service oriented architecture and cloud computing:and
TRANSCRIPT
Service Oriented Architecture and Cloud Computing:and Cloud Computing: Potential and Cautions for Navy Adoption
Dennis SmithResearch, Technology and Systems Solutions (RTSS) ProgramSystem of Systems Practice (SoSP) Initiative
CNO SSG C t TCNO SSG Concept Team9 February, 2011
© 2011 Carnegie Mellon University
Agenda
Purpose
Service orientationService orientation
Cloud computing
Conclusion
2
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Purpose
Provide an overview of service orientation and cloud computing• Identify the core concepts of the two technologies• Identify the potential impact of adoption• Present limitations and engineering tradeoffs of each approach
3
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Agenda
Purpose
Service orientationService orientation
Cloud computing
Conclusion
4
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Service Orientation
Service orientation has become a common approach for implementation of distributed, loosely-coupled systems• Services provide reusable business functionality via well-defined interfaces.• Service consumers are built using functionality from available services.• There is a clear separation between service interface and service
implementation.– Service interface is just as important as service implementation.
• An SOA infrastructure enables discovery, composition, and invocation of services.
• Protocols are predominantly, but not exclusively, message-based document exchanges.
5
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Services
Services are reusable components that represent mission or business tasks.• Customer lookup• Terrain• WeatherWeather• Credit card validation
Services can beGlobally distributed across organizations• Globally distributed across organizations
• Reconfigured into new mission or business processes
Service interface definitions are well defined firstService interface definitions are well-defined first-class artifacts available in some form of service registry.
6
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Components of a Service-Oriented System
End User Application Portal
Internal System
Service
External Consumer
SOA Infrastructure Internet
Consumers
DiscoverySecurity
Infrastructure
Data Transformation
Service A
Service B
Service C
Service D
Service Interfaces
Enterprise Information System
External System
Internal Users
Legacy or New Service Code Service
Implementation
7
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Benefits Associated with Service OrientationOrientationCost-Efficiency• Services provide functionality that can be reused many times by manyServices provide functionality that can be reused many times by many
consumers• Services become a single point of maintenance and management for
common functionalityAgility• Through service discovery mechanisms, developers can find and take
advantage of existing services to reduce development times Legacy Leverage• Separation of service interface from service implementation provides true
platform independencep pAdaptability• Separation of service interface from service implementation allows for
incremental deployment of services and incremental modernization
8
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
p y
Tradeoffs
Security• Breaking systems into services, service consumers, and infrastructure
components increase the attack surface of a system• Using a SOA-based system to enable inter-organizational functionality
exposes organizations to threats that were previously hid by the firewallPerformance• SOA infrastructure adds agility, reusability, and adaptability but is costly in
performance• Compensating for increased security requirements also impacts performance
9
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Common Misconceptions About SOA
1. SOA provides the complete architecture for a system2 All legacy systems can be easily integrated into an SOA2. All legacy systems can be easily integrated into an SOA
environment3. SOA is all about standards and standards are all that is
neededneeded4. The use of standards guarantees interoperability in an SOA
environment5 SOA i ll b t t h l5. SOA is all about technology6. It is very easy to develop applications based on services7. Testing service-oriented systems is no different than testing
any other type of system8. Everything in a service-oriented system has to be a service
10
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
What Has Worked Well in SOA Implementations?Implementations?
StandardizationLoose coupling Strategic service identificationService discovery mechanismsyGovernance
11
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Standardization
Even though there are multiple ways to implement service-oriented systems, the most common implementation is based onmost common implementation is based on WS* Web Services
Benefits• Interoperability: standard interfaces to
heterogeneous technologies• Tool support• Enablement of other aspects of service-
oriented systems: discovery, composition, etcU f thi d t i• Usage of third-party services
• Potential for shorter development times– All you need to know to use a service is
th
12
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
there
Loose Coupling
Different architectural patterns emphasize different forms of loose coupling — however, there is always some form of coupling• Data centric — data model• Data centric data model• Event driven — events and event mechanism• Service orientation — interfaces and communication mechanisms
Two forms of loose coupling in service orientationTwo forms of loose coupling in service orientation• Between provider and consumer
– Service provider and consumer know as little as possible about each other– SOA infrastructure mediates a lot of the differences between providers and
consumers– SOA infrastructure also provides centralization of support for key quality
attributesattributes• Between interface and implementation
– Service locationS i i l t ti t h l i
13
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
– Service implementation technologies
What Has Not Been Solved With Service Orientation ?Orientation ?Multi-organizational SOA implementations, e.g.
Di t ib t d d l t t k• Distributed development tasks, e.g. assurance• Multi-organizational concerns, e.g. trust, federation, security
Standardization on how to specify quality attributes• Key for service discovery and SLA management and monitoring
Support for interoperability at higher levels• Above syntactic: semantic and process interoperability
Automation of service discovery• Many efforts, but still not widely used
14
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Selected Challenges for DoD SOA ImplementationsImplementations
DoD Vision and Needs SOA Technology State of the Practice
Highly adaptable to changes in Design for Context No agreement on how to g y p gthe environment
gAwareness
grepresent context. No real implementation of contextual service discovery mechanisms.
