Product Cover Image

SOA Governance

By Thomas Erl, Stephen G. Bennett, Benjamin Carlyle, Clive Gee, Robert Laird, Anne Thomas Manes, Robert Moores, Andre Tost

Published by Prentice Hall

Published Date: Apr 12, 2011

Description


“This book provides an indispensable guide for establishing a firm SOA governance foundation. Easy to read, comprehensive, pragmatic...excellent job.”

--Nick Laqua, Enterprise SOA Architect, Cathay Pacific Airways


SOA Governance is a must-read that provides an in-depth look at the organizational, managerial, procedural, and technical aspects that any SOA project needs to consider. If you’re investing in SOA, you’ll benefit greatly by having this excellent resource available to you as you contend with the many challenges of creating your own SOA governance.”

--David E. Michalowicz, Principal, Information Systems Engineer, The MITRE Corporation


“With this book Thomas Erl [and his team] do a great job in outlining a framework to implement an SOA governance program. For each stage of the project lifecycle, necessary governance precepts and processes are described concretely by referring to the service-orientation principles and SOA patterns. This makes it an indispensable source of information for any SOA practitioner or any professional who plans to start an SOA initiative.”

--Jean-Paul De Baets, Principal SOA Architect, Fedict (Belgian Federal Government Information and Communication Technology Service)


“This book on SOA governance provides both thoughtful and carefully crafted narrative and the supplementation of poignant real-world case studies that will help practitioners calibrate guidance to realities on the ground. This is a terrific book that will be heavily used--with tab stickers, dog-ears, highlighting, and column notes abounding to show for it--as practitioners strategize and subsequently iterate through organizational learnings on their journeys to SOA maturity.”

--David S. Rogers, Manager, IEEE Conferences Business and Technology Solutions Office

 

“Thomas Erl’s SOA Governance clarifies the principles behind this crucial capability for SOA adoption. Finally, a contribution that serves as a guide for project managers, architects, and any related role that has a common goal: the establishment, administration, and vision behind a service-enabled enterprise. Accenture sees this book as a milestone that will support the rationale behind selling and delivering SOA governance projects around the world.”

--Dr. Matthias Ziegler, Accenture; Dr. Jure Zakotnik, Accenture; Thomas M. Michelbach, Accenture


“Thomas Erl’s SOA Governance book fills in an important missing piece for any organization wanting to move to--and succeed with--an enterprise commitment to implement SOA and realize its overarching benefits. Of equal importance, however, is the fact that the basic concepts and frameworks that the book instantiates in the context of SOA can also be productively applied in other contexts that are not formally ‘SOA-esque,’ but where complexity is in need of formal governance.”

--Charles N. Mead, MD, MSc., Senior Technical Advisor to the Director, National Cancer Institute Center for Bioinformatics and Information Technology (NCI CBIIT) Chair, Architecture Board, Health Level 7 (HL7)


SOA Governance is the best read on governance and software delivery processes since the publication of RUP; it is the book that defines the standard Service Delivery Processes for all project lifecycle models and defines the necessary conditions and roadmap to reach SOA in the IT organization.”

--Filippos Santas, IT Architect, Credit Suisse Private Banking, Switzerland, and Certified SOA Trainer


“Achieving your service-oriented goals requires controlled growth and change, which are best accomplished through rigorous governance. The authors of this work drive to the heart of governance and show you how to manage your portfolio of services.”

--Kevin P. Davis, Ph.D., Software Architect

 

 

The Definitive Guide to Governing Shared Services and SOA Projects

 

SOA Governance: Governing Shared Services On-Premise and in the Cloud is the result of a multi-year project to collect proven industry practices for establishing IT governance controls specific to the adoption of SOA and service-orientation. Authored by world-renowned experts in the fields of SOA, IT governance, and cloud computing, this comprehensive book provides clear direction as to what does and does not constitute SOA governance and then steps the reader through the most important industry governance practices, as they pertain to individual SOA project lifecycle stages.

 

With a consistent, vendor-neutral focus, and with the help of case study examples, the authors demonstrate how to define and position precepts, organizational roles, processes, standards, and metrics. Readers benefit from thorough and visually depicted cross-references and mapping between roles, processes, precepts, and project stages, enabling them to fully explore dynamics and dependencies and thereby learn how to use these governance controls to create their own custom SOA governance systems.

 

This important title will be valuable to every practitioner concerned with making SOA work, including senior IT managers, project managers, architects, analysts, developers, administrators, QA professionals, security specialists, and cloud computing professionals.

