With this depth and breadth of content, you can expect a return on investment that no other educational event can offer.
SAP TechEd enables you to leverage the tools you need to be flexible and agile in an ever-changing, competitive marketplace. Come to
SAP TechEd, and get energized, engaged, and empowered!
Event Web site
Register for this event
SHARE in San Jose August 11-13, 2008
Click here to view a print-ready version of this page
SOA Software will have an active presence at SHARE. Please visit us at booth # 226 with your Passport Program, and don’t miss our speaking engagements:
- Integrated SOA Governance Automation Solutions
Speaker: Frank Martinez (SOA Software)
Times: Wednesday 1:30pm, Marriott,Third Floor,Blossom Hill III
- Collaborative Governance: Social Networking and the Enterprise SOA Program
Speaker: Frank Martinez (SOA Software)
Length: 1 hour
Times: Wednesday 4:30pm, Marriott, Third Floor,Blossom Hill III
Event Web site
Register for this event
Webinar - SOA GOV CON - Keys to Business-Critical: SOA Governance
Click here to view a print-ready version of this page
Recorded July 17th, 2008, 12 Noon EST
The Top SOA Governance vendors have agreed to answer the 5 Tough Questions:
- Does SOA Governance help me with both IT and business assets?
- How Can SOA Governance help me comply and define SLAs for business, policy?
- Compare SOA Lifecycle with Software Development Lifecycle. What’s the same? What’s different?
- How do I test updates to existing live SOA services?
- What are the Best Practices for designing & managing long-running transactions?
Attend & Learn:
- SOA Roadmaps for quick, demonstratable ROI
- Design, Test, and Deploy SOA for powerful results
- Streamlined Policy Enforcement
- Time-Saving SOA Troubleshooting
- The SOA 3 Month / 3 Year Rule
- Managing Your SOA
- Critical Rainy Day Strategies
Learn more and register for this event
Washington Mutual
Click here to view a print-ready version of this page
Web site
SOA Software Update - June 2008
Click here to view a print-ready version of this page
Software Architect
Click here to view a print-ready version of this page
Deliver world-class top-notch architecture and design for the SOA infrastructure product modules.
Job Specifications:
- Deliver world-class top-notch quality architecture and design for the product.
- Documenting the architecture and high-level design developed for product.
- Participate in implementation aspects of core of the Service Manager modules being developed in India branch.
- Mentor the remaining engineering team in India in delivering the quality work.
- Explain the architecture and design and rational behind the architecture/design to the remaining engineering team so they can do quality implementation of the design.
- Participate and perform the code reviews of the work done.
- Work closely with US architecture and design team in understanding how the whole of the product works and architecture followed in whole of the product.
Job Requirements:
- Must have experience of architecting and designing either completely and parts of 2 to 3 large enterprise products.
- Must have experience mentoring the technical team.
- Must have extensive (6-9 years of) experience in the area of J2SE (JDBC, Java Threads), J2EE (JMS, JNDI) and XML (JAXP, DOM, SAX, XMLSchema, XPath, XSLT, SOAP, UDDI, WSDL) technologies.
- Must have experience in architecting/designing products involving Oracle and SQL Server database.
- Must be able to design the efficient database schemas. Must be able to write efficient database queries using JDBC.
- Must have experience in the area of Java Security and XML security.
- Must have experience of designing product with distributed components (especially, Web Services)
- Must have developed/deployed some Web Services.
- Must be savvy with respect to specifications in the area of Web Services and XML
- Must have experience in using Configuration management tools, including version management software. Knowledge of SVN is a big plus.
- Must have experience (2-3 projects) of documenting technical architecture and high-level design of the work performed. Must have experience in using modeling tools like Rational, etc…
- Must possess excellent verbal and written communication skills.
- Must have desire to excel, flexibility to work hard and skills and know-how to motivate the team to achieve excellence.
Engineering Manager
Click here to view a print-ready version of this page
Be part of the Engineering division of an Indian subsidiary of a US-based successful company developing state-of the art products in the area of SOA infrastructure.
Job Specifications:
- Manage the Engineering division of SOA Software, India office.
- Decision maker of the equipment to be procured for engineering needs with the help of members of the team.
- Responsible for reviews of the members of engineering department.
