Service Oriented Architecture is mostly popular because it promises interoperability between heterogeneous applications and technologies with least hassle in application integration. A service’s loose coupling to host applications gives it the ability to share data across enterprises more easily. Using SOA’s increase reusability, overall costs could be minimized with increased response times to ITs change requests. This results in rapit evolvement of IT systems, for both old and new.

However, as the organization matures, they tend to face the following challenges with SOA:

• Number of new services increases
• Number of dependencies among services increases
• Number of service users (both internal and external to the organization) increases
• Users develop interest in different versions of the same service
• Users sign up for different service level agreements, e.g. John’s request will go through high performance servers, while Jennifer’s requests go through regular servers.

If not properly handled, and organization’s SOA could transform into a complex unmanageable mesh. To avoid this situation, an organization should (but not limited to) perform the following  throughout the entire lifecycle of services:

• Properly manage services creation, adhering to rules laid down by an organization
• Increase reuse of services, by “socializing” existing services
• Properly analyze dependencies of a given service, before changing it
• Provide service versioning and allow users to consume different versions of a given service
• Properly validate services for standard compliance
• Properly test services to assure quality of services
• Document both technical and business aspects of services to help consumers and providers
• Properly define who accesses what services
• Measure service behavior at runtime. (e.g. How many times this service is called, by how many consumers, etc..)

In other words, SOA should properly “steer” its enterprise IT system. This process is called “SOA Governance”. Governance is derived from the Latin term for steering.

People tend to define Service Oriented Architecture Governance differently, such as:

SOA Governance is processes that an enterprise puts in place to ensure that things are done, in accordance with best practices, architectural principles, government regulations, laws, and other determining factors. SOA governance refers to the processes used to govern adoption and implementation of SOA.

- Anne Thomas Manes, Burton Group.

Governance establishes the alignment in SOA. This involves understanding organizational business value drivers and business processes, aligning them to IT policies and establishing a process model to implement the alignment.

- Nikhil Kumar, CXO Magazine.

SOA Governance is about having discipline and making sure that the very important decisions go through to appropriate people and that these people have the appropriate input to make those decisions. That is half of the SOA governance problem. The second half is whenever these decisions are made, SOA governance needs to make sure that those decisions are actually followed. It’s not only about setting a speed limit, it is about enforcing it too and eventually giving people tickets or sending them to jail. That is what SOA governance really is about.

- Paolo Malinverno, Gartner.

In simple terms, SOA governance is a set of processes, responsibilities and tools that reinforces good behavior and help avoid bad behaviors. It is all about control. If you design a service for a specific purpose and for a set of consumers, you will want to have assurance that it will only be used for that purpose and by that set of consumers. You also want the service to be available, performing as it was intended for, and secured. Transactions must have integrity, at least to the degree that you originally specified. Most Importantly, you need to make sure defined processes and responsibilities are followed properly. For this you need to adapt proper measurement techniques (to measure effectiveness on the actions taken) in your SOA.

In the modern day, information technology (IT) systems of the enterprise are continuously challenged with demands to serve ever changing requirements. In order to get more out of existing investments, rather than developing new applications to serve such demands, IT companies are moving towards the service-oriented paradigm.

What is a service?

In the service oriented paradigm, a service is a well-defined and self-contained function, one that would not not depend on the context or state of other services.

SOA?

Developing services and deploying them using a service-oriented architecture (SOA) is the best way to utilize existing IT systems to meet new challenges. SOA represents a new generation of distributed computing architecture.

Definition of SOA!

According to the OASIS SOA Reference Model definition[1], “SOA is a paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains. It provides a uniform means to offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations“.

In simple terms, Service-oriented Architecture is a collection of services. Services in a SOA can communicate with each other. This communication could take the shape of either simple data processing, or, it could even involve two or more services coordinating some activity. The combination of services, both internal and external to an organization, makes up a service-oriented architecture.

[1] http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=soa-rm

A webinar, ideal for those who want to be enlightened by the features and facilities available in WSO2 WSF/PHP 2.0 and also for those looking for ways to integrate applications with SOA and WOA implementations.

