The Service, The Cloud and The Method Speaker: Thomas Erl, SOA Systems Inc. Day 1: First Opening Keynote The design paradigm of service-orientation has advanced to a state of maturity in both practice and the availability of modern service technologies. Today we can build service-oriented solutions with unprecedented sophistication while still positioning services as high-value IT assets that can be continually repositioned in response to business change. However, the advent of cloud computing has added a new dimension that introduces new opportunities, new challenges and, of course, new "service" technology products. Organizations that leverage cloud innovations intelligently and with patience will be empowered to further realize the strategic benefit potential of service-orientation. Organizations that fail to see or consider the many connection points between service-oriented technology architecture and the technology architectures that underlie cloud computing platforms will be destined to build a new generation of silo-based applications, only this time they will be "silos in the sky". October 5, 2010 - 09:00 Room: Plenary (top floor)

Drivers for SOA Implementation Speaker: Dr. Karsten Schweichhart, SOA Innovation Lab and Deutsche Telekom Day 1: Second Opening Keynote Drivers for SOA-Implementation - In his opening keynote, Karsten will give a 360 degree view on the drivers for a service-oriented architecture.He will identify the main anchors for driving this paradigm and give also the answer, is this enough? Why not go the old traditional and well-known paths? Can these drivers convince the top management and and get the company an important advantage by implementing SOA? In his keynote, Karsten will provide a practical inside on the experience of the SOA Innovation Lab. This Innovation community, with over 16 large companies in Germany, has build expertise and explores new approaches by SOA and other methods of Enterprise Architecture Management." October 5, 2010 - 09:00 Room: Plenary (top floor)

Using Cloud to Deliver Innovation and Efficiency Speaker: Christian Klezl, IBM CloudComputing Europe Day 1: Closing Keynote

Driven by trends in the consumer Internet, cloud computing is a new way to consume and deliver IT services. IBM's "Smart Business" cloud solutions are based on workloads (unique solutions for IT applications, functions & services), service management (visibility, control & automation across IT & business services) and deployment choices (clouds behind their firewall or access via the IBM cloud).

This presentation will position cloud computing and illustrate its value proposition through a cross-IBM perspective on cloud solutions by workloads, supporting IBM technologies or consulting services.

Presentation Flow

• The world is getting smarter
• But as it becomes smarter, there is increasing pressure to keep up with enormous amounts of data and information
• There is also a greater need for meet changing business needs
• One way to meet these demands is with cloud computing
• Cloud can deliver new benefits and efficiencies
• And companies are beginning to leverage clouds for multiple reasons
• But cloud is a journey, and you need a roadmap
• Cloud adoption will happen by workloads
• And clouds will be deployed across different delivery models - public, private, hybrid
• Architectural models for cloud
• Client examples
• Why choose cloud now?
• IBM differentiators

October 5, 2010 - 17:30 Room: Plenary (top floor)

Primitives and Style: A Common Vocabulary for SOA Reducing Risk and Costs while Improving Collaboration and Agility (remote via Skype) Speaker: Dennis Wisnosky, US Department of Defense Day 2: First Opening Keynote The US Department of Defense is perhaps the largest and most complex organization in the world. Our reach is truly galactic. With about 4 million active employees and tens of millions of retirees and dependents in all parts of the world, no organization is more of a management challenge. Decades of piecemeal implementation of IT systems and services has resulted in an unsustainable cost structure and notable failures to deliver needed business capabilities. It is clear that business as usual is not a sensible way ahead. Could semantic technologies, notably data constructed with RDF OWL, and capabilities delivered as services within a SOA be a new paradigm for business intelligence and business applications? This talk will explore these issues, and the Departments early Proof of Delivery (PoD) projects designed to test the limits of both semantic technologies and the ability of the organization to use them effectively. October 6, 2010 - 09:00 Room: Plenary (top floor)

Resurrecting SOA Speaker: Anne Thomas Manes, Gartner Day 2: First Opening Keynote According to the hype, service oriented architecture is supposed to reduce costs and increase agility on a massive scale. A few organizations have been spectacularly successful at realizing these benefits, but numerous others have failed: Reduced costs and increased agility remain elusive. In most cases, failure has resulted from a misunderstand of what's required to achieve SOA. Some organizations are feeling frustrated and disillusioned. Yet the need for SOA is stronger now than ever before. A year ago, we wrote the SOA Manifesto in an effort to reorient SOA initiatives by articulating goals, value statements, and principles. This session redefines SOA in this spirit and provides guidance for resurrecting failed initiatives by focusing on models, methodologies, and patterns that produce the desired business and technical goals. October 6, 2010 - 09:00 Room: Plenary (top floor)

SOA, Service-Orientation and Cloud Computing: The Connection Points Speaker: Thomas Erl, SOA Systems Inc Day 1: SOA Architecture & Design Cloud computing technology and innovations are making elastic, dynamically scalable infrastructure resources accessible to a wide range of organizations. In order to leverage cloud platforms when building shared services and applying service-orientation, an understanding is required of how and where the convergence of cloud computing and SOA exists. This provides us with clear criteria for what constitutes a cloud-based service-oriented solution, while also identifying where gaps and weaknesses within cloud computing currently still lie. In this session, best-selling author Thomas Erl establishes the connection points between cloud computing and service-orientation by providing a concrete mapping between Service-Oriented Computing Goals and Cloud Computing Goals, SOA Characteristics and Cloud Characteristics, Service-Orientation Principles and Cloud Mechanisms, as well as SOA Types and Cloud Deployment Models. October 5, 2010 - 10:15 Room: 001

Service Component Architecture - State of the Union Speaker: Clemens Utschig, Boehringer-Ingelheim Day 1: SOA Architecture & Design This session will walk you through the current state of the Service Component Architecture specification, which is just about to go final. It will discuss the underlying component model, best practices for development and what's left for the technical committee, e.g. the extensions for eventing.the solution examples provided is a design based on the use of the UI Mediator pattern. October 5, 2010 - 11:15 Room: 001

Service Models: Making Sure Services Deliver Value Speaker: Anne Thomas Manes, Gartner Day 1: SOA Architecture & Design Building services is a significant investment. The only way for an organization to ensure a return on its investment is to make sure the right services get built and that these services are built in the right way to support the desired business outcomes. This session will describe service modeling: a concrete architecture practice for building concrete things (e.g., services) that deliver real value to the business. Service modeling provides a focus on what to build (business capabilities) rather than how to build (implementation details). Building services without service modeling is all too common, but without real consensus forged by business and IT on business context, building services will not deliver value. October 5, 2010 - 13:15 Room: 001

Timeout Management for Exception Handling in SOA Systems Speaker: Andre Tost, IBM Day 1: SOA Architecture & Design In this session, we will show how proper management of timeouts throughout a distributed, service oriented system contributes to the implementation of an overall exception handling strategy. We will present use case scenarios in which well designed timeout settings are of critical importance for system availability. We will also present patterns and mechanisms that can be leveraged in this context, for example, using timers, aggregating timeouts, retries, defining circuit breakers and applying compensation mechanisms, just to name a few. October 5, 2010 - 14:15 Room: 001

User Interfaces & SOA Speaker: Torsten Winterberg, OPITZ Consulting GmbH and Berthold Maier, Oracle Day 1: SOA Architecture & Design Does SOA relate to user interfaces? Can services be part of the presentation layer? Can service-orientation be applied to human-service interaction? The answer to all of these questions is, in fact, "yes", but only if we understand the unique requirements of designing and using services with the human end-user in mind. The truth is that from an architectural point of view the overall topic of SOA and user interaction is very much underrepresented in general SOA literature and technical discussions. This session begins by revisiting existing work that has been done in this area, namely UI-Services, Worklists, BPEL4People, Embedded Taskflows, and the controlling of existing applications. We then introduce solution concepts, starting with trivial, workflow-driven TODO-Lists and finishing with complete, service-oriented and process-oriented architectures. As part of the solution examples provided is a design based on the use of the UI Mediator pattern. October 5, 2010 - 15:30 Room: 001

All-or-Nothing Transactions - So Good, but Cannot be Used in SOA. So What do We do? Speaker: Sven Hakan Olsson, Definitivus Day 1: SOA Architecture & Design We would really want ACID transactions. Fifteen years ago, inside our monolithic applications, we always used ACID to make sure that the information would be consistently stored. Now we break up the monoliths into smaller parts along the SOA guidelines, and we start to deploy separate parts in the Cloud. In this distributed setting, ACID transactions have huge drawbacks. There are several reasons for this. The distributed ACID protocol is complicated and slow. ACID would result in stateful services and that is in itself not good. Distributed ACID would lead to lower uptime because of synchronous dependencies on several parts. And ACID would generally reduce the loose coupling that we strive for in the SOA and Cloud world. One specific SOA building block that is hindered by the lack of ACID is the Composite Service pattern, at least when updating services are included. Even so, this problem is seldom mentioned when you read about the usage of Composite Services. Since ACID cannot be used, it is inevitable that information consistency deteriorates. So we have to deal with it! There are several ways to improve the situation. The most obvious is to model coarse-granular updating service interfaces that eliminate the need for two or more related service calls that would yield a risk of inconsistencies. But sometimes updates have to take place across SOA domain borders, so the coarse-granular solution does not work. In the presentation I propose a number of practical solutions to this ACID problem. October 5, 2010 - 16:30 Room: 001

Simplicity Always Wins: Using REST as a Better Model for SOA Governance Speaker: Jesus Rodriguez, Tellago Inc. Day 2: SOA Governance For the last few years, Service Oriented (SOA) Governance platforms have evolved around the concepts of Universal Data Discovery and Integration (UDDI). While UDDI is based on a simple set of principles, the fact of the matter is that it proved to be too complex and highly limited to address the challenges of SOA governance scenarios in the real world. As a consequence, the SOA industry is in need of simpler governance models that can be easily adopted in the real world. The recent emergence of architecture styles such as the Representational State Transfer (REST) seems to be the right model to open new horizons for SOA Governance scenarios. This session introduces the principles of a lightweight model for SOA governance based on REST and the Atom Publishing Protocol(Atom Pub). The session illustrates how the use of REST and Atom Pub enables a simpler, highly interoperable and more flexible model that overcomes most of the limitations of UDDI. Additionally, we explore the techniques used to enable some of the fundamental SOA governance aspects such as discovery, service dependences, testing and monitoring using REST and Atom Pub. In order to keep things practical, we will present a series of demonstrations that leverage various REST-based SOA Governance stacks on both the J2EE and .NET platforms. October 5, 2010 - 10:30 Room: 002