Highly configurable to deal with Design for Runtime No standard for semantics ToolHighly configurable to deal with multiple deployment choices
Design for Runtime Discovery and Composition
No standard for semantics. Tool support is very weak. No relevant examples of large-scale use.
Highly secure due to potentiallyl ifi d t t d li i
Securing SOA I f t t d
Federated identity management, it li i d liclassified content and malicious
attacksInfrastructures and Services
security policies and policy enforcement, and trust establishment and trust brokering in SOA environments are all active
f hareas of research.Highly reliable and precise in a mission-critical context
Real-Time SOA Current, widely-used SOA implementation technologies do not meet real-time requirements.
15
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
q
So What Is Different?
There is nothing conceptually new, but it has brought together existing technologies and good practices in a way that works.g g p y• More aligned with mission and business
– Services represent coarse-grained reusable mission and business tasks• Backed by industryBacked by industry• Standards-based• Greater degree of rigor in interface specifications
Truly loosely coupled• Truly loosely-coupled– In most cases, there is no need for consumers to install specific components– Platform-independent
• What is behind the interface is irrelevant to the consumer• Philosophy or paradigm as opposed to a set of technologies
16
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Agenda
Purpose
Service orientationService orientation
Cloud computing
Conclusion
17
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Cloud Computing
“A large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet.” 1
Cloud Computing is a distributed computing paradigm that focuses on providing a wide range of users with distributed access to virtualized hardware and/or software infrastructure over the Internet.
1 I. Foster, Y. Zhau, R. Ioan, and S. Lu. “Cloud Computing and Grid Computing : 360-Degree Compared.” Grid Computing Environments Workshop 2008
18
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Computing Environments Workshop, 2008.
Cloud Computing — Core Concepts
Distributed computing paradigm• Large-scale distributed system
Resource-based and service-based• Provides access to a resource and/or service
Elastic and on demand• Has the ability to scale up or down based on demand
Economies of scale• Contains a large number of nodes and therefore reduces the overall cost of
resource acquisition and operation Utility payment models• Based on pay-per-use model
Based on existing technologies• Leverages existing technologies such as virtualization, service-orientation
and grid computing
19
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Cloud Computing Types
Software-as-a-Service (SaaS)
Public Cloud
( )
Platform as a Service (PaaS)
Private Cloud
Platform-as-a-Service (PaaS)
Infrastructure-as-a-Service (IaaS)
Based on Type of Capability Based on Access
20
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Based on access
Software-as-a-Service (SaaS)
Application-specific capabilities, e.g., service that provides customer managementAllows organizations and developers to use business-specific capabilities developed by third partiesExamplesp• Force.com (http://www.salesforce.com/platform/)
– From salesforce.com (SaaS leader), provides enterprise users a platform to build and run applications and components bought from AppExchangepp p g pp gor custom applications
• Zoho (http://www.zoho.com/)– Provides a large suite of web-based applications, mostly for enterprise useg y
21
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Platform-as-a-Service (PaaS)A li ti d l t l tf t i t h t J tApplication development platforms, e.g. containers to host Java componentsAllows developers to leverage the resources of established organizations to create and host applications of a larger scale than an individual or small business would be able to handlebusiness would be able to handleExamples
• Google App Engine (http://code.google.com/appengine/)Provides users a complete development stack and allows them to run their– Provides users a complete development stack and allows them to run their applications on Google’s infrastructure
• Yahoo! Open Strategy (Y!OS) (http://developer.yahoo.com/yos/intro/)– Provides users with a means of developing web applications on top of the existing
Yahoo! platform, and in doing so leveraging a significant portion of the Yahoo! resources
• Akamai EdgePlatform (http://www.akamai.com/html/technology/edgeplatform.html)– Provides a large distributed computing platform on which organizations can deploy– Provides a large distributed computing platform on which organizations can deploy
their web applications; large focus on analysis and monitoring• Microsoft Azure Services Platform (http://www.microsoft.com/azure/)
– Provides users with on-demand compute and storage services as well as a
22
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
development platform based on Windows Azure
Infrastructure-as-a-Service (IaaS)
Generic computational infrastructure available over the Internet, e.g. compute, storage, etc.Allows organizations and developers to extend their IT infrastructure on an on-Allows organizations and developers to extend their IT infrastructure on an ondemand basisExamples
• Amazon Elastic Compute Cloud (EC2) (http://aws.amazon.com/ec2/)p ( ) ( p )– Provides users with a special virtual machine (AMI) that can be deployed and run on
the EC2 infrastructure• Amazon Simple Storage Solution (S3) (http://aws.amazon.com/s3/)
– Provides users with access to dynamically scalable storage resources• IBM Computing on Demand (CoD) (http://www-03.ibm.com/systems/deepcomputing/cod/)
– Provides users with access to highly configurable servers plus value-added services such as data storagesuch as data storage
• Microsoft Live Mesh (http://www.mesh.com/)– Provides users with access to a distributed file system; targeted at individual use
23
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Cloud Computing Types — Based on AccessPublic• Offered as a service, usually over an Internet connection• Typically charge a monthly usage fee
PERSPECTIVE
yp y g y g• Users can scale on-demand and do not need to purchase
