WordPress Websites for Engineers: Elevate Your Brand
Why Soa Governance Is Critical To Cloud Computing David Linthicum 022510
1. Why SOA Governance is Critical to Cloud
Computing
David S. Linthicum
CTO, Bick Group
dlinthicum@bickgroup.com
www.bickgroup.com
2. The Basic Idea
SOA Cloud
Finance/
Operations
Resources
Sales Order
Update
New
Accounts
Commission
Calculation
Data
Cleaning
Sales
3. SOA and Cloud Computing
• One can consider cloud
computing the extension of
SOA
SOA out to cloud-delivered
Shared
Services
resources, such as storage-
as-a-service, data-as-a- Shared
Informa)on
service, platform-as-a-service Shared
Processes
-- you get the idea. Agility
• The trick is to determine which Integra)on
services, information, and Governance
processes are good Cloud
Compu)ng
candidates to reside in the Services
On-‐Demand
Database
On-‐Demand
clouds, as well as which cloud Applica)ons
On-‐Demand
services should be abstracted Pla;orm
On-‐Demand
within the existing or emerging
SOA.
5. However, Not So Fast
• Not all computing
resources should
exist in the clouds.
• Cloud computing is
not always cost
effective.
• Do your homework
before making the
move.
6. When Cloud Computing may be a Fit
• When the processes,
applications, and data are
largely independent.
• When the points of integration
are well defined.
• When a lower level of security
will work just fine.
• When the core internal
enterprise architecture is
healthy.
• When the Web is the desired
platform.
• When cost is an issue.
• When the applications are new.
7. When Cloud Computing may not a
Fit
• When the processes,
applications, and data are
largely coupled.
• When the points of integration
are not well defined.
• When a high level of security is
required.
• When the core internal
enterprise architecture needs
work.
• When the application requires a
native interface.
• When cost is an issue.
• When the application is legacy.
8. Start with the Architecture
Understand:
• Business drivers
• Information under
management
• Existing services
under management
• Core business
processes
• 8
9. Policies in the Context of SOA, and
Thus Cloud Computing
• Who can access the service.
• What they can do to the service.
• How the changes to the service affects other services.
• How changes to the service affect applications.
• How governance works with security.
• How governance links into service testing.
• How governance works with service discovery.
• How governance works with service delivery.
• How to set and maintain appropriate service levels.
• How to manage errors and exceptions.
• How to enable online upgrades and versioning.
• How to perform service validation.
• How to perform auditing and logging.
11. Governance for the Clouds
• The number of services, as well as the complexities
around using those services within the context of cloud
computing, makes service governance even more
compelling, including:
– Location of the services.
– Service dependencies.
– Service monitoring.
– Service security.
12. Security and Governance
• A few things to consider here in terms of security on the
context of governance:
– First, you need to leverage “good enough” security,
meaning that the security solution you look to
implement is proper for the application and
information you’re protecting.
– Second, create your security approach using use
cases and thus look at how security needs to exist at
every level of the system.
13. Governance Technology
• Runtime service governance typically
includes:
– Service discovery.
– Service delivery.
– Service security.
– Setting and maintaining appropriate
service levels.
– Managing errors and exceptions.
– Enabling online upgrades and
versioning.
– Service validation.
– Auditing and logging.
14. Cloud Governance…Dos and Don’ts
• Dos
– Do select a vendor that provides governance features that are more runtime in nature.
Many governance tools focus on design-time features, which are fine, but the runtime
features provide the most value.
– Do look at governance solutions that are well integrated with testing and performance
management tools. Let's face it; SOA and cloud computing are performance problems
waiting to happen.
– Do make sure to do the upfront planning, and place the proper management processes
around the technology.
• Don'ts
– Don't select a governance vendor only because it's part of a suite of software. It should
have value as a stand-alone product, no matter if it's bundled in a suite of software or not.
– Don't rely upon what works within other companies. Your problem domain is unique; the
governance solution will be as well. Trust me.
– Don't forget that you and your governance solution will be together for a long time; thus
consider the quality of the vendor, support, training, and so on. You'll find that the better
vendors provide holistic value, within and beyond the technology.
– Don't marry standards. If there is a fit, great. Don't wait for standards to mature before you
move into governance ... you'll be waiting for a very long time.
16. Implementing Governance
Create
a
Governance
Model
Process Defined
Policies
Model Define Policies
Policy
Designs
Information
Model Design
Policies
Runtime
Governance
Service Implement
Policies
Model
• 16
17. Thanks!
dlinthicum@bickgroup.com
• Blogs:
– InfoWorld
– Intelligent Enterprise
– eBizq.net
• Weekly Podcasts
– Cloud Computing Podcast
• Columns
– SOA World Magazine
– Cloud Computing Journal
• Follow me on Twitter (DavidLinthicum)