- Responsible for day-to-day management of engineering department with the help of Project Manager.
- Responsible for processes to be followed in the engineering department.
- Responsible for all deliveries from India office with respect to development and maintenance aspects of the product.
- Work with QA management and product management to form a release management team.
Job Requirements:
- Must have experience in engineering management role of an enterprise product.
- Must have technical understanding of the enterprise products architecture.
- Must have the experience of various tools used in development of enterprise products with distributed architecture.
- Must have experience in managing engineering teams of at least 15-20 in size.
- Must have good documentation skills to document the processes to be followed in the engineering department.
- Must be willing to and able to be hands-on when needed on the product development and maintenance.
- Must have desire to excel, flexibility to work hard to achieve excellence.
- Must have experience in working with distributed team structure.
- Must possess excellent verbal and written communication skills.
Project Manager
Click here to view a print-ready version of this page
Be part of the Engineering division of an Indian subsidiary of a US-based successful company developing state-of the art products in the area of SOA infrastructure.
Job Specifications:
- Responsible for management of various deliverables from India office.
- Work with leads in development team to find the task list and to estimate for each task to prepare the project plan.
- Track the status on regular basis.
- Manage the risks for deliverables and take the mitigation steps necessary.
- Responsible for achieving the deliveries within the acceptable quality and timelines with the help of development team members.
- Report status on regular basis to Engineering Manager and to US team.
Job Requirements:
- Must have experience in project management of the software product development team.
- Must have managed deliveries involving teams of size 15 to 20 people.
- Must have technical understand of the J2EE enterprise products with distributed architecture.
- Experience in XML, web services and SOA architecture is a big plus.
- Experience in Indian subsidiary of US a company is a big plus.
- Must have interacted with oversees clients (Clients in US is a big plus) for deliveries.
- Must be an expert in Project management concepts. PMP certification is a plus.
- Must be an expert in using Microsoft Project to track the project plans.
- Must have the ability to manage concurrent small projects with overlapping resources.
- Must have desire to excel, flexibility to work hard to achieve excellence.
- Must have experience in working with distributed team structure.
- Must possess excellent verbal and written communication skills.
Consumer Contract Provisioning
Click here to view a print-ready version of this page
The idea of a consumer contract for SOA closely models the idea of a business contract. It defines the terms of a relationship between a consumer, or group of consumers, and a service, or set of services. These terms should include:
- The policies the consumer(s) agree to comply with
- The access rights the service(s) will provide the consumer(s)
- The service levels the provider commits to delivering to the consumer(s)
- Any mediation the provider(s) and consumer(s) agree to and require
The SOA Governance solution has two important roles to play in the contract process:
- Contract negotiation – the Governance solution should provide a workflow model allowing potential consumers to interact with service providers to request and negotiate access to, and specific service levels for, a service or set of services.
- Contract enforcement – the Governance solution should enforce the contract at run-time. It should seamlessly ensure that the provider meets agreed upon service levels, that any required mediations are delivered, that the consumer(s) are complying with required policies and that the access rights and times are enforced and complied with.
SOA Software’s Policy Manager provides a flexible contract negotiation workflow process that allows a potential consumer to request access to a service and negotiate SLAs, policies, and access rights.
Service Manager enforces contracts to ensure that consumers without a contract cannot access a service, and monitor, manage, and report on contract terms, including SLAs, for each consumer.
For more information about SOA Software’s market-leading products, click here.
Compliance Validation
Click here to view a print-ready version of this page
One of the important roles of a governance automation solution is determining an asset’s compliance with defined enterprise policies. For example, an organization might require that a service have a design document, a description, be properly categorized, and have a defined business case before it can be promoted from the design stage to the development stage of the lifecycle. The SOA lifecycle governance automation system provides an easy way to define and manage compliance policies and associate these policies with lifecycle stages, categories, and other taxonomy or folksonomy structures and types.
SOA Software’s Policy Manager provides a powerful compliance policy definition, management, and validation framework. It defines policies as sets of rules, with individual rules capable of processing a static service context in the repository, or dynamically captures message data from Service Manager. Rules are written in XQuery, Java Script, or as Java Classes. Policy Manager provides a set of policies out of the box, including WS-I Basic Profile validation, and publishes the policy language, context, and APIs to partners. Our partners have created a library of “policy packs” for various compliance definition policy sets.
