April 18, 2023

Government Technology Forum: Service Oriented Architecture (SOA)Jonathan Natarajan

Enterprise Integration Program Manager

April 18, 2023

Agenda

• Concept Introduction• Business Drivers• Benefits of SOA• Risks and challenges• Preparatory Steps• Trends in Public Sector• City’s SOA Strategy• DoITT’s Efforts

April 18, 2023

Concept Introduction

A Service-Oriented Architecture (SOA) is a way of designing a software system and its surrounding environment to provide

services either to end-user applications, to executable business processes or to other services through published and discoverable

service interfaces

Key Characteristics:• A paradigm for organizing and utilizing distributed capabilities that may be under the control of

different ownership domains• Provides a uniform means to offer, discover, interact with and use capabilities to produce

desired effects consistent with measurable preconditions and expectations • Reuse, granularity, modularity, composability, componentization, and interoperability• Compliance to standards (both common and industry-specific)• Services identification and categorization, provisioning and delivery, and monitoring and

tracking

[OASIS SOA Reference Model]

April 18, 2023

Concept Introduction cont…

• Service

– Discrete unit of functionality that can be requested– Performs one or more operations– Returns a set of results (with an activity executed to provide value to the

enterprise)– IT organizations deliver a set of services to the programs (service

delivery)

• Service Oriented Architecture (SOA)

– Architecture composed of a set of interdependent services– Can be defined at various levels, from federal-wide, to a specific system

solution within an agency– Transforms Monolithic to Service-Oriented Government

• Service Component

– Usually a self-contained process or software component performing the functionality provided by a service

– Accessed through an interface

April 18, 2023

Concept Introduction cont…

• Application design and implementation paradigm that is focused on intercommunication of loosely coupled, coarse grained (business level), reusable artifacts (services) that are accessed through well-defined platform independent, interface contracts.

Address Validation Authentication

Geo Coding

Function XYZ

Function XYZ

Business Level Function

Component [Service]

User Interface

Agency Application XYZ

• Applications can be built with components/services that are provided by 3rd party hosts.

Hosted by agency providing

GEO Support Purchased 3rd Party COTS

Intra Agency Function

User Interface

Agency Application XYZ

Hosted by agency providing

GEO Support

April 18, 2023

Business Drivers

•Each autonomous City agency provides distinct set of services

•SOA / EAI solutions bring many disparate point-to-point applications together and facilitates the delivery of truly distributed business functionality

•Provides an organizational platform to address the different integration issues through a common set of well-defined technologies, methodologies, and policies

•Value of integration solution for City agencies:– Improve agency business processes– Improve the services City agencies provide – Address Process Redundancy and create efficiency– Address technological issues– Increase the City’s return on investment (ROI) by adopting common standards and methodologies

•City agencies can realize the above mentioned advantages by adopting a unified approach

April 18, 2023

Benefits to SOA Adoption

Key abilities to be gained HeterogeneousAbility to utilize legacy and new applications based on the concept of interfaces

Enables Information SharingOrganizations and departments with in organizations deploy various applications and services. Visibility of these applications and services will aid in reducing redundancy and enforce reusability

Agility Around Business Process Agencies or organizations focus on multiple business processes. The ability for IT organizations to rapidly deploy applications based on changing processes is critical. Services centric model assists IT to understand dependencies between various business processes.

Leverage Business AssetsAgencies can increase their bottom line and overall ROI by reusing components or services that have already been built by themselves or even across other entities.

Services reused, composed and recomposedReuse and loose coupling of services/components lends itself to fasters development / implementation cycles reduce time to delver.

April 18, 2023

Risks and Challenges

Challenges in effective SOA adoption span across business and technology.• Governance

• Decisions related to system of record for shared information• Ownership of shared services• How to motivate agencies / business partners to adopt SOA paradigm?• Policies related to service usage. I.e. Which agency/department/user can use specific

services?• Early adoption and evolution of standards etc.• Organizational change required since services based model crosses system boundaries.

• SOA adoption in the government sector adds regulatory challenges.• Scope of change is at the enterprise level encompassing dispersed and heterogeneous

systems• Infrastructure is distributed requiring high availability and scalability• Security related challenges such as identity management and policy management arise• SDLC methodology requires changes due to complex system dependencies• Quality assurance is problematic since services are distributed and have many interfaces• Change management is extremely important and especially difficult since each agency / business

partner will depend on services provided by each other.