Best Practices for Testing SOA Based Systems Speaker: Guido Schmutz, Trivadis Day 1: SOA Governance The purpose of testing in general is to assess applications quality. Many approaches existing for traditional software systems can be adapted or even reused for service-oriented systems. Service-oriented testing has many similarities with component-based testing. But testing a SOA based solution is at least as important if not even more important than testing traditional software systems. SOA systems are often the backbone of an enterprise; they are used by many users so a failure will have a huge impact and visibility. Therefore you want to make sure that the different artifacts your SOA consists of are all tested and work correctly. This session will show where testing SOA system is different than testing traditional systems and what the challenges to be aware of are. SOA systems are inherently heterogeneous, which make testing them more difficult. The session will answer questions like •  How good is the support offered by the well-known SOA platforms?
•  Is the support good enough for real-world SOA projects?
•  How can we test services which are dependent on external services not available at testing time?
•  Is there an efficient way to mock such services?
•  Does testability have an impact on the design of services?
•  Are there any design patterns for improving testability of a service?
•  How do I test asynchronous, time-dependent services? This session we will present best practices for testing service-oriented systems and will show some real scenarios based around Web Services, Enterprise Service Bus and BPEL/BPMN. October 5, 2010 - 11:15 Room: 002

SOA Governance Using Policies Speaker: Andre Tost, IBM Day 1: SOA Governance To a large degree, SOA governance is about defining which decisions need to be made throughout the lifecycle of service-oriented IT solutions, and who makes them. These decisions are ideally supported by a well-documented set of rules and guidelines, or to use another term: policies. In this session, we will focus on the use of policies as a means of expressing, automating and enforcing business and IT rules. This includes the definition and description of distinct policy layers and policy domains, which allows structuring policies based on their key characteristics, how they are used and enforced and also depending on their target audience. Moreover, we can define the overall lifecycle of a policy in the enterprise. Having described the conceptual underpinnings of policy as a means of SOA governance, we will then describe how to implement an appropriate infrastructure and its key components. Finally, we will discuss the use of standards, most notably the WS-Policy standard, as a means of articulating policies within the context of this infrastructure. The content of this session is based on the upcoming book "SOA Governance", which will be formally released during the symposium, and for which the speaker is one of the co-authors. October 5, 2010 - 13:15 Room: 002

Service-Oriented Portfolio Assessment, Strategization & Scoping Speakers: Winnie Hua, CTS Inc. and Tony Shan, Keane Inc. Day 1: SOA Governance This talk presents a comprehensive enterprise approach for Portfolio Assessment, Strategization, and Scoping (PASS) in a service-oriented manner, which offers a systematic method to analyze the portfolio capabilities, diagnose the issues, identify the gaps, justify tradeoffs, discover the transformation options, design the blueprint, and define the roadmap scope. For a variety of reasons attributed to the immaturity of IT practices, dynamic nature of IT capabilities, and rapid pace of technology advance, large-scale IT environments constructed over years via internal organic growth or mergers/acquisitions typically end up with a heterogeneous complex mix of different generation solutions and disparate products that are inherently hard to manage, modify, or sustain. Statistically, over 70% of IT budget in big organizations are spent just to maintain the existing systems and applications. It is rare that an IT shop can readily adopt and implement emerging technologies without surgical changes in the process and organization, if it decides to introduce the more cost-effective solutions. To make the matter worse, it is not uncommon that many IT groups lack a comprehensive view of what they have and most stakeholders involved have only a siloed and limited understanding of a portion of the entire IT ecosystem that they are responsible for in the organization. It is not only important but also necessary to conduct a thorough assessment and diagnosis of the as-is environment, to lay out the foundation for systematic inventory, impact analysis, and cost-benefit evaluation, followed by strategic roadmapping and context scoping. To effectively tackle the disjointed activities and immature practices commonly seen in large-size portfolios, we take a hybrid method that combines the top-down and bottom-up disciplines. The top-down method is a structured decomposition and abstraction process using a model-driven approach (Meta, Domain, Portfolio, Contextual, Conceptual, Logical, Physical, Execution). It consists of three key components: Portfolio Inventory & Evaluation (PIE), Service-Oriented Roadmapping & Transformation (SORT), and Enterprise eXtream Program Optimization (EXPO). The bottom-up method inspects the individual services, systems, or applications at the detailed level from the group up, through pre-fabricated templates, questionnaires, and metrics. It is composed of three modules: Portfolio Application Rationalization (PAR), Portfolio Application Cost Effectiveness (PACE), and Technology Optimization & Solution Simplification (TOSS). Both top-down and bottom-up methods complement each other to crystallize the complexity of a portfolio domain from a multi-dimensional perspective, and further prescribe practical solutions to the challenges and pain points, such as outsourcing, rehosting, consolidation, modernization, replatforming, etc. Real-world case studies and solutioning examples are presented for illustration in the discussion. October 5, 2010 - 14:15 Room: 002

SOA Governance Transition Planning Methodology Speaker: Robert Laird, IBM and Achim Andreas von Roznowski, IBM Day 1: SOA Governance There are many aspects of SOA Governance and it is difficult to know where to start. This is true no matter what level of governance maturity one may already have. To optimize the SOA Governance experience, it is important to methodically assess the current state of governance in the organization and understand where governance change can reasonably be expected to be successful and have the most impact. To this end, IBM has developed a SOA Governance Capability Map that addresses the "Plan & Organize", "Program Management Controls", "Service Development", and "Service Operations" aspects of SOA Governance. These governance domains are further broken down into governance capabilities and thence into governance atomic actions. In this manner, it is possible to think about and assess the various aspects of SOA Governance in a manner that is repeatable and measurable. The results and decisions made are then used to create and drive a phased SOA Governance Transition Plan. The presenters will explain the methodology and then use real world examples to allow the attendee to get a practical understanding of how they may go about assessing their SOA Governance. A sample transition plan will be used to tie the SOA Governance assessment to practical next steps that the governance practitioner should be taking. October 5, 2010 - 15:30 Room: 002

SOA Governance at Vodafone: Trust and Control Speaker: Stephen Harrop, IBM and Pawel Maszczyk, Enable-U UK Day 1: SOA Governance Vodafone, one of the world’s largest mobile communications companies with operations in over 30 countries and 40 partner markets worldwide. In this talk, Principal SOA Architect at Vodafone, Stephen Harrop, and Enable-U Director, Pawel Maszcyk, will discuss the Vodafone SOA project and will further delve into the importance of SOA governance for achieving a balance of local market autonomy with the need for a corporation to act as a single, agile global entity. Enable-U, one of the implementation contributors to the Vodafone SOA project, will discuss configuration of the governance software, as well as corporate branding issues pertaining t system user interfaces. Current working practices will be described, along with how these practices can be modeled into tools to facilitate wide adoption. October 5, 2010 - 16:30 Room: 002

SOA Comparative Values Speaker: Sean Gu, IBM Day 1: Business of SOA In many an SOA project, the toughest thing might be: to change customer's mind-set, especially when the customer has no SOA experience or just superficial working knowledge. Then, how to make the SOA values stand out in a relatively short period of time? My experience tells: using a comparative method to explain SOA values is most effective. In this presentation, I will walk through some typical scenarios I presented to our customers during the initial stage of our landing project engagements to demonstrate that SOA makes a big difference and where SOA is different from traditional approaches. Depending on the customer's existing environment and skillset, such comparisons were usually customized to create an easiest association between customer's existing IT project practice and new SOA design and development process. I will compare SOA with traditional approaches from many perspectives, such as business agility, requirement analysis, business process modelling, methodology, architectural thinking, solution stack, programming interface, development approach, data access, performance, security, integration, project management and so on so forth. I will also present some SOA best practices as well as when to apply SOA or not. The presentation materials will be based on some of the real-life SOA projects. The audience is expected to benefit from the experience sharing of this presentation. October 5, 2010 - 10:15 Room: 009

The Business Architect - Pioneering the Business Models of Tomorrow Speaker: Linus Malmberg, Cordial Day 1: Business of SOA Today's complex business environment demands new tools and techniques in order to stay competitive and develop long term profitability. Flexibility is at the top of every CEO's agenda. The ability to create and deploy new business models is at the heart of every successful business. But, the competence needed in order to master business model innovation is scarce in most organizations. To stay ahead of the competition you need to develop skills matching these needs. The Business Architect excels in how to 1) bridge the gap between strategy and structures, 2) design and deploy competitive business models and 3) making business models come true. We have since 2007 trained and certified over 300 business architects in analyzing, innovating and transforming business models for their companies and their customers on a daily basis. Our certified Business Architect Program has proven essential to companies such as Ericsson, TUI, Sybase, PWC, Oracle, Nordea and many others. This inspiring and humorous presentation will introduce you to the world of the business architect and explain concrete approaches for bridging the gap between business and technology. With examples of contemporary and iconic business models Linus Malmberg will guide to a new way of viewing the world: The Business Architect's! October 5, 2010 - 11:15 Room: 009

It's the Team Culture, Stupid! Managing Dissonances is Key to SOA Success Speaker: Hajo Normann, HP Day 1: Business of SOA Team members and SOA program participants from middleware vendors, System Integrators (SIs), freelancers, cross-project centers of excellence and business stakeholders each have own backgrounds, mindsets and agendas. Heated debates start on arguments such as SOA vs. tight coupling, build vs. buy, paid middleware vs. open source, in house reference implementation vs. public ones. All these reflect core beliefs of project participants and thus dangerously bubble from blogosphere, articles and events such as the SOA Symposium into your project. Many of these beliefs stem from the experience made in the past. Some team members have worked in a batch world, others in Java, many are afraid of new SOA concepts and will argue that they will never work. Others are used to be in the driver seat for all architectural decisions and will oppose any architecture blueprint from vendors. It is crucial that SOA Program managers proactively understand, address and manage those differences in order to ensure SOA success. One way is to make the right decision on who should define the guidelines and references and lead a SOA Governance team that makes sure architectural decisions are followed thoroughly. The session introduces a "Sourcing & Vendor Relationships Strategy" for dealing with the different participants of a SOA program. This strategy helps to mitigate the differences and to asses and to manage the heterogeneous maturity levels. It aims to establish a potent and coherent core architecture team. The content of the presentation is based on experience in roles that were about mitigating between developers, architect, PMs, vendors and CxOs at large customers. October 5, 2010 - 13:15 Room: 009

