Innovative Marriage of Security and Performance in SOA Based Dynamic Enterprises

Transcription

1 S O L E A Service-Oriented Locally adapted Enterprise Architecture Innovative Marriage of Security and Performance in SOA Based Dynamic Enterprises Sponsors: -Helsinki University of Technology -Univeristy of Kuopio Presented by: Dr. Mehmet Yildiz Certified Executive IT Architect myildiz@au1.ibm.com Proposed Abstract: All enterprise systems have two key concerns: security and performance. All CIO / CTOs have these two in their daily agenda through the life cycle of their mission critical business systems. These two aspects hardly go along well unless specialised design considerations, innovative techniques and methodical practices are applied. Finding the right balance for security and performance marriage is a significant challenge for dynamic enterprises especially when the Service Oriented Architecture (SOA) is the key enabler of it. This paper aims at identifying key security and performance factors for SOA projects in dynamic enterprises and how they can be efficiently architected for desired business outcomes. In this paper, the experience based claims are substantiated with industry based literature review and a sample case study from the field Corporation

2 Agenda -Introduction -Theme 1: EA and SOA in Dynamic Enterprise -Theme 2: SOA Performance 2 -Theme 3: SOA Security -Conclusion Research Focus SOA Reference Architecture QoS Layer 7 Perf/Sec 2008 Corporation

3 Introduction and Methodology Purpose Share experience SOA and EA are important Data collection, analysis and validation of results Lessons learnt out of over 50 projects Interaction (surveys and interviews) with over 100 architects Industry literature Academic research papers Invention disclosures Experience from 3 full cycle SOA and 10 EA engagements Leader of Architecture Lessons Learnt CoP harvesting IP from field Validation of findings with selected top 10 SOA practitioners from diverse organisations and industries Still so much to learn! Corporation

4 Theme 1: EA and SOA in Dynamic Enterprise S A E A O E S B Corporation

5 Enterprise Architecture SOLEA CS1 Enterpri ise wide focus Strategy Business Opportunity Planning Business Strategy Business Architecture CBM Information Technology Strategy Enterprise Architecture - Processes - Information - People - Locations The Gap IT Architecture - Applications - Data - Technology Technology Availability An Enterprise Architecture is a framework for making IT investment and design decisions in support of business objectives. Enterprise Architecture the city plan Transition Plan Project focus Design and Delivery The Great Divide Business Operating Environment and IT Infrastructure IT Solutions Program Architecture functional aspects operational aspects the infrastructure and Single building design Corporation

6 Evaluation of Current Architecture Frameworks CS1 None of the assessed frameworks fully meets the major criteria in the Regensburg study. Hence use of combination of frameworks is suggested. 6 Ref: Susanne Leist and Gregor Zellner University of Regensburg, Institute of Information Management, Germany 2008 Corporation

7 SOA Vendors for New Systematic Applications Gartner s Magic Quadrant for Application Infrastructure for New Systematic SOA Application Projects There are many vendors investing on SOA Application Projects. Leveraging their experience is important 7 Ref: Gartner s Magic Quadrant for New Systematic Applications 2008 Corporation

8 Key SOA Concepts a service? A repeatable business task e.g., check customer credit; open new account Interoperable Composable SOA Re-Usable service orientation? A way of integrating your business as linked services and the outcomes that they bring service oriented architecture (SOA)? An IT architectural style that supports service orientation Loosely Coupled a composite application? A set of related & integrated services that support a business process built on an SOA Corporation

9 Definition of Service and System - Technically Extract from Webster Service A service is a program we interact with via message exchanges System A system is a set of deployed services cooperating in a given task Services Science An interdisciplinary approach to the study, design, and implementation of services systems complex systems in which specific arrangements of people and technologies take actions that provide value for others. 9Ref: Webster Dictionary 2008 Corporation

