Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bulletproofing SOA March 2006 A comprehensive strategy for ensuring a secure, reliable, compliant Service Oriented Architecture.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Bulletproofing SOA March 2006 A comprehensive strategy for ensuring a secure, reliable, compliant Service Oriented Architecture."— Presentation transcript:

1 Bulletproofing SOA March 2006 A comprehensive strategy for ensuring a secure, reliable, compliant Service Oriented Architecture

2 Why SOA?  Business Effectiveness  Agility, responsiveness to market/competitive dynamics  Greater process efficiencies  Deploy resources based on business needs  Cost Efficiency  Reduced maintenance costs  Reduce integration costs  Reduced skills and effort to support business change  Reduce application redundancy  Reduced Risk  Higher level of IT quality  Incremental deployment  Improved payback times  Promotion of reuse  Lower integration costs  Business agility  Alignment between business and IT

3 What Does Quality Mean in SOA The fundamental benefits desired from implementing a SOA demand a more comprehensive approach to manage and demonstrate software quality

4 SOA is Uniquely Different Achieving quality in a SOA requires the organization to behave much different than it has in the past. At the center is a visible quality process. Visible Quality Process Now more than ever transparency in the overall quality process is a must. SOA impacts more people, more processes and more direct revenue. Roles SOA has cross functional and cross department impacts. Quality must be addressed very early in the process. Trust SOA impacts both internal and external resources. Trust becomes a critical component for reuse. Assurance Secure, reliable, compliant services keeping in mind both the producer and the consumer of the services. Questionable quality will doom the ROI.

5 SOA Impacts IT Roles Project Duration Mainframe Client Server Internet SOA Level of Integration Trend 3 Silos are being broken down into smaller cross-functional teams. Those teams have more distributed team members. Trend 2 “Quality” and the quality process is being promoted higher in the organization Governance Process DesignDevTestDeploy Trend 4 The onus of quality is being distributed in the process. QAs role is split. Perform QA Dev Arch Trend 1 Project durations are shorter with higher levels of integration. Analyst QA

6 SOA is Uniquely Different Achieving quality is uniquely different in a SOA. Consistency is a must. A visible, reliable quality process is core to success. Visible Quality Process Now more than ever transparency in the overall quality process is a must. Roles The quality process must start earlier and include more people. Trust IT shops must earn trust. Assurance Questionable quality will doom the ROI. Consistency is the key for adoption and interoperability.

7 VisibilityVisibilityMeasurementMeasurementManagementManagement Software Test, Analysis & Governance DesignDevelopTestDeploy Development Lifecycle Processes Visibility Measurable Checkpoints and Control Control Development Policy Control Code Behavior and Outcomes Visibility of Impact of Changing Components Leverage-able Test Assets Quality & Progress A Visible Quality Process

8 Parasoft SOAtest Solution Consumer Example: Open a Credit Card Account Business Process Web Service Layer Application A machine to machine or human interface wants to “open an account.” The “open an account” process is initiated. Services invoked “Get customer details,” “Account Type” “Locate Record,” “Check Customer Status” These services reach into applications. Packaged or Custom Apps. Producer Consumer Consistency in the service assets. Enforce policies, interoperability Trust, a visible quality framework Automated BPEL testing Greater business process coverage Rapid load and performance testing Full interoperability validation Ensure secure services Test individual service operations Test use case scenarios Create regression suites Manage tests as a “Team” Visibility of service asset quality Is the application reliable for SOA Automated code analysis Automated unit testing

9 Generic SOA Architecture Parasoft SOAtest SOA Quality Visiblity SOA testing framework SOA aware to reduce complexity Automated policy enforcement Automated business process testing Automated scenario testing Scriptless load and performance testing Orchestration ESB Security Gateway WSM Registry Java /.NET App Servers Legacy Adapters Mainframe Automated BPEL testing. Graphical construction of scenarios. Test multiple protocols with scenarios to automate test coverage. Emulate endpoints. Test gateway policies by driving positive and negative traffic. Security POCs. Test cases can leverage QoS data from WSM. Create test cases for SLA violations. SOA Development Governance. Tests incorporate UDDI. Automated code analysis. Automated unit testing. Regression testing. Test via emualtion.

10 Challenges Deploying a SOA Managing risk Promoting reuse Properly addressing security Organizational alignment Managing complexity

11 Challenge – Managing Risk Consolidation of application or services for mission critical processes increases the risk of failure. More users are impacted Reuse of Services Impact of Downtime (Risk) Distributed Applications Impact of Downtime (Risk)

12 Challenge – Promoting Reuse  Creating an asset that is reusable is easy, promoting reuse is a much different challenge  Aside from granularity, reuse is all about trust  There is no such thing as a “used car” Manufacturer Point Inspection Special Financing Certified Warranty Details Chrysler 125Yes 8 years / 80,000 mile Powertrain Limited Warranty, measured from original vehicle in-service date. Ford 115Yes6 years / 75,000 miles from the In-Service date GMC 110+Yes3 months / 3,000 miles from the Purchase date Lexus 161Yes 3 years from the Purchase date / 100,000 miles from the In-Service date Mercedes-Benz 130+Yes 12 months from Purchase date / 100,000 miles from the In-Service date Toyota 160Yes 7 years / 100,000 miles Limited Power Train Warranty from date when first sold as new.

