Paul Butterworth Policy Based Approach

1

Founding Sponsors

This Presentation Courtesy of the

International SOA Symposium

October 7-8, 2008 Amsterdam Arena

www.soasymposium.com

[email protected]

Gold Sponsors

Platinum Sponsors

Silver Sponsors

SOA Runtime Governance

A Policy-Based Approach

Paul Butterworth

Chief Technology Officer

AmberPoint, Inc

October 2008

2

© 2008 AmberPoint, Inc. 3

Agenda

SOA Characterization

Policy-based Runtime Governance

Some Examples

Based on our experiences with ~200 customers


Typical Service Network Topology

firewall

Shared Services External

Services

Order Entry

Accounting

Partner

Internal Services

Credit

Services not applications

Shared

Dynamic

Federated

3

© 2008 AmberPoint, Inc.

Typical Service Network Infrastructure

JavaService

MainframeApplication

WebService

DBMS

BizApplication

BizApplication

Network

Service Bus

Appliance

In all but the newest of environments, “SOA” ≠ “Just Web Services & XML”


Keys to Successful Governance and Management of SOA Applications

Continuous SOA Discovery

Service Management &

Security

http://www.datapower.com/partners/xmlswitching.html

http://www.sybase.com/home

http://www.oracle.com/index.html

http://www.sap.com/index.epx

http://www.oracle.com/index.html

http://www.sap.com/index.epx

4


Keys to Successful Governance and Management of SOA Applications

Business System Validation

Closed Loop Governance

Continuous SOA Discovery

Service Management &

Security

Business Transaction

Management

Business

Architects & Development

Operations


SOA Runtime Governance and Life Cycle

SOA Runtime Governance automates real-time visibility and

control at each stage of the SOA lifecycle

Development Staging Production

IDE’s

Process Tools

Business Logic

Discovery

Policies• Performance

• Availability

Performance

• Automatically enforce

governance

• Security

• Logging

Diagnostics

Validation

CapacityPlanning

ServiceLevels

Discovery• Automatically discover

rogue services

More Policies• Performance

• Availability

• SLAs

• Security

• Logging

• Audit

5


Agenda



Some Examples


Governance Constraints as Policy

Declarative specification of system

characteristics as “Policies” Configurations

Constraints

Desired states

Specify what must be accomplished as

opposed to “how” What are my service levels not how to measure them

What are my faults not how to detect them

What level of security do I require

6


Policy Benefits in Runtime Governance

Improve Productivity and Increase Accuracy Simpler constraint specification

Easier to understand

Easier to change

Eliminate Policy Obsolescence

Decouple policy description from policy enforcement

Remap and reassign policies as environment evolves

– New intermediaries and system architecture

– New phase of lifecycle – testing vs. production

– Different department / division – architectural choices

Leverage intrinsic and increasing SOA capabilities of various

“intermediaries” whenever possible

Platforms – Indigo, WebSpeher, WebLogic, NetWeaver, IONA, etc.

ESBs – AquaLogic, WebSphere ESB, SAP XI

XML-aware Appliances – Cisco AON, Forum, Datapower, Reactivity, etc.


data

Policy-based Runtime Governance Architecture

Collected

Data

Runtime Policy & Analysis

Engine

policies

data

PEP

Load

Balancing

data

Exception

Management

begin end

Developer- Feedback on

runtime errors

Systems Operations- Ensure reliability

Business Operations- Track our contracted

service levels

Security Officer- Enforce authentication

RuntimeGovernance

ServiceNetwork

Policy Requests

Simple Policies Complex Policies

Instrumentation

Failover

Load balancing

Content-based routing

Transformations

Encryption

Security checks

Service level agreements

Exception handling

Advanced security

Validation

Runtime Policy Execution Point (PEP)

Runtime Policy

S1 S3S2 S4S1 S2

Enterprise Service Bus

servicecontract

7


Binding Policy to SOA

All production services

All orders > $10,000

All services in Accounting application

All services deployed in WebLogic containers

s1 s5

s4

s2s6

s3

where“Accounting”

SecurityEncryption

allservices

One-at-a-Time Approach

where deployedon .NET app servers

Logging

Dynamic Approach

s1

p1

s2

s3

s100

p1 p1 p50

100 svcs x 50 policies

5,000policy points

Load-BalWeighted

Apply p1 to s1

Apply p2 to s2

Apply p1 to s2

…..


Detailed Metadata of Your SOA Environment

Operational Info: When service was

discovered

Availability

Type of service

Type of container

Link to WSDL

Business Info: Business owner

Division

Version

Etc.