 

Topic Areas

  • Defining SOA governance
  • Establishing an SOA governance office and program
  • Working with proven SOA governance precepts and processes
  • Identifying organizational roles and relating them to SOA governance
  • Associating design-time and runtime SOA project stages with SOA governance controls
  • Governance considerations specific to shared services
  • Roles, precepts, and factors specific to cloud-based services
  • Understanding and categorizing SOA governance products and technologies
  • Applying governance controls as early as the planning stages and measuring their success in subsequent stages
  • Using vitality triggers to govern shared services on an on-going basis
  • SOA governance controls that pertain to business information documents and policies

Table of Contents

Foreword by Massimo Pezzini     xxxi

Foreword by Roberto Medrano     xxxiii

Acknowledgments     xxxv

CHAPTER 1: Introduction     1

1.1 About this Book     3

Who this Book is For     3

What this Book Does Not Cover      4

This is Not a Book About SOA Management     4

This is Not a Book About Cloud Computing Governance      4

1.2 Recommended Reading     5

1.3 How this Book is Organized     6

Part I: Fundamentals     6

Part II: Project Governance     7

Part III: Strategic Governance     10

Part IV: Appendices     11

1.4 Symbols, Figures, and Style Conventions     12

Symbol Legend     12

Mapping Diagrams     12

SOA Principles & Patterns Sections     13

Capitalization     14

1.5 Additional Information     14

Updates, Errata, and Resources (www.soabooks.com)      14

Master Glossary (www.soaglossary.com)      15

Referenced Specifications (www.soaspecs.com)      15

SOASchool.com SOA Certified Professional (SOACP)      15

CloudSchool.com Cloud Certified Professional (CCP)      15

The SOA Magazine (www.soamag.com)      15

Notification Service     16

CHAPTER 2: Case Study Background     17

2.1 How Case Studies are Used     18

2.2 Raysmoore Corporation     18

History     18

IT Environment     18

Business Goals and Obstacles     19

2.3 Case Study Continuation     20

PART I: FUNDAMENTALS

CHAPTER 3: Service-Oriented Computing Fundamentals     23

3.1 Basic Terminology     24

Service-Oriented Computing     25

Service-Orientation     26

Service-Oriented Architecture (SOA)      29

Services     31

Services as Components     32

Services as Web Services     32

Services as REST Services     34

SOA Manifesto     34

Cloud Computing     35

IT Resources     35

Cloud     36

On-Premise     37

Cloud Deployment Models     37

Cloud Consumers and Cloud Providers     38

Cloud Delivery Models      38

Service Models     38

Agnostic Logic and Non-Agnostic Logic     39

Service Composition     40

Service Inventory     41

Service Portfolio     41

Service Candidate      42

Service Contract     43

Service-Related Granularity     44

SOA Design Patterns     46

3.2 Further Reading     47

CHAPTER 4: SOA Planning Fundamentals     49

4.1 The Four Pillars of Service-Orientation     51

Teamwork     52

Education      52

Discipline     52

Balanced Scope     53

4.2 Levels of Organizational Maturity     56

Service Neutral Level      .57

Service Aware Level     57

Service Capable Level     57

Business Aligned Level     58

Business Driven Level     58

Service Ineffectual Level     58

Service Aggressive Level     59

4.3 SOA Funding Models     60

Platform (Service Inventory) Funding     60

Project Funding Model (Platform)      61

Central Funding Model (Platform)      64

Usage Based Funding Model (Platform)      66

Service Funding     69

Project Funding Model (Service)      69

Central Funding Model (Service)      71

Hybrid Funding Model (Service)      72

Usage Based Funding Model (Service)      74

CHAPTER 5: SOA Project Fundamentals     79

5.1 Project and Lifecycle Stages     81

SOA Adoption Planning     82

Service Inventory Analysis     82

Service-Oriented Analysis (Service Modeling)      84

Service-Oriented Design (Service Contract)      85

Service Logic Design     87

Service Development     87

Service Testing     88

Service Deployment and Maintenance     89

Service Usage and Monitoring      90

Service Discovery     90

Service Versioning and Retirement      91

5.2 Organizational Roles     92

Service Analyst     96

Service Architect     96

Service Developer     97

Service Custodian     98

Cloud Service Owner      98

Service Administrator     100

Cloud Resource Administrator     100

Schema Custodian     102

Policy Custodian     104

Service Registry Custodian     105

Technical Communications Specialist      105

Enterprise Architect      106

Enterprise Design Standards Custodian (and Auditor)      107

SOA Quality Assurance Specialist      109

SOA Security Specialist     110

SOA Governance Specialist     111

Other Roles     112

Educator      112

Business Analyst      113

Data Architect     113

Technology Architect      113

Cloud Technology Professional      114

Cloud Architect      114

Cloud Security Specialist      114

Cloud Governance Specialist     114

IT Manager     115

5.3 Service Profiles     115

Service-Level Profile Structure     117

Capability Profile Structure     118

Additional Considerations     119

Customizing Service Profiles      119

Service Profiles and Service Registries      119

Service Profiles and Service Catalogs     119

Service Profiles and Service Architecture     120

CHAPTER 6: Understanding SOA Governance     121

6.1 Governance 101     122

The Scope of Governance     123

Governance and Methodology      124

Governance and Management     124

Methodology and Management     125

Comparisons     125

The Building Blocks of a Governance System     127

Precepts      128

People (Roles)      128

Processes     129

Metrics     129

Governance and SOA     130

6.2 The SOA Governance Program Office (SGPO)      131

6.3 SGPO Jurisdiction Models     133

Centralized Enterprise SGPO     133

Centralized Domain SGPO     134

Federated Domain SGPOs     135

Independent Domain SGPOs     136

6.4 The SOA Governance Program     137

Step 1: Assessing the Enterprise (or Domain)      137

Current Governance Practices and Management Styles     138

SOA Initiative Maturity     138

Current Organizational Model     139

Current and Planned Balance of On-Premise and Cloud-based IT Resources      139

Step 2: Planning and Building the SOA Governance Program     139

SOA Governance Precepts     139

SOA Governance Processes     141

SOA Governance Roles     143

Additional Components     146

Step 3: Running the SOA Governance Program (Best Practices and Common Pitfalls)      146

