Date post: | 15-Jan-2016 |
Category: |
Documents |
View: | 216 times |
Download: | 0 times |
Web Services
the technology is the easy part
Mark Mara
Director, Advanced Technologies & Architectures
Cornell University
12/6/2004 2
Overview
Context Basic evangelism Case study Lessons learned Current status Advanced evangelism
12/6/2004 3
Cornell University
Founded 1865 by Ezra Cornell and Andrew Founded 1865 by Ezra Cornell and Andrew Dickson Dickson
260 major buildings on 745 acres260 major buildings on 745 acres
Faculty – 3,241Faculty – 3,241
Staff – 9,925Staff – 9,925
Undergraduate – 13,655Undergraduate – 13,655
Graduate/professional – 6,679Graduate/professional – 6,679
7 undergraduate units & 4 graduate and7 undergraduate units & 4 graduate andprofessional units in Ithaca professional units in Ithaca
2 medical graduate and professional units in 2 medical graduate and professional units in New York City, and 1 in Doha, QatarNew York City, and 1 in Doha, Qatar
A private endowed university and the federal A private endowed university and the federal land-grant institution of New York State.land-grant institution of New York State.
12/6/2004 4
What and Why Web Services?
The need for independent, and yet interoperable, pieces leads us to a service oriented architecture (SOA) and the changes we see beginning in application architecture.
Web Services let us meet the desire for direct user interaction with systems via the web, taking advantage of:
• Extensible Markup Language (XML)
• Simple Object Access Protocol (SOAP)
• Web Services Description Language (WSDL)
• Universal Description, Discovery and Integration (UDDI).
• Vendor-supplied interfaces
• Web Service “wrappers”
12/6/2004 5
Two Views
Tactical• Reusable points of integration
• Discovery
• Granularity
• One step father down the path to loose coupling
Strategic• Enabler of SOA
• Not the technology, but the ubiquity
• Integration becomes interoperation
Travel Application: A Case StudyTravel Application: A Case Study
Cornel Division of Financial Affairs (DFA) Cornel Division of Financial Affairs (DFA) embarked on a project to build an online Travel embarked on a project to build an online Travel Reimbursement applicationReimbursement application
Goals:Goals:
– 1) Reimburse employees, students, professors for their 1) Reimburse employees, students, professors for their traveltravel
– 2) Manage expenses associated with travel2) Manage expenses associated with travel
– 3) Provide other useful functionality3) Provide other useful functionality
Travel Application: RequirementsTravel Application: Requirements
Integrate with DFA’s Payables systemIntegrate with DFA’s Payables system
– Associate net ID to SSN to vendor recordAssociate net ID to SSN to vendor record
Enforce Cornell University Travel policyEnforce Cornell University Travel policy
– Policy places restrictions on certain types of individualsPolicy places restrictions on certain types of individuals
Employee, foreign national, student, assistant, professor, Employee, foreign national, student, assistant, professor, executiveexecutive
Travel Application: OptionsTravel Application: Options
Ask Travelers (Manual)Ask Travelers (Manual)– Travelers inputting sensitive informationTravelers inputting sensitive information– Room for errorRoom for error
Data Feeds (Batch)Data Feeds (Batch)– Secondary data stores in our environmentSecondary data stores in our environment– Redundant dataRedundant data– Sensitive dataSensitive data
Travel Application: Options Travel Application: Options ContinuedContinued
Direct Connections (Real Time)Direct Connections (Real Time)– Several different mechanismsSeveral different mechanisms– Technical overhead - learning curvesTechnical overhead - learning curves– Security implicationsSecurity implications
Web Service (Real Time) Web Service (Real Time) – A single solution for all dataA single solution for all data– Single input – net IDSingle input – net ID– Staff experienced with web servicesStaff experienced with web services– Abstraction of detailsAbstraction of details
12/6/2004 10
Hype Cycle?
Maturity
Visibility
TechnologyTrigger
Peak of inflatedExpectations
Trough ofDisillusionment
Slope ofEnlightenment
Plateau ofProductivity
12/6/2004 11
Hype Cycle for Web Services
12/6/2004 12
AuthN/Z for Web Services
Mainframe
Databases
WebserviceOne
WebserviceTwo
WebApplication
GenericDatastores
HTTP(S)SideCar/
CUWebLogin
HTTPSKPA
CUWebAuth
CustomProtocols
Central Business Analyst Single point of Central Business Analyst Single point of contactcontact
– Sat down with us and gathered requirementsSat down with us and gathered requirements
– Worked with us to define what certain affiliations Worked with us to define what certain affiliations meant – interpretation of datameant – interpretation of data
– Coordinated further communicationCoordinated further communication
Travel Application: DFA-CIT Travel Application: DFA-CIT InteractionInteraction
Get permission to extract data from several systems and publish results inferred from that data.
