Oracle Integration

Click here to view a print-ready version of this page

SOA Software’s Service Manager™ integrates with Oracle’s BPEL Business Process Manager and related products. With Oracle exposing and consuming Web services as part of their next-generation of eBusiness Suite, version 11.5.10, the Service Manager provides Oracle customers with the ability to implement Web services with end-to-end security, location transparency, SLAs, and quality of service. With the Service Manager, Oracle’s process tools can now enable the benefits of an SOA by abstracting all the complexity of consuming Web services away from the process tools, bringing true agility for the first time to a loosely coupled heterogeneous environment.

Integration with Oracle eBusiness Suite 11.5.10
As a comprehensive platform for XML and Web services security and management, the Service Manager can be used to extend the functionality of the Oracle eBusiness Suite 11.5.10 Process Manager and enable a secure, manageable Service-Oriented Architecture that leverages Oracle technology. The Service Manager provides the following security and management functionality for Web services exposed in your enterprise through Oracle 11.5.10:

Centralized Policy Management
Performance Monitoring and Reporting
Security Enablement, Enforcement and Auditing
Provisioning, Contracts and SLA management
Web Services Publishing, Search and Discovery via UDDI
Multi-protocol message transport for quality-of-service

Integration with Oracle BPEL Process Manager
SOA Software’s Service Manager can be used to extend the functionality of the Oracle BPEL Process Manager and enable a complete Business Process Management solution based on Web services.

Securing and Managing the BPEL workflow - SOA Software’s Management Point™ can be used to secure and manage the BPEL workflow because the BPEL workflow is a Web service defined using a WSDL. As a result, the communication/invocation from a client application that uses SOA Software’s Gateway™ can be secured and monitored.
Securing and Managing Web Services that are part of the BPEL workflow - In this scenario, the Management Point is used to secure and manage the underlying Web services that are part of the BPEL workflow. The BPEL workflow may have several Web services with various security and monitoring requirements which can all be managed using the Management Point.
Monitoring the BPEL workflow with SLAs - The Service Manager has the ability to monitor Web service performance and enforce SLAs that are associated with the BPEL workflow. The DESM can generate alerts in case of SLA violations.

Washington Mutual

Click here to view a print-ready version of this page

Web site

SOA Software Update - June 2008

Click here to view a print-ready version of this page

Software Architect

Click here to view a print-ready version of this page

Deliver world-class top-notch architecture and design for the SOA infrastructure product modules.

Job Specifications:

Deliver world-class top-notch quality architecture and design for the product.
Documenting the architecture and high-level design developed for product.
Participate in implementation aspects of core of the Service Manager modules being developed in India branch.
Mentor the remaining engineering team in India in delivering the quality work.
Explain the architecture and design and rational behind the architecture/design to the remaining engineering team so they can do quality implementation of the design.
Participate and perform the code reviews of the work done.
Work closely with US architecture and design team in understanding how the whole of the product works and architecture followed in whole of the product.

Job Requirements:

Must have experience of architecting and designing either completely and parts of 2 to 3 large enterprise products.
Must have experience mentoring the technical team.
Must have extensive (6-9 years of) experience in the area of J2SE (JDBC, Java Threads), J2EE (JMS, JNDI) and XML (JAXP, DOM, SAX, XMLSchema, XPath, XSLT, SOAP, UDDI, WSDL) technologies.
Must have experience in architecting/designing products involving Oracle and SQL Server database.
Must be able to design the efficient database schemas. Must be able to write efficient database queries using JDBC.
Must have experience in the area of Java Security and XML security.
Must have experience of designing product with distributed components (especially, Web Services)
Must have developed/deployed some Web Services.
Must be savvy with respect to specifications in the area of Web Services and XML
Must have experience in using Configuration management tools, including version management software. Knowledge of SVN is a big plus.
Must have experience (2-3 projects) of documenting technical architecture and high-level design of the work performed. Must have experience in using modeling tools like Rational, etc…
Must possess excellent verbal and written communication skills.
Must have desire to excel, flexibility to work hard and skills and know-how to motivate the team to achieve excellence.

Engineering Manager

Click here to view a print-ready version of this page

Be part of the Engineering division of an Indian subsidiary of a US-based successful company developing state-of the art products in the area of SOA infrastructure.

Job Specifications:

Manage the Engineering division of SOA Software, India office.
Decision maker of the equipment to be procured for engineering needs with the help of members of the team.
Responsible for reviews of the members of engineering department.
Responsible for day-to-day management of engineering department with the help of Project Manager.
Responsible for processes to be followed in the engineering department.
Responsible for all deliveries from India office with respect to development and maintenance aspects of the product.
Work with QA management and product management to form a release management team.

Job Requirements:

Must have experience in engineering management role of an enterprise product.
Must have technical understanding of the enterprise products architecture.
Must have the experience of various tools used in development of enterprise products with distributed architecture.
Must have experience in managing engineering teams of at least 15-20 in size.
Must have good documentation skills to document the processes to be followed in the engineering department.
Must be willing to and able to be hands-on when needed on the product development and maintenance.
Must have desire to excel, flexibility to work hard to achieve excellence.
Must have experience in working with distributed team structure.
Must possess excellent verbal and written communication skills.

Project Manager

Click here to view a print-ready version of this page

Be part of the Engineering division of an Indian subsidiary of a US-based successful company developing state-of the art products in the area of SOA infrastructure.

Job Specifications:

Responsible for management of various deliverables from India office.
Work with leads in development team to find the task list and to estimate for each task to prepare the project plan.
Track the status on regular basis.
Manage the risks for deliverables and take the mitigation steps necessary.
Responsible for achieving the deliveries within the acceptable quality and timelines with the help of development team members.
Report status on regular basis to Engineering Manager and to US team.

Job Requirements:

Must have experience in project management of the software product development team.
Must have managed deliveries involving teams of size 15 to 20 people.
Must have technical understand of the J2EE enterprise products with distributed architecture.
Experience in XML, web services and SOA architecture is a big plus.
Experience in Indian subsidiary of US a company is a big plus.
Must have interacted with oversees clients (Clients in US is a big plus) for deliveries.
Must be an expert in Project management concepts. PMP certification is a plus.
Must be an expert in using Microsoft Project to track the project plans.
Must have the ability to manage concurrent small projects with overlapping resources.
Must have desire to excel, flexibility to work hard to achieve excellence.
Must have experience in working with distributed team structure.
Must possess excellent verbal and written communication skills.

Consumer Contract Provisioning

Click here to view a print-ready version of this page

The idea of a consumer contract for SOA closely models the idea of a business contract. It defines the terms of a relationship between a consumer, or group of consumers, and a service, or set of services. These terms should include:

The policies the consumer(s) agree to comply with
The access rights the service(s) will provide the consumer(s)
The service levels the provider commits to delivering to the consumer(s)
Any mediation the provider(s) and consumer(s) agree to and require

The SOA Governance solution has two important roles to play in the contract process:

Contract negotiation – the Governance solution should provide a workflow model allowing potential consumers to interact with service providers to request and negotiate access to, and specific service levels for, a service or set of services.
Contract enforcement – the Governance solution should enforce the contract at run-time. It should seamlessly ensure that the provider meets agreed upon service levels, that any required mediations are delivered, that the consumer(s) are complying with required policies and that the access rights and times are enforced and complied with.

SOA Software’s Policy Manager provides a flexible contract negotiation workflow process that allows a potential consumer to request access to a service and negotiate SLAs, policies, and access rights.

Service Manager enforces contracts to ensure that consumers without a contract cannot access a service, and monitor, manage, and report on contract terms, including SLAs, for each consumer.

For more information about SOA Software’s market-leading products, click here.

