Download the Management Domain Document doc format of Final ETRM 5.1 Management Domain

Enterprise Technical Reference Model - Version 5.1

Effective Date: November 18, 2011

Management Domain Table of Contents



6. Domain: Management

6.1 Discipline: Web Service Management

6.1.1 Technology Area: Enterprise Service Management

6.2 Discipline: Systems Management





ETRM Document Organization

The ETRM specifies standards, specifications and technologies for each layer or area of the Service Oriented Architecture. For ease of reference, each area and its various components are organized into the following building blocks:

  • Domains: Logical groupings of Disciplines that form the main building blocks within the technical architecture.
  • Disciplines: Logical functional areas addressed within each domain as part of the architecture documentation.
  • Technology Areas: Technical topics that are relevant to each Discipline
  • Technology Specifications: Sets of product standards, protocols, specifications or configurations associated with each Technology Area.

 


6. Domain: Management

Description

The Management Domain focuses on the administration and management of Commonwealth Services, by configuring, tracking, reporting and analyzing actual service deployment and performance to established expectations.

Commonwealth Services encompass different types, including:

  • Shared services which include traditional IT services such as shared email and print services, as well as SOA infrastructure services such as XML Gateway and Enterprise Service Bus;
  • Business services that provide department and agency business tools such as HR/CMS; and
  • Loosely-coupled services such as web services, which provide access to granular software components, such as credit card authorization services.

The Management Domain identifies standards and technologies to enable the bringing together of different service management concepts using SOA, from the management of traditional IT infrastructures to the management of SOA services.

Whenever a service is created, a relationship is built between service consumers and providers. Expectations of quality of service (QoS) delivery are formalized in Service Level Agreements (SLAs) and Service Level Objectives (SLOs). These SLAs/SLOs establish the acceptable performance criteria for service providers, as well as expectations of use by the service consumers, such as security constraints.

The Commonwealth has and will continue to specify Governance Policies that establish acceptable service deployment criteria, including but not limited to Governance Policies for security, accessibility, and interoperability. Adherence to Commonwealth Governance Policies constitutes a key Service Level Objective and should be of great concern for any service level management implementation.

Two separate and overlapping management standards have emerged from both the Organization for the Advancement of Structured Information Standards (OASIS) and the Distributed Management Task Force (DMTF): Web Services Distributed Management (WSDM) and WS-Management, respectively. There are industry efforts underway to harmonize the two standards and even possibly collaborate towards the development of a single one. The current version of the ETRM includes specifications for run-time governance enforcement, with a particular focus on security policy enforcement. This version of the ETRM does not identify specific system management standards at this time.

Future updates to the Management Domain will identify standards and technologies that not only enable the required sets of controls and visibility, such as the use of executive dashboards, to manage web services but also to use SOA in a broader, holistic context that bridges traditional IT systems management and business processes.

Strategic Importance

Management Standards provide the opportunity for the Commonwealth to deploy consistent management policies and processes across distributed and heterogeneous IT environments. By streamlining and consolidating management of both traditional IT services and SOA services the Commonwealth agencies will gain increased visibility and control over all types of Commonwealth Services, monitoring and improving business performance.

Related Trends

  • SOA-enabled Management is being used to better align infrastructure administration with business objectives, providing agency CIOs with business-level dashboarding capabilities and increasing the visibility of key performance indicators.
  • Business Service Management and SOA-enabled Management are converging in their ability to track and report on business services.
  • Agile environments periodically change physical implementation components such as servers, load-balancing and "right-sizing", adding or consolidating components to fit business needs. This requirement for agility in the physical implementation has lead to increased virtualization of resources. Grid Computing and SOA Management technologies have been increasingly converging in their approach to resource virtualization.
  • The recent IT trend towards distributed online transactions including multiple Government agencies and business partners has lead towards Federated Management and Security models. Early adopters who have already deployed SOA Web Service Management are seeing a trend towards more integration with SOA Security.

