SOA for E-Government Conference Wrap-up

Posted in SOA by AST on Monday, May 29th, 2006

Amoxil Generic Buy Clarinex Online Neurontin Without Prescription Topamax No Prescription Soma For Sale Glucotrol Generic Buy Aricept Online Stromectol Without Prescription Lotrisone No Prescription Celexa For Sale

Last week, I had the opportunity to present at the SOA for E-Government 2006 conference held in McLean, Virgina at the MITRE facility. If you are interested in seeing some of what I talked about, my presentation slides (MS PowerPoint) are available as part of the conference proceedings.

The main focus of my presentation was to try and share some of what we’ve learned in implementing an SOA solution for the Irish Government, and to illustrate that there’s more to SOA than WSDL, XML and dropping in ESB vendor X. It was supposed to be a case study of the requirements and how we’ve addressed them as well as highlighting that some of the decisions made for the Public Services Broker (PSB) were made in 1999 and 2000, when a lot of what people automatically think of when you say SOA didn’t exist yet.

Unfortunately, my presentation ended up being a bit shorter than I’d intended, but I tried to address the highlights. It’s pretty normal at conferences for things to slip from the original schedule as the day progresses, so it wasn’t that big of a deal. However, I hope I was able to convey some of what I wanted to say about technology choices and interoperability in a coherent fashion.

Other than that, it was a really great opportunity to meet many of the people from the SOA Community of Practice (CoP) mailing list and explore in more detail some of the themes we mentioned. I had some great conversations with Rebekah Metz & Joe Chiusano (Booz Allen Hamilton), Mills Davis (Project 10X), Miko Matsumura (Infravio) and, of course, Greg Lomow who also works for BearingPoint. Cory Casanave (Data Access Technologies), Richard Soley (OMG) and I almost had a really interesting conversation about OMG’s Model Driven Architecture (MDA) initiative and how it fits in with SOA. Unfortunately, we ran out of time, so I hope I can have the opportunity to explore this a bit more. At the moment, let’s just say that we’re not in agreement on how the two concepts (SOA & MDA) are related… ;)

The opening keynote from Ron Schmelzer (ZapThink) was pretty on target, and it served to highlight all of the “big picture” issues that were on the table for discussion for the rest of the conference. One thing that really bothered me though was the following general line of thinking:

If I want an SOA, then I need to define some WSDL so I can generate my service implementations which I just deploy into my ESB. – NOT!

One of the things that Rebeka’s presentation on the OASIS SOA Reference Model was trying to do was illustrate that SOA is first and foremost a way of thinking about building systems. After that, you can design your systems using the SOA architectural style (yes, the first paragraph still applies even though the article is talking about buildings and physical structures), and then you might implement that architecture using Web services, JMS, JINI, CORBA, XML/HTTP or something completely different. There’s too many automatic assumptions of technology choices when most people mention SOA, leading to some misguided and distracting silliness like “SOA 2.0″. SOA isn’t about technology.

One of the more interesting topics of discussion on the SOA CoP mailing list was trying to come up with definitions and what SOA really means. I agree with a comment Greg made over lunch that what was being discussed was way ahead of our respective employer’s positions and “blessed” views on SOA. Building impressive demos via point-and-click service generation and deployment is all well and good, but, it’s having a solid understanding of the underlying architectural paradigm which will allow the resulting system or systems to evolve gracefully in the face of guaranteed change as well as allow you to sleep peacefully at night. Limiting your thinking to SOA = WSDL + SOAP + ESB and Point-to-Point integration is certainly not going to meet either of those requirements.

Speaking of interesting demos, one of the projects presented by Anthony Bradley (Booz Allen Hamilton) on the DCGS-A integrates signals intelligence providers, weather services and some other goodies to plot “interesting” locations via integration with Google Earth’s rich client interface. Apart from the obvious security implications of calling out to Google (it is only a demo/proof of concept; the service offered by NASA is implementing the same service interface) this is a pretty cool, near real-time SOA infrastructure that is going to really make a difference by providing a common infrastructure across the different signal intelligence provider platforms. This presentation as well as other discussions last week which are applying SOA to the US DoD put a lot of stuff around the reliability, quality of service and security of SOA implementations in a different light. E-Government is somewhat different than E-Business, but it’s all a lot different than E-Defense when it comes to implementing those pesky non-functional requirements.

I’m sure there is more stuff that I’m forgetting right now. Dr. Richard Soley (OMG) gave one of his trademark, bigger than life keynote presentations to close the conference. I first met Dr. Soley when I was presenting at the Segue Software QUEST ‘99 conference and was doing some interesting stuff with CORBA at Informix. In some ways, he and Marcus Ranum share some personality characteristics: they’re both highly opinionated, very ready to defend/support their position and very intelligent individuals who give witty presentations. I enjoyed the presentation quite a lot, even if we don’t see eye-to-eye on MDA’s role in SOA. Still, I could be wrong–it isn’t like it never happens.

Finally, I’d like to thank Brand Niemann the SICoP Co-Chair and Greg Lomow as co-chairs of the conference and MITRE for hosting it. I very much appreciated the opportunity to present what I’ve been doing and hope to continue to actively participate in the on-going activities of the SOA CoP. I think that the conference was a success, but I still think there’s lots of work yet to be done by the CoP in defining a strategy for SOA within the US Government. Also, I’d like to apologize to David Webber and Ken Laskey because I didn’t get the opportunity to speak to them in person. Hopefully, I’ll get the chance next time.

Doug & Wendy vs. Your Credit Card Data

Posted in Rants, Security by AST on Tuesday, May 16th, 2006

InfoSeCon 2006 Wrap-up

Posted in Security by AST on Friday, May 12th, 2006