about NCOIC Service Interface Pattern 2

[mpoulin@usa.com]

Here is another interesting fragment from the NCOIC Service Interface Pattern (below)

2.4.3    Consumer Identity {NC}

This solution element provides for a tracking, auditing or logging mechanism clearly visible to actors with the right credentials so they have visibility of each others actions, although there should be a balance between loose coupling (as typically promoted by SOA) and strict Consumer identification.  For example, a new Consumer should be able to use the service without an initial need for a Provider to know Consumer identities ahead of time. A corollary problem described in paragraph 1.2.3 is the expense of multiple version monitoring and control. To minimize this expense, requirements include tying change requests to cost as described in c. below

...

The Interface element containing Interface Consumer identity shall be described in each SLA

My questions are: 

What the service would do with the identity of a public consumer in the case of implicit contract?

Which consumer's identity is meant in the text? 

May it be an identity of initial consumer or it should the identity of immediate consumer only? 

Does transferring an identity of initial consumer within interaction make any sense?

- Michael

-----Original Message-----
From: mpoulin@usa.com
To: rexb@starbourne.com; soa-rm-ra@lists.oasis-open.org
Sent: Sun, Mar 27, 2011 5:11 pm
Subject: [soa-rm-ra] about NCOIC Service Interface Pattern

Rex,

this is so hot topic that I could not resist looking into it briefly. I read, probably 1% of the material but it's happened that Interface Stability  just jumped into my eyes:

2.4.9    Interface Stability {SOA}[1]

To achieve interface stability through design, the following SOA structure requirements apply:

a.   Service Level Agreements (SLA)s or equivalently named contractual instruments shall contain Explicit Operational Agreements.

b.   Explicit Operational Agreements shall contain interface definitions.

c.   Explicit Operational Agreements should contain a governance policy

d.   The authentication and authoritization process for who can examine published contracts shall be standards based..

e.   Interface artifacts shall be published in a registry/repository or other object, e.g., ESB.

f.    Interface Definitions shall be standards based, e.g., WSDL, XSD, etc.

g.   The SLA shall contain performance characteristics associated with each interface.

h.   SLAs shall be maintained between the Provider and individual Consumers or classes of Consumer

i.    Versioning processes may be contained in a separately defined governance process.  Governance principles are described in the NCSF.  A NCOIC governance pattern is under consideration.

---

[1] SOA (Service Oriented Architecture), NC(net centric),  & SW(software) are solution categories.  They are used  here to map  the solutions in sections 2.4 and 2.5 to these categories.  See Appendix C, section 5.3 for a summary of this mapping.

To my taste, copied content has almost nothing to do with "Interface Stability". I think that stability of service interface is about how the interface can work in the changing environment, changing behaviour model and related messages. For example, Interface Definitions shall be standards based, e.g., WSDL, XSD, etc" does not contribute into the stability, IMO, because someone may (should not be restricted from) publish (ing) a non-standardised but immutable (100% stable) interface. Moreover, common (not thought through) use of WSDL leads to constant changes if the interface, i.e. minimal stability. In the essence, it is not a standardisation that important, but the usability pattern is important. And the latter has escaped aforementioned list.

An example of interface stability: 'adding or removing data elements of the exchange messages should not result in the change of interface'. I can say the same thing regarding the operations and use WSDL (in a smart way) to implement this.

Anyway, thank you very much for such interesting material.

- Michael

-----Original Message-----
From: Rex Brooks <rexb@starbourne.com>
To: mpoulin@usa.com; 'Ken Laskey' <klaskey@mitre.org>
Sent: Wed, Mar 23, 2011 3:30 pm
Subject: Re: [soa-rm-ra] meeting time conflict

Hi Guys,

I didn't send the redline version and waited for this latest clean version of the NCOIC Service Interface Pattern. I'm not suggesting you go through this in detail to ensure that the principles espoused in Sections 4 and 5 are actually taken up in this document, but you could if you wanted to do that. However, I think this provides a fairly good example of what can be expected of "Testing" with "Management" in mind. Please do not redistribute despite the fact that it is not strictly disallowed. I send it to you two because I think it bears on finishing up your work. Sorry if it's a bit late. Reminder: This is still a work in progress and this is not yet approved, but it is likely to be approved.

Cheers,
Rex

On 3/23/11 4:05 AM, mpoulin@usa.com wrote:

Hi Folks,

 

I will have a conflict of meetings today: I will be able (now) to participate in the first and the last 30 min time-windows only. Please, plan my presentation on the Management Model accordingly.

Sorry,

- Michael

-- 
Rex Brooks
President, CEO
Starbourne Communications Design
GeoAddress: 1361-A Addison
Berkeley, CA 94702
Tel: 510-898-0670