Come and participate in the 3 day workshop on how you could benefit from MDM, Operational BI and SOA. Our key consultants will help you unlock the complex web of data flowing across your organization and help you expose them as meaningful information which the decisions makers can use to take informed decision in real time.

Event:MASTER DATA MANAGEMENT for SUCCESSFUL OPERATIONAL BUSINESS INTELLIGENCE - 

 8th - 10th February 2010 Holiday Villa Subang, Selangor MALAYSIA Click here for more… 

Email Entry Finance and technology, Malaysia, MDM, MDM event, Operational BI, Operational BI event, SOA, SOA event

For many enterprises, strategic BI has played a key role in the overall decision making process. Where trends and patterns for various business entities were identified and company wide strategies were drawn. But lately, the enterprises are realizing that its NOT enough as Strategic BI heavily depends on data marts or a data warehouse, the reason being the latency. By the time data is put in the warehouse and information is extracted, critical time is lost leading to lost opportunities from the operational point of view. Say for instance, if there is a delay in delivery then its important to notify the Production unit, Finance, Line of business Representative as well as the customer. This has various advantages and most importantly the customer will appreciate it even more as they could reschedule their production plan and save a lot of time and money, it also helps maintain the relationship with the customer to curb customer attrition and also allow the internal folks to re-schedule or re-prioritize delivery.

This is where Operational BI helps enterprises to leverage the transactional data available, process it and alert respective entities within as well as outside the organization. It also by-passes the data warehouse route and minimizes the information turn-around time.

For more on Operational BI - read the feature Operational BI vs. Traditional BI - http://www.ebizq.net/topics/bi/features/11716.html

Email Entry Operational BI

In most of the cases we see that SOA initiatives are driven by enterprise architects. The reason they are funded in the first place could be because SOA promises reduction in overall IT costs! From the tools that are available today we have Service Registries, Web Services Management,BPEL, ESBs and Governance based products to name a few. No doubt that they play a key role towards enabling SOA but do the business users really benefit from these tools? Say from a “Line of Business representative’s” perspective one could possibly use the Service specific information provided by the WSM tools such as Service Faults, SLA breaches for the service, Transactions Per Second…But they are all very service specific! what happens to the data that is passing through it? The data which is all important and is instrumental in running the enterprise itself!!! Do we see a convergence here where the concepts of Business Activity Monitoring and Web Services Management could be merged to benefit the Business Users and attribute to the overall profitability?

Gourangi

SOA Roles
Keeping with the Design Time, CHange time and Runtime paradigm in the SOA Governance space, new roles have come into existence as enterprises gain more insight by SOA implementation experiences:
Role category
In order to comprehend the life cycle of a service and the usage the following categories were taken into consideration.
Provider
An organization that provides/develops native services to be consumed by other actors.

Consumer
The organization that would consume the native service provided by the Provider Organization
Intermediary
A Proxy or Agent based application that would broker messages between the Provider and Consumer organizations enforce policies, provision users, gather statistics

