Level: Intermediate Muhammed Yaseen Muriankara (muhammedyaseen@in.ibm.com), SOA Architect, IBM
15 May 2008 Service-Oriented Architecture (SOA) promises to deliver business
agility by aligning business and IT needs and goals. But without proper governance,
an SOA implementation is just a group of potentially unrelated services that doesn't
deliver anything of sustainable value. As part of an SOA initiative in your
enterprise, it's crucial to successfully initiate SOA governance to help guarantee
the success of an SOA implementation. This includes recognizing when to integrate
IBM® WebSphere® Service Registry and Repository into the SOA
architecting process. In this article, learn about SOA governance, and find out how
WebSphere Service Registry and Repository can help in your efforts.
Introduction
Your business no doubt has some form of documentation about the operational
procedures and goals it puts into practice every day. This documentation is a tool
that provides visibility into what the business is doing and educates new
employees about how the business operates. It usually shows the main business
processes, the organizational structure, financial management, goals and
objectives, and other related policies. All of these items are essential to get a
clear picture of what your business is and how it functions. Even informal
business processes are part of the fabric of a business and contribute to how the
business functions and responds to its customers. This is called a business
design.
IT and business leaders ideally work together to identify which part of the
business design has to be automated and which part should be done manually. This
ultimately improves efficiency in achieving business goals. Your business by its
nature requires constant modification to the way it operates. Competition, market
forces, innovation, and customer requirements are some of those factors that
influence business change. When business and IT have a synergetic relationship,
where one can adapt and change with the needs of the other, the business is said
to be agile and flexible. This helps to secure growth for the business. SOA
promises to achieve IT and business alignment, and SOA governance makes sure that
promise is realized.
SOA
As a gross generalization, a service is a repeatable task within a
business process. The business process is composed of a set of tasks, then
you can claim that the tasks are services. The business process is a composition
of these services. Service-orientation as a way to integrate your business
as a set of linked services.
An SOA, then, is an architectural style suitable for an enterprise IT
architecture that exploits the principles of service orientation to achieve a
tighter relationship between the business and the information systems that support
the business. (This is taken from the
SOA concepts wiki
on IBM developerWorks.)
A typical enterprise has a vision and a subsequent strategy to meet this vision
in phases of growth. There are strategies devised to take the enterprise through
each of these phases. The assets that would form part of the strategies would be
the key business processes, organizational assets, business model, and IT.
Consider a standard enterprise that relies on a chain of services executed by a
variety of different entities. Figure 1 shows the processes and interactions
involved with customers, various company divisions, shared services, suppliers,
and outsourced partners.
Figure 1. Standard enterprise
processes and interaction
Typically, the business wants to capitalize on these processes to grow. Using
these processes to become more efficient is critical to this growth and requires a
consolidation of business and IT functions to improve the agility of your
organization. With this innovation comes agility. Figure 2 shows how this growth
and agility happen in the enterprise ecosystem.
Figure 2. Enterprise expansion in
a business ecosystem
When your enterprise embarks on this kind of growth, it can most effectively do
so with the help of an SOA. SOA tries to realize the business-to-IT alignment that
ultimately delivers the required agility and flexibility. It does this by applying
a well-defined methodology for breaking down the business and its processes into
services exposed on an appropriate supporting environment.
SOA life cycle
Most enterprises are inclined to take a life cycle approach to SOA. This begins
with the model phase, in which you gather business requirements, and design
and optimize your desired business processes. After you've optimized the business
processes, you implement them by combining new and existing services. You deploy
the created assets into a secure environment. After these are deployed, you need
to manage them with the consideration given to both IT and business functions.
During this phase, information helps provide insight into business processes that
enable smart decision making. At the core of all of this is SOA governance. Figure
3 shows the life cycle and the important activities.
Figure 3. SOA life cycle
SOA governance
Before defining SOA governance, you need to understand what governance is as it
applies to the entire enterprise. IBM defines governance as "establishing chains
of responsibility, authority, and communication to empower people (decision
rights)" and "establishing measurement, policy and control mechanisms to enable
people to carry out their roles and responsibilities."
The next level of governance is IT governance, which, according to IBM,
"refers to the aspects of governance that pertain to an organization's information
technology processes and the way those processes support the goals of the
business."
Finally, IBM defines SOA governance as "a specialization of IT governance
that puts key IT governance decisions within the context of the life cycle of
service components, services, and business processes. It is the effective
management of this life cycle that is the key goal to SOA governance."
Adopt SOA
Usually the decision to adopt an SOA is part of a strategy for growth in the
enterprise. Let's assume that your enterprise has chosen to adopt SOA and has
identified a good starting point for that. Important characteristics you need to
consider when beginning your SOA implementation include:
- Addressing a well-understood business problem to illustrate the immediate
benefits of adopting SOA.
- Involving line-of-business (LOB) objectives and IT objectives.
- Requiring an achievable stretch beyond current capabilities to address gaps
(such as skills and processes).
- Being something that the enterprise will use as part of its business
activities.
- Ensuring that the project is part of the plan for incremental adoption of SOA
as part of an overall roadmap of business and IT objectives.
