A three-letter acronym for enterprise cloud success: SOA

Don't throw away all that knowledge about service oriented architecture that's been painstakingly assembled over the past decade -- it's just what's needed for cloud.

While you can implement cloud computing without a second thought to service oriented architecture, any good enterprise cloud infrastructure really should have a solid architectural foundation. Without such a foundation, there is uneven governance, haphazard security, and uncertain scalability. In other words, one may end up operating in the dark, meshed within a tangle of ungoverned -- and likely duplicated -- cloud services snarling their way through organizations.

Photo: Joe McKendrick

Dare I say it? The only architecture that evolves out of all this chaos is a JBOCS architecture -- Just a Bunch of Cloud Services. It gets very costly.

SOA has taken its knocks in recent years as being too much about IT and not enough about delivering business value. But cloud computing is where the promises of SOA begin to see the light of day.

In a recent article posted at Service Technology, Gabriel Novais Amorim, a software engineer who has been working in this space, nails it, pointing out that the main obstacles in the way of successful enterprise cloud computing can be addressed through SOA principles. Here are some of the challenges with cloud, and why SOA may offer a way to overcome those challenges:

Increased security vulnerabilities: Migration to cloud computing adds even concerns about the physical sharing of applications and data with other companies. This can be mitigated through SOA-based security and access control. "You can create policies that influence development patterns and the way the services are consumed," Amorim illustrates. "Examples include mandatory username/password to access URL services, encryption of data exchanged between the client and the server, and the joint work between developers and professionals specialized in information security at development time."

Lack of standardization of APIs: Everyone, everywhere, has their own types of implementations. SOA is all about standardization across the enterprise, and will help ensure that APIs consumed and built adhere to common core standards.

Migration costs: Making the migration to cloud involves much more than simply throwing away servers and adopting cloud services. There are processes involved, and often, money needs to be spent on consultants to smooth the transition. Plus, with cloud computing, there's risk of lock-in to vendors' processes and protocols. SOA provides "the ability to change business processes without the need for major changes, testing, or implementation," Amorim states. "SOA has the ability to promote a flexible architecture, or an architecture that is constructed to change."With an infrastructure built on SOA principles, applications and services should be independent of any underlying hardware and infrastructure, which theoretically could be swapped out as often as needed, without disrupting business operations.

Lack of governance: Many business users are signing on to cloud services beneath corporate IT's radar; thus, there is potential for duplication and waste. Plus, since cloud computing is a set of services that may depend on one another, "the failure of one of these services can lead to a domino effect on other services and applications that use them," Amorim warns. SOA is intended to provide appropriate management control as services are created, changed, deleted, and accessed. "We need good governance of services to meet this management and reduce risks," he urges.