Specific roles for the categories
Provider
The roles played during the life cycle of a service, from a provider’s perspective would mainly be:
System Administrator: This role will have all the privileges available and in addition will be able to assign various roles and privileges to other users of the system, in short provision users. They will also be responsible for maintaining security related artifacts such as Certificates, CRL locations.
Business Service Analyst or Business Analyst: In this role the user will ensure that the business requirements are met by different services that would be offered and would help others understand the business value of the service.
Line of Business Representative: These users will communicate business requirements and identify business services. Will also be responsible for providing Consumers to access services and define consumer specific terms such as security, SLA and other policies which need to be enforced. Could also create composite applications using existing services Note: this role will surface mostly in a brokered proxy mode.
Service Administrator – The users of this role will be solely responsible for a service or a group of services, will track usage and monitor them for the purpose of ROI and also track and maintain the life cycle of a Service such as versioning, deprecation, EOL. Apart from this will also be responsible for managing all other artifacts associated with the Service such as Dependency Profile, impact analysis.
Service designers/Developer – The users of this role will focus mainly on the development of the Services and would interact with the Business Analyst and the Service Owners.
Service Testers – In this role a user will test and maintain the services in terms of the business requirements as well as policy compliance.
Service Monitoring Representatives: In this role users will monitor all services and help in resolving all SLA related activities.
Note: Any other user apart from this will be treated as a guest user. (Please check the Consumer section for more details on the guest user’s access privileges)
Consumer
The roles played by the consumer are limited to service subscription, usage and view statistics.
1) Service User: A service user will be able to use a service or a group of services and will not be able to view statistical data associated with the services in terms of response time, faults, number of hits, service usage, and service usage by user for a particular consumer organization.
2) Power User: These users will be more from the top management of an organization and apart from being able to use a service will be able to access statistical data, view the availability of new services provided by the provider organization and subscribe for them.
3) Service Monitoring Rep: These users will just monitor the statistics of the services that are being consumed. In case of breach of contract will initiate a dialog with the provider organization.
4) Guest: A guest users would be required so that people without any credential can come and view available services. They would not be able to use any service but can request for a subscription. The provider organization should be able to receive this request and process it. The life cycle of such request would be
a. Depending on the service the service provider will be notified with users details which the guest user needs to provide while requesting for a subscription, typically the details would be i) User Name ii) Organization name iii) address iv) email v) phone vi) fax.
b. Once the request is received by the provider organization the processing will start. The subscription work flow could be made part of our application or could be done offline.
5) Anonymous User: When a proxy service is used by user without any credentials the request shall be treated as an anonymous access and if for the service anonymous access is allowed then a proper response will be sent back to the requester or else a SOAP fault can be generated which will detail the cause of failure.

Intermediary
The Roles for this category will be in line with the provider organization and behave exactly like the provider roles but with some added responsibilities.
System Administrator: This role will have all the privileges available and in addition will be able to assign various roles and privileges to other users of the system, in short provision users such as Consumers and internal users. They will also be responsible for maintaining security related artifacts such as Certificates, CRL locations.
Service owners – The users of this role will be solely responsible for a proxy service or a group of proxy services, will track usage and monitor them for the purpose of ROI and also track and maintain the life cycle of a Service such as versioning, deprecation, EOL. Apart from this will also be responsible for managing all other artifacts associated with the proxy Service such as WSDL and impact analysis.
Runtime Policy designers/Developer – The users of this role will focus mainly on creating policies for the proxy services and would interact with the Service Owners. The policies being SLA, Security, Transformation, Routing, Logging and monitoring.
Service Testers – In this role a user will test and maintain the proxy services in terms of the business requirements as well as runtime policy compliance.
Service Monitoring Representatives: In this role users will monitor all proxy services and help in resolving all SLA related activities.
Anonymous User:
The only exception being that the users:
Will not be responsible for creating Web Services.

Privileges
The roles described above will have CRUD operations on application specific privileges. The identified privileges are, broken down by app category:

Gourangi

Web Services Intermediary features
With the adoption of Web Services in the SOA space WS based intermediaries are gaining importance. The key factors for this adoption are because no matter how Web services are provisioned finally they would be consumed by some applications, the consumption of such services will demand certain functionality which is not related to the service itself, functionalities such as Security, SLA, and Routing for high availability etc.
One could argue that these features could be part of the application that hosts the service. Well, on second thoughts you would agree that all these features would provide more value if isolated and handled by an intermediary.
1) Different application servers which have hosted services can utilize these features rather than implementing such logic.
2) Policy enforcement can be done agnostic of any application server’s native features.
3) Performance would not be hindered due to Application server’s bottle-necks
4) Performance can be managed by dealing with the intermediary
5) The load of processing the components can be separated out and let the Application server handle just the Web services
6) Apart from the additional functions there would be certain maintainability aspects relating to the intermediary such as , handling Policies, data persistence, handling statistics, EPR routing etc
7) Clustering of proxies would serve multiple Applications servers and cater to HA
1.1 Components
1.1.1 Authentication
Authentication details will be taken from a) WS Security Token, b) protocol headers and checked against the following:
SAML assertion
Kerberos tokens
LDAP
Database
File based
1.1.2 Authorization
Depending on the Authentication, user’s groups and roles will be assigned and based on their privileges will allowed to administer the intermediary.
Users: users would belong to a group and share roles.
Group: groups will have roles
Role: roles would have none or many privileges
Privileges: Users can be directly assigned privileges