Collect the Right Metrics and Have the Right People Use Them      146

Provide Transparency and Foster Collaboration     147

Ensure Consistency and Reliability     147

Compliance and Incentives     147

Education and Communication     148

Common Pitfalls     148

PART II: PROJECT GOVERNANCE

CHAPTER 7: Governing SOA Projects     153

7.1 Overview     155

Precepts, Processes, and People (Roles) Sections     156

7.2 General Governance Controls     157

Precepts     157

Service Profile Standards     157

Service Information Precepts     158

Service Policy Precepts      158

Logical Domain Precepts      159

Security Control Precepts      160

SOA Governance Technology Standards     163

Metrics     164

Cost Metrics     164

Standards-related Precept Metrics      165

Threshold Metrics     165

Vitality Metrics     166

Case Study Example     167

7.3 Governing SOA Adoption Planning     169

Precepts     169

Preferred Adoption Scope Definition     169

Organizational Maturity Criteria Definition     171

Standardized Funding Model     172

Processes     173

Organizational Governance Maturity Assessment     173

Adoption Impact Analysis      176

Adoption Risk Assessment     178

People (Roles)      179

Enterprise Architect      179

SOA Governance Specialist     181

Case Study Example     182

CHAPTER 8: Governing Service Analysis Stages     187

8.1 Governing Service Inventory Analysis     192

Precepts     193

Service Inventory Scope Definition      193

Processes     195

Business Requirements Prioritization     195

People (Roles)      197

Service Analyst     197

Enterprise Design Standards Custodian     198

Enterprise Architect      199

SOA Governance Specialist     200

Case Study Example     201

8.2 Governing Service-Oriented Analysis (Service Modeling)      206

Precepts     206

Service and Capability Candidate Naming Standards     206

Service Normalization     207

Service Candidate Versioning Standards     209

Processes     210

Service Candidate Review     210

People (Roles)      212

Service Analyst     212

Service Architect      213

Enterprise Design Standards Custodian     214

Enterprise Architect     215

SOA Governance Specialist     216

Case Study Example     217

CHAPTER 9: Governing Service Design and Development Stages     221

9.1 Governing Service-Oriented Design (Service Contract)      223

Precepts     223

Schema Design Standards     223

Service Contract Design Standards     225

Service-Orientation Contract Design Standards     228

SLA Template      229

Processes     231

Service Contract Design Review     231

Service Contract Registration     234

People (Roles)      236

Service Architect      236

Schema Custodian     237

Policy Custodian     238

Technical Communications Specialist     239

Enterprise Design Standards Custodian     241

Enterprise Architect      242

SOA Security Specialist     243

SOA Governance Specialist      245

Case Study Example     246

9.2 Governing Service Logic Design     249

Precepts     249

Service Logic Design Standards     249

Service-Orientation Architecture Design Standards     252

Processes     253

Service Access Control      253

Service Logic Design Review      255

Legal Data Audit     257

People (Roles)      259

Service Architect      259

Enterprise Design Standards Custodian     260

Enterprise Architect      261

SOA Security Specialist      262

SOA Governance Specialist      263

Case Study Example     265

9.3 Governing Service Development     267

Precepts     267

Service Logic Programming Standards      267

Custom Development Technology Standards     268

Processes     270

Service Logic Code Review     270

People (Roles)      272

Service Developer     272

Enterprise Design Standards Custodian     273

Enterprise Architect     274

SOA Governance Specialist     275

Case Study Example     276

CHAPTER 10: Governing Service Testing and Deployment Stages     277

10.1 Governing Service Testing     278

Precepts     279

Testing Tool Standards     279

Testing Parameter Standards     280

Service Testing Standards     281

Cloud Integration Testing Standards     283

Test Data Usage Guidelines     285

Processes     286

Service Test Results Review      286

People (Roles)      287

Service Administrator     287

Cloud Resource Administrator     288

Enterprise Architect      289

SOA Quality Assurance Specialist     290

SOA Security Specialist     291

SOA Governance Specialist      292

