Federal Enterprise Architecture Framework V1.1

National Institute of Standards and Technology (NIST) model
The NIST model has been promoted within the Federal Government as a management tool that illustrates the interrelationship of enterprise business, information, and technology environments. The five-layered model allows for organizing, planning, and building an integrated set of information and information technology architectures.

Purpose
. Organize Federal information on a Federalwide scale
. Promote information sharing among Federal organizations
. Help Federal organizations develop their architectures
. Help Federal organizations quickly develop their IT investment processes
. Serve customer needs better, faster, and cost effectively

Value
. Promote Federal interoperability
. Promote Agency resource sharing
. Provide potential for Federal and Agency reduced costs
. Improve ability to share information
. Support Federal and Agency

Framework Components

1. Architecture Drivers

2. Strategic Driection

3. Current Architecture

4. Target Architecture

5. Transitional Processes

6. Architectural Segments

7. Architectural Models

8. Standards

Pinnciples
1. Standards: Establish Federal interoperability standards.

2. Investments: Coordinate technology investments with the Federal business and architecture.

3. Data Collection: Minimize the data collection burden.

4. Security: Secure Federal information against unauthorized access.

5. Functionality: Take advantage of standardization based on common functions and customers.

6. Information Access: Provide access to information.

7. Proven Technologies: Select and implement proven market technologies.

8. Privacy: Comply with the Privacy Act of 1974.

Federal Enterprise Architecture Framework, Level I

(the view from 20,000 feet)

Federal Enterprise Architecture Framework, Level II

(the view from 10,000 feet)

Federal Enterprise Architecture Framework, Level III
(the view from 5,000 feet)

Federal Enterprise Architecture Framework, Level IV

(the view from 1,000 to 500 feet)

The Zachman Framework

Enterprise Architecture Planning (EAP)

is a "how to" approach for creating the top two rows of the Zachman Framework, Planner and Owner

Design Architectures

TOGAF

TOGAF = The Open Group Architecture Framework

What kind of architecture does TOGAF deal with?
– Business Architecture - this defines the business strategy, governance, organization, and key business processes
– Data Architecture - this describes the structure of an organization's logical and physical data assets and data management resources
– Applications Architecture - this provides a blueprint for the individual application systems to be deployed, their interactions, and their relationships to the core business processes of the organization
– Technology Architecture - this describes the logical software and hardware capabilities that are required to support the deployment of business, data, and application services

What it is

(TOGAF)
• Generic
• Process Driven
• “One size fits all organizations”
• Flexible
• Set of Conceptual Tools
• Providing generic deliverables

(ADM)
• A step-by-step approach to developing an enterprise architecture
• Method - a way, technique, or process of or for doing something
• Process - a series of actions or operations towards an “end”

What it is Not

(TOGAF)
• Prescriptive and HOW to Customize the Framework
• Prescriptive and Artifact driven
• Specific to company size or to an industry
• Ontology Driven
• Tool
• Prescribing a specific set of deliverables
(ADM)

• The whole TOGAF
• Framework
• Chair in an ivory tower
• Quick & easy

TOGAF

Architecture Development Method

Enterprise Continuum
A virtual repository of all architecture assets
– Models, patterns, architecture descriptions
– Deliverables produced in this iteration of the ADM
– Deliverables produced in other iterations of the ADM
– Assets from the industry at large

• TOGAF provides two reference models for possible inclusion in an organization’s Enterprise Continuum
– The TOGAF Foundation Architecture
– The Integrated Information Infrastructure Reference Model

Resource Base

A set of resources, guidelines, templates, background information etc..
• For reference during application of the ADM
• Covers a broad range of topics used to develop an architectur

Enterprise Architecture Life Cycle (EALC)

The Strategic Alignment Model (Enterprise Value)

Preliminary Phase: Framework & Principles

Phase A: Architecture Vision

Phase B: Business Architecture

Phase C: Information Systems Architectures

Phase D: Technology Architecture

Phase E: Opportunities & Solutions

Phase F: Migration Planning

Phase G: Implementation Governance

Phase H: Architecture hange Management

Requirements Mnagement

Enterprise Application Integration with Internet Fax Service

What is an internet fax?
Internet Fax (also known as e fax, email fax, online fax, and digital fax) utilizes an internet fax service provider to convert a facsimile transmission into a digital file that can be received via email and vice versa. Internet fax services bridge the gap between the older fax technology, which is well established in today's business environment, and email transmission of documents. In the simplest terms, when you sign up with an internet fax service, you will be assigned a dedicated fax phone number that will convert incoming faxes to email attachments that are automatically sent to your email address. The majority of these services also allow you to send attachments (like Word documents, PDF's, or pictures) to physical fax numbers that are received just as if you had sent them using a standard fax machine. Most internet fax services will send you your documents in a number of different file formats, such as TIF or PDF files.

The Need
Enterprise Resource Planning System requires employees to fax in receipts of certain purchased items.
Internet Fax Service is considered because its:

• Lower Cost
• More efficient use of time
• More reliable
• Environmentally Responsible
• Security

Tested Internet Fax Service (MetroFax)
MetroFax lets you send and receive faxes via e-mail or by printing to fax from your Microsoft Windows applications. A monthly charge of $12.95 includes up to 1,000 pages of combined inbound or outbound faxes. Also supports Mac and PDAs. (3 cents per additional page.) An additional $2 per month per line gets you a toll-free inbound fax number. (There's also a $9.95 setup fee.) It's easy to add extra fax numbers (with discounts for six or more) allowing each employee to have their own fax number that delivers faxes directly to their e-mail account.

