SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
This PDF will be accessible from your Account page after purchase and requires PDF reading software, such as Acrobat® Reader®.
The eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
“This book provides an indispensable guide for establishing a firm SOA governance foundation. Easy to read, comprehensive, pragmatic...excellent job.”
--Nick Laqua, Enterprise SOA Architect, Cathay Pacific Airways
“SOA Governance is a must-read that provides an in-depth look at the organizational, managerial, procedural, and technical aspects that any SOA project needs to consider. If you’re investing in SOA, you’ll benefit greatly by having this excellent resource available to you as you contend with the many challenges of creating your own SOA governance.”
--David E. Michalowicz, Principal, Information Systems Engineer, The MITRE Corporation
“With this book Thomas Erl [and his team] do a great job in outlining a framework to implement an SOA governance program. For each stage of the project lifecycle, necessary governance precepts and processes are described concretely by referring to the service-orientation principles and SOA patterns. This makes it an indispensable source of information for any SOA practitioner or any professional who plans to start an SOA initiative.”
--Jean-Paul De Baets, Principal SOA Architect, Fedict (Belgian Federal Government Information and Communication Technology Service)
“This book on SOA governance provides both thoughtful and carefully crafted narrative and the supplementation of poignant real-world case studies that will help practitioners calibrate guidance to realities on the ground. This is a terrific book that will be heavily used--with tab stickers, dog-ears, highlighting, and column notes abounding to show for it--as practitioners strategize and subsequently iterate through organizational learnings on their journeys to SOA maturity.”
--David S. Rogers, Manager, IEEE Conferences Business and Technology Solutions Office
“Thomas Erl’s SOA Governance clarifies the principles behind this crucial capability for SOA adoption. Finally, a contribution that serves as a guide for project managers, architects, and any related role that has a common goal: the establishment, administration, and vision behind a service-enabled enterprise. Accenture sees this book as a milestone that will support the rationale behind selling and delivering SOA governance projects around the world.”
--Dr. Matthias Ziegler, Accenture; Dr. Jure Zakotnik, Accenture; Thomas M. Michelbach, Accenture
“Thomas Erl’s SOA Governance book fills in an important missing piece for any organization wanting to move to--and succeed with--an enterprise commitment to implement SOA and realize its overarching benefits. Of equal importance, however, is the fact that the basic concepts and frameworks that the book instantiates in the context of SOA can also be productively applied in other contexts that are not formally ‘SOA-esque,’ but where complexity is in need of formal governance.”
--Charles N. Mead, MD, MSc., Senior Technical Advisor to the Director, National Cancer Institute Center for Bioinformatics and Information Technology (NCI CBIIT) Chair, Architecture Board, Health Level 7 (HL7)
“SOA Governance is the best read on governance and software delivery processes since the publication of RUP; it is the book that defines the standard Service Delivery Processes for all project lifecycle models and defines the necessary conditions and roadmap to reach SOA in the IT organization.”
--Filippos Santas, IT Architect, Credit Suisse Private Banking, Switzerland, and Certified SOA Trainer
“Achieving your service-oriented goals requires controlled growth and change, which are best accomplished through rigorous governance. The authors of this work drive to the heart of governance and show you how to manage your portfolio of services.”
--Kevin P. Davis, Ph.D., Software Architect
The Definitive Guide to Governing Shared Services and SOA Projects
SOA Governance: Governing Shared Services On-Premise and in the Cloud is the result of a multi-year project to collect proven industry practices for establishing IT governance controls specific to the adoption of SOA and service-orientation. Authored by world-renowned experts in the fields of SOA, IT governance, and cloud computing, this comprehensive book provides clear direction as to what does and does not constitute SOA governance and then steps the reader through the most important industry governance practices, as they pertain to individual SOA project lifecycle stages.
With a consistent, vendor-neutral focus, and with the help of case study examples, the authors demonstrate how to define and position precepts, organizational roles, processes, standards, and metrics. Readers benefit from thorough and visually depicted cross-references and mapping between roles, processes, precepts, and project stages, enabling them to fully explore dynamics and dependencies and thereby learn how to use these governance controls to create their own custom SOA governance systems.
This important title will be valuable to every practitioner concerned with making SOA work, including senior IT managers, project managers, architects, analysts, developers, administrators, QA professionals, security specialists, and cloud computing professionals.
