I
would like to very respectfully offer a slightly different viewpoint for SOA
than that which was described below ("SOA is about business processes"). I like
to say that SOA *enables* agile and efficient business processes; however it is
not *about* business processes.
Here's why: SOA - meaning leveraging the SOA paradigm
by creating shareable, reusable services that have characteristics such as
transparency, leveraging of open standards, etc. (see lots of good literature on
this) - provides a mechanism whereby automated (or semi-automated) processes can
be constructed using services to represent the various activities (and possibly
also the tasks, though they may be part of a single service's capabilities) that
comprise a business process. This provides a distinct operational advantage to
an organization leveraging SOA in that they have the ability to *efficiently*
change how the capabilities of one or more activities of a business process are
provided, leverage externally provided capabilities (i.e. external services)
within a process, introduce new activities (steps) into the process, and
more.
Also, use of SOA does not require business processes -
rather, SOA is the "layer below" business processes that provides the
capabilities (features) described above, just as - for example - TCP
provides the connection capabilities for HTTP when HTTP is used on top of TCP/IP
(as opposed to, for example, UDP).
In the SOA Reference Model (SOA-RM) TC, we elaborated
on these distinctions in our current Public Review draft[1], in the section
called "Process Model" (Section 3.2.2.2.2):
"Note that although the process model is an
essential part of this Reference Model, its extent is not completely defined. In
some architectures the process model will include aspects that are not strictly
part of SOA – for example, in this Reference Model we do not address the
orchestration of multiple services, although orchestration and choreography may
be part of the process model of a given architecture. At a minimum, the process
model MUST cover the interactions with the service itself."
Joe
Joseph Chiusano
Associate
Booz Allen Hamilton
700 13th St. NW, Suite 1100
Washington, DC 20005
O: 202-508-6514
C: 202-251-0731
I agree with David. SOA is about business process.
Anyway, it is interesting that DISA has been moving forward with their
net-centric enterprise architecture concept. http://www.disa.mil/main/prodsol/cs_nces.html
In their NCES documents they state: Service-Oriented Architecture
Foundation (SOAF) provides DOD's software foundation for interoperable
computing. Core services included in the SOAF are security/information
assurance, service discovery, enterprise service management, machine-to-machine
messaging, people and device discovery, mediation, and metadata registry
services.
Funny, they are now releasing procurements with NCES language and yet other
parts of the Government are not.
Also, I have been involved with the Geospatial Profile of the FEA and that
Profile for sure is grounded in SOA philosophy.
Cheers
Carl
----- Original Message -----
Sent: Friday, April 14, 2006 7:10
AM
Subject: RE: [egov] FWD - GCN: OMB's Clay
Johnson predicts e-government's future - 2008 and beyond
Anders,
All is not gloom and doom however. Yes there have been mis-steps -
but people are learning from those and new RFPs coming out do reflect the
realization that when government pays to develop major new systems they have
to be using broadly re-usable technology that does adher to open standards,
open license / source and be heavily rule driven and scriptable /
configurable via XML mechanisms. Have we really built one of these
yet? Not yet - but I do see legacy systems that have aspects that we can
point to.
Also people need to stop trying to solve business problems with
technology tricks without first understanding the real needs and process
models. The OASIS BCM approach can provide people with vision and
answers in a systematic way. The tendency is always the old adage
'just write code, while I find out what the users want'. 'Just writing
code' runs very deep - we really have not de-programmed the IT work force
itself - from the cradle in the Universities and schools to
on-the-job middle-level project managers - that's what they are taught
and see around them - and they have a huge jump of faith to make - to go
to rule driven XML enables systems. It's like people doubting that one
JCB back-hoe in two hours can do the same job as 50 men with shovels and
pick-axes can do in two days. Those 50 men are always in there - working
with their shovels - while people are still deciding if they want to
really use the back-hoe for those two days. By the time they decide
they might have, the opportunity is gone. Expediency and
comfort over planning and paradigm shift.
And by-the-way - in case anyone has doubts - yes -
rule-based XML driven systems do work - developed from business models
and control mechanisms that put the business goals first - not the
reverse - technology driving the business approach - and we need to focus
harder on making the leap - and demanding these things at the heart of the
architecture of new systems. Meanwhile people are equating SOA to how
many WSDLs and XSDs they have created. Then back in the 'just write
code' camp - this is all being supported by Java, VOs, static DAOs and such -
which is the exact antithesis of an agile dynamic XML-driven
environment.
Anders - so when it comes to the security models -
yes - there are a lot of mis-steps too - because people start from the
technology level and some security device based on machine-level
thinking and then attempt to work out to the business. Not
surprisingly this results in tools that real users deeply mis-trust and shun -
and most especially because these end users are pushed to the edge having zero
control over the security methods and access themselves. Again what the
BCM teaches from the business side is - you need to start there - with MoUs,
and CPAs defining the roles, responsibilities, policies, constraints and
contextual use models. Once you have that clear - then its a much easier
step to see what technology devices are needed to enable that. Then you
hit the 'just write code' layer - and the ability to have these overarching
views drive the behaviour of the deployed systems completely evaporates
again.