What's the Business Value of SOA? Show it with KPI's Speaker: Daniel Adelhardt, Software AG Day 1: Business of SOA If you're in IT, you are being asked to deliver more business value than ever. Whether you already have an SOA in place-or you're just getting started with SOA-it is essential to prove business benefits. Today, measuring cost and revenue impact as well as other SOA metrics is vital to any leading organization. Measuring the value and tracking changes to these metrics are critical as your SOA grows and its portfolio expands. Recent surveys from Forrester Research show organizations are increasingly implementing SOA as a business enabler. Furthermore, recent Gartner research concluded that more than 60% of organizations said their SOA projects had a positive impact on their organization's ability to grow revenue and SOA projects generated positive returns, typically within 10 months. A proven way to demonstrate an SOA's business value is through Key Performance Indicators (KPIs). KPIs use a language your business colleagues understand: metrics. They give you the means to measure a return on your SOA investment and directly link SOA projects to real business improvements. October 5, 2010 - 14:15 Room: 009

Zero Investment SOA Speaker: Eric Jan Malotaux, Ordina Day 1: Business of SOA Many customers are dissatisfied with SOA. One of the reasons is that they have been asked to invest large amounts of time and money for the promise that after that, further development will be fast and cheap. In many cases, this promise has not been fulfilled. At least, (still) not yet. For others, matters have become worse: now they also wrestle with the additional complexity of a large assortment of inconsistent and unmaintainable services, an unwieldy ESB that nobody dares to touch, and performance problems. But actually these unfortunate results have nothing to do with SOA per se, but with the method by which it is introduced. There is nothing special about SOA among other architectural styles, and there is no reason why it should have to be introduced in a BDUF (Big Design Up Front) way. This presentation will show how it is possible to introduce SOA - and by the way, any other change in architectural style - incrementally and iteratively, where each increment returns business value on its own that is greater than the investment. Of course this is not literally zero investment, but at least there is no need to involve management in the undertaking by asking for an investment in something they should not have to worry about: software architecture. October 5, 2010 - 15:30 Room: 009

Measuring the Business Value of SOA Speaker: Anne Thomas Manes, Gartner Day 1: Business of SOA Many organizations struggling to demonstrate the business value of their SOA initiatives. The prevailing sentiment among businesspeople is that SOA costs a lot and doesn't deliver. IT groups now face an uphill battle. They know that SOA is necessary, but the business groups that hold the purse strings don't want to pay for it. This session will describe the benefits generated by a SOA initiative and provides a framework for defining credible metrics that resonate with business people. October 5, 2010 - 16:30 Room: 009

BPMN - An Experience Report Speaker: Jakob Fruend, Camunda Services GmbH Day 1: BPM, BPMN and Service-Orientation The BPMN promises Business-IT-Alignment of business processes. I show based on concrete project reports how the standard can be applied successfully and explain typical problems and lessions learned. Besides topics like process documentation and requirements engineering we want to have a special look on how the BPM-Roundtrip with BPMN 2.0 can look life in real life. October 5, 2010 - 10:15 Room: 005

"Modeling" Net Centric Integration and Execution with BPMN 2.0 DoDAF Persona Speaker: Sumeet Vij, SAIC Day 1: BPM, BPMN and Service-Orientation Current Issues with Department of Defense Architecture Framework( DoDAF): DoDAF aims to provide a framework for developing architecture artifacts and models which can be understood and reused across the US Department of Defence (DoD). Despite the mandate, DoDAF artifacts face roadblocks in being effectively used across different Joint Capability Areas (JCA). This is due to the lack of uniform representation for the same semantic content, the difference in modeling languages and modeling tools. SOA not easily connected to a DoDAF model: On the other hand, the focus on Net-Centric operations has led to a proliferation of Services in the (DoD) enterprise. Nonetheless, the Services have not necessarily been designed to be used across mission areas. The increased need for Joint Operations and reuse will dictate that new processes be created across traditional areas and these Services be used to provide the required functionality. DoDAF models can't be easily used to represent SOA. Business Process Modeling Notation (BPMN) 2.0 : BPMN 2.0 addresses these issues by providing a standard format for graphical modeling of processes with a Persona for DoDAF. This allows a consistent representation better understood by collaborators across the DoD and it is in a format that they are already familiar with. As BMPN 2.0 has a mapping to BPEL, Services that are part of the SOA can be utilized to execute part of the process model. The Presentation will highlight the above points and clearly illustrate how BPMN 2.0 with the DoDAF Persona can fill the need for uniform representation across the DoD. October 5, 2010 - 11:15 Room: 005

Deriving Agility from SOA and BPM - Ten Things That Separate the Winners from the Losers Speaker: Manas Deb, Oracle and Clemens Utschig, Boehringer-Ingelheim Day 1: BPM, BPMN and Service-Orientation In today's information age, competitive landscape can change very fast. Thus, businesses need and crave agility - they want things done faster than the competition in order to stay ahead of the game. For agility to be really meaningful, it must address both planned and unplanned events. Also, to be competitive, a business must attain, sustain and grow its agility efficiently. Both SOA and BPM, individually or in combination, have the ability to significantly boost a company's agility. However, it takes careful considerations at various levels of an organization to successfully adopt SOA and BPM, and to derive competitively greater agility. Thus, only a small percentage of those who implement SOA and BPM related projects do actually achieve this goal. The enablers of agility span an organization's culture and behaviour, its business and technology architectures, and its practices. Using practical considerations and drawing upon customer experiences, this presentation will discuss ten strategies and actions that are among the top of the list of things that a company must consider to be a winner in deriving agility from SOA and BPM. For these strategies, the presentation will cover underlying concepts, key implementation aspects, and common pitfalls along with recommendations for how to sense and avoid them. October 5, 2010 - 13:15 Room: 005

BPM: Top Seven Architectural Discussions in 2010 Speaker: Hajo Normann, HP Day 1: BPM, BPMN and Service-Orientation BPM gets real with the current finalization of the BPMN 2.0 spec. Large projects start. Discussions arise that are not yet covered in BPM books. The topics currently debated draw a vivid picture of the state of BPM in 2010:  • Business-IT-Alignment: Can we finally reach the goal of a direct mapping from business model to executable processes? How can we deal with impedance mismatches that are inherent in the different views of business analysts and developers? How do we get from existing process models to ones that are executable?  • Main Process, sub processes and task flows – where is the business beef? Surprisingly the potential for process reengineering is often at the finest, the activity or even task flow level. Here we find the manual steps that can be automated. What modelling approaches are valid at this level?  • Lanes, Pools and tools: How to deal with interactions between process participants? What can we learn from approaches outside BPMN such as WS-CDL?  • When we just cannot nail it down in models: How can we deal with ad hoc processes? What role does the emerging notion of "Event driven Networks" (EDN) play?  • Process Models should look familiar: Establishing modeling guidelines and the emergence of "BPM Governance"  • New Processes need to be integrated with existing workflows in ERP and bespoke systems. How can we establish a "Central Task Management" (CTM), an often overlooked core component of BPM?  • The end user is not a service: How to create human friendly workflows? October 5, 2010 - 14:15 Room: 005

Agile BPM - Impossible? Speaker: Robert Gimbel, Camunda Services GmbH Day 1: BPM, BPMN and Service-Orientation Agile paradigms, like e.g. Scrum, criticize classical waterfall based models. Agile methods have proven already useful in software development projects, but can they be applied in Buisness Project Management projects? In this session we report how we use agile paradigms for BPM projects, more precisely in the modeling and technical implementation of processes. We try to answer the questions what may be show stoppers and to which kind of projects this approach can be applied. October 5, 2010 - 15:30 Room: 005

Open Source Process Execution Speaker: Nils Preusker, Camunda Day 2: BPM, BPMN & Service-Orientation BPMN has become accepted for process modeling, open source process engines get mature and start talking BPMN. New projects like Activiti emerge and well-established projects like JBoss jBPM change. So this session tries to summarize the current status, have a look at which engines may fit in which kind of projects, how mature they are in real life projects, they should be really used and what the future may bring. October 5, 2010 - 16:30 Room: 005

A Multi-Domain Modularization Approach for Achieving More Organizational Agility Speaker: Linda Terlouw, ICRIS Day 1: Modeling from Services to the Enterprise By applying the service-orientation design principles organizations can redesign their IT environment to deal with ever changing market demands. One of the main notions behind these principles is the notion of modularity. Yet, only applying these service-oriented design principles by no means automatically results in a more agile organization as a whole. Though agility of the IT environment is conditional to getting a more agile organization, it is not sufficient. In this presentation we'll look at the notion of modularity taking a multi-domain approach. A module is a unit whose structural elements are powerfully connected among themselves and relatively weakly connected to elements in other units. A multi-approach means that we look how we can make the total organization more agile by introducing modularity in different areas, i.e. domains. These domains include products, business processes, organizational structures as well as the IT environment. We'll demonstrate how to use the notion of clustering to minimize the dependencies within and between domains. In other words, we apply the principle of maximum cohesion and minimal coupling to different aspects of the organization. After explaining the multi-domain modularization approach, we will give a demonstration using an example. This work presented is partly based on experiences from practice and partly on PhD research conducted at the Delft University of Technology. October 5, 2010 - 10:15 Room: 004

SOA and Standard Software: Not Yet a Natural Fit Speaker: Helge Buckow, McKinsey & Company and Dr. Wolfgang Mai, Deutsche Post BRIEF Day 1: Modeling from Services to the Enterprise

The SOA Innovation Lab has investigated the use of standard software packages in a service-oriented context and will present the findings in this session.

The SOA Innovation Lab is a community of over 16 large companies in Germany with the goal to build expertise and explore new approaches within large corporate IT users to develop flexible and efficient IT application landscapes by means of Service-oriented Architectures (SOA) and other methods of Enterprise Architecture Management (EAM).

The growing complexity of IT landscapes is a challenge for many members of the SOA innovation lab. A large number of standard software packages - mostly extended and modified - individual software solutions, legacy applications, and different infrastructure components lead to high cost and limited ability to respond quickly to new business requirements.

The SOA innovation lab has identified typical use cases and user requirements that users encounter when dealing with a SOA approach in a heterogeneous environment. In addition, a SOA architecture maturity framework has been developed that allows to assess the SOA maturity of a standard software package. Based the user requirements and the maturity framework, the SOA capabilities of products from different vendors have been evaluated and a discussion with the vendors have been initiated.

The session will introduce typical SOA use cases, introduce an overview of the assessment and explain the key findings from the discussion with the different standard software vendor packages.

