SOA Executive Forum (East)


I'm at the East Coast version of InfoWorld's SOA Executive Forum in NY. My panel on services and contracts went well this morning--better than last time, I think. Part of that was the panel having some idea what was coming, but most of it, I think was the audience. We got some great questions that drove the discussion in interesting ways. That's probably my fault for not encouraging enough audience questions at the West Coast event.

I'm in the panel on opportunities and challenges for the agile enterprise at the moment. Jon Udell is moderating. The panelists are:

  • Bruce Graham, VP, WW Professional Services, BEA Systems, Inc.
  • Dr. John Halamka, CIO, Harvard Medical School
  • Rohit Khare, Research Director, CommerceNet Labs
  • Jim Culbert, CTO, Metratech
  • Patrick Gannon, President, OASIS

How does building greenfield services differ from wrapping a legacy application. One key difference is the ability to think about the data model. Since data outlives code, getting the design correct from the start is important. Think about data recycling and always return XML.

Prepare for implicit invocation, not just explicit invocation. Don't write applications with he assumption that you know who will be calling you and you don't know what state the application is in when its called.

Business intelligence flies around the enterprise in email. Process isn't expressed explicitly, let alone in an executable way. Moreover, enterprise-critical data lives in Excel on direct attached disks. Email represents a system for rapidly prototyping business processes. We need better gateways for automatically processing email. All of this represents a challenge to building Web services.

Health flexible savings accounts represent a place where multiple industries have to come together (banks, insurance, health care providers). We've seen vertical, industry specific XML definitions that are incompatible, even within the specifications that exist now.

For Harvard Medical School, "the web is the way" because of privacy concerns regarding data. They discourage the use of Excel and files on direct attached disk.

Policies still have to be deployed on each system at a time. Auditing can be centralized through well-defined auditing objects that all application must understand and use. This is equally applicable whether the goal is SOX or HIPAA compliance. Intermediation is a necessity not a luxury.

Standards are evolving, but many have reached plateau points. Standards get extended to meet specific user's needs. Interoperability can come through intermediaries that translate in between various standards.

Dashboards are more than just pouring data into pretty pixels on the screen. Dashboards need intelligence in the fabric that does analysis in real time: continuous query systems, stream processing systems, etc. This goes the other direction as well: translate customer preference information into specific action: for example, translate hotel chain customer preferences for room temperature into turning down the thermometer in the room two hours before expected arrival.

One of the key features of Web services is that they're hackable. You've given up control of the end point (either producer or consumer depending on which end you're on) and thus you can't control what they do with your message. They may use Perl and regular expressions, for example to rip apart the message and process it as raw XML even though you intended it to be processed as SOAP.