Integrated SOA Governance for JBoss Enterprise Middleware

Integrated SOA Governance for

JBoss Enterprise Middleware

Table of Contents

Summary .................................................................................................. ........................ 4

1 Introduction .................................................................................... ................................ 5

2 Integrated SOA Governance Defined ........................................................ ....................... 6

2.1 Planning Governance – Build the Right Things ................................................ ........... 6

2.2 Development Governance – Build Things Right ......................................................... 7

2.3 Operational Governance – Ensure What’s Built Behaves Right ................................... 7

2.4 Policy Governance – Uniform Policy for All Governance Areas .............................. ...... 7

3 Integrated SOA Governance Best Practices ...................................................................... 9

3.1 Governance Automation .......................................................................................... .. 9

3.2 Uniform Policy Management .................................................................................. .... 9

3.3 Metadata Federation ................................................................................... .............. 9

3.4 Service Virtualization ...................................................................... .......................... 9

3.5 Trust and Management Mediation .......................................................... ................... 9

3.6 Continuous Compliance and Validation ..................................................................... . 9

3.7 Change Impact Mitigation ........................................................ ............................... 10

3.8 Consumer Contract Provisioning ............................................................................ .. 10

4 Platform Independent Governance Automation ............................. ................................ 11

4.1 Platform Governance Models ............................................................................ ....... 11

4.2 Governed Service Platforms ............................................................... ..................... 12

4.3 Governed Development Platforms ................................................................ ........... 12

5 SOA Infrastructure Reference Model ................................................................ .............. 13

6 Integrated SOA Governance System Elements: .............................................................. 14

6.1 SOA Repository ................................................................................... .................... 14

6.2 SOA Policy Management System ........................................................... .................. 14

6.3 SOA Registry ............................................................................................... ............ 14

www.soa.com Copyright © by SOA Software, Inc. 2008. All rights reserved. 2

6.4 SOA Management System ........................................................................ ............... 14

6.5 SOA Security System ............................................................................................. .. 14

6.6 SOA Intermediaries .......................................................................... ....................... 14

7 SOA Software’s Integrated SOA Governance Solution ................................ .................... 15

8 Integrated SOA Governance for JBoss Enterprise SOA Platform ...................................... 16

8.1 JBoss Enterprise Application Platform .................................................. .................... 16

8.1.1 Governance Automation Model ................................................... .................... 17

8.2 JBoss Enterprise SOA Platform (ESB+EDA+BPM) ..................................................... 18


8.3 JBoss jBPM ............................................................................... ............................... 19


9 About SOA Software ................................................................................... ................... 21


Summary

SOA Software’s products provide Integrated SOA Governance Automation for JBoss Enterprise Middleware. This allows customers to confidently use JBoss products as part of a heterogeneous enterprise SOA environment sharing services with other commercial SOA platforms like Microsoft, IBM WebSphere, SAP NetWeaver, BEA, and Oracle, as well as other open source providers.

• Ensure that services they identify, design and build using JBoss are relevant to and consumable by applications they design, build and deploy using other platforms like SAP and IBM.

• Make services they expose from applications running on the JBoss Enterprise Application Platform or JBoss Enterprise SOA Platform visible to and compliant with enterprise policies defined, enforced and audited across other platforms; and make services they design and build using other platforms like SAP and open source environments visible to and compliant with enterprise policies defined, enforced and audited across their JBoss applications.

• Promote, ensure and formalize consistent alignment between demand from service consumers and the supply of services through Consumer Contract Provisioning.

SOA Software’s platform-independent Integrated SOA Governance Automation solution promotes the use of best-practices throughout an enterprise SOA program regardless of where services and consumers are designed, built, deployed and operated. SOA Software’s Solutions offer deep integration with the JBoss Enterprise Middleware including: JBoss Enterprise SOA Platform, JBoss jBPM, and JBoss Enterprise Application Platform.


1 Introduction

This whitepaper builds on the foundation created in SOA Software’s whitepaper “Integrated SOA Governance”, published in December 2007. It describes how SOA Software’s Policy Manager, Repository Manager and Service Manager products integrate with a the JBoss Enterprise Middleware products to provide Integrated SOA Governance automation capabilities, and the reason why those capabilities are so important.

