Andrew, David,
First thanks for getting involved! I would like to respond to a couple of
points quickly, as we enter the meeting. (01)
Status; Remember that the point of this call and our current status is to
start assembling a core team and writing the spec for the demo, flushing out
aspects such as identity. Certainly the one sentence does not do identity
management justice! (02)
Challenge; I suspect getting this defined and interoperable, even as s
"simple" demo will be more of a challenge than you suspect and that the
impact of seeing it run with multiple players, application and technologies
will be meaningful to our business stakeholders. The are not successfully
instrumenting communities, even at this level of simplicity! (03)
Security & Identity; Go for it! Lets get this well defined. Doing this in
an open, standards based, robust, performing and interoperable way is still
something we must show and prove. (04)
Semantic variation; Our view of SOA is that it enables architected
interoperability across a wide range of actors and technologies. It is
however, architected. There is a specification of the contract of
interaction to participate in that community. Differing representation of
similar semantics is something we are interested in, and interested in
showing how it fits with architected solution - but it a separate problem in
our view - one where we bring in ontologies. The fact that you can
implement SOA using Corba is a good thing - this is architecture not
technology. (Side note; many of the best examples of deployed wide-scale SOA
architectr4es use Corba) (05)
Specification Evolution; Great thing too shoe, I would tend to get one
revision of an architecture working first. (06)
Green field; This is as green field as you make it - the intent is that both
legacy and new applications can use and implement the interfaces. (07)
Rocket scientists; You are all rocket scientists wanting to show great
stuff. There is some great business value we can show with relatively
simple scenarios. Also, even some of this "simple stuff" is more whet
behind the ears than the industry would like to admit to - showing it work
is great. (08)
> -----Original Message-----
> From: soa-forum-bounces@xxxxxxxxxxxxxx [mailto:soa-forum-
> bounces@xxxxxxxxxxxxxx] On Behalf Of Andrew S. Townley
> Sent: Thursday, March 23, 2006 10:38 AM
> To: Service-Oriented Architecture CoP
> Subject: RE: [soa-forum] RE: SOA Community Demo Con Call
>
>
> Hi David,
>
> On Thu, 2006-03-23 at 14:21, David RR Webber (XML) wrote:
> > One glaring aspect left on the table (that Amazon.com also
> > illustrates) is the need to authenticate partners and provide a secure
> > access model. The government really has not got this correct yet
> > IMHO. It either goes wildly the one way - requiring excessive sign-up
> > criteria taking days/weeks to acquire - or throws the door wide open
> > and leaves participitants potentially exposed to abuse - and in either
> > case, management and control and scalability are indeterminant.
>
> Yeah, but the identity proofing required should be easier with the PKI
> infrastructure already in place. Still, the identity proofing required
> should reflect the risk assessment for the services being accessed. I
> agree that the access control rights aren't really addressed much in the
> demo proposal, but at least the security stuff is mentioned. We have
> implemented a solution around a constrained, e-Gov vertical WSN, so we
> have access control rules as part of the message delivery. It's been a
> while since I've looked at the WS-Federation and other ilk, but that's
> also one of the areas that I'm interested in seeing actually working.
> Of course, the scope of the demo can't be massive, and some of the
> scenarios may be contrived, but the security aspects are some of the
> most fundamental parts of e-Gov from my experience.
>
> >
> > Probably better to address the conceptual vision of what an SOA
> > constitutes in an eGov context - before we rush into providing demo's
> > of raw technology...
>
> The documents are really rough in places and oscillate between various
> levels of abstraction, but our original requirements are here:
> http://www.reach.ie/procurement/. We've clarified a few things and are
> in the process of clarifying more of the fundamental semantics in a set
> of documents that should be published in draft form for more wide review
> next week (note: these are not updated requirements, but operation
> documents located here: http://sdec.reach.ie/).
>
> One of the things I'd looked for before (12-14 months ago) was a bit
> more of the scope of the US e-Gov project. The security and federated
> identity management things were quite good, but I didn't find much else.
>
> > It might also make sense - given that this topic is obviously
> > extensive - to in fact break down the SOA domain into descreet parts -
> > and then look at producing demo's for individual parts. That I
> > believe would be clearer for people and give better balance around
> > what choices are out there and key requirements to be fulfilled - to
> > be able to constitute a robust SOA environment.
>
> I did think the example scenario was a bit odd, but then I thought about
> the number of suppliers and contracts to the US Government, and it made
> sense. Depends on what you're trying to prove, but once you prove the
> security, scalability and evolution of the fundamentals, the rest is
> just variations on a theme of actual service implementations.