Case Study Example     294

10.2 Governing Service Deployment and Maintenance     298

Precepts     298

Production Deployment and Maintenance Standards     298

Processes     301

Service Certification Review     301

Service Maintenance Review     303

People (Roles)      304

Service Administrator      304

Cloud Resource Administrator     305

Service Custodian     307

Enterprise Architect      308

SOA Quality Assurance Specialist      309

SOA Security Specialist     310

SOA Governance Specialist     311

Case Study Example     312

Chapter 11: Governing Service Usage, Discovery, and Versioning Stages     315

11.1 Governing Service Usage and Monitoring     317

Precepts     317

Runtime Service Usage Thresholds     317

Service Vitality Triggers     320

Processes     323

Service Vitality Review     323

People (Roles)      325

Enterprise Architect      325

Service Architect      326

Service Administrator     327

Cloud Resource Administrator     328

Service Custodian     329

SOA Security Specialist      331

SOA Governance Specialist      332

Case Study Example     333

11.2 Governing Service Discovery     335

Precepts     335

Centralized Service Registry     335

Processes     337

Service Registry Access Control     337

Service Registry Record Review     339

Service Discovery     340

Shared Service Usage Request      342

Shared Service Modification Request     343

People (Roles)      345

Service Custodian     345

Service Registry Custodian     346

Technical Communications Specialist      348

SOA Governance Specialist      348

Case Study Example     350

11.3 Governing Service Versioning and Retirement     352

Precepts     352

Service Versioning Strategy     352

SLA Versioning Rules     354

Service Retirement Notification     356

Processes     357

Service Versioning     357

Service Retirement     359

People (Roles)      360

Enterprise Design Standards Custodian     60

Service Administrator      362

Cloud Resource Administrator     363

Schema Custodian     364

Policy Custodian     364

SOA Governance Specialist     365

PART III: STRATEGIC GOVERNANCE

CHAPTER 12: Service Information and Service Policy Governance     369

12.1 Overview     371

Service Data vs. Service Information     371

Policies 101     373

12.2 Governance Controls     375

Precepts     375

Enterprise Business Dictionary/Domain Business Dictionary     375

Service Metadata Standards     377

Enterprise Ontology/Domain Ontology      380

Business Policy Standards     382

Operational Policy Standards     384

Policy Centralization     386

Processes     389

Data Quality Review      389

Communications Quality Review     391

Information Alignment Audit      393

Policy Conflict Audit      395

People (Roles)      397

Business Analyst      397

Data Architect      399

Schema Custodian      399

Policy Custodian     401

Service Registry Custodian     402

Technical Communications Specialist      403

SOA Quality Assurance Specialist      405

SOA Governance Specialist     406

12.3 Guidelines for Establishing Enterprise Business Models     408

Establish a Service Information Governance Council     408

Assign Business Information Custodians     408

Assign Value to Business Information     409

Relate Service Information Governance to Master Data Management     409

CHAPTER 13: SOA Governance Vitality      411

13.1 Vitality Fundamentals     412

13.2 Vitality Triggers     414

Business vs. Technology Changes     415

Types of Vitality Triggers     416

Strategic Adjustments     416

Strategic Business Adjustment     416

Strategic IT Adjustment     417

Industry Shifts     417

Business Shift      417

Technology Shift      418

Metrics     418

Performance Metrics     419

Compliance Metrics     419

Organizational Shifts     419

Periodic     420

Milestone     420

Time     420

13.3 SOA Governance Vitality Process     421

Identify Activity     421

Assess Activity     422

Refresh Activity     422

Approve Activity     423

Communicate Activity     423

CHAPTER 14: SOA Governance Technology     425

14.1 Understanding SOA Governance Technology     426

SOA Governance Task Types     427

Manual Governance      427

Automated Governance      427

Design-time Governance     428

Runtime Governance     428

On-Premise Governance     428

Cloud Governance     428

Passive Governance     428

Active Governance     429

SOA Governance Technology Types     429

Administrative     429