Title: Introducing Enterprise Web services with WSO2 WSF/PHP 2.0
Date: September 23, 2008
Start Time: 9.00 am PST
Duration: 60 mins

In this webinar following features of WSO2 WSF/PHP 2.0 will be covered.

• The comprehensive REST stack in addiction to the comprehensive SOAP stack.
• The new WSF/PHP Data Services support to easily expose data sources as web services with several WS-* support allowing seamless integration with other enterprise applications.

REGISTRATION: To register for this event,go to the registration page

My article on SOA Governance with WSO2 Registry 1.1 is published in the WSO2 oxygen tank.

link: http://wso2.org/library/articles/soa-governance-wso2-registry-v1-1

This is interesting..

http://janapriya.net/blog/2008/07/14/service-oriented-architecture-soa-robotics/

Rogue Services the ‘Silent Killer’ in SOA : Myths and Realities

Extracted from [1],

Rogue services within an SOA are mismanaged or lost Web services that cause problems for unknowing IT managers who might be using them. In a worst-case scenario, a rogue service does not comply with business policies and/or compliance mandates, resulting in costly, and potentially contentious, audits.

Three of the top 10 misconceptions about SOA management and governance that apply to the impact of rogue services on IT infrastructure are as follows:

1. Perception: rogue services are a result of malicious code planted by hackers.
   Reality: not always. Packaged applications may contain unidentified services that are susceptible to being used in unintended ways.
2. Perception: a company’s security infrastructure prevents the proliferation of rogue services.
   Reality: rogue services can undermine a company’s security initiatives, making financial and other confidential information vulnerable.
3. Perception: rogue services are bothersome but not dangerous.
   Reality: rogue services can lead to prosecution or company shutdowns if compliance mandates are not met.

“Rogue services lurk in the shadows of many SOAs and most IT organizations are not doing enough to prevent their proliferation, Rogue services can truly be silent killers. For example, if a rogue service is embedded within a financial application, Sarbanes-Oxley compliance can be compromised resulting in company executives having to testify in court as to why and how an unknown Web service captured credit card data that was accessed by hackers. The good news is that proper management and governance will help organizations develop water-tight SOA environments.”

[1] http://www.actional.com/news_events/press/Rogue-Services-in-SOA.html

I’ve been using WSF/PHP on Linux Platform for a while now. Today, I wanted to try it out on Windows platform. Though there is a comprehensive installation guide out there, I thought it would be nice to have a summarized version for windows.

What is WSF/PHP ?

Extracted from the product page at WSO2.org

“Web Services Framework for PHP (a.k.a WSF/PHP) , is an open source, enterprise grade, PHP extension for providing and consuming Web Services in PHP.

WSO2 WSF/PHP is a complete solution for building and deploying Web services, and is the only PHP extension with the widest range of WS-* specification implementations. Key features include, secure services and clients with WS-Security support, binary attachments with MTOM, automatic WSDL generation (code first model) , WSDL mode for both services and clients (contract first model) and interoperability with .NET and J2EE. “

WSF/PHP is based on WSO2 WSF/C

WSF/PHP installation procedure (on Windows)

It is assumed that you have installed, Apache, PHP and MySQL(optional) and they are working properly. If not you might find this tutorial useful.

1. WSF/PHP depends on following libraries. Download and install them to known locations.

Libxml2, iconv, OpenSSL msi version

I have installed them under C:wsfdepends directory as follows.

2. The current WSF/PHP version (v1.2.0) can be downloaded from project download page. Select the release zip version and download. Next, extract the zip file to a known location.

Again I have extracted the files under C:wsf directory. So the directory structure as follows.

3. Now copy the wsf.dll from the extracted directory to PHP
xt directory. As per my machine it is,

7.  Copy the samples folder to your Apache Web server’s document root, If you want to run samples.

8. That is it!  Now you can run samples in samples directory.

Consider this as the “Hello world!” to my new SOA and Web services blog!