Reference Architecture Foundation for Service Oriented…

1、Reference Architecture Foundation for Service Oriented Architecture Version 1.0Committee Specification 0104 December 2012Specification URIsThis version:/soa-rm/soa-ra/v1.0/cs01/soa-ra-v1.0-cs01.pdf (Authoritative)/soa-rm/soa-ra/v1.0/cs01/soa-ra-v1.0-

2、cs01.html/soa-rm/soa-ra/v1.0/cs01/soa-ra-v1.0-cs01.docPrevious version:/committees/download.php/46922/soa-ra-v1.0-csprd03.zipLatest version:/soa-rm/soa-ra/v1.0/soa-ra.pdf (Authoritative)/soa-rm/soa-ra

3、/v1.0/soa-ra.html/soa-rm/soa-ra/v1.0/soa-ra.docTechnical Committee:OASIS Service Oriented Architecture Reference Model TCChair:Ken Laskey (), MITRE CorporationEditors:Peter Brown (peter), Individual MemberJeff A. Estefan (), Jet P

4、ropulsion LaboratoryKen Laskey (), MITRE CorporationFrancis G. McCabe (fmccabe), Individual MemberDanny Thornton (danny.thornton), Northrop GrummanRelated work:This specification is related to: Reference Model for Service Oriented Architecture 1.0. 12 October 2006. OASIS Standard.htt

5、p://soa-rm/v1.0/soa-rm.html.Abstract:This document specifies the OASIS Reference Architecture Foundation for Service Oriented Architecture (SOA-RAF). It follows from the concepts and relationships defined in the OASIS Reference Model for Service Oriented Architecture as well as wo

6、rk conducted in other organizations. While it remains abstract in nature, the current document describes the foundation upon which specific SOA concrete architectures can be built.The focus of the SOA-RAF is on an approach to integrating business with the information technology needed to support it.

7、 These issues are always present but are all the more important when business integration involves crossing ownership boundaries.The SOA-RAF follows the recommended practice of describing architecture in terms of models, views, and viewpoints, as prescribed in the ANSI/IEEE 1471-2000.It has three ma

8、in views: the Participation in a SOA Ecosystem view which focuses on the way that participants are part of a Service Oriented Architecture ecosystem; the Realization of a SOA Ecosystem view which addresses the requirements for constructing a SOA-based system in a SOA ecosystem; and the Ownership in

9、a SOA Ecosystem view which focuses on what is meant to own a SOA-based system.The SOA-RAF is of value to Enterprise Architects, Business and IT Architects as well as CIOs and other senior executives involved in strategic business and IT planning.Status:This document was last revised or approved by t

10、he OASIS Service Oriented Architecture Reference Model TC on the above date. The level of approval is also listed above. Check the “Latest version” location noted above for possible later revisions of this document.Technical Committee members should send comments on this specification to the Technic

11、al Committees email list. Others should send comments to the Technical Committee by using the “Send A Comment” button on the Technical Committees web page at /committees/soa-rm/.For information on whether any patents have been disclosed that may be essential to implementing t

12、his specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the Technical Committee web page (/committees/soa-rm/ipr.php).Citation format:When referencing this specification the following citation format should be

13、used:SOA-RAFReference Architecture Foundation for Service Oriented Architecture Version 1.0. 04 December 2012. OASIS Committee Specification 01./soa-rm/soa-ra/v1.0/cs01/soa-ra-v1.0-cs01.html.NoticesCopyright OASIS Open 2012. All Rights Reserved.All capitalized terms in the f

14、ollowing text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the OASIS IPR Policy). The full Policy may be found at the OASIS website.This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise ex

15、plain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be

16、 modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must b

17、e followed) or as required to translate it into languages other than English.The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARR

18、ANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.OASIS requests that any OASIS Party or any other party that believes it

19、 has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of

20、the OASIS Technical Committee that produced this specification.OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing

21、 to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so.OASIS takes no position regarding the validity or scope of any i

22、ntellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any

23、such rights. Information on OASIS procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result

24、of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intelle

25、ctual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims.The name OASIS is a trademark of OASIS, the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes refe

26、rence to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see /policies-guidelines/trademark for above guidance.Table of Contents1Introduction91.1 Context for Reference Architecture for SOA91.1.1 Wh

27、at is a Reference Architecture?91.1.2 What is this Reference Architecture?101.1.3 Relationship to the OASIS Reference Model for SOA101.1.4 Relationship to other Reference Architectures101.1.5 Expectations set by this Reference Architecture Foundation111.2 Service Oriented Architecture An Ecosystems