JBoss does not currently offer any platform-optimized SOA Governance capabilities, choosing instead to leverage products like SOA Software’s to provide a true enterprise SOA Governance automation solution.

This document describes the integration points and added governance capabilities for:

JBoss Enterprise Application Platform – a market-leading platform for enterprise Java applications

JBoss Enterprise SOA Platform – provides SOA integration, event-driven architecture, enterprise application integration and business process automation.

JBoss jBPM – an open source business process management framework.


2 Integrated SOA Governance Defined

Integrated SOA Governance ensures the applicability, integrity and usability of a wide range of assets through all their lifecycle stages from asset identification through deprecation. The full lifecycle is split into planning governance, lifecycle governance, and operational governance.

2.1 Planning Governance – Build the Right Things

Planning governance includes the identification analysis and modeling of candidate services, policies, profiles, processes and information. An effective planning governance tool will manage an organization’s SOA portfolio while examining existing and planned applications and determining which capabilities should be exposed as services, and where applications would benefit from consuming shared services.

Planning Governance is a new area for SOA. It will allow companies to build to plan, and build to priority modeling current and desired architecture and identifying and prioritizing candidate services. Planning Governance solutions will maximize the efficiency of investment in SOA, solidifying the role of existing platforms as foundation service providers.

I.T. has always struggled with balancing long term planning with addressing the immediate and short term needs of the business, in most cases the short term requirements take precedent over long range planning. When this is applied to enterprise architecture, organizations end up with a bunch of services that deliver minimal business value, instead of their goal of SOA.

Planning Governance allows organizations to identify potential services in a planned and managed community including enterprise architects, business analysts and portfolio managers. When utilizing planning governance, services can be proactively ‘built to plan’ rather than simply reacting and building single use services. This approach reduces the


risks of service deployment and facilitates Enterprise Architectural goals by avoiding chaotic ‘service sprawl’.

Planning Governance solutions will require integration with a wide range of existing enterprise repositories, application portfolio management, and enterprise architecture planning solutions, to harvest current and desired architectures. The output from the Planning Governance process will be a set of candidate services that feed into the Development Governance process, and candidate policies feeding into the Policy Governance process.

2.2 Development Governance – Build Things Right

Development governance marshals an asset through the development process that typically spans the design, development, testing and staging phases of its software development lifecycle. It typically includes a workflow mechanism to approve migration, policy compliance validation, and a clear separation (logically, physically, or both) between lifecycle stages. Development governance is the realm traditionally occupied by registry and repository vendors, although it requires much stronger repository capabilities and much broader integrations with development environments (IDEs and SCMs tools), federation with other registries and much stronger service, standards and taxonomy support than most repositories offer.

The Development Governance solution will depend heavily on Policy Governance for compliance policy definition, management, and validation. It will use policies to determine the relevance, and suitability of services at each lifecycle stage, and to determine if assets meet enterprise standards and guidelines before they can promoted to the next stage of the lifecycle. For example for a service to move from design to development the enterprise may require that there is a design document in the repository, the service has a WSDL, the services is categorized appropriately, and perhaps even that there are registered consumers waiting for the service.

2.3 Operational Governance – Ensure What’s Built Behaves Right

Operational Governance controls the runtime aspects of SOA. It typically includes service monitoring, security and management with a runtime policy system. Most Web Services Management and Web Services Security vendors now position themselves as providing Operational Governance solutions.

The Operational Governance solution relies heavily on the Policy Governance solution for discovery of policies for implementation and enforcement. A well architected Operational Governance solution will fully abstract service consumers and providers from the complexity of policy implementation and enforcement, service endpoint location, transport, standards, message exchange pattern, and other impedances to interoperability. It should provide agents, delegates, and a network resident intermediary for service virtualization.

2.4 Policy Governance – Uniform Policy for All Governance Areas

Policy Governance defines and manages policies, associates them with various assets, and validates and reports on policy compliance. It manages a wide range of different policy types from metadata compliance policies applied in Planning and Development Governance processes through security, reliability, and service-level policies applied through an Operational Governance solution.


It is critical that the Policy Governance solution ensures consistent policy definition, implementation, enforcement, validation, and audit through all stages of the lifecycle, and across all distributed and mainframe platforms.