MetroFax Screen Shots

Dashboard provides accesses to frequently used functions


Select “SEND A FAX” to start the fax sending process
1. Add recipients
- Fill in the Fax Number (e.g. 1-866-248-8308)
- Fill in the Name (e.g. ERMS)
- Fill in the Company (e.g. General Motor Corp.)
2. Attach documents
- Click “Browse…” button
- Browse to the file that needs to be faxed over
- Select the file (Note: The first page of the file mast be transmittal page. All receipts can be part of the file, or receipts can have their own files)



3. Cover page options
- Make sure “None” is selected
4. Delivery options
- Click “Send Now” button to deliver the fax

Email Notification
An Email will be sent after the fax is sent successfully.Check sent faxes status:All sent faxes are displayed in list format. Sent pages (page text in PDF format) can be viewed by click (+) Icon.


Cost comparison between different Internet Fax Services:
1. MetroFax.com: $12.95/Month up to 1000 outgoing fax pages

2. GoFaxer.com $24.95/Month up to 1200 fax pages
3. RingCentral.com $24.99/Month up to 1000 outgoing fax pages
4. MaxEmail.com: $7.00/Month up to 250 outgoing fax pages
5. RapidFax.com: $9.95/Month up to 300 outgoing fax pages
6. FaxAge.com: $7.95/Month up to 150 outgoing fax pages
7. MyFax.com: $10/Month up to 100 outgoing fax pages
8. eFax.com: $16.95/Month up to 15 outgoing fax pages

Nextance Contracts Insight (Enterprise Software)

Nextance Contract Insight
consolidates all these dispersed documents into a single centralized repository, putting you on the path to visibility into and control over your contracts within 30 to 45 days—compared to months, if not a year or more, with other implementations typical to the industry.
But more than merely a database, Nextance Contract Insight’s searching and reporting capabilities are first class, so you’re able to quickly pull up the business intelligence you need, and answer those key questions that can determine your company’s present and future success.
Nextance Contract Insight lets you quickly locate terms, obligations, and high-risk language, and to save time, you can save searches you do regularly. For further analysis and manipulation, you can also easily export the results of your searches to a spreadsheet or PDF. Additionally, the
Nextance Contract Insight solution is able to automatically set rules and notifications based on expiration dates, milestones, amendments, terminations, renewals, or other terms—allowing you to proactively make sure the right people know when an important contract event is soon to
occur.
With such deep data at your fingertips, Nextance Contract Insight enables you to proactively manage both supplier performance and your performance to your customers, which impacts the bottom line. You’re able to measure and benchmark performance directly against the
actual contracts, rather than relying on information fed to you that may be incomplete or already outdated. And, critical for auditing and financial reporting, you’re able to monitor whether all parties are in compliance with contract terms as well as with applicable legal regulations, all throughout the entire life of the contract.

XML for Contracts Management
•Variable Data Model
•Extensible Business Application

XML As Data Model For Contracts
•Both structured and unstructured data are inherent in contracts. Searching can span both structured data and language
•The structure of the data can vary greatly from one contract type to another. Reporting can become very complex if not modeled in a consistent manner.
•Nextance XML Architecture enables Customers to manage both structured and unstructured data in the same infrastructure
-Ability to tag the unstructured data
-Ability to model the varied structured data for any type of contract
-Perform integrated search and reporting
-Enforce a common security model
-Flexibility to manage any kind of contract

Searching Structured and Unstructured Data
•Basic Searches
-Search the most common data fields
•Advanced Searches
-Search across all data fields
•Agreement / Document Searches
-Search across all data fields and document text
•Query Builder
-Build and save your own queries
•Repository Search
-Full text search on all attachments

Reporting
•Dashboard
•Export to Excel



Kiosk / Portal


Clause / Template Library


Intelligent Document Assembly


Contract Accountability
•Audit Trails - Workflow
•Audit Trails - Agreement


Contract Compliance
•Commitment Management
•Payments Forecast



Contract Visibility
•Executive Summary

SOA Governance - HP Systinet 3.0

SOA Risks
Business disruption: Lack of control, lack of visibility, no-reuse

Systinet 3.0 - HP Business Technology Optimization for SOA
•SOA Governance
•SOA Quality
•SOA Management

HP SOA Service Offerings
•SOA Envisioning
•SOA Assessment
•SOA Governance and Architecture
•SOA Enablement
•SOA Service Development
•SOA Software Development
•SOA Management

Critical SOA Strategies
•Engage the Organization
•Automate Best Practices
•Support the “Extended Enterprise”

Stake Holders
•SOA CoE: center of excellence: Use Cases - analyze service usage & trends; Create & manage conformance policies
•Providers
•Consumers

•Complete SOA governance software which includes a registry and repository foundation as the “system of record” for enterprise SOA
•Visibility Edition and Standard Edition

•Center of Excellence (enterprise architects):
-Maintain control of SOA environment
-Measure progress and benefits of SOA

•SOA repository
•Registry
•Policy management
•Contract management
•Governance Interoperability Framework (GIF)

Generic Use Case

1. Submit - Business Expert / Architect: submit new service, describe / classify, request approval
2. Promote
3. Consume: search, register, contract
4. Manage
   

•Repository (based on SDM: SOA Definition Model)
•SDM: define data schema, modifiable using Systinet workbench
•SDM Elements: Artifacts (entity, has type); Properties (attributes): primitive, Taxonomy-based, relationship-based: logical / physical dependencies between artifacts; Property Groups, Taxonomies: set of fixed values for classification

Install Systinet

•Run cmd (oracle is running on port 7070, JDK 1.5)
•C:\>Java –jar hp-soa-systinet-3.00.jar
•Installer launched
•[Next]->accept license->default directory->JBoss 4.2.2->Default->Enable password encryption->license details->[Next]->[Next]->Oracle 10g->Create schema->Oracle DB Info->ojdbc14_g.jar->Initial Import->Endpoint no change (oracle on 7070)->no ldap->admin email[Next]->JBoss Folder->SMTP no change->[Next]->[Next]->[Finish]
•Start server: installed dir\3.00\bin:\>server start
•Launch: http://localhost:8080/soa (admin/changeit)

Full Text serching & logging level change

•C:\>sqlplus
•Create a index
•In Systinet web interface: Tool tab->Administration (Configuration)->check “Full Text Search”