1.1.3 WS Security – SOAP Based
Security features will be applicable to the SOAP request as well as SOAP response but will also depend whether it’s synchronous or Asynchronous.
Signature
Encryption
Signature Verification
Decryption
Timestamp
CRL
Certification Path validation/Certificate Chain
1.1.4 XML Security
This will be used for XML based services such as REST
1.1.5 SLA – Service Level Agreement
Response time
Priority
Metering
Custom rule based
1.1.6 BAM – Business Activity Monitoring
KPI definition
Rules
Actions
1.1.7 Deprecation
Date time range
Custom rule based
1.1.8 WS-BPEL orchestration
1.1.9 Incentive based contract overriding
Number of hits
Promotion based
Custom rules
1.1.10 Routing
1.1.10.1 Context
Context would depend on the underlying protocol
JMS
HTTP
Email
1.1.10.2 Content
Content evaluation will be on the SOAP message. Evaluation will be based on xpath.
XPath based
Strategies could be Until Success
1.1.10.3 Blind
Random selection of endpoint
1.1.10.4 Parallel
First available service
1.1.10.5 Round Robin
Until success
1.1.10.6 Failover
On Network error, soap fault and timeout; default to the next available service
1.1.10.7 Performance
Cached priority based service endpoint performance
1.1.11 Protocol translator
This feature will act as a protocol translator. This will be applicable in cases where a customer sends a SOAP request using HTTP for a service but the native or endpoint service is say JMS or uses some other protocol.
1.1.12 Content translator
This will be used when the request SOAP or xml needs to be changed. Probable use case would be operation change due to versioning.
1.1.13 Outbound Credential translator
This would be required when the native service requires auth tokens such as WS Security Token, Signed request.
1.2 Services
1.2.1 Embedded SOAP Stack
The embedded SOAP stack could be used to host two types of services:
a) System Services: All system related services such as resource adaptors for integration with application, instrumentation of statistical data.
b) Embedded Web services: For high performance Web services that may be required by clients.

1.2.2 Hot deployment of configuration files
To orchestrate components configuration files need to be hot deployed without affecting requests in the pipeline.
1.2.3 Callback based extension processors
Each component could utilize external components to process the messages. Common cases would be to say eternalize SLA processing.
1.2.4 Polled Extension adaptors
Apart from the intermediary related configuration files some background processes could be required to run on a timely basis.
1.2.5 Service performance statistics
Instrumentation using Web service and MBeans for maintaining state as well as instrumentation.
1.2.6 WS-Notification
Less of acceptance.
1.2.7 Monitoring & Rule based Alerts
SNMP traps
Email
SMS
1.2.8 Logging
Log4j
1.2.9 Events
Service level transaction
System exception
Service level business exception
Intermediary start
Intermediary stop
Service start
Service stop
1.2.10 Reliable Messaging
JMS based reliable message delivery
1.2.11 Resource Adaptors - integration
UDDI interface
Web services interface
Servlet interface
Email interface
1.2.12 Data Persistence
Database
1.2.13 System wide data backup
Rule based
Manual

1.2.14 Clustering
Sharing of resources across clustered intermediaries
1.2.15 Automated endpoint service tweaking
Monitoring and eliminating rouge services – Rule based
1.2.16 PKI management
· Keystore
Maintain keystore for WS-Security and SSL
· Keypair
Manage Keypairs in various keystores
· CRL
To manage Certification Revocation List’s by polling for CRLs from different CAs
1.2.17 MIB Management
Manage MIBs
1.2.18 Intermediary Policy Management
Create and manage service policies