Vision

The enterprise vision of a well managed SOA and traditional infrastructure management using SOA principles includes:

  • Dashboard-controlled representations of the dependencies between business processes, business applications and the IT infrastructure including servers, storage, networks, middleware and databases, to provide a consolidated view of business process execution as a whole.
  • Focused troubleshooting capabilities that reduce downtime and shorten problem resolution timeframes.
  • Customized real-time business service views enabling business users to monitor and evaluate the effectiveness and efficiency of business services.
  • The use of SOA principles fostering increased scalability, configurability, and security of traditional IT systems management tools.
  • Higher transparency of dependencies between technical and business components that provides IT operations with a greater understanding of how systems impact the performance of business services.

Roadmap

Current State

  • Non-interoperable systems cause data centers to struggle to manage applications from different vendors running on different platforms
  • Limited visibility into the performance of IT deployed services and how that impacts agencies' business
  • Minimal support for the management of web services and their service level agreements and policies

Target State

  • Data centers use standards-based, interoperable management solutions that support management tasks such as configuring and controlling complex software applications
  • Consolidated views into distributed components provide end to end visibility for business process execution
  • Business users have access to executive-level dashboards that provide real-time visibility into the performance of business services

Boundary

The ETRM Management Domain addresses SOA Management standards and guidelines, with a focus on Web Service Management and Systems Management, as facilitated by SOA technologies and solutions. Federated Identity Management, a pre-requisite of Web Service Management, is addressed in the ETRM Security Domain. In addition, certain aspects of Data Management are addressed in the ETRM Information Domain. See ETRM Application Domain for additional Service Oriented Development of Applications (SODA) standards and guidelines. Discovery of services and their interdependencies can be facilitated by the use of the Enterprise Web Service Registry documented in the ETRM Integration Domain.

Related Policies

  • SOA Governance (TBD)

Associated Disciplines

  • Web Service Management
  • Systems Management

 

diagnostic representation of decision tree

Management >

6.1 Discipline: Web Service Management

Description

Web Services are more complex to deploy than web sites or legacy applications. They are based on highly distributed platforms and reusable software components that can have their own runtime errors. We cannot assume that a debugged Web Service will remain running properly without mechanisms to monitor its health.

Web Services can have a much larger community of users than legacy online applications. In that sense, a Web Service is more like a web site than a traditional application, and must scale accordingly. These factors combine to suggest that comprehensive Web Service Management is needed to ensure quality of service.

Management of Web Services needs to address the very distributed, asynchronous, and heterogeneous nature of the deployment environment, as well as support agility of deployment as services are added or reconfigured to meet business utilization needs. Developers should consider the management of their Web Services while designing the Web Service, not after the development is done. For example:

  • Adopt SOAP message standards for management
  • Enable a central view of operations and performance
  • Distinguish platform management issues from Web Service Management issues
  • Give priority attention to management messages
  • Determine which properties of the service should be exposed for management purposes
  • Developers and business owners must collaborate to identify and then configure the capture of key performance indicators (KPIs)

Stakeholders/Roles

  • Data center infrastructure, engineering and operations planning groups
  • Designers and developers of Commonwealth IT systems
  • Business service owners and executives, analysts and architects

Roadmap

IT Management needs to evolve from its current state with a focus on systems and infrastructure to a target state that focuses on business metrics and outcomes. In the target state, technologists and business owners collaborate, with business having direct visibility into the performance of business processes. 
 

Enterprise Technology Solution

ITD is working to evolve current centralized systems monitoring capabilities into a new Enterprise Management Component, as part of an integrated shared SOA infrastructure and services offering.

Associated Technology Areas

  • Enterprise Service Management

 

Management > Web Service Management >

6.1.1 Technology Area: Enterprise Service Management

Description

When managing web services, it is critical to be able to separate what a service does from how the service operates. This decoupling allows different aspects of a service to be modified as changing requirements indicate the need. Once developed, changes can be made to how a service is executed without in depth technical skill sets. This flexibility allows the same service to be used differently depending on the needs and capabilities of the consumer.

SOA infrastructure components allow the benefits of web service management to be realized through enabling and enforcing the desired functional and operational aspects of the service in a scalable and distributed fashion. An example of a policy-enforcing component is the Enterprise XML Gateway service, which among other capabilities, is able to access a service's run-time policy specification and ensure security-related assertions.