>
> > Thanks, DW
> >
> >
> > -------- Original Message --------
> > Subject: Re: [soa-forum] RE: SOA Community Demo Con Call
> > From: "Andrew S. Townley" <andrew.townley@xxxxxxxxxxxxxxxx>
> > Date: Thu, March 23, 2006 8:55 am
> > To: Brand Niemann <bniemann@xxxxxxx>, Service-Oriented
> > Architecture CoP
> > <soa-forum@xxxxxxxxxxxxxx>
> >
> > Hi all,
> >
> > I'm not sure if the conference call is open or not, so I'll
> > just give
> > some initial feedback on the straw man here--assuming that you
> > want a
> > few opinions about the specification. Please don't take these
> > as being
> > over critical, because I'm just trying to help.
> >
> > I think what you guys are trying to do is great, but I'm
> > wondering what
> > implementing the spec as-is will prove. The reason is that,
> > if I've
> > read the document correctly, you're effectively talking about
> > a "green
> > field" type of project with centralized control and everything
> > being
> > defined by MDA. I don't really see how this will prove
> > anything other
> > than SOAP/WSDL + WS-* will allow you to do distributed
> > computing. You
> > could do this with CORBA/J2EE and tunnel everything over port
> > 80 with
> > standardized data formats.
> >
> > I think the demo will only really provide value if it takes a
> > more
> > real-world look at the scenario. I think this can be
> > accomplished by
> > including the following things:
> >
> > 1. Including evolution of a message definition and, since
> > you're
> > using WSDL, a service interface, and
> > 2. including some sort of recognition that in an actual
> > scenario,
> > you're more likely going to be dealing with a variety
> > of message
> > types which are structurally different but represent
> > the same
> > semantic concept.
> >
> > If you don't take these things into account, you're not really
> > dealing
> > with SOA, but a very limited-use, vertical Web services
> > network. I also
> > think, to be realistic, you're going to need to deal with
> > certain fault
> > conditions to prove how flexible the SOA community is when
> > things
> > break. Are there intermediaries?
> >
> > Also, from my reading of the initial draft, it's not clear how
> > BEPL will
> > be applied. Is this just to allow implementation of agents
> > using a
> > workflow or orchestration engine, or is it intended to
> > represent
> > Choreography-style service instructions embedded in the
> > message?
> >
> > Like I said, I'm not trying to be hyper-critical, I'm just
> > very curious
> > to see how these things work in a "genuine" WS-* model vs.
> > what we're
> > doing. As I'm in Ireland, I'm not sure how practical it is
> > for me to
> > actively contribute, but I am interested in participating in
> > this effort
> > in some capacity.
> >
> > Thanks for listening,
> >
> > ast
> >
> > On Thu, 2006-03-23 at 01:47, Brand Niemann wrote:
> > > Thanks and I will try to make this. I am speaking at a
> > conference just
> > > before this. Brand
> > > ----- Original Message -----
> > > From: Cory Casanave
> > > To: 'Cory Casanave' ; 'Service-Oriented Architecture
> > CoP'
> > > Sent: Tuesday, March 21, 2006 8:51 PM
> > > Subject: [soa-forum] RE: SOA Community Demo Con Call
> > >
> > >
> > > Ok this is set for 11AM, Thursday March 23rd
> > >
> > > Phone number: 641-297-5900
> > >
> > > Access code: 41677
> > >
> > >
> > >
> > > As usual, not all could make it ' but most can so
> > lets go for
> > > it.
> > >
> > > -Cory Casanave
> > >
> > >
> > >
> > >
> > >
> > ______________________________________________________________
> > >
> > > From: Cory Casanave
> > [mailto:cbc@xxxxxxxxxxxxxxxxxxxxxxx]
> > > Sent: Tuesday, March 21, 2006 2:20 PM
> > > To: 'Service-Oriented Architecture CoP'
> > > Subject: SOA Community Demo Con Call
> > >
> > >
> > >
> > >
> > > I would like to propose a con-call for the core team
> > of the
> > > SOA demo this Thursday @ 10:30 ' 11:30. if there
> > are any
> > > critical conflicts please let me know.
> > >
> > > Current demo straw man:
> > >
> >
> http://colab.cim3.net/file/work/SOACoP/SOA%20Community%20of%20Practice%20D
> emo.doc (Unchanged)
> > >
> > >
> > >
> > > This is an open process but there will certainly be
> > a core
> > > team that will be organizing the effort and doing a
> > lot of the
> > > work. At this point anyone who asks is part of the
> > core team.
> > >
> > > People who have expressed interest in being on the
> > core team:
> > >
> > > Allen Matthew, Joe Chiusano (BAH)
> > >
> > > Greg Lomow (Bearingpoint)
> > >
> > > Larry Johnson (Tethers End/OMG)
> > >
> > > Brand Niemann (Government Sponsor -
> > Participation
> > > Assumed)
> > >
> > >
> > >
> > > Meeting goal ' initial plan to start work on the
> > demo.