1.3 Bindings
The possible bindings for commonly used protocols are as follows
1.3.1 HTTP
Could be used for synchronous high security based Web service request with WS-security functionalities
1.3.2 HTTPS
Could be used for synchronous low security based Web service request
1.3.3 JMS
Could be used for asynchronous Web service requests
1.3.4 Email
Could be used for asynchronous Web service requests
1.3.5 FTP
Could be used for asynchronous Web service requests
1.4 Technology
1.4.1 SOAP
1.4.2 UDDI
1.4.3 JMS
1.4.4 J2EE
1.4.5 Java
1.4.6 WSDL
1.4.7 WSDM
1.4.8 WS-Security
1.4.9 XML
1.4.10 JMX
1.4.11 RDBMS
1.4.12 Directory Servers
1.4.13 SNMP
1.4.14 SMTP/POP
1.4.15 X509 Certificates
1.4.16 PKI
1.4.17 JAAS

Gourangi

Web Services Intermediary featuresWith the adoption of Web Services in the SOA space WS based intermediaries are gaining importance. The key factors for this adoption are because no matter how Web services are provisioned finally they would be consumed by some applications, the consumption of such services will demand certain functionality which is not related to the service itself, functionalities such as Security, SLA, and Routing for high availability etc.One could argue that these features could be part of the application that hosts the service. Well, on second thoughts you would agree that all these features would provide more value if isolated and handled by an intermediary.1) Different application servers which have hosted services can utilize these features rather than implementing such logic.2) Policy enforcement can be done agnostic of any application server’s native features.3) Performance would not be hindered due to Application server’s bottle-necks4) Performance can be managed by dealing with the intermediary5) The load of processing the components can be separated out and let the Application server handle just the Web services6) Apart from the additional functions there would be certain maintainability aspects relating to the intermediary such as , handling Policies, data persistence, handling statistics, EPR routing etc7) Clustering of proxies would serve multiple Applications servers and cater to HA1.1 Components1.1.1 AuthenticationAuthentication details will be taken from a) WS Security Token, b) protocol headers and checked against the following:SAML assertionKerberos tokensLDAPDatabaseFile based1.1.2 AuthorizationDepending on the Authentication, user’s groups and roles will be assigned and based on their privileges will allowed to administer the intermediary.Users: users would belong to a group and share roles.Group: groups will have rolesRole: roles would have none or many privilegesPrivileges: Users can be directly assigned privileges1.1.3 WS Security – SOAP BasedSecurity features will be applicable to the SOAP request as well as SOAP response but will also depend whether it’s synchronous or Asynchronous.SignatureEncryptionSignature VerificationDecryptionTimestampCRLCertification Path validation/Certificate Chain1.1.4 XML SecurityThis will be used for XML based services such as REST1.1.5 SLA – Service Level AgreementResponse timePriorityMeteringCustom rule based1.1.6 BAM – Business Activity MonitoringKPI definitionRulesActions1.1.7 DeprecationDate time rangeCustom rule based1.1.8 WS-BPEL orchestration1.1.9 Incentive based contract overridingNumber of hitsPromotion basedCustom rules1.1.10 Routing1.1.10.1 ContextContext would depend on the underlying protocolJMSHTTPEmail1.1.10.2 ContentContent evaluation will be on the SOAP message. Evaluation will be based on xpath.XPath basedStrategies could be Until Success1.1.10.3 BlindRandom selection of endpoint1.1.10.4 ParallelFirst available service1.1.10.5 Round RobinUntil success1.1.10.6 FailoverOn Network error, soap fault and timeout; default to the next available service1.1.10.7 PerformanceCached priority based service endpoint performance1.1.11 Protocol translatorThis feature will act as a protocol translator. This will be applicable in cases where a customer sends a SOAP request using HTTP for a service but the native or endpoint service is say JMS or uses some other protocol.1.1.12 Content translatorThis will be used when the request SOAP or xml needs to be changed. Probable use case would be operation change due to versioning.1.1.13 Outbound Credential translatorThis would be required when the native service requires auth tokens such as WS Security Token, Signed request.1.2 Services1.2.1 Embedded SOAP StackThe embedded SOAP stack could be used to host two types of services:a) System Services: All system related services such as resource adaptors for integration with application, instrumentation of statistical data.b) Embedded Web services: For high performance Web services that may be required by clients.1.2.2 Hot deployment of configuration filesTo orchestrate components configuration files need to be hot deployed without affecting requests in the pipeline.1.2.3 Callback based extension processorsEach component could utilize external components to process the messages. Common cases would be to say eternalize SLA processing.1.2.4 Polled Extension adaptorsApart from the intermediary related configuration files some background processes could be required to run on a timely basis.1.2.5 Service performance statisticsInstrumentation using Web service and MBeans for maintaining state as well as instrumentation.1.2.6 WS-NotificationLess of acceptance.1.2.7 Monitoring & Rule based AlertsSNMP trapsEmailSMS1.2.8 LoggingLog4j1.2.9 EventsService level transactionSystem exceptionService level business exceptionIntermediary startIntermediary stopService startService stop1.2.10 Reliable MessagingJMS based reliable message delivery1.2.11 Resource Adaptors - integrationUDDI interfaceWeb services interfaceServlet interfaceEmail interface1.2.12 Data PersistenceDatabase1.2.13 System wide data backupRule basedManual1.2.14 ClusteringSharing of resources across clustered intermediaries1.2.15 Automated endpoint service tweakingMonitoring and eliminating rouge services – Rule based1.2.16 PKI management· KeystoreMaintain keystore for WS-Security and SSL· KeypairManage Keypairs in various keystores· CRLTo manage Certification Revocation List’s by polling for CRLs from different CAs1.2.17 MIB ManagementManage MIBs1.2.18 Intermediary Policy ManagementCreate and manage service policies1.3 BindingsThe possible bindings for commonly used protocols are as follows1.3.1 HTTPCould be used for synchronous high security based Web service request with WS-security functionalities1.3.2 HTTPSCould be used for synchronous low security based Web service request1.3.3 JMSCould be used for asynchronous Web service requests1.3.4 EmailCould be used for asynchronous Web service requests1.3.5 FTPCould be used for asynchronous Web service requests1.4 Technology1.4.1 SOAP1.4.2 UDDI1.4.3 JMS1.4.4 J2EE1.4.5 Java1.4.6 WSDL1.4.7 WSDM1.4.8 WS-Security1.4.9 XML1.4.10 JMX1.4.11 RDBMS1.4.12 Directory Servers1.4.13 SNMP1.4.14 SMTP/POP1.4.15 X509 Certificates1.4.16 PKI1.4.17 JAAS

