Summa

In a previous post, I laid some of the conceptual groundwork for authorization in the tricky world of SOA. Now, a year older and a year wiser (I hope!), I’d like to swing back around to the topic of authorization, but broaden the scope a bit - talking not just about authorization and SOA, but about authorization and the whole enterprise “ecosystem” (services, applications, user interfaces, etc.).

In this post I’d like to describe the decentralized, “every man for themselves” model of authorization that is most common in organizations, and the problems inherent. In later posts I hope to touch on some possible paths out of this chaos - the XACML standard, the model of pre-determined access control, and attribute services. Here goes…

Continue Reading Add comment

To maximize their benefit, SaaS solutions need to integrate with existing enterprise systems. Depending on the business requirements and the integration capabilities of the chosen SaaS product, the integration approach may not be trivial. While a comprehensive API offered by SaaS is a must-have, in most cases a custom SaaS integration layer will be needed to comply with SOA principles and to facilitate integration with existing systems.

In this blog post I will provide an overview of capabilities that a typical SaaS integration layer should provide, and identify integration products that best fit those capabilities.

Continue Reading 1 comment

Summa is sponsoring two upcoming  ZapThink SOA events.

The first event is a networking and panel discussion of SOA Experts (including Jason Bloomberg, David Linthicum, Summa’s own Jason Armstrong and others.) It is October 1 in Washington DC (Tyson’s Corner).  More details are here:

The second event is in Pittsburgh on October 22nd - focused on SOA and modernization featuring project case studies from CMU ahd Highmark. More detail and registration information are here.

Add comment

Your team has designed the perfect architecture for an SOA (Service Oriented Architecture) project. You are all excited and ready to get rolling. A few weeks later you find out that you will need to make several compromises in your design because of other teams’ skills and constraints. Your end of the integration is almost fully developed and ready for integration testing when you find out that the other end is still undergoing development, or worse, it is in still on early stages of design. Sound familiar? I have found these to be very common situations in SOA integration projects that span across two or more teams and/or applications. In this post I will explore five frequent SOA project pitfalls along with some recommendations that can help mitigate or avoid some of these roadblocks to make your project successful. You will find that these scenarios are not unique to SOA integration projects, but they also apply to most inter-group IT projects.

Continue Reading 3 comments

There’s plenty of talk about security and SOA (or should I just say services now?), but the vast majority seems to cover only the issues of authentication and identity management, and neglects the equally important problem of authorization (*1). Although I can’t claim to be a security expert, in a series of posts, I’d like to share some of my thoughts and experiences on implementing authorization in the world of service-oriented architectures.

In this first post, I’d like to take a quick trip through some of the basic terms and definitions of authorization, laying the conceptual groundwork for the later posts. Ok, let’s get started!

Continue Reading 6 comments

In the early days of SOA many new products arrived on the scene that seemed to be solutions looking for a problem. As the SOA space matures (or maybe matured, since some have claimed it is dead*), so do the products and the relevant architectural patterns that use those products. However, there are other areas of SOA where you find solutions looking for a problem - the services themselves.

Continue Reading Add comment

Service Oriented Architectures add a new twist to an old problem. Imagine this simple scenario:

Sounds simple, right? In the old days of integrated applications, it would be – just join the customer and order tables and apply said criteria. Voila!

Ahh…but it’s a brave new world of SOA, and some old tricks no longer apply. In your architecture, instead of one integrated application, you have two loosely coupled services, Customer and Order. Both services are deployed independently and have their own data – i.e. the Customer service has a Customer data store and the Order service an Order store.

The question stands then – how can you answer a business question about customers and orders, given that this data spans across multiple services?

Continue Reading 11 comments

No man (or woman) is an island - we cannot thrive alone. Similarly no application is an island. In the same way that people across the globe have become intractably interconnected by technology, so have applications and the data that they thrive on. SaaS applications can become dangerous islands of process and data if you are not careful in planning from the start. SaaS applications are increasing in rate of adoption due to both their inherent value and acceleration caused by the economic situation and capital investment posture that most companies are in. The SaaS island needs to have a bridge, ferry dock or airport to be useful. Understanding your vision and the factors outlined within this article will help you decide.

Continue Reading 4 comments