10 Service Integration Maturity Model (SIMM ) Typical SOA Projects SOA Maturity Assessment Business Silo Isolated Business Line Driven Integrated Business Process Integration Componentized Componentized Business Composite Services Services Componentized Processes Provided Business Provides & Consumed via & Consumes Composite Business Services services Virtualized Services Outsourced services; BPM and BAM Dynamically Re-Configurable Services Mix & match business capabilities via context-aware services Organization Ad hoc LOB IT Strategy & Governance Ad hoc Enterprise IT Strategy & Governance Common Governance processes Emerging SOA Governance SOA and IT Governance Alignment SOA and IT Infrastructure Governance Alignment Governance Implemented using automated Policies Methods Applications Structured Analysis & Design Modules Object Oriented Modeling Objects Component Based Development Components Service Oriented Modeling Services Service Oriented Modeling Applications composed of Composite Services Service Oriented Modeling for infrastructure Virtualized Services Grammar Oriented Modeling Dynamic Application Assembly; context-aware invocation Architecture Monolithic Architecture Layered Architecture Component Architecture Emerging SOA SOA Grid Enabled SOA Dynamically Re- Configurable Architecture 10 Information Infrastructure Application Specific LOB or Enterprise Specific Canonical Models Information as a Service Enterprise Business Data Dictionary & Repository Virtualized Information Services Semantic Data Vocabularies Context-aware Common Project-based SOA LOB Platform Platform Common SOA Event-based Reusable SOA Environment; Specific Specific Environment Sense & Infrastructure Environment Sense & Respond Respond Level 1 Level 2 Level 3 Level 4 Level 5 Level 6 Level Corporation

11 Why SOA An executive view The paradigm shift of using services instead of APIs means simplified interaction, less communication, and reduced complexity SOA Train * Infrastructure Flexibility Application Integration Resource Reuse Interoperable Composable SOA Loosely Coupled Business Agility Re-Usable Infrastructure SOI Application Resources Processes Architecture Business Standards-based approach speeds business process automation 11 *Concept created by Mehmet Yildiz, 2007, 2008 Corporation

12 A SOA Reference Architecture Sample CS1 Enterprise Architecture Ref Architecture for Service Areas Ref Architecture for a Program Ref Architecture for a Single Project 12Ref: and Open Group 2008 Corporation

13 7 Concerns at Layer 7 - QoS CS1 1.Increased virtualization 2.Loose coupling 3.Widespread use of XML 4.The composition of federated services Layer 7 5.Heterogeneous computing infrastructures 6.Decentralized SLAs 7.The need to aggregate IT QoS metrics to produce business metrics 13Ref: and Open Group SOA Reference Architecture 2008 Corporation

14 Security and Performance Relationship Performance Belief: The harder the security the lower the performance in any SOA project Security Corporation

15 Security vs Performance in Dynamic Enterprises CS1 Balance of Dynamic SOA* Dynamic Enterprise Supports Dynamic Applications Security Security Performance Supports Dynamic Infrastructure Supports Dynamic Operations Availability and Satisfaction Dynamic Security Dynamic Performance 15Concept introduced by Mehmet Yildiz, 2007, 2008 Corporation

16 Theme 2: SOA Performance abstraction heterogeneous infrastructures federated service ecosystem Performance open standards Internal Governance Compliance 16 Open protocols distributed computing 2008 Corporation

17 Major Source of Performance & Scalability Issues CS1 Architecture 19% Production 25% Development 56% 17 Ref: Optimizing Service-Level Performance, Jean-Pierre Garbani Forrester Research 2008 Corporation

18 [An Observed] SOA Perf/Sec Effort Indication* CS 1, 2, 3 =Case Studies S-M P-M =Complexity Indicators P-H S-H Services Integration S-M P-M S-H P-H Operational Support Extreme S-L P-L Code S-M P-M Application Packaging Data Migration Infrastructure Build P-M S-M High Medium Low 18Ref: SOA performance assessement research results by Mehmet Yildiz, 2008, 2008 Corporation