For more information about SOA Software’s market-leading products, click here.
Governance Automation
Click here to view a print-ready version of this page
Enterprise architecture approvals processes for application development typically involve periodic architecture review board meetings that review proposals and designs to make decisions about whether or not to fund particular projects. In many cases these architecture review board meetings happen every 4 to 8 weeks, which is fine for large application development projects, but doesn’t scale to meet the needs of service development processes. Imagine the development process for a service which can take as little as a few days or even hours, being held up for 4-8 weeks at each stage of its lifecycle, because it needed approval at an architecture review board before proceeding. Similarly, imagine an architecture review board reviewing designs and business proposals for hundreds of services rather than the 2 or 3 applications they are used to managing. Clearly the current processes are not agile enough, and do not scale well enough, but you can’t simply remove these processes.
This is where Integrated SOA Governance Automation (ISGA) solutions come in. By implementing the existing governance processes through simple, role-based workflow solutions with integrated policy compliance validation checks, ISGA solutions allow companies to maintain their current levels of control without introducing roadblocks, or causing current processes to stall.
SOA Software’s Repository Manager and Policy Manager products combine to provide a comprehensive Integrated SOA Governance Automation solution. The solution provides:
- Asset lifecycle management processes
- Consumer contract provisioning processes
- Approvals workflow processes
- Continuous compliance and validation
For more information about SOA Software’s market-leading products, click here.
Service Lifecycle Management
Click here to view a print-ready version of this page
Services, like all other development assets and applications have their own lifecycle and as such need to be managed through their lifecycle state transitions. A Service lifecycle generally models a typical SDLC with stages including design, development, test, QA, production, and deprecation. Many organizations will add versioning into the process between production and deprecation, although in reality each new version of a service will have its own lifecycle.
An SOA Governance product must be able to manage the lifecycle stage of a service and should provide a workflow-based process for migrating services between stages. Often this process will closely mirror the original publication process described above. It will include a set of policies that define criteria a service must meet before it can be migrated. It will also in many cases include manual approval steps.
The lifecycle stage of a service should be used to determine who can discover the service in the registry and who can access the service at run-time. It should also define which policy set is used to determine the run-time capabilities and requirements for accessing the service.
In the context of lifecycle management, the act of publishing a service to a registry so that it can be found by a broad audience of interested parties may seem like a simple enough task. In fact, this is one of the most basic, and yet most important functions of an SOA Governance solution.
The essence of governance can be easily captured in the phrase “encouraging desired behavior.” This simple concept provides a backdrop to help understand what a governance solution should be focusing on, and the capabilities it should provide. Essentially it is not enough to merely provide a stick with which to beat developers and architects, we must also provide a carrot to encourage people to participate in governance processes.
With this in mind, we need to think about what is the desired behavior for the participants in an SOA. For many organizations, one of the most important aspects of SOA Governance is the process of ensuring that the services that are published are appropriate. “Appropriate” in this context is another word a little like “desired.” It can mean many things, but the reality is that an “appropriate” service is a service that meets a set of criteria defined by the enterprise, often including the following:
- Is not a duplicate of, or similar to an existing service
- Meets design criteria for transport, operation type, schema, etc
- Is at an appropriate level of business functionality granularity (e.g. a ‘top-down’ design rather than ‘bottoms-up’)
- Is of broad interest and therefore likely to be reused
- Complies with appropriate industry standards and recommendation (e.g. WS-I basic profile)
Some of these criteria can be readily automated like WS-I basic profile compliance, others will likely require manual steps. To this end, before a service can be published it should pass through a workflow process that will verify the automatable criteria before requiring a manual approval step. A well designed SOA Governance solution will manage this workflow as a series of customizable, automatable defined process steps and will allow developers and approvers to see services at appropriate phases of this process.
SOA Software’s Repository Manager and Policy Manager products combine to provide a comprehensive SOA Lifecycle Management solution. They share a common state-machine, and common meta-model providing seamless SOA asset lifecycle management capabilities.
For more information about SOA Software’s market-leading products, click here.
