Embed Size (px)
DESCRIPTION
This seminar first gives a brief recap of the key SOA principles and then discusses the SOA security challenges.
Citation preview
TECHNOLOGY TRANSFER PRESENTS
VISCONTI PALACE HOTEL - VIA FEDERICO CESI, 37ROME (ITALY)
MAXDOLGICER
DECEMBER 13-15, 2010 DECEMBER 16-17, 2010
How to Governand Secureyour SOA
SOAArchitecture,Standards,
Technologiesand the Cloud
SOA ARCHITECTURE, STANDARDS, TECHNOLOGIES AND THE CLOUD
ABOUT THIS SEMINAR
There has been a lot of talk about unsuccessful SOA projects during the last couple of years. Some analystshave gone as far as pronouncing SOA dead. The truth is there is nothing wrong with SOA, but it has oftenbeen the victim of “identity theft”: Web Services technologies and Middleware products pretend to be the archi-tectural blueprint for your SOA. However, SOA’s true identity lies in the Best Practices for Service Orientation,a well defined architecture blueprint, and Service Oriented development processes that we can rely on toachieve predictable results.Many companies have embraced a SOA approach for development and integration projects. Now they areembarking on the next phase – a more systematic adoption of Service-Oriented practices. However, simplybuying into Middleware technologies like Enterprise Service Bus and the latest generation of developmenttools is not sufficient for successful implementation of an Enterprise SOA. It is time to expand our view onSOA: how can we assess the maturity level of our organization and define a roadmap for future projects? Howdo we navigate the increasing number of standards and overlapping product offerings? Governance and secu-rity have to be our top priorities, and we need to prepare our service based applications to run in a Cloud with-out requiring costly modifications.This seminar starts with examples of key Business strategies that drive SOA and explains how SOA can enablethem. It then discusses the progression of a SOA through three phases: we will talk about the typical elementsthat comprise a basic SOA, followed by the second phase where services are being virtualized and Middlewaretechnology is introduced as an intermediary, and finally moving SOA into the Cloud in the third phase.The seminar then outlines the important aspects that have to be addressed when defining an architectureblueprint, which is the cornerstone of a successful SOA. This includes defining a loosely coupled architectureand proper separation into service layers (i.e. orchestration, application, and infrastructure services), as wellas a comparison of traditional, Web Services based and RESTful architectures. The seminar also shows howSOA enables new types of clients and discusses the key standards that one should consider when imple-menting services.Next, the seminar gives you insight into the organizational challenges that IT managers face with the adoption ofSOA. It emphasizes the role of Governance for IT organizations that need to increase their maturity level inorder to evolve SOA to a large (Enterprise) scale. It shows how to master the full service lifecycle – includingdesign, implementation, deployment, and management - through efficient Governance.The seminar then examines Open Source tools in terms of their support for SOA and concludes with a CaseStudy that highlights how the concepts taught in the seminar have been applied in a real world project.
WHAT YOU WILL LEARN
• Learn how SOA can facilitate the alignment of IT with your Business• Identify the challenges and benefits of developing an Enterprise Architecture• Determine where your organization is located in a SOA Maturity Model, define a SOA Roadmap to move tothe next level, and put the right SOA Governance mechanisms in place before your SOA spins out of control
• Learn how IT culture has to change to successfully adopt the new style of architecture• Understand how Web Services and other standards can be used to implement a SOA• Discover the role of Open Source tools in a Service Oriented Architecture• Learn how Enterprise Service Buses (ESB) can enable and facilitate integration of applications within yourEnterprise and across a B2B value chain
• Understand the key elements of a Service Oriented Software Development Life Cycle
1. The Business Perspective
• How SOA enables Businessstrategies
• How to align Business and ITthrough SOA
• SOA use case examples
2. SOA Phase 1: SOA 101
• Services defined• SOA defined• The Changing Notion Of“Applications”
• The Service Layer model• Next Generation SOA- SOA vs. Event Driven Architec-ture (EDA)
• Degrees of Service Orientation• SOA and standards• SOA challenges• Typical SOA categories
3. SOA Phase 2: ServiceOriented Integration (SOI),Mediation & ServiceVirtualization
• Increased Business velocitychallenges IT- The IT response: Service Ori-ented Integration (SOI)- What integration functionalitydo we need?- From SOA to Service OrientedIntegration (SOI)- How standards can enablePlug & Play integration
• Evolving the approach to inte-gration- The need for intermediation- Enterprise Service Bus (ESB)* Introducing the bus*Moving beyond basicmediation* Implementation choices forintermediaries
• Service virtualization• Server virtualization
4. SOA Phase 3: Moving intothe Cloud
• Cloud definition• Typical usage scenarios• Chose your Cloud flavor: IaaS,SaaS, or PaaS?
