Welcome!

Cloud Expo Authors: Kevin Benedict, Richard Moulds, Liz McMillan, Peter Silva, Jnan Dash

Related Topics: SOA & WOA, Java, .NET, Virtualization, Web 2.0, Cloud Expo, GovIT

SOA & WOA: Article

SOA and the Cloud: Why Your Cloud Applications Need SOA

Use a services-oriented architecture as the fabric upon which to build your cloud-based applications

Some consider cloud computing to be a cure-all for virtually any type of IT infrastructure. And while the cloud certainly delivers on many of its promises, it will never truly provide all that it's capable of unless it's optimized for integration with other applications and evolution for new requirements. What is the best way to provide this? Use a services-oriented architecture (SOA) as the fabric upon which to build your cloud-based applications. In this article, we'll outline the reasons why an SOA is so important for the cloud, some principles to consider when creating your cloud platform on an SOA.

A marriage made in IT heaven: Cloud and SOA
Cloud promises just about everything a CIO could possibly hope and dream for:  lower IT costs, eradication of daily management tasks, and massively reduced overhead. At this point in its evolution, however, cloud has been so touted and lionized; it's difficult to know how to separate the truth from the hype.

But for those who have had to implement and manage packaged enterprise applications, there are at least some aspects of cloud that are indeed very real, and those involved are eager to take advantage of. Cloud truly can provide a huge positive change in how you run your business, and we know by now that some of the early promises of cloud are indeed being delivered upon. And even though there will always be limitations to what was initially promised, those bulleted lists of what cloud can do for us are, thankfully, mostly true.

What's not as evident though, is the fact that a cloud offering is really just a way of delivering functionality through a service. It's not worth a whole lot if there's not a unified roadmap for how to construct, orchestrate and run all the services your organization relies upon. Without the processes that bring a service to the user, then all you have is some code that's easily accessible. Can the cloud concept still save you time, money and resources? Of course it can, but cloud services and functionality need to be brought together with a unified plan.

Can you guess what that unified plan is? Well, there are a lot of different ways to do it, but the easiest way, and the one that provides the greatest flexibility and most applicable built-in governance is a service-oriented architecture (SOA). There's confusion about the role an SOA plays in a cloud environment, but make no mistake, cloud is not a replacement, nor an incremental improvement of cloud. Rather, SOA acts as a cohesive, flexible infrastructure that enables services to function and integrate. That's partially because, just by its very nature, an SOA is a services-based platform. An application in the cloud can't do much unless it's sitting on top of something that's optimized to recognize and pull together, in an agile way, the various types of components that exist within a service (and even more so when you're combining a variety of services).

Figure 1: A service-oriented architecture at its essence

While the cloud needs SOA, it's important to implement it with adequate services security, governance, adherence to standards, and commitment to flexibility. There are entire operational, developmental, planning, and policy attributes that are crucial to using an SOA for your cloud, and that's what we've built our SOA platform on. Our Integrated SOA Governance solutions provide integration capabilities that enable your enterprise applications to be integrated and communicate with one another.

Okay, so we're a vendor, and we're inclined to think that best results will come in the form of our solution. But we created our SOA governance model mostly because, through years of collective experience and an inordinate amount of research, we recognized that a true SOA environment is the most effective way to unify, govern and manage enterprise apps and to enable your organization to grow in a scalable way without having to re-architect your IT framework. When it comes to cloud, well, there are a lot of different ways to skin this cat, but we think that architecting your enterprise application and services environment with an SOA will ensure that you're truly taking advantage of the cloud.

Putting cloud and SOA together
With the presumption that SOA and the cloud support and extend one another, there's still a great deal of confusion over where an SOA starts and the cloud begins.