Architecture and Compliance
Click here to view a print-ready version of this page
As enterprises move towards SOA, their enterprise architecture teams take on an increasingly important role. Integrated SOA Governance Automation solutions provide architecture teams with the ability to ensure the efficient execution of their SOA programs.
Service Lifecycle Management
Governance Automation
Compliance Validation
Consumer Contract Provisioning
For more information about SOA Software’s market-leading products, click here.
Simple Service Consumption
Click here to view a print-ready version of this page
As the complexity of service interfaces grows to add security, reliability, and other capabilities needed for business quality services, so does the difficulty of consuming the services. Studies of the cost of building services and consumers in Fortune 500 companies shows that it can cost up to $50k to add security, reliability and monitoring capabilities to a single service, and up to $40 to add the security and reliability capabilities required to consume the service to a consuming application. As service reuse becomes more prevalent, the cost of building consumers can quickly become prohibitive.
This is why SOA Software provides its Delegate to ensure simple service consumption. Using the Delegate, consumer developers can focus on implementing the business logic of their application leaving the complexity of complying with enterprise security policies, reliability models, versioning, transport, and other implementation details to the delegate.
SOA Software’s Delegate is available in many forms, ranging from Java and C# SDKs, through plug-ins for common IDEs and handler sets for common containers. It is part of the design tools for many business process management solutions, allowing the process designer to drag and drop an “SOA service” into their process fully abstracting the process engine from the physical service implementation.
The Delegate abstracts the developer from the complexities of business quality service consumption including:
- Authentication – full support for Basic Auth, SAML, X.509, Kerberos, XML-Signature, HTTPS, and all other common tokens
- Privacy – full support for XML-Encryption in both raw XML and WS-Security forms supporting both encryption and decryption
- Non-repudiation – full support for raw XML and WS-Security compliance XML-Signature and signature verification
- PKI – provides public and private key pair management, CRL checking, certificate management
- Transport – supports http, https, and JMS bindings
- Reliability model – supports WS-Reliability and WS-ReliableMessaging standards as well as native message queuing reliability models
- Endpoint location – provides dynamic binding to service endpoint location, policy, standards, and reliability model
For more information about SOA Software’s market-leading products, click here.
Application and Transaction Management
Click here to view a print-ready version of this page
SOA is used to build real-world business applications, delivering real business value and solving real business problems. Faults and performance problems in a Web service might not appear to be a huge problem, but they may lead to a failure to respond to a customer, a misplaced order, or a failure to invoice or collect on a service or product that has been delivered.
The distributed nature of service-oriented applications makes it difficult to identify and diagnose problems. For example, an unacceptable delay when a customer clicks a button on a commerce site might be caused by a connection timeout in an unrelated database that provides a logging function to a Web service that is indirectly invoked by another application called by the portal.
Application support and operations teams must be alerted to these issues and must be able to identify their root cause, debug, and fix them in near real-time. These teams are often measured against Mean-Time-To-Repair, so seeing problems before they occur, and quickly finding the cause is a critical goal.
SOA Software provides an industry leading Operational Governance solution for monitoring, transaction tracking, SLA management, Quality of Service, Event management, and root case analysis.
Monitoring – Last mile, first-mile and network monitoring of messages to collect real-time performance, usage, fault and message data for any service deployed on any platform. SOA Software’s Service Manager monitors services from the perspective of the consumer to ensure that consumer specific SLA’s and usage criteria are not polluted by traffic from other consumers.
Transaction tracking – Using standards like WS-Addressing, Service Manager can track the path of a transaction across multiple messages between different consumers, services, applications, and platforms. This allows customers to identify root cause for individual transactions as well as to build a map of a whole application and all the consumers and services it is made up of.
Service Level Agreement Management – Service Manager provides comprehensive SLA capabilities with the ability to manage and monitor SLAs for consumer contracts. This unique ability ensures accurate monitoring of services from the perspective of their different consumers – one application might make more complex and larger requests that take an average of 200ms to process, where the average response time for the whole service is only 50ms. In this case, it is essential that the application is monitored from the perspective of the consumer, in order to provide an accurate assessment of service level.
Dynamic Management – Service Manager implements a comprehensive dynamic management model that can automatically adjust the infrastructure to address exceptions and service-level issues. Using the monitoring and SLA management capabilities described above, Service Manager can identify potential problems and can reroute traffic, throttle low-priority requests, or even deploy new service instances to ensure continuous operation of service-oriented applications.