> > >
> > > Validate/raise issues with current spec
> > >
> > > Governance/Work structure
> > >
> > > Identify participant roles
> > >
> > >
> > >
> > > --Roles--
> > >
> > > Executable Enterprise Architecture Role
> > >
> > > The operational role in the project we (DAT) are
> > volunteering
> > > for is to produce an Enterprise-MDA architecture of
> > the
> > > subject community. This will identify the roles,
> > > collaboration and community interactions. This can
> > then be
> > > used by the group to validate the architecture in
> > more detail
> > > and then to produce (generate) the candidate service
> > > specifications that would be implemented by the
> > participants.
> > >
> > >
> > >
> > > Meeting logistics to be sent out once the time is
> > confirmed.
> > >
> > >
> > >
> > > Regards,
> > >
> > > Cory Casanave
> > >
> > > Data Access Technologies, Inc.
> > >
> > >
> > >
> > >
> > >
> > >
> > ______________________________________________________________
> > >
> > >
> >
> _________________________________________________________________
> > > Subscribe/Unsubscribe/Config:
> > > http://colab.cim3.net/mailman/listinfo/soa-forum/
> > > Shared Files: http://colab.cim3.net/file/work/soa/
> > > Community Portal: http://colab.cim3.net/
> > > Community Wiki:
> > >
> > http://colab.cim3.net/cgi-bin/wiki.pl?AnnouncementofSOACoP
> > >
> > >
> > >
> >
> ______________________________________________________________________
> > >
> >
> _________________________________________________________________
> > > Subscribe/Unsubscribe/Config:
> > http://colab.cim3.net/mailman/listinfo/soa-forum/
> > > Shared Files: http://colab.cim3.net/file/work/soa/
> > > Community Portal: http://colab.cim3.net/
> > > Community Wiki:
> > http://colab.cim3.net/cgi-bin/wiki.pl?AnnouncementofSOACoP
> > --
> > Join me in Dubrovnik, Croatia on May 8-10th when I will be
> > speaking at
> > InfoSeCon 2006. For more information, see www.infosecon.org.
> >
> >
> **************************************************************************
> *************************
> > The information in this email is confidential and may be
> > legally privileged. Access to this email by anyone other than
> > the intended addressee is unauthorized. If you are not the
> > intended recipient of this message, any review, disclosure,
> > copying, distribution, retention, or any action taken or
> > omitted to be taken in reliance on it is prohibited and may be
> > unlawful. If you are not the intended recipient, please reply
> > to or forward a copy of this message to the sender and delete
> > the message, any attachments, and any copies thereof from your
> > system.
> >
> **************************************************************************
> *************************
> >
> _________________________________________________________________
> > Subscribe/Unsubscribe/Config:
> > http://colab.cim3.net/mailman/listinfo/soa-forum/
> > Shared Files: http://colab.cim3.net/file/work/soa/
> > Community Portal: http://colab.cim3.net/
> > Community Wiki:
> > http://colab.cim3.net/cgi-bin/wiki.pl?AnnouncementofSOACoP
> >
> >
> > ______________________________________________________________________
> > _________________________________________________________________
> > Subscribe/Unsubscribe/Config:
> http://colab.cim3.net/mailman/listinfo/soa-forum/
> > Shared Files: http://colab.cim3.net/file/work/soa/
> > Community Portal: http://colab.cim3.net/
> > Community Wiki: http://colab.cim3.net/cgi-
> bin/wiki.pl?AnnouncementofSOACoP
> --
> Join me in Dubrovnik, Croatia on May 8-10th when I will be speaking at
> InfoSeCon 2006. For more information, see www.infosecon.org.
>
> **************************************************************************
> *************************
> The information in this email is confidential and may be legally
> privileged. Access to this email by anyone other than the intended
> addressee is unauthorized. If you are not the intended recipient of this
> message, any review, disclosure, copying, distribution, retention, or any
> action taken or omitted to be taken in reliance on it is prohibited and
> may be unlawful. If you are not the intended recipient, please reply to
> or forward a copy of this message to the sender and delete the message,
> any attachments, and any copies thereof from your system.
> **************************************************************************
> *************************
> _________________________________________________________________
> Subscribe/Unsubscribe/Config: http://colab.cim3.net/mailman/listinfo/soa-
> forum/
> Shared Files: http://colab.cim3.net/file/work/soa/
> Community Portal: http://colab.cim3.net/
> Community Wiki: http://colab.cim3.net/cgi-bin/wiki.pl?AnnouncementofSOACoP (09)
_________________________________________________________________
Subscribe/Unsubscribe/Config: http://colab.cim3.net/mailman/listinfo/soa-forum/
Shared Files: http://colab.cim3.net/file/work/soa/
Community Portal: http://colab.cim3.net/
Community Wiki: http://colab.cim3.net/cgi-bin/wiki.pl?AnnouncementofSOACoP (010)
|