Perhaps it's best to think about it in terms of a foundation and the things that sit on top of it. SOA provides a stable foundation, but it's not static. It's inherently flexible; in fact, one of an SOA's greatest attributes is its ability to adapt and integrate to both legacy systems and whatever may change and evolve in your IT landscape. That adaptability allows for any applications and systems to integrate with the basic structure of the platform, and optimizes how applications are accessed and data is transacted. And what platform can produce the best results in this environment? You guessed it - the cloud.

In our view, there really is no point at which an SOA ends and something else "takes over". Rather, we see that an SOA and cloud architecture are complementary, and that to be successful at having an effective architecture, you really need to think about what will optimize your services-based infrastructure. And if you're going to deliver or transact with cloud-based services, it probably makes sense to keep SOA as the foundation for everything, and putting a cloud-based system on top of that. The benefits will be mostly from the interoperability among all the different services that are transacting through the cloud, but are optimized because the SOA allows them to communicate and work with one another seamlessly (this, of course, is subject to your implementation).

Each component in a cloud-based application should be considered a separate Enterprise Service, even if they are not hosted by your IT organization.  To get a cloud-based application working right, and assuring that it will perform as expected over time, one needs a single point of governance over these highly virtualized Enterprise Services throughout the entire service lifecycle.

Starting at the planning stage, creators of a cloud-based application need to develop and track the inventory of cloud services that are available or under construction.  Business analysts, architects and developers need to be able to compare their enterprise SOA roadmap and desired slate of cloud applications with the Enterprise Service inventory, which consists of both cloud-based and traditional Enterprise Services.  Planning governance gives these stakeholders the ability to assign development priority to the cloud services that are most urgently needed, as well as determine the applicability of cloud technology to the problem. For instance, is the application subject to "speed-of-light" concerns?

Figure 2: Stages and elements of a cloud/SOA solution

A development governance solution will provide seamless management of "the cloud" as a development target. Operational governance for cloud services should ensure two important governance factors:  First, that the services themselves implement and enforce relevant policies for data protection, security, and service levels.  Secondly, it should ensure the federation of externally provided cloud services into the enterprise network. This is similar to the way externally provided SaaS services need to be federated for policy and message exchange pattern mediation.

Cloud services are subject to the same governance process as any other enterprise service, and as such need the same levels of policy governance.  For cloud services this includes the ability to define cross-cutting policies during the planning process and validate and enforce these policies through development and operations.

SOA Software product suite allows for easy management of SOA Governance throughout the plan-build-run service lifecycle, anchoring the process with strong policy governance. In planning, SOA Software Portfolio Manager allows planning stakeholders to develop an SOA roadmap, compare it to existing and planned services, and assign priority to selected services.  In development, SOA Software's Repository Manager makes sure that enterprise services confirm to appropriate standards and guidelines, providing powerful change management capabilities.  It also governs the consumption process, facilitating controlled and measurable asset reuse. When services are deployed, SOA Software Service Manager implements and enforces defined policies for security, performance, and reliability to ensure that enterprise services function as intended.  SOA Software Policy Manager works in concert with these products to keep policy definitions, and associated metadata, consistent as the service matures from planning through development and then into operation.

Arriving at Cloud Nirvana
Keep in mind that it's not that SOA provides the glue, or that it fills in any gaps, but rather in the model of a well-constructed enterprise architecture, SOA is both the support net and the building blocks that allow you to truly benefit from the cloud. But if you're trying to boil it down to its essence, it comes down to these points where SOA delivers value and cohesion for your cloud:

  • Governance: what's not often stated about the cloud is the need for thorough and comprehensive governance. Nothing provides that better than a services-based framework that actually requires standards to keep all the disparate applications communicating and transacting with one another.
  • Integration: your apps from yesterday, the ones you have now, and the ones you're going to buy/develop in the coming years will all need to integrate and interact irrespective of complexity. SOA is entirely built on the precept that THAT is its main function - to take processes, no matter where they come from, and make them worth with other processes. If you doubt that, we'll invite you to chat with any of our customers and they can describe how much easier things got once they focused on SOA.
  • Common purpose: applications are meant to be used and users don't care where the app lives, or what it took to bring the functionality to them. They just want it up when they are, and ready to transact business 24/7. The cloud is supposed to provide the house in which that's all done, but it just won't get done unless there's a flexible backbone that enables all of that. Again, that's the job of SOA.

