Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Addressing Systemic Complexity with SOA and Cloud Tony Shan SOA Architect

advertisement 
Addressing Systemic Complexity with SOA and Cloud
Tony Shan
SOA Architect
Blue Mountain Labs
Tony.Shan@live.com
July 15, 2011
SOA & Cloud
Contents at a Glance
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Introduction
What is SOA
What is Cloud
Why Combination
Barriers to Successful SOA
Barriers to Successful Cloud
Reality Check
State of Art of Complexity Management
Need Pragmatic Method
Increasing Disparate Representations
Increasing Dynamics
Increasing Fragmented Activities on Specifications
Increasing Components
Best Practices
Wrap-up
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
2
Introduction
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
3
Concept of SOA
The Open Group
OASIS
• Service-Oriented Architecture
(SOA) is an architectural style
that supports service
orientation, which is a way of
thinking in terms of services and
service-based development and
the outcomes of services.
• SOA is a paradigm for organizing
and utilizing distributed
capabilities that may be under
the control of different
ownership domains. It provides
a uniform means to offer,
discover, interact with and use
capabilities to produce desired
effects consistent with
measurable preconditions and
expectations.
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
4
Definition of Cloud Computing
Cloud Computing is a model for enabling convenient, on-demand network access to a shared
pool of configurable computing resources (e.g., networks, servers, storage, applications,
and services) that can be rapidly provisioned and released with minimal management
effort or service provider interaction. This cloud model promotes availability and is
composed of five essential characteristics, three service models, and four deployment
models.
-- NIST Definition, V15
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
5
Why SOA+Cloud Combined?
SOA
Cloud
• Service Orientation
• Mostly software-intensive
• Application integration
• Service reuse via shared
services
• Predominantly used
within the enterprise
• XaaS
• Mainly hardware-focused
• Resource provisioning
• Infrastructure pooling and
outsourcing
• New business model for
service delivery and
consumption
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
6
Barriers to Successful SOA
Initiatives solely led
and driven by techies
Home-grown reference
models
Product lock-in with no
or limited
interoperability
Insufficient semantics
in service composition
Ad-hoc governance
(dictatorship or
anarchy)
Inability to quantify
ROI/TCO and
improper-sizing
Disconnection between
traditional education
and real-world SOA
implementation needs
Gap between logical
architecture and
infrastructure
Project-centric
execution without
reuse/sharing
disciplines
Absence of holistic
roadmaps with
specificity
Lack of well-defined
service models
(business and
technical)
Immature
specifications and
standardization
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
7
Top 10 Cloud Adoption Inhibitors
Risk-Testing
•How is the cloud
computing vendor
managing risk?
Vendor Viability
•What will happen if
the cloud computing
vendor goes out of
business?
Data Location
Data and Code
Portability
•Where is the data
being stored? Incountry or out of the
country? What
restrictions and laws
are placed upon the
data dependent on
location of stored
data?
•Once the data has
been put onto the
cloud computing
system, how difficult
will it be to get the
data back out?
Performance
ROI
•How can SLA
guarantee
performance?
•Does operational
expense always
trump capital
expense, at least in
technology
investment?
Data Loss
•Does the cloud
computing system
back-up and restore
data?
Security
•What are the
vulnerabilities in the
Cloud architecture?
Data Privacy
•Does the data
become more
vulnerable when it is
located on an
external cloud
computing system?
Control
•How can a cloud
provider be trusted
that they care about
your IT processing as
much as you do?
Source: Adapted and extended from Gartner and InformationWeek reports in 2009 and 2010.
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
8
What these lead to…
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
Page 1 of 2
9
How to Effectively Deal with
Complexity?
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
10
State of Art
Source: Wikipedia
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
11
In Search for a Pragmatic Approach
We can't solve problems by
using the same kind of
thinking we used when we
created them. [Albert Einstein]
Conquering Complexity – one of five
“deliberately monumental" research
challenges, each requiring "at least
Tomorrow’s computing systems
cannot be built using methods of
today. [Computing Research
Association (CRA) report]
Addressing Systemic Complexity
a
decade of concentrated research in
order to make substantive progress”.
[“Grand IT Research Challenges” report
supported by NSF]
© 2011 Tony Shan. Proprietary and Confidential.
12
Increasing Disparate Representations
13
Semantic Notations
Source: The “Physics” of Notations
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
14
Increasing Dynamics
SaaS
SIP
MTOM
COBIT
CMM
PaaS ITIL
IaaS
REST
POX
Addressing Systemic Complexity
DSL
AJAX
SCA
XOP
XPATH
WOA
© 2011 Tony Shan. Proprietary and Confidential.