October 5, 2010 - 11:15 Room: 004

Overview of BIAN's Semantics-Focused SOA Architecture Speaker: David S. Frankel, BIAN Day 1: Modeling from Services to the Enterprise The Banking Industry Architecture Network (BIAN) is developing a common architecture to facilitate interoperability among heterogeneous software components within a bank's application landscape. BIAN's approach to standardisation is somewhat unusual in that it focuses on semantic interoperability and not on defining technical wire-level interoperability formats. This presentation explains the motivation for this approach, and describes the fundamentals of the architecture. Topics covered include: •  How lack of semantic alignment has hindered interoperability in heterogeneous systems
•  How BIAN identifies common service components, based on a service centre model
•  An overview of the common service components that BIAN has identified to date
•  How BIAN describes service contracts in a manner that focuses on semantics
•  How BIAN's standardized semantic service specifications can provide value to banks and banking software vendors despite the fact that BIAN does not produce lower-level technical interoperability standards
•  How each bank can assemble service components in its own way, such that the assembled landscape reflects the structure of its business
•  An overview of the BIAN metamodel, including an explanation of the role that the metamodel plays in the architecture and the techniques used to define the metamodel
•  The effort BIAN is making to build a business vocabulary, and to apply the business vocabulary to the service definitions in a disciplined manner that aligns with semantic metadata standards now coming on line in several industrial sectors including manufacturing, retail / consumer products, and financial services. October 5, 2010 - 13:15 Room: 004

SOC as a Foundation for Autonomic Business Process Management Speaker: Paul Buhler and Dominic Greenwood Day 1: Modeling from Services to the Enterprise Contemporary views of Service Oriented Computing (SOC) provide a foundational framework for advancing the notion of autonomic business process managment. The modern enterprise demands an IT systems architecture that directly enables the rapid and efficient modeling and execution of its business processes; however, unlike previous static approaches to structured process definition and execution, newer approaches are needed for the creation of dynamic processes. The unification of distributed computation, event-based interaction, and purposeful real-time assembly of operational logic allows the creation of processes that are flexible and responsive to the changing needs of business, while preserving the integrity of day-to-day business operations. Distributed computation is delivered via the now widely adopted SOC paradigm which allows software to be deployed as connectible fragments of application logic; promoting re-usability, dynamic assembly and collaboration. The most efficient means of interaction between these fragments is event-based communication because, pragmatically, services are reactive to events by design, but more fundamentally because events are the connective tissue that binds all loosely-coupled communication, whether human or computational. The final, and critical, facet is the purposeful real-time assembly of operational logic. This is achieved through the use of goal-oriented process modeling and automation which directly codifies applications as processes that must always achieve a prescribed purpose, defined as a hierarchy of goals. Technically this demands that applications be operationally focused on achieving their purpose, or goal, while supporting sufficient structural agility to change when necessary. Change is accomodated through the agile assembly of appropriate application logic in real-time. The use of goal-oriented processes to define the structure of application logic in this manner is of particular benefit toward managing the fluid creative processes that often define the key business differentiators of an enterprise. October 5, 2010 - 14:15 Room: 004

Using Domain Specific Language(s) to Simplify Creating SOA Artifacts Speaker: Guido Schmutz, Trivadis Day 1: Modeling from Services to the Enterprise This session will show how a Domain Specific Languages (DSL) can help to simplify the creation of SOA artifacts. A Domain Specific Language (DSL) is a "mini-language" built on top of a hosting language that provides a syntax and semantic to represent concepts and behavior of a particular domain. The idea of a DSL is to add an additional abstraction by enabling "programming" on a higher level in a simple and natural syntax. By that the complexity and the amount of code can be significantly reduced, which has a positive effect on the readability and maintainability of the code. At a given point, usually during development, the DSL are translated into runtime code, which uses the underlying language and its libraries. The idea of generating code based on a model is not new and has been around for quite a while (i.e. MDA = Model Driven Architecture). MDA mostly tried to generate complete solutions based on an UML model whereas with the DSL approach often textual languages are used and only parts of a solution are generated (i.e. MDSD = Model Driven Software Development). Nowadays with i.e. Eclipse XText a very strong tooling support is available to implement and use Domain Specific Languages in a user-friendly way. So how does a Domain Specific Language relate Service-Oriented Architectures? For the design and implementation of Business Processes, SOA already provides two modeling languages, BPEL and BPMN, which in the latest version are both executable. So in this area, there is no (immediate) need for an additional abstraction. But in the area of implementing the service interfaces (WSDL) itself with the corresponding data types in XML Schema there is quite a lot of repeating and rather time consuming code to write. The graphical tooling support of the IDEs available today for implementing WSDL and XSDs are also not that helpful for writing good and solid service contracts. This is the area where a simple and easy to use DSL can have an impact in both making the design and implementation of service contract easier and quicker. Important concepts like service versioning, extensibility, compatibility, naming conventions can be built into the DSL and applied by the generator, guaranteeing the repeated and standard implementation according to best practices. The session will show a first version of a DSL based on Eclipse XText, the tooling provided with it and the way to generate the necessary XSD and WSDL artifacts. This will hopefully start a discussion about how useful such a DSL based tool chain is and how it could be applied in practice. October 5, 2010 - 15:30 Room: 004

Rules-Driven Business Services; Flexibility within the Boundaries of the Law Speaker: Art Ligthart, Ordina and Audrey Theunisz, IND Day 1: Modeling from Services to the Enterprise The Dutch Immigration and Naturalisation Service (IND) is renewing its organization, business processes and complete IT landscape in the renewal program "INDiGO". The new information system is a knowledge-based, service-oriented system, build of standard components (Siebel, FileNet, Oracle Fusion Middleware) and a rule-engine (BeInformed). The rule-engine contains knowledge on relevant law, regulations and policies and offers this knowledge 'as-a-service' (KaaS). But the rule-engine also contains knowledge on the process flow, i.e. the order in which the 150 Business Services are executed. At any moment in time, the rule-engine can be consulted to provide those Business Services which are relevant to the specific case and customer at that specific moment. This creates a highly flexible system: changes in law and regulation, and procedures can be changed and implemented very quickly through the use of the rule-engine. Moreover, the system is event-driven (EDA): events that have an impact on the flow (the decision making process) can be evaluated as they occur. Last but not least: INDiGO is designed to support highly skilled, professional end- user, who remains in control at all times. The INDiGO application won the prestigious NAF-award for best IT Architecture in the Netherlands in 2009. The presenters will showcase the application and share best practices on the use of rules and a methodology to define Business Services. October 5, 2010 - 16:30 Room: 004

Using a Service Bus to Connect the Supply Chain Speaker: Peter Paul van de Beek, Whitehorses Day 1: Real World SOA Case Studies

In this presentation we will discuss a live case where we implemented a Service Bus to connect the information flow between organizations in a Supply Chain. The Wholesaler in this case wants to gain insight into near real-time logistic, and financial data from affiliated and owned retailers. These use several POS and other information systems to administer the relevant data for their business processes. Needless to say that these all have their own way to perform functions, and store data. In order to be relevant, a complete coverage of the logistic and financial data is needed.

In the session we will discuss how we as, architects and developers, used SOA Design Patterns to fulfill the requirements, and to overcome the challenges that occur when bringing a solution like this into the real world. In addition to this insights on how to deal with politics, and the incremental rollout strategy will be shared to help you in your projects.

Based on the experience of both this case, and our other integration and SOA projects, we will give you details on implementation specifics ranging from how to deal with large messages to security, and from tracking messages (did we receive all messages) to availability.

October 5, 2010 - 10:15 Room: 006

Registration of Rights - A Visionary Public SOA-Project Speaker: Henrik Hvid, Devoteam Day 1: Real World SOA Case Studies Since 1551 have registration of rights to land property been an entirely paper based process. But from september 8th 2009 is it solely allowed to register rights by sending a digital document (in XML) signed with a digital signature. The solution is a External Service Oriented Application, as the application receive all XML-documents via web service request directly from the internal systems of financial institutions, lawyers, cadastral companies etc.. The received document goes through a process where services makes automated legal decisions and the result is also send as a business events to subscribers of the particular property (Event Driven SOA) The business case has a payback period of 2-3 years for the Danish Courts, but the impact on the Danish society is even bigger, as you immediately will be informed whether you can obtain the expected security in the property It is one of the most visionary public projects that has successfully been implemented using SOA - techniques. October 5, 2010 - 11:15 Room: 006

Towards a Federated Government Service-Oriented Architecture Speaker: Jean-Paul De Baets, Fedict Day 1: Real World SOA Case Studies Today, most government agencies and partners of e-government in Belgium have started some kind of SOA initiative, with various levels of SOA adoption and maturity. This results in the emergence of disparate service inventories governed and standardized in many different ways. If we look at this from an enterprise (or government) point of view, those can be viewed as different heterogeneous domain inventories. From a service consumer prospective this situation brings extra complexity especially when they need to compose services coming from different inventories. To help reduce this complexity, Fedict has established the Federal Service Bus (FSB). The main objective of the FSB is to federate those domain inventories by providing extra layers of services that are standardized and governed in the same way. These extra layers abstract the different domain inventories and enable to create cross-domain compositions that are typically needed in most e-government processes. This session will present this architecture in details using a real life example. Based on this example we will show how some SOA design principles and patterns where applied. We will focus on the benefits achieved but also on the issues we faced, covering technical but also organisational, legal and practical aspects. October 5, 2010 - 13:15 Room: 006

Implementing SOA at Multiple US Government Sites: Best Practices & Lessons Learned Speaker: Dov Levy, Dovel Technologies Day 1: Real World SOA Case Studies For the past few years, we hear many experts say that SOA can be a "game changer" for the US Government. Despite this we don't see much evidence of wide spread adoption - how come? How can we move from inaction to action? What are some of the lessons learned? There are many factors, among them: •  One of the key components of SOA is the architecture, however, many organizations' infrastructures lack a clearly documented architecture
•  Another important aspect is the fact that, if a solution is to be implemented using services which are shared by multiple organizations, Program Management (PM) may feel that they can't control the various services with respect to quality, schedules, changes, budget. They may elect to duplicate the functionalities in that specific silo to ensure that the totality of the solution can be controlled and delivered as planned
•  Another area of concern is security; if a solution needs to make use of multiple services, how can the security be guaranteed? How can PM fee l comfortable that security is addressed?
•  A final cause for concern to PM is the service level; since PM is responsible for delivery of a solution to end-users with specific up-time requirement reliance on multiple services with "unknown" up-time can be a bit scary. So, with multiple areas of concerns, what is the benefit of re-using existing services? The answer is the "time-to market" factor as well as the lower cost of implementation and the improved quality because the services are used multiple times and therefore are continuously improved. So, what is a practical way to move forward? Dovel has observed several challenges that hinder wider adoption of SOA across the federal government. In this section, we describe a practical way forward which we believe can help increase time-to-market across the government. We believe that a critical facilitator for SOA adoption is to have a wide road map and to implement in small, measurable increments. Lessons Learned from each implementation should be folded back into the plan thus making it into a document that can adapt to the situation on the ground. What does it mean to implement small? Implementing a SOA infrastructure before there are any services or any identifiable business needs is like putting the cart before the horse. It just won't happen as there will not be any push to get anything done. A more practical approach is to develop a SOA Implementation Strategy Document (a good example is the SOA Implementation Strategy Document developed by the DoD Business Transformation Agency), to identify two organizations with some overlapping needs, and to figure out what basic SOA Infrastructure is needed to deliver the capabilities to both organizations. This will definitely reduce the time-to-market and will increase the likelihood for success. Better yet, maybe there is a need to move data between systems and it becomes clear that this can be accomplished more efficiently by implementing a web service in one system and allowing the second system to use this web service. This demonstrates to the organizations how re-using technology can reduce cost and improve time-to-market which creates the enthusiasm and buy-in needed to advance The experience gained from the implementation exercise should be included in the strategy document thus creating a manual to be used by groups that would like to start sharing capabilities. As implementation continues, it will point to some additional capabilities in the SOA infrastructure. This is the right time to implement these not earlier! Once initial success is achieved, it can be build on incrementally; services can be added and the SOA infrastructure can be improved to accommodate new needs. For the benefit of others, it is important to continuously keep updating the strategy manual based on lessons learned. October 5, 2010 - 14:15 Room: 006

