable in flight machine processing
27
Management Pattern (PEP) Can help answer

• What services are deployed? When? Where? Who?
• What consuming applications are utilizing them?
  How often?
• What is the consumer experience when using the
  service?
• How does this service perform overall? For
  particular consumers?
• How are they secured? Any questionable access
  attempts?
• What version or versions are deployed? Which
  consumers use each?
• What service level commitments are in place? How
  are we doing?
• What are the implications of service
  unavailability or deprecation?
• Who can alter each of these policies? Under what
  circumstances?

28
Contracts Pattern
External Customer
Internal Customer
Auditors
Authenticate Engage Contract Access Service
Intermediary
29
Run Time Management Contract Parameters
Portal
Call Center
B2B

• Contract Terms
• Security Terms(e.g. Authentication,
  Authorization, Encryption )
• Operational Terms (e.g. Logging, Monitoring,
  SLA, Alerting, Reporting, Routing)
• Routing Terms(e.g. Load Balancing, Fail-over,
  content based routing)
• Lifecycle Terms (e.g. Versioning, Deprecation
  Rules)
• Business Terms(e.g. Billing and Metering,
  Business Activity Monitoring)
• Data terms(e.g Transformations, Caching)
• Reliable Delivery Terms (e.g. Messaging,
  Transport Protocol, Transactions Integrity)
• Custom Terms(i.e. user defined terms)

30
Policy in the management pattern

• Runtime enforcement will not be homogeneous, plan
  for diverse solutions
• Hardware appliances for XML processing, security
• Application servers and ESBs
• WSM proxies and intermediaries (X-Broker and
  Apache Synapse)
• Network vendors providing application-oriented
  functions
• More to come
• Given this, runtime policy will become fragmented
• Registry presents a common place for policy
  management
• Creation
• Change management
• Approval
• Publishing and deployment
• Reporting

31
Governance Pattern Validation (Design Time)
Registry Repository
Service Provider
Registration Request
Validation
XML Declarations enable registration time
machine validation
32
Validation Pattern

• Primarily focused on controlling the quality of
  SOA asset production
• What design constraints should be enforced?
• Interoperability
• Granularity and Business Orientation
• Namespace
• Schema
• Granularity
• Security
• Some can be automated, some require manual
  approval
• Who approves?
• What scope of publishing/availability?

33
Validation Pattern Best Practices

• Use namespace conventions to enable enterprise
  scale
• Utilize Reg/Rep to maintain dependencies and
  relationships
• Identify stewardship for design governance
  consider enterprise/SOA architect role must
  have teeth
• Create business services and focus reuse and
  design governance efforts
• Think course-grained and reusable, not chatty
• Define interoperability constraints based on IT
  footprint of consumer platform(s)
• Q Where does Registry appear in SDLC given this
  use case?

34
Building the Lifecycle Governance (and
Federation) Patterns
35
Service Lifecycle-CBDi
36
SOA Adoption Challenges

• Heterogeneity
• Security
• Interoperability
• Hoarding
• Lack of Trust
• Externally Imposed Rules
• Loss of Control
• Assigning Blame
• Compromises
• Distribution of Burden
• Distribution of Incentives

37
Interdependent Applications
Interdependent Departments
Reuse Creates Interdependence
Interdependence can destroy agility
Interdependent Companies
How can you change anything when everything is
tied together!?
Enterprise
Contact Center
38
When everything is tied together
Changing IT Systems is slow and error prone!
Policies are not being enforced!
Change Processes are a mess!
Cant See whats happening in my SOA?
Cant Trust Services I dont control!
Cant Manage SOA Policy Enforcement!
Cant Find Services to reuse??
Cant Understand how to use these!
Services dont work together!
39
Governing Change

• Governance of all modifications to SOA elements
  service publishing, consumer on-ramping, service
  versioning, deprecation and endpoint
  modifications
• Questions
• What constraints differ once a service is
  deployed? Utilized?
• Who would be impacted by a change? Do they need
  to be consulted? Under what situations?
• What is the process for on-ramping new consumers?
• Negotiation?
• Provisioning?
• Changes may be to service endpoints only
  provides abstraction of intermediaries and a
  grouping of control.

40
Change-time Best Practices

• Use multi-endpoint service definitions to
  abstract deployment architectures and minimize
  individual endpoint management.
• Streamline consumer on-ramping by defining
  policies for self-service or business-user
  approval. Avoid all coding.
• Use dependency profiles to annotate service
  relationships and detect impact of change

41
SOA Governance Lifecycle
Design Time
Run Time
Change Time
Lifecycle Stage
Organization
Ecosystem Component
Metadata Governance Mechanisms
42
Multiple Groups, Same SOA Data
43
SOA Governance Foundation
44
Lifecycle Governance Pattern
Policy and Metadata Registry Repository
Service A
Service Consuming Application
Composite Service
Service Request
Service B
Service Response
Mediation
Visualization
Lifecycle Governance encompasses Design Time
Validation, Run Time Management and Change Time
45
Infravio X-Registry and X-Broker
Policy Enforcement Event
46
Reference Architecture Burton Group
Service mediation systems
Acceleration
Routing
Transform
Security
Other
Service management
47
Federation Pattern
48
SOAMasterClass.Com