1. Assess the security risks associated with the system. Risk is a function of threats, vulnerabilities, and consequences.
2. Define appropriate mitigation strategies to combat these risks. Mitigation strategies should be commensurate with the risk and consequences. An effective security strategy typically involves a combination of transport-level (e.g., SSL) and application-level (e.g., WS-Security) security mechanisms, as well as layered policy enforcement points (PEPs) deployed at a centralized entry point, at each intermediary, and at each service endpoint.
3. Select appropriate products to implement your security strategies. I recommend using a combination of XML security gateways (for centralized and intermediary PEPs) and web services management (for intermediary and endpoint PEPs).
Data center requirements:
1. Assess the resources that will be required by the system.
2. If the anticipated load will be very high, consider strategies that allow you to offload compute-intensive XML processing from constrained systems (acceleration appliances) or that permit you to split the load across partitioned systems (content-based routing). Consider caching strategies if the system requirements permit it. Also consider highly scalable processor options, such as Azul Systems.
Production database requirements:
- as far as I'm aware, these requirements are the same for SOA as for any other type of app
System monitoring, installation, configuration, and support requirements:
1. Institute appropriate governance processes to coordinate and control staging, configuration, and provisioning of services. (strongly recommend using a registry)
2. Select a web services management solution for monitoring, error detection, and SLA compliance tracking. (also used for security purposes) Make sure that the service provisioning process includes management and security provisioning.
3. Prepare to train operations staff on the new management tools and procedures.
4. Set up appropriate support teams (best approach depends on corporate culture).
Anne
The project is currently in the Architecture phase. Basically, from a planning perspective, all the requirements for deploying the bits in production need to be nailed down. Specifically, this includes, but is not limted to, the following:
* security requirements
* data center requirements
* production database requirements
* system monitoring, installation, configuration and support requirementsI am merely looking for a checklist to guide the requirements gathering process.
--- In [email protected], "Sarode, Prashant" <[EMAIL PROTECTED]> wrote:
>
> At what Phase of execution are you in? If you are beyond
> conceptualization and now in Architecture phase then, yes, there can be
> lot of items to be talked about. But if you are already done with your
> Architecture and Design then I am not sure what kind of information you
> are looking for?
>
>
>
> There are many levels of information depending upon the phase you are.
> Please elaborate more so people can provide relevant answer/information.
>
>
>
> ________________________________
>
> From: [email protected]
> [mailto:[email protected] ] On Behalf Of
> ramu_kellogg98
> Sent: Monday, November 07, 2005 3:39 PM
> To: [email protected]
> Subject: [service-orientated-architecture] SOA-centric Nonstop eCommerce
>
>
>
>
> I am in a project that is scheduled to deliver a SOA-centric, Java-based
> ecommerce solution. In execution mode, where the rubber meets the road,
> the deployed bits have to play without hiccups (i.e., no Pri 1, Sev 1
> issues). I am looking for a set of proven ecommerce practices (at an
> action level), when followed, will orchestrate "Release to
> Pre-Production" followed by "Release to Production" to be beyond
> best-in-class (i.e., zero misexecutions) and achieve the vision of
> non-stop ecommerce.
>
> Thanks for any input.
>
>
>
> ________________________________
>
> YAHOO! GROUPS LINKS
>
>
>
> * Visit your group "service-orientated-architecture
> < http://groups.yahoo.com/group/service-orientated-architecture> " on the
> web.
>
> * To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
> <mailto: [EMAIL PROTECTED]?subj
> ect=Unsubscribe>
>
> * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
> Service < http://docs.yahoo.com/info/terms/> .
>
>
>
> ________________________________
>
>
>
> **************************************************************************
> This message and any attached documents contain information
> which may be confidential, subject to privilege or exempt from
> disclosure under applicable law. These materials are solely for
> the use of the intended recipient. If you are not the intended
> recipient of this transmission, you are hereby notified that any
> distribution, disclosure, printing, copying, storage, modification
> or the taking of any action in reliance upon this transmission is
> strictly prohibited. Delivery of this message to any person other
> than the intended recipient shall not compromise or waive
> such confidentiality, privilege or exemption from disclosure as
> to this communication.
>
> If you have received this communication in error, please notify
> the sender immediately and delete this message from your system.
> *****************************************************************************
>
YAHOO! GROUPS LINKS
- Visit your group "service-orientated-architecture " on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
| Service-oriented architecture | Computer monitoring software | Computer and internet software |
| Free computer monitoring software |
YAHOO! GROUPS LINKS
- Visit your group "service-orientated-architecture" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