19 Performance Complexity Indication Code CS1, 2, 3 Application Operations / Production Infrastructure Services Integration 19Ref: Concept and research results by Mehmet Yildiz, 2008, 2008 Corporation

20 Performance Model Innovations 1 CS1 Analyse & walk thru (E2E) components Use various optimisation Techniques i.e. code SS Introduce additional caching layers Analyse Bottlenecks at element level Use Appliance Apply performance measurement best practices SS Conduct Performance tests (from start to end) Analyse at Multiple directions Top Bottom Middle Use Models Operational, service, information, design component, cost Monitor SS Systematically (Comprehensive at all levels) 20 Ref: Extracted from M. Yildiz Performance Model Innovation technique paper, Corporation

21 Performance Model Innovations 2 CS1 Performance boosting experiments With R & R Results Measure Critical components Early and often Predictions to evaluate trade-offs Questions for key technical stakeholders Decisions: Architectural, design, build, implementation operational for performance elements Validations Exercises 21 Build performance into new systems Not to fix them later Ref: ditto previous slide. Checklists for admins, operators and power users Scenarios Worst, best case) 2008 Corporation

22 Performance with FastSOA SS FastSOA is an architecture and software coding practice that addresses 3 key problems: 1 Solves the SOAP binding (proxy) performance problem by reducing the need for Java objects and increasing the use of native XML environments to provide SOAP bindings. 2. Uses native XML persistence to avoid XML-to-relational transformation performance problems. 3. Introduces a mid-tier service cache to provide SOA service acceleration. 22 Ref: Corporation

23 Benefits of SOA Appliances SS Hardened & specialized hardware for helping to integrate, secure and accelerate SOA Higher performance with hardware acceleration (more security checks without slow downs) Many functions integrated into a single device Meet Higher levels of security assurance certifications (government FIPS Level 3 HSM) Simplified deployment and ongoing management 23 Ref: Extracted from Websphere Datapower White Paper 2008 Corporation

24 Simplification with SOA Appliances SS CS1 24 Ref: Extracted from Websphere Datapower White Paper 2008 Corporation

25 Popular SOA Management Tools SS CS1 The complexity of SOA environments and applications demands management tools from inception to deployment to operations and beyond. Tools (Alphabetically) Summary of Key Functions AmberPoint's SOA Management System: BMC Software's AppSight: CA's Wily SOA Solution: HP's SOA Manager: 's Tivoli Composite Application Manager (ITCAM) for SOA: itko's LISA Enterprise SOA Testing platform: Mindreef's SOAPscope Server: OpTier's CoreFirst Progress Software's Actional for SOA Operations Tidal Software's Intersperse A policy-based run-time governance software suite, SOA performance in production. Includes a runtime repository, service network monitoring, SOA security, service-level monitoring. Performs automated problem resolution in SOA implementations to alleviate and eliminate application problems. Monitors the performance and availability of Web services, application performance on client machines and other components in the SOA environment. The software can define and maintain a dynamic model of services, including software assets and virtual servers; and manage application and Web services performance within that SOA model. Monitors, manages and controls the Web-services layer of IT architectures, and identifies the source of bottlenecks or failures. Focuses on the software performs unit, regression, functional and load testing, as well as post deployment monitoring tasks. Enables task-oriented collaboration regardless of role, skill set or development environment -- which makes it possible to find quickly and address any performance problems that arise, the company says. Monitors the performance of services, components and transactions. Uses agent technology that watches messages entering and exiting XML appliances and application servers to build a map of what happens in an SOA infrastructure. Helps with performance alerting, dependency analysis, problem detection and resolution. Enables the proactive detection of problems, problem localization and root-cause analysis Corporation 25

26 Theme 3: SOA Security abstraction heterogeneous infrastructures federated service ecosystem open standards internal Governance 26 Open protocols Security Compliance distributed computing 2008 Corporation

27 Typical Security Architecture for an Enterprise CS1 Externally Controlled Highly Secure Zone External Business Zone External Uncontrolled Internal Zone Demilitarized Zone Special Domain Corporation

