1. SOA Fundamentals
|
|
- Objectives
- SOA in Context
- SOA Job Role Impact
- Service Oriented Architecture
- The SOA Umbrella
- SOA and Business Process Management
- BPM Value Add
- SOA Governance
- SOA Governance Model
- What s a Service?
- Example Services
- Service Actors
- SOA Motivation
- SOA s Goal
- The Value of Transitioning from Applications to Services
- Is this a New Concept?
- Service Orienting the Enterprise
- Service Characteristics
- About Services in SOA
- Contract-driven software
- Elements of a Service
- What is a Web Service?
- How Web Services Work
- Web Service Standards
- SOA Standards
- SOA Capabilities
- Service Oriented Thinking
- Summary
|
|
2. Layers of Services
|
|
- Objectives
- What is Layering?
- SOA Layers
- Common Layers
- Auxiliary Layers
- Digesting the Layers
- The Application Service Layer
- The Business Service Layer
- The Orchestration Layer
- Layering Rules of Thumb
- SOA User Interface
- Portal Site's Context Awareness
- Web 2.0 Data Aggregation
- Summary
|
|
3. SOA Value Proposition
|
|
- Objectives
- The SOA Value Proposition
- Reducing integration expense
- Integration costs illustration
- Ripple effect of changes
- The value of SOA layering
- SOA reduces integration costs
- Increasing asset reuse
- Asset reuse illustration
- Increasing business agility
- Business Agility Illustration
- Traditional EAI Approach
- Problems with Traditional EAI Approach
- Change Flow Using Legacy Approach
- SOA Agility
- Build the Services
- Build the Process
- We Can Easily Change the Process
- Reducing business risk
- Risk reduction illustration
- SOA Eases Compliance Risk
- Other Advantages
- Business Advantages
- Hasn t this been said before?
- Hasn t this been said before?
- ROI Quantification Hurdles
- Real World SOA Example 1
- Real World SOA Example 2
- Real World SOA Example 3
- Real World SOA Example 4
- Summary
|
|
4. Overview of Service Registries
|
|
- Objectives
- Services Registry
- Why Do We Need a Service Registry?
- Main Activities Done Using a Registry
- Publish
- Discovery
- Dynamic Discovery
- Management
- Enforce Governance Lifecycle
- SOA Registry Products
- Summary
|
|
5. Enterprise Service Bus (ESB)
|
|
- Objectives
- SOA and the ESB Pattern
- Loose Coupling
- Service Invocation
- Business Process
- Data Integration
- Enterprise Service Bus (ESB)
- Legacy System Integration
- Unsupported Protocol
- The Role of ESB in SOA
- ESB: Software Artifacts
- ESB - Software Artifacts
- Business Process
- Business Process: Example
- Minimum ESB Capabilities
- Minimum ESB Capabilities: Integration
- Minimum ESB Capabilities: Communication
- Minimum ESB Capabilities: Service Interaction
- Minimum ESB Capabilities: Management
- Security and ESB
- Summary
|
|
6. Information Management in SOA
|
|
- Objectives
- Introduction
- SOA and Enterprise Information Management
- Operational Data Replication Basics
- SOA and Data Basics
- Data Publishing Event
- Modeling Events
- Handling Events in a BPEL Process
- Data Mediation
- Data Format
- Generic Data Model
- Example Generic Data Model
- Mapping Data
- Loading Data
- Extract Transform Loading (ETL)
- ETL and SOA
- Data Federation
- Summary
|
|
7. SOA Security Overview
|
|
- Objectives
- Traditional systems
- Loosely-coupled systems
- Risks of loosely-coupled services
- SOA Security Concerns
- Security Stack: Web services
- Security Stack: Other services
- Discussion Question
- Summary
|
|
8. Security Patterns
|
|
- Objectives
- Service bus security
- Service bus security layers
- Application-managed security
- Security as a service
- Reverse Proxy
- ESB Gateway
- Discussion Question
- Summary
|
|
9. Security Layering
|
|
- Objectives
- SOA Layers
- Security Layering
- Policy-driven Security
- PEP/PDP in Action
- Separation of concerns
- Loosely-coupled security layer
- SES/SDS in Action
- Layering and service granularity
- Security Service Granularity
- Process-centric Security
- Discussion Question
- Summary
|
|
10. Applying Traditional Security to SOA
|
|
- Objectives
- Public Key Infrastructure (PKI)
- Digital Signature
- Digital Signature Process
- Certificates
- Authentication
- Basic HTTP Authentication
- Secure Socket Layer (SSL)
- Basic Authentication Over HTTPS
- Securing non-HTTP Traffic
- Summary
|
|
11. SOA Security Standards
|
|
- Objectives
- WS-Security
- XML Encryption & Signature
- SAML
- WS-Trust
- WS-Trust Interoperability
- WS-Federation
- WS-SecureConversation
- Web Services Policy Framework
- WS-SecurityPolicy
- Security Standards Review
- Summary
|
|
12. Simple Object Access Protocol (SOAP)
|
|
- Objectives
- SOAP Overview
- SOAP in Protocol Stack
- SOAP Components
- SOAP HTTP Request Example
- SOAP HTTP Response Example
- Message Envelope
- The Header Element
- Header Attributes
- SOAP Body
- SOAP Fault
- Communication Style
- RPC/Encoded Style
- RPC/Literal Style
- Enabling RPC Styles
- Document/Literal Style
- Document/Literal Wrapped Style
- Details of the Wrapped Style
- Enabling Document Literal Style
- Summary
|
|
13. SOA Security Standards
|
|
- Objectives
- SOA Security Model
- SOA Security Policies
- Transport Level Security Policy
- Message Level Security Policy
- Data Level Security Policy
- Overview of Web Services Security
- Securing XML Data
- XML Digital Signatures
- XML Encryption
- WS-Security Tokens
- WS-Security Considerations
- Putting it all together
- Phase 1: The Service-side
- Phase 1: Build a secure service
- Phase 2: The Client
- Phase 2: Build a secure client
- Phase 3: Production
- Audit Tracking
- Identity Assertion Using SAML
- SAML SOAP Example
- Summary
|
|
14. SOA Security Threats and Countermeasures
|
|
- Objectives
- The Price of Open Standards
- Generic Vulnerabilities
- XML-specific Attacks
- Countermeasures
- Summary
|
|
15. Governing SOA Security
|
|
- Objectives
- Security Governance
- Collecting Security Requirements
- Policies and Contract Management
- Policy and Contract Management
- SOA Security Lifecycle
- Governance Model Overview
- Models for Governing Security
- Discussion Question
- Summary
|
|
Appendix A. Glossary
|
|
- Glossary
- Glossary
- Glossary
- Glossary
|
|
Appendix B. Introduction to Web Services
|
|
- Objectives
- A Conceptual Look at Services
- Defining Services
- SOA Runtime Implementation
- SOA Runtime Implementation
- What is a Web Service?
- Enterprise Assets as Services
- Typical Development Workflow
- Advantages of Web Services
- Web Service Business Models
- Case Study: Internal System Integration
- Case Study: Business Process Externalization
- SOAP Overview
- SOAP in Protocol Stack
- SOAP Structure
- SOAP Message Architecture
- Applying SOAP
- WSDL Overview
- WSDL Structure
- Applying WSDL
- UDDI Overview
- UDDI Terminology
- UDDI Structure
- Locating a Service
- Applying UDDI
- WS-I Overview
- WS-I Deliverables
- Summary
|