Report: SOA, cloud, virtualization transforming federal government

I just saw snippets of a recent Input market research study that predicts the federal government will be spending plenty over the next few years on five leading technology initiatives.

• SOA: The federal SOA market will grow from $330 million to $660 million, at a compound annual growth rate (CAGR) of 17%.
• Cloud: The federal cloud computing market to grow from $370 million in 2009 to $1.2 billion in 2014 at a rate of 27%.
• Virtualization: The virtualization market will grow from $800 million to $1.4 billion or roughly 12% a year.
• Open source: Federal government spending on open-source software is expected to grow from $290 million to $430 million, a rate of 8%.
• Geospatial: The federal market for geospatial technology is expected to increase from $860 million to $1.4 billion, at a rate of 8%.

"Nearly half of federal and IT industry professionals surveyed by Input believe these technologies will have a major impact on their technology environment despite concerns over security and up-front costs," the report states.

The federal government -- and in particular, the Department of Defense, has been doing a ton of work with SOA. One of the leaders in this area is Dennis Wisnosky, the business mission area chief technical officer and chief architect at the Office of the Deputy Chief Management Officer at the US Department of Defense, who I met at last year's SOA Symposium.

Along with incredible charity work, he has been working tirelessly to bring a common set of standards and protocols to the DoD's procurement and administrative systems, as well as service-oriented principles, and his work is worth emulating across the private sector.

Dennis was recently interviewed by Rutrell Yasin of DefenseSystems.com about the progress of the effort. The problem for the Defense Department's Business Transformation Agency was engineers and developers tended to work in silos, and end up developing systems that duplicate services and have propriety interfaces that can't work easily with other systems.

The solution has been the development of concepts called Primitives, Common Vocabulary and Design Patterns, according to Yasin's report. The Department of Defense Architecture Framework 2.0 is the foundation for architecture Primitives. Primitives are a standard set of viewing elements and associated symbols mapped to the framework's Meta-Model concepts and applied to viewing techniques.

According to Wisnosky, BTA is applying Primitives based on Business Process Modeling Notation (BPMN). Also, "the idea of Primitives fits nicely into service-oriented architecture," Wisnosky said. "SOA represents the first time in the information technology world where it is clear how IT and business fit together. So an SOA pattern made up of Primitives that are associated with business processes could execute those business processes with standard services."

There's been a lot of SOA developments emerging within the US Defense Department. In another piece of news, a new cybersecurity initiative sponsored by the US Air Force seeks to harden service oriented architectures against outside threats.

Sami Lais, writing in Washington Technology, says a five-year, $2.9 million Air Force Research Laboratory award "could change the way DoD -- perhaps the world -- approaches information security."

How is this so? Lais says the USAF's Advanced Protected Services program is gearing up to "enable networks to withstand attacks that are as yet unknown, limit the effectiveness of the attacks, slow the attackers' progress by building multiple layers they have to penetrate, let them diagnose the attack more quickly," and "help them react and recover more quickly and completely."

Jim Loyall of BBN Technologies, chief scientist and program manager on the project, is working with a team that is concentrating on developing new approaches to better protect DoD SOAs against malicious attacks. The team is building extensions to the middleware stacks in SOA, and using strategies such as creating "crumple zones," or proxy layers between the service and users allows different users to share the same services. "Users go into this initial buffer area, where much of the service functionality is repeated," Loyall is quoted as saying. "If an attack succeeds, it'll get some initial success, but it won't go past that proxy layer to the service itself, and other users will be uncompromised by the attack."