Installing a Standalone Registry

•C:\>Java –jar hp-soa-registry-foundation-6.61.jar
•Installer launched
•[Next]->[agree license]->Standalone registry->no folder change[Next]->[Next]->[Next]->Create database->Preconfigured HSQL->Database->No deployment->Change port to 28080, 28082, 28443->[Next]->[Next]->[Next]->[Finish]
•Run: installed folder\bin\Server start
•Verify: http://localhost:28080/uddi/web
•admin / changeit

Installing HP SOA Policy Enforcer

•Run HPSOAPolicyEnforcerInstaller3.00.exe
•[Next]->[agree to license]->[Next]->[Next]->[Next]->Default policies->[Next]->[Install]->[Next]->[Done]
•Cmd
•C:\Install folder\bin\win32\broker
•C:\Install folder\bin\win32\networkservices
•Launch web interface: http://localhost:5002/bse
•admin / password

User Perspectives

•Administrator
•Service Publisher
•General
•You Can ADD NEW User Perspectives using Systinet Workbench

Add portlet

•Tools tab->Implementations->Views->Rss View->user/pass->copy url
•Navigation “add” group->Content->past URL and give a title->save

Add a content report

Navigation “Add” group->Content Report->Service Lifecycle Graph->Save->Refresh the browser window

Bulk operations

•Tools tab->Implementations->check boxes->Select Action: Edit Access Rights

Governance Processes

•Process Definition
•Governing Artifacts: primary (steer the process) and secondary artifacts
•Artifact Stage Details (UI)

Create a Governance Process

•Login as admin
•Service tab->Nav:Lifecycle:Governance Processes->check “Default Lifecycle”->clone->edit->change the name->Save (as a draft lifecycle)
•Stage definition: Expand “Business Services”->Design->Edit->Add Groups->select one existing group (Architects)->Approval vote:1->Tasks: Tracked: yes->Add task to track also->Policies: Add->select and add
•Clone: copy / paste stage definition to different stage (for example development). All approvers, Tasks and Policies are added on the top of existing groups.

Managing business services

•Business Service: High-level abstraction in business rather than technical terms of an application implemented as services in SOA
•Examples:
•Obtain customer list from legacy CRM System
•Validate credit balance

•Business Service (container) with Sub-artifacts
•Example Business Service Workflow:
1. Business Expert propose new service
2. Architect: Design Service
3. Developer: Implement Service
4. Tester: Test Service
5. Architect: Prepare Service for Consumption

Create a Business Service
•Dashboard tab->New: Service->give a Name etc->Save
•Governance dropdown->Start Governance->OK
•The Business Service is in candidate stage

Add a documentation
•Service page->Documents group->Add Document->From local file->Browse to the file->Location (Documents: hierarchy in Systinet)->Type of document (detail design)->give document a name->short description->Save
•Document taxonomy can be customized

Add SOAP service implementation
•Implementation group->Add SOAP Services->Browse to file->select file->Location:WSDL->Save->Finish->OK

Promote a Business Service
•Stage Detail Page->Start Promotion->Advance Stage on Promotions (check the box)->OK

Change Architect group access right to write
•Stage Detail Page->View dropdown->Access Right->Edit button->Architect: Add->Write check box->Save

Change Ownership of an Artifact to Architect group
•Stage Page->Tools dropdown->Change Owner->Select documents->Next->search Architect group->select->Next->Finish

Promote Artifact manually
•Stage Detail page->Governance dropdown->View Stage Details->Administration dropdown->manage governance->select “production”->Approved->OK

Managing Policies

•Design-time policies define constraints on an artifact
•Ex: All Business Services must contain a description
•Ex: A WSDL document must be valid according to the WS-I Basic Profile specification

Run-time policies

•Specify capabilities, configurations, or constraints
•Ex: Finance service must respond in less than 3 ms
•Ex: Movie Times service must have fewer than 4 SOAP faults/hr
•Ex: Credit Check service requires a valid x.509 certificate

Policy Hierarchy

•Assertions: individual requirement of an artifact
•Technical Policy: one or more assertions to define a set of governance requirements
•Business Policy: set of artifacts for which a set of tech policies are to be applied
•Compliance Report is generated

Out-of-the-Box Policies

•Assertions: Click Assertions under View group
•Technical Policies:
•Business Policies: for both Testing and Production Lifecycle Stages

Business PolicyExamples

•Association Rules - Artifact Type, In Categories
•Technical Policies -> Assertions
•Click “Validate Compliance” button to run report

Creating a Business Policy

•Step 1: Rev iew available out-of-the-box Assertions (If necessary, use Systinet Workbench to create new Assertions)
•Step 2: Create Technical Policy (Name, Description, Select Assertions)
•Step 3: Create Business Policy (Define Association Rules – Artifact Type, Categories, define exclusion; Select desired Technical Policies)

Compliance Validation

•Validate Compliance
•Status (Recent validation)
•Effective Policies (Applied policies)
•Reset Validation

Manual Compliance Checks

•Manual Compliance Checks :Criteria cannot be checked automatically
•Trend Report
•Areas of Interest (Aoi) – Specific areas related to the particular user
•Best Practices

Managing Policies:Best Practices

•Familiarize Out-of-the-Box assertions to promote reuse
•Familiarize with existing technical policies
•Understand any existing manual policies in a customer environment
•Look for opportunities to automate
•Consider using stage-bound policies, defined in a governance process, to automate compliance

Managing Contracts

•Provider Artifacts (application, Business Service, SOAP service, XML service, Web application, Endpoint, Operation)
•Consumer Artifacts (Application, Business service, SOAP service, XML service, Web application, User profile, Organizational unit)

Contract Use Case

•Change management – Tracking
•Consumption access control
•Consumption monitoring and auditing

Service Level Objective (SLO)

•Describe the levels of performance the artifact expects to meet

Steps for Creating a Contract

1. Business Expert, Test Engineer, or Architect creates a Service Level Objective for an artifact
2. Business Service Owner enab les an arthfact for consumption
3. Developer requests permission to consume an artifact which should comply with the specified SLO
4. Business Service Owner accepts or rejects request.
5. Once approved, HP SOA Systinet logs the aqgreement as a contract.

