Embed Size (px)
Citation preview
DESIGNING A LONG-TERM INTEGRATION ARCHITECTURE FOR PROVISIONING
TNC 2007 22 May 2007, Copenhagen
Aida Omerovic Scientist & project manager – UNINETT FAS, NORWAY
2
-- Best practices from building architecture of an enterprise integration platform for provisioning
in heterogeneous, distributed systems
3
Business model
Serving Norwegian higher education sector; an integrated part of NREN
Expertise in integration, security, standardization, development/operation, contracting, deployment etc.
Contributing to innovation and excellence Extensible initiatives - too demanding for
individual organizations but feasible and cost-effective with joint effort and shared resources
Significant savings, improvement of service level, new use areas, deliverables and demands
4
Background
Provisioning: what and why? Objective: efficient, dependable collaboration
of systems and users A set of large scale, software intensive and
security critical systems Distributed, decentralised, heterogeneous
applications Synergies in terms of value chain improvement
and new services from system interactions A “system of systems” offering more than the
sum of the individual applications
5
Provisioning architecture in a cross-organisational environment
Org A
Org B
Org C
Org XX
.
.
.
Message type 1
XML envelope
Integration architecture
Active directory
Archiving syst
Accounting system
HR syst
Procurement
Studens admin syst
...
LDAP
Oracle
DB, sql
update
File polling
WS
WS
Message type 2
XML envelope
Message type 3
XML envelope
WS
WS
XML file, ssh
Application xMessage type 4
XML envelope
Datafile, ssh
6
The architectural layers
Integration framework
Service level management
Technical mechanisms, operational environment, interfaces supported
Transmission
Security (authentication, authorisation, signatures, encryption, decryption)
Syntax, data formatting
Semantics
Interfaces to services, dissemination
Requirements, metricsM
on
ito
rin
g, m
etri
cs v
alu
e se
ttin
g
Err
or
han
dlin
g a
nd
fau
lt t
ole
ran
ce
mec
han
ism
s
Info
rmin
g, w
arnin
g, lo
gg
ing
and
repo
rting
m
echan
isms
Mo
de
ls: wo
rkflow
and
da
taflo
w.
Qu
ality assu
ran
ce
Augmenting, merging
Processing, filtering, splitting
7
Dataflow within the integration platform
XML ORG1
XML ORG3
Split SSH user1, usrs2, user3XML ORG2
XML ORG1 service1
XML ORG1 service3
XML ORG1 service2
XML ORG1 ...
XML ORG2...
XML ORG2 service1
Receival Deviation check
Dissemination
Merge with additional
(meta)data
Semantical eval. & content management
•Functional examples of the dataflow•Contents of data for provisioning•Metadata consensuses. •Handling, mapping and dissemination of metadata. •Optimization of the workflow•Support and enhancement of the value chain
8
Important aspects
Modelling (working processes, dataflow) Risk analysis, simulation Security measures (a practical approach based
standards, models and risk analysis and covering the entire set of interacting systems/components)
Timely revisions upon changes Documentation Quality criteria of the platform Interoperability, maintainability and extensibility Maintenance of quality through monitoring Deduction of metrics
9
General experiences
Beneficial to have full control over the integration architecture
Consistent interfaces, maintainable interactions, reusable and portable services, optimized dataflow
The critical success factors Compliance to standards, modularity and
dynamic configuration Data quality
10
An exemplar use scenario
Service supplier: Reveal needs Design, risk analysis, test plans Implement interfaces on architecture
and application Extend services within architecture for the new interfaces Documentation, in-house testing Piloting Information
Institution-service supplier Legal agreements Configuration Interface validation (transfer,
syntax, semantics) Testing Deployment and user education
11
An exemplar use scenario cont.
HR/student administrative system->
user administration system->provisioning architecture ->dissemination to a set of
admin. Systems
One vs. multitude of messages, contents
Location of operational environments
Provisioning of user data into a set of applications: accounting system users, employees, catalog users and archiving system end users: Supply the data from the authoritative systems into the UAS Identify data sources and destinations Identify conditions on the processes Verify syntax, semantics, transfer mechanisms, security measures and frequency Test Develop and document routines, policies Deploy An exemplar scheema for incoming
interface, deduced from IMS: http://forskningsnett.uninett.no/trofast/Integrasjon/Importformat.xsd
12
An exemplar building block: externally available syntax and semantics validation service
Standardised interfaces Service specific rules Dynamic, extensible
rules
Used by customer organisations and vendors for validation, development and testing
Multi-level checking and reporting User-friendly and reliable format -and
contents analysis
13
Conclusions A centralized integration architecture is a necessity
when enabling interactions between distributed applications with heterogeneous technologies or between distributed organizations
A balance has to be made between the functional needs and the technical choices
The architecture includes a variety of built in, transformable and mutually compatible, interfaces.
The paper focuses on the scientific, mainly design-related, issues of developing a cross-organizational provisioning architecture, which supports an overall modeled or assumed optimal workflow at any time.
This is a toolbox to be used pragmatically, with best effort, butthere is no “silver bullet”!
