Promotion is a problem faced by every API developer. Long nights of coding
have given form to the stroke of genius you had six months ago in the cafe.
You’ve just written the API that will serve as the front door into your
application. But how do you document this so that your peers will use
it—and hopefully make you rich in the process?
Java had Javadoc, an innovation that managed to strike a surprisingly
effective balance between ease of use and systematization (three cheers for
strong typing and static binding). Web services “solved” the interface
definition problem with WSDL, a standard only its authors could love (and
some of these won’t admit to participating in conception). To the registry
crowd was left the task of devising clever ways to document a SOAP API around
the torturous abstractions of WSDL so that humans could grok it as
effectively as the machine... (more)
Is SOA ready to move from the whiteboards and into production IT? As you
might have guessed, the answer remains a disappointing sort of. The issue
comes down to tools and infrastructure, and the fact that only some SOA
components are mature and easy to source. The application server market is
largely commoditized and the world is awash with IDEs that automatically
generate and deploy SOA components from new or legacy code. Given these two
pieces, you can begin deploying services tomorrow.
This is fine until you need to scale, then the missing pieces in the puzzle
will become app... (more)
Cloud Security Journal on Ulitzer
Two weeks ago, I delivered a webinar about new security models in the cloud
with Anne Thomas Manes from Burton Group. Anne had one slide in particular,
borrowed from her colleague Dan Blum, which I liked so much I actually
re-structured my own material around it. Let me share it with you:
This graphic does the finest job I have seen of clearly articulating where
the boundaries of control lie under the different models of cloud computing.
Cloud, after all, is really about surrendering control: we delegate
management of infrastructure, application... (more)
SOA in the Cloud Expo
I’ll be delivering a Webinar next week about Layer 7’s Enterprise Service
Manager (ESM) product. ESM offers the global view of clusters of SecureSpan
Gateways and the services under their management.
It’s functions fall into three main areas:
Centrally manage and monitor all Gateways and associated services across the
extended enterprise and into the cloud
Automated Policy Migration
Centrally approve and then push policy to any Gateway across the enterprise,
automatically resolving environmental discrepancies
I recently had a great, freewheeling discussion with Daniel Raskin, Sun’s
Chief Identity Strategist. Daniel runs the Identity Buzz podcasts. We talked
about issues in identity and entitlement enforcement in SOA, compliance, and
the problems you run into as you move into new environments like the cloud.
Daniel’s post about our podcast is on his blog. You can download the
podcast directly right here.