SOA Governance
SOA governance to the creation and reuse of services and the enforcement of standards and best practices
SOA Governance Team
* SOA Board : Oversees SOA Governance Process
* IT Executive Steering Committee: Decision Makers regarding IT and services
* SOA Core Team: SOA IT enabled experts
* SOA Center of Excellence (CoE): larger SOA Core team, SOA CoE and
business domain owners
SOA Governance Challenges
* Establishing decision rights
* Service ownership--When multiple departments/delivery units reuse a service with in enterprise and depend on it, then who is responsible for it? Someone has to be in charge of development, deployment, and maintenance
* Service funding--Should one department fund the service when many functional unit/departments benefit from it? How can the segment users of a service help fund it?
* Defining appropriate services (atomic/composite)
* Service definition--Services must be identified, scoped, and designed--all based on the needs of the business (SOMA).
* Service message model--The service interface consists not only of operations, but also of request and reply messages whose formats need to be defined and agreed upon(Right sizing of messages).
* Service security--Who is allowed to use a service, what are they allowed to do with the service, and does the data exchanged need to be protected?
* Managing the lifecycle of service assets
* Service deployment lifecycle--Once deployed, a service does not last forever. The deployment lifecycle for a service has five stages: planned, test, active, deprecated, and sunsetted
* Service versioning--Once a service is defined and deployed, its interface and functionality cannot be changed. Changes need to go into a new version, which can be an extension of the previous version and therefore backward compatible
* Service migration--Service consumers need to be updated to use newer versions or newer services so that older ones can be sunsetted
* Service registries--Enable providers to make their services known and consumers to use these services and to find the providers, both at design time and at runtime
* Measuring effectiveness
* Service testing--Verifies that a provider does what it's supposed to do
* Service monitoring--Supplies notification when providers stop working, before outages affect the applications and users.
About Author / Additional Info:
Arivuvel Ramu
GalaxESolutions