Compliance Validation

Click here to view a print-ready version of this page

One of the important roles of a governance automation solution is determining an asset’s compliance with defined enterprise policies. For example, an organization might require that a service have a design document, a description, be properly categorized, and have a defined business case before it can be promoted from the design stage to the development stage of the lifecycle. The SOA lifecycle governance automation system provides an easy way to define and manage compliance policies and associate these policies with lifecycle stages, categories, and other taxonomy or folksonomy structures and types.

SOA Software’s Policy Manager provides a powerful compliance policy definition, management, and validation framework. It defines policies as sets of rules, with individual rules capable of processing a static service context in the repository, or dynamically captures message data from Service Manager. Rules are written in XQuery, Java Script, or as Java Classes. Policy Manager provides a set of policies out of the box, including WS-I Basic Profile validation, and publishes the policy language, context, and APIs to partners. Our partners have created a library of “policy packs” for various compliance definition policy sets.

For more information about SOA Software’s market-leading products, click here.

Governance Automation

Click here to view a print-ready version of this page

Enterprise architecture approvals processes for application development typically involve periodic architecture review board meetings that review proposals and designs to make decisions about whether or not to fund particular projects. In many cases these architecture review board meetings happen every 4 to 8 weeks, which is fine for large application development projects, but doesn’t scale to meet the needs of service development processes. Imagine the development process for a service which can take as little as a few days or even hours, being held up for 4-8 weeks at each stage of its lifecycle, because it needed approval at an architecture review board before proceeding. Similarly, imagine an architecture review board reviewing designs and business proposals for hundreds of services rather than the 2 or 3 applications they are used to managing. Clearly the current processes are not agile enough, and do not scale well enough, but you can’t simply remove these processes.

This is where Integrated SOA Governance Automation (ISGA) solutions come in. By implementing the existing governance processes through simple, role-based workflow solutions with integrated policy compliance validation checks, ISGA solutions allow companies to maintain their current levels of control without introducing roadblocks, or causing current processes to stall.

SOA Software’s Repository Manager and Policy Manager products combine to provide a comprehensive Integrated SOA Governance Automation solution. The solution provides:

Asset lifecycle management processes
Consumer contract provisioning processes
Approvals workflow processes
Continuous compliance and validation

For more information about SOA Software’s market-leading products, click here.

Service Lifecycle Management

Click here to view a print-ready version of this page

Services, like all other development assets and applications have their own lifecycle and as such need to be managed through their lifecycle state transitions. A Service lifecycle generally models a typical SDLC with stages including design, development, test, QA, production, and deprecation. Many organizations will add versioning into the process between production and deprecation, although in reality each new version of a service will have its own lifecycle.

An SOA Governance product must be able to manage the lifecycle stage of a service and should provide a workflow-based process for migrating services between stages. Often this process will closely mirror the original publication process described above. It will include a set of policies that define criteria a service must meet before it can be migrated. It will also in many cases include manual approval steps.

The lifecycle stage of a service should be used to determine who can discover the service in the registry and who can access the service at run-time. It should also define which policy set is used to determine the run-time capabilities and requirements for accessing the service.

In the context of lifecycle management, the act of publishing a service to a registry so that it can be found by a broad audience of interested parties may seem like a simple enough task. In fact, this is one of the most basic, and yet most important functions of an SOA Governance solution.

The essence of governance can be easily captured in the phrase “encouraging desired behavior.” This simple concept provides a backdrop to help understand what a governance solution should be focusing on, and the capabilities it should provide. Essentially it is not enough to merely provide a stick with which to beat developers and architects, we must also provide a carrot to encourage people to participate in governance processes.

With this in mind, we need to think about what is the desired behavior for the participants in an SOA. For many organizations, one of the most important aspects of SOA Governance is the process of ensuring that the services that are published are appropriate. “Appropriate” in this context is another word a little like “desired.” It can mean many things, but the reality is that an “appropriate” service is a service that meets a set of criteria defined by the enterprise, often including the following:

Is not a duplicate of, or similar to an existing service
Meets design criteria for transport, operation type, schema, etc
Is at an appropriate level of business functionality granularity (e.g. a ‘top-down’ design rather than ‘bottoms-up’)
Is of broad interest and therefore likely to be reused
Complies with appropriate industry standards and recommendation (e.g. WS-I basic profile)

Some of these criteria can be readily automated like WS-I basic profile compliance, others will likely require manual steps. To this end, before a service can be published it should pass through a workflow process that will verify the automatable criteria before requiring a manual approval step. A well designed SOA Governance solution will manage this workflow as a series of customizable, automatable defined process steps and will allow developers and approvers to see services at appropriate phases of this process.

SOA Software’s Repository Manager and Policy Manager products combine to provide a comprehensive SOA Lifecycle Management solution. They share a common state-machine, and common meta-model providing seamless SOA asset lifecycle management capabilities.

For more information about SOA Software’s market-leading products, click here.

Architecture and Compliance

Click here to view a print-ready version of this page

As enterprises move towards SOA, their enterprise architecture teams take on an increasingly important role. Integrated SOA Governance Automation solutions provide architecture teams with the ability to ensure the efficient execution of their SOA programs.

Service Lifecycle Management
Governance Automation
Compliance Validation
Consumer Contract Provisioning

For more information about SOA Software’s market-leading products, click here.

Simple Service Consumption

Click here to view a print-ready version of this page

As the complexity of service interfaces grows to add security, reliability, and other capabilities needed for business quality services, so does the difficulty of consuming the services. Studies of the cost of building services and consumers in Fortune 500 companies shows that it can cost up to $50k to add security, reliability and monitoring capabilities to a single service, and up to $40 to add the security and reliability capabilities required to consume the service to a consuming application. As service reuse becomes more prevalent, the cost of building consumers can quickly become prohibitive.

This is why SOA Software provides its Delegate to ensure simple service consumption. Using the Delegate, consumer developers can focus on implementing the business logic of their application leaving the complexity of complying with enterprise security policies, reliability models, versioning, transport, and other implementation details to the delegate.

SOA Software’s Delegate is available in many forms, ranging from Java and C# SDKs, through plug-ins for common IDEs and handler sets for common containers. It is part of the design tools for many business process management solutions, allowing the process designer to drag and drop an “SOA service” into their process fully abstracting the process engine from the physical service implementation.

The Delegate abstracts the developer from the complexities of business quality service consumption including:

Authentication – full support for Basic Auth, SAML, X.509, Kerberos, XML-Signature, HTTPS, and all other common tokens
Privacy – full support for XML-Encryption in both raw XML and WS-Security forms supporting both encryption and decryption
Non-repudiation – full support for raw XML and WS-Security compliance XML-Signature and signature verification
PKI – provides public and private key pair management, CRL checking, certificate management
Transport – supports http, https, and JMS bindings
Reliability model – supports WS-Reliability and WS-ReliableMessaging standards as well as native message queuing reliability models
Endpoint location – provides dynamic binding to service endpoint location, policy, standards, and reliability model

For more information about SOA Software’s market-leading products, click here.

Application and Transaction Management

Click here to view a print-ready version of this page

SOA is used to build real-world business applications, delivering real business value and solving real business problems. Faults and performance problems in a Web service might not appear to be a huge problem, but they may lead to a failure to respond to a customer, a misplaced order, or a failure to invoice or collect on a service or product that has been delivered.

The distributed nature of service-oriented applications makes it difficult to identify and diagnose problems. For example, an unacceptable delay when a customer clicks a button on a commerce site might be caused by a connection timeout in an unrelated database that provides a logging function to a Web service that is indirectly invoked by another application called by the portal.