Topic Areas
Foreword by Massimo Pezzini xxxi
Foreword by Roberto Medrano xxxiii
Acknowledgments xxxv
CHAPTER 1: Introduction 1
1.1 About this Book 3
Who this Book is For 3
What this Book Does Not Cover 4
This is Not a Book About SOA Management 4
This is Not a Book About Cloud Computing Governance 4
1.2 Recommended Reading 5
1.3 How this Book is Organized 6
Part I: Fundamentals 6
Part II: Project Governance 7
Part III: Strategic Governance 10
Part IV: Appendices 11
1.4 Symbols, Figures, and Style Conventions 12
Symbol Legend 12
Mapping Diagrams 12
SOA Principles & Patterns Sections 13
Capitalization 14
1.5 Additional Information 14
Updates, Errata, and Resources (www.soabooks.com) 14
Master Glossary (www.soaglossary.com) 15
Referenced Specifications (www.soaspecs.com) 15
SOASchool.com SOA Certified Professional (SOACP) 15
CloudSchool.com Cloud Certified Professional (CCP) 15
The SOA Magazine (www.soamag.com) 15
Notification Service 16
CHAPTER 2: Case Study Background 17
2.1 How Case Studies are Used 18
2.2 Raysmoore Corporation 18
History 18
IT Environment 18
Business Goals and Obstacles 19
2.3 Case Study Continuation 20
PART I: FUNDAMENTALS
CHAPTER 3: Service-Oriented Computing Fundamentals 23
3.1 Basic Terminology 24
Service-Oriented Computing 25
Service-Orientation 26
Service-Oriented Architecture (SOA) 29
Services 31
Services as Components 32
Services as Web Services 32
Services as REST Services 34
SOA Manifesto 34
Cloud Computing 35
IT Resources 35
Cloud 36
On-Premise 37
Cloud Deployment Models 37
Cloud Consumers and Cloud Providers 38
Cloud Delivery Models 38
Service Models 38
Agnostic Logic and Non-Agnostic Logic 39
Service Composition 40
Service Inventory 41
Service Portfolio 41
Service Candidate 42
Service Contract 43
Service-Related Granularity 44
SOA Design Patterns 46
3.2 Further Reading 47
CHAPTER 4: SOA Planning Fundamentals 49
4.1 The Four Pillars of Service-Orientation 51
Teamwork 52
Education 52
Discipline 52
Balanced Scope 53
4.2 Levels of Organizational Maturity 56
Service Neutral Level .57
Service Aware Level 57
Service Capable Level 57
Business Aligned Level 58
Business Driven Level 58
Service Ineffectual Level 58
Service Aggressive Level 59
4.3 SOA Funding Models 60
Platform (Service Inventory) Funding 60
Project Funding Model (Platform) 61
Central Funding Model (Platform) 64
Usage Based Funding Model (Platform) 66
Service Funding 69
Project Funding Model (Service) 69
Central Funding Model (Service) 71
Hybrid Funding Model (Service) 72
Usage Based Funding Model (Service) 74
CHAPTER 5: SOA Project Fundamentals 79
5.1 Project and Lifecycle Stages 81
SOA Adoption Planning 82
Service Inventory Analysis 82
Service-Oriented Analysis (Service Modeling) 84
Service-Oriented Design (Service Contract) 85
Service Logic Design 87
Service Development 87
Service Testing 88
Service Deployment and Maintenance 89
Service Usage and Monitoring 90
Service Discovery 90
Service Versioning and Retirement 91
5.2 Organizational Roles 92
Service Analyst 96
Service Architect 96
Service Developer 97
Service Custodian 98
Cloud Service Owner 98
Service Administrator 100
Cloud Resource Administrator 100
Schema Custodian 102
Policy Custodian 104
Service Registry Custodian 105
Technical Communications Specialist 105
Enterprise Architect 106
Enterprise Design Standards Custodian (and Auditor) 107
SOA Quality Assurance Specialist 109
SOA Security Specialist 110
SOA Governance Specialist 111
Other Roles 112
Educator 112
Business Analyst 113
Data Architect 113
Technology Architect 113
Cloud Technology Professional 114
Cloud Architect 114
Cloud Security Specialist 114
Cloud Governance Specialist 114
IT Manager 115
5.3 Service Profiles 115
Service-Level Profile Structure 117
Capability Profile Structure 118
Additional Considerations 119
Customizing Service Profiles 119
Service Profiles and Service Registries 119
Service Profiles and Service Catalogs 119
Service Profiles and Service Architecture 120
CHAPTER 6: Understanding SOA Governance 121