• Sample Cloud architecture: IBMBlue Cloud
• IaaS example: Amazon WebServices (AWS)
• Moving into the Cloud- Resource virtualization- Automated, on-demand provi-sioning- Example:GrepTheWeb appli-cation on Amazon- Shared infrastructure and appli-cations- Building Multi-Tenancy Applica-tions
5. First Things First: Definingthe Architecture
• Definition of (Enterprise)Architecture- Enterprise Architecture and SOA-What drives the need for archi-tecture?- Architecture objectives andstandards
• Logical vs. physical architectures• Sample outline for an architec-ture document
• Sample Business event walk-through
• Composite Applications – aprevalent application architec-ture enabled by SOA
• SOA and the data architecture• Rich Internet Applications(RIAs) and SOA
• Moving beyond SOA with “KillerApplications”- Business Activity Monitoring(BAM)- Complex Event Processing (CEP)
• Conclusions
6. Standards that are Importantfor SOA
• Overview of standards bodies• Establishing connectivity throu-gh SOAP
• Defining service interfaces withWeb Services DefinitionLanguage (WSDL)
• Representational State Transfer(REST)
• JavaScript Object Notation (JSON)• Governing services with ServiceRepositories and ServiceRegistries (UDDI)
• Using Business ProcessExecution Language (BPEL)and Business ProcessManagement Notation (BPMN)for orchestration
• Extending automated Businessprocesses with human tasks –BPEL4People
• Web Service Invocation Frame-work (WSIF)
• Asynchronous service interaction:Notification• Reliable Messaging• Security• Transactions• Mapping standards to SOA
7. The IT Perspective: Managingthe SOA Evolution
• Why SOA needs governance• Business vs. IT vs. EA vs. SOAGovernance
• Categories of SOA Governance
OUTLINE
• SOA Governance goals• Implications on the IT organization• Migration from previously exist-ing architectures
• Service oriented development –a new SDLC methodology
• Overview of SOA maturity models• Managing SOA adoption
8. Open Source Software (OSS)for SOA
• OSS definition• Why use OSS?• Linux, Apache, mySQL, PHP(or Perl) = LAMP
• OSS for SOA- Java Application Servers- Spring Framework- Enterprise Service Buses- Web Services- Other tools
• OSS vs. Java and Microsoft• How OSS and SOA relate• Concerns about OSS
9. Service Oriented Analysisand Modeling - CustomerCase Study Part I
• Case Study Overview• B2B Integration Strategy• Business Process Walk-Through• Project Scope• Business modeling• Definition Of Services &Layering
• Verify SOA Principles
10. Service Oriented Design -Case Study Part II
• Designing service interfaces• Encapsulation of existingBusiness logic
• Designing the Schemas• Interface consolidation• Determining the right degree ofService Orientation
• Designing the components• Composing Business processes• Detailed B2B Gateway LogicalArchitecture
11. Conclusions
• Seminar conclusions• SOA outlook
WHO SHOULD ATTEND
• Architects who want to adopt aService Oriented Architecture
• IT Professionals who need tosee how SOA can be applied todevelopment as well as integra-tion projects
• IT Managers and IT Strategistsselecting new standards and prod-ucts for Enterprise Architecture• IT Managers and IT Strategiesevaluating feasible strategies forapplication development and inte-gration
• Architects and Application Deve-lopers who want a detailed lookat the different technologies thatcan be used to implement SOA
• Architects and Developers whowant to know how these technolo-gies can be applied to both, EAIand B2B Application Integration• Consultants who need to recom-mend and use different imple-mentation strategies for buildinga SOA