•Creating a SLO (SLOs can be created within the Tools tab, or directly within a specific artifact0
•Enableing a Service for Consumption (Artifacts are marked as Consumable within the artifact’s details page)
•Service Consumption Request
•Consumption Approval
•If accepted, it becomes a contract

Explore the repository

•Browse the Artifact Catalog: Tools tab->Catalog Browser
•Full Text Search: Support (AND, OR, NOT, %, *)
•Advanced Search: Top of every page (query can be saved)
•Search by Taxonomy: Dashboard->Categories

Reporting

•Dashboard Reports: on Dashboard tab
•Policy Compliance Reports: by validation( Policies tab->View->Compliance Reports)
•Tools Reports: as a result of a Task. (Task is executed by out-of-the-box or custom Tools, and resulting in Tools Reports.)

Integrating HP SOA Registry

•Terminology
•HP SOA Systinet (Organization Unit, Business Service, Implementation, Endpoint, Custom (WS-Policy))
•Registry Entity (Business Entity, tModel, Business Service, Binding Template, tModel)

Define a Registry Artifact

•Tools Tab->”Catalog Browser”->UDDI Registries
•“New…”
•Enter information->”Next”->”Save”
•(Import cert) cmd->keytool –import –alias registry –file -keystore
•Exit (cmd)
•(Export) Tools->”Export Taxonomies”->Next->Finish (always export taxonomy first, before other artifacts)

Integrating with HP SOA Policy Enforcer

•Access Repository:
•Directly: REST interface;
•Indirectly:1. Export repository artifact references to UDDI; 2. Access UDDI information using standard UDDI APIs

REST Operations

•Create
•Updte
•Delete
•Undelete
•Purge
•Get
•Exist

Governance Interoperability Framework

•User Interface Integration (common view of service characteristics and metrics)
•Control Integration (alerting and notification, launching events and actions, business service and lifecycle)
•Data Integration (Registry as primary service, interface, policy catalog)

Governance Interoperability Framework

•Allows SOA components to share information using a UDDI registry
•Builds on UDDI by “normalizing” UDDI data and provides a common information exchange model
•Specifies the “what” (metadata published about each artiface) and the “how” (uses UDDI tModels to represent service information)

HP SOA Policy Enforcer integration

•Point Policy Enforcer to HP SOA Systinet (Enforcer)
•Define a Policy Enforcer Artifact (Systinet)
•Adding Run-time Policies (Systinet)
•Export to Registry (Systinet)
•Add Policy Enforcement Group (Enforcer)
•Automatic Service Discovery (Enforcer)
•View Health and Performance (Systinet)

•(Defined policies) Tools Tab->Catalog Browser->Policy->Policy Documents (click)
•Systinet, Registry, Two Enforcer servers (networkservice, broke) running
•(Enforcer) Action->Change Settings->Systinet Settings->Registry Settings (make changes)->Save
•(Restart) cmd->Ctrl-C to stop->networkservices
•(Systinet) Tools tab->System->SOA Policy Enforcer Server->New-> (add info)->Save
•(Enforcer)->Navigation->Add Policy Enforcer Intermediary Group->(Add Info)->Save
•(Enforcer)->Add (Add Policy Enforcement instance)->(Add Info)->Add->Add
•(Systinet)->Existing SOAP service->”Runtime Policiess” group->Add “from catalog”->Add->”Registry Group” Export->Logon->Next->Select a “Business Entity”->Next->Finish->Refresh until it is completed
•(Enforcer) Life Cycle Status to refresh->Go->Next->Next->Next->select point, Add->Next->Next->Next->(Change access point) Finish->OK
•(Systinet) Performance and Availability group->Can view Policy Enforcer details

Installing Systinet Workbench

•Used to customize the HP SOA Systinet Definition Model (SDM) to fit any customer environment
•Built on top of the Eclipse
•Provides access to: Taxonomy Editor, Customization Editor, Report Editor, Assertion Editor
•Unzip hp-aoa-systinetworkbench-3.00-win32.zip to C:
•Start.exe

Changing the SOA Definition Model

•Flow Process (Keep it simple. JSP Page<-Add Artifact<-Add Property<-Add Category<-Best Practice Naming Convention – checked by automatic policies) 1. Gather SDM/GUI Change Requirements form client 2. Modify and/or Create new Taxonimies 3. Upload Taxonomies to Server 4. Create new Artifacts, if required 5. Create new Properties (primitive, relationship or taxonomy based) 6. Add properties to new or existing Arthfacts 7. Modify Service Catalog UI and/or Tools UI 8. Build the extension jar file 9. Deploy and apply the extension to the server 10. Test the customizatiopn

Change the SOA Definition Model

•Requested Customizations
•New property added to Business Service artifact type – requires change to SDM
•New Documentation types – requires change to existing taxonomy
•New Lifecycle stages – requires change to existing taxonomy

Change the SOA Definition Model

•Add a new property named “Project”
•(Workbench Welcome)->Create Taxonomy project->give name->server info / user / pss->next->click “show system taxonomy”,”lifecycle stage”->finish
•Expand “document type” taxonomy->Add->Name/value->Ctrl-S (save)
•Right click “Document Type”->HP SOA Systinet->Publish Taxonomy
•Create New Taxonomy
•Right click on created project, (give “Project” as taxonomy name)->New Taxonomy->Categories->Add->Name / Value->Save->Publish
•(Add Property)->perspective (Extension)->File->New->Extesion Project->next->next->create from scratch->Name etc.->Next->Next->Finish
•Extension Explorer->Expand SDM Details->Property Descriptors->Taxonomy Property Descriptors->Right click “New”->Taxonomy Property->Enter Info->Import->Finish
•(Add property to artifact) Business Service Artifact->Properties Tab->Add->find “Project” (check optional)->OK
•(Build Extension)->Right click on the project->Build Extension->Save
•(Deploy Extension)cmd->shutdown server (Ctrl-C)->setup (open a wizard)->Next->”Apply Extensions”->Next->Next->Finish
•Cmd->restart the server

