The Philosopher’s Stone of SOA
This paper is dedicated to the problem of Service Refinement in the Enterprise SOA implementations and outlines my approach to solving this problem in the context of the comprehensive SOA Governance Solution. Let's start with a definition:
Service Refinement refers to the ability to slightly change the interface, vocabulary, granularity, semantics or behavior of enterprise services without changing the service implementation or affecting existing service consumers.
The Challenge
One of the core benefits of SOA is reuse, which means that ideally every service is implemented once and then used throughout the enterprise. In other words every business service, such as InvoiceCustomer
, would have to be developed once and then could be used in hundreds of places across dozens of applications for multitude of purposes. It is unlikely that the exact same interface, granularity, vocabulary and level of abstraction will be right for all possible service uses. Thus creating a single implementation that would out of the box satisfy all existing and future uses throughout the company is not realistic - it would have to be infinitely flexible to work on different levels of abstractions, granularities, with different sets of defaults and assumptions, etc. Infinite flexibility means infinite complexity: to design and build such a service would be very costly, require a very long time, and it would still likely miss some of the use cases.
Another approach is to define and create a reasonable 80/20 service and apply some glue as needed on the consumer side. This is also a very costly approach, potentially requiring service consumers to repeatedly re-write the missing 20% of the code in every place where the service is consumed. Furthermore, such glue code will be very tightly coupled with the service itself, so whenever the latter changes in any visible way, the owners of all composite applications that consume such service will have to go through every instance of that glue code and change it accordingly.
Neither of these approaches is acceptable in enterprise-level post-pilot SOA since both result in overcomplicated and fragile solutions, which often forces the adopters of SOA to take an even less desirable route of service replication thus ultimately defeating the purpose of SOA to save money and improve quality through reuse.
The Answer
The best way to implement service refinement is in the context of a comprehensive aspect-based SOA Governance solution. This architecture naturally supports service refinement through well defined, reusable refinement aspects. Service producer defines and implements a reasonable service implementation, which is published and can later be combined with one or more refinement aspects into a number of consumable service offerings. Service consumers then select and bind to the offering which best matches their usage scenarios.
An even more powerful solution would combine the use of refinement aspects that implement common refinement concerns with support of decorating individual services with individual refinement methods or filters to address one-off requirements. When a new use case with some unique requirements is discovered, a new service offering can be created by combining the existing service implementation with a new refinement method, which can be developed by service consumer, producer or a third party.
The best part of the solution is that neither service producer not any of existing consumers of basic or refined service offerings are affected by this change. Any future fixes and improvements of the service implementation would be immediately effective to all of the consumers.
The Uses
Below are some of the real-life SOA challenges that have been successfully solved through service refinement:
· Customer Information Service: following the SOA best practices, a company implemented a single coarse-grained service getCustomerInfo
which provided consolidated customer information, instead of multiple fine-grained services like getCustomerName
, getCustomerAddress
, etc. This worked well for most consumers except a remote application which required only minimal customer information and was accessing the service over an unsecured, low bandwidth, high cost wireless connection. A simple granularity refinement method allowed to reuse the common lookup service for this remote application.
· Employee Lookup Service: a company developed a service to lookup employee information based on a number of criteria. The service proved to be very useful and was immediately utilized in a number of applications run by different departments, including payroll, HR and training. However it became apparent that although all of them have a concept of employee, each attached a different meaning: in payroll system employees were everyone who gets paid, including permanent and contractors, training system only considered permanent full-time employees who were eligible for training, and HR software was required to also keep track of former employees. A number of straightforward semantic refinement methods allowed to implement a common lookup service, which was not tied to any particular definition of employee thus reducing coupling. When a new system was discovered in Legal, which had to track employees based on nationality, the same lookup service was reused without any changes.
· The same Employee Lookup Service: was easily made compliant to the new privacy regulations with a use of vocabulary refinement method that transparently translated employee social security numbers that were used as employee IDs into a surrogate IDs for the consumers invoking the service from the overseas subsidiaries.
Conclusion
Support for service refinement should be a crucial part of any SOA enablement platform. Similarly to service versioning, which allows services to evolve in time to meet the changing consumer needs, refinement allows services to adapt to different usage scenarios without unnecessary duplication and service proliferation. A universal SOA governance solution allows to manage service offerings based on refinement in the same way as those based on different security models or SLAs.