Monitoring      429

Reporting     430

Enforcement     430

14.2 Common SOA Governance Technology Products     431

Service Registries     431

Task Types      432

Technology Types      432

SOA Project Stages     433

Repositories     433

Task Types     434

Technology Types     434

SOA Project Stages     435

Service Agents     435

Task Types     436

Technology Types     437

SOA Project Stages     437

Policy Systems     437

Task Types     438

Technology Types     438

SOA Project Stages     439

Quality Assurance Tools     439

Task Types     440

Technology Types     440

SOA Project Stages     441

SOA Management Suites     441

Other Tools and Products     442

Technical Editors and Graphic Tools     442

Content Sharing and Publishing Tools     442

Configuration Management Tools     443

Custom SOA Governance Solutions     443

14.3 Guidelines for Acquiring SOA Governance Technology     444

Acquisition Strategies     444

Single Vendor     444

Multiple Vendors     445

Open Source     446

Leased from Cloud Vendor     447

Best Practices     448

Establish Criteria Based on Your Specific Requirements     448

Investigate Customizability     448

Investigate APIs      448

Understand Both Initial and Long-Term Costs     448

Understand Actual Governance Support     449

Take the Time to Create a Quality RFP     449

PART IV: APPENDICES

APPENDIX A: Case Study Conclusion     453

APPENDIX B: Master Reference Diagrams for Organizational Roles     457

Service Analyst     458

Service Architect     459

Service Developer      460

Service Custodian     460

Service Administrator     461

Cloud Resource Administrator     462

Schema Custodian     463

Policy Custodian     464

Service Registry Custodian     465

Technical Communications Specialist     466

Enterprise Architect     467

Enterprise Design Standards Custodian (and Auditor)      468

SOA Quality Assurance Specialist      469

SOA Security Specialist     470

SOA Governance Specialist (precepts)      471

SOA Governance Specialist (processes)      472

APPENDIX C: Service-Orientation Principles Reference     473

APPENDIX D: SOA Design Patterns Reference     489

APPENDIX E: The Annotated SOA Manifesto     577

APPENDIX F: Versioning Fundamentals for Web Services and REST Services     591

F.1 Versioning Basics     593

Versioning Web Services     593

Versioning REST Services     594

Fine and Coarse-Grained Constraints     595

F.2 Versioning and Compatibility     596

Backwards Compatibility     596

Backwards Compatibility in Web Services     596

Backwards Compatibility in REST Services      597

Forwards Compatibility     599

Compatible Changes     602

Incompatible Changes     604

F.3 REST Service Compatibility Considerations     605

F.4 Version Identifiers     608

F.5 Versioning Strategies     611

The Strict Strategy (New Change, New Contract)      611

Pros and Cons     612

The Flexible Strategy (Backwards Compatibility)      612

Pros and Cons     613

The Loose Strategy (Backwards and Forwards Compatibility)      613

Pros and Cons     614

Summary Table     614

F.6 REST Service Versioning Considerations     615

APPENDIX G: Mapping Service-Orientation to RUP     617

Compatibility of RUP and SOA     618

Overview of RUP (and MSOAM)      619

The Pillars of Service-Orientation and the RUP Principles     620

Breadth and Depth Roles and Role Mapping     623

Enterprise and Governance Roles     624

Mapping Service Delivery Project Stages to Disciplines     625

Mapping MSOAM Analysis and Design Stages to RUP Disciplines     626

Service-Orientation and RUP: Gaps     628

Related Reading     628

Bibliography     629

APPENDIX H: Additional Resources     631

About the Authors     635

About the Contributors     641

About the Foreword Contributors     643

Index     645

Purchase Info

ISBN-10: 0-13-277935-8

ISBN-13: 978-0-13-277935-7

Format: eBook (Watermarked)?

This eBook includes the following formats, accessible from your Account page after purchase:

ePubEPUBThe open industry format known for its reflowable content and usability on supported mobile devices.

MOBIMOBIThe eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

Adobe ReaderPDFThe popular standard, used most often with the free Adobe® Reader® software.

This eBook requires no passwords or activation to read. We customize your eBook by discretely watermarking it with your name, making it uniquely yours.

Includes EPUB, MOBI, and PDF

$39.99

Add to Cart