Creating Assertions

•Assertions: Rules or Atomic requirements
•“Every Business Service must has a description”
•(Welcome screen)->Create Assertion->give name->next->next->Select “Is described by keyword”->Close
•Open->Check XQuery
•New->Assertion->give a name->Finish
•Implementation group->new->Business Service Artifact->XQuery->OK->Copy from the “Key” XQuery->Change condition statement and error description->Ctrl-s
•Click “Test Assertion” (local file can be used)
•(Publish)->Assertion Name->Right Click->Publish Assertion

Creating Custom Reports

•Create a Report project in the Systinet Workbench
•Add a Report definition to the project
•Identify the data source for the report
•Create the query
•Design the report layout
•Publish the report to HP SOA Systinet

Enterprise Master Data Management (MDM)

Introduction
•Goal: Single place where all common master data in an organization is stored and managed. The data would be accurate, consistent, and maintained in a coherent and secure manner.
•Provides a consistent understanding and trust of master data entities
•Provides mechanisms for consistent use of master data across the organization
•Is designed to accommodate and manage change

Why MDM
•Cross-LOB Perspective (Investments, Loans, Deposits; sees data as critical to operations, not see value in sharing)
•Cross-Channel Perspective (dist. Channel- Partner, Internet, Branch; different solutions->account-centric->customer centric))
•Cross-Business Subdomain Perspective (Case history, Contact preference, Party; different scope)
•Cross-Application/Technology Perspective (packaged apps; variance in technoical platform
•Mergers and Acquisitions

MDM System
•Master Data Domains – Recognition of CDI and PIM. Three primary domains: party, product and account
•Methods of Use – Collaborative Authoring (users & systems to reach agreement), Operational (providing stateless services), Analytical (trusted data source, key function or analytics)
•System of Record (read-only) vs. System of Reference
•Consistency of Data – Absolute Consistency (consistent all the time), Convergent Consistency
•Implementation Styles – Consolidation Implementation (gold source); Registry Implementation (for read-only); Coexistence Implementation (master in many locations); Transactional Hub Implementation.
•Categorizing Data – Metadata, Reference Data, Master Data, Transaction Data, Historical Data

Collaborative MDM (New Product Introduction example)
•1. Receive Notification of New Item
•2. Create Draft Item
•3. Classify Item and Assign SKU
•4. Define Item Properties
•5. Define Marketing Properties
•6. Assign Item to Locations
•7. Define Finance Properties
•8. Approve Product Definition

Operational MDM (OLTP)- New Account Opening
•1. RECORD Arrangement Request
•2. ANALYZE Customer RElationship
•3. ANALYZE Arrangement Request
- APPLY Product Policy
- APPLY Credit Rating Scale
- FORECAST Arrangement Risk
- OFFER Arrangement

Implementation Style
•Consolidation
•Registry
•Coexistence
•Transactional Hub

Data Category
•Metadata
•Reference data
•Master Data
•Transactional Data
•Historical Data

Business Benefits of MDM
•Consistent Understanding and Trust of Master Data Entities – Accuracy, Completeness, Consistency, Timeliness, Relevance, Trust
•Consistent Use of Master Data Across the Organization – Cost Savings and Efficiencies, Regulatory Compliance
•Accommodate and Manage Change – Reducing Time to Market, Revenue Enhancement and Other New Opportunities, Ability to Rapidly Innovate, Product or Service Innovation, Process Innovation, Market Innovation, Supply Chain Innovation, Accommodating Mergers and Acquisitions, Introduction of New Requirements

An SOA Enabler (SOA Architecture)
•Layer 1 – Consumers
•Layer 2 - Business Process (Composition, Choreography, Business State Machine, Orchestration)
•Layer 3 – Services (atomic and composite)
•Layer 4 – Service Components
•Layer 5 – Application Services
•Layer 6 – Data Repositories & Information Services
•Layer 7 – Integration (Enterprise Service Bus)
•Layer 8 – Quality of Service (Security, Management, Monitoring)
•Layer 9 - Governance

Characteristics of SOA services (also for MDM)
•Service reuse
•Service granularity
•Service modularity and loose coupling
•Service composability
•Service componentization and encapsulation
•Compliance with standards (both common and industry-specific)
•Services identification and categorization
•Provisioning and delivery
•Monitoring and tracking

Information as a Service: Characteristics
•Definition – The structure and the semantics of the information needs to be well defined and commonly available
•Quality – integrity of the data needs to be ensured for retrieval and update
•Governance – Changes to the service and the underlying information need to be governed in a uniform and consistent manner

MDM Reference Architecture
•Conceptual Level
•Logical Level
•Physical Level

Architecture Pattern
•Process-Focused Application Integration (integration of applications)
•Information-Focused Application Integration (synchronize master data among MDM hub and underlying legacy systems)
•MDM Hub Patterns (style of MDM deployment)

MDM Ref – Key Functional and Technical Capabilities
•Master Data Lifecycle Mgmt Capability – from created to no longer required; group and define hierarchies; flexible mapping; define master data hierarchies, relationships, groupings; versioning; model multiple taxonomies; authoring; security; audit;
•Data Quality Mgmt Capability – analysis & profiling; standardization, data validation, data cleansing logic; Data reconciliation; data governance; measure the staleness of data
•Master Data Harmonization Capabilities – Integration (messaging, service invocation, batch, ETL, FTP); error-handling; support high-volume transaction
•Analysis and Insight Capabilities – discover insightful relationships; improve business decision; access structured and unstructured information; manage the state of a process; configure event management services