Once a company has completed initial SOA projects, the number of deployed services increases such that thekey question no longer is how to build services, but rather how to efficiently govern the development and oper-ation of services on an Enterprise scale. The focus of SOA shifts to reusability, securing how a growing num-ber of clients access the services, and assuring that Service Level Agreements (SLAs) are met, to name just afew issues. At this point companies run the danger that a “free for all” environment proliferates, and the benefitsof SOA cannot be realized. The key is to introduce SOA Governance before services spin out of control.It is of equal importance to adjust the approach to security. Traditional Web applications are well understoodin terms of their security challenges and the typical solutions that can be employed. Once we migrate to SOA,the picture becomes much more complex: SOA introduces new components, for example an EnterpriseService Bus (ESB), SOA appliances for XML acceleration, security, and management, new technologies likeXML, SOAP and Web Services, intelligent (B2B) clients that interact with RESTful systems, etc.This seminar first gives a brief recap of the key SOA principles and then discusses the SOA security chal-lenges. It shows how to use a maturity model to build your SOA Roadmap; it discusses how SOAGovernance relates to Business, IT, and Enterprise Architecture (EA) Governance; it details what comprisesSOA Governance, and it provides insights into current Governance standards, technologies and vendorapproaches.
WHAT YOU WILL LEARN
• Understand the complexity of security in SOA compared to traditional Web applications• See how the different SOA projects in your organization fit into the big picture of a SOA Maturity Model andhow to develop your SOA Roadmap
• Distinguish between Business, IT, EA and SOA Governance• Understand how to govern the complete services lifecycle – from design time to run-time• Be able to define practical guidelines and policies to assure that project teams follow a consistent approachto service design and implementation
ABOUT THIS SEMINAR
HOW TO GOVERN AND SECURE YOUR SOA
1. Understanding SOA basics
• SOA and services defined• The Service Layers• Client/Server SOA vs. Event-Driven SOA (a.k.a. EDA)
• Typical SOA applied: TheComposite Applications
• SOA vs. RESTful architectures• Understanding SOA categories
2. SOA Security
• Web application security vs. SOAsecurity- Security in traditional 3-TierWeb application systems- Extending the Web applicationsystem with SOA
• How to protect the complex SOA- Identity management- Authentication and authorization- Auditing- Data Protection
• Security standards for SOA-WS-Security- Extensible Access ControlMarkup Language (XACML)
• A consolidated security architec-ture for Web applications andSOA
3. Planning the SOA Evolution:SOA Maturity Model and SOARoadmap
• Defining the goals – SOA matu-rity models- The OpenGroup Service Inte-gration Maturity Model (OSIMM)- Overview- Maturity dimensions- Maturity levels- How to assess your SOAmaturi-ty and determine where you are?- Progress Software MaturityModel
• How do we get there – develop-ing a SOA Roadmap
• Project example for mapping aMaturity Model to a Roadmap
4. Managing the SOA Evolution:SOA Governance Overview
• Why SOA needs Governance• Business vs. IT vs. EA vs. SOAGovernance
• Categories of SOA Governance- Design time Governance- Run time Governance
• SOA Governance goals• SOA Center Of Excellence (COE)
5. SOA Governance Frameworks
• Open Group standards- SOA Governance ReferenceModel (SGRM)- SOA Governance VitalityMethod (SGVM)
6. SOA GovernanceTechnologies
• How to select SOA Governancetechnologies?- Mapping Governance proces-ses to technologies
• What Meta-data do we need tomaintain?