Service Orientation in the Dutch Government - A Case Study from the City of Rotterdam Speaker: Lonneke Dikmans, Approach Day 1: Real World SOA Case Studies The city of Rotterdam has organized her products and services in line with the Dutch government reference architecture (NORA) and the local government reference architecture (GEMMA). One of the base principles of both reference architectures is service orientation. The municipality puts a lot of emphasis on reuse, standardization and "just in time, just enough architecture". The city of Rotterdam started the service orientation effort by focussing on two large programs: one involving a new law around permits and one around the citizen products and services. In this presentation the first steps on the road to service orientation are analyzed from three different perspectives: architecture, projects and operations. In the architecture portion the target architecture of the municipality is explained. The project perspective includes the technical choices and challenges that projects face when realizing parts of the architecture. The operational perspective looks at the SOA effort from both a technical view: "what happens if a server goes down", as well as a business view: "what do I need from this service?" Last but not least the principles and governance principles that were identified as we went, to get a grip on the services are discussed. These principles are put in place to make sure that the goals of the municipality are reached: customer intimacy (customer service excellence), flexibility and operational excellence (cost saving). October 5, 2010 - 15:30 Room: 006

SOA & Interoperability in the Nicaraguan Public Administration Speaker: Yves Chaix Day 1: Real World SOA Case Studies Recently, the Ministry of Finance of Nicaragua commissioned the elaboration of a proposal for interoperability policies and standards based on the EU Interoperability framework. But the initial norms and standards based on this framework in both Brazil and Colombia mainly focused on technical interoperability, and hardly mentioned Web services. The Office of Technology subsequently adopted SOA and Web services. The Prentice Hall Service-Oriented Computing Series bibliography provided most of the necessary elements, and SOA design principles were used to generate a set of policies. The design patterns also yielded organizational standards, thus creating a SOA-based set of recommendations, with interoperability now one of the several results of the broad application of the service-orientation paradigm. October 5, 2010 - 16:30 Room: 006

Federated SOA Security Example from the Dutch National Healthcare Exchange Speaker: Bob Schat, Principal Solution Architect, CSC Day 1: SOA & Cloud Security

To modernize its healthcare information networks, the Netherlands instituted a large governmental project called AORTA to facilitate the exchange of patient information between healthcare institutions. The central element of the AORTA architecture is the Landelijk Schakel Punt (LSP), the Dutch National Switchboard for healthcare. The LSP routes information and provides a central "pointer index" to the patient's records in the local healthcare information systems--the information actually stays at its source, in the systems of hospitals, general practitioners, etc. All communication is done by SOAP/XML, using the Health Level Seven (HL7v3) standard that is used in healthcare worldwide. Identity federation and SOA security was implemented using XML Gateways from Layer 7 Technologies.

When the project started in 2005, access to information and use of the LSP was restricted to healthcare providers who identified themselves with a smartcard that authenticated the information and credentials of each healthcare professional. After some years the Dutch government has added new requirements for connecting federated user groups that include civil servants and citizens. The LSP had to find a way to authenticate these federated credentials for access to the LSP in a secure and reliable way. A "Generic Authentication" system was developed to which all users connect first. The "Generic Authentication" takes care of the identification and authentication of all different means of access and -provided that authentication was succesful- hands over the requests to the core of the LSP where -as next step- autorization takes place. If the results of the autorization phase are sufficient the LSP takes further care of the request.

This case study provides a salient example of how to extend an IT system to new user groups while maintaining a consistent security posture for federated SOA environments using XML Gateways. It will explain the use case in a way that is accessible to all conference attendees. The solution is potentially a source of inspiration for projects in industries because federated SOA security problems are ubiquitous obstacles.

October 5, 2010 - 10:15 Room: 007

Secure Navigation Through The Cloud Speaker: Holger Kisker, Forrester Day 1: SOA & Cloud Security IT mega trends are supporting the market push toward cloud computing. Underpinned by both technology and economic disruptions, the cloud will fundamentally change the way technology providers engage with business customers and individual users. But, at the moment, most customers are suffering from cloud confusion as vendor marketing stretches the term "cloud" across a wide variety of capabilities and, worse, fails to explain the potentials and the limitations of cloud computing in a well-structured way. Unfortunately, misuse of the word "cloud" by so many vendors has been a significant roadblock to cloud computing adoption because it causes customers to tune out and creates unrealistic expectations that are impossible for vendors to meet. This session will introduce a cloud taxonomy that brings clarity to the many different aspects of cloud computing including the private cloud, virtual private cloud, and public cloud across infrastructure, platform, software, and business processes. What is the market size of cloud computing today? Based on the introduced taxonomy, the market opportunities for IaaS, PaaS, and SaaS, for example, will be discussed for companies interested in enhancing their portfolio of deployment models including cloud services. What is the future of cloud computing? Forrester Research sees cloud computing is a sustainable, long-term IT paradigm, and the successor to previous mainframe, client/server, and network computing eras. This session will offer three distinct scenarios on how cloud computing will develop over time, including the vision of a new level of cloud computing - collaboration-as-a-service. October 5, 2010 - 11:15 Room: 007

SOA Security - Architecture Patterns and Organizational Issues Speaker: Dirk Krafzig, SOA Park Day 1: SOA & Cloud Security This talk provides an overview of up-to-date concepts of SOA Security. It points out that two major paradigm shifts are necessary at the same time. First, the speaker describes that modern distributed architectures require token based security rather than session based mechanisms. Second, this talk describes why role-based approaches that are based on a comprehensive business process model are preferable compared to an application based assignment of access rights to individual resources. Moving to a token and role based security model also has impact on the organization - for example cross-departmental boards must establish a role model or security architects must define technical standards that are mandatory across the enterprise. October 5, 2010 - 13:15 Room: 007

SOA Threat Modelling: Attacking and Defending REST, XML and SOAP based Services Speaker: Jason Macy, Crosscheck Day 1: SOA & Cloud Security Services-based application integration pulls corporations towards "opening up" internal systems for other systems to call into whereas security pulls a company towards "locking down" business information. For successful integration projects, ease-of system integration without compromising security is paramount. Enterprises invest significant resources toward securing their infrastructure through threat identification and mitigation. However, typical threat analysis within companies focuses on network security with little or no knowledge of REST, XML or SOAP. Since such content is dynamic and actionable, malicious users can insert and alter application data, creating fraudulent transactions. In this session, attendees will learn techniques for identifying SOA security threats such as SQL Injection, Denial of Service, SwA Malware, and XSD Mutation. Beyond attack vector identification and classification, counter-measure techniques will provide SOA professionals the foundation for mitigating exposure to identified SOA security threats. October 5, 2010 - 14:15 Room: 007

SOA Security in Practice Speaker: Nicolai Josuttis, IT Communication Day 1: SOA & Cloud Security In a commercial SOA landscape security is an important issue. However, the different topics, threads, and approaches look like a real mess for those who jump into this topic. In this talk, Nicolai Josuttis refers about some real-world experience of the requirement to introduce privacy, security and reliability into a SOA landscape. You will learn how hard it is to find the right approach, standards, and level of security in companies with hundreds of systems, thousands of employees, and millions of service calls per day. October 5, 2010 - 15:30 Room: 007

Protecting Your SOA Web Services in 45 minutes -
A Practitioner's Guide to Architecting and Implementing a Security Framework for Your Web Services Speaker: Isabelle Mauny, Vordel Day 1: SOA & Cloud Security In this session Isabelle will demonstrate a best practice approach to implementing a security framework for protecting Web Services deployed as part of a Services Oriented architecture and also provide a live demo of enforcing a policy to protect a Web Service - all inside 45 minutes. Set against the backdrop of an organization's overall IT infrastructure, she outlines the archetypal IT components of a SOA implementation and specifically hones in on the elements essential to securing the delivery and access to the composite applications back-ending an organization's Web Services. Not only will this presentation provide the audience with a blueprint guide to managing their Web Services - but in a live, hands-on demo, Isabelle will show the delegates how to create a security policy, leveraging many of the products and applications typically encountered in the depths of the IT architecture and apply this to the Web Services' traffic. October 5, 2010 - 16:30 Room: 007

BI and Data Management in a Cloud Computing Environment Speaker: Mike Ferguson, Intelligent Business Strategies Day 1: Real World Cloud Computing Case Studies This session looks at the implications of deploying BI systems on a cloud and the implications and what is needed to keep these systems integrated with on-premise applications. The session looks at the following: •  What is Cloud Computing and why use it as a deployment option?
•  Cloud requirements for a BI system
•  Pros and cons of deploying on the cloud?
•  Getting data into a cloud based BI system
•  Managing access to cloud based BI systems and analytic applications
•  Integrating cloud based BI systems with on-premise systems
•  Management of cloud and on-premise data
•  The BI SaaS and Cloud Marketplace
•  Dos and Don'ts
•  Getting started with Cloud based BI October 5, 2010 - 10:15 Room: 008

Ahead in the Cloud with Amazon Web Services Speaker: Matt Wood, Amazon Day 1: Real World Cloud Computing Case Studies Since 2006, Amazon Web Services have been providing on demand, pay-as-you-go infrastructure to businesses of all sizes via web service calls. This talk will introduce the Cloud platform offered by Amazon Web Services, from scalable storage services such as S3 and SimpleDB to high scale compute with EC2. We'll aim to cover: •  Architectural best practices for the Cloud
•  Designing for failure
•  Loose coupling
•  Security in the Cloud
•  Integrating systems in the Cloud
•  Utilising Availability Zones
•  Autoscaling and monitoring
•  Burstable capacity and the Virtual Private Cloud Using real life case studies, we'll explore the high level overview of the cloud, and deep dive into technical aspects of elastic computing. This talk is suitable for all, including those new to Amazon's infrastructure services, to those who are already deploying high availability services in production. October 5, 2010 - 11:15 Room: 008