SOA Software’s products are used by Fortune 500 companies to ensure continuous operation of their service-oriented applications providing a state of the art application and transaction management solution.
SOA Software’s Service Manager provides a platform-independent, policy-driven SOA monitoring and management solution to ensure the performance and reliability of services throughout an SOA. It provides SLA management, real-time and historic reporting, alert and event management, transaction tracking, and dynamic management capabilities.
For more information about SOA Software’s market-leading products, click here.
Change Impact Mitigation
Click here to view a print-ready version of this page
A core benefit of service-orientation is the ability to reuse existing assets across multiple applications as service consumers. This reduces the time to develop new applications, increasing agility and reducing cost, but it also increases the potential for change to one application (service provider) to cause many other applications (service consumers) to fail. Development governance change management and consumer contract provisioning solutions will help address this challenge, but in many cases changes will be required so the enterprise must ensure that services consumers are effectively abstracted and protected from these changes.
Virtualization – Service virtualization provides companies with the ability to create virtual services that offer a stable interface (location, transport, standards, policies, messages) even when the physical service changes. Virtualization offers high-availability and load-balancing, performance and SLA monitoring and management, routing, versioning, and mediation capabilities to mitigate the impact of change at the provider on service consumers.
Versioning – Services go through a development lifecycle just like any application, in fact services are often published by an application that has its own lifecycle. As a natural part of this lifecycle applications and services will be versioned, and will often go through significant changes as part of this process. If the only consumers of a service are part of the same application, and as such are versioned at the same time as the service itself, then there is no challenge, however this is not the case with services that are published for general reuse. If a service is used by multiple consumers there a several models available to protect the consumers from changes to the service as part of a versioning process. One model is simply to track all the service consumers through a consumer contract provisioning process and inform them of any upcoming changes. Another model is use a virtualization solution to maintain a virtual service that models the old interface using transformation as necessary to communicate with the new interface. The best practice is to combine these two approaches using the contract model to inform consumers of change and encourage them to adopt new interfaces, while using virtualization to mitigate the impact of changes.
Mediation – As the complexity of service interfaces grow to provide enhanced security and reliability capabilities, the set of consumers capable of consuming the services shrinks. Mediation solutions provide tolerance to ensure that the widest possible set of consumers can consume a service by making sure that the service is tolerant of different message types, policies, transport, and many other variables.
SOA Software’s products are used by Fortune 500 companies to ensure continuous operation of their service-oriented applications leveraging powerful change impact mitigation capabilities.
SOA Software’s Service Manager provides a platform-independent, policy-driven SOA virtualization and mediation solution to ensure that services can be confidently consumed by applications on any platform without risk of change causing outages.
SOA Software’s Policy Manager provides comprehensive consumer contract provisioning capabilities to track service consumers and notify them of versioning events.
One of Service Manager’s core strengths is its mediation capabilities. It offers a range of mediations including:
- Multi-pattern mediation (agent, delegate, proxy, relay, gateway, router, switch, pipe & filter, Policy Enforcement Point)
- Messaging mediation (programming model and synchronicity) - useful when consumers and providers use differing call models. Three types of MEP mediation are configurable; Sync-Async mediation (synchronous consumer wants to access asynchronous WS providers); Async-Sync mediation (asynchronous consumer wants to access synchronous WS providers); Aynch-Async mediation (asynchronous consumer wants to access asynchronous WS providers)
- Reliability mediation – useful when unreliable consumers need to consume reliable services, or when reliable consumers need to consume unreliable services.
- Standards mediation - useful when the consumers use and the providers expect differing WS standards. We handle this mismatch through design time configuration. Several types of syntactic standards mediation are supported: WS-Security, WS-Addressing, WS-Routing, and WS-Reliable Messaging.
