SOA Architecture, Governance, and Industry Standards in the Enterprise

Paul Lipton

Subscribe to Paul Lipton: eMailAlertsEmail Alerts
Get Paul Lipton: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: Java EE Journal, Apache Web Server Journal

J2EE Journal: Article

No Man Is an Island in the World of Pervasive Computing

No Man Is an Island in the World of Pervasive Computing

Do you want to understand our industry? Forget the big-name industry pundits and think-tanks. Look to the great poets like Donne and Shakespeare. You can't go wrong. The great poets can provide a long-term, human perspective on how we think, dream, and scheme. That insight is useful even in the new world of Web services and pervasive computing.

A better understanding of our own human nature will help us overcome our fear. This is important because too much fear can be both paralyzing and fatal, especially in IT. But, a tiny bit of fear can be helpful if it inspires us to continue moving and improving. Fear is often what compels us to keep up with new technology, to use it, and to sometimes benefit from it.

Recently, I noticed yet another consortium in the area of wireless. There certainly have been plenty of these, but this one is worth a glance. It's called The WLAN Smart Card Consortium. It's got some pretty big players in it. The idea is to help people use smart cards to access wireless access points around the world with one mechanism. Well, anything that helps the wireless industry overcome the twin roadblocks of ubiquity and security is a good idea in my book! But, whatever standard this group proposes or supports will be just one of many. The old joke that the nice thing about standards is that there are so many of them certainly applies to wireless. Even the tumult of competing Web services standards seems tame compared to the multiple consortia and technologies in the wireless arena.

So, why do these companies keep knocking their collective heads against the wall? Because, the current economy not withstanding, wireless devices are becoming incredibly common and many, even the smallest, are starting to have significant computational power. These companies, and they include nearly every major hardware and software vendor, smell the money. Fear is also an important factor. Miss the market and you may perish - but nobody has yet figured out what the next killer application or dominant platform will be.

All this confusion and uncertainty has engendered increasing diversity of wireless device capabilities such as screen size, color depth, form factor, navigational technique (pen, buttons, keyboard, etc.), operating system, bandwidth and processor capability, and browser markup language support. In short, wireless devices are not converging; they're diverging in many ways - sprouting cameras, voice recorders, midi-sound, and anything else that might possibly resonate with the diverse users of these devices.

How will smart IT managers cope and position themselves to meet this onslaught of client platform heterogeneity? A long time ago, smart managers realized that they couldn't stop the influx of PCs into the enterprise. Similarly, smart managers are realizing that they can't stop the influx of wireless devices. IT will be no more able to mandate the use of a particular client platform (such as a Palm Tungsten W or a Smartphone) than they can mandate the cellphones that people use now. People will use what they like and what they can afford.

However, management can prepare for this onslaught. Decision makers can learn to bend with the wind by concentrating on just three core issues: quality of service, security, and delivery of information. That information is increasingly likely to be streams of XML data delivered by complex Web services, themselves orchestrated by other Web services. This XML data will be repeatedly transformed on multiple servers as part of the integration and orchestration required to fulfill the necessary business processes. And, ultimately, that XML data will be transformed one final time in order to deliver the appropriate XML vocabularies either to smart clients as SOAP messages or to thin clients using a markup language such as WAP2 or XHTML.

To transform that final XML data to a vocabulary appropriate for a particular wireless client will require the kind of personalization, aggregation, and client-sensing technology often associated with Enterprise Information Portals, the best of which are equipped with enhanced versions of XML transformational frameworks. Unfortunately, there are no dominant standards or industry leaders for such frameworks. However, several noteworthy frameworks exist that heavily leverage existing XML standards and widely used technologies in a relatively open fashion. The Apache Cocoon and AxKit subprojects immediately come to mind, and solutions based on these and similar efforts may ultimately be safer, less-intimidating choices than more proprietary solutions.

Security and quality of service go right to the heart of our fears, and cannot be addressed solely at the Web services layer. Take the issue of quality of service. If a particular service performs poorly, what is the root cause of the problem that is affecting the performance or reliability of that service? For example, does the service orchestration engine have a memory leak, is another service to blame, or is the problem caused by poorly written business components within our own enterprise? Or, does the problem go deeper? Perhaps the business components are performing poorly due to a problem in the application server itself, the underlying CLR or JVM (depending on whether you're a .NET-head or a J2EE-head), operating system, network, or database? You get the idea.

Quality of service cannot be measured or adjusted without a comprehensive view into the entire IT infrastructure. And yet, that view must still be relevant to the business process itself. The idea that we can alleviate our concerns about service quality solely by monitoring the SOAP messages, the service handler, or even the app server is absurd. Again, no single entity in the enterprise, from the portal to the Web service down to the lowliest router, is an island. All, working together as seamlessly as possible, are necessary for successful business processes.

The same is true with security. For enterprises that are serious about the security of their information assets, there is no such thing as just Web services security. Rather, there is Web services security in the context of enterprise-wide security policies and mechanisms that are hopefully well-established, comprehensive, and cross-platform. Newer information sources, such as private UDDI registries, must fit into the existing security infrastructure and integrate with existing security policies, with minimal overhead, while providing the necessary protection to valuable new corporate assets such as service descriptions.

What do these three core issues of pervasive computing (quality of service, security, and delivery) mean to those of us who work with XML and XML-derived technologies? Well, besides being compelling technical and business imperatives in their own right, perhaps they can also serve as a reminder that we need to stay focused on the entire IT infrastructure even as our keen technical interest and our fear of obsolescence compel us to concentrate on the latest standard or tool. Especially in the case of medium and large organizations, there is already a huge investment in existing infrastructure that supports the business. The new infrastructure that manages, secures, and delivers Web services must fit into the existing IT infrastructure, not the other way around. In fact, as the poet John Donne said, "No man is an Island, entire of itself; every man is a piece of the Continent, a part of the main;" and the same should be true for any new technology, including those which hold great promise for business, such as Web services and wireless.

More Stories By Paul Lipton

Paul Lipton is VP of Industry Standards and Open Source at CA Technologies. He coordinates CA Technologies’ strategy and participation in those areas while also functioning as part of CA Labs. He is co-chair of the OASIS TOSCA Technical Committee, and also serves on the Board of Directors of the open source Eclipse Foundation, as well as both the Object Management Group and the Distributed Management Task Force in addition to other significant technical and leadership roles in many leading industry organizations such as the OASIS, W3C and INCITS.

Lipton is also an approved US delegate to the international standards organization ISO, as a member of the subcommittee focused on international cloud standards. He is a founding member of the CA Council for Technical Excellence where he leads a team focused on emerging technologies, a Java Champion, and Microsoft MVP.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.