3 Integrated SOA Governance Best Practices

Integrated SOA Governance promotes the core SOA governance best practices of:

3.1 Governance Automation

Governance Automation ensures scalability of enterprise processes implementing a lifecycle management workflow to implement development approval processes, integrated provisioning and lifecycle management, and inter-departmental contract management and negotiation.

3.2 Uniform Policy Management

Uniform Policy Management ensures consistent policy definition, implementation, enforcement, validation, and audit through all stages of the lifecycle, and across all distributed and mainframe platforms. It ensures that services can be leveraged as first-class citizens throughout an enterprise SOA by complying with enterprise policies that are uniform across all platforms.

3.3 Metadata Federation

Metadata Federation provides seamless, heterogeneous SOA Governance and standards-based support for governance automation (UDDIv3, WS-MEX, WS-Policy) to ensure that governance processes are uniformly applied across all platform investments. When metadata is federated and consistent across multiple governance platforms, the business value of service (cost, usage, production issues) becomes visible and measurable across the enterprise service lifecycle.

3.4 Service Virtualization

Service Virtualization provides location-transparency, service mobility, impedance tolerance and reliable service delivery without requiring a re-platforming of existing platforms or introducing yet another service platform to support the required solution architecture.

3.5 Trust and Management Mediation

Trust and Management Mediation ensures interoperability across disparate partners and platforms, trust enablement and trust mediation complementing threat prevention systems. It provides provide last-mile security, metric collection and reporting, SLA monitoring and management, to ensure that services are governed, managed, and secured, and policy implementation and mediation to allow consumers to communicate with a wide range of mission critical business services exposed from any platform.

3.6 Continuous Compliance and Validation

Continuous Compliance and Validation ensures consistent policy implementation and enforcement across all stages of the lifecycle, preserving the fidelity of the governance models, structures and mechanisms supporting enterprise SOA programs and ensure the relevance, applicability and suitability of services.


3.7 Change Impact Mitigation

Change Impact Mitigation provides change management and impact analysis processes integrated with the governance workflow to ensure that changes to services or other assets don’t cause major outages by breaking the consumption model.

3.8 Consumer Contract Provisioning

Consumer Contract Provisioning provides offer, request, negotiation and approval workflows for service access, capacity, SLA and policy contracts. It ensures that the service provides know which applications and users are consuming their services and allows them to treat different consumers with different priorities and service levels.


4 Platform Independent Governance Automation

Much of the benefit of SOA is derived from the promise of seamless interoperability between platforms, with applications built using .NET and WCF consumer services exposed from COTS, Mainframe, or Java applications. One of the core goals of SOA Governance is to ensure that services are relevant and consumable between platforms. As such it makes no sense to leverage governance capabilities built into the platforms themselves, as this simple promotes silos of services within platform domains.

4.1 Platform Governance Models

Not all platforms are governable, in fact platforms fall into one of 3 categories:

• Ungoverned Platforms – the purest form of Informal Governance. This often results in “Random SOA” or “Accidental SOA”. This includes any container that doesn’t support policy enforcement natively or with an agent

• Self-Governed Platforms – a mixture of Formal and Informal. Some tasks and activities are governed, some are not. SOA Governance is as weak as the weakest link in the chain. This category includes containers that use their own tooling without policy integration with a centralized enterprise SOA Governance solution.

• Governed Platforms – a real or virtual organization exists that is devoted to the promotion of SOA programs and causes that is accepted as a fundamental part of an SOA culture. Governed Service Platforms have:

• Clear job titles / responsibility support SOA Governance activities

• Supports clear separation between implementation activities and governance activities

• Provides standards-based governance integration interfaces

Integrated SOA Governance solutions integrate seamlessly with the platforms providing varying degrees of configuration, policy implementation and enforcement, message handling, and workflow support, largely depending on the level of sophistication of the platform itself.


We divide governed platforms into two categories:

4.2 Governed Service Platforms

All applications that expose and consume services at runtime are service platforms. These include application services like IBM WebSphere, Microsoft IIS, Oracle/BEA WebLogic, Red Hat's JBoss and others; ESBs from vendors including IBM, Microsoft Oracle/BEA, Red Hat's JBoss, TIBCO and others; mainframe applications running in CICS and IMS; COTS applications like CICS; and SaaS environments like Salesforce.com and Amazon.