Requirements for Extending Enterprise SOA to Public Clouds Speaker: Mamoon Yunus, Crosscheck Day 1: Real World Cloud Computing Case Studies Federated SOA is a pre-requisite for a successful cloud computing strategy. Without the fundamental tenants of federated SOA - federated identity, interoperability, message hygiene, security and reliability - companies lack the foundations for building a robust enterprise-to-cloud governance platform. On the other hand, for companies that have implemented successful federated SOA with external SaaS integration, extending their infrastructure to public clouds - specifically IaaS providers - becomes a logical evolution of their enterprise infrastructure. The extension of enterprise infrastructure to IaaS vendors requires careful analysis. Selecting the appropriate IaaS providers as well as establishing a secure, flexible and reliable enterprise-to-cloud gateway is a necessary pre-requisite for enterprises serious about leverage the benefits of cloud computing. However, beyond qualitatively appreciating the benefits of cloud computing, IT executives lack the ability to quantitatively assess the risk reward structure of which application should be migrated from the enterprise to a cloud. In this session, we will explore the following key concepts: a) basics of federated SOA as a necessary pre-requisite for extending your enterprise to the cloud b) analysis techniques for selecting IaaS vendors that suite your corporate policies and technology requirements, and finally, c) understanding run-time and management issues in building and maintaining an enterprise-to-cloud gateway. October 5, 2010 - 13:15 Room: 008

Scale as a Competitive Advantage Speaker: David Chou, Microsoft Day 1: Real World Cloud Computing Case Studies The Web presents a massive collection of capabilities and data, as well as an even greater amount of "ambient" data (such as our activities on the Web) that can be leveraged to derive into some form of intelligence. And the ability to harness such data and spectrum of services can present a significant competitive advantage. However, designing applications that operate at Internet-scale has a lot more to do with making sense of the massive data and providing intuitive ways to interact with that data, than being able to serve requests given the user demand. In this session we will discuss why scale is an important consideration for building next-generation applications, explore the architectural considerations on designing Internet-scale applications, techniques for achieving scale for various scenarios, a few case studies, and how cloud platforms can be leveraged to build such applications. October 5, 2010 - 14:15 Room: 008

Cloud Computing Experiences from Down Under Speaker: Anna Liu, NICTA Day 1: Real World Cloud Computing Case Studies Despite the geographic distance and isolation from the major global scale cloud data centres, Australians are very curious and excited by the potential benefits of cloud computing. The leading Australian ICT research institute NICTA has embarked on R+D services for various Government and Financial Services organisations in Australia, in evaluating various aspects of cloud computing, ranging from the business opportunities, risks through to technical qualities such as performance, scalability, availability and developer productivity of leading cloud platforms. Dr Anna Liu, Principal Researcher from NICTA will present some of the lessons learnt from these large Australian enterprises, who are early cloud computing adopters and evaluators, sharing with the audience the various proof of concept details and evaluation findings. We also present some interesting and unique challenges Australians have in adopting cloud computing. October 5, 2010 - 15:30 Room: 008

Using the Cloud for Innovation Speaker: Erik van Ommeren, Sogeti VINT Day 1: Real World Cloud Computing Case Studies Crowdsourcing, Innovation and Cloud computing: these hot trends came together when Sogeti wanted to start a large strategic innovation project and looked for a way to support it with technology. Using a dedicated Cloud solution to hold a unique online event for 20000 visitors, the benefits of cloud computing were immediately clear. In this session we will talk about this event, the cloud solution that was used and the follow up: what happened next. We will discuss the benefits but also the downside of using the cloud for this situation and what you could learn from it to apply in similar projects. We will talk about quick-wins, long term ambitions and how to combine the two. Part of the content of this presentation will come from the book "Collaboration in the Cloud" that explores this topic more closely. October 5, 2010 - 16:30 Room: 008

Large Scale Cloud Architectures Speaker: Anthony Assi, Logica Day 1: Cloud Computing Architecture Standards & Technologies After having surveyed the major Web Architectures from the major players, such as Facebook, Linkedin, Twitter, Wikipedia, youtube, ebay, Flickr, etc; thus demystifying what technologies and techniques are at their heart, the presenter will show you all the secrets behind building such platforms, and reveal all the secrets behind those Cloud architectures. Attend this presentation in order to understand how the big websites deal with their bottlenecks, what innovative solutions did they put in place and to which extend can YOU be inspired by these. The presenter will also present heavy materials on the common trends and know-how for Information Systems platforms that need to meet high requirements in performance, scalability and availability. These outcomes should open the door to a new phase in your architecture design, whether it is based on SOA or Cloud Computing. Attend and get inspired how you can transpose them to your business! October 5, 2010 - 10:15 Room: 003

SOA Design Patterns in the Cloud Speaker: Herbjorn Wilhelmsen, Forefront Consulting Group Day 1: Cloud Computing Architecture Standards & Technologies There is always the risk, when adopting any new technology, that lessons already learned and paid for will have to be relearned and refinanced all over again. The SOA design patterns catalog represent a body of valuable lessons that have been learned and can be leveraged as building blocks for cloud-based implementations. SOA design patterns can help cloud service developers build more useful, flexible and evolvable solutions, while also helping developers avoid some of the most critical pitfalls associated with the still-evolving cloud platforms.

This presentation will show how the maturation of service-orientation has paved the way for the creation of flexible cloud services that can be shaped, tuned, and reliably deloyed with the help of specific SOA design patterns" October 5, 2010 - 11:15 Room: 003

Cloud 2: The Next Logical Step for Cloud Computing Speaker: Matthew Friend, Salesforce Day 1: Cloud Computing Architecture Standards & Technologies This session with demonstrate how the next generation of cloud computing has evolved from from a virtualized infrastructure to a collaborative platform that focuses on providing cost effective and secure business applications. October 5, 2010 - 13:15 Room: 003

The Effects of Automation in the Ecosystem Speaker: Dave Nielsen, CloudCamp Day 1: Cloud Computing Architecture Standards & Technologies In this session you will learn why Cloud Computing (aka "Cloud") is not just a buzzword, but an inevitable movement based on the effect that limitless automation is having on our IT systems. Cloud is drawing us into a new age of scale & automation, reshaping the way business uses technology around the world. If you're a startup, developer, ISV, VAR, managed service provider, manager of an IT department, and especially if you are an executive ... you need to see this presentation so can learn how to take advantage of today's cloud while preparing for the competition it will bring tomorrow. October 5, 2010 - 14:15 Room: 003

Real World SOA with .NET and Windows Azure Speaker: Brian Loesgen, Microsoft Day 1: Cloud Computing Architecture Standards & Technologies Companies worldwide are enjoying the benefits and efficiencies that can be realized through a well-defined and implement Service-Oriented Architecture strategy. For many, with the recent "go-live" of Microsoft's Windows Azure platform, intriguing new architectural patterns for distributed, loosely-coupled applications are being made possible, allowing them to fundamentally re-think how they build and consume applications. In this session we will explore at what it means to realize the benefits of service-oriented architectures on the .NET platform, and see that exposing legacy assets by means of Web Services whilst being necessary is not sufficient. We will explore various on-premise and off-premise real-world SOA-related capabilities, and examine a number of design patterns, and drill-down into what it takes to bridge from on-premise to the Windows Azure platform. October 5, 2010 - 15:30 Room: 003

The Open Group's Cloud Security Reference Architecture Speaker: Stuart Boardman, CGI Day 1: Cloud Computing Architecture Standards & Technologies This presentation will explain the Open Group's view on the architectural patterns to properly manage Security in the Cloud. The Security for the Cloud project has defined use cases, architectural principles and building blocks. The reference architecture model takes these building blocks and maps them to a conceptual view of a cloud ecosystem, which is in itself based on the Open Group's SOA Reference Architecture. Use case realizations will show the interactions of the building blocks across the elements of the ecosystem. The project also defines a sample set of architectural decisions representing typical issues, with which a cloud security architect will be confronted and where there is no one correct answer. Often these issues will represent practical problems encountered when implementing the architecture principles. This is a more or less inevitable challenge in Cloud computing and addressing it is a reflection of the very practical intent of the project. We will present the work as it stands in October and explain the following steps needed to complete the architecture. October 5, 2010 - 16:30 Room: 003

RESTful HTTP: Using the Web for SOA Speaker: Stefan Tilkov, innoQ Day 2: REST and Service-Orientation in Practice REST is the architecture of the World Wide Web, and it has recently become noticed as a new contender for the hype of the day. In essence, RESTful HTTP means nothing more than applying the Web's technologies the way they were meant to be used, which is a strong contrast to the way Web Services based on SOAP, WSDL and the WS-* ecosystem abuse it. The benefits of using HTTP correctly include a vast variety of infrastructure components, proven interoperability, unlimited scalability and a strong architectural model governed my meaningful constraints. But while many SOA practicioners have started to accept RESTful HTTP as a viable strategy for simple use cases, there is still a wide-spread belief that more advanced cases require more complicated approaches. In this talk, we will take a look at the core ideas and principles behind REST and RESTful HTTP, address some common doubts, and show how to exploit the benefits of REST to achieve SOA goals for both basic and advanced usage scenarios. Topics covered include documentation, description and discovery, reliable communication, eventing, transactions and hypermedia. Finally, we will conclude with a list of recommendations on how to introduce a RESTful approach in step-by-step fashion into a large enterprise's overall architecture. October 6, 2010 - 10:15 Room: 005

Enterprise Security Patterns for RESTful Web Services Speaker: Francois Lascelles, Layer 7 Technologies Day 2: REST and Service-Orientation in Practice REST lowers the bar of complexity for exposing Web service type APIs. What started off as a grassroots movement is now maturing fast. RESTful Web services support is growing, standards are emerging and the debates on the comparative merits of REST vs WS-* have given place to inclusion and rapprochement. Cloud based deployments are especially well suited for RESTful Web services. Enterprises already use SAAS (Software As A Service) applications, which expose their own REST style APIs. PAAS (Platform As A Service) offerings enable the enterprise to expose their own cloud-side services. These, along with on-premise deployed services, partner services and others, constitute the new distributed SOA that enterprises are increasingly relying on. What can the enterprise do to leverage such deployment patterns and address security concerns? The security considerations relating to enterprise services being exposed, whether on or off premise are equally important for RESTful Web services as for their WS-* counterpart. Just as for WS-* services, RESTful Web services receive payloads and potential message level threats such as injections and parser attacks. Network focused types of infrastructure do not address the content-level inspection needed. Consider XML schema validations, JSON schema validation, enable the enforcement of rules that take into consideration identity, URIs, HTTP Verbs, etc. When authentication is needed, remember the statelessness principle of REST. Cookie-based authentication for example is RESTless, so are server-side sessions in general. As a contrast, consider SAML. A crucial factor to enable the management of security is standards. This is especially true in the context of a distributed SOA where an ecosystem of service zones interact with each other under varying authority. Case in point are two dominant cloud-based application platforms today: AWS and Azure. Both platforms define an HMAC based authentication scheme but both versions are home baked and incompatible with each other. Emerging standards will be essentials to ensure consistency and richer security management. As standards continue to mature and infrastructure increasingly focuses on addressing RESTful Web service use cases, expect REST to increase its footprint in the enterprise landscape in the near future. October 6, 2010 - 11:15 Room: 005