But the contractors team was the best-value-bid on
our evaluation criteria and they have built systems like this before - so
what's not to like? Clue / Hint : the contractors have small
interest in breaking their golden goose cycle - building bespoke systems
that require shovels and picks to run and cannot be readily extended.
SOA is about way more than WSDL and XSD - its about
truely shared business mechanisms that have transparency and agility
beyond todays static and brittle interaction models. The technology
tools are there to support this - open source, collaborative methods, open
standards, XML, rule agents, security methods, open platform development tools
- but the transition to these is slowed by in-grained behaviour models.
The cycle continues and the paradigm shift is yet to
happen.
DW
-------- Original Message -------- Subject: Re:
[egov] FWD - GCN: OMB's Clay Johnson predicts e-government's future
- 2008 and beyond From: "Anders Rundgren"
<anders.rundgren@telia.com> Date: Fri, April 14, 2006 8:11
am To: "eGov OASIS" <egov@lists.oasis-open.org>
A comment:
According to leading Federal PKI spokesmen,
applications based on SOA (Service Oriented
Architectures) are out-of-scope. In my opinion it will be hard to achieve any major savings and GPEA adherence
unless you have a working, secure SOA or WS
scheme in place. As it current looks, many wheels will be reinvented over and over, and each
time with a new twist, with staggering costs
and limited interoperability as a likely result.
The current Federal security architecture is
focused on person-to-person e-mail using S/MIME, something which is not even remotely related to SOA.
So what is actually missing? The notion
of an application (server) as an initiator
and originator of a message. This is the core of SOA and WS.
Naturally PIV-cards have no
direct function in such a transaction, although there may be a PIV-initiated request in the beginning of a
chain of WS requests.
I noted at a recent NIST event, that the
Higher Education PKI (HEPKI), after years of
struggle with their version of the Federal security architecture,
are beginning to question if it ever will
deliver what was envisioned more than a
decade ago, when it was initially defined.
The financial industry OTOH, have successfully
deployed "SOA-like" schemes since ages back,
including on a global scale, and as far as I can see they don't get
hung by the idea that "machines" can do
transactions; it is rather this they strive for.
Anders Rundgren
----- Original Message -----
Sent: Tuesday, April 11, 2006
18:49
Subject: [egov] FWD - GCN: OMB's Clay Johnson
predicts e-government's future - 2008 and beyond
FYI
OMB's Clay Johnson predicts e-government's
future
By Jason Miller,
By the time the Bush administration is
out of office in 2008, all the 25 original E-Government initiatives
should be fully implemented.
That is one White House's goals for the
President's Management Agenda over its last 2 1/2 years, according to
Clay Johnson, the Office of Management and Budget's deputy director for
management.
"We have demonstrated we can do these things over the
past few years, so we have to continue to focus on performance," Johnson
said earlier this week at the 8th annual Government Performance Summit in
Washington sponsored by The Performance Institute of Arlington, Va. "We
have the ability to set targets and move to them. We couldn't do that 10
years ago."
Additionally, Johnson said he expects the public to
be using 80 percent to 90 percent of the 25 Quicksilver projects to their
full capabilities by 2008.
He also said agencies will fully
implement all nine of OMB's Lines of Business Consolidation
initiatives-budget formulation, case management, federal health
architecture, financial management, human resources management,
geospatial, grants management, IT infrastructure and IT security-and
demonstrate high level of services for lower costs.
Besides
e-government, the administration expects that Congress will pass some
sort of civil service modernization, including pay-for-performance, for
every agency, and that at least 22 Chief Financial Officer Act agencies
will have unqualified financial audits. He also said the administration
expects to continue to show savings through competitive sourcing
competitions, where agencies compete inherently commercial positions with
the private sector.
Johnson added that the White House expects to
reduce improper payments by $20 billion and dispose of at least $6
billion in unused real property by 2008.
To accomplish many of
these tasks, especially e-government and competitive sourcing, Johnson
admitted that they need to do a better job educating lawmakers.
"It is a mystery to me why we get push-back on the Hill
with e-government," Johnson said. "Their comprehension is limited. They
think these are OMB pet projects we push on agencies, and the projects
have no value to citizens. They are dumbfounded when I told them what it
really it."
He added that OMB has not done a good enough job
communicating why these initiatives are worthwhile.
Of course,
OMB has blamed poor communication for the poor reception e-government has
received on the Hill for almost five years, and things don't seem to be
getting better in the short term. Karen Evans, OMB's administrator for IT
and e-government, said recently that the recent mandated report on
e-government would help improve lawmakers' understanding about these
projects.
OMB will see how the report goes over as Congress weighs
in on the fiscal 2007 budget request this
summer.
--------------------------------------------------------------------- To
unsubscribe from this mail list, you must leave the OASIS TC
that generates this mail. You may a link to this group and all your
TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that generates
this mail. You may a link to this group and all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
|