Day 2 of the LZA Bootcamp proved to be another solid day packed with great information about SOA. Today we covered abstraction, SOA and legacy systems, data services, XML, and security.
Here are some of the key take aways:
Abstraction - The business doesn't care how the service is built or where it is located. All that matters is that it works. Business services abstract both data and application functionality.
Legacy - SOA impacts Legacy in three ways.
- Migration - You can use SOA to migrate off of legacy by abstracting the interfaces and then gradually replacing the pieces on the backend.
- Enablement - Expose legacy capabilities and data as services.
- Rejuvenation - Leverage legacy as an active SOA participant. This is common with mainframe systems today. Many companies have fully functional mainframe systems that need to be connected with each other and presented with new rich interfaces.
XML - XML allows for standardization and maximum flexibility, but it sacrifices performance. XML is a widely accepted standard and leveraging it gives you the ability to connect more easily with external services. However, since XML contains huge amounts of metadata and is Ascii, it can consume large amounts of network bandwidth. This can be addressed with hardware and software solutions that compress and accelerate XML messages.
Security - SOA increases the risk of security breaches. In addition to the normal dangers (SQL injection, denial of service, buffer overflow, and trojan horse), XML adds XML injection, WSDL scanning, schema poisoning, and other threats. In the traditional distributed computing world, systems were closed and API's were proprietary. With SOA, we have open systems and distributed APIs. A much larger effort is required by architects to keep the "bad guys" out.
Day three focuses on governance and funding. I'll be back tomorrow for a quick recap on those topics. Here is the recap from day 1.