- Transport mediation - useful when consumers and providers use differing transport protocols. Common examples of this are SOAP/HTTP consumers who want to call non-soap message driven apps such as POX/JMS
- Asynchronous delivery – required for synchronicity mediation
- Guaranteed delivery – required for reliability mediation
Service Manager can mediate between a wide range of standards, message styles (SOAP, POX, etc), message exchange patterns (REST, SOAP, MOM, etc), transports (http, https, JMS), reliablity models (WS-RM, WS-RX, MOM, etc), security tokens (SAML, Kerberos, X.509, session cookies, etc). Mediation is enabled declaratively through the standalone intermediary based on impedances between inbound messages and the requirements, capabilities, and policies of the destination service.
For more information about SOA Software’s market-leading products, click here.
B2B Service Provisioning
Click here to view a print-ready version of this page
One of the main drivers behind SOA has always been the vision of using Web services to facilitate communication between businesses, and even drive new business models. This is a valuable use for SOA and Web services, and it does present some interesting challenges.
Security – In the early days of Web services, the ability to communicate machine to machine over port 80 to avoid firewall configuration issues was a much touted advantage. The reality, of course, is that sending XML traffic over port 80 introduces a potentially significant security risk. The standards community has created numerous specifications to offset this risk, but with it has added considerable complexity that can take away much of the advantage offered by Web services. The real challenge is to find a way to ensure the security of services leveraging standards like WS-Security and SAML, without making services so difficult to consume that partners and customers choose to go elsewhere. Another obvious risk is that for services to consumable outside the enterprise firewall, they must be accessible through the DMZ. In most cases customers will not, and should not, deploy their application containers into the DMZ, so they need to find a virtualization model that allows them to deploy services in the DMZ that proxy their application services.
Consumer Contract Management – One way to address the challenge of providing easy access to secure services is through a consumer contract provisioning model. Consumer contract provisioning is the process of requesting or offering access to a service through a negotiated contract. For more information on consumer contract provisioning please see contracts.
Identity Federation – In order to grant individuals at partner companies rights to services and business processes within your enterprise, you need to know that these people are authorized by your partner to act on their behalf. One model is for you to maintain a directory of your partner’s employees, and ask you ensure that this directory is up-to-date, although this model is bound to fail. Identity Federation offers a better solution. Through Identity Federation users within partner and customer organizations can authenticate themselves against a server in their own organization and present you with a token validated by their company. In this way you simply need to trust their company, and not the individual in question.
SOA Software’s products are used by Fortune 100 companies to provide comprehensive B2B SOA provisioning capabilities driving new business models and revenue for these companies.
SOA Software’s Service Manager provides a platform-independent, policy-driven SOA security and virtualization solution to ensure that internally published services can be confidently exposed to partners through the DMZ. SOA Software’s products implement all of the latest standards including comprehensive support for WS-Security, XML-Signature, XML-Encryption, SAML, XACML, and many others. For a list of supported standards please click here.
SOA Software’s Policy Manager provides comprehensive consumer contract request, offer, and negotiation processes to facilitate partners requesting access to services, and the enterprise offering partners access to services.
For more information about SOA Software’s market-leading products, click here.
Security
Click here to view a print-ready version of this page
The evolution towards service-oriented architecture as the main application development and integration model for large enterprises promises great rewards in agility and cost saving, but along with these rewards come increased security risks in several areas:
Message Security – Standards-based service interactions are one of the main benefit drivers in SOA. They also introduce increased risk, because a well architected system will have no room for “security by obscurity”. The standards community has made great strides in producing specifications to ensure sender and provider authenticity and authorization, and message privacy and non-repudiation. It is now up to service platform providers and service and consumer developers to take advantage of these standards to ensure the security of their applications and data.
Interface Security – One of the goals of SOA is to create reusable business services. These services are often created by take data or business logic from existing applications and exposing it as a service. This means taking data or logic that was buried within an application and making it accessible, and in this process exposing it to potential threats.
Security Infrastructure – The move towards enterprise SOA involves the deployment of new infrastructure solutions including registry/repository, policy management, and service management, amongst others. Each of these solutions must comply with existing enterprise security policies, or the solutions designed to ensure the security of enterprise applications can themselves become potential attack points.
SOA Software’s Service Manager provides a platform-independent, policy-driven SOA security solution to ensure that all service providers enforce uniform, appropriate policies, that are implemented by all service consumers across all distributed and mainframe platforms throughout the enterprise. It provides fully featured agents to ensure last-mile security, a standalone intermediary for network-based policy enforcement and virtualization, and a client-side delegate for first-mile policy implementation.
