Table of Contents
foreword xiii
preface xv
acknowledgments xix
about this book xx
introduction: a tight coupling case study xxiv
- Part 1 Understanding the technology of enterprise SOA 1
- 1 The goal of loose coupling 3
- 1.1 In the beginning, there was distributed computing 5
- What is distributed computing? 5
- 1.2 The two problems of interoperability 7
- Proprietary standards 8
- Tight coupling 8
- 1.3 The goal: simple and inexpensive interoperability 11
- The impact of object-oriented software 12
- Client-server 14
- Setting the standards 15
- Early loose coupling 16
- 1.4 Real loose coupling 17
- Hardware, software, and network transparency 17
- XML 18
- The coalescing of key enabling factors 21
- 1.5 Summary 22
- 2 Web services overview 23
- 2.1 When you look up my auto policy 23
- Call and response 24
- How the CSR would consume web services 26
- 2.2 The technology it’s based on 27
- SOAP 27
- WSDL 28
- UDDI 29
- 2.3 Characteristics of web services 30
- Loose coupling 30
- Network transparency 30
- 2.4 Birthing a web service 32
- Exposing web services 33
- New web services 34
- Specific technologies 34
- 2.5 The savvy manager cautions: standards 35
- 2.6 Summary 35
- 3 What web services can do 37
- 3.1 Technology with potential 37
- 3.2 Invoking remote procedures 38
- 3.3 Exchanging data 39
- 3.4 Impact on EDI 39
- 3.5 Communicating between multivendor systems 40
- 3.6 Interacting interdepartmentally and beyond 41
- 3.7 Integrating applications (EAI) 43
- 3.8 The savvy manager cautions: the limits of web services 44
- Replacing legacy systems 45
- Operating securely or reliably on their own 46
- Performance 46
- It’s not always SOAP, either 46
- 3.9 Summary 47
- 4 What is SOA? 49
- 4.1 Enterprise architecture: the big picture 50
- 4.2 The service-oriented architecture 51
- Struggling to adapt in today’s enterprise architecture 52
- SOA solutions: theory and practice 55
- 4.3 The savvy manager cautions: EA is a process, not a dogma 57
- 4.4 Summary 57
- 5 SOA for enterprise application integration 58
- 5.1 Is Titan happy with its EAI? 58
- First, the truth: EAI is broken 59
- Islands of integration 59
- Other EAI challenges 62
- 5.2 How web services can simplify EAI 62
- 5.3 Web services in portals 63
- 5.4 Web services in software development 66
- 5.5 The savvy manager cautions: limitations of web services in EAI 69
- Speed and reliability 69
- Security 70
- Political issues raised by web services EAI 71
- 5.6 Summary 72
- 6 SOA for B2B commerce 73
- 6.1 Does Titan do B2B? 74
- 6.2 Example: managing the supply chain 74
- 6.3 Example: building hubs 77
- 6.4 Partner-to-partner: airline and car rental 78
- 6.5 Government and scientific SOAs 80
- Example: coordinating government 80
- Example: integrating scientific data 81
- 6.6 The savvy manager cautions: you may still need proprietary standards 82
- 6.7 Summary 84
- 7 SOA: improved business processes 85
- 7.1 The “integration-centric” enterprise 87
- Data warehousing 89
- Business activity monitoring (BAM) 90
- Issues in integration-centric enterprises 91
- 7.2 The “process-centric” enterprise 93
- 7.3 The savvy manager cautions: process management is subjective 96
- 7.4 Summary 96
- 8 Real-time operations 98
- 8.1 What is your company’s time frame? 99
- 8.2 The goal of the real-time enterprise 100
- 8.3 Delivering real time with the SOA 101
- 8.4 Getting agile with a real-time SOA 103
- 8.5 The real-time virtual data warehouse 105
- 8.6 Setting business-level agreements 106
- 8.7 The savvy manager cautions: real time is an overused term 107
- 8.8 Summary 108
- 9 Security in a loosely coupled environment 109
- 9.1 Risks of loose coupling 110
- Machine to machine 111
- Authorization and authentication 112
- Privacy and integrity 113
- Flooding 114
- Auditing 114
- 9.2 Layers of SOA security 115
- Security policy and provisioning 115
- Message-level security 115
- Governance 116
- 9.3 Solutions to SOA security 116
- SOAP message monitoring 116
- SAML and federated authentication 117
- Application proxy 119
- Contract management 119
- Certificates, keys, and encryption 120
- XML encryption 121
- Digital signatures 122
- Replay attack protection and auditing 123
- 9.4 The savvy manager cautions: don’t let security paralyze you 124
- 9.5 Summary 124
- 10 Running an SOA 126
- 10.1 Problems in the unmanaged SOA 126
- Quality of service 127
- Transaction monitoring and web service orchestration 127
- Context sensitivity 128
- Change management and version control 129
- Load balancing and failover 130
- 10.2 Web service management solutions 131
- SOAP monitoring 131
- Quality of service and SLAs 132
- Contracts 133
- Caching 133
- Orchestration 134
- Context and priority 135
- Change management 135
- High availability 136
- 10.3 The savvy manager cautions: choosing an SOA management solution 137
- 10.4 Summary 137
- 11 Assembling SOA networks 139
- 11.1 Titan’s potential SOA network 139
- 11.2 Managing the SOA network 140
- Passing messages through the network 141
- Managing change in the SOA network 143
- 11.3 Securing the SOA network 143
- 11.4 Finding the right solution 144
- 11.5 Using SOAP interception for SOA network management 145
- 11.6 XML VPNs 147
- 11.7 The savvy manager cautions: who’s in charge? 149
- 11.8 Summary 150
- 12 Utility computing 151
- 12.1 What Titan would gain from utility computing 151
- 12.2 How open standards enable utility computing 154
- 12.3 Utility computing in the SOA 156
- 12.4 The savvy manager cautions: secure your utility computing 158
- 12.5 Summary 158
- Part 2 Understanding the people and process of enterprise SOA 161
- 13 Exploring an SOA for Titan 163
- 13.1 Meeting with Titan’s people 165
- 13.2 Converting Titan’s wish list into an SOA 168
- Matching the wish list to services and processes 168
- Translating the wish list into a service map 173
- 13.3 Summary 176
- 14 Achieving consensus at Titan 178
- 14.1 The second meeting 178
- Replacing the front-end 179
- Transitioning to best of breed 183
- 14.2 Leadership 184
- 14.3 The four P’s 185
- 14.4 Summary 186
- 15 People: starting the training 188
- 15.1 Grouping for SOA training success 188
- 15.2 Going beyond the basics 191
- 15.3 Adding an “architects’ council” 196
- 15.4 Summary 196
- 16 People: establishing best practices 198
- 16.1 Service discovery 199
- Modeling the business 199
- Process definition 200
- 16.2 Service creation, part I 203
- Rating the services 204
- Migration 207
- Isolation 208
- Flexibility and reusability 209
- Other factors 209
- Overall evaluation 210
- Next steps 210
- 16.3 Summary 211
- 17 People: establishing best practices 213
- 17.1 Selecting a platform 213
- 17.2 Choosing a pilot project 214
- 17.3 Confronting a real architecture 217
- 17.4 Setting goals and achieving success 219
- 17.5 Measuring success 223
- 17.6 Summary 223
- 18 Plan and proceed 225
- 18.1 Forming an SOA plan 225
- Heavy lifting 226
- Making big decisions 226
- Forming the target architecture 228
- Migration plan 229
- Finalizing the plan 230
- 18.2 The fourth P: proceed 231
- 18.3 Facing disaster 232
- 18.4 Summary 233
Looking ahead 235
index 237