12/6/2004 14
Policy
Data Stewardship and Custodianship
• The university expects all stewards and custodians of its administrative data to manage, access, and utilize this data in a manner that is consistent with the university's need for security and confidentiality. Cornell University administrative functional areas must develop and maintain clear and consistent procedures for access to university administrative data, as appropriate.
• http://www.policy.cornell.edu/vol4_12.cfm
12/6/2004 15
Definitions Custodian – An individual who possesses or has access to data, either
electronically or otherwise.
Functional Area – Alumni Affairs and Development, Facilities, Finance, Human Resources, Information Technologies, Planning and Budget, Sponsored Programs, and Student Services.
Legitimate Interest – A need for administrative functional area data that arises within the scope of university employment and/or in the performance of authorized duties.
Steward – An individual with the responsibility for coordinating the implementation of this policy through
• a) the establishment of definitions of the data sets available for access
• b) the development of policies and/or access procedures for those data sets
University Administrative Data – Administrative functional area data, in any form, including that stored centrally as well as in colleges and departments.
12/6/2004 16
Down side of loose coupling
Abstraction• Architecture
• Design goal
• Independence from physical data repositories etc.
• Policy
• More than one data steward
Derivation• Architecture
• Consistent business logic
• Lower maintenance costs
• Policy
• Very complex stewardship
12/6/2004 17
Current Process
DataStewards
FunctionalIT Directors
Meeting
Consensus
Production
DataStewards
FunctionalIT Directors
DataStewards
FunctionalIT Directors
DataStewards
FunctionalIT Directors
Audit Security
yesno
Proposal
12/6/2004 18
Should the bar be higher for web services?
Higher• Inappropriate “republishing”
• No direct control over the user experience
Lower• People will get their work done
• Do we want to encourage shadow systems
12/6/2004 19
How do we move forward
Define a repeatable process
Monitor effectiveness
Modify as required
12/6/2004 20
Registering a Web Service – Make Info available on our web site
Developer
CIT Data AdminCIT WS Web Site
Web Form
ATA
Update site content Request site content update
A provider external to CIT has developed a web service and would like to register it. The WSDL is not hosted by CIT.
12/6/2004 21
Publishing a Web Service – CIT hosts the WSDL
Developer
CIT Data AdminCIT WS Web Site
Web Form
Migrate WSDL
WSDL Directory
WSDL Dir Mgr
Update site content
A provider external to CIT has developed a web service and would like CIT to host the WSDL.
12/6/2004 22
Consume/Subscribe to a Web Service
Developer
CIT Data AdminCIT WS Web Site
Web Form
WS Owner
Data Stewards
Request
Grant access to WS
Request/Approval
Identity Management
A person would like to request access to an existing web service.
Update site content
Contract
12/6/2004 23
Reference Implementations
Goal: Provide reference implementations for Web services developed in the WebMethods and the ColdFusion environments
• Document and model “best practices” for these environments
• Provide template project plan for developing a Web service
Available to campus & central developers
• Will not be binding on campus developers
• But may be binding on CIT IS developers
Improve scalability/mobility of locally developed systems
12/6/2004 24
Web Services at Cornell today
A several production services are deployed Authentication and Authorization are integrated
into the Cold Fusion, webMethods, and Java environments
Hosted environments available for Cold Fusion and WebMethods
Process and reference projects underway
12/6/2004 25
Technical Challenges
Enabling more environments
Creating components with a wide range of re-usability
• Choosing an appropriate level of granularity
Controlling duplication and overlap
• Cataloging of services
Design and implementation of Web Services authorization mechanisms
12/6/2004 26
Political Challenges
Design overhead issues
Trust
• Distributed users accessing central data
• Enhanced? Security/Audit/Logging
Joint stewardship
Separate issues of what data a Web Service may see and what it may expose
12/6/2004 27
Where are we headed?
A business process is the basic unit• Executives managing portfolios of business processes
• Business analysts automating business processes by assembling web services.
Incremental addition of functionality morphs into continuously evolving systems• Systems are becoming so complex and customers are so
reliant on them that implementing a new major system is becoming a challenge both politically and financially, although not technically.
12/6/2004 28
More information
Available – after January 1, 2005
http://webservices.cit.cornell.edu/