28、Perspective111.3 Viewpoints, Views and Models111.3.1 ANSI/IEEE 1471-2000 and ISO/IEC/IEEE 42010:2011111.3.2 UML Modeling Notation131.4 SOA-RAF Viewpoints131.4.1 Participation in a SOA Ecosystem Viewpoint141.4.2 Realization of a SOA Ecosystem Viewpoint141.4.3 Ownership in a SOA Ecosystem Viewpoint141

29、.5 Terminology141.6 References151.6.1 Normative References151.6.2 Non-Normative References152Architectural Goals and Principles172.1 Goals and Critical Success Factors of the Reference Architecture Foundation172.1.1 Goals172.1.2 Critical Success Factors182.2 Principles of this Reference Architecture

30、 Foundation183Participation in a SOA Ecosystem View203.1 SOA Ecosystem Model213.2 Social Structure in a SOA Ecosystem Model223.2.1 Stakeholders, Participants, Actors and Delegates243.2.2 Social Structures and Roles263.2.3 Needs, Requirements and Capabilities293.2.4 Resource and Ownership313.2.5 Esta

31、blishing Execution Context323.3 Action in a SOA Ecosystem Model363.3.1 Services Reflecting Business373.3.2 Activity, Action, and Joint Action383.3.3 State and Shared State403.4 Architectural Implications403.4.1 Social structures403.4.2 Resource and Ownership403.4.3 Policies and Contracts413.4.4 Sema

32、ntics413.4.5 Trust and Risk413.4.6 Needs, Requirements and Capabilities413.4.7 The Importance of Action414Realization of a SOA Ecosystem view434.1 Service Description Model434.1.1 The Model for Service Description444.1.2 Use of Service Description524.1.3 Relationship to Other Description Models574.1

33、.4 Architectural Implications584.2 Service Visibility Model594.2.1 Visibility to Business604.2.2 Visibility604.2.3 Architectural Implications644.3 Interacting with Services Model644.3.1 Interaction Dependencies644.3.2 Actions and Events654.3.3 Message Exchange664.3.4 Composition of Services684.3.5 I

34、mplementing Service Composition694.3.6 Architectural Implications of Interacting with Services724.4 Policies and Contracts Model734.4.1 Policy and Contract Representation734.4.2 Policy and Contract Enforcement744.4.3 Architectural Implications755Ownership in a SOA Ecosystem View765.1 Governance Mode

35、l765.1.1 Understanding Governance765.1.2 A Generic Model for Governance785.1.3 Governance Applied to SOA825.1.4 Architectural Implications of SOA Governance855.2 Security Model865.2.1 Secure Interaction Concepts875.2.2 Where SOA Security is Different895.2.3 Security Threats895.2.4 Security Responses

36、905.2.5 Access Control925.2.6 Architectural Implications of SOA Security955.3 Management Model955.3.1 Management955.3.2 Management Means and Relationships995.3.3 Management and Governance1005.3.4 Management and Contracts1005.3.5 Management for Monitoring and Reporting1045.3.6 Management for Infrastr

37、ucture1045.3.7 Architectural Implication of SOA Management1055.4 SOA Testing Model1055.4.1 Traditional Software Testing as Basis for SOA Testing1055.4.2 Testing and the SOA Ecosystem1065.4.3 Elements of SOA Testing1075.4.4 Testing SOA Services1095.4.5 Architectural Implications for SOA Testing1106Co

38、nformance1126.1 Conformance Targets1126.2 Conformance and Architectural Implications1126.3 Conformance Summary112Appendix A.Acknowledgements113Appendix B.Index of Defined Terms114Appendix C.Relationship to other SOA Open Standards115C.1 Navigating the SOA Open Standards Landscape Around Architecture

39、115C.2 The Service-Aware Interoperability Framework: Canonical116C.3 IEEE Reference Architecture117C.4 RM-ODP117Table of FiguresFigure 1 - Model elements described in the Participation in a SOA Ecosystem view20Figure 2 - SOA Ecosystem Model21Figure 3 - Social Structure Model23Figure 4 Stakeholders,

40、Actors, Participants and Delegates25Figure 5 - Social Structures, Roles and Action27Figure 6 - Roles in a Service29Figure 7 - Cycle of Needs, Requirements, and Fulfillment30Figure 8 - Resources31Figure 9 - Willingness and Trust33Figure 10 Policies, Contracts and Constraints34Figure 11: An Activity,