We know that there are dozens of other considerations, some at the business rules level, and some having to do with hardcore code compliance. But ultimately when we need to take a solution back to our company and help them be successful, we'll think about these things and realize that if we can agree on a common purpose for our apps, integrate them, and provide the necessary governance, then we're ready to establish our presence in the cloud and prepared to grow and adapt.

When you get there, when you get to that point where you're running your applications in the cloud and benefiting from substantial cost savings and watching integrated apps play nicely with one another, and the CEO pats you on the back and tells you what a great job you're doing, then you will know that you are, in fact, in cloud nirvana.

More Stories By Roberto Medrano

Roberto Medrano, Executive Vice President at SOA Software, is a recognized executive in the information technology fields of SOA, internet security, governance, and compliance. He has extensive experience with both start-ups and large companies, having been involved at the beginning of four IT industries: EDA, Open Systems, Computer Security and now SOA.

Prior to joining SOA Software, he was CEO of PoliVec, a leader in security policy. Before joining PoliVec, he was one of the top 100 Sr. Executives at Hewlett Packard. At Hewlett-Packard (HP) served as the General Manager of the E-Services and Internet Security Divisions. Medrano has held executive positions at Finjan, Avnet Inc, and Sun Microsystems. Medrano participated in President Clinton’s White House Security Summit and has been an active member on National Cyber Security Summits, and the White House National Strategy to Secure Cyberspace.

