Patrick Desbrow, CIO & VP-Engineering, CrownPeak
What is an Enterprise Service Oriented Architecture (SOA) For many SOA means creating a library of RESTful web services that wrap a subset of existing software components. Unfortunately, there is a lot more to do in order to qualify as an enterprise SOA framework. In truth, the entire application development processes must be reviewed and updated to meet this criterion. This article will touch on the areas that CIOs should consider when moving this direction. The Open Group describes the SOA framework in two dimensions. The first is a horizontal dimension that focuses on each of the application layers from user interface to the back office infrastructure. The second is a vertical dimension that focuses on the external aspects of the overall system. Therefore, Enterprise SOA is the proper review and remediation of this framework within your enterprise and across all of your primary partners providing services to the enterprise.
The 5 Layers of the Horizontal Dimension The Consumer Interface Layer is the graphical user interface (GUI) that most of the customers and partners use to access your enterprise application. The main concern in this layer is to make sure that all of the business logic is relocated into the next layer. Once the shift to the SOA framework is complete, a portion of these consumers will be accessing the web services layer directly and going around the traditional Consumer Interface Layer. The term for this is creating a “Headless” experience. The Business Process Layer refers to the individual processes that the GUI needs to operate and the other business specific processes needed to operate the business. This larger category has been further subdivided into the Services Layer, Service Components Layer, and Operational Systems Layer. The goal for each of these 3 layers is to ensure all source code that is properly separated into the correct layer. This can be a time consuming effort, usually by the enterprise architects, to inventory the applications source code into XML Packages (or other similar method). From the top down, there is the Services Layer. This is the Application Programming Interface (API) endpoints where consumers will authenticate and make requests of your application. All of the other services and software components roll up to this collection of web service calls. This collection must be a simple, clear and very well documented access point for your customers.
The Service Components Layer is the building blocks of source code organized into business driven processes as described above. They can be combined in a variety of different ways to meet the needs of the GUI and the external consumers of the application. Consider mapping each component to the different customer persona types (general user, administrator, developer) as part of the inventory process. The Operational Systems Layer focuses on the hardware platform, data repositories, and the physical organization of data in these environments. The focus of this layer is to ensure that the application continues to perform at a very high level. There are now two major access points into the application and the “Headless” consumers may be adding new types of load on the infrastructure. 4 Aspect of the Vertical Dimension The Integration Layer defines the connection or interface between the SOA framework and the consumers of your services. The first integration is usually between the web services endpoint and your applications GUI. The other integrations options can be viewed as a marketplace of possibilities including: social media, web analytics document management, data enrichment, and dynamic content vendors that leverage Search, database data, and targeted content technologies such as CrownPeak. Quality of Service focuses on the security, availability, performance and SLA requirements of the SOA framework.
"Enterprise SOA is the proper review and remediation of this framework within enterprise and across all of the primary partners providing services to the enterprise"
Consumers of your new web services will expect a commercial grade offering. This means security controls limiting access with authentication processes that defend again hackers and other unauthorized users. The most common options are key passing, basic authentication, and OAuth all highly recommended over a secure encrypted connection (HTTPS). Next, the environment must be supported by an IT Infrastructure that is always available with a goal of at least 99.9% uptime. This is possible with the use of High Availability (HA) technologies such as redundant server farms located in more than one data center. This is easily accomplished with cloud based computing platforms. These environments leverage monitoring tools that trigger alerts when issues begin to appear. Performance is also a concern as more users consume these services.
When the IT Infrastructure is at it limit it should respond to accommodate the extra load. This can be done by limiting individual users access to the environment (rate limiting) or by scaling up the size of the environment. Cloud based computing allows for both the manual and automatic scaling of your IT Infrastructure. The Informational Layer ensures that the service is available for discovery by the consumers. Focus on upgrading the API documentation and leveraging the best practices used by Business to Consumer (B2C) vendors. A great API with limited documentation may be effectually invisible to the developer community. Creating great document includes: class definitions, real world examples, turnby-turn instructions, and online help from your support organization when necessary. The Governance Layer requires that the existing process and procedures are updated to include the new SOA framework as part of the annual auditing process. Consider reaching out to the Chief Compliance Office (CCO) in your organization or the internal auditing team to make sure the same level of rigger is in place. Conclusion Software Oriented Architecture (SOA) is an architectural design pattern and not a technology, product or service The goal for CIOs and enterprise architects today is to move SOA from a design pattern to a commercial offering for their key business processes. However, making the move to enterprise SOA is a longterm project that will require planning, resources and the where-with-all to see the plan through.