Custom: Chargeback info

Risk assessment

Links to URL‟s

Etc.

Operational Info

Business Info

8


15

AmberPoint

Dependencies Policy

Runtime Governance

Capability-based Delegation of Runtime Policies

SecurityAuthN Monitoring

Load-BalRound-Robin

Logging

Gathers existing application knowledge and policies

Assigns policies based on capabilities

Translates runtime policy into platform-specific interfaces

Monitors execution

Agents to round out capabilities and for other components

Network

Runtime

Repository


Agenda



Some Examples

9


Universal Policy LibraryConsistent enforcement regardless of SOA infrastructure

Library of commonly used runtime policies

Based on standards WS-Policy

WS-SecurityPolicy

WS-PolicyAttachment

User-extensible

Leverage the metadata “Apply Encryption to All Services where

Application_group = „Accounting‟”

Synchronize with other governance processes

Instrumentation

Content-based Policies

Versioning

Authentication – certificates, credentials, SAML, etc

Authorization

Censorship

Credential Mapping

Crypto – Signatures & Encryption

Throttling

Failover

Load Balancing

Quality of Service Performance Availability Throughput

Service LevelAgreements

Exception Handling

Validation


Service Virtualization

Abstracts service changes and versions behind a published „façade‟ (a „virtual‟ service)

Enables endpoint routing, load-balancing, failover, transformations etc.

•Sees simpler interface

•Service changes don’t show through.

Before After

Virtual

Svc

(PEP)

•Load balance•Route•Transform•Version

Service

AService

B

OrderLookup

ChangeDate

ChangeQty

ScheduleShip

ChangePrior

LookupETA

Service

AService

B

OrderLookup

ChangeDate

ChangeQty

ScheduleShip

ChangePrior

LookupETA

10


Service Level Management

Real-time visibility into service network performance and availability

Segmentation and prioritization based on business criteria

Trigger preventative and corrective actions Redirect traffic

Make less critical requests wait

Reporting Compliance

Historical trends for capacity planning

Process Engine Service Bus


Transaction Management

Visibility into technical and application-level errors “rejected”, “unknown”, “Error code: UUUEX32AF”, SOAP faults, no

response, transport-level errors

Monitoring of business-level anomalies International travel ticket with price < $100

IT & Business Operations Non-Compliance Order completed and shipped, but never invoiced

Regulatory non-compliance (Privacy Act, HIPAA conditions etc. )

11


SOA Security

Integrate with Existing Security Solutions

XML Signatures/Validation•Apply to parts of message,

across multiple hops•Transport, language & vendor

independent

Last-Mile Security for Distributed SOA• Local intermediaries enforce security for each

end-point• Manage security events & exceptions across

distributed environments

XML Encryption/Decryption• Apply to parts of message, across multiple hops• Independent of transport, language or vendor

<?xml version='1.0'?>

<PaymentInfo xmlns='http://example.org/paymentv2'>

<Name>John Smith</Name>

<EncryptedData

Type='http://www.w3.org/2001/04/xmlenc#Element'

xmlns='http://www.w3.org/2001/04/xmlenc#'>

<CipherData>

<CipherValue>A23B45C56</CipherValue>

</CipherData>

</EncryptedData>

</PaymentInfo>

env:Fault >

Unknown Servic

"urn:ups -shipping

Service Downserver:8192/e

/soapenv :

<Name>

<Encrypted

Type='http

<CipherDa

<Cipher

</Ciphe



Client Provisioning

switch

data

Reduces costs by eliminating coding.

servicecontract

AmberPoint

Registry Policy

Manager

Data

Collection

Management Svcs

policies

Provisions client with service contract requirements Looks up service endpoint and caches it for higher performance

Provisions required security policies

Automatically process request and response to match policy requirements

Insertion of security info, acquire security tokens, etc.

Collects client-side service level metrics Provides visibility into “first mile” SLA metrics

Local logging of interactions, if requested

policies

data

http://www.netegrity.com/

12


Business System Validation

Development Staging Production


The “Preflight Check” for SOA Systems

: Security Policies Functioning

Unexpected Deviation for

B2B Partner Usage

: WS-I Compliant

: Capacity Adequate

Validation Checklist

Acceptance testing of pending changes to SOA environment New Versions of Services

Policy Changes

Bug Fixes

Infrastructure Patches, etc.

Uses knowledge of dependencies and observed interactions

Simulates services that can’t be replicated in pre-production environments External services

Fee-based services

Gives Staging and Operations a final check before deploying changes

24

Q&A

Paul Butterworth

[email protected]

510.663.6300