Enterprise Service Bus ESB B Ramamurthy Page 1
Enterprise Service Bus (ESB) B. Ramamurthy Page 1 12/27/2021
The concept of bus • Consider a hardware bus: connects chips of different functions and from different vendors • Now imagine a software bus: a standardized way of hooking together any software components; examples – – 2 OMG’s CORBA (synchronous) EJB in J 2 EE (synchronous) IBM’s MQSeries (asynchronous) Tibco’s Rendezvous (asynchronous) 12/27/2021
Types of ESB Ideal software bus supports a single communication model (fig. 9. 1). • A software bus may also support various communication models at the same time (fig. 9. 2): synchronous, and filebased. • The infrastructure of a real-world enterprise will normally consist of various products that support similar communication models. • – An enterprise is a meta bus that supports various products and technologies of the enterprise – Example: Credit Suisse uses a synchronous information bus, an asynchronous event bus infrastructure and a file transfer-based bulk integration infrastructure driven by application which in turn are driven by business demands. 3 12/27/2021
ESB Functions • Stub/dispatcher code generation (development) • Execution container functions (deployment) • Logging and auditing (runtime management) – An important item is missing in the text: provisioning • Availability and scalability • Securing an SOA 4 12/27/2021
Service stub and dispatcher Client implementation op 1 op 2 API Service stub Service dispatcher op 3 … Op n client server Stub and dispatcher are automatically generated 5 12/27/2021
Execution containers • Application servers • Server farms • Generic features set of an execution container are: – – – – Dispatching and servicing Transaction management Security Logging Billing Systems management functionality Message transformation Execution container Resources: queues, Data Sources, security details 6 12/27/2021
Cross-container integration • Execution containers provide a rich set of functionality that makes deployment and management of individual services reasonably straightforward. • However the key challenge of an enterprise SOA is to define an architecture that enables applications to use different services independently of their container. • Challenges are: interoperability including transactionality and security • Solution: in a system where services are implemented on incompatible execution containers, one must introduce a horizontal infrastructure layer that manages technical cross-container integration of services. 7 12/27/2021
Cross-container Integration Service container Access control service Customer management service Horizontal cross-container infrastructure (security, transactions, logging) 8 Flight reservation service System managing & monitoring 12/27/2021
Logging and Auditing • You must best practices to build robust systems. • Even with such systems failures are unavoidable • A error or failure must be reported to the user, to a log file or database and to a systems management system. • Severity of the error is indicated by standard notations such as: “DEBUG”, “ TRACE”, “INFO”, “WARN”, “ERROR”, “FATAL”, and “AUDIT” • Error reporting (SOAP error mechanism “fault”), distributed logging protocols (log locally, view globally) • See Fig. 9 -13 9 12/27/2021
Availability and Scalability • Scalability: how well can you system perform under heavy load? What is the max load it can handle? • Availability: How is a failure of a system handled? – Failstop – Failover – Degraded performance (low availability) 10 12/27/2021
Design Choices for scalability and availability • Scalability and availability using WS • Using enterprise java beans (see fig • • 8. 15) Using CICS Using CORBA Legacy applications Heterogeneous SOA: beware of the weakest link for uptime 11 12/27/2021
Security: Authentication • Authentication means that a service caller is using a mechanism to prove its identity to the called resource. • Individual login : user name , password • SOA level login: Single sign on for all the requests in a session (fig 9 -17) – Authenticate yourself with an authentication service that provides tokens or tickets for interaction with subsequent interactions • Security Assertion Markup Language (SAML) 12 12/27/2021
Security: Authorization • Authorization is the mechanism used to grant a caller access to a specific resource. • Static group membership • Role based access and dynamic group membership • The concept of trust domain: appropriate for SOA? – Strict enforcement at application front-end; once certified by this level, can freely access service at lower levels. 13 12/27/2021
Other Security topics • Firewalls (/proxies) • Encryption with various strengths • Secure socket layer (SSL) • Provisioning • Sarbanes-Oxley compliance 14 12/27/2021
Securing SOA 15 12/27/2021
- Slides: 15