15
Addressing Systemic Complexity
LAMP
OpenSSL
WEBM Services
EL
BP
SW
is
Ax
r
De
jU
,
ST
RE
ix
M
by
p
O
ul
C
en
M
I
DD
e
a
Aj
e
M
bX
L
x
o
Dr
g
Su
ol
e
tiv
Ac
S
ra
M
CR
g
Re
ry
ist
s
Sw
Q
pe
O
M
M
on
u
tR
ee
dr
Ja
A
SC
le
M
nJ
ia
n
s
pe
O
E
W
Business Process Layer
O
SD
Composite Services Layer
E
BR
Nx
Services & Components Layer
S
n
B
ES
ek
W
a
© 2011 Tony Shan. Proprietary and Confidential.
Modeling & Development Tools
rk
CVS, Subversion,
Bugzilla, FxCop
a
Sh
Ant, Maven
e
Eclipse, Netbeans
Access & Interaction Layer
Crosscutting Aspects & Patterns
ng
JUnit, NUnit, Cruise
Control
Java EE patterns
eg
Ac
GoF design patterns
p
O
a
ch
-X
en
S
CA
Microsoft
Application Blocks
PM
jB
le
Ya
Microsoft Enterprise
Library
O
SS
JO
DWR, Echo2,
JSON-RPC, Dojo
y
Application & Service Frameworks
L
PE
eB
ra
Keel Spring
Grid Engine, Globus
Enhydra Oyster
JMX/SNMP
Reference Model of Solutions Architecture for N-Tier Applications
ArgoUML, StarUML
M
ice
rv
fe
Li
AspectJ, Spring,
JBoss AOP
Se
d
RIFE, Seam
Xen
OpenSAML
DMTF CIM
tiv
Ac
ee
JSF, Tapestry,
Wicket
Hosting Environment
Tomcat
Security
Jacksum
Operational Management
XMOJO
p
ts
Je
WebWork, Struts,
Beehive
JBoss App Server
OpenSSH
Nagios
Service-Oriented Design Accelerator
Designed by Tony Shan
i
Integration/Communications Layer
Enterprise Resources Layer
16
Increasing Fragmented
Activities on Specifications
WS-MEX
WS-Security
WS-Transfer
WS-Addressing
WS-Attachments
WS-Enumeration
WS-Policy
WS-CDL
WS-Coordination
WS-Resource
WS-SecureConversation
Addressing Systemic Complexity
WS-AtomicTransaction
WS-PolicyAttachment
WS-Trust
WS-BusinessActivity
WS-Federation
WS-TX
WS-RX
WS-Discovery
WS-Eventing
WS-Notification
WS-ReliableMessaging
WSRF
© 2011 Tony Shan. Proprietary and Confidential.
WS-SX
WS-Topics
WSE
17
Stack of Standards
Management
WS-Policy
WS-PolicyAttachment
WS-SecurityPolicy
WS-Manageability
WS-Management
WSDM
WS-Provisioning
WSDM
Presentation
Security
WS-Security
WSSecureConversation
WS-Federation
SAML
Liberty Alliance IDFF
WS-Trust
XKMS
XACML
XrML
EPAL
Interoperability
WSRP
XUL
XAML
XBL
XForms
MXML
Ajax
WS-Choreography
BPMN
BPDM
BPML/BPQL
XPDL
WSCI
CDL4WS
BMM
UML
OAGIS
WS-I Basic Profile
WS-I Basic Security
Profile
WS-I Reliable Secure
Profile
Governance
Interoperability
Framework (GIF)
Reusable Asset
Specification (RAS)
DMTF CIM
Process
Transaction
WS-Coordination
WS-Business Activity
WS-Atomic Transaction
WS-Context
WS-CF
WS-TXM
WS-TX
Resources
WSRF
WSRFResourceProperties
WSRFResourceLifetime
WSRF-ServiceGroup
WSRF-BasicFaults
WS-Transfer
RRSHB
WS-Enumeration
Composition/Orchestration/Construction
BPEL
WS-CAF
WSE
WCF
JAX-WS
SAAJ
SCA
Axis
SOAP
REST
JSON
SwA
WS-I Attachment Profile
XML Security: XML Encryption, XML Signature
Semantics
RDF
WSDL-S
SA-WSDL, SA-REST
OWL-S, RDF/S
SWSO, WSMO
SWSL, WSML
SOA-S, FEARMO,
ODM
Messaging
Foundation XML Processing
DOM
SAX
XPath
XSLT
XQuery
QoS
Description
.Net XML
Serialization
JAXB
SDO
StAX
Addressing Systemic Complexity
XML
XML Schema
WSDL
XML Info Set
XOP/MTOM
Discovery
SML
DMCBX
RELAX NG
Schematron
Assertion Lang
OWL
WS-Discovery
WSMetadataExchange
WSReliableMessenging
WS-Reliability
WS-RX
Communications and Events
UDDI
ebXML
SwSA
Transport: SSL/
TLS
Network: IPSec
BEEP
HTTP/IIOP/MQ
WS-Eventing
WS-Notification
WS-Addressing
© 2011 Tony Shan. Proprietary and Confidential.
