Home :: About InfoWorld :: Advertise :: Subscribe :: Contact Us :: Awards :: Events
InfoWorldHomeNewsTest CenterOpinionsTechIndex
 SUBSCRIBE  E-MAIL NEWSLETTERS  CAREER CENTER
 

 BLOG MENU

RECENT ENTRIES
New gig, exiting in good faith
Google: don't be evil
Quick thoughts on Backpack for personal productivity
The Grande Vista Sanitarium: serendipitous adventures as a citizen historian
Yahoo's MyWeb 2.0 beta and del.icio.us
IT solutions for outdoor grilling
Those low-down-can't-post-my-podcast to iTunes blues
Asterisk, open source telephony, and the Clash
Podcasts from Syndicate conference last month
Microsoft, Longhorn, and RSS: I'm having IE4 flashbacks!

ARCHIVES
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003


Powered By
Movable Type 3.17

Email Chad Dickerson


INFOWORLD BLOGS
 Chad Dickerson 
 Ed Foster 
 Jon Udell 
 Bob Lewis 
 Tom Yager 

RSS FEEDS
How this works
 Top News 
 Columnists 
 Tech Watch 
 Test Center Reviews 
 Applications 
 App Development 
 E-Business Solutions & Strategies 
 End-user Hardware 
 Networking 
 Operating Systems 
 Platforms 
 Security 
 Standards & Protocols 
 Storage 
 Telecommunications 
 Wireless 
 Web Services 

IDG LINKS
InfoWorld
ComputerWorld
NetworkWorld
CIO
CSO
 CHAD DICKERSON: CTO CONNECTION


April 27, 2005

InfoWorld SOA Executive Forum: CTO Reality Check panel

[Updated 05/13/05 to incorporate some thoughts for our NY event from the SOA Executive Forum in San Jose, adding some questions and crossing some out.]

In preparation for InfoWorld's upcoming SOA Executive Forum (May 5 in San Jose, May 17 in NY), both Jon Udell and Phil Windley posted their preliminary thoughts on the panels they are moderating (Defining the SOA Platform and Services and Contracts respectively) to plan for their panels, float some trail balloon topics, solicit feedback on the direction of the panel, and promote discussion in advance. Excellent idea, so I'm following suit. I'm also bookmarking interesting SOA-related materials via del.icio.us here -- expect this list to grow as I prepare for the conference. Like Jon, I'm also tagging my posts about the conference in del.icio.us with the tag InfoWorldSOA2005.

I'm moderating the closing panel of the day entitled "CTO Reality Check," with this simple description: CTOs discuss how Web services and SOA have (or haven't) improved business agility. In other words, this panel is going to focus on what is happening in the real world, something of great interest to me and any other CTO or CIO with day-to-day operational responsibilities. I'm going to do my best to keep the panel away from the kind of blue-sky prognostication that panels sometimes fall into when emerging technologies are being discussed. I know we'll end up talking about the future, but explicitly in the context of what has happened in real enterprises up to this point. Jon's thoughts on his panel helped put my own thoughts into better context, and I'm re-fashioning some of the potential discussion points in his post to fit my panel. I'm hoping my panel will get to the heart of how IT has actually begun embracing SOA in a real way in a world where so many of the questions that will be raised in Jon's panel have incomplete and still-fuzzy answers.

The panelists include: Toby Redshaw, CTO, Motorola (May 5 only); Praveen Sharabu, Director of Enterprise Architecture, CNF Inc. (May 5 only); Marc Saffer, CIO, Columbia House (May 17 only); David Allen, CTO, Visa (May 5 only). Usman Rabbani, Pfizer (May 17 only); Rich Erickson, AT&T (May 17 only).

Some of my initial thoughts on possible areas for discussion (after each panelist takes 5 minutes to give an overview of their business/IT environment and the IT challenges they have faced and are facing):

What is SOA?: With the term SOA embedded in the name of the conference, this might seem like an odd question, but I would like to (briefly) hear the panelists' thoughts on what SOA means to them in the context of what they have been doing in their organizations. (As I have become accustomed to expect, Wikipedia takes a solid stab at defining SOA. And if you don't agree, change it, right?)