As described above, Governed Service Platforms offer standards-based governance integration interfaces, and support the concepts of governance by an external enterprise governance system.

4.3 Governed Development Platforms

Most platform vendors provide an integrated development environment (IDE), source code management and version control system, defect tracking/change request tooling, and in many cases, a document management and/or asset management repository. An Integrated SOA Governance solution can provide asset lifecycle management and policy compliance capabilities to ensure that developed software assets (such as services, components and applications) are appropriate and relevant to the enterprise, and that they comply with applicable policies.

Governed Development Platform status means that the development platform integrates with an Integrated SOA Governance solution to make and share decisions about assets and artifacts.


5 SOA Infrastructure Reference Model

SOA Infrastructure is the set of tools and technologies that an organization deploys to secure and manage services and service-oriented business applications. It provides the delivery mechanism for a comprehensive governance solution including Registry, Repository, Management, and Security services, and intermediaries to ensure the application and use of these services.

The SOA Infrastructure reference model shown above is published by SOA Software, the leading provider of SOA Infrastructure software products. It provides a product and vendor agnostic view of the concepts, components and standards that make up a successful SOA Infrastructure. For more information see SOA Software’s whitepaper – “The SOA Infrastructure Reference Model,” published in May 2006.


6 Integrated SOA Governance System Elements:

The core elements of the Integrated SOA Governance system are the Registry, Repository, Policy Management System, Virtualization System, Management and Security System, and their associated intermediaries. Also, as described above, governance products and systems not having deep integration between these elements would offer minimal value to an SOA implementation.

6.1 SOA Repository

The SOA Repository provides a solution for the governance of development assets and artifacts. Governance in this context includes registration, lifecycle management, run-time and design-time policy invocation, and business value visibility. The repository implements registry standards for metadata exchange. It is the main source of SOA information for end users and applications.

6.2 SOA Policy Management System

The SOA Policy Management System provides a framework for defining and managing policies that are enforced throughout the planning, lifecycle, and operational governance processes. It ensures that policies are applied uniformly across all governed and governable platforms.

6.3 SOA Registry

The SOA Registry supports the categorization, classification, tagging, and publication of services. It provides browse and search interfaces for service discovery, a publication interface for service registration, and a subscription interface for synchronization with other registries and repositories.

6.4 SOA Management System

An SOA Management solution monitors and manages the reliability, availability and performance of services.

6.5 SOA Security System

An SOA Security solution provides service and message security capabilities including authentication (identity assertion and token exchange), authorization, privacy, non-repudiation and audit.

6.6 SOA Intermediaries

SOA intermediaries exist in a number of forms, the most important of which are stand-alone (proxy/router), and agent (embedded in container). Intermediaries enforce and implement policy for Management and Security solutions. The primary role of the agent intermediary is to ensure last-mile policy enforcement, while the primary role of the stand-alone intermediary is to provide service virtualization to isolate consumers from service location, policy, implementation, and change.


7 SOA Software’s Integrated SOA Governance Solution

SOA Software builds its Integrated SOA Governance solution around its Policy Manager™, Repository Manager™, and Service Manager™ products for SOA Policy Governance, Development Governance, and Operational Governance.

SOA Software’s Repository Manager™, Policy Manager™, and Service Manager™ combine to form a comprehensive Integrated SOA Governance Automation solution. Repository Manager provides a platform-independent SOA asset management and metadata federation solution. It governs leading development platforms, ensuring consistent definition and management of services and other assets across all development environments.

Policy Manager provides a comprehensive SOA Policy Governance solution, and extends it adding powerful governance automation capabilities. Governance automation minimizes the overhead associated with governance processes, and turns governance from a painful workload into a productivity tool.

Service Manager automatically implements and enforces policies from Policy Manager for Services in Repository Manager. It generates usage, performance and policy compliance metrics that it reports to Policy Manager so that it can audit that policies are being enforced through a closed-loop process.

Using this solution architects, developers, security administrators, and operations managers can define and govern policies that are applied to services throughout the appropriate stages of their lifecycle.


8 Integrated SOA Governance for JBoss Enterprise SOA Platform

JBoss does not focus on SOA Governance. The JBoss Enterprise SOA Platform leverage sand is extended by an enterprise SOA Governance Automation solution.