18
Mapping SOA Reference Architecture
to the Enterprise SOA Maturity Model
Traditional
Development
Develop Web
Applications
Composite
Applications
Automate
BP
Enterprise Services: Basic services required across the
enterprise. Examples: Directory Service, Content Management,
Search, eMail, Calendar, IM, Discussion Forum, White Board, etc.
Packaged Applications: These are the best of the breed
packaged application that also act as the system of record for
a particular business function.
Custom Applications: These are either built on an
App Server, Portal or proprietary thick client.
Application Framework required to leverage reuse.
Examples: Logging, Exception handling, data services,
application configuration, monitoring, search framework,
notification framework, service proxy, Single Sign-On
Enterprise Portal: Role based portal that
is available 24x7. Provides single point of
entry for all users, multi-channel support,
consistent look and feel, access to business
capabilities based on role.
Increasing Components
Enterprise Service Bus: Route services to the appropriate
destination; receive and transmit messages in any protocol, provide
message transformation, routing, validation, auditing, security,
monitoring and reporting services.
Business Process
Manager: Configure
Shared Data
Services: Extract,
and automate business
process. Provide
business users the
capability to modify the
business process &
policies.
Transform & Load (ETL),
Electronic Data
Interchange (EDI),
Enterprise Information
Integration Data Quality
(Matching Engine, Master
Data Management)
Service Registry:
Service registry
containing service
properties such as
service capabilities,
parameters, service
levels, etc.
Enterprise Application
Integration: Traditional
enterprise integration approach.
Provide Application Adapters,
Business Process, Messaging,
Security, etc. capabilities. Mostly
proprietary in nature and
application integration generally
implemented as a point-to-point
integration on a Hub..
Service Manager:
Manage service
lifecycle across the
enterprise.
Business Service
Management: Monitoring,
capacity planning, utility
computing
Enterprise Security: Provide
user authentication,
authorization, identify
management, profile
management, delegated admin,
etc.
Source: SOA Practitioners’ Guide
Mainframe Application :
Access data via gateways
Legacy Application: Applications that do not have open APIs & are not web based
19
Cloudonomic Paradigm
Federated Composite Cloud Fabric
Aggregate
Mashup
Bundle
Cloud Service Factory
Plan
Define
Model
Implement
Deploy
Service Integration & Management Platform and Lifecycle Engineering
Biz
Support
Operation
Support
•Customer
Mgmt
•Partner
Mgmt
•Revenue
Mgmt
•Billing
Mgmt
•Incident
Mgmt
•Change
Mgmt
•Config
Mgmt
•SLA Mgmt
Channel
Device
Interaction
Onboard
Catalog
Enablement
UI
Process
Security
Virtual Hosting
Repository
Runtime
User exp
Provision
Participate
Reports
Data
Service
Metering
Monitor
Dev
Support
•Collaborati
on
•Asset
Mgmt
•Build Mgmt
•Test Mgmt
•Release
Mgmt
Provider
Support
•Product
Mgmt
•Inventory
Mgmt
•Capacity
Mgmt
•Resource
Manager
Cloud Computing Foundation
Principles
Methodology
Process
Addressing Systemic Complexity
Techniques
Tools
Patterns
Policy
Standards
© 2011 Tony Shan. Proprietary and Confidential.
Practices
Maturity
20
Best Practices
Hybrid
Practicality
Attitude
Addressing Systemic Complexity
Program
© 2011 Tony Shan. Proprietary and Confidential.
21
Case Study of Healthcare Vertical
Addressing Systemic Complexity
© 2011 Tony Shan. Proprietary and Confidential.
22
Contact: Tony Shan
Email: Tony.Shan@BlueMountainLabs.com
Web: http://www.BlueMountainLabs.com
© 2006-2011 Tony Shan. All rights reserved.
Duplication, reproduction or disclosure of
the contents in this document is prohibited
without prior written permission of the
author.
Hindi
Thai
Traditional Chinese
Russian
Simplified Chinese
Thank You
Obrigado
Brazilian Portuguese
Arabic
Grazie
Italian
Danke
German
Multumesc Merci
Romanian
Addressing Systemic Complexity
Japanese
French
Korean
Gracias
© 2011 Tony Shan. Proprietary and Confidential.
Spanish
23
Related documents
Computer Science Revision Mind Map
Computer Science Revision Mind Map
Social - ExactTarget
Social - ExactTarget
Disclosure and Confidentiality Agreement for Staff and Board
Disclosure and Confidentiality Agreement for Staff and Board
9 CELEBRATION & HOLIdAy QUOTES
9 CELEBRATION & HOLIdAy QUOTES
Proprietary Information And Confidentiality Policy
Proprietary Information And Confidentiality Policy
Anthony Harmon Role: Firm Responsibilities: Director, Tax
Anthony Harmon Role: Firm Responsibilities: Director, Tax
the AI
the AI
Download
advertisement