Application support and operations teams must be alerted to these issues and must be able to identify their root cause, debug, and fix them in near real-time. These teams are often measured against Mean-Time-To-Repair, so seeing problems before they occur, and quickly finding the cause is a critical goal.

SOA Software provides an industry leading Operational Governance solution for monitoring, transaction tracking, SLA management, Quality of Service, Event management, and root case analysis.

Monitoring – Last mile, first-mile and network monitoring of messages to collect real-time performance, usage, fault and message data for any service deployed on any platform. SOA Software’s Service Manager monitors services from the perspective of the consumer to ensure that consumer specific SLA’s and usage criteria are not polluted by traffic from other consumers.
Transaction tracking – Using standards like WS-Addressing, Service Manager can track the path of a transaction across multiple messages between different consumers, services, applications, and platforms. This allows customers to identify root cause for individual transactions as well as to build a map of a whole application and all the consumers and services it is made up of.
Service Level Agreement Management – Service Manager provides comprehensive SLA capabilities with the ability to manage and monitor SLAs for consumer contracts. This unique ability ensures accurate monitoring of services from the perspective of their different consumers – one application might make more complex and larger requests that take an average of 200ms to process, where the average response time for the whole service is only 50ms. In this case, it is essential that the application is monitored from the perspective of the consumer, in order to provide an accurate assessment of service level.
Dynamic Management – Service Manager implements a comprehensive dynamic management model that can automatically adjust the infrastructure to address exceptions and service-level issues. Using the monitoring and SLA management capabilities described above, Service Manager can identify potential problems and can reroute traffic, throttle low-priority requests, or even deploy new service instances to ensure continuous operation of service-oriented applications.

SOA Software’s products are used by Fortune 500 companies to ensure continuous operation of their service-oriented applications providing a state of the art application and transaction management solution.

SOA Software’s Service Manager provides a platform-independent, policy-driven SOA monitoring and management solution to ensure the performance and reliability of services throughout an SOA. It provides SLA management, real-time and historic reporting, alert and event management, transaction tracking, and dynamic management capabilities.

For more information about SOA Software’s market-leading products, click here.

Change Impact Mitigation

Click here to view a print-ready version of this page

A core benefit of service-orientation is the ability to reuse existing assets across multiple applications as service consumers. This reduces the time to develop new applications, increasing agility and reducing cost, but it also increases the potential for change to one application (service provider) to cause many other applications (service consumers) to fail. Development governance change management and consumer contract provisioning solutions will help address this challenge, but in many cases changes will be required so the enterprise must ensure that services consumers are effectively abstracted and protected from these changes.

Virtualization – Service virtualization provides companies with the ability to create virtual services that offer a stable interface (location, transport, standards, policies, messages) even when the physical service changes. Virtualization offers high-availability and load-balancing, performance and SLA monitoring and management, routing, versioning, and mediation capabilities to mitigate the impact of change at the provider on service consumers.
Versioning – Services go through a development lifecycle just like any application, in fact services are often published by an application that has its own lifecycle. As a natural part of this lifecycle applications and services will be versioned, and will often go through significant changes as part of this process. If the only consumers of a service are part of the same application, and as such are versioned at the same time as the service itself, then there is no challenge, however this is not the case with services that are published for general reuse. If a service is used by multiple consumers there a several models available to protect the consumers from changes to the service as part of a versioning process. One model is simply to track all the service consumers through a consumer contract provisioning process and inform them of any upcoming changes. Another model is use a virtualization solution to maintain a virtual service that models the old interface using transformation as necessary to communicate with the new interface. The best practice is to combine these two approaches using the contract model to inform consumers of change and encourage them to adopt new interfaces, while using virtualization to mitigate the impact of changes.
Mediation – As the complexity of service interfaces grow to provide enhanced security and reliability capabilities, the set of consumers capable of consuming the services shrinks. Mediation solutions provide tolerance to ensure that the widest possible set of consumers can consume a service by making sure that the service is tolerant of different message types, policies, transport, and many other variables.

SOA Software’s products are used by Fortune 500 companies to ensure continuous operation of their service-oriented applications leveraging powerful change impact mitigation capabilities.

SOA Software’s Service Manager provides a platform-independent, policy-driven SOA virtualization and mediation solution to ensure that services can be confidently consumed by applications on any platform without risk of change causing outages.

SOA Software’s Policy Manager provides comprehensive consumer contract provisioning capabilities to track service consumers and notify them of versioning events.

One of Service Manager’s core strengths is its mediation capabilities. It offers a range of mediations including:

Multi-pattern mediation (agent, delegate, proxy, relay, gateway, router, switch, pipe & filter, Policy Enforcement Point)
Messaging mediation (programming model and synchronicity) - useful when consumers and providers use differing call models. Three types of MEP mediation are configurable; Sync-Async mediation (synchronous consumer wants to access asynchronous WS providers); Async-Sync mediation (asynchronous consumer wants to access synchronous WS providers); Aynch-Async mediation (asynchronous consumer wants to access asynchronous WS providers)
Reliability mediation – useful when unreliable consumers need to consume reliable services, or when reliable consumers need to consume unreliable services.
Standards mediation - useful when the consumers use and the providers expect differing WS standards. We handle this mismatch through design time configuration. Several types of syntactic standards mediation are supported: WS-Security, WS-Addressing, WS-Routing, and WS-Reliable Messaging.
Transport mediation - useful when consumers and providers use differing transport protocols. Common examples of this are SOAP/HTTP consumers who want to call non-soap message driven apps such as POX/JMS
Asynchronous delivery – required for synchronicity mediation
Guaranteed delivery – required for reliability mediation

Service Manager can mediate between a wide range of standards, message styles (SOAP, POX, etc), message exchange patterns (REST, SOAP, MOM, etc), transports (http, https, JMS), reliablity models (WS-RM, WS-RX, MOM, etc), security tokens (SAML, Kerberos, X.509, session cookies, etc). Mediation is enabled declaratively through the standalone intermediary based on impedances between inbound messages and the requirements, capabilities, and policies of the destination service.

For more information about SOA Software’s market-leading products, click here.

B2B Service Provisioning

Click here to view a print-ready version of this page

One of the main drivers behind SOA has always been the vision of using Web services to facilitate communication between businesses, and even drive new business models. This is a valuable use for SOA and Web services, and it does present some interesting challenges.

Security – In the early days of Web services, the ability to communicate machine to machine over port 80 to avoid firewall configuration issues was a much touted advantage. The reality, of course, is that sending XML traffic over port 80 introduces a potentially significant security risk. The standards community has created numerous specifications to offset this risk, but with it has added considerable complexity that can take away much of the advantage offered by Web services. The real challenge is to find a way to ensure the security of services leveraging standards like WS-Security and SAML, without making services so difficult to consume that partners and customers choose to go elsewhere. Another obvious risk is that for services to consumable outside the enterprise firewall, they must be accessible through the DMZ. In most cases customers will not, and should not, deploy their application containers into the DMZ, so they need to find a virtualization model that allows them to deploy services in the DMZ that proxy their application services.

Consumer Contract Management – One way to address the challenge of providing easy access to secure services is through a consumer contract provisioning model. Consumer contract provisioning is the process of requesting or offering access to a service through a negotiated contract. For more information on consumer contract provisioning please see contracts.

Identity Federation – In order to grant individuals at partner companies rights to services and business processes within your enterprise, you need to know that these people are authorized by your partner to act on their behalf. One model is for you to maintain a directory of your partner’s employees, and ask you ensure that this directory is up-to-date, although this model is bound to fail. Identity Federation offers a better solution. Through Identity Federation users within partner and customer organizations can authenticate themselves against a server in their own organization and present you with a token validated by their company. In this way you simply need to trust their company, and not the individual in question.