JBoss customers are adding SOA Software’s Policy Manager, Repository Manager and Service Manager products to provide Integrated SOA Governance Automation for their Enterprise SOA solutions to provide a number of solutions:

• Uniform lifecycle and policy governance across existing platform investments

• Lifecycle Management workflow to implement building permit process

• Ensure interoperability with other platforms

• Seamless, heterogeneous SOA Governance, Security and Management integration with JBoss Enterprise Middleware infrastructure

• Performance and reliability management

• Interoperability across disparate partners and platforms

• Integrated provisioning and lifecycle management

• Inter-departmental consumer contract provisioning and negotiation

• Standards support for Governance automation (UDDIv3, WS-MEX)

• Trust enablement and trust mediation

SOA Software’s products support and promote common Integrated SOA Governance best practices, and enable the consistent execution of these best practices with the JBoss Enterprise SOA Platform and JBoss Enterprise Application Platform. They offer the added benefit that there is no requirement to introduce another non-JBoss platform in order to support the required architecture.

Using Policy Manager, Repository Manager and Service Manager SOA Software certifies Jboss Enterprise Middleware products as Governed Service Platforms. Certified Governed Service Platform status means that customers can be confident that their platforms will preserve the fidelity of the governance models, structures and mechanisms supporting an enterprise SOA program.

SOA Software’s products offer a comprehensive Integrated SOA Governance Automation solution for JBoss Enterprise Middleware:

8.1 JBoss Enterprise Application Platform

From the JBoss Enterprise Application Platform web: http://www.jboss.com/products/platforms/application

JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications. Integrated, simplified, and delivered by the leader in enterprise


http://www.jboss.com/products/platforms/application

open source software, it includes leading open source technologies for building, deploying, and hosting enterprise Java applications and services.

JBoss Enterprise Application Platform balances innovation with enterprise class stability by integrating the most popular clustered Java EE application server with next generation application frameworks. Built on open standards, JBoss Enterprise Application Platform integrates JBoss Application Server, with JBoss Hibernate, JBoss Seam, and other leading open source Java technologies from JBoss.org into a complete, simple enterprise solution for Java applications.

8.1.1 Governance Automation Model

SOA Software has certified the JBoss Enterprise Application Platform as a Governed Service Platform. This allows customers to use JBoss Enterprise Application Platform to implement and enforce governance policies for enterprise services providing reporting data to enable a closed-loop audit process as part of their enterprise SOA.

SOA Software’s Policy Manager and Service Manager ensure that the JBoss Application Platform can facilitate and benefit from the core Integrated SOA Governance Automation best practices:

• Trust & Management Mediation – provide last-mile security, metric collection and reporting, SLA monitoring and management, to ensure that services exposed by JBoss Enterprise Application Platform are governed, managed, and secured. Provide policy implementation and mediation to allow JBoss Enterprise Application Platform to communicate with a wide range of mission critical business services exposed from both JBoss and non-JBoss platforms.

• Service Virtualization – conveniently make JBoss Enterprise Application Platform services available to partners and allow it to consume partner services

• Governance Automation – automate the publishing of JBoss Enterprise Application Platform services, providing lifecycle workflow with approvals, collaboration services, and consumer contract provisioning

• Continuous Compliance and Validation - ensure the relevance, applicability and suitability of JBoss Enterprise Application Platform services

• Metadata Federation - ensure that JBoss Enterprise Application Platform services are visible to, relevant, and consumable by other platforms – and make services from other platforms visible to, relevant and consumable by the JBoss Enterprise Application Platform. Automatically discover services in Process Server and publish them into Policy Manager subject to governance policies

• Change Impact Mitigation - make sure that changes to JBoss Enterprise Application Platform services don’t cause major outages by breaking consumers

• Uniform Policy Management - ensure that JBoss Enterprise Application Platform services can be leveraged as first-class citizens throughout an enterprise SOA by complying with enterprise policies that are uniform across all platforms

SOA Software provides a fully functional Agent for the JBoss Enterprise Application Platform. The Agent deploys into the JBoss Enterprise Application Platform to monitor and manage messages. It provides a policy engine to enforce governance policies for the JBoss Enterprise Application Platform. The policy engine discovers its policies using WS-MetadataExchange and WS-Policy from Policy Manager, and reports metrics, usage, and exceptions to Policy Manager.