April 18, 2023

Preparatory steps

• Need for a formal SOA program charter with strong executive sponsorship

• Examine current architecture and methodology in use and adjust for SOA• Agile OOA/OOD approach with specific SOA deliverables and patterns

• Establish a repository and governance policies for reusable artifacts• Interface specifications• Schemas• Interface definitions (WSDL)

• Develop SOA reference architecture based on design patterns with security controls in mind

• Acquire message based testing tools and develop SOA quality assurance policies and procedures

• Involve operations support early and deploy monitoring - management tools for the SOA infrastructure (QoS - quality of service management)

• Create a SOA strategy and roadmap based on business value, risk, business process effectiveness, and IT assets to be leveraged

• Transition to a services model iteratively adding services based on business value and utility of function build the services library over time.

April 18, 2023

Trends in Public Sector

Federal Level• Defense Information Systems Agency has begun cataloging web services developed by the

• U.S. Air Force• Army• Navy • Other groups with DOD

• Internal Revenue Service is has adopted a services based model and the agency start a large business systems modernization program in late 05

• EPA

State and Local Government Level• The State of Wisconsin has leveraged Web services and a service oriented architecture (SOA) to

give caseworkers real-time access to mainframe-based records, resulting in improved productivity and customer service. The state operates more than 30 agencies and stores information that affects public services for 5.5 million residents. Staff can now access internal systems (which continue to be housed on mainframes) alongside new systems residing on client/server and Web platforms.

April 18, 2023

Vision / Direction at the City Level

• New York City agencies goal : Provide first rate governmental services to its constituents and to other City agencies.• Multiple lines of business requiring interoperability

– Public safety and criminal justice– Educational services– Health and human services …

• Need for Reference Architectures that can be adopted by the various agencies with in each line of business• Promote information sharing and interoperability across lines of businesses to achieve the common goal of serving

our constituents• Need for technology centric agency such as DoITT focus on SOA enablement and build the core components

required to assist in moving to a services model

City Agencies as Providers DoITT To Provide Common Components

• Process Orchestration• Process Management• Activity Monitoring

• End User Interface via Portal • Federated Services access• Multi agency distributed applications

• Identity Management• Centralized Identity Provider• Security Policy Management

• Business Intelligence • Analytics

• Distributed Services Implementation • Enterprise Business Logic

• Enterprise Service Bus• Message management

• Web Services Gateway• Services Registry & Repository

Governance

April 18, 2023

Current Initiatives

• DoITT Integration services team working on a pilot architecture and subsequent implementation that will use of key technologies with the overall goal SOA enablement

WebShpere Message Broker

WSDL

WSDL

WSDL

Vignette Application Portal

J2EE Applications [Discreet Business Logic]

BEA Weblogic Application Server

WSDL / Web

Services Gateway

SOAP Processor

NotificationsWebSphere Everyplace

Access Server

Mail Server

SMTP

Workflow management & Process Choreography

Enterprise Service Bus (ESB)

Agency End Users

RDBMS File Drop

Agency Adapter Platform

WebSphere MQ

iWay Adapter

MQ

RDBMS File Drop

Agency Adapter Platform

WebSphere MQ

iWay Adapter

MQ

Agency A Agency BSSL SSL

JMS-MQ

Novel eDirectory

DataShare Data Base

MQ SSL

UDDI Registry

Agency applications

SOAP Client

Registry Search

SOAP Request

SOAP Response

SOAP Processor

WSDL / Web Services Gateway

April 18, 2023

Current Initiatives cont…

• Web Services Gateway Pilot with the following components• Gateway-

• Simplifies security management• Centralizes security policies • Enables modular, adaptable infrastructure • Decouples the Gateway platform from that of Web Services

• Registry and Repository• Publish discover and manage web services

• Access and Policy Manager• Provides Identity management to manage the access to services

ServiceConsumer

ServiceConsumer

…Policy

Registry

Service

Service

Service

ServiceProvider

ServiceProvider

…

Associates security requirements on service

invocation

Gateway

Access Manager