SOA Software’s products are used by Fortune 100 companies to provide comprehensive B2B SOA provisioning capabilities driving new business models and revenue for these companies.

SOA Software’s Service Manager provides a platform-independent, policy-driven SOA security and virtualization solution to ensure that internally published services can be confidently exposed to partners through the DMZ. SOA Software’s products implement all of the latest standards including comprehensive support for WS-Security, XML-Signature, XML-Encryption, SAML, XACML, and many others. For a list of supported standards please click here.

SOA Software’s Policy Manager provides comprehensive consumer contract request, offer, and negotiation processes to facilitate partners requesting access to services, and the enterprise offering partners access to services.

For more information about SOA Software’s market-leading products, click here.

Security

Click here to view a print-ready version of this page

The evolution towards service-oriented architecture as the main application development and integration model for large enterprises promises great rewards in agility and cost saving, but along with these rewards come increased security risks in several areas:

Message Security – Standards-based service interactions are one of the main benefit drivers in SOA. They also introduce increased risk, because a well architected system will have no room for “security by obscurity”. The standards community has made great strides in producing specifications to ensure sender and provider authenticity and authorization, and message privacy and non-repudiation. It is now up to service platform providers and service and consumer developers to take advantage of these standards to ensure the security of their applications and data.

Interface Security – One of the goals of SOA is to create reusable business services. These services are often created by take data or business logic from existing applications and exposing it as a service. This means taking data or logic that was buried within an application and making it accessible, and in this process exposing it to potential threats.

Security Infrastructure – The move towards enterprise SOA involves the deployment of new infrastructure solutions including registry/repository, policy management, and service management, amongst others. Each of these solutions must comply with existing enterprise security policies, or the solutions designed to ensure the security of enterprise applications can themselves become potential attack points.

SOA Software’s Service Manager provides a platform-independent, policy-driven SOA security solution to ensure that all service providers enforce uniform, appropriate policies, that are implemented by all service consumers across all distributed and mainframe platforms throughout the enterprise. It provides fully featured agents to ensure last-mile security, a standalone intermediary for network-based policy enforcement and virtualization, and a client-side delegate for first-mile policy implementation.

Authentication – Service Manager provides comprehensive message, consumer and end user authentication with support for all common token types including Basic Auth, SAML, X.509, Kerberos, XML-Signature, and HTTPS. It provides a security token server for Identity Federation and token exchange, offering a SAML authority as part of this capability.

Authorization – Service Manager offers powerful service authorization capabilities support XACML as well as native integrations with most common enterprise security policy management solutions.

Privacy – Service Manager has full support for XML-Encryption in both raw XML and WS-Security forms supporting both encryption and decryption to ensure the privacy of messages.

Non-repudiation – Service Manager offers full support for raw XML and WS-Security compliance XML-Signature and signature verification to ensure message authenticity and non-repudiation.

PKI – Policy Manager provides comprehensive public and private key pair management, CRL checking, and certificate management.

SOA Software’s products implement all of the latest standards including comprehensive support for WS-Security, XML-Signature, XML-Encryption, SAML, XACML, and many others. For a list of supported standards please click here.
Service Manager integrates seamlessly with most common enterprise security solutions to maximize investment in existing systems and ensure consistent application of existing enterprise security policies. It supports:

Identity and Access Management Systems – Service Manager integrates with most common IDM solutions to federate their authentication and authorization policies and processes throughout an SOA.
Enterprise Directories – Service Manager integrates with common enterprise directories including Microsoft Active Directory and other LDAPv3 compliant solutions. It acts as a security token and policy server, delegating authentication decisions to the directories and using existing group memberships to drive role-based authorization decisions.
Security Appliances – Service Manager can provide policies for services security by common appliances (such as IBM DataPower) and monitor service usage and performance for these services.
PKI – Service Manager provides its own built-in PKI solution with a fully featured Certificate Authority. It also integrates with existing PKI solutions providing key distribution and verification.

For more information about SOA Software’s market-leading products, click here.

Operations

Click here to view a print-ready version of this page

SOA presents a unique set of challenges to operations and security teams. We provide some examples of the challenges and solutions for many Fortune 500 corporations as they move towards SOA.

Security
B2B Service Provisioning
Application and Transaction Management
Change impact mitigation
Simple service consumption

For more information about SOA Software’s market-leading products, click here.

Extensible Asset Management

Click here to view a print-ready version of this page

The breadth and scope of an enterprise SOA initiative can be quite daunting to a typical IT organization. New technical standards (and tools to support development against those standards), increased need for integration and regression testing to ensure stability and cross-version compatibility of deployed services, strong emphasis on proper separation of concerns (e.g., separating functional aspects from presentation aspects during analysis to eliminate blurred implementations, avoiding reimplementation of fragile existing application functionality and algorithms in decoupled services that are meant to support multiple application/composition needs), and simply the introduction of a new way of architecting and developing enterprise software forces organizations to take a much broader look at the SDAs they need to govern and disseminate.

Support for Knowledge and Executable Assets – Once an SOA initiative expands beyond the pilot stage, IT organizations need to quickly and effectively disseminate the core architectural and development principles and guidelines to the broader IT community. These knowledge assets – patterns, best practices, reference implementations – must be treated as peers alongside the executable assets – services, components, schemas – that make up an organization’s SOA. Repository Manager comes preloaded with Sun’s Core J2EE Patterns and Microsoft’s Enterprise Solution Patterns, and organizations can easily augment these knowledge assets with their own SOA guidance. This knowledge framework is delivered to the developer’s fingertips via Repository Manager’s deep IDE integration, thereby greatly increasing the likelihood of developer success as the enterprise’s SOA initiative expands in size and scope.

Incremental content enforcement based on SDLC governance stage – As a service or other SDA progresses through its SDLC, the number and scope of work products naturally increase. At its initial definition phase, a service may be little more than descriptive documentation specifying the required functionality at a high level. Use cases, design models, test plans, test results, defect lists, usage guides and many other work products accumulate as this service progresses towards staging and production deployment. Repository Manager enforces the presence of designated content at each defined governance stage, and validates that content against compliance policies through its integration with Policy Manager.

For more information about SOA Software’s market-leading products, click here.

Change Management

Click here to view a print-ready version of this page

Within a loosely-coupled architecture such as SOA, change management takes on a two-dimensional perspective: both changes as a specific version of a service or other SDA progresses through its SDLC and changes across versions of a service must be effectively managed and governed. Most enterprise IT organizations are well versed in version-specific change and release management, but have considerably less experience in dealing with cross-version compatibility, deprecation, and staging issues that arise within an SOA initiative. The loosely-coupled nature of SOA demands additional stringency within the SDLC process as well; services must not only be correct (i.e., they function as expected) but also complete (i.e., they are discoverable, understandable, and stable from the consumption perspective).

Smart Controls™ governance automation – To be effective, SOA governance processes must incorporate as much automated compliance validation as possible while preserving ultimate decision-making authority for key role-based stakeholders in the IT organization. Governance processes must also vary by asset type (components require different validations than services, for instance), and different groups within the organization may require different levels of governance stringency. Smart Controls supports these variables through its patented event-driven governance engine. Governance processes are configured through an Eclipse-based graphical designer supporting swim-lane style process flow definitions with drag-and-drop task specifications, making it easy to specify and understand complex and demanding enterprise governance needs.

AnySource™ Federation – Click here for details on Repository Manager’s AnySource federation toolkit.