28 Typical SOA Security Architecture CS1 28 Ref: SOA Security Red Book, Dr. Paul Ashley et al 2008 Corporation

29 SOA Security Reference Model by CS1 29 Ref: SOA Security Red Book, Dr. Paul Ashley et al 2008 Corporation

30 Top 10 Security Principles for Dynamic Enterprises Key Points 1. Least Privilege 2. Defense in Depth Descriptions Only grant access to what is required. CS1 Relying on more than one component or mechanism to be secure, failure of a single security solution may compromise the entire security. 3. Choke Point Forces attackers to use a narrow channel of access where actions can be monitored and controlled. 4. Weakest Link weakest point to attack. 5. Fail-Safe Stance 6. Universal Participation Security is only as strong as the weakest link. Smart attackers will seek the Systems should fail in such a way that it denies access to an attacker rather than grants access. Everyone needs to be concerned with security. Failure from one person or or area can be dramatic! 7. Diversity of Defense 8. Simplicity 9. Compartmentalization 10 Inside/outside threats Do not rely on only one (type of) system or application for security, no matter how strong or comprehensive it may be. (e.g. one firewall). The more complex the security environment, the riskier it is for security. To minimize the amount of damage that can be done to an environment (or system), break the environment up (or system) into isolated units. Historically, insiders account for 65% of all attacks. Protections should make little difference for an inside or outside attack There are 33 important principles by NIST! 2008 Corporation

31 Granular Security Assessment feeding SM CS1 Components and Elements for Each Subsystems and Functions Impact Likelihood Insignificant Minor Moderate Major Catastrophic Subsystem Credential Subsystem Almost Certain Information Flow Control Subsystem Likely Moderate Access Control Subsystem Unlikely Security Audit Subsystem Rare Integrity Subsystem 31 Adapted from s Systems Engineering Method 2008 Corporation

32 SOA Security Architectural Decisions Samples 32 Documenting and obtaining sign off for the architectural decisions at the very beginning of the SOA project is essential Decision 1: Use SAML 2.0 Browser Artifact Profile for Federated web single sign-on Decision 3: Use point of contact servers in a DMZ environment for all in-coming and outgoing transactions. Use hardware appliances for dealing with web services messages Decision 2: Provide authorization at every layer in the architecture Course grained at the point of contact servers Increasing more fine grained towards the back-end systems Decision 4: Use only standards based interconnections WS-Security WS-Trust SAML WS-I Basic Security Profile 2008 Corporation

33 Creating security model innovations Analyse all compliance requirements Identify security Standards Use security reference architectures Focus on AAA Policies (Authentication, Authorisation, Auditing) Identify Useful patterns i.e. map of layered security patterns Use proven Frameworks such as JASON1 (JavaCard As Secure Objects Networks platform) 33 Remember: SOA services are always in runtime (No DT) Identify Anti-patterns & add them to policies Use model driven development for E2E Security Ref: Extracted from M. Yildiz Security Model Innovations Technique Paper, Corporation

34 Conclusion Messages SOLEA PERFORMANCE & SECURITY IS (E2E) LONG TERM JOURNEY. Map PM to SM! A tight relationship for desired results! Target is SIMM Level 7! Security and performance are like Ying & Yang, hence require balance all the time Standards, policies, models, compliance, agility and architecture are very important factors for SOA QoS Use of methodical and systematic approach produce better results for SOA EA is important for successful SOA projects & provides a map Every marriage require commitment. & lifetime support so does SOA marriage of security & performance Beware, SOA projects require different approach than traditional projects and may take longer and may cost more; it is not necessarily easiest! SOA also helps EA to be more efficient for an organisation Performance & security work MUST start from inception! Any delay is a critical factor SOA projects are full of unknowns depending on number of services. 34 Ref: Extracted from M. Yildiz SOA Performance and Security Paper, Corporation