6.1 Governance 101 122
The Scope of Governance 123
Governance and Methodology 124
Governance and Management 124
Methodology and Management 125
Comparisons 125
The Building Blocks of a Governance System 127
Precepts 128
People (Roles) 128
Processes 129
Metrics 129
Governance and SOA 130
6.2 The SOA Governance Program Office (SGPO) 131
6.3 SGPO Jurisdiction Models 133
Centralized Enterprise SGPO 133
Centralized Domain SGPO 134
Federated Domain SGPOs 135
Independent Domain SGPOs 136
6.4 The SOA Governance Program 137
Step 1: Assessing the Enterprise (or Domain) 137
Current Governance Practices and Management Styles 138
SOA Initiative Maturity 138
Current Organizational Model 139
Current and Planned Balance of On-Premise and Cloud-based IT Resources 139
Step 2: Planning and Building the SOA Governance Program 139
SOA Governance Precepts 139
SOA Governance Processes 141
SOA Governance Roles 143
Additional Components 146
Step 3: Running the SOA Governance Program (Best Practices and Common Pitfalls) 146
Collect the Right Metrics and Have the Right People Use Them 146
Provide Transparency and Foster Collaboration 147
Ensure Consistency and Reliability 147
Compliance and Incentives 147
Education and Communication 148
Common Pitfalls 148
PART II: PROJECT GOVERNANCE
CHAPTER 7: Governing SOA Projects 153
7.1 Overview 155
Precepts, Processes, and People (Roles) Sections 156
7.2 General Governance Controls 157
Precepts 157
Service Profile Standards 157
Service Information Precepts 158
Service Policy Precepts 158
Logical Domain Precepts 159
Security Control Precepts 160
SOA Governance Technology Standards 163
Metrics 164
Cost Metrics 164
Standards-related Precept Metrics 165
Threshold Metrics 165
Vitality Metrics 166
Case Study Example 167
7.3 Governing SOA Adoption Planning 169
Precepts 169
Preferred Adoption Scope Definition 169
Organizational Maturity Criteria Definition 171
Standardized Funding Model 172
Processes 173
Organizational Governance Maturity Assessment 173
Adoption Impact Analysis 176
Adoption Risk Assessment 178
People (Roles) 179
Enterprise Architect 179
SOA Governance Specialist 181
Case Study Example 182
CHAPTER 8: Governing Service Analysis Stages 187
8.1 Governing Service Inventory Analysis 192
Precepts 193
Service Inventory Scope Definition 193
Processes 195
Business Requirements Prioritization 195
People (Roles) 197
Service Analyst 197
Enterprise Design Standards Custodian 198
Enterprise Architect 199
SOA Governance Specialist 200
Case Study Example 201
8.2 Governing Service-Oriented Analysis (Service Modeling) 206
Precepts 206
Service and Capability Candidate Naming Standards 206
Service Normalization 207
Service Candidate Versioning Standards 209
Processes 210
Service Candidate Review 210
People (Roles) 212
Service Analyst 212
Service Architect 213
Enterprise Design Standards Custodian 214
Enterprise Architect 215
SOA Governance Specialist 216
Case Study Example 217
CHAPTER 9: Governing Service Design and Development Stages 221
9.1 Governing Service-Oriented Design (Service Contract) 223
Precepts 223
Schema Design Standards 223
Service Contract Design Standards 225
Service-Orientation Contract Design Standards 228
SLA Template 229
Processes 231
Service Contract Design Review 231
Service Contract Registration 234
People (Roles) 236
Service Architect 236
Schema Custodian 237
Policy Custodian 238
Technical Communications Specialist 239
Enterprise Design Standards Custodian 241
Enterprise Architect 242
SOA Security Specialist 243
SOA Governance Specialist 245
Case Study Example 246
9.2 Governing Service Logic Design 249
Precepts 249
Service Logic Design Standards 249
Service-Orientation Architecture Design Standards 252
Processes 253
Service Access Control 253
Service Logic Design Review 255
Legal Data Audit 257
People (Roles) 259
Service Architect 259
Enterprise Design Standards Custodian 260
Enterprise Architect 261
SOA Security Specialist 262
SOA Governance Specialist 263
Case Study Example 265
