Govern Services With Standards
Once you've designed your SOA, a services network should govern all service interactions through emerging and established WS-* standards.
by Frank Martinez

As an SOA grows in scope and function, the need to govern it grows—to govern the myriad potential interactions between disparate, diverse service consumers and providers. Effectively managing how these Web services are deployed, accessed, and shared will become core to the success of the SOA in the enterprise. Necessarily, and not surprisingly, standards are emerging to add uniformity to such policies.

I previously advocated a network-centric architectural approach to SOA, in order to enable reliable, consistent, and predictable communication between Web services deployed across a distributed enterprise (see Resources). This realizes the benefits of SOA better than any other approach because it focuses on global service interoperability and scalability across the enterprise.

I also mentioned that a distributed networking approach to SOA accomplishes the primary goals of an SOA infrastructure: global scalability, efficiency, reliability, and extensibility. But another key advantage to a networking approach is that it provides an optimal mechanism to implement policies that govern interactions with services. As both consumers and providers of services proliferate in the enterprise—surfacing from disparate departments and diverse initial Web services projects, with varying levels of trust and different degrees of priority—the importance of SOA governance will increase exponentially.

SOA Governance in a Services Network
To guarantee adherence to vital policies and encourage enterprise-wide service sharing and reuse, enterprises will rely on SOA governance frameworks to ensure policy compliance for services and the increasingly dynamic interactions between those services (see Table 1).

In a services network, all messages passing between consumers and providers are routed through a network of SOAP routers, which provides the optimal point to uniformly govern all interactions with and between services. The reason is straightforward: The governance intelligence is persisted throughout the network where it can be enacted efficiently and uniformly, rather than housed at numerous, disparate endpoints, adding another "to do" for already overworked developers. Policies can then be easily and globally enforced or implemented during message transit, enabling communication between diverse services through an increasingly "intelligent" network. As a result, any endpoint, from the most self-descriptive to the least, can be incorporated into the network and exposed to consumers throughout the enterprise.

Today, most enterprises are embarking on their SOA journey with a few project-based Web services initiatives that require only a few core standards to be successful—typically WSDL, SOAP, and XML. The good news is that these standards are well-established in practice. Yet, organizations interested in global SOA initiatives will require much deeper, broader standardization to guarantee interoperability within and across departmental boundaries. Thankfully, the lion's share of WS-* standards emerging today involve the standardization of governance policies for the global enterprise (see Table 2).

This ability to offload governance to the standards-based network is a quantum leap forward in the creation and administration of an SOA. Creating an intelligent network with diverse endpoints removes the need to hard-code and manage policies at each individual endpoint using a SOAP stack or agents, yielding these tangible benefits:

• SOA consistency. Vital global policies are enforced uniformly in the network and then applied to all service interactions, guaranteeing consistent enforcement, regardless of developer skill sets or individual project needs.
• Simplified change management. Policy upgrades or modifications can be implemented once in the network and enforced for all interactions, rather than requiring modification at each individual endpoint.
• Reduced administrative overhead. Updating, enforcing, and managing infrastructure policies at each individual endpoint results in huge administrative overhead, whereas offloading those to a centralized services network drastically reduces administration responsibilities.
• Guaranteed enforcement. Messages can't reach any endpoint without policies being enforced, guaranteeing that no policy is overlooked. Alternative approaches rely on the competence and diligence of every enterprise developer.

Also, taking a distributed, networking approach to SOA can improve your ability to comply with and take advantage of standards, with services networks providing:

• Standards leadership. Leading services networking companies are at the cutting edge of standards creation and can impart an intimate understanding of likely standards adoption with customers and partners, helping users recognize where to devote education and development efforts.
• Standards intermediation. Services network-based intermediation enables you to alter messages to easily bring diverse software assets together. For example, if a company wishes to upgrade production services that are leveraged by partners (bringing them in line with the most current standards), but at the same time does not wish to force partners to upgrade, it can alter messages during intermediation to facilitate unbroken communication.
• Standards insulation. Services networks function as an insulation layer between your software assets and constantly evolving standards. For example, WS-Routing was supplanted by WS-Addressing; customers with a services network in place could adapt to that change in the network, rather than at each production endpoint.

In my three most recent articles, I introduced the concept of a services network, described how to build one within your enterprise properly, and noted the criticality of governance to the success of your SOA. It is important to remember a few points.

Services networking is a unique approach to building an SOA, providing a solution to what is fundamentally a networking problem—enabling reliable, consistent, and predictable communication between Web services deployed across a distributed enterprise.

In a services network, messages are passed between interfaces over a distributed router network, composed of linked SOAP routers that exist at the edges of the network, intermediating and routing all communication and enabling the SOA to scale globally.

The services network provides for optimal SOA governance, which becomes increasingly important as SOAs scale, affording the enterprise to reap the global benefits of services sharing and reuse.

About the Author
Frank Martinez is the CTO, chairman, and cofounder of Blue Titan Software, a provider of service-oriented infrastructure that helps enterprise architects control, share, and scale applications, driving business innovation across the distributed enterprise.