Service-oriented architecture

From Blindside

1 What is it
2 Impact & Maturity assessment
3 Information Assurance issues
4 Implications for UK Government
5 Timescale
6 Examples
7 Comments (attributed)
8 Organisations
9 Documents & research papers
10 Experts (academic, practitioner)

[edit] What is it

The World Wide Web consortium defines Service Oriented Architecture (SOA) as follows:

A Service Oriented Architecture (SOA) is a form of distributed systems architecture that is typically characterized by the following properties:

• Logical view: The service is an abstracted, logical view of actual programs, databases, business processes, etc., defined in terms of what it does, typically carrying out a business-level operation.

• Message orientation: The service is formally defined in terms of the messages exchanged between provider agents and requester agents, and not the properties of the agents themselves. The internal structure of an agent, including features such as its implementation language, process structure and even database structure, are deliberately abstracted away in the SOA: using the SOA discipline one does not and should not need to know how an agent implementing a service is constructed. A key benefit of this concerns so-called legacy systems. By avoiding any knowledge of the internal structure of an agent, one can incorporate any software component or application that can be "wrapped" in message handling code that allows it to adhere to the formal service definition.

• Description orientation: A service is described by machine-processable meta data. The description supports the public nature of the SOA: only those details that are exposed to the public and important for the use of the service should be included in the description. The semantics of a service should be documented, either directly or indirectly, by its description.

• Granularity: Services tend to use a small number of operations with relatively large and complex messages.

• Network orientation: Services tend to be oriented toward use over a network, though this is not an absolute requirement.

• Platform neutral: Messages are sent in a platform-neutral, standardized format delivered through the interfaces. XML is the most obvious format that meets this constraint. [1]

Other definitions of Service Oriented Architecture:

Service Oriented Architecture (SOA) is a business-centric IT architectural approach that supports integrating your business as linked, repeatable business tasks, or services. SOA helps users build composite applications, which are applications that draw upon functionality from multiple sources within and beyond the enterprise to support horizontal business processes. IBM

What is service-oriented architecture? Javaworld

What Is Service-Oriented Architecture? - Hao He

[edit] Impact & Maturity assessment

[See definition of levels]

The Impact Level of this is estimated at 1, as best practices can be incorporated as they evolve and the public sector can benefit from work done by private sector operators and voluntary associations. It is easy to see the beneifts of SOA, but it must be remembered that current systems do work. The Maturity Level is rated at 1, as few systems have had the luxury of being designed using this system.

[edit] Information Assurance issues

The real issue with any IT "architecture" is how one defines the information management model and operations around it that deal with information privacy, reflect the business's products and services, enable services to be delivered to the customers, allow for self care, preferences and entitlements and at the same time embrace identity management and agility. On this last point, system modification (agility) is a critical issue which is normally omitted from IT system design. Many systems, including SOAs, hard code the operations, goods and services of the organisation thus restricting their online service and business agility in the global market place.

Adopting SOAs is therefore just the first (diagrammatic) step in defining a real business system. The next step in the design process is the definition of a Service Delivery Platform (SDP) and its implementation. It is in the SDP design phase where one defines the business information models, identity management, products, content and devices and the end user service characteristics - and how agile the system is so that it can deal with the evolution of the business and its customers. Wikipedia

[edit] Implications for UK Government

Robin Bloor, Partner at Hurwitz & Associates writes about IT Security and SOA on www.csoonline.com

Service Oriented Architecture is making a name for itself, but identity management services that could make such systems secure are yet to be built.

Gemma Simpson writes about the Security Worries related to Service Oriented Architecture on www.silicon.com

Companies are happily trialling tech's latest TLA internally but problems could crop up as there has been little discussion of the impact the new architecture will have when unleashed on the wider IT environment, according to the analysts

[edit] Timescale

Is the impact of this emerging technology felt - now (less than 18 months) - in 2-5 years? - in 5-25 years - longer-term than that even

We feel that the impact of this issue will be felt between five and 25 years out, as it doesn't really exist outside the laboraty, then lessening quickly as vendors and managed service providers adopt best practices.