A cohesive security policy and approach has to be thought through from the onset. Many enterprises have existing security repositories they want to leverage in a SOA environment. On the other hand, many of the products that are typically deployed in a SOA environment come with their own security enablement.
A holistic SOA security approach will answer questions like:
Application performance is usually calibrated by the needs of its distinct user community. However, when a service is being implemented its future usage scenarios may not be visible. Needless to say that services performance becomes a very important factor in ensuring it is used across a wider set of applications. Each service needs to meet the most stringent performance requirement across applications.
Success for an SOA initiative needs to be measured and tied to broader business goals. Questions like the following need to be answered before any level of success can be claimed:
Some of these questions may be answered via spreadsheets, but many will require the proper deployment of tools and processes to provide reliable answers. The success of the SOA journey should be quantifiable via metrics rather than left to perceptions formed due to incomplete information.
While some of the above guidelines may be applicable for any software development lifecycle, an SOA environment imposes a new outlook given the reuse and agility guideline requirements.
Kamran Ozair is the CTO at MindTree Consulting.