• Integrated approach to SOAGovernance
• Repositories & registries• Product examples
7. Recap and Conclusions
WHO SHOULD ATTEND
• Architects who want to define aroadmap for the evolution ofSOA throughout the Enterprise
• IT Professionals who need tosee how SOA can efficiently beapplied on large scale projects
• IT Managers and IT Strategistswho need to define policies forservice development, operations,and service security• Architects and Developers whowant to understand the impactof SOA Governance on theirprojects
• Consultants who need to recom-mend and use Governance stra-tegies and technologies for SOA
OUTLINE
MAX DOLGICER
SOAARCHITECTURE, STANDARDS,TECHNOLOGIES AND THE CLOUD
Rome December 13-15, 2010Visconti Palace Hotel - Via Federico Cesi, 37Registration fee: € 1500
HOW TO GOVERNAND SECURE YOUR SOA
Rome December 16-17, 2010Visconti Palace Hotel - Via Federico Cesi, 37Registration fee: € 1200
BOTH SEMINARS
Special price for the delegateswho attend both seminars: € 2500
If anyone registered is unable to attend, or in caseof cancellation of the seminar, the general conditionsmentioned before are applicable.
first name ...............................................................
surname .................................................................
job title ...................................................................
organisation ...........................................................
address ..................................................................
postcode ................................................................
city .........................................................................
country ...................................................................
telephone ...............................................................
fax ..........................................................................
e-mail .....................................................................
�
Send your registration formwith the receipt of the payment to:Technology Transfer S.r.l.Piazza Cavour, 3 - 00193 Rome (Italy)Tel. +39-06-6832227 - Fax +39-06-6871102info@technologytransfer.itwww.technologytransfer.it
Stamp and signature
INFORMATION
PARTICIPATION FEE
SOAArchitecture, Standards, Technologiesand the Cloud€ 1500
How to Govern and Secure your SOA€ 1200
Special price for the delegateswho attend both seminars:€ 2500
The fee includes all seminardocumentation, luncheon and coffeebreaks.
VENUE
Visconti Palace HotelVia Federico Cesi, 37Rome (Italy)
SEMINAR TIMETABLE
9.30 am - 1.00 pm2.00 pm - 5.00 pm
HOW TO REGISTER
You must send the registration form withthe receipt of the payment to:TECHNOLOGY TRANSFER S.r.l.Piazza Cavour, 3 - 00193 Rome (Italy)Fax +39-06-6871102
withinNovember 29, 2010
PAYMENT
Wire transfer to:Technology Transfer S.r.l.Banca Intesa Sanpaolo S.p.A.Agenzia 6787 di RomaIban Code:IT 34 Y 03069 05039 048890270110
GENERAL CONDITIONS
GROUP DISCOUNT
If a company registers 5 participants tothe same seminar, it will pay only for 4.Those who benefit of this discount are notentitled to other discounts for the sameseminar.
EARLY REGISTRATION
The participants who will register 30 daysbefore the seminar are entitled to a 5%discount.
CANCELLATION POLICY
A full refund is given for any cancellationreceived more than 15 days before theseminar starts. Cancellations less than15 days prior the event are liable for 50%of the fee. Cancellations less than oneweek prior to the event date will be liablefor the full fee.
CANCELLATION LIABILITY
In the case of cancellation of an event forany reason, Technology Transfer’sliability is limited to the return of theregistration fee only.
Max Dolgicer is an internationally recognized expert, Technical Director and Principal at International SystemGroup, (ISG) Inc., a leading consulting firm that specializes in design, development and integration of large-scale distributed applications using leading edge Middleware technologies.Mr. Dolgicer is a contributing editorfor Application Development Trends magazine and recognized speaker, instructor and lecturer. Mr. Dolgicerhas more than 29 years of management and technical experience in development and support of Business ap-plications, software products and systems internals. Mr. Dolgicer’s academic background includes a Master inComputer Science from Technion, Israel Institute of Technology.
SPEAKER