Compliance policy validation via Policy Manager™ – Development compliance policy enforcement can be an onerous task for architects and other governance stakeholders in the IT organization. Validating service interface compliance against WS-I Basic Profile, ensuring that source code conforms to style guidelines for readability and maintainability, and many other necessary policies can become overwhelming if manual validation is the only option available. Policy Manager’s flexible policy validation engine, supporting XPath, XQuery, Java, and script-based policy definitions, coupled with Repository Manager’s ability to automatically invoke Policy Manager at defined development governance checkpoints, automates this painful task, ensuring consistency and completeness for all SDAs flowing through the development governance process.

For more information about SOA Software’s market-leading products, click here.

Impact Analysis

Click here to view a print-ready version of this page

As an organization’s SOA matures, increasing numbers of services along with applications and other SOA compositions dependent upon those services are deployed into mission-critical operational environments. Understanding end-to-end dependencies – application to service, service to schema, service to component, component to mainframe adapter to name a few – becomes crucial to ensuring stability of an organization’s SOA-based deployments.

Asset Relationship Visualization™ – As SOA-based applications and other compositions proliferate throughout the enterprise over the course of a successful SOA initiative, it becomes increasingly difficult to understand the impact of a change to any one part of the SOA deployment. Asset Relationship Visualization gives architects and other key SOA stakeholders a dynamically-generated visual view into such dependencies. Through its drag-and-drop Eclipse-based user interface, this Repository Manager option dynamically generates a dependency graph for any SDA based on asset and relationship type filtering rules configurable by the end user.

Strongly Typed Asset-to-Asset Relationships – Semantic understanding of dependencies in turn depends upon a clear understanding of the effect of those dependencies. Repository Manager’s patented dynamic SDA template infrastructure allows IT organizations to precisely define relationship types of interest and to establish validation rules that restrict establishment of such relationships to only assets meeting the semantic requirements specified by those types. For example, an “imports” relationship from a service may be restricted to schemas only, while a “consumes” relationship may allow components, mainframe adapters, and read-only data views to be bound to that same service.

For more information about SOA Software’s market-leading products, click here.

Metadata Federation

Click here to view a print-ready version of this page

For enterprises to fully understand and effectively govern their SOA environment, they must have a complete and coherent view of the services and other SDAs touched by their SOA initiative as well as the policies and processes that guide consistent development of SOA elements. This end-to-end view must incorporate and coordinate relevant content not only from service development and deployment activities but also from service planning efforts (e.g., proposed services and their traceability to existing system capabilities) and from existing service capabilities (perhaps sourced from packaged applications and third parties).

Organizations also need to deal with the added complexities introduced through extensive offshoring/outsourcing relationships. While these relationships clearly provide value to the enterprise in terms of both cost and flexibility, if not managed properly they can lead to provider lock-in at best and development disasters at worst. Maintaining visibility and scope of control over arms-length development activities is key to deriving the most value from those relationships.

End-to-end integrated service metamodel and governance process model – Repository Manager, Policy Manager and Service Manager provide a complete solution for development and operational governance automation. By defining a common service metamodel and governance process model across these products, SOA Software gives IT organizations a significant jump start towards cross-organizational fidelity and consistency, reducing the likelihood of manual error and eliminating redundant information management within the enterprise.

AnySource™ federation – Connectivity to SCM platforms and other development tools is crucial for IT organizations to accurately represent and govern their development efforts. These development systems of record are typically managed in a siloed manner with little to no communication and coordination across products. Repository Manager’s AnySource federation toolkit allows IT organizations to define and automate extraction rules that span these products, producing complete and coherent SDAs based on SDLC triggering events (e.g., source code promotion, establishment of a version baseline). Based on the well-known open source ANT framework, AnySource presents a well-understood task model for asset automation.

Service registry federations – As services enter into staging and production environments, service definitions and supporting metadata must be provisioned into the runtime registries supporting those environments. Repository Manager supports automated provisioning of such information to leading service registries such as IBM WSRR, HP SOA Systinet, TIBCO Active Matrix Registry, and any UDDI-compliant registry. These same registries can serve as sources to bring previously ungoverned services (e.g., services deployed as part of a packaged application) under development governance via Repository Manager’s Import Center.

Federated Repository Manager installations – Highly distributed development organizations may need localized repository installations to better manage content access and latency issues. Other organizations may need to establish filtered access to selective SDA information to their outsourcing partners while at the same time maintaining consistent governance processes over the SDAs developed by those partners. Repository Manager’s sophisticated federation model enables IT organizations to establish essentially any federation topology (e.g., tree, star, unidirectional point-to-point) across any combination of physically and logically separated library installations. Filtering rules can be established over each connection within the federation, thereby ensuring that only appropriate information is passed across the connection.

For more information about SOA Software’s market-leading products, click here.

Service and Asset Discovery

Click here to view a print-ready version of this page

The iceberg metaphor is apt when considering services within an enterprise: very few service implementations are greenfield, with the vast majority built upon one or more existing (typically strategic) capabilities already present in the enterprise or provisioned by business partners. The service interface, while important, is the small percentage of the total service that sits above the water line; mainframe and distributed applications, data views, EDI feeds, and many more software assets sit below the water line to make up the service implementation. Discovering and understanding these widely varied software development assets (SDAs) is crucial to an organization’s effective SOA development governance efforts.

Graphical Reference Models – Repository Manager’s patented graphical reference models allow organizations not only to visually represent important domain perspectives (e.g., business domain, technical domain) within their repository installation but to automatically map their SDAs to domain elements as part of the production governance process. Once mapped, these SDAs can be discovered by potential consumers via visual navigation, providing an intuitive and easy-to-use way to search for services and other content.

Deep IDE Integration – Visual Studio and Eclipse-based (both native and commercial variants) integrations give developers a natural and seamless interface into Repository Manager. Multi-view perspectives, drag-and-drop and other advanced interaction behaviors, and user-friendly dialogs and wizards simplify the process by which developers find the services they need.

Search Alerts – Sometimes what you need isn’t ready exactly when you need it. Repository Manager gives developers and other SDA consumers a way to “set and forget” searches. When the desired asset becomes available, consumers are notified of the fact via email or RSS feed. Many IT organizations use this approach to automatically disseminate architectural guidance to the broader team, ensuring everyone stays up-to-date with the latest SOA development approaches.

Consumer contract provisioning – As developers discover a suitable service for use in their application or other consuming composition, they need to specify the expected usage characteristics (i.e., the proposed service level agreement) for that service. Repository Manager directly exposes the valid service level policies defined within Policy Manager to developers for selection, and upon consumption governance approval automatically provisions a draft consumption contract to Policy Manager for downstream operational governance application. This end-to-end provisioning model ensures a consistent view across both development and production perspectives, greatly reducing the likelihood of operational errors when deploying SOA-based applications.

For more information about SOA Software’s market-leading products, click here.

Development

Click here to view a print-ready version of this page

The main responsibility of SOA Development Governance is to ensure that services are built correctly according to enterprise policies and industry standards. The adoption of SOA has changed the development lifecycle and introduced some new concerns that we highlight here:

Service and Asset Discovery
Metadata Federation
Impact Analysis
Change Management
Extensible Asset Management

For more information about SOA Software’s market-leading products, click here.

SOA Software Announces SOA Governance for Microsoft .NET Framework

Click here to view a print-ready version of this page

Los Angeles, Calif., June 10th, 2008—SOA Software, a leading Integrated SOA Governance Automation vendor, today announced that it has certified Windows Communication Foundation (WCF) within the Microsoft .NET Framework as a Governed Service Platform. This allows customers to confidently use the .NET Framework, which includes WCF, as part of a heterogeneous enterprise SOA environment sharing services with other commercial SOA platforms like SAP NetWeaver, IBM WebSphere, BEA, and Oracle, as well as RedHat and other open source providers.