Gourangi

Consumer Identification plays a key role in the Service Intermediary where consumers of a service can be identified based on a certain criteria. Consumers can be individuals as well as an organization and also could be an application.
Motivation:
1) Consumers need to be authenticated; WS-Security based operations need to be enforced and privileged access needs to be provided at runtime.
2) Existing industry standard based entities could be used to identify a consumer such as IP,IP-Range, WS-Sec Token, HTTP Auth token, X509 Certificate, SAML tokens
3) Enforcement Points can make use of the ID to enforce consumer specific policies. Such as SLA, Deprecation, WS Security
4) Existing directory stores can be used to get user/org/group specific information for access control depending on runtime authentication using the consumer Identity.
5) Tracing service usage based on consumers
6) Using alias credentials for ID transformation.
Target usage:
Mostly B2B, C2B
WS Intermediary/proxy usage:
High
Domain:
Network based applications
Participants/Actors:
Consumers, Applications
Consequences
Downsides: needs configuration; if the traffic manager/Box goes down then no service would be accessible.
Dependency:
This capability will depend on the creating of a consumer application with or without users.

Motivation Scenario 1
For authenticating a consumer of a services one needs to have a handle to some form of IDs by which these consumers could be authenticated against a store/repository.
Keeping with the one way request only or two way request/response paradigms the point and mode by which a requester could be identified is either using transport specific details or to be more precise using information contained in the request itself.

Motivation Scenario 2

Currently, from an industry acceptance perspective the following are the ways by which user/consumer credentials are sent across with the message.
a) Context based or transport header based, here the way context information could be used is as follows
i. IP based: in IP based identification a consumer will be identified by the IP in case of a Servlet based request (JMS or other protocols may not make this available). An IP based identification again would have certain restrictions in case the user needs to login from a different machine or location where the IP is different it would fail to identify the user/consumer
ii. IP range: In this an IP range is provided such as 192.168.0.1 to 192.168.0.255 this would also allow users to be identified as coming from a group.
iii. HTTP Auth token, in case http transport mechanism is used then the auth token could be used for identifying the consumer.
b) Content based where the user information is embedded in the request itself.
i. Say for instance using WS-Security the SOAP header would have the WS-Sec token element which will have the credentials of the consumer.
ii. X509 Certificate based authentication: here the certificates content could be used to identify the consumer.
iii. SAML token could be extracted and then could be validated against a provider. In this scenario a SSO feature could also be introduced.

