YOUR FEEDBACK
erdem wrote: Sohbet ...
Dec. 5, 2008 09:14 AM
Cloud Computing Conference
March 30 - April 1, New York
Register Today and SAVE !..
Did you read today's front page stories & breaking news?
SYS-CON.TV: RIA Shoot-Out! AJAX, Flex, Silverlight, and JavaFX


2008 East
DIAMOND SPONSOR:
Data Direct
Frontiers in Data Access: The Coming Wave in Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
Intel
Virtualization – Path to Predictive Enterprise
Green Hills
IT Security in a Hostile World
JBoss / freedom oss
Practical SOA Approach
GOLD SPONSORS:
Software AG
The Art & Science of SOA: How Governance Enables Adoption
PlateSpin
Effective Planning for Virtual Infrastructure Growth
Fujitsu
Automated Business Process Discovery & Virtualization Service
Ceedo
Workspace Virtualization
Click For 2007 West
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
SYS-CON.TV
SYS-CON.TV WEBCASTS
JACKBE The Big A(architecture in AJAX)
INSTANTIATIONS Eclipse Rich Internet Platform with Taylor and Milinkovich
YAHOO! Applying AJAX to Speed User's Journey
ENERJY WEBCAST Java Code Quality Management
APP SERVER SHOOT-OUT with Microsoft, IBM, JBoss, Sun, BEA, and Oracle
TODAY'S TOP SOA & WEBSERVICES LINKS


Feature
What Lies Beneath
Data(base) considerations for service-oriented architectures

By: Rajan Chandras
Apr. 26, 2005 11:00 AM

  • Extreme data integration scalability. In Web services more than anywhere else, data volumes are a threat to data integration. As data volumes grow, data integration for Web services is exposed to performance and scalability challenges that can derail the best architected SOA. As the number of "moving parts" increases (both in terms of number of components and the amount of data brought in and exchanged by the components), the architecture may begin to exhibit signs of stress that were previously undetected. This is the second-greatest challenge to SOA from a data management perspective.

  • Evolving economics of data integration. Data integration can be an expensive proposition in itself. Mr. Russom notes that one of the curious epiphanies striking users as they study the economics of data integration is that the cost of hand-coding is misleadingly low in the first phase of a project, but goes through the roof in maintenance phases, and this realization has accelerated the trend away from hand-coding and toward solutions developed atop a vendor's platform. This is true enough, yet, on the other hand, vendor-provided ETL tools and EII and Data Quality solutions don't come cheap either - nor do consulting services to deploy these in the enterprise and leverage them in order to gain a meaningful return on investment (ROI). In the context of Web services, architects must pay careful attention to their data integration needs, and select only those tools and technologies that deliver the need - which, in turn, implies that the need for data integration must be assessed first, followed by careful planning and design.

    Data Quality
    Next in importance to data integration (or perhaps more important than it) is the need for data quality. Quite simply, data quality will make or break the service-oriented architecture. Data quality is a fairly wide discipline, but there are two aspects to data quality that are most pertinent to SOA: structural data integrity and data consistency. Structural data integrity comes into force at the data modeling level, and ensures that all database objects and components are structurally sound; data consistency comes into play when the transactions get going. Examples of structural data integrity and data consistency are:

    • Do all tables have primary keys? (I have seen this one violated more often than you might imagine.)
    • Do common attributes share a common definition? (E.g., is the Customer ID defined identically in various places?)
    • How will referential integrity be maintained across component databases?
    • How is reference (or lookup) data managed across databases?
    • Is there a consistent approach to maintaining historical data?
    As you might imagine, unresolved issues of these kinds can throw a sizable spanner in the SOA machinery.

    Data Security
    Any discussion on data today would be incomplete without examining the security aspect of information. It would be imprudent to assume that the authentication and authorization mechanisms in the SOA are fully sufficient to ensure data security, although they are clearly an important component of data security. In another insightful paper from Giga Research, Noel Yuhanna recommends a comprehensive DBMS (database management system) security architecture, comprising the following items. Once again, I have rearranged the order for the present purpose, although this time the original descriptions are retained.

  • Application-level security. When application or Web servers are deployed, end users should not have direct access to the DBMS but only through the applications. Remember to apply standard practices, such as (1) allowing users one login to an application, (2) discouraging shared logins, (3) performing regular audit checks to track suspicious activities, and (4) creating a password aging policy.

  • Data protection. Enterprises that store sensitive data including credit card information, social security number, and other personnel-related information should encrypt the underlying data to enable an additional security layer. However, only encrypt a few columns to minimize system overhead and performance implications.

  • DBMS hardening. Most enterprises typically use the default database network port address on their database server, which often leaves the database vulnerable. Avoid using such default port numbers by assigning a unique network port address for each database application. When applicable, apply DBMS and server-level security patches to minimize known vulnerabilities; however, always perform end-to-end testing and integrated testing of the application to ensure that the security patches do not impact any application's functionality.

  • Secure administration. Protect backup tapes and ensure that unauthorized personnel do not have access. Restrict physical access to the database server at all times. For test databases, use old archived data or test data instead of production data to minimize developers' and testers' unprivileged data access.
    • Published Apr. 26, 2005— Reads 9,853
    Copyright © 2008 SYS-CON Media. All Rights Reserved.
    About Rajan Chandras
    Rajan Chandras is a principal consultant with the New York offices of CSC Consulting (www.csc.com),. The article is written in his personal capacity and not on behalf of or representing CSC.

    XML JOURNAL LATEST STORIES . . .
    By Jeremy Geelan
    A few years ago, a British newspaper speculated on what might be the Web equivalent of the Seven Wonders of the World, and received suggestions that were hardly surprising: Google search, the Amazon.com e-tail portal, the eBay auction mechanism, etc. But that was back in 1991, before F...
    By Cloud Computing News Desk
    A round-up of the many themes and topics of interest to infrastructure architects, developers and IT managers featuring at SYS-CON's Cloud Computing Expo being held November 19-21, 2008 at The Fairmont Hotel in San Jose, California. The conference is expecting a record turnout of senio...
    SYS-CON Events announced today that the leading global SOA, Virtualization, Cloud Computing and Open Source technology provider FreedomOSS named "Gold Sponsor" of SYS-CON's SOA World Conference & Expo which will take place November 19-21, 2008, at the Fairmont Hotel in the heart of Sil...
    By Cloud Computing News Desk
    Cloud Computing offers significant benefits over traditional solutions for deploying production systems as well as for conducting development and testing activities. This session will distill the unique characteristics of clouds and describe how to best think about deployments in the c...
    By XML News Desk
    Intel has just released Intel XML Software Suite 1.2. This latest release helps maximize XML performance, while minimizing the effort for any Enterprise, SOA, SaaS, and Web 2.0 based applications. Intel XML Software Suite 1.2 optimizes XML application performance, takes full advantage ...
    SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
    SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
    Click to Add our RSS Feeds to the Service of Your Choice:
    Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
    myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
    Publish Your Article! Please send it to editorial(at)sys-con.com!

    Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

    SYS-CON FEATURED WHITEPAPERS


    ADS BY GOOGLE
    MOST READ THIS WEEK
    By Duncan Mills
    By Maureen O'Gara
    By Cloud Computing News Desk
    By XML News Desk
    By SOA World Magazine News Desk
    By Maureen O'Gara
    By Maureen O'Gara
    By Michael Sheehan
    By Stuart Charlton
    BREAKING XML NEWS

    Research and Markets (Dec. 1, 2008 09:42 AM