Technology Specification: Web Services Policy (WS-Policy)

Description - WS-Policy is an extensible mechanism to express the capabilities and requirements of a web service. Examples of policy assertions include:

  • Use of specific authentication scheme
  • Requirement for certain XML elements
  • Transport protocol selection
  • Privacy policy
  • Quality of service (QoS) metrics

Policy assertions are organized into different categories, known as domains, for organizational and standardization purposes. Examples of WS-Policy domains include security, privacy and reliable messaging.

Service providers convey the conditions for providing the service. Clients can choose from among the options made available by the service provider, selecting the one that best suits the client's needs. For instance, a service may support both transport-level and/or message element-level encryption, a client may select the option that best matches its capabilities.

Guidelines - Service providers need to specify run-time operational requirements using WS-Policy, in such a way as to allow for independently configuring of run-time vs. implementation-time specifications.

Standards and Specifications -

  • WS-Policy 1.5 - The Web Services Policy version 1.5 is a W3C RECOMMENDATION that specifies a model and language to describe and enforce operational policies of web services.

Refer to: http://www.w3.org/TR/ws-policy/

Migration Strategy- Service implementations are expected to include as part of their definitions, operational policy assertions, using WS-Policy. These assertions may initially be used for documentation purposes only but will eventually be available for run-time enforcement as the SOA infrastructure for the Commonwealth continues to evolve.

Technology Specification: WS-SecurityPolicy

Description - WS-SecurityPolicy is a security-centric policy specification, based on the framework established by WS-Policy. WS-SecurityPolicy provides policy assertions for:

  • Authorization
  • Authentication
  • Message integrity
  • Message confidentiality
  • Required information

Guidelines - Service providers, who wish to specify policy requirements for security, are expected to use assertions defined in the WS-SecurityPolicy standard.

Standards and Specifications -

WS-SecurityPolicy 1.2 - WS-Security is an OASIS Standard
Refer to: http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.2/ws-securitypolicy.html

Migration Strategy- Service implementations are expected to include as part of their definitions, run-time security assertions, using WS-SecurityPolicy. These assertions may initially be used for documentation purposes only but will eventually be available for run-time enforcement as the SOA infrastructure for the Commonwealth continues to evolve.

 

Management >

6.2 Discipline: Systems Management

Description

Traditional system management interfaces such as the Simple Network Management Protocol (SNMP) help in health monitoring and simple control tasks, but fall short in addressing complex management tasks such as configuring and controlling complex software applications. SNMP does not typically scale well to large enterprise solutions due to excessive network traffic and performance bottlenecks. Additionally, there is limited support for sophisticated system configuration and control tasks as well as limited analytical support - no filtering or instrumentation support. The use of SOA standards in support of traditional IT management is widely recognized as a requirement for scalability.

Using SOA standards can overcome administrative issues around the management of distributed and complex IT infrastructures, in a scalable, configurable and secure manner. Additionally, using SOA standards for traditional system management will allow a combined view of business and technology metrics. This increased and consolidated visibility will help business owners understand how the IT infrastructure impacts their business processes.

Agility of the IT infrastructure has a significant impact on the enterprise's ability to evolve in a manner that effectively and efficiently supports the business. The IT infrastructure must mature from a reactive state, with no quality of service metrics, to a target state that supports real-time responsiveness driven by business SLAs.

Finally, it should be noted that the reliance on SOA principles does not invalidate the use of the Information Technology Infrastructure Library (ITIL) framework. ITIL outlines an extensive set of IT operational management procedures and the use of ITIL is recognized as a mechanism to support certain aspects of SOA Governance.

Stakeholders/Roles

  • Data center infrastructure, engineering and operations planning groups
  • Designers and developers of Commonwealth IT systems
  • Business service owners and executives, analysts and architects

Roadmap

IT Management needs to evolve from its current state that uses traditional systems and infrastructure management protocols such as SNMP to a target state that supports interoperable, scalable and securable solutions using SOA standards. The current IT infrastructure operates in a reactive manner, with no quality of service metrics. The target state supports real-time responsiveness to the business, supporting key business metrics.

Enterprise Technology Solution

ITD is looking into the current use of HP OpenView in the Data Center and is investigating migrating towards SOA compliant management solutions, including but not limited to HP OpenView's offerings.

Associated Technology Areas

  • Virtualization of Resources (TBD)
  • Enterprise Systems Management (TBD)