13 AuditsAssumptions GAP Need to be able to detect vulnerabilities as early as possible. Challenge - Addressing Security  There is a gap in how WS security is addressed  “Security is not my problem it’s coming from somewhere else”  There hasn’t been a big scandal, yet!  Security is usually bolted-on  Audits are usually performed too late Develop TestMonitorArchitect

14 Challenge – Org. Alignment  Fundamental shift in tactical responsibilities  No longer application centric  Business enablement  New paradigm / new focus

15 Challenge - Managing Complexity Services Complexity Risk Eliminated Automated Governance and Quality Control  Complexity sneaks up on you  External services increase complexity exponentially  Accidental exposures

16 Tasks to Bulletproof Web Service JavaC/C++.NETDb Message Layer Implementation Layer

17 Tasks to Bulletproof Web Service JavaC/C++.NETDb Message Layer  Verify Service Description  Verify Policies  Test Web Services Infrastructure  Unit test Service Layer  Business Process Test  Scenario Test  Functional Security Test / Penetration Test  Regression Test  Verify Scalability and Performance Implementation Layer  Code Analysis Security- Reliability Performance- Maintainability  Automated Unit/Regression Testing  Component Unit/Regression Testing

Download ppt "Bulletproofing SOA March 2006 A comprehensive strategy for ensuring a secure, reliable, compliant Service Oriented Architecture."

Similar presentations

© 2004 Flashline Inc. The Seven Faces of Reuse Enterprise Architect Summit June 8, 2004 Charles Stack Founder and CEO Flashline, Inc. © 2004 Flashline.

© 2004 Flashline Inc. The Seven Faces of Reuse Enterprise Architect Summit June 8, 2004 Charles Stack Founder and CEO Flashline, Inc. © 2004 Flashline.
Presentation Title | Date | Page 1 Extracting Value from SOA.

Presentation Title | Date | Page 1 Extracting Value from SOA.
The e-Framework Bill Olivier Director Development, Systems and Technology JISC.

The e-Framework Bill Olivier Director Development, Systems and Technology JISC.
Service Oriented Architecture Inevitable? What next?

Service Oriented Architecture Inevitable? What next?
HP Quality Center Overview.

HP Quality Center Overview.
Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,

Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,
7-1 INTRODUCTION: SoA Introduced SoA in Chapter 6 Service-oriented architecture (SoA) - perspective that focuses on the development, use, and reuse of.

7-1 INTRODUCTION: SoA Introduced SoA in Chapter 6 Service-oriented architecture (SoA) - perspective that focuses on the development, use, and reuse of.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
Roadmap to Continuous Integration Testing and Benefits Gowri Selka, Walgreens Natalie Koltun, Walgreens May 20th, 2014 ©2013 Walgreen Co. All rights reserved.

Roadmap to Continuous Integration Testing and Benefits Gowri Selka, Walgreens Natalie Koltun, Walgreens May 20th, 2014 ©2013 Walgreen Co. All rights reserved.
SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.

SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.
Testing SOA Applications and Services

Testing SOA Applications and Services
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Oracle Fusion Middleware

Oracle Fusion Middleware
Independent Insight for Service Oriented Practice www.cbdiforum.com Communicating SOA.

Independent Insight for Service Oriented Practice Communicating SOA.
SOA Pilot BC Ferries BC OAUG 22 May 2008 Speakers: Chetan Sondagar – BC Ferries – Manager, Business & Safety Applications Mark Allen – Impac.

SOA Pilot BC Ferries BC OAUG 22 May 2008 Speakers: Chetan Sondagar – BC Ferries – Manager, Business & Safety Applications Mark Allen – Impac.
June 3, 2015 Government Technology Forum: Service Oriented Architecture (SOA) Jonathan Natarajan Enterprise Integration Program Manager.

June 3, 2015 Government Technology Forum: Service Oriented Architecture (SOA) Jonathan Natarajan Enterprise Integration Program Manager.
SwE 434. Rational Quality Manager Rational Quality Manager is a collaborative, Web-based tool that offers comprehensive test planning, test construction,

SwE 434. Rational Quality Manager Rational Quality Manager is a collaborative, Web-based tool that offers comprehensive test planning, test construction,
Realising the Potential of Service Oriented Architecture Kris Horrocks Connected Systems Division Microsoft.

Realising the Potential of Service Oriented Architecture Kris Horrocks Connected Systems Division Microsoft.
Systems Integration & Consulting June 2009. 2 Copyright ® 2009 Ayenda Agenda Introduction to Systems Integration System Integration Challenges and Opportunities.

Systems Integration & Consulting June Copyright ® 2009 Ayenda Agenda Introduction to Systems Integration System Integration Challenges and Opportunities.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.

Similar presentations

Ads by Google