Why is governance such a big deal in service-oriented architecture (SOA) implementations?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
That was essentially the question Miko Matsumura, vice president and deputy CTO of Software AG, sought to answer in a Webcast last week where he used examples from two of his company's customers to show why governance matters. In his first example, he used Scandinavian Airlines (SAS) to illustrate how governance is the only way to reduce complexity inherent in loosely coupled Web services as they grow over time. His second example, showed how Sprint/Nextel Inc. dramatically reduced time involved in integration through the use of SOA and governance.
"Change and time inherently produce complexity in IT systems," he said in discussing SAS in the Webcast titled The Keys to Business-Critical SOA. "The more time you have and the more change you have the more complexity you have."
Governance provides a rational way of managing change by providing policies which ensure that complex combinations of services and technologies do not result in adverse consequences, Matsumura said. By getting all the Web services organized in a repository, the IT department gets visibility into what they have. An architect can then take different views of the services, looking at them from the perspective of the business user on the one hand and the developer composing applications on the other.
"Each of these different views can be used to understand what's happening from a different perspective," Matsumura said.
In the case of SAS, Matsumura said, governance wasn't so much about the usual benefits that are touted for it such as generating and governing the business processes. What was important to them was that the view, which governance provides, allowed them to get a handle on their IT processes, which had grown more complex over time as Web services grew. Being able to see what they had and applying policy management to it made change management easier.
"Because of the complexity that they were facing, the ability to drive change management across the lifecycle of different IT stakeholders, whether they be developers or operational or QA testing, all these different kinds of individuals were able to work coherently within automated policies," he said.
The introduction of SOA governance enabled the IT department as SAS to understand the changes that were happening over time and avoid impacts of dependency and layers of complexity that produce inoperable systems and other problems, Matsumura said.
"From our perspective time can either result in ever increasing chaos or if the model is sufficiently constrained by policy ever increasing virtue," he told his audience.
His example of Sprint/Nextel also involved time, but in this case it was about how SOA with governance saves time.
Sprint/Nextel reduced integration time as a result of changing the way they had previously integrated new business customers into their IT system, Matsumura said. They had been integrating new business using the older technologies such as Electronic Data Interchange (EDI). EDI projects required so much time and money that before any work could be done a business plan had to be written to obtain budget authorization.
Switching to a Web services standards-based SOA approach including governance dramatically reduced those projects, the Software AG executive said.
"Business integration is now 20 times faster," he said, adding that Sprint/Nextel began seeing "payback after only two integration projects."
In answer to a question about how much hand work is still required for the configuration management in these integration projects, Matsumura said Web services standards are making it much easier than in older approaches such as EDI.
"A lot of the differences in each customer's requirements are really operational in nature," he said. "In fact they are embodied in standards like WS-Security, WS-Addressing, service level agreements (SLAs). There are very common patterns of mediation and policy enforcement. So a lot of the stuff we had to do was actually available in standards. We were able to create these simple configuration interfaces without much customization."