Conceptual Architecture
•Framework to manage and maintain master data
•Scalable, highly available, adaptive architecture
•Coordinate, manage the lifecycle of master data across the enterprise
•Accurate critical business information available as a service
•Cleanse data, improve the quality and consistency of master data
•Make master data active by detecting events and generating operations to manage master data
•enable the ability to implement solutions

MDM Solution – Key architecture building blocks
•Third-Party Data Service Provider
•Process Manager to choreograph
•Connectivity and Interoperability Layer
•MDM Services and Master Data Repository
•Information Integration Services
•Identity Analytics

MDM Solution – Architecture Principles
•Provide ability to decouple information from app & process
•Available as a strategic asset for enterprise
•Authoritative source for master data (manage integrity, control distribution in a standardized way)
•On an architectural framework and reusable services
•Based on industry-accepted open computing standards
•Provide flexibility to accommodate changes
•Highest regard for preserving the ownership of data, integrity and security of data
•Ability to incrementally implement a MDM Solution

MDM – Logical Architecture Components
•Interface Services
•Lifecycle Management Services
•Hierarchy and Relationship Mgmt Services
•Master Data Mgmt Event Mgmt Services
•Authoring Services
•Data Quality Mgmt Services
•Base Services
•Master Data Repository

MDM – Information Risk Analysis
•Identifying the information assets
•Assigning value to each asset
•Identifying each asset’s vulnerabilities and associated threats
•Calculating the risk for the identified assets
•Evaluating different countermeasures in terms of costs and reduction of risk they provide
•Recommending the appropriate countermeasures

MDM – Security and Privacy: Types of IT Risks
•Operational risks – failures in business process; denial of service attack;
•Regulatory and Compliance risks – meet business processes; adequately protecting sensitive data
•Reputational Risks -

MDM – Information Risk Management
•Risk Analysis for MDM
•Security Control Selection and Implementation

MDM – Identifying MDM Assets
•Sources of master data
•Master data itself
•Consumers of master data
•Other related assets

MDM – Security Consideration
•Policy
•Confidentiality
•Integrity
•Identity
•Authentication
•Authorization
•Audit
•User Registry
•Identity provisioning
•Identity token
•Identity mapping
•Identity Propagation
•Reverse Proxy

MDM – Security Considerations
•Identity Propagation, Mapping & Provisioning – Business (Trust Mgmt, Identity and Access (Authorization) Mgmt); Technical (Identity & Authentication Service, Policy Mgmt)
•Authorization – Business (manage identities, roles and groups); Technical (standards-based to handle specifying, distributing & enforcing authorization policies.
•Audit – Business (comply with policies & reports illustrating how well relative to policies; Technical (audit events, real-time and post-processing events reporting
•Data Protection – Business (describe business object level how master data should be protected); Technical (encryption, SSL, WS-Security)

Logical SOA Security Architecture
•Business Security Services tier
•Security Policy Mgmt tier
•IT Security Service tier

Security Enablers
•Cryptography
•Key Management
•Hardware key Storage
•Cryptographic Hardware
•Malware Protection
•Isolation
•Firewalls
•Intrusion Detection
•Intrusion Prevention
•Time
•Security Event and Incident Mgmt (SEIM)

Policy Management
•Policy abstraction level
•Policy management lifecycle
•Policy Domains

Identity propagation
•Security Token Service (STS)
•SAML token for security token format

Authentication Services
•WS-Trust Security Token Service (STS)

Authorization Services
•Service Consumer
•MDM SOA Services Layer
•MDM Services Implementation
•Master Data Repositories

SOA for Business Developer

SOA for Business
•Open Standards
•Structure of a SOA Application – composed largely of services (Integration Services, Business Services, Data-Access Services)
•Web and Binary-Exchange Services – WSDL, SOAP, HTTP
•Presentation Services – Portlet, HTML,
•Runtime Products – security, service allocation, service composition, logging

•Loose Coupling
•Service Registry
•Service Level Agreements

Service Aspects
•Service Implementation - Logic
•Elementary access details – Location, binding, protocol, formatting
•Contract – interface and Quality of Service

Message Exchange Patterns
•One-way pattern – (fire-and-forget)
•Request-response pattern – (in-out)
•Notification pattern – (out-only)
•Solicit-response pattern – (out-in)
•Synchronous and Asynchronous Communication
•Callbacks – (Request and callback)

Quality of Service
•Reliability guarantees- availability, throughput, response time and probability, assured message
•Security mechanisms – Authentication, authorization, confidentiality, integrity, non-repudiation, attack protection
•Service coordination, including transaction control – Orchestration, Choreography
•Runtime update of address, binding, and message content – flow of traffic change, message reformat, send message to destination other than the requester

Process Steps
•Analyzing a Business Process
•Identifying Problems with current Process
•Communicating the Assumptions in Writing
•Isolating Services
•Creating the application

XML Schema
•Data Type – primitive, derived, simple, complex
•Purposes – data exchange, validation rules
•Groups, Sequencing,

SOA Standards
•WSDL
•SOAP
•UDDI










Introduction to BPEL
•BPEL process fulfills a workflow by accessing one service after another (partner service)
•BPEL activity is equivalent to a function call
•Running time can be far longer than other kinds of software
•Mechanisms for fault handling, compensation, correlation
•BPEL abstract process – subset of BPEL executable process (no implementation)

Additional language used by BPEL
•Query Language – XPath
•Expression language – XPath, Java
•doXslTransform
•Can use WSDL as source of data types
•PartnerLinkType (WSDL) – runtime conversation to partner service

BPEL Basics
•Activities– assign,compensate,compensateScope, empty, exit, extensionActivity, invoke, receive, reply, rethrow, throw, validate, wait
• An XML-base language for creating a process
•1. Accept a request for an insurance quote
•2. If the submitted details are appropriate, calculate the quote and include it in the response
•3. Otherwise, say “No” and include a justfication














