RealTime IT News

What Lies Ahead for SOA?


As enterprises move toward a service-oriented architecture (SOA) , a market for third-party service builders and brokers will emerge.

Buyers and sellers of services will need new technologies to ensure security and build trust between them. Meanwhile, vendors will bring out more mobile SOA applications to enrich the experience of handheld device users.

SOA is a software architecture built around business processes, which are offered as services that can be reused throughout an enterprise. Services can be combined to form new applications through mashups . The aim is to provide new services for a better and richer user experience.

Enterprises will adopt different approaches to application development. They will also focus more on the business, rather than the IT, aspect of applications.

The move to SOA will require that users be knowledgeable about business and IT, and university curricula will change to reflect this. Already, IBM is sponsoring such a curriculum change.

"There's going to be companies out there that build processes and sell them either through a private or a public registry," Rick Fitz, CA's (NASDAQ: CA) vice president of product management for application performance management products, told InternetNews.com. In three to five years, enterprises will go outside the firewall and get services from outside providers instead of building them in-house, he added.

These externally provided services initially will be "small, confined and specific," and these small, high-value services will take hold rapidly, Fitz said. Eventually, enterprises will be able to get entire business processes for rent or for subscription in software as a service, or SaaS form.

Enterprises will also provide business-to-business services. Fitz said Visa (NYSE: V), for example, has a service that lets business customers validate credit cards on its servers.

IBM is already offering what it calls an SOA business catalog, which consists of business and IT services and the best practices for various services.

The catalog has more than 8,000 items, about 70 percent of which come from outside IBM. Purchasers can select services by industry, process or the product they want the service to work with, Sandy Carter, IBM's vice president of WebSphere and SOA marketing, told InternetNews.com.

Enterprises can mash up the services or combine different services, and individual owners govern each service. Some are open source, and others IBM certifies as able to perform various functions.

"This is going to be a whole new business model," Carter said. Future developments will include the ability to do mashups on the front end and SOA on the back end, she added.

Companies, however, will have to resolve issues such as security and other issues before an industry of professional services builders takes off. "Enterprises will need some method to ensure trust with suppliers of services, and I think a lot of the necessary technologies for that haven't been invented yet," Fitz said.

"Security is always a worry, even with services within the enterprise," Fitz added. "There must be some mechanisms to ensure quality of service inside the process."

Ultimately, enterprises need to have their services identity-aware so they know who is trying to access them, for access control and compliance, Raj Nagaratnam, IBM's engineer and chief architect for identity and SOA security, told InternetNews.com. They will also have to manage the identities of customers, consumers and partners to whom services are being exposed.

Enterprises will move security features, such as access control and authorization, outside applications and offer them as services, Nagaratnam said. This will make the applications more flexible, so enterprises will be able to change a policy without having to redeploy applications and services.

Next page: Mobile SOA capabilities