9.3 Governing Service Development 267
Precepts 267
Service Logic Programming Standards 267
Custom Development Technology Standards 268
Processes 270
Service Logic Code Review 270
People (Roles) 272
Service Developer 272
Enterprise Design Standards Custodian 273
Enterprise Architect 274
SOA Governance Specialist 275
Case Study Example 276
CHAPTER 10: Governing Service Testing and Deployment Stages 277
10.1 Governing Service Testing 278
Precepts 279
Testing Tool Standards 279
Testing Parameter Standards 280
Service Testing Standards 281
Cloud Integration Testing Standards 283
Test Data Usage Guidelines 285
Processes 286
Service Test Results Review 286
People (Roles) 287
Service Administrator 287
Cloud Resource Administrator 288
Enterprise Architect 289
SOA Quality Assurance Specialist 290
SOA Security Specialist 291
SOA Governance Specialist 292
Case Study Example 294
10.2 Governing Service Deployment and Maintenance 298
Precepts 298
Production Deployment and Maintenance Standards 298
Processes 301
Service Certification Review 301
Service Maintenance Review 303
People (Roles) 304
Service Administrator 304
Cloud Resource Administrator 305
Service Custodian 307
Enterprise Architect 308
SOA Quality Assurance Specialist 309
SOA Security Specialist 310
SOA Governance Specialist 311
Case Study Example 312
Chapter 11: Governing Service Usage, Discovery, and Versioning Stages 315
11.1 Governing Service Usage and Monitoring 317
Precepts 317
Runtime Service Usage Thresholds 317
Service Vitality Triggers 320
Processes 323
Service Vitality Review 323
People (Roles) 325
Enterprise Architect 325
Service Architect 326
Service Administrator 327
Cloud Resource Administrator 328
Service Custodian 329
SOA Security Specialist 331
SOA Governance Specialist 332
Case Study Example 333
11.2 Governing Service Discovery 335
Precepts 335
Centralized Service Registry 335
Processes 337
Service Registry Access Control 337
Service Registry Record Review 339
Service Discovery 340
Shared Service Usage Request 342
Shared Service Modification Request 343
People (Roles) 345
Service Custodian 345
Service Registry Custodian 346
Technical Communications Specialist 348
SOA Governance Specialist 348
Case Study Example 350
11.3 Governing Service Versioning and Retirement 352
Precepts 352
Service Versioning Strategy 352
SLA Versioning Rules 354
Service Retirement Notification 356
Processes 357
Service Versioning 357
Service Retirement 359
People (Roles) 360
Enterprise Design Standards Custodian 60
Service Administrator 362
Cloud Resource Administrator 363
Schema Custodian 364
Policy Custodian 364
SOA Governance Specialist 365
PART III: STRATEGIC GOVERNANCE
CHAPTER 12: Service Information and Service Policy Governance 369
12.1 Overview 371
Service Data vs. Service Information 371
Policies 101 373
12.2 Governance Controls 375
Precepts 375
Enterprise Business Dictionary/Domain Business Dictionary 375
Service Metadata Standards 377
Enterprise Ontology/Domain Ontology 380
Business Policy Standards 382
Operational Policy Standards 384
Policy Centralization 386
Processes 389
Data Quality Review 389
Communications Quality Review 391
Information Alignment Audit 393
Policy Conflict Audit 395
People (Roles) 397
Business Analyst 397
Data Architect 399
Schema Custodian 399
Policy Custodian 401
Service Registry Custodian 402
Technical Communications Specialist 403
SOA Quality Assurance Specialist 405
SOA Governance Specialist 406
12.3 Guidelines for Establishing Enterprise Business Models 408
Establish a Service Information Governance Council 408
Assign Business Information Custodians 408
Assign Value to Business Information 409
Relate Service Information Governance to Master Data Management 409
CHAPTER 13: SOA Governance Vitality 411
13.1 Vitality Fundamentals 412
13.2 Vitality Triggers 414
Business vs. Technology Changes 415
Types of Vitality Triggers 416
Strategic Adjustments 416
Strategic Business Adjustment 416
Strategic IT Adjustment 417
Industry Shifts 417