hardware• Service providers manage the infrastructure and pool
Cloud Consumer
p g presources into capacity required by consumers
Private• Deployed inside the firewall and managed by the user p y g y
organization• User organization owns the software and hardware running
in the cloudCloud
Provider
• User organization manages the cloud and provides cloud resources
• Resources typically not shared outside the organization d f ll t l i t i d b th i ti
24
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
and full control is retained by the organization
Drivers for Cloud Computing AdoptionScalability Users have access to a large amount of resources that scaleScalability Users have access to a large amount of resources that scale
based on user demandElasticity The environment transparently manages a user’s resource
utilization based on dynamically changing needsy y g gVirtualization Each user has a single view of the available resources,
independently of how they are arranged in terms of physical devices
Cost The pay-per-usage model allows an organization to only pay for the resources they need with basically no investment in the physical resources available in the cloud. There are no i f t t i t d tinfrastructure maintenance or upgrade costs
Mobility Users have the ability for the user to access data and applications from around the globe
C ll b ti U t ti t th l d t kCollaboration Users are starting to see the cloud as a way to work simultaneously on common data and information
Risk Reduction
Users can use the cloud to test ideas and concepts before making major investments in technology
25
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Reduction making major investments in technology
Barriers for Cloud Computing Adoption
Security The key concern is data privacy: users do not have control of or know where their data is being stored
Interoperability A universal set of standards and/or interfaces have not yet been defined, resulting in a significant risk of vendor lock-in
Control The amount of control that the user has over the cloud environment varies greatly
Performance All access to the cloud is done via the internet, introducing latency into every communication between the user and the environmentenvironment
Reliability Many existing cloud infrastructures leverage commodity hardware that is known to fail unexpectedly
Pl tf S l d i t id t f ifiPlatform or Language Specificity
Some cloud environments provide support for specific platforms and languages only
26
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Business Case for Cloud Computing
Cloud Consumer Cloud Provider
• Reduced overhead• Increased speed
Increased flexibility
• New business models• Additional revenue sources
More customer options• Increased flexibility• Increased scalability
• More customer options• Global coverage
clickdocuments.com
27
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
clickdocuments.com
Agenda
Purpose
Service orientationService orientation
Cloud computing
Conclusion
28
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Conclusion 1
Service orientation is an approach to software development where• Services provide reusable functionality with well-defined interfaces.• An SOA infrastructure enables discovery, composition, and invocation of
services. • Service consumers are built using functionality from available services.
Service orientation is more than just an architectural style• It is a way of developing systems.• It requires a change of mindset.It requires a change of mindset.• It requires alignment with business or operational goals and processes to be
of value.• The core concept will most likely endure, but specific implementations will p y , p p
continue to change
29
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
Conclusion 2
Cloud Computing is in essence an economic model• It is a different way to acquire and manage IT resources
There are multiple cloud providers—the cloud is real• Currently most cloud consumers are small enterprises• Large enterprises are exploring private cloudsg g• The number of providers will most probably grow as people start seeing
greater savings and improvements to reduce adoption barriersCloud Computing adoption requires cost/benefit/risk analysis to p g p q ydetermine• What resources to move to the cloud (if any)• What situations warrant use of cloud resources, even for one-time situations,• Implementation of private clouds vs. usage of public clouds• What risks are associated with using resources on the cloud• What risks are associated to providing resources in the cloud
30
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
What risks are associated to providing resources in the cloud
Contact Information
Grace A. [email protected] 1 412 268-5851Dennis B [email protected] 1 412 268-6850
Research, Technology and Systems Solutions (RTSS) ProgramSystem of Systems Practice (SoSP) Initiative
Software Engineering Institute4500 Fifth AvenuePittsburgh, PA 15213-2612Pittsburgh, PA 15213 2612USA
31
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
NO WARRANTY
THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS FURNISHED ON AN “AS IS" BASIS CARNEGIEENGINEERING INSTITUTE IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL CARNEGIE MELLON UNIVERSITY DOESOBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
Use of any trademarks in this presentation is not intended in any way to infringe on the y p y y grights of the trademark holder.
This Presentation may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use Requests for permission should be directed to the Softwareis required for any other use. Requests for permission should be directed to the Software Engineering Institute at [email protected].
This work was created in the performance of Federal Government Contract Number FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software g y pEngineering Institute, a federally funded research and development center. The Government of the United States has a royalty-free government-purpose license to use, duplicate, or disclose the work, in whole or in part and in any manner, and to have or permit others to do so, for government purposes pursuant to the copyright license under
32
SOA and Cloud ComputingCNO 9 February, 2011© 2011 Carnegie Mellon University
p , g p p p py gthe clause at 252.227-7013.