Comments
By Aditya Banerjee
Marvin Castro wrote: Hi, I'm really interested in Google Wave. I find it useful for a plethora of things. I would appreciate an invite, and I will surely return the favor by inviting others. chaoswotaku[at]gmail[dot]com
Nov. 29, 2009 07:24 AM EST
Cloud Expo on Google News
Did you read today's front page stories & breaking news?

SYS-CON.TV: SOA Power Panel Live From Times Square

SYS-CON.TV

2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Service-Oriented Architecture
The Well-Spoken SOA - How Well Is Your SOA Running?
Understanding the elements of an SOA in the context of management, security, governance, and the power of words

By: Paul Lipton
Sep. 1, 2005 05:15 PM

SOA management and security systems can add value to governance systems by providing relevant historical information about service levels, security, quality of service, and fault detection to the governance system. Since governance systems are about development artifacts, this allows developers to understand the long-term performance and reliability of their artifacts. In short, they can more easily ask questions such as which of my services is actually managed, which has the slowest response time, which has had the most security violations, or which matches certain service-level requirements that I need.

From the architecture perspective, the SOA management and security solution provides a centralized repository and mechanism for defining management and security policy for the entire SOA, across all service platforms. Governance platforms may potentially refer to and track changes to these management and security policies, which would be particularly useful to enterprise architects and designers already using these governance tools on a daily basis. However these policies still need to be stored and optimized for the use of the SOA management and security systems that are managing the environment in real time. Therefore, these policies will be most often stored within the management system's own repository. Similarly, because the SOA does not exist in isolation from other enterprise entities, these policies should be considered specialized cases of more general enterprise policies that already secure and manage the entire enterprise through existing enterprise systems.

Governance solutions, particularly UDDI-based repositories, can help management and security systems discover new or changed services, but there is nothing actually forcing service providers to publish WSDL descriptions of their services in a registry, so management and security systems must also be able to discover services based on message traffic, as well. Over time, management and security solutions will increasingly leverage information about development artifact changes provided by governance products in order to more effectively monitor the impact of these life-cycle events on the performance and reliability of the SOA at runtime.

Conclusion
Henry David Thoreau once said that "If you have built castles in the air, your work needs not be lost; that is where they should be. Now put the foundations under them." Similarly, many IT people have been focused on building their castles in the air by creating the beginnings of an SOA through the creation of carefully designed, loosely coupled services, often deployed on multiple service platforms. Many are starting to consider the role of dynamic service discovery through a registry, as well. This is all fine. But, as Thoreau said, now is the time to make sure you don't lose those castles. Be sure to build the needed foundations with effective SOA management and security. Even better, if you really don't want those castles to fall, make your foundations deep and strong by carefully considering the relationship and level of integration between your SOA management and security solution and the rest of your enterprise management and security systems. When you have a plan for complete, end-to-end management, and security covering every important aspect of your business processes and every supporting IT system, then your service-oriented castles are truly reliable, safe, and ready to add value to your business.

Published Sep. 1, 2005— Reads 26,282 — Feedback 2
Copyright © 2005 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
Related Stories
▪ Distributing Excellence: SOA Web Services
▪ Eight Things SOA Is Not; What Not To Do In Your Next SOA Web Services Rollout
▪ StrikeIron OnDemand SOA Web Services for Microsoft Excel
▪ Phasing in SOA and Web Services
▪ SOA Web Services XML: Why WSDM Matters
▪ Designing SOA Web Services Services for Performance
▪ JetBlue To Expose .NET Web Services Using SOA Software's Service Manager
▪ Paths to SOA
▪ SOA + EDA = Open Source ESB: ServiceMix(*)
▪ JetBlue to Soar with SOA
▪ SOA Software XML VPN Receives IBM Tivoli Validation
▪ webMethods Extends SOA to Mainframe
▪ SOA and Its Impact on EAI and On-Demand
▪ IDC Says SOA Is Going Mainstream
▪ Ten Things to Think About When Building the Perfect SOA
▪ IBM Is The Leading SOA Web Services Market Maker Says New Report
▪ Leading SOA Vendors Announce "Synapse" Project to Develop Web Service Mediation Framework
About Paul Lipton
Paul Lipton is an Advisor and Senior Architect in CA, Inc. where he leads the CA Industry Standards and Open Source Program in the Office of the CTO. Paul has been an architect and developer of enterprise systems for over 20 years. He serves on the Board of Directors of the DMTF and the Eclipse Foundation, and has participated in many other industry organizations such as OASIS and the W3C. Paul is a founding member of the CA Council for Technical Excellence where he chairs the Emerging Technology Committee and also leads a project focused on leveraging Web 2.0 to improve research collaboration. He is also a Microsoft Most Valuable Professional and a Sun Java Champion. Paul is a highly sought-after author and speaker, and has shared his knowledge with appreciative audiences around the world covering topics such as industry standards, SOA, open source, technical innovation, enterprise architecture, social computing, virtualization, Web services, management/security, governance, autonomic computing, Web 2.0, and many other emerging technologies.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