BPEL - Partner Links
•Give details on the relationship between the BPEL process and each partner service
<partnerlinks>
<partnerlink name="ProcessQuote" partnerlinktype="ProcessQuotePLT" myrole="ProcessQuoteRole">
<partnerlink name="mainframeQuoteMgr" partnerrole="partnerRole" partnerlinktype="PartnerLinkPLT">
</partnerlinks>

BPEL - Variables
•assigns variables, which are memory areas that are each described by a Web Services Description Language (WSDL) message but could have been described by an XML Schema element or type

<variables>
<variable name="quoteRequest" messageType="placeQuoteRequestMsg" />
<variable name="highlightQuote" messageType="placeQuoteResponseMsg" />
<variable name="buildQuoteReq" messageType="buildQuoteRequestMsg" />
<variable name="newHighlightQuote" messageType="buildQuoteResponseMsg" />
</variables>

BPEL - Quote Request
receives a quote request
<receive name="processQuoteRequest" createInstance="yes" operation="placeQuote" partnerLink="ProcessQuote"
portType="ProcessQuote" variable="quoteRequest">
</receive>

BPEL - Copy Data
uses XPath syntax to copy data from the received message to a variable that is used for invoking another service
<assign name="AssignQuoteReq"> <copy>
<from variable="quoteRequest" part="placeQuoteParameters"> <query>/quoteInformation</query> </from>
<to variable="buildQuoteReq" part="buildQuoteParameters"> <query>/customerQuoteInfo</query></to>
</copy> </assign>

BPEL - Other Service
•invokes the other service, which calculates and returns a quote
<invoke name="CalculateQuote" inputVariable="buildQuoteReq" operation="buildQuote" outputVariable="newHighlightQuote" partnerLink="mainframeQuoteMgr" portType="QuoteManagement" />

BPEL - Copy to response
copies the quote details to another variable and in this way formats the response message
<assign name="AssignQuoteRes"> <copy>
<from variable="newHighlightQuote" part="buildQuoteResult"> <query>/quote</query> </from>
<to variable="highlightQuote" part="placeQuoteResult" > <query>/quote</query> </to>
</copy> </assign>



BPEL - Reply
•replies to the invoker, which may have been a Web application or a service

<reply name="processQuoteResponse" operation="placeQuote" partnerLink="ProcessQuote" portType="ProcessQuote" variable="highlightQuote" />

BPEL – General activities
•Run in a preset sequence
•Run in a loop
•Run on condition that a Boolean expression evaluates to true
•Run immediately or wait for some period of time, even years
•Run in response to an event that occurs after the process starts (specifically, in response to an inbound message, a calendar date and clock time, or the passing of time)
•Run in an order that differs for different instances of the same process



BPEL – Processes
•BPEL executable process – a Web service and acts as the hub in a service orchestration
•Software that runs an executable process is called a BPEL engine
•BPEL abstract process – similar to BPEL executable process but includes a subset of the information. It is a description of business logic, it omits implementation details in most cases

BPEL – WSDL
•PartnerLinkType – specifies the roles between the BPEL process and a partner service. (BPEL, WSDL)

•Port Type – WSDL
•Operations – WSDL
•Data types – XSD

BPEL – WSDL-based constructs
•Properties and property aliases benefits
•Use same name to access the same data in differently structured variables
•Name’s position change doesn’t necessarily change the logic in BPEL process
•BPEL correlation set (constants). Help direct an inbound message to the correct instance of BPEL process

BPEL – Process Elements
<process>
<import> </import>
<partnerLinks> </partnerLinks>
<messageExchanges> </messageExchanges>
<variables> </variables>
<correlationSets> </correlationSets>
<faultHandlers> </faultHandlers>
<eventHandlers> </eventHandlers>
<!— The previous two elements include activities, as does the subsequent content of the process element. Activities can be enclosed in scopes, as described later. —>
</process>

BPEL – File Structure
•Import - provides access to a WSDL definition or an XML Schema
•Partner link - is a kind of specialized variable that describes the relationship between the BPEL process and a partner service
•Message exchange - is an idnetifier that is used to avoid an ambiguous case in a complex usiness scenario – specifically, to pair a BPEL activity that receives a message with the activity that issues a reply
•Variable - contains business data (message, process logic)
•Correlation set – listing of properties used to correlate service instances
•Fault handler – a set of activities that run in response to a fault (failure in the process)
•Event handler – a set of activities that run concurrently with other activities, in response either to the passage of time or to receipt of a message

















BPEL – Partner Link
•myRole – enacted by the BPEL process
•Operations are described in port type that is related to the role.
•partnerRole – enacted by the partner service
•Multiple partner links can be based on the same partner link type.

BPEL – Correlation Sets
•Maintain data integrity
•A list of propertirs whose values are expected to remain constant throughout a process or throughout a specific scope
•Reference only in activities that receive or transmit data
•Inbound activity – BPEL engine to direct msg
•Outbound activity – verify property values
•Inboundor outbound – initiates the correlation set

BPEL – Fault Handling
•Purpose – minimize the effect of an error
•Composed of a catch or optional catchAll
•Each fault handler hasselection criteria, which include (optionally) the fault name and the type of data
•BPEL engine selects the fault handler whose selection criteria most closely mirror the fault
•If the fault has a name but no data, BPEL engine selects the fault handler whose selection criteria match exactly
•If no catchAll, BPEL provides default:
<catchAll>
<sequence>
<compensate/>
<rethrow/>
</sequence>
</catchAll>

BPEL – Compensation Handling
•Compensation for a successfully completed scope occurs under the guidance of a compensation handler
•Invocation always comes from a parent scope
•The compensateScope activity invodes the compensation handler of a specific nested scope
•A failure in scope A causes invocation of the compensation handler in scope B:
<scope name="A">
<compensationHandler>
<compensateScope target="B">
</compensationHandler>
<scope name="B">
<compensationHandler>
<!— a basic or structured activity is here —>
</compensationHandler>
</scope>
</scope>

