Governance Working Group Dennis Smith, SEI John Fakll, IBM Hard Problems in SOA Workshop January 30, 2008 © 2008 Carnegie Mellon University Main Issues Identified • Governance Metamodel • Ecosystem governance Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 1 Hard Problems in SOA Workshop January 30, 2008 2 [Governance Metamodel] - Rationale • Need for overarching governance model • Ensure consistency • Provide starting point for individual organizational tailoring Hard Problems in SOA January 30, 2008 3 © 2008 Carnegie Mellon University [Governance Metamodel] – Current Efforts • Governance models as starting point • IBM, AgilePath, HP Systinet Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 2 Hard Problems in SOA Workshop January 30, 2008 4 [Governance Metamodel] – Challenges and Gaps • Business processes, events and policies for governance • Definition of knowledge rules and event rules • Value rules (link from policy to rules) • Include responsibility for evolution and incorporation of new policies and problems • Business process ontology • Service reuse and measurement • Identification of best practices • Metadata for governance of services within the lifecycle (lifecycle governance) Hard Problems in SOA January 30, 2008 5 © 2008 Carnegie Mellon University [Governance Metamodel] – Challenges and Gaps • Metadata of industry based services needs (eg HIPAA) • Operational governance (industry specific services) • Domain independent governance model • Need for tailoring by organization Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 3 Hard Problems in SOA Workshop January 30, 2008 6 [Governance Metamodel] – Ideas to Address Challenges and Gaps • Comprehensive framework for modeling governance • Identify facets that are important • Policy, dependencies and impact on business • Domain specific ontology • Rules repository/ engine • Service repository and how it is governed • Value and risk modeling • Customization by domain and organization Hard Problems in SOA January 30, 2008 7 © 2008 Carnegie Mellon University [Ecosystem Governance] - Rationale • SOA has led to a world that encompasses much broader governance structures than a single organization Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 4 Hard Problems in SOA Workshop January 30, 2008 8 [Ecosystem Governance] – Current Efforts • Coop-tion between competitors to provide common value • Multi-domain arbitration governance model • E.g., web service standards Hard Problems in SOA January 30, 2008 9 © 2008 Carnegie Mellon University [Ecosystem Governance] Minimalist SOA Governance Lean case of ecosystem • When you have control over organizations and environment • Precise data definitions and service definitions • Assign data/service institutional responsibility • Technical interface standards Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 5 Hard Problems in SOA Workshop January 30, 2008 10 [Ecosystem Governance] – Challenges and Gaps Issues: • Certification • Top down approach • Bottom-up – self organizing (ebay) • Federated risks and sustainability problems • Cell phone – lack of network; • Health care or military authentication can get overloaded • Service not always available Hard Problems in SOA January 30, 2008 11 © 2008 Carnegie Mellon University Ecosystem Governance] – Challenges and Gaps Issues • Utility based ecosystem (assembly and de-assembly of governance models based on time to market opportunities0 • Resembles a marketplace and a community of interest • Participants may not already be members of the federation • Don’t have control over participants (compliance only to a point) • Federation introduces a membership problem – don’t know who your members are and how they are using the services Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 6 Hard Problems in SOA Workshop January 30, 2008 12 Ecosystem Governance] – Challenges and Gaps Issues • Validation and verification • Testing stresses the edge condition. • can blast the ecosystem (eg certification and pre-certification) Hard Problems in SOA January 30, 2008 13 © 2008 Carnegie Mellon University [Ecosystem Governance] – Ideas to Address Challenges and Gaps Applicability of models depends on how much you can compel Appropriateness of reward structure is uncharted territory. Reuse can put out of business Assembly of services, rather than development of services is now critical Need for culture change Emergent behavior •HIPPA – email vs fax (no longer accept email – outside of retention) Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 7 Hard Problems in SOA Workshop January 30, 2008 14 [Ecosystem Governance] – Ideas to Address Challenges and Gaps Examples of approaches • Dictatorial model • Voluntary organizations • Movie making model – different guilds • Federation of small organizations that • Work on a project and go away Hard Problems in SOA January 30, 2008 © 2008 Carnegie Mellon University 8 Hard Problems in SOA Workshop January 30, 2008 15