Motivation Scenario 3

When we talk about a policy what we mean is that it has certain terms associated with it and these terms are nothing but assertions which would be validated at runtime. So from a general perspective a policy could have a number of assertions and each assertion would result in a pass or a failure depending on a context. Let’s understand the concept of a policy with some examples.

Policy 1
Say for instance a service provider organization and a consumer application have an agreement by which the PO agrees to certain terms such as being SLA, Security, and Routing. Let’s drill down into the various terms:
SLA
The service level agreement dictates that the PO will provide a service uptime of 90%, responses will be served within 1ms.
Security
The PO agrees to decrypt all messages from a consumer application

Routing
The PO agrees to do a performance based routing where the best possible server in terms of response time needs to be used.

Policy 2
In this case the PO agrees to the following
SLA
PO will provide a service uptime of 60% and a response time which is within 50 ms
Security
All messages will be encrypted and sent by the consumer and the PO will decrypt them as well as encrypt the response.

Understanding the policies and conclusion

What we see here is that for every consumer identified the policy assertions and the evaluation criteria could be very different. In such a case one would need to define consumer centric policies, of course there will be scenarios where some assertions could be global in nature and could be applied across consumers.
A generic policy framework would certainly add value in terms of making the policy more consumer as well as business centric.

Detailed policy framework would be available as a separate document.

Motivation scenario 4, 5

Consumer identification could also play a major role in reporting where consumer applications as well as provider organization could track the usage of a service in terms of the actual requester. Further this could also play a significant role in understanding how a particular service reacts for various consumers, such as one can track that requests coming from a specific consumer failed the maximum number of times where as other consumers never had any issues. The possible outcome could be that the users failed to provide enough information required for processing a request, say the security assertion dictates that the message should not be encrypted but the consumer sent encrypted messages.
The other eye opener is that the notion of an agreement between a provider and a consumer should be made available to a consumer so that consumers can send requests which confirms to the agreement and this again is another motivating factor to have policies which are consumer centric.

Motivation Scenario 6

There could be situations where native services/ endpoint services could have a security mechanism by which access is allowed to a service. Suppose this service is provisioned in an intermediary and doesn’t have any security terms associated with the policy, credentials for the native service needs to be added to the request otherwise the service will fail from the native service provider.

In case such a case the consumer identity could be directly used or could fetch credentials required by the native service from local/remote store and add the credential to the request (in case of SOAP add it as Ws Sec token if that’s what is mandated by the native service)

Gourangi

A key entity in realizing SOA Governance is the Service Intermediary. To understand the importance of its existence, real world scenarios could help in identifying the required capabilities in dealing with Web services/assets. This is required as the service assets can be easily managed across service providers and consuming applications.
Motivation:
1) Service providers would like to dictate service access privileges for Consumers.
2) Make the service assets manageable by providing viewer ship – A taxonomy-based approach could be used for categorization.
3) Changes in service definition needs to be propagated / notified to targeted consumers; changes more specific to service life cycle - Available, Unavailable, Deprecated, Versioned, Suspended (could be merged with unavailable). Also in case of versioning.
4) Design time policies, specific to a consumer/Organization required to enforce assertions during creation
5) Privileges need to be defined for the possible function/operation availabile for a service
6) Roles for a set of privileges
7) Groups having a set of roles
A complete distinction needs to be made between the users of the system.
9) Personalization needs to be done on consumers where new services, which are added to the system, can be showcased to the existing consumer base for them to subscribe.
10) An easy subscription mechanism is required which consumers can subscribe to based on related service interest. When new services are added the consumers can have a glimpse of the new service. If they wish to use the service they can send in a request to the service provider. Involves a subscription life cycle.
11) While defining runtime policies the provisioned services need to be used directly for similar services in policy assertion such as Routing, SLA etc –also filtering of services.
12) When adding a service to the system one would require a WS-I basic profile 1.0 compliance test for the service
Target usage:
Mostly B2B, C2B
WS Intermediary/proxy usage:
High
Domain:
Network based applications
Participants/Actors:
Consumers, Service providers, Applications
Dependency:
Depends on user, role, group, organization, service, WS-Security