What's different this time around?: We've been through various forms of distributed computing (CORBA and DCOM come to mind) and it's tempting to feel a little jaded about SOA. What's different this time around? What do you say to the 52% of managers who are not on top of SOA? (see slide 3 of this PowerPoint for the source of the numbers).

Cultural issues in IT management: It's tempting to jump straight into the nuts-and-bolts details of technical implementation, but cultural issues within IT are critical. What mental shifts (if any) are required for an organization to successfully embrace and implement an SOA, both within IT and in the business? Is this even an issue? What kinds of skills do you look for when hiring into an SOA-enabled organization, and how are they different?

Funding / getting started on an SOA project: You've identified a dozen silos of functionality that can be consolidated. How do you go about getting funding and sponsorship in a decentralized environment? If your IT is on the more centralized end of the spectrum, how do you proceed differently, if at all?

Business agility: What specific business processes or services in your environment were enhanced (or not) by implementing an SOA? How did you identify the ripest candidates for SOA?

Performance: Critics of web services and SOA often point to potential performance issues as a limiting factor. Is that true in practice, and if so, what approaches are being employed to get past this limitation? (A little note on this subject from Brent Sleeper here).

Standards: This is a big one. It's not a particularly artful way to put it, but while the WS-* standards have been slowly developing, the CTOs on my panel have been doing "real stuff." This begs the question of what they were basing this "real stuff" on in terms of standards. On the continuum from the lightweight "Web 2.0 stack" on one end (as Jon refers to approaches based on HTTP, REST, and RSS) to the heavier WS-* standards on the other, what sort of mix was achieved? Will Tim Bray be proven right based on what he wrote last September? "No matter how hard I try, I still think the WS-* stack is bloated, opaque, and insanely complex. I think it’s going to be hard to understand, hard to implement, hard to interoperate, and hard to secure." (Joshua Allen's piece "The War is Over (WS-* vs. POX/HTTP)" looks interesting but his site was delivering errors when I tried to access it just now -- got the link from Tim Bray's very useful Spring 2005 Roundup).

On self-describing data: (wholly lifted from Jon Udell's post) XML messages are the lifeblood of SOA. Their self-descriptive nature is what makes it possible to enforce policy and compose new business logic independently of endpoint applications. Arguably, then, the technologies for structuring, gathering, transforming, storing, and retrieving XML are all key elements of the SOA platform. Are these technologies ready for prime time? And to the extent that they are, have enterprises gotten up to speed with them?

No better people to discuss this than the people on my panel.

Identity / Security: From a piece last fall in InfoWorld ("Identity's Role in SOA"): "Identity and Web services are closely related,” says Jamie Lewis, Burton Group’s CEO and research chair. “It’s almost a yin and yang." . How are enterprises dealing with identity right now? What specific technologies are being employed and with what considerations? Where do emerging standards like SAML, WS-Security, WS-Federation, and WS-Trust fit in (or do they?) Or is the real action happening with relatively simple LDAP or LDAP-like solutions?

Reliability: Many IT operations still struggle with concepts that have been around for quite some time (e.g. software clustering, high-availablity, etc.) In a decentralized service-oriented environment, what must be done to make sure that the SOA environment is reliable?

Advice for those who have not yet embraced SOA: What are some of the biggest "gotchas" and surprises you encountered in your initial SOA projects? What do you know now that you wished you had known two years ago? What standards and approaches should be carefully watched, and what can be safely ignored?

The "reality check" nature of the panel means that the involvement of attendees is critical since a much broader set of real-world experiences will be within the audience than on stage. Although there is a lot to chew on above, I'm going to be sure to leave plenty of time at the end for questions (shooting for a full half hour). In the meantime, please feel free to contact me (chad_dickerson -AT- infoworld.com) with questions and thoughts via e-mail or in your own blogs.

Technorati Tags:

Posted by Chad Dickerson at April 27, 2005 07:10 AM


ADVERTISEMENT

 HOME  NEWS  TEST CENTER  OPINIONS  TECHINDEX   About InfoWorld :: Advertise :: Subscribe :: Contact Us :: Awards :: Events 

Copyright © 2003, Reprints, Permissions, Licensing