BPEL – Termination Handling
•Set of activities that are issues when a running scope is being forced to terminate
•Default
<terminationHandler >
<compensate/>
</terminationHandler>

BPEL - Concurrency
Synchronized - Activities run concurrently and one activity is forced to wait for another

BPEL Activity – Start
•First activity (other than flow, scope or sequence)
•1. a receive activity
•2. a pick activity that contains only onMessage events

Oracle Application Server 10g Corporate Portal

Overview
•Browser-based environment for building, deploying, and maintaining enterprise portals
•Secure and manageable framework
•Organized and personalized views
•Self-service Web publishing
•Manageable deployment architecture

Oracle Application Server Components
•Oracle Internet Directory (OID)
•OracleAS Portal (OC4J)
•OracleAS Wireless
•OracleAS Web Cache
•OracleAS Personalization
•OracleAS Integration

Grid Computing

Architecture that pools large numbers of servers and storage into a less expensive, flexible, on-demand computing resource for all enterprise needs

- Standardize low cost components

- Consolidate shared resources

- Automate management operations

OracleAS 10g portal Solution
•Content management (Classify content, Navigate and access content; Route content for review and approval)
•Content display (Create, organize, and manage pages; Build and customize dynamic portlets
•Content integration (integrate applications and disparate data by using built-in functionality, including Web Clipplig, OmmiPortlet, and Portlet Builder

Major User Roles in OracleAS Portal

- Page designers

- Content contributors and content managers
- Portlet developers

- Portal administrator

Portal Page Modes

•Page group – Root page; Subpages
•View mode; Graphical mode; Layout mode; List mode

Adding Content to Portal
Item
•An item is a basic unit of content on a portal page.
•Two kinds –
•Content item type
•Navigation item type

Content item types
•File and Simple File
•Simple Image
•Image and Simple Image Map
•PL/SQL and Simple PL/SQL
•Prge Link and Simple Page Link
•Text and Simple Text
•URL and Simple URL
•Zip File

Item-Related Features
•Versioning
•Item-level security
•Document control
•Publishing dates
•Expiry dates
•Approvals

Adding Items

Accessing the Document Library by Using a WebDAV Client

With a WebDAV client, you can:

- Move content, files, and folders between your desktop and the document library

- Open, edit, and save file type items "in place" by using desktop application

Content Metadata
•Data about the content in the document library
•Set explicitly or implicitly
•Made up of three main components (Attributes; Categories; Perspectives)

Classifying Content in OracleAS Portal
•Category – A predefined attribute that is used to group or classify pages, items, and portlets

Creating Category

•Perspective – A cross-category grouping of items and pages (attributes)

- Further classify content across categories

- Enable users to view related content classified in different categories

Creating Perspectives

Implementing Custom Types

Custom Types
•Custom types are unique types you create to extende the standard type definitions provided by OracleAS Protal.
•Custom attributes – User-defined attributes based on predefined data types created to store additional info about an item. (used in definition of custom item types and page types)
•Custom item types
•Custom page types
•[Item Type]n-n[Attribute]n-n[page type]

Creating Custom Item Types

Approval Process

A Series of one or more approval routing steps

- Each step must have one or more approvers

- Routing to approvers can be in serial or in parallel

Portal Page

•OracleAS Protal object that contains portlets and items.
•A portal page is the face of the portal – that which the user interacts with to access informatipn and applications. The layout of a portal page is defined through regions
•A portal page combines the features of a directory folder and a browser page.Like a folder, a page can exist within a hierarchy of pages and can contain content.

Page Group

•A page group is a hierarchical collection of pages for which common attributes and mechanisms can be established to govern the behavior of the pages it contains.
•Consider – (Administering page groups; Managing content metadata; managing content presentation; Copying and moving content)
•Region – rectanglar area on a page used to define the page layout (Types: Item; Portlet; Sub-Page Links; Undefined)

Shared Objects

•Layout and appearance (Styles; Templates; Navigation pages)
•Content attribution (Custom page types; Custom item types; Custom attributes; Perspectives; Categories

Style

•Set of values and parameters that controls the colors and fonts that are used by pages and regions within a page

Page template
•An object that enforces an standard layout and appearance for multiple pages

Navigation Items

•Portal Smart Link

•Login/Logout Link

•Basic Search Box

•List of Objects

•Portal Smart Text

•Object Map Link

•Page Path

•Page Function

Page parameters

•Synchronize portlets residing on a page

•Enable the reuse of portlets on multiple pages with no additional coding

•Provide users the means to customize pages based on their input values

Portlet parameters

•Enable the portlet developer to declare a public data input interface for the page designer to use

•Give the page designer control over the input data to the portlet

Integrating Page and Portlet Parameters

Controlling Access to Page Groups

Controlling Access to Pages

Item-Level Privileges

•Manage

•Edit

•View

Accessing Portal Objects by Using Direct Access URLs

Web Clippling

A piece of existing Web content that can be repurposed in other Web pages, particularly portals.

OmniPortlet

A feature of Oracle AS Portal that enables you to quickly and easily publish data from various data sources and render the result in a variety of formats.

Supported data sources

•Spreadsheet

•SQL

•XML

•Web Service

•Web Page

Supported Data formates

•Tabular

•Chart

•News layout

•Bulleted list

•Form

Data-Driven Portlets (DB, SQL etc)

OracleAS Portal Forms

•Forms based on tables and views

•Master-detail forms based on two tables or views

•Forms based on stored procedures

OracleAS Poprtal Reports

Publishing Business Intelligence on a Portal Page

OrcleAS Discoverer provides two types of portlets

•List of Database Workbooks portlet: Contains the names and links to Discoverer workbooks

•Worksheets portlet: Enables you to place actual worksheetcontent on the portal page

Privileges

- Global privileges

- Objectr-level Privileges

- The corresponding global privilege overrides an object-level privilege