BPM with REST Speaker: Prof. Cesare Pautasso, Universitys of Lugano Day 2: REST and Service-Orientation in Practice Next generation Web services technologies challenge the assumptions made by current standards for process-based service composition. For example, most existing RESTful Web service APIs cannot natively be composed using the WS-BPEL standard. In this talk we discuss the conceptual relationship between business processes and active and stateful RESTful services. The main goals are to enable both lightweight access to process-based service compositions published with a RESTful API as well as native support for invoking RESTful services from the business process models. We show that the uniform interface and the hyper-linking capabilities of RESTful services provide an excellent abstraction for publishing as a resource and exposing in a controlled way the execution state of business processes. October 6, 2010 - 13:15 Room: 005

Trusting REST in a Hybrid SOA World Speaker: Ian Marsh, Vordel Day 2: REST and Service-Orientation in Practice Some of the Web services used by SOA and increasingly by cloud computing bypass SOAP and WSDL and instead make use of lightweight REST-style services that are more popular with developers due to their relative simplicity. The rise of Web 2.0 has cemented REST's place in the SOA world, since REST is widely used in Web 2.0. More recently, Cloud services such as Amazon's Simple Queuing Service (SQS) may be used alongside local services, to create a "hybrid" SOA environment. The result of all this is that SOA now encompasses the original SOAP/REST/UDDI stack, REST services, and the Cloud. From a security professional's point of view, all of it must be securedAlthough the theory surrounding REST (REpresentational State Transfer) is complex, the practice is simple: use long-established Web technologies instead of SOAP. REST Web Services are addressed using HTTP GETs and POSTs to send and receive plain-XML (as opposed to SOAP) documents to URLs. The so-called "mega Web Services" offered by Google, Amazon, and Yahoo all feature REST interfaces which have proven to be very popular amongst developers, especially when compared to their SOAP-based equivalents. Clearly, REST Web Services have much in common with Web applications, but also there are also important differences (for example, cookies have no place in the REST architecture). REST Web Services are increasingly popular, arguably more popular than SOAP based Web Services. However, the security model for REST is not nearly as highly-developed as the security model for SOAP. REST Web Services tend to use custom security tokens passed on URL query-strings. This session answers two questions: 1) Are REST Web Services inherently insecure?
2) How can a security model apply to both SOAP and REST Web Services in order that organizations can safely adopt SOA and Cloud-based technologies? October 6, 2010 - 14:15 Room: 005

Testing RESTful Web Services Speaker: Jan Algermissen, NORD Software Consulting Day 2: REST and Service-Orientation in Practice Testing is an aspect of developing RESTful Web services that is still underrepresented in public discussions. Nevertheless it is an important topic in distributed system development in order to ensure implementation quality and manage system changes over time. This presentation explains the nature of the contract between clients and servers in RESTful systems and how it influences the way in which we should approach testing. Specifically it will be shown in which ways RESTful Web services can violate this contract and what kinds of black box tests apply to detect such failure conditions. In addition it will be discussed how regression testing can be used to verify correct evolution of services. Code examples will be used where suitable to illustrate the theoretical concepts. October 6, 2010 - 15:30 Room: 005

Savara-Formally Verifying SOA Designs Against Requirements Speaker: Steve Ross-Talbot, Cognizant Day 2: SOA Patterns & Practices The SOA Manifesto states that “Services should verify that they meet their business requirements”. Savara is a joint open source project run by Cognizant, Redhat and CSC. In this talk we shall show how it assists in designing and delivering better services and it’s impact on across the entire SDLC. During this talk, SOA Manifesto co-author Steve Ross-Talbot will be discussing the Savara project and highlighting its influence on architecture, design and patterns. October 6, 2010 - 10:15 Room: 002

Failures & Successes with Reuse Speaker: Herbjorn Wilhelmsen, Forefront Consulting Group Day 2: SOA Patterns & Practices Reuse can play an important role in achieving the strategic benefits of SOA. Not to mention that reuse seems to be the ultimate dream of every CIO! However, a lot of organizations fail miserably in achieving reuse. This lecture will present a case of planned for reuse that failed. An analysis of this failure will be performed. Then an alternative way of thinking about the reuse and the ultimate business goal that was behind this particular failed reuse case. At last a successful attempt at reuse that fulfills the same business goal will be presented. October 6, 2010 - 11:15 Room: 002

The Case for Total Architecture Speaker: Paul Brown, TIBCO Day 2: SOA Patterns & Practices Total architecture recognizes that today's business processes and systems have become so intertwined that they can no longer be architected independently. This is particularly true for service-oriented architectures in which service interfaces are expected to remain relatively stable over time as both business processes and service implementations evolve. Not only can a well-considered architecture make the difference between success and failure, devoting time to architecture provides consistent tangible benefits in terms of project cost and schedule reduction. This talk begins with a brief examination of just what we mean by the terms architecture and reference architecture. What many consider to be the architecture is actually an architecture pattern that depicts the components and the communications channels by which they interact. While important, the pattern is just a partial answer, for a complete architecture models the functional activities and their interactions required to solve a problem (i.e. the process) and maps this model onto the architecture pattern to yield the completed architecture. The ability to cleanly map the process onto the pattern is the ultimate litmus test of an architecture. A reference architecture is an abstraction of an architecture in which the process model represents a generic solution to a class of problems and is mapped onto an architectural pattern. The resulting reference architecture provides a standardized solution for that class of problem. Reference architectures enable the sharing of architectural learning and are a particularly effective way to illustrate the intended usage of services. Total architecture completes the picture by recognizing that enterprise business processes involve both people and systems. Thus their architectures and reference architectures must encompass the structure and organization of both. Architecture provides real measurable value. To illustrate this we explore Boehm's analysis of the impact of architecture on project schedule and cost. This analysis, based on actual data from 161 projects of various sizes, shows that devoting appropriate effort levels to architecture and risk reduction can reduce project schedules by as much as 25%. Managers - take note! Finally we note that SOA projects inevitably involve multiple systems and multiple organizations. This has implications for the life-cycle development process, the management, and the executive sponsorship of these projects. We conclude with a brief overview of these issues and strategies for addressing them. October 6, 2010 - 13:15 Room: 002

Design Patterns in Practice: Taking Service Oriented Solutions to the Next Level Speaker: Duncan Doyle, ASR Nederland Day 2: SOA Patterns & Practices Many of the service oriented solutions developed today are based on first generation SOA, using mostly WSDL and SOAP to define services and service interactions. Furthermore, most of the services and service activities defined lack the application of service design principles and the proper use of soa design patterns. Although these architectures and designs are suitable to realize basic requirements for simple solutions, they often lack support for complex interactions demanded by today's distributed environments. These architectures and designs tend to result in brittle environments that lack quality of service, mostly in the area of reliability, transactional integrity and performance. In response, heavy weight solutions and products (e.g. ESBs, monitoring agents, middleware) are integrated into the service oriented environment to overcome these problems. In essence, these products relieve the encountered problems, but they don't provide a cure. This presentation shows how design patterns can be applied and implemented in pratice, using standard, existing, generally available, non-proprietary technology to increase the quality of service of service oriented solutions. It provides, among others, examples of how to design and develop an asynchronous service activity over the HTTP protocol and how reliability of service interactions can be improved in a number of ways by correctly applying different design patterns. Furthermore, it proposes the application of a combination of design patterns as a possible solution to problems encountered when using services in a batch environment. October 6, 2010 - 14:15 Room: 002

Patterns for Bridging the Gap Between On-Premise and the Cloud (with Windows Azure and BizTalk Server) Speaker: Brian Loesgen, Microsoft Day 2: SOA Patterns & Practices Enterprises worldwide are rapidly migrating to, and benefiting from, cloud computing. However, in many scenarios, an all-or-nothing migration to the cloud is not an option for various reasons, such as legal, corporate, regulatory compliance, or integration with existing on-premise enterprise applications. In this session, patterns author and SOA Manifesto co-author Brian Loesgen will look at patterns involved with positioning the BizTalk Server-based Enterprise Service Bus and existing on-premise applications to see how Windows Server AppFabric can be used to bridge the gap between on-premise applications and Windows Azure, or other distributed participants. October 6, 2010 - 15:30 Room: 002

Semantic Search: How to Use Metadata on Services in Combination with Google Speaker: Art Ligthart, Ordina and Audrey Theunisz, IND Day 2: Semantic Web In INDiGO all structured data is stored in Siebel whereas all unstructured content is stored as documents in FileNet. Together, these form the digital case file of each client. Fot the IND it is essential to be able to search in both the data and documents and to combine the search results, with a 100% accuracy. In addition, the search questions will vary greatly and cannot be anticipated in advance. As part of the solution the Google Search Appliance (GSA) was selected. The GSA is fed with metadata on services query stored data in Siebel, and can combine the results with the automatic generated index on Filenet documents. This allows the IND to provide accurate statistical data. During usage, GSA will 'learn' from user interaction and therefore continuously improve its results. In essence, the predefined metadata model (describing the semantics of the Siebel data) will evolve by using GSA and user interaction. Semantic modelling as an 'enabler' for search. The presenters will show all details on this GSA implementation and showcase the application. October 6, 2010 - 10:15 Room: 004

Corporate Semantic Web - The Semantic Web Meets the Enterprise Speaker: Ralph Schafermeier, Freie Universitat Berlin, Corporate Semantic Web Day 2: Semantic Web Nowadays, companies seek more capable approaches for gaining, managing, and utilizing knowledge as well as for automating dynamic services and agile business processes. The Semantic Web offers promising solutions here. The Corporate Semantic Web idea aims at bringing semantic technologies to enterprises. Want to understand how the Semantic Web applies to the enterprise arena? This talk gives some new insight into this application of Semantic Technologies with a special focus on SOA related subjects. 1.   Corporate Semantic Web - An Intelligent Semantic Enterprise 2.   Semantic BPM - Semantic Business Processes in an Internet of Services 3.   Semantic Complex Event Processing (SCEP) - The Future of Dynamic IT October 6, 2010 - 11:15 Room: 004