Authentication – Service Manager provides comprehensive message, consumer and end user authentication with support for all common token types including Basic Auth, SAML, X.509, Kerberos, XML-Signature, and HTTPS. It provides a security token server for Identity Federation and token exchange, offering a SAML authority as part of this capability.
Authorization – Service Manager offers powerful service authorization capabilities support XACML as well as native integrations with most common enterprise security policy management solutions.
Privacy – Service Manager has full support for XML-Encryption in both raw XML and WS-Security forms supporting both encryption and decryption to ensure the privacy of messages.
Non-repudiation – Service Manager offers full support for raw XML and WS-Security compliance XML-Signature and signature verification to ensure message authenticity and non-repudiation.
PKI – Policy Manager provides comprehensive public and private key pair management, CRL checking, and certificate management.
SOA Software’s products implement all of the latest standards including comprehensive support for WS-Security, XML-Signature, XML-Encryption, SAML, XACML, and many others. For a list of supported standards please click here.
Service Manager integrates seamlessly with most common enterprise security solutions to maximize investment in existing systems and ensure consistent application of existing enterprise security policies. It supports:
- Identity and Access Management Systems – Service Manager integrates with most common IDM solutions to federate their authentication and authorization policies and processes throughout an SOA.
- Enterprise Directories – Service Manager integrates with common enterprise directories including Microsoft Active Directory and other LDAPv3 compliant solutions. It acts as a security token and policy server, delegating authentication decisions to the directories and using existing group memberships to drive role-based authorization decisions.
- Security Appliances – Service Manager can provide policies for services security by common appliances (such as IBM DataPower) and monitor service usage and performance for these services.
- PKI – Service Manager provides its own built-in PKI solution with a fully featured Certificate Authority. It also integrates with existing PKI solutions providing key distribution and verification.
For more information about SOA Software’s market-leading products, click here.
Operations
Click here to view a print-ready version of this page
SOA presents a unique set of challenges to operations and security teams. We provide some examples of the challenges and solutions for many Fortune 500 corporations as they move towards SOA.
Security
B2B Service Provisioning
Application and Transaction Management
Change impact mitigation
Simple service consumption
For more information about SOA Software’s market-leading products, click here.
Extensible Asset Management
Click here to view a print-ready version of this page
The breadth and scope of an enterprise SOA initiative can be quite daunting to a typical IT organization. New technical standards (and tools to support development against those standards), increased need for integration and regression testing to ensure stability and cross-version compatibility of deployed services, strong emphasis on proper separation of concerns (e.g., separating functional aspects from presentation aspects during analysis to eliminate blurred implementations, avoiding reimplementation of fragile existing application functionality and algorithms in decoupled services that are meant to support multiple application/composition needs), and simply the introduction of a new way of architecting and developing enterprise software forces organizations to take a much broader look at the SDAs they need to govern and disseminate.
Support for Knowledge and Executable Assets – Once an SOA initiative expands beyond the pilot stage, IT organizations need to quickly and effectively disseminate the core architectural and development principles and guidelines to the broader IT community. These knowledge assets – patterns, best practices, reference implementations – must be treated as peers alongside the executable assets – services, components, schemas – that make up an organization’s SOA. Repository Manager comes preloaded with Sun’s Core J2EE Patterns and Microsoft’s Enterprise Solution Patterns, and organizations can easily augment these knowledge assets with their own SOA guidance. This knowledge framework is delivered to the developer’s fingertips via Repository Manager’s deep IDE integration, thereby greatly increasing the likelihood of developer success as the enterprise’s SOA initiative expands in size and scope.
Incremental content enforcement based on SDLC governance stage – As a service or other SDA progresses through its SDLC, the number and scope of work products naturally increase. At its initial definition phase, a service may be little more than descriptive documentation specifying the required functionality at a high level. Use cases, design models, test plans, test results, defect lists, usage guides and many other work products accumulate as this service progresses towards staging and production deployment. Repository Manager enforces the presence of designated content at each defined governance stage, and validates that content against compliance policies through its integration with Policy Manager.
For more information about SOA Software’s market-leading products, click here.