Certified Governed Service Platform status means that customers can be confident that their platforms will not compromise the fidelity of the governance systems and structures defined in an enterprise SOA program. The certification process ensures that Governed Service Platforms can implement and enforce governance policies providing reporting data to enable a closed-loop audit process.

Microsoft customers add SOA Software’s Integrated SOA Governance Automation solution to the .NET Framework:

Ensure that services they identify, design and build using Windows Communication Foundation are relevant to and consumable by applications they design, build and deploy using other platforms like SAP and IBM.
Make services they expose from applications running on .NET based applications and WCF visible to and compliant with enterprise policies defined, enforced and audited across other platforms; and make services they design and build using other platforms like SAP and open source environments visible to and compliant with enterprise policies defined, enforced and audited across their .NET Framework applications.
Promote, ensure and formalize consistent alignment between demand from service consumers and the supply of services through Consumer Contract Provisioning.

SOA Software’s platform-independent Integrated SOA Governance Automation solution promotes the use of best-practices throughout an enterprise SOA program regardless of where services and consumers are designed, built, deployed and operated. SOA Software’s Solutions integrate with the Microsoft SOA and business process solutions including: .NET Framework, Microsoft BizTalk Server, Visual Studio and Team Foundation Server.

“The certification of Governed Service Platforms advances the discipline of Integrated SOA Governance Automation,” said Frank Martinez, executive vice president of SOA Software. “Microsoft customers are quickly using WCF to build enterprise SOA applications, this certification gives them the confidence that the enterprise adoption of WCF with SOA Software’s products will preserve the fidelity of the governance models, structures and mechanisms supporting their enterprise SOA program.”

“SOA Software’s certification compliments Microsoft’s continued commitment to delivering a governed enterprise SOA platform for our customers,” said Burley Kawasaki, director of product management for Microsoft Corporation. “By working closely with SOA Software as part of our Business Process Alliance, customers can confidently deploy BizTalk Server, the .NET Framework, and other Microsoft SOA platform components as part of a comprehensive integrated SOA governance solution.”

SOA Software and Microsoft
Microsoft customers use SOA Software for seamless, heterogeneous SOA Governance, Security and Management functionality with their Microsoft applications to ensure interoperability across disparate partners and platforms.

SOA Software’s products deliver mission-critical SOA governance capabilities to Microsoft .NET Framework and BizTalk Server customers. They provide: Closed-loop Governance, Uniform Policy Management, Heterogeneous Governance Automation, Dynamic Policy Enforcement and Implementation, and Trust Mediation and Bridging.

About SOA Software
The world’s largest companies including Merrill Lynch, Verizon, and Pfizer use SOA Software to quickly and confidently realize the value of SOA. SOA Software’s platform-independent Integrated SOA Governance and Mainframe SOA products process over 500 million mission critical transactions per month, ensuring the relevance, security, reliability, and performance of services and applications. For more information, please visit http://www.soa.com.

SOA Software, Workbench, Repository Manager, Service Manager, and SOLA are trademarks of SOA Software, Inc. All other product and company names herein may be trademarks and/or registered trademarks of their registered owners.

SOA Software Adds Support for Microsoft Visual Studio 2008 Team Foundation Server

Click here to view a print-ready version of this page

Los Angeles, Calif., June 10th, 2008—SOA Software, a leading Integrated SOA Governance Automation vendor, today announced that with Repository Manager 6.0 and its compatibility with Visual Studio 2008 Team Foundation Server version control, users can now seamlessly access artifacts stored in Team Foundation Server through the Repository Manager add-in for Visual Studio. Repository Manager’s compatibility with Team Foundation Server version control enhances collaboration among users of Visual Studio 2008, resulting in high productivity and exceptional quality control of important software development assets and services.

Through this Visual Studio 2008 Team Foundation Server enhancement, Repository Manager users have the flexibility to specify artifacts (both project/solution-based and individual files) by label or by version for inclusion within Repository Manager-governed software assets. This both improves the visibility and management of these resources through the Repository Manager, and allows application developers to easily import those artifacts by reference into consuming Visual Studio projects/solutions. Repository Manager 6.0 makes it easier than ever for .NET developers and architects to collaborate, enabling them to create and manage world-class business applications while adhering to an integrated and closed-loop SOA Governance process.

“SOA Software shares Microsoft’s belief that team collaboration and ease of use are prerequisites for application development success,” said Brent Carlson, Sr. Vice President, Technology of SOA Software. “The new Repository Manager for Team Foundation Server facilitates team coordination and significantly helps developers and architects with cross-platform development projects—without ever leaving the Visual Studio 2008 Team System environment. This is the latest example of SOA Software’s longstanding commitment to provide Microsoft developers and architects with convenient yet powerful tools to produce world-class software applications.”

Repository Manager is a Development Governance solution that simplifies the creation, integration, management and promotion of enterprise assets and services throughout the complete development lifecycle. Its strong integration with leading application development environments and federation with all major run-time repositories enables customers to rapidly deploy multiple assets types and services within the SOA service lifecycle.

speakTECH

Click here to view a print-ready version of this page

www.speaktech.com

ilitia

Click here to view a print-ready version of this page

ilitia technologies SRL is a private Spanish company (SME) based on Madrid, Spain. Our activity is focused on software development and information technology consulting services.

Our professional expertise ranges all the major stages in the software life cycle, including product and service inception, business requirements elicitation, software requirements management, technical prototyping and software design, software project planning, software implementation mainly on Microsoft and Java technologies, the full testing cycle along the different project phases and the final deployment or installation of software products or services.

In the field of information technology consulting, we provide professional advice on different software development technologies and enterprise servers, including corporate infrastructure, messaging and collaboration services, security, knowledge management, project management and others.

www.ilitia.com

Deloitte

Click here to view a print-ready version of this page

www.deloitte.com

one1

Click here to view a print-ready version of this page

www.one1.co.il

STS

Click here to view a print-ready version of this page

Established in 1989, STS is the complete end-to-end partner and systems integrator for enterprise and medium-sized organizations in Jordan and the MENA region. STS delivers comprehensive IT solutions to the government, banking, education and telecommunication sectors. These solutions include hardware and infrastructure, networking, software, portals, electronic fund transfer, e-banking, enterprise messaging, e-payment, e-government, e-security solutions and professional training services, among others.
www.sts.com.jo

iTKO

Click here to view a print-ready version of this page

www.itko.com

SOA Software and iTKO LISA Announce Combined SOA Governance and Validation Solution

Click here to view a print-ready version of this page

Los Angeles, Calif., June 9th, 2008—SOA Software and iTKO announce a combined solution for continuous management and quality assurance across the entire design, development and change lifecycle of SOA (Service-Oriented Architecture) applications. The integrated offering includes iTKO’s LISA Testing, Validation & Virtualization suite, and SOA Software’s Policy Manager and Service Manager solutions.

Joint customers of the solution will benefit from:

A high level of continuous quality assurance for risk mitigation within SOA Governance processes with less manual effort and cost;
Better compliance and control of defined Service Policies, with automated enforcement throughout the SOA design, development and change lifecycles to ensure business requirements are being met;
Increased collaboration and efficiency among all SOA stakeholders, so consumers and providers of services can complete their development, testing, integration and deployment activities in parallel, through the virtualization of service endpoints as well as simulating the behaviors of underlying systems.

“In short, SOA governance is about ensuring and validating that assets and artifacts within the architecture are operating as expected and maintaining a certain level of quality.” said Frank Kenney, Gartner. “The integration and monitoring of the three discrete SOA governance technologies (policy management, registry and testing) are essential to successful governance.”
The two companies have focused their solutions exclusively on the need for secure, reliable, and relevant SOA and distributed enterprise integration architectures since their inception. The combined solution makes sense for enterprises seeking to manage complex, heterogeneous service assets to ensure that business requirements are met, while mitigating the risk of inevitable change in underlying systems such as ESB/messaging, databases, mainframes and other custom and legacy applications.