Business Shift 417
Technology Shift 418
Metrics 418
Performance Metrics 419
Compliance Metrics 419
Organizational Shifts 419
Periodic 420
Milestone 420
Time 420
13.3 SOA Governance Vitality Process 421
Identify Activity 421
Assess Activity 422
Refresh Activity 422
Approve Activity 423
Communicate Activity 423
CHAPTER 14: SOA Governance Technology 425
14.1 Understanding SOA Governance Technology 426
SOA Governance Task Types 427
Manual Governance 427
Automated Governance 427
Design-time Governance 428
Runtime Governance 428
On-Premise Governance 428
Cloud Governance 428
Passive Governance 428
Active Governance 429
SOA Governance Technology Types 429
Administrative 429
Monitoring 429
Reporting 430
Enforcement 430
14.2 Common SOA Governance Technology Products 431
Service Registries 431
Task Types 432
Technology Types 432
SOA Project Stages 433
Repositories 433
Task Types 434
Technology Types 434
SOA Project Stages 435
Service Agents 435
Task Types 436
Technology Types 437
SOA Project Stages 437
Policy Systems 437
Task Types 438
Technology Types 438
SOA Project Stages 439
Quality Assurance Tools 439
Task Types 440
Technology Types 440
SOA Project Stages 441
SOA Management Suites 441
Other Tools and Products 442
Technical Editors and Graphic Tools 442
Content Sharing and Publishing Tools 442
Configuration Management Tools 443
Custom SOA Governance Solutions 443
14.3 Guidelines for Acquiring SOA Governance Technology 444
Acquisition Strategies 444
Single Vendor 444
Multiple Vendors 445
Open Source 446
Leased from Cloud Vendor 447
Best Practices 448
Establish Criteria Based on Your Specific Requirements 448
Investigate Customizability 448
Investigate APIs 448
Understand Both Initial and Long-Term Costs 448
Understand Actual Governance Support 449
Take the Time to Create a Quality RFP 449
PART IV: APPENDICES
APPENDIX A: Case Study Conclusion 453
APPENDIX B: Master Reference Diagrams for Organizational Roles 457
Service Analyst 458
Service Architect 459
Service Developer 460
Service Custodian 460
Service Administrator 461
Cloud Resource Administrator 462
Schema Custodian 463
Policy Custodian 464
Service Registry Custodian 465
Technical Communications Specialist 466
Enterprise Architect 467
Enterprise Design Standards Custodian (and Auditor) 468
SOA Quality Assurance Specialist 469
SOA Security Specialist 470
SOA Governance Specialist (precepts) 471
SOA Governance Specialist (processes) 472
APPENDIX C: Service-Orientation Principles Reference 473
APPENDIX D: SOA Design Patterns Reference 489
APPENDIX E: The Annotated SOA Manifesto 577
APPENDIX F: Versioning Fundamentals for Web Services and REST Services 591
F.1 Versioning Basics 593
Versioning Web Services 593
Versioning REST Services 594
Fine and Coarse-Grained Constraints 595
F.2 Versioning and Compatibility 596
Backwards Compatibility 596
Backwards Compatibility in Web Services 596
Backwards Compatibility in REST Services 597
Forwards Compatibility 599
Compatible Changes 602
Incompatible Changes 604
F.3 REST Service Compatibility Considerations 605
F.4 Version Identifiers 608
F.5 Versioning Strategies 611
The Strict Strategy (New Change, New Contract) 611
Pros and Cons 612
The Flexible Strategy (Backwards Compatibility) 612
Pros and Cons 613
The Loose Strategy (Backwards and Forwards Compatibility) 613
Pros and Cons 614
Summary Table 614
F.6 REST Service Versioning Considerations 615
APPENDIX G: Mapping Service-Orientation to RUP 617
Compatibility of RUP and SOA 618
Overview of RUP (and MSOAM) 619
The Pillars of Service-Orientation and the RUP Principles 620
Breadth and Depth Roles and Role Mapping 623
Enterprise and Governance Roles 624
Mapping Service Delivery Project Stages to Disciplines 625
Mapping MSOAM Analysis and Design Stages to RUP Disciplines 626
Service-Orientation and RUP: Gaps 628
Related Reading 628
Bibliography 629
APPENDIX H: Additional Resources 631
About the Authors 635
About the Contributors 641
About the Foreword Contributors 643
Index 645