Medrano has been selected as one of “The 100 most influential Hispanics in US”, “The 100 most influential Latinos in Silicon Valley” “Top 100 most influential Hispanics in Information Technology” and is co-founder and CEO for Hispanic-Net, a non-profit organization. Medrano holds an MBA from UCLA, a MSEE from MIT, BSEE from USC.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Cloud Expo Breaking News
Cloud Computing is evolving into a Big Three of Amazon Web Services, Google Cloud, and Microsoft Azure. Cloud 360: Multi-Cloud Bootcamp, being held Nov 4–5, 2014, in conjunction with 15th Cloud Expo in Santa Clara, CA, delivers a real-world demonstration of how to deploy and configure a scalable and available web application on all three platforms. The Cloud 360 Bootcamp, led by Janakiram MSV, an analyst with Gigaom Research, is the first bootcamp that introduces the core concepts of Infrastructure as a Service (IaaS) based on the workings of the Big Three platforms – Amazon EC2, Google Compute Engine, and Azure VMs. Bootcamp attendees will get to see the big picture and also receive the knowledge needed to make the best cloud decisions for their business applications and entire enterprise IT organization.
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
The Internet of Things is a natural complement to the cloud and related technologies such as Big Data, analytics, and mobility. In his session at Internet of @ThingsExpo, Joe Weinman will lay out four generic strategies – digital disciplines – to exploit emerging digital technologies for strategic advantage. Joe Weinman has held executive leadership positions at Bell Labs, AT&T, Hewlett-Packard, and Telx, in areas such as corporate strategy, business development, product management, operations, and R&D.
SYS-CON Events announced today that DevOps.com has been named “Media Sponsor” of SYS-CON's “DevOps Summit at Cloud Expo,” which will take place on June 10–12, 2014, at the Javits Center in New York City, New York. DevOps.com is where the world meets DevOps. It is the largest collection of original content relating to DevOps on the web today Featuring up-to-the-minute news, feature stories, blogs, bylined articles and more, DevOps.com is where the thought leaders of the DevOps movement make their ideas known.
There are 182 billion emails sent every day, generating a lot of data about how recipients and ISPs respond. Many marketers take a more-is-better approach to stats, preferring to have the ability to slice and dice their email lists based numerous arbitrary stats. However, fundamentally what really matters is whether or not sending an email to a particular recipient will generate value. Data Scientists can design high-level insights such as engagement prediction models and content clusters that allow marketers to cut through the noise and design their campaigns around strong, predictive signals, rather than arbitrary statistics. SendGrid sends up to half a billion emails a day for customers such as Pinterest and GitHub. All this email adds up to more text than produced in the entire twitterverse. We track events like clicks, opens and deliveries to help improve deliverability for our customers – adding up to over 50 billion useful events every month. While SendGrid data covers only abo...
SYS-CON Events announced today that the Web Host Industry Review has been named “Media Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Since 2000, The Web Host Industry Review has made a name for itself as the foremost authority of the Web hosting industry providing reliable, insightful and comprehensive news, reviews and resources to the hosting community. TheWHIR Blogs provides a community of expert industry perspectives. The Web Host Industry Review Magazine also offers a business-minded, issue-driven perspective of interest to executives and decision-makers. WHIR TV offers on demand web hosting video interviews and web hosting video features of the key persons and events of the web hosting industry. WHIR Events brings together like-minded hosting industry professionals and decision-makers in local communities. TheWHIR is an iNET Interactive property.
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.
SYS-CON Events announced today that Verizon has been named “Gold Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Verizon Enterprise Solutions creates global connections that generate growth, drive business innovation and move society forward. With industry-specific solutions and a full range of global wholesale offerings provided over the company's secure mobility, cloud, strategic networking and advanced communications platforms, Verizon Enterprise Solutions helps open new opportunities around the world for innovation, investment and business transformation. Visit verizonenterprise.com to learn more.
SYS-CON Events announced today that TMCnet has been named “Media Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Technology Marketing Corporation (TMC) is the world's leading business to business and integrated marketing media company, servicing niche markets within the communications and technology industries.
"In my session I spoke about enterprise cloud analytics and how we can leverage analytics as a service," explained Ajay Budhraja, CTO at the Department of Justice, in this SYS-CON.tv interview at the 14th International Cloud Expo®, held June 10-12, 2014, at the Javits Center in New York City. Cloud Expo® 2014 Silicon Valley, November 4–6, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading Cloud industry players in the world.
“We are starting to see people move beyond the commodity cloud and enterprises need to start focusing on additional value added services in order to really drive their adoption," explained Jason Mondanaro, Director of Product Management at MetraTech, in this SYS-CON.tv interview at the 14th International Cloud Expo®, held June 10-12, 2014, at the Javits Center in New York City. Cloud Expo® 2014 Silicon Valley, November 4–6, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading Cloud industry players in the world.
"We are automated capacity control software, which basically looks at all the supply and demand and running a virtual cloud environment and does a deep analysis of that and says where should things go," explained Andrew Hillier, Co-founder & CTO of CiRBA, in this SYS-CON.tv interview at the 14th International Cloud Expo®, held June 10-12, 2014, at the Javits Center in New York City. Cloud Expo® 2014 Silicon Valley, November 4–6, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading Cloud industry players in the world.
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity. In his session at Internet of @ThingsExpo, Mac Devine, Distinguished Engineer at IBM, will discuss bringing these three elements together via Systems of Discover.
The Internet of Things promises to transform businesses (and lives), but navigating the business and technical path to success can be difficult to understand. In his session at 15th Internet of @ThingsExpo, Chad Jones, Vice President, Product Strategy of LogMeIn's Xively IoT Platform, will show you how to approach creating broadly successful connected customer solutions using real world business transformation studies including New England BioLabs and more.
All too many discussions about DevOps conclude that the solution is an all-purpose player: developer and operations guru, complete with pager for round-the-clock duty. For most organizations that is not the way forward. In his session at DevOps Summit, Bernard Golden, Vice President of Strategy at ActiveState, will discuss how to achieve the agility and speed of end-to-end automation without requiring an organization stocked with Supermen and Superwomen.