”Compliance in SOA goes far deeper than ensuring the right integration and security protocols are in place,” said Frank Martinez, executive vice president, SOA Software. “By delivering SOA Software’s holistic, integrated SOA planning, policy, development and operational governance automation, with iTKO LISA’s ability to continuously automate the validation and virtualization of service assets managed by our solutions, we can ensure the agility, quality and confidence our customers demand from SOA.”

“The ability to execute Policy Validation with LISA directly from within SOA Software’s management platform creates a true automation framework for SOA Governance efforts,” said John Michelsen, founder and chief scientist, iTKO. “By taking much of the latency out of the process of Policy validation, teams responsible for producing and consuming services can break their dependency on each other, and collaborate on meeting defined business requirements throughout the design, delivery and change lifecycles of SOA.”
Features of the combined solution for SOA Software and iTKO customers include:

Continuous compliance and quality automation from concept to production support for SOA, with LISA validation natively executed as part of the workflows within SOA Software Policy Manager.
High visibility into SOA Policy compliance levels, with all tests, test results, endpoint data, and models viewed in a single repository.
Dramatic increase in the types of SOA Policy that can be modeled and validated, ensuring reliable service level outcomes.
Service Virtualization of endpoints, locations and binding properties from SOA Software combined with simulation of service behaviors and data from iTKO.Enhanced runtime validation of live SOA applications for both functional and performance purposes.

iTKO and SOA software are currently proving the value of the combined solution at a major health industry customer, and will cooperate in continued joint marketing and methodology development, to ensure successful adoption of SOA Governance, Quality and Validation practices in the field.

SOA Software, Policy Manager, Repository Manager, Service Manager, and SOLA are trademarks of SOA Software, Inc. All other product and company names herein may be trademarks and/or registered trademarks of their registered owners.

About iTKO LISA
iTKO LISA offers the most comprehensive solution for testing, validating, and virtualizing Service-Oriented Architectures (SOA). iTKO’s mission is to minimize the business risk inherent in making frequent changes to complex IT environments. Their LISA software suite provides Complete, Collaborative, and Continuous quality throughout the enterprise software delivery lifecycle. LISA enables the extended team, from development, to QA and business analysts to exercise multiple business technology layers within a single test case. LISA automates unit, functional, regression, load and performance tests, and virtualization of services and data. Founded in 1999, the Dallas-based company’s customers include Citigroup, WaMu, Level3, TIBCO and i2. http://www.itko.com

SOA Software Announces SOA Development Governance Product

Click here to view a print-ready version of this page

Unisys

Click here to view a print-ready version of this page

Unisys is a worldwide information technology services and solutions company. We provide consulting, systems integration, outsourcing and infrastructure services, combined with powerful enterprise server technology. We specialize in helping clients use information to create efficient, secure business operations that allow them to achieve their business goals. Our consultants and industry experts work with clients to understand their business challenges and create greater visibility into critical linkages throughout their operations.

www.unisys.com

Modul1

Click here to view a print-ready version of this page

Modul 1 is a public Swedish IT-consultancy company focusing on developing, securing and supporting IT-solutions for knowledge intensive corporate and government clients. We have extensive industry expertise within banking, insurance, healthcare and defense. Our consultants are specialized in knowledge solutions, integration services and IT-governance.

Our proven track record of successfully executing projects that have contributed to increased competitiveness and cost effectiveness have earned us Managed and Gold Partner status with Microsoft. We are also partners with BEA Systems and IBM.

Modul 1 has offices in Stockholm, Gothenburg and Sundsvall.
Modul 1 is a public company listed at Stockholmsborsen (small-cap) since 1997.”
www.modul1.se

Design-time governance focus of SOA Software’s latest release

Click here to view a print-ready version of this page

Workbench

Click here to view a print-ready version of this page

Please note: SOA Software has renamed its Workbench product to Policy Manager. For updated information please click here. This name change reflects the breadth and depth of policy support this product offers compared to competitive registry/repository solutions.

Workbench™ is a comprehensive SOA governance solution offering an integrated metadata repository and UDDIv3 registry with unique workflow and collaboration capabilities to instill consistency and accountability and encourage desired behavior.

Workbench can be deployed stand-alone providing powerful SOA governance capabilities with built-in design-time policy enforcement and run-time policy management. It can also be deployed with SOA Software’s Service Manager™, or any other standards-based SOA management and security solution, to deliver comprehensive closed-loop SOA infrastructure.

Workbench combines an enterprise-class UDDIv3 registry with a powerful, innovative metadata repository. It delivers a role-based JSR-168 compliant Web-based portal interface to ensure that different users have easy access to the features and capabilities they need and use the most.

Workbench provides comprehensive SOA Governance tools for all the different roles in the organization including; service developer, consumer developer, architect, business stakeholder, IT operations, security operations, and more. It uses a role-based security model for authorization of policy-driven SOA Governance process control such as service publishing and provisioning workflow approvals, and to protect sensitive information.

Workbench defines, monitors, and manages Active Contracts™ between consumers and providers. These contracts are created through a workflow-based negotiation process, supported by ad-hoc collaboration between vested constituents and can be enforced by a standards-based SOA run-time security and management solution like Service Manager. They define the specific policy sets that will be used and enforced, the SLAs and alerts the service commits to, and the access profile and capacity granted to the consumer.

Workbench delivers mission-critical SOA governance capabilities to customers:

Publish and Discovery Workflow and Controls
Workbench delivers powerful workflow and approvals features for service publishing and provisioning combined with innovative search, browse, and collaboration features to:

Ensure that published services are appropriate and comply with enterprise design guidelines
- Provide a publishing workflow with built-in tests to verify compliance with policies
Reduce development cost and time by providing a service for publishing and discovery of services and all related assets
- Developers browse or search a central registry for categorized services
- Retrieve basic service assets from the registry/repository
- Flexible tagging, categorization, and taxonomy models
Facilitate communication between vested parties through contextual collaboration
- Ad-hoc and unstructured interactions between vested constituents around organization, policy, service, and contract

Service and Metadata Lifecycle Management
Workbench offers comprehensive lifecycle management and governance capabilities to help companies:

Plan, analyze, design, implement, test, change, and retire design and run-time policies for services
Plan, analyze, design, implement, test, change, and retire service consumption contracts
Plan, analyze, design, implement, test, change, and retire XML schema and other assets
Manage the lifecycle of a service from development, test, production, version update(s), and deprecation
- Identify the impact of a new version of a service and determine an appropriate versioning strategy

Policy Management
At the core of Workbench is the industry’s leading policy management solution. It allows organizations to:

Manage design-time policies for services
- Define and manage service validation and conformance policies for service design and registration
Manage run-time policies for services
- Define and manage security, routing, reliability, mediation, and other run-time policies
- Define policies for services across all popular types of service containers including, Java and .NET app servers, ESBs, Mainframe, and packaged applications
- NOTE: Without deep integration with an SOA management solution, these policies will be informational only, and will not be enforced
Audit that run-time policies are being enforced through compliance accounting and reporting
- Use metrics and reports from the run-time system to validate that running services comply with defined run-time policies
- Capture performance and usage metrics according to policies
- Statistically and algorithmically capture comprehensive message data
- Track and manage security and other policy exceptions
- Compare and reconcile collected metrics with policies for audit purposes

Contract Management
Workbench uses Active Contracts™ to:

