1. June 3, 2015 Government Technology Forum: Service Oriented Architecture (SOA) Jonathan Natarajan Enterprise Integration Program Manager

2. June 3, 2015 Agenda Concept Introduction Business Drivers Benefits of SOA Risks and challenges Preparatory Steps Trends in Public Sector City’s SOA Strategy DoITT’s Efforts

3. June 3, 2015 Concept Introduction A Service-Oriented Architecture (SOA) is a way of designing a software system and its surrounding environment to provide services either to end-user applications, to executable business processes or to other services through published and discoverable service interfaces Key Characteristics: A paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains Provides a uniform means to offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations Reuse, granularity, modularity, composability, componentization, and interoperability Compliance to standards (both common and industry-specific) Services identification and categorization, provisioning and delivery, and monitoring and tracking [OASIS SOA Reference Model]

4. June 3, 2015 Concept Introduction cont… Service –Discrete unit of functionality that can be requested –Performs one or more operations –Returns a set of results (with an activity executed to provide value to the enterprise) –IT organizations deliver a set of services to the programs (service delivery) Service Oriented Architecture (SOA) –Architecture composed of a set of interdependent services –Can be defined at various levels, from federal- wide, to a specific system solution within an agency –Transforms Monolithic to Service-Oriented Government Service Component –Usually a self-contained process or software component performing the functionality provided by a service –Accessed through an interface

5. June 3, 2015 Concept Introduction cont… Application design and implementation paradigm that is focused on intercommunication of loosely coupled, coarse grained (business level), reusable artifacts (services) that are accessed through well-defined platform independent, interface contracts. Address Validation Authentication Geo Coding Function XYZ Business Level Function Component [Service] User Interface Agency Application XYZ Applications can be built with components/services that are provided by 3rd party hosts. Hosted by agency providing GEO Support Purchased 3rd Party COTS Intra Agency Function User Interface Agency Application XYZ Hosted by agency providing GEO Support

6. June 3, 2015 Business Drivers Each autonomous City agency provides distinct set of services SOA / EAI solutions bring many disparate point-to-point applications together and facilitates the delivery of truly distributed business functionality Provides an organizational platform to address the different integration issues through a common set of well-defined technologies, methodologies, and policies Value of integration solution for City agencies: –Improve agency business processes –Improve the services City agencies provide –Address Process Redundancy and create efficiency –Address technological issues –Increase the City’s return on investment (ROI) by adopting common standards and methodologies City agencies can realize the above mentioned advantages by adopting a unified approach

7. June 3, 2015 Benefits to SOA Adoption Key abilities to be gained Heterogeneous Ability to utilize legacy and new applications based on the concept of interfaces Enables Information Sharing Organizations and departments with in organizations deploy various applications and services. Visibility of these applications and services will aid in reducing redundancy and enforce reusability Agility Around Business Process Agencies or organizations focus on multiple business processes. The ability for IT organizations to rapidly deploy applications based on changing processes is critical. Services centric model assists IT to understand dependencies between various business processes. Leverage Business Assets Agencies can increase their bottom line and overall ROI by reusing components or services that have already been built by themselves or even across other entities. Services reused, composed and recomposed Reuse and loose coupling of services/components lends itself to fasters development / implementation cycles reduce time to delver.

8. June 3, 2015 Risks and Challenges Challenges in effective SOA adoption span across business and technology. Governance Decisions related to system of record for shared information Ownership of shared services How to motivate agencies / business partners to adopt SOA paradigm? Policies related to service usage. I.e. Which agency/department/user can use specific services? Early adoption and evolution of standards etc. Organizational change required since services based model crosses system boundaries. SOA adoption in the government sector adds regulatory challenges. Scope of change is at the enterprise level encompassing dispersed and heterogeneous systems Infrastructure is distributed requiring high availability and scalability Security related challenges such as identity management and policy management arise SDLC methodology requires changes due to complex system dependencies Quality assurance is problematic since services are distributed and have many interfaces Change management is extremely important and especially difficult since each agency / business partner will depend on services provided by each other.

9. June 3, 2015 Preparatory steps Need for a formal SOA program charter with strong executive sponsorship Examine current architecture and methodology in use and adjust for SOA Agile OOA/OOD approach with specific SOA deliverables and patterns Establish a repository and governance policies for reusable artifacts Interface specifications Schemas Interface definitions (WSDL) Develop SOA reference architecture based on design patterns with security controls in mind Acquire message based testing tools and develop SOA quality assurance policies and procedures Involve operations support early and deploy monitoring - management tools for the SOA infrastructure (QoS - quality of service management) Create a SOA strategy and roadmap based on business value, risk, business process effectiveness, and IT assets to be leveraged Transition to a services model iteratively adding services based on business value and utility of function build the services library over time.

10. June 3, 2015 Trends in Public Sector Federal Level Defense Information Systems Agency has begun cataloging web services developed by the U.S. Air Force Army Navy Other groups with DOD Internal Revenue Service is has adopted a services based model and the agency start a large business systems modernization program in late 05 EPA State and Local Government Level The State of Wisconsin has leveraged Web services and a service oriented architecture (SOA) to give caseworkers real-time access to mainframe-based records, resulting in improved productivity and customer service. The state operates more than 30 agencies and stores information that affects public services for 5.5 million residents. Staff can now access internal systems (which continue to be housed on mainframes) alongside new systems residing on client/server and Web platforms.

11. June 3, 2015 Vision / Direction at the City Level New York City agencies goal : Provide first rate governmental services to its constituents and to other City agencies. Multiple lines of business requiring interoperability –Public safety and criminal justice –Educational services –Health and human services … Need for Reference Architectures that can be adopted by the various agencies with in each line of business Promote information sharing and interoperability across lines of businesses to achieve the common goal of serving our constituents Need for technology centric agency such as DoITT focus on SOA enablement and build the core components required to assist in moving to a services model City Agencies as Providers DoITT To Provide Common Components Process Orchestration Process Management Activity Monitoring End User Interface via Portal Federated Services access Multi agency distributed applications Identity Management Centralized Identity Provider Security Policy Management Business Intelligence Analytics Distributed Services Implementation Enterprise Business Logic Enterprise Service Bus Message management Web Services Gateway Services Registry & Repository Governance

12. June 3, 2015 Current Initiatives DoITT Integration services team working on a pilot architecture and subsequent implementation that will use of key technologies with the overall goal SOA enablement

13. June 3, 2015 Current Initiatives cont… Web Services Gateway Pilot with the following components Gateway- Simplifies security management Centralizes security policies Enables modular, adaptable infrastructure Decouples the Gateway platform from that of Web Services Registry and Repository Publish discover and manage web services Access and Policy Manager Provides Identity management to manage the access to services Service Consumer Service Consumer … Policy Registry Service Provider Service Provider … Associates security requirements on service invocation Gateway Access Manager