SOA Software also provides a fully functional Delegate for the JBoss Enterprise Application Platform. The Delegate deploys into JBoss Enterprise Application Platform processes to abstract them from the location, transport and other policy representations of consuming services.

8.2 JBoss Enterprise SOA Platform (ESB+EDA+BPM)

From the JBoss Enterprise SOA Platform web page: http://www.jboss.com/products/platforms/soa. The JBoss Enterprise SOA Platform is the next generation SOA Platform - better and without the vendor-lockin characteristics of old. As such, many of the capabilities mirror those of existing SOA, EAI and BPM offerings: Business Process Monitoring, Integrated Development Environment, Human Workflow User Interface, Business Process Management, Connectors, Transaction Manager, Security, Application Container, Messaging Service, UDDI v2 Registry, Naming and Directory Service, Distributed Computing Architecture.

JBoss Enterprise SOA Platform is foundational element of an SOI (Service Oriented Infrastructure). However, SOA is not simply a technology or a product: it's a style of design, with many aspects (such as architectural, methodological and organisational) unrelated to the actual technology.

It uses a flexible architecture based on SOA principles such as loose-coupling and asynchronous message passing, emphasizing an incremental approach to adopting and deploying an SOI.


SOA Software has certified the JBoss Enterprise SOA Platform as a Governed Service Platform. This allows customers to use JBoss Enterprise SOA Platform to implement and enforce governance policies for enterprise services providing reporting data to enable a closed-loop audit process as part of their enterprise SOA.

SOA Software’s Policy Manager and Service Manager ensure that the JBoss Enterprise SOA Platform can facilitate and benefit from the core Integrated SOA Governance Automation best practices:

• Trust & Management Mediation – provide last-mile security, metric collection and reporting, SLA monitoring and management, to ensure that services exposed by JBoss Enterprise SOA Platform are governed, managed, and secured. Provide policy implementation and mediation to allow JBoss Enterprise SOA Platform to communicate with a wide range of mission critical business services exposed from both JBoss and non-JBoss platforms.

• Service Virtualization – conveniently make JBoss Enterprise SOA Platform services available to partners and allow it to consume partner services

• Governance Automation – automate the publishing of JBoss Enterprise SOA Platform services, providing lifecycle workflow with approvals, collaboration services, and consumer contract provisioning

• Continuous Compliance and Validation - ensure the relevance, applicability and suitability of JBoss Enterprise SOA Platform services

• Metadata Federation - ensure that JBoss Enterprise SOA Platform services are visible to, relevant, and consumable by other platforms – and make services from other platforms visible to, relevant and consumable by the JBoss Enterprise SOA


http://www.jboss.com/products/platforms/soa

Platform. Automatically discover services in Process Server and publish them into Policy Manager subject to governance policies

• Change Impact Mitigation - make sure that changes to JBoss Enterprise SOA Platform services don’t cause major outages by breaking consumers

• Uniform Policy Management - ensure that JBoss Enterprise SOA Platform services can be leveraged as first-class citizens throughout an enterprise SOA by complying with enterprise policies that are uniform across all platforms

SOA Software provides a fully functional Agent for the JBoss Enterprise SOA Platform. The Agent deploys into the JBoss Enterprise SOA Platform to monitor and manage messages. It provides a policy engine to enforce governance policies for the JBoss Enterprise SOA Platform. The policy engine discovers its policies using WS-MetadataExchange and WS-Policy from Policy Manager, and reports metrics, usage, and exceptions to Policy Manager.

SOA Software also provides a fully functional Delegate for the JBoss Enterprise SOA Platform. The Delegate deploys into JBoss Enterprise SOA Platform processes to abstract them from the location, transport and other policy representations of consuming services.

8.3 JBoss jBPM

From the JBoss iBPM web page: http://jboss.com/products/jbpm

Create business processes that coordinate people, applications, and services. Designed for SMB and large enterprise applications alike, JBoss jBPM brings process automation to a much wider set of business problems, from embedded workflow to enterprise business process orchestration and BPM.

JBoss jBPM is also a key component of the JBoss Enterprise SOA Platform.

JBoss jBPM enables IT flexibility by supporting multiple-process languages with the same scalable process engine platform.