41、expressed informally as a graph of Actions38Figure 12: Activity involving Actions across an ownership boundary39Figure 13 - Model Elements Described in the Realization of a SOA Ecosystem view43Figure 14 - General Description45Figure 15 - Representation of a Description46Figure 16 - Service Descripti

42、on48Figure 17 - Service Interface Description49Figure 18 - Service Functionality50Figure 19 - Model for Policies and Contracts as related to Service Participants51Figure 20 - Policies and Contracts, Metrics, and Compliance Records52Figure 21 - Relationship between Action and Components of Service De

43、scription Model53Figure 22 - Execution Context56Figure 23 - Interaction Description57Figure 24 - Visibility to Business60Figure 25 - Awareness in a SOA Ecosystem62Figure 26 - Service Reachability63Figure 27 - Interaction dependencies65Figure 28 - A message denotes either an action or an event65Figur

44、e 29 - Fundamental SOA message exchange patterns (MEPs)67Figure 30 - Simple model of service composition69Figure 31 - Abstract example of a simple business process exposed as a service70Figure 32 - Abstract example of a more complex composition that relies on collaboration71Figure 33 - Policies and

45、Contracts73Figure 34 - Model Elements Described in the Ownership in a SOA Ecosystem View76Figure 35 - Motivating Governance78Figure 36 - Setting Up Governance79Figure 37 - Carrying Out Governance80Figure 38 - Ensuring Governance Compliance81Figure 39 - Relationship Among Types of Governance83Figure

46、40 - Authorization88Figure 41 - Management model in SOA ecosystem97Figure 42 - Management Means and Relationships in a SOA ecosystem99Figure 43 - Management of the service interaction102Figure 44 - SOA Reference Architecture Positioning116soa-ra-v1.0-cs0104 December 2012Standards Track Work ProductC

47、opyright OASIS Open 2012. All Rights Reserved.Page 117 of 1171 IntroductionService Oriented Architecture (SOA) is an architectural paradigm that has gained significant attention within the information technology (IT) and business communities. The SOA ecosystem described in this document bridges the

48、area between business and IT. It is neither wholly IT nor wholly business, but is of both worlds. Neither business nor IT completely own, govern and manage this SOA ecosystem. Both sets of concerns must be accommodated for the SOA ecosystem to fulfill its purposes. By business we refer to any activi

49、ty that people are engaged in. We do not restrict the scope of SOA ecosystems to commercial applications.The OASIS Reference Model for SOA SOA-RM provides a common language for understanding the important features of SOA but does not address the issues involved in constructing, using or owning a SOA

50、-based system. This document focuses on these aspects of SOA.The intended audiences of this document and expected benefits to be realized include non-exhaustively: Enterprise Architects - will gain a better understanding when planning and designing enterprise systems of the principles that underlie

51、Service Oriented Architecture; Standards Architects and Analysts - will be able to better position specific specifications in relation to each other in order to support the goals of SOA; Decision Makers - will be better informed as to the technology and resource implications of commissioning and liv

52、ing with a SOA-based system; in particular, the implications following from multiple ownership domains; and Stakeholders/Developers - will gain a better understanding of what is involved in participating in a SOA-based system.1.1 Context for Reference Architecture for SOA1.1.1 What is a Reference Ar

53、chitecture?A reference architecture models the abstract architectural elements in the domain of interest independent of the technologies, protocols, and products that are used to implement a specific solution for the domain. It differs from a reference model in that a reference model describes the i

54、mportant concepts and relationships in the domain focusing on what distinguishes the elements of the domain; a reference architecture elaborates further on the model to show a more complete picture that includes showing what is involved in realizing the modeled entities, while staying independent of

55、 any particular solution but instead applies to a class of solutions.It is possible to define reference architectures at many levels of detail or abstraction, and for many different purposes. A reference architecture is not a concrete architecture; i.e., depending on the requirements being addressed

56、 by the reference architecture, it generally will not completely specify all the technologies, components and their relationships in sufficient detail to enable direct implementation.1.1.2 What is this Reference Architecture?There is a continuum of architectures, from the most abstract to the most d

57、etailed. As a Committee, we have liaised and worked with other groups and organizations working in this space to ensure that our efforts overlap as little as possible. We look at some of these other works in Appendix C. The result is that this Reference Architecture is an abstract realization of SOA, focusing on the elements and their relationships needed to enable SOA-based systems to be used, realized and owned while avoiding reliance on specific concrete technologies. This positions the work at the more abstract end of the continuum, and constitutes w