In the modern day, information technology (IT) systems of the enterprise are continuously challenged with demands to serve ever changing requirements. In order to get more out of existing investments, rather than developing new applications to serve such demands, IT companies are moving towards the service-oriented paradigm.

What is a service?

In the service oriented paradigm, a service is a well-defined and self-contained function, one that would not not depend on the context or state of other services.

SOA?

Developing services and deploying them using a service-oriented architecture (SOA) is the best way to utilize existing IT systems to meet new challenges. SOA represents a new generation of distributed computing architecture.

Definition of SOA!

According to the OASIS SOA Reference Model definition[1], “SOA is a paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains. It provides a uniform means to offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations“.

In simple terms, Service-oriented Architecture is a collection of services. Services in a SOA can communicate with each other. This communication could take the shape of either simple data processing, or, it could even involve two or more services coordinating some activity. The combination of services, both internal and external to an organization, makes up a service-oriented architecture.

[1] http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=soa-rm

This is interesting..

http://janapriya.net/blog/2008/07/14/service-oriented-architecture-soa-robotics/

Rogue Services the ‘Silent Killer’ in SOA : Myths and Realities

Extracted from [1],

Rogue services within an SOA are mismanaged or lost Web services that cause problems for unknowing IT managers who might be using them. In a worst-case scenario, a rogue service does not comply with business policies and/or compliance mandates, resulting in costly, and potentially contentious, audits.

Three of the top 10 misconceptions about SOA management and governance that apply to the impact of rogue services on IT infrastructure are as follows:

1. Perception: rogue services are a result of malicious code planted by hackers.
   Reality: not always. Packaged applications may contain unidentified services that are susceptible to being used in unintended ways.
2. Perception: a company’s security infrastructure prevents the proliferation of rogue services.
   Reality: rogue services can undermine a company’s security initiatives, making financial and other confidential information vulnerable.
3. Perception: rogue services are bothersome but not dangerous.
   Reality: rogue services can lead to prosecution or company shutdowns if compliance mandates are not met.

“Rogue services lurk in the shadows of many SOAs and most IT organizations are not doing enough to prevent their proliferation, Rogue services can truly be silent killers. For example, if a rogue service is embedded within a financial application, Sarbanes-Oxley compliance can be compromised resulting in company executives having to testify in court as to why and how an unknown Web service captured credit card data that was accessed by hackers. The good news is that proper management and governance will help organizations develop water-tight SOA environments.”

[1] http://www.actional.com/news_events/press/Rogue-Services-in-SOA.html