JBoss jBPM's pluggable architecture is extensible and customizable on every level: within the process engine, for each process definition, and every corresponding process instance.


SOA Software has certified The JBoss jBPM as a Governed Service Platform. This allows customers to use JBoss to implement and enforce governance policies for enterprise services providing reporting data to enable a closed-loop audit process as part of their enterprise SOA.

SOA Software’s Policy Manager and Service Manager ensure that the JBoss jBPM can facilitate and benefit from the core Integrated SOA Governance Automation best practices:

• Trust & Management Mediation – provide last-mile security, metric collection and reporting, SLA monitoring and management, to ensure that services exposed by JBoss jBPM are governed, managed, and secured. Provide policy implementation and mediation to allow JBoss jBPM to communicate with a wide range of mission critical business services exposed from both JBoss and non-JBoss platforms.

• Service Virtualization – conveniently make JBoss jBPM services available to partners and allow it to consume partner services


http://www.jboss.com/products/platforms/soa

http://jboss.com/products/jbpm

• Governance Automation – automate the publishing of JBoss jBPM services, providing lifecycle workflow with approvals, collaboration services, and consumer contract provisioning

• Continuous Compliance and Validation - ensure the relevance, applicability and suitability of JBoss jBPM services

• Metadata Federation - ensure that JBoss jBPM services are visible to, relevant, and consumable by other platforms – and make services from other platforms visible to, relevant and consumable by the JBoss jBPM. Automatically discover services in Process Server and publish them into Policy Manager subject to governance policies

• Change Impact Mitigation - make sure that changes to JBoss jBPM services don’t cause major outages by breaking consumers

• Uniform Policy Management - ensure that JBoss jBPM services can be leveraged as first-class citizens throughout an enterprise SOA by complying with enterprise policies that are uniform across all platforms

SOA Software provides a fully functional Agent for the JBoss jBPM. The Agent deploys into the JBoss jBPM to monitor and manage messages. It provides a policy engine to enforce governance policies for the JBoss jBPM. The policy engine discovers its policies using WS-MetadataExchange and WS-Policy from Policy Manager, and reports metrics, usage, and exceptions to Policy Manager.

SOA Software also provides a fully functional Delegate for the JBoss jBPM. The Delegate deploys into JBoss jBPM processes to abstract them from the location, transport and other policy representations of consuming services.


9 About SOA Software

The world’s largest companies including Merrill Lynch, Verizon, and Pfizer use SOA Software to quickly and confidently realize the value of SOA. SOA Software’s platform-independent Integrated SOA Governance and Mainframe SOA products process over 500 million mission critical transactions per month, ensuring the relevance, security, reliability, and performance of services and applications. For more information, please visit http://www.soa.com.

SOA Software, Policy Manager, Repository Manager, Service Manager, and SOLA are trademarks of SOA Software, Inc. All other product and company names herein may be trademarks and/or registered trademarks of their registered owners.

SOA Software, Inc.

12100 Wilshire Blvd, Suite 1800Los Angeles, CA 90025866-SOA-9876 [email protected]

Copyright © 2007 by SOA Software, Inc.

Disclaimer: The information provided in this document is provided "AS IS" WITHOUT ANY WARRANTIES OF ANY KIND INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT OF INTELLECTUAL PROPERTY. SOA Software may make changes to this document at any time without notice. All comparisons, functionalities and measures as related to similar products and services offered by other vendors are based on SOA Software's internal assessment and/or publicly available information of SOA Software and other vendor product features, unless otherwise specifically stated. Reliance by you on these assessments / comparative assessments are to be made solely on your own discretion and at your own risk. The content of this document may be out of date, and SOA Software makes no commitment to update this content. This document may refer to products, programs or services that are not available in your country. Consult your local SOA Software business contact for information regarding the products, programs and services that may be available to you. Applicable law may not allow the exclusion of implied warranties, so the above exclusion may not apply to you


mailto:[email protected]

http://www.soa.com/

http://cts.vresp.com/c/?SOASoftwareInc./b615472ff0/beac35f642/014cbf21f9

Integrated SOA Governance for JBoss Enterprise Middleware

Documents

Transcript of Integrated SOA Governance for JBoss Enterprise Middleware