Motivation scenario 1 & 2:
At design time a service provider admin can add a service to the system and assign privileges to consumers. A service WSDL URL could be used by the service Provider that is added to a category or taxonomy. Say, Stock Service; under the category of finance. (Note: One could use a UDDI specified taxonomy, for this instance let’s consider a custom taxonomy or a folder/item analogy where folder is the group/domain and item is the service itself).
A service provider would also assign viewer-ship privilege to 0 or more consumers for a particular service.

Viewer-ship
A Consumer application/user could visit our published service page and navigate the folder structure and view the services that are available to them. This again would depend on the kind of privilege the user has. Mostly for consumer application/users it will be view services.

The other purpose of this is to have a clear distinction between the various users of the application as a whole.

Motivation Scenario 3:
Changes to the state and accessibility of a service need to be tightly monitored and the information needs to be made available to a consuming application. The mode by which this would be achieved is more of an implementation matter and could be configuration based. SMTP or SNMP based mechanism could a way by which this could be accomplished. The purpose would be to let the consuming application know the state. In case of change of version in which say the method signature has changed it should be notified so that the consuming application can take preemptive action.

Motivation scenario 5,6,7 and 8
Service Privileges: an imported service (WSDL) can be privileged based on CRUD (Create Read/view, Update and delete) operations, where the Provider Organization Administrator (POA) can give selective privileges to other Provider Organization Users as well as service consuming organizations.

Service Provider Roles: Roles will be critical to the provisioning of services. The main category of roles that would be useful from a provisioning perspective for a Service provider is:
1) POA – Provider Organization Administrator: responsibility of this role is to assign privileges/roles to various other users of the Service Provider Organization and also create users.
2) SI – System Integrator: This role will provide Service access to consumer applications (Note: Consumer applications are users of services, each consumer application can have users associated with them)
3) CA – Consumer Applications: This role will be given to consumers of a particular service consuming organization for a particular Service Provider Organization, in most cases they can view the services.
4) Other roles could be added by the provider organization to suit their purposes.

In a nutshell, there will be two kinds of organizations that would participate in the service life cycle. The Provider Organization and the Consuming Organization. Each of them can have users and participate during the different phases of the service life cycle. The first phase of provisioning would be more focused towards adding an end point (WSDL in most cases) to the system and assigning it to a category. In the second phase these endpoints would be made available to the SI for selectively exposing them to consumers for consumption.

Defining consumer applications/users would be more evident when we introduce Security features. Say for instance we provide a WS-Security capability and allow the client to send encrypted data to our proxy based intermediary. Now to decrypt the data we would require a public key. At the intermediary end the only way to find the public key would be by using the Consumer Application ID to fetch it from the keystore.

Motivation scenario 9,10:
Personalization of services could help consumers to easily access related services or the services that the consumers are interested in. The mechanism by which this can be achieved is to capture service interest area from consumers in terms of service categories. So when a new service is added to the system this could be linked to interested consumer and showcase the new services. When the consumer application/user logs in to the system these new services could be shown to them. If interested then the Consumer Application users can send a subscription request and avail the service. This would certainly have a workflow associated with it – in terms of who will assign service permission, what would be the terms under which this service will be made available etc.

Motivation scenario 12

WS-I Basic Profile test would be an important criteria by which a service being added could be tested for conformance. This would serve two purposes 1) Validate the usability of the service and 2) also serve as an item on the consumer’s checklist as this has wide acceptance.

Gourangi

With Business Activity Monitoring being slowly accepted by the enterprises as the key to realizing tagible business benefits, we at Bizsensors are proud to present Gourangi a BAM product which aims at bridging the business and technology gap.

Gourangi BAM, Bizsensors, KPI, Product