Manage relationships between service consumers and providers
- Provide a workflow allowing the negotiation of policies, SLAs, and capabilities between consumer and provider>/li>
- Enforce a contract that tracks this relationship
- Provide notifications on changes
Deliver consumer-led service and policy definition
- Consumers can request a service (WSDL) with constraints and capabilities (policy) they would like to use and allow organizations to fulfill this by negotiating and implementing the agreed policies and services
Manage the supply and demand equation for services with a contract-based provisioning process for:
- Capacity planning
- Version management
- Service deprecation
- Map relationships between services for impact and exception analysis and reporting

Value Management
A unique capability of Workbench is its ability to:

Measure and manage the value and effectiveness of SOA in the organization
- Assign real or arbitrary value to a services transactions for billing or tracking purposes
- Monitor which parts of an organization are publishing services that have broad value to the business
- Monitor which parts of an organization are reducing costs by consuming services provided by others
- Monitor which parts of an organization need further encouragement to adopt SOA

Please note: SOA Software has renamed its Workbench product to Policy Manager. For updated information please see Policy Manager™.
To download a PDF data sheet of the SOA Software Workbench product, click here

SOA Software Announces SOA Development Governance Product

Click here to view a print-ready version of this page

Los Angeles, Calif., June 2nd, 2008—SOA Software, a leading Integrated SOA Governance Automation vendor, today announced the availability of Repository Manager 6.0 (previously Logidex™). Repository Manager enables enterprises to understand what services and other software assets exist, where they’re located and how each fits into a company’s business and technical landscape. By providing a context for understanding and assessing existing software assets, Repository Manager serves to automate the path to SOA, enabling customers to rapidly develop, govern and deploy services within the SOA service lifecycle.

Repository Manager is SOA Software’s industry leading development governance platform that simplifies the creation, integration, management and promotion of enterprise assets and services throughout the complete development lifecycle. Its strong integration with leading application development environments, federation with all major run-time registries like IBM WSRR, HP SOA Systinet, and other UDDI registries, and its integration with SOA Software’s Policy Manager™ enables customers from a single point of control to rapidly deploy services and other software assets within the SOA enterprise lifecycle.

Repository Manager extends SOA Software’s integrated SOA governance leadership position by adding key capabilities via expanded partner product integrations and increased governance automation flexibility. It provides an enhanced governance administration user experience through the Configuration Designer, an Eclipse-based graphical governance environment. Now from a single point of control users can easily govern and manage services as they progress through the service development lifecycle, and provide key feedback at critical checkpoints across the service lifecycle.

Repository Manager’s strong integration with leading application development environments, federation with all major service registries and extensive integration with Policy ManagerTM enables customers to rapidly develop, govern and deploy services and their supporting assets within the SOA service lifecycle. Repository Manager is used by Fortune 500 customers to drive application agility and reduce cost and risk in their SOA deployment.

Experience has demonstrated that it is 30 times less expensive to make a modification or enhancement during a software asset’s development versus when that asset is deployed. The loosely-coupled nature of SOA in particular demands effective development governance, and the most effective way to provide development governance for services and other software assets is with SOA Software’s Repository Manager. Repository Manager capabilities include:

Development Governance – manage heterogeneous asset types from a single source. These assets can include services, components (.NET, J2EE, CORBA), legacy systems, and/or knowledge assets, such as patterns and best practices, used by development teams. Repository Manager provides seamless integration with Microsoft, SAP, IBM, and other development platforms.

Federation with Service Registries – discover and publish services from and to service registries including HP SOA Systinet, IBM WSRR, Software AG CentraSite and any UDDI registry to ensure consistency of service definitions through the enterprise.

Integration with Leading Software Development Platforms – reference and replicate assets and artifacts from common SCM solutions. Provide seamless governance processes across all enterprise software development platforms including Microsoft, SAP, IBM, Eclipse and others.

Deploy and Manage Assets and Services Effectively – deep integration with Policy Manager to provide compliance policy validation to ensure the relevance of services and other software assets. Strong integration with development tools ensures efficient operation of the development process.

Discover Assets and Services Collaboratively – comprehensive technical and business search capabilities to ensure that created applications meet business needs.

Repository Manager version 6.0 extends the federation framework with support for more development platforms, the ability to easily import ungoverned services from run-time registries and a graphical interface to configure development governance policies; further solidifying Repository Manager as the unparalleled leader in development governance. Repository Manager 6.0 continues to make it easier than ever for developers, architects and business analysts to create and manage world-class business applications, while simultaneously increasing the business value of their service-oriented architecture.

“Enterprises are looking for vendors to provide seamless governance across the SOA lifecycle while at the same time looking for solutions that increase the visibility and feedback at various governance check points,” said Brent Carlson, SVP of Technology of SOA Software. “SOA Software’s expanded partner product federation allows us to deliver unprecedented development governance across the lifecycle.”

Key deliverables for Repository Manager 6.0 include:

Policy Manager Integration – Repository Manager 6.0 processes can automatically provision service and schema definitions under development, to Policy Manager which in turn automatically applies the correct compliance policies for those definitions.
Asset Import Center Enhancements – Repository Manager 6.0 Import Center has been enhanced to support discovery and synchronization from IBM WSRR and UDDI registries
Configuration Designer Plug-In - This Eclipse plug-in enables users to graphically design governance processes for deployment to their Repository Manager 6.0 installations.
IBM Rational ClearCase Integration Enhancements - With this integration, ClearCase and Repository Manager 6.0 users can be certain they are accessing and working with the latest version of an asset’s artifacts, eliminating the potential for code duplication and code compatibility mismatches through Repository Manager 6.0- driven ClearCase symbolic links.

About SOA Software
The world’s largest companies including Merrill Lynch, Verizon, and Pfizer use SOA Software to quickly and confidently realize the value of SOA. SOA Software’s platform-independent Integrated SOA Governance and Mainframe SOA products process over 500 million mission-critical transactions per month, ensuring the relevance, security, reliability, and performance of services and applications. For more information, please visit http://www.soa.com.

Enterprise SOA and the Mainframe

Click here to view a print-ready version of this page

Recorded June 11th, 2008, 2 PM EST
What do companies look for in mainframe SOA? What should they look for? In this webinar overview, Jim Crew, Vice President of SOA Software, will explain the complex issues involved in incorporating mainframes into a service oriented architecture. When the development environment is right, you can turn a legacy application into a completely governed service in just minutes. The wrong solution, however, will likely lead to legacy headaches.

Attendees of this webcast will learn:

How the mainframe relates to enterprise SOA
About the SOLA solution and its advantages
How to create a complete and fully governed web service from a legacy application in just a few minutes

Featured Speakers:

Jim Crew
Vice President, SOA Software
Bruce Burstein
Project Manager/V.P., Merrill Lynch

Learn more and register for this event

Newera Health

Click here to view a print-ready version of this page

Founded in 2004, NewEra Health is a privately owned Canadian corporation created to bring together some of the best and brightest health care and Information Technology minds in the world. Our goal is to help our clients meet their goals by applying our skills and experience derived from decades of international experience in health care and Information Technology.
The NewEra team is comprised of highly skilled business and technical leaders from across Canada. Our skills and experience are unparalleled in the fields of health system management and policy, business/clinical practice transformation and results driven e-Health. Our results-driven approach to e-Health is based on the belief that real health system change can only be realised through careful planning and execution and that Information Technology is merely an enabler to achieve your broader business goals and objectives. Our “business first” approach ensures that your e-Health strategy is fully aligned with your health system and business strategies.

We specialize in e-Health strategy and the design and implementation of e-Health focused technology solutions. We excel in the development, implementation and operations of secure, highly available, reliable, e-health solutions.

www.newerahealth.ca/

SOA Software WINS Red Herring 100 North America AWARD

Click here to view a print-ready version of this page