No, UDDI is not fated for the dustbin of history, but neither is it the only way to share or distribute policy information. The notion that UDDI must the the center of the universe and holder of all policy is equally absurd. It simply won't happen for practical and historical reasons. Policy will be distributed all over the place; in legacy, identity management, and operations management policy repositories, to name a few. Each of these repositories is optimized to support certain types of policy best at runtime (where it counts). We had best learn to live with that and plan for it.

The Well-Spoken SOA Web Services - How Well Is Your SOA Running? The American comedian and actor Steven Wright once said, 'It doesn't make a difference what temperature a room is, it's always room temperature.' Words are wonderful that way. They can give you a little blast of pleasure when used cleverly, but like everything else they are subject to fashion. For example, I was speaking at a technical conference recently when I overheard a person whom I know, who is well-respected in this field, say something along these lines: 'You have to know how well your SOA is running. Knowing the overall health and responsiveness of your SOA is very important. You've got to get a handle on your governance.' The goal was laudable, but the wording was off target.


Your Feedback
Paul Lipton wrote: No, UDDI is not fated for the dustbin of history, but neither is it the only way to share or distribute policy information. The notion that UDDI must the the center of the universe and holder of all policy is equally absurd. It simply won't happen for practical and historical reasons. Policy will be distributed all over the place; in legacy, identity management, and operations management policy repositories, to name a few. Each of these repositories is optimized to support certain types of policy best at runtime (where it counts). We had best learn to live with that and plan for it.
SOA Web Services Journal wrote: The Well-Spoken SOA Web Services - How Well Is Your SOA Running? The American comedian and actor Steven Wright once said, 'It doesn't make a difference what temperature a room is, it's always room temperature.' Words are wonderful that way. They can give you a little blast of pleasure when used cleverly, but like everything else they are subject to fashion. For example, I was speaking at a technical conference recently when I overheard a person whom I know, who is well-respected in this field, say something along these lines: 'You have to know how well your SOA is running. Knowing the overall health and responsiveness of your SOA is very important. You've got to get a handle on your governance.' The goal was laudable, but the wording was off target.
Latest Cloud Developer Stories
By Pat Romanski
CloudBench Applications, Inc. announced its financial results for the three months and nine months ending September 30, 2009. All amounts are stated in Canadian dollars unless otherwise noted. Revenues from BasicGov, the Company's cloud computing solution for local government, gr...
By Yeshim Deniz
The new contract is an industry first, with CSC being the first Microsoft partner to lead and win a cloud computing services agreement of this scale. Under terms of the contract, CSC will provide Royal Mail Group's 30,000 employees with access to new IT services using Microsoft's...
By John Funnell
Operates in over 170 countries and is one of the world’s leading providers of communications solutions and services. Richard Tarboton talks for MeettheBoss.TV on his role as Head of Energy & Carbon for BT and what they are doing towards reducing carbon emissions.
By Maureen O'Gara
CA is going to put its Agile Planner software on salesforce.com’s Force.com platform in the first half to accelerate development time and give users visibility over their development initiatives to reduce time-to-market. Customers are supposed to be able to accelerate the deploym...
By Maureen O'Gara
Despite its uncertain fate Sun soldiers on. Monday it trotted out a cloud-based multiplatform desktop as a service for K-12 and community colleges that can run Windows, the Mac OS, Linux and Solaris applications to nearly any client device, including its own Sun Ray thin clients....
MORE »
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

SYS-CON Featured Whitepapers
Most Read This Week
By Kevin Hoffman
By Cloud News Desk
By Jeremy Geelan
By Kevin Jackson
By Al Mannarino
By Fuat Kircaali
By Jeremy Geelan
By Carmen Gonzalez
By Ernest de Leon
By Dustin Amrhein
By Cloud News Desk
By Aditya Banerjee
ADS BY GOOGLE

Breaking Cloud Computing News
CloudBench Applications, Inc. announced its financial results for the three months and nine months e...
Nov. 27, 2009 05:15 PM EST
MORE »