Change Management
Click here to view a print-ready version of this page
Within a loosely-coupled architecture such as SOA, change management takes on a two-dimensional perspective: both changes as a specific version of a service or other SDA progresses through its SDLC and changes across versions of a service must be effectively managed and governed. Most enterprise IT organizations are well versed in version-specific change and release management, but have considerably less experience in dealing with cross-version compatibility, deprecation, and staging issues that arise within an SOA initiative. The loosely-coupled nature of SOA demands additional stringency within the SDLC process as well; services must not only be correct (i.e., they function as expected) but also complete (i.e., they are discoverable, understandable, and stable from the consumption perspective).
Smart Controls™ governance automation – To be effective, SOA governance processes must incorporate as much automated compliance validation as possible while preserving ultimate decision-making authority for key role-based stakeholders in the IT organization. Governance processes must also vary by asset type (components require different validations than services, for instance), and different groups within the organization may require different levels of governance stringency. Smart Controls supports these variables through its patented event-driven governance engine. Governance processes are configured through an Eclipse-based graphical designer supporting swim-lane style process flow definitions with drag-and-drop task specifications, making it easy to specify and understand complex and demanding enterprise governance needs.
AnySource™ Federation – Click here for details on Repository Manager’s AnySource federation toolkit.
Compliance policy validation via Policy Manager™ – Development compliance policy enforcement can be an onerous task for architects and other governance stakeholders in the IT organization. Validating service interface compliance against WS-I Basic Profile, ensuring that source code conforms to style guidelines for readability and maintainability, and many other necessary policies can become overwhelming if manual validation is the only option available. Policy Manager’s flexible policy validation engine, supporting XPath, XQuery, Java, and script-based policy definitions, coupled with Repository Manager’s ability to automatically invoke Policy Manager at defined development governance checkpoints, automates this painful task, ensuring consistency and completeness for all SDAs flowing through the development governance process.
For more information about SOA Software’s market-leading products, click here.
Impact Analysis
Click here to view a print-ready version of this page
As an organization’s SOA matures, increasing numbers of services along with applications and other SOA compositions dependent upon those services are deployed into mission-critical operational environments. Understanding end-to-end dependencies – application to service, service to schema, service to component, component to mainframe adapter to name a few – becomes crucial to ensuring stability of an organization’s SOA-based deployments.
Asset Relationship Visualization™ – As SOA-based applications and other compositions proliferate throughout the enterprise over the course of a successful SOA initiative, it becomes increasingly difficult to understand the impact of a change to any one part of the SOA deployment. Asset Relationship Visualization gives architects and other key SOA stakeholders a dynamically-generated visual view into such dependencies. Through its drag-and-drop Eclipse-based user interface, this Repository Manager option dynamically generates a dependency graph for any SDA based on asset and relationship type filtering rules configurable by the end user.
Strongly Typed Asset-to-Asset Relationships – Semantic understanding of dependencies in turn depends upon a clear understanding of the effect of those dependencies. Repository Manager’s patented dynamic SDA template infrastructure allows IT organizations to precisely define relationship types of interest and to establish validation rules that restrict establishment of such relationships to only assets meeting the semantic requirements specified by those types. For example, an “imports” relationship from a service may be restricted to schemas only, while a “consumes” relationship may allow components, mainframe adapters, and read-only data views to be bound to that same service.
For more information about SOA Software’s market-leading products, click here.
Metadata Federation
Click here to view a print-ready version of this page
For enterprises to fully understand and effectively govern their SOA environment, they must have a complete and coherent view of the services and other SDAs touched by their SOA initiative as well as the policies and processes that guide consistent development of SOA elements. This end-to-end view must incorporate and coordinate relevant content not only from service development and deployment activities but also from service planning efforts (e.g., proposed services and their traceability to existing system capabilities) and from existing service capabilities (perhaps sourced from packaged applications and third parties).
Organizations also need to deal with the added complexities introduced through extensive offshoring/outsourcing relationships. While these relationships clearly provide value to the enterprise in terms of both cost and flexibility, if not managed properly they can lead to provider lock-in at best and development disasters at worst. Maintaining visibility and scope of control over arms-length development activities is key to deriving the most value from those relationships.
End-to-end integrated service metamodel and governance process model – Repository Manager, Policy Manager and Service Manager provide a complete