MEANINGful SOA - Achieving Dynamic Automation and Runtime Agility Speaker: Johan Kumps, Real Dolmen Day 2: Semantic Web Many large enterprises believe Service Orientation is a key IT enabler to address their business challenge. More and more enterprises adopt SOA, with wider spread of SOA implementation across businesses but the life of an architect is arguably becoming simpler in this world of heavily distributed units of logic, called services. The combination of these services forms an agile implementation of a corporate business process. Today, the IT systems for business integration and process automation require human intervention to complete its business operations. The human intervention, performed by the project's architect or analyst, mainly focuses on the selection, negotiation, constraint validation and decision making steps in the business process. Current automation approaches rely heavily on syntactical representations, restricting collaboration without standardization agreements. Supporting dynamic integration and process automation within an enterprise and between enterprises requires addressing the heterogeneity in integration, dynamic constraint validation and runtime agreement negotiations. Semantic SOA (SSOA) is seen as the key enabler to address these challenges. SSOA enables next generation process automation in a much more dynamic way. This talk focuses on how Semantic Web technologies can be combined with the principles of service orientation achieving dynamic automation and resulting in even more flexibility and agility, currently trademark features of Service Oriented Architectures. We will give a definition of SSOA and discuss the challenges we can counter with semantic service orientation principles today and in the future. The business case for dynamic integration and automation will be cleared out using practical examples. A few small demonstrations will be presented to clarify the theory. October 6, 2010 - 13:15 Room: 004

Knowledge as a Service: How to Implement a Generic Knowledge Interface? Speaker: Marco Brattinga,Ordina and Audrey Theunisz, IND Day 2: Semantic Web The rule-engine of INDiGO offers knowledge 'as-a-service'. Siebel (where all data are stored) calls a service of the rule-engine BeInformed and provides all relevant data on a specific case. The rule-engine uses this data as input, executes her rules, and delivers a result: data+rules=information! While this sounds simple, the realization of it turned out to be more challenging. Siebel and BeInformed are based on completely different paradigms, they do not share the same semantics nor syntax, and interfaces between the two systems frequently change. Therefore a special component was developed, the so-called Generic Knowledge Interface (GKI). The GKI handles all servicecalls on BeInformed. The GKI was built within Siebel, and inspired Oracle to develop its Oracle Policy Automation connector on Siebel. The GKI has the potential to grow into a generic information interface, based on an information model it could provide information services by combining rules and data from multiple sources. The presenters will show the architecture and working of GKI and explain which problems had to be solved in order to offer knowledge-as-a-service. October 6, 2010 - 14:15 Room: 004

Implementing SOA Through Linked Data Speaker: Thomas Bandholtz, innoQ Day 2: Semantic Web Linked Data is a concise technical approach that can be leveraged to implement SOA. Some aspects are known from the REST architecture: every thing is a resource; URI design over service design; content negotiation. But the core feature of Linked Data is the linkage of datasets. Imagine an invoice directly linked to products and a customer by URI reference. As each dataset is rendered in RDF triples, everything can be accessed regardless to the respective schemas. If you want to know more, you may discover the schema statements on-the-fly (yet another URI reference in the data statement). Knowing the schema, you may post SPARQL queries and updates to federated endpoints. This makes perfect sense, for example, in a distributed masterdata scenario. Would need to agree on some enterprise ontology before you start? Definitely not. Start with some simple vocabularies derived from your relational data model as it is. This may evolve to a more expressive ontology later, but "keep it simple" is the silver bullet! October 6, 2010 - 15:30 Room: 004

Architecture Guidelines for SOA Based Applications Using Executable BPMN: Loose Coupling with Events and Correlation Speaker: Volker Stiehl, SAP AG Day 2: SOA & BPM SOA based applications (or composite applications) empower companies to gain competitive advantage by driving innovative business processes, leveraging existing IT-investments. With this new breed of applications architects are confronted with the challenge to provide technical guidance to developers who are in charge of implementing the composite. This session will start with a brief explanation of composite applications, what is so special about them and what are the challenges implementing them. Next we will discuss a sustainable architecture for composite applications addressing the challenges outlined before. We will then dive into the details about how the Business Process Modeling Notation (BPMN) can help to actually implement the recommended architecture by using a loosely coupled approach based on events and intermediate message events. With executable BPMN it is now possible to model both kinds of processes, business processes as well as technical processes, with one notation, let them interact and bring them to execution. A running example showing the proposed solution in action finally rounds off the discussion. October 6, 2010 - 10:15 Room: 003

Polymorphic SOA: A Study Case About How to Deliver More Flexible Business Processes "On-Demand" Speaker: Jean Rodrigues, Seed Technology Solution and Daniel Compagno, Serasa Experian Day 2: SOA & BPM Financial institutions apply formal verifications to their customer's when granting them particular rights. Their business processes are typically based on information processing, with complex rules to ensure accurate decision-making. However, due to fraud related issues their rules and processes must be consistently checked and adapted continuously, and must in compliance with their customers needs. Constantly changing processes (e.g. different results with the same input data), mutable contracts (input and output information were unknown in advance to the processing), different business rules implementations (every client had different rules, and each rule had to be applied to its own set of processes) for example were issues that had to be addressed in this complex environment. This presentation will show what we consider the critical factors to deliver this project successfully: SOA reference architecture and some aspects of the implementation, semantic data services and contracts, patterns (do's and don'ts), and examples that can clear the understanding of the applied SOA approach. October 6, 2010 - 11:15 Room: 003

ESB - Concepts in Comparison Speaker: Torsten Winterberg, OPITZ Consulting GmbH and Bernd Trops, Sopera GmbH Day 2: SOA & BPM It looks like that every one means that it is necessary to use an ESB. But there is a big confusion regarding the real benefits especially because there are different approaches for these ESBs available. We will specify usage scenarios for ESBs and discuss the business benefits. We also compare different suites like Oracle SOA Suite, SOPERA ASF and JBoss and talk about alternatives like building your own suite using open source components like ActiveMQ, Camel and ServiceMix. October 6, 2010 - 13:15 Room: 003

BPM and SOA: Taking Care of the Perfect Match to Work in Real Life Speaker: Evgenia Rosa, Oracle Day 2: SOA & BPM There have been a lot of discussions about BPM and SOA as a perfect match. But how to make this marriage work in real life? The vendors integrate their BPM and SOA tools or develop dedicated solutions to provide a seamless BPM and SOA lifecycle support. But although tightly integrated tools build a necessary foundation for the marriage there are not enough to guarantee the success. The alignment of •  BPM Modelling and SOA methodologies,
•  Business Process Architecture and SOA Reference Architecture,
•  BPM and SOA Repositories,
•  BPM and SOA Governance processes are essential contributions to make the BPM&SOA marriage successful and long lasting. The session discusses some concepts of successful BPM and SOA approach. October 6, 2010 - 14:15 Room: 003

SOA & BPM on the Microsoft Platform Speaker: Manfred Steyer, University of Applied Sciences Day 2: SOA & BPM In the area of SOA and BPM, Microsoft offers several solutions: There is Windows Workflow Foundation (WF) for modeling and executing workflows, Windows Communication Foundation (WCF) for exposing workflows as services and Windows Server AppFabric for monitoring and configuration issues. Based on a sample, which is implemented live, this session shows how those technologies fit together. Furthermore, aspects like long running transactions, correlation and compensation are addressed. October 6, 2010 - 15:30 Room: 003

Service Data Objects in SOA Projects: Practical Experience Speaker: Andrei Shakirin, Sopera GmbH Day 2: Real World SOA Case Studies One of the common challenges in stateless SOA design is merging of complex data structures between clients and service and keeping the data graph in consistent state. One of possible solutions of this problem is using Service Data Objects (SDO) for communication between clients and service. The presentation summarizes experience and lessons learned regarding using of Service Data Objects (SDO) in concrete SOA projects. The first part of presentation will introduce Service Data Objects and explain basic principles of SDO approach. It contains definition and purposes of SDO; represents Data Object, Data Graph and Data Access Service abstractions; makes a short overview of existing SDO implementations. Second part of presentation provides typical SDO scenarios and use cases. Either application needs to track changes in the complex data structure or remote client makes a fine grained changes in interconnected data graph and will merge data on the service side for further processing and persistency - in all such cases architect could think about SDO approach as a possible solution. From architectural view SDO can be considered as a bridge between procedure-oriented stateless SOA design and domain driven object-oriented design. Live demo based on open source SDO implementation will demonstrate SDO approach in the practice. The third part of presentation will show using of SDO in one concrete SOA project developed last year for Greenpeace UK. The project architecture represents compound, business and basic services layers and shows the SDO role in communication between consumers and services. As far as project was developed in close collaboration with EclipseLink team, some aspects of integration the SDO EclipseLink implementation with ESB platforms are also covered in this part. Quite interesting part of this project was integration between SDO and JPA to persist complex data graph into database. Presentation shows two possible SDO persistency solutions and explains the actual project choice. The main idea of this presentation is to show the practical using of SDO approach in SOA projects and to discuss one more interesting SOA design pattern. October 6, 2010 - 10:15 Room: 006

An SOA Pattern for Collaboration: An Engineering Case Study Speaker: Howard Cohen, Booz Allen Hamilton and Matthew Sutton, Booz Allen Hamilton Day 2: Real World SOA Case Studies The specific problem the DOD is trying to solve is achieving better discovery, use, and re-discovery of data. Data evolves. The mechanisms of how data evolves are not well understood. USJFCOM System Engineering and Architecture Division employs a "Collaboration Pattern" to facilitate complex system awareness and analysis. The pattern brings the mechanisms of data evolution into focus. People are focused on data in the government and private industry. Data is perceived to be driven by tools. Here the interconnectedness of People and Tools immediately jumps out at us. Individual organizations, agencies, and commands utilize different PPMT's. This is a known issue; a persistant problem. The issue is addressed by all of us at some point in our career. Einstein said, "You are not going to solve today's problems by the same thinking that got you here." JFCOM Systems Engineering & Architectures is developing new approaches in PPMT's to address existing Engineering and Architecture challenges to data evolutions. Technology has advanced to where the "T" in PPMT is closer to interoperability as it has ever been. Most programs focus on tools. Our pattern addresses tools but as an enabler as opposed to the center of concern. Understanding, building relationships on, and meeting Department of Defense needs through a federation of government organizations that are respectful of each other's individual PPMT's we consider co-organizational diversity. Organizations are the technical tapestry that contextually embodies stakeholder's mission, vision, scope. When brought