SOA Framework Challenges
What are the major challenges of SOA environment governance?
Governance of an SOA environment presents numerous inherent challenges to the unique requirements of service-oriented architecture (SOA). Good governance of an SOA framework blends cultural and organization challenges of IT governance and business-IT alignment with technical SOA challenges such as enterprise architecture (EA), service design and interoperability requirements, SOA environment security and run-time governance. What follows are some of the unique challenges presented by effective governance of an SOA environment.
- Staffing and Skills: SOA enterprise architecture (EA) and Services design and interoperability standards must be defined in the context of a SOA environment strategy. While these are clearly extensions to your enterprise architecture (EA) process, a poorly-staffed or under skilled EA organization can become a SOA bottleneck for these critical technical architecture and EA requirements. An organization with a solid EA organization and EA governance processes will find the SOA framework transition much smoother than organizations with gaps in their EA organization or EA governance
- Portfolio Management: SOA governance requires a Service portfolio management competency to be developed, which will challenge many organizations because they do not have portfolio management disciplines currently in place. Initial service taxonomies, service ownership/stewardship models, and oversight of those incipient service portfolios can be challenging early in your SOA adoption efforts.
- A SOA-enabled Software/Services Development Lifecycle (SDLC) process is almost always a governance gap. The entire SDLC process -- from service candidate identification through development, testing, registration/publishing, discovery, consumption, run-time operations, and eventual retirement of services – is rarely re-engineered to accommodate SOA and services. In addition, the provider-side activities of the SDLC explicitly are rarely separated from the consumer-side activities of the SDLC. Separation of these roles will help clarify governance requirements of the SDLC.
- SOA Security is a critical dimension that cannot be ignored given the highly distributed nature of SOA and services. SOA framework security must be considered at the enterprise infrastructure and transport level (firewalls, XML gateways, basic authentication/authorization, virtual private networks), from a SOA enablement tooling level (messaging infrastructure, e.g. ESBs, Web services management, registry/repository tools, application servers, et al), at the message and data level (e.g. XML encryption and digital signature, security token schemes such as security assertion markup language (SAML) and others. SOA security must align with and implement security policies as derivatives of an enterprise or corporate level security strategy and architecture.
The SOA governance challenges articulated above are a snapshot of some of the areas that must be addressed to successfully achieve enterprise SOA governance. There are many more SOA challenges that accompany these. Focusing on these big SOA challenges will prepare your organization for a robust and well-defined SOA governance model.
AgilePath is a pioneer in SOA consulting. Contact us to learn more about what we can do for your enterprise.