Find the essential
ingredient for SOA
Applying SOA to improve agility, flexibility, productivity, and time to market
for new products through reuse (for one example) has direct visible benefits to
both IT and business operations. Service orientation alone can't bring about the
effect of improved productivity, faster time to market, and reuse because there
are other forces at play that operate as impediments.
The services that are identified and exposed in this exercise have attached
risks:
- What if the assets produced have less value in terms of reusability?
- What if the solution doesn't adhere to standards and best practices?
- Or worse, what if the result of engagement produces services that aren't
appropriate for SOA?
- Who would own the services and fund them?
- Who would use them?
- How can someone subscribe to them?
- Is a process in place to manage the change in services to meet new
requirements?
- Is the solution secure enough?
- How can it be sufficiently tested?
These are all questions that you should address before initiating any SOA-based
project.
The strategy devised for implementing an SOA in your enterprise should first
answer these questions. This is the critical point where you need to begin
considering applying SOA governance. This leads to another important question: How
is the governance model funded and who backs it? In the absence of such a
framework, the SOA architect should be able to review the strategy in this scope
to see that this requirement is addressed.
This governance model needs to establish chains of responsibilities,
decision-making rights, authority, and communication to empower people to bring
about the necessary changes for service orientation and to sustain those changes
so that the organization doesn't default to business as usual.
Adopt SOA governance
SOA governance is most effective when adopted incrementally. There are two
aspects to SOA governance:
The methodology and model for adopting SOA governance from IBM is called the SOA
Governance and Management Method (SGMM). You can tailor this to fit the scope of
your project. The result of the methodology is an SOA governance framework that
takes care of the relevant SOA governance concerns, as illustrated in Figure 4.
Figure 4. Creating SOA governance
framework
The SOA governance implementation methodology results in a framework that's well
knit into the SOA life cycle phases, with checkpoints, checklists, enforcing
policies, and quality gates to make sure SOA results in business agility and
flexibility with reduced cost.
The methodology documented for IBM Rational® Method Composer is available
for download. Rational Method Composer is a flexible software development process
platform that helps you deliver customized yet consistent process guidance to your
project team. You can tailor the SGMM plug-in for Rational Method Composer to meet
the requirements of your project. Although this article doesn't cover the details
of SGMM, Figure 5 shows a snapshot of it. The SOA governance framework is also
built through an iterative life cycle. Figure 5 shows some of the important
aspects that are taken care of during the life cycle.
Figure 5. SOA governance life
cycle
Platform
The governance framework consists of processes that have to be measured for
effectiveness from time to time. Some of these processes can be automated to get a
better view of resources and assets involved, which ensures better visibility for
the processes and eases management and measurement. The methodology defined has to
be published, proper communication channels have to be established, and the
automation of the processes linked to the life cycle of the SOA implementation
should be established. This automation ensures that SOA governance stitches itself
into the SOA life cycle. The automation is typically done on a platform. To
summarize, the governance framework built as part of the SGMM exercise is
automated using a platform of software and hardware (see Figure 6).
Figure 6. SOA governance framework
and platform
The platform should have the capabilities to automate the governance framework
that was derived using the governance methodology. Some of the minimum required
automation capabilities for a startup project include:
- A centralized registry and repository to find and publish the service related
artifacts and metadata. This is necessary to:
- Find the right authorized service.
- Avoid duplication of effort.
- Encourage reuse.
- Identify the current state of service in the SOA life cycle.
- Provide visibility to subscribers of the services.
- Find related services and the impact of changing a service.
- Communicate changes done to the service.
- A mechanism to relate and enforce policies applicable for a service. The
policies are defined by using the governance framework.
- A customizable life cycle-aware system that triggers validations on the change
of phase within the life cycle so that phase-by-phase governance validations can
be automated.
- The registry should ideally be SOA run time optimized so that the metadata
stored in the registry can be used to provide enrichment via dynamic routing
during run time.
These capabilities are required to automate the governance framework. WebSphere
Service Registry and Repository is one such product that meets the capabilities
for automation. The strategy has to be defined in balanced scope so as to
incorporate SOA governance incrementally just like SOA is adopted. As SOA matures
in an enterprise, the SOA governance matures along with it. The solution depicted
in Figure 6 is an entry-level solution where the business doesn't have any IT
governance in place, but shows that with the inclusion of IT governance there are
a number of potential aspects that can be addressed.
Conclusion
It's important to include SOA governance in the strategy for SOA adoption as
early as possible, incrementally placing the governance framework and platform so
that SOA delivers the value of business agility and flexibility.
Resources Learn
Get products and technologies
- Innovate your next development project with
IBM trial software, available for download or on DVD.
Discuss
About the author  | 
| | Muhammed Yaseen Muriankara is an SOA Architect at the IBM India Software Lab in
Bangalore, India. He has over ten years of experience in software development and
has been architecting solutions for the past seven years. Prior to working at IBM,
he was an ESB and service registry and repository architect, and is now working
with IBM Business Partner Technical and Strategic Enablement to enable systems
integrators and partners in SOA and IBM WebSphere products. He leads the SOA
Governance Program for the SOA Leadership Center Bangalore. |
Rate this page
| 
