VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Intel XML, XML Magazine, SOA Best Practices Digest, SOA in the Cloud Expo, Government News, Microservices Journal, CIO/CTO Update, SOA Testing

Blog Feed Post

Randy Heffner from Forrester on Policy-based SOA

Randy Heffner from Forrester has posted on ZDNet about how "Policy-based SOA will enable increased business value and agility"

SOA in the Cloud Expo

Randy Heffner from Forrester has posted on ZDNet about how "Policy-based SOA will enable increased business value and agility". He does a great job of explaining how a Policy-based SOA affects different users.

Firstly, there is the person designing the policy. As Randy says, the policy is defined "using the SOA product’s administration tool" (ie. not by writing code), and he goes on to say that "the important point here is that the policy is declared separately from the service, allowing it to change without changing the service itself".

So, the policy is designed (as opposed to not coded) and then applied to services.

This is preferable to burying policy details in with business logic, because, as Randy says, "If the policy is buried in the service implementation, the only definitive way to determine the active policy is to look at the code".

Then we are on to the person charged with enforcing the policy. They must use a product which does not slow down service execution as a side-effect of applying policy.

Given that much policy-based SOA processing boils down to XML, XML Acceleration is required here.

Then, there is the person monitoring the SOA-based policies. The important point here is that the policies must map up to business-level insight.

So that, for example, if a group of inventory-related services increase in use, this has implications for inventory usage. Randy Heffner puts it as:

Monitoring may include business-level insight. Besides technical operations data, SOA products can extract business data from service requests and responses, thereby enabling business-level monitoring.

So: We have design (policy design, independent from services), enforcement (with acceleration), and monitoring. I like to associate this with the Dilbert characters - Dilbert, Dogbert, and the Pointy-Headed Boss:

Finally, Randy recommends that policies do not become silos. Centralized policy management must be used (for example HP's GIF framework which Vordel supports).

Read the original blog entry...

More Stories By Mark O'Neill

Mark O'Neill is VP Innovation at Axway - API and Identity. Previously he was CTO and co-founder at Vordel, which was acquired by Axway. A regular speaker at industry conferences and a contributor to SOA World Magazine and Cloud Computing Journal, Mark holds a degree in mathematics and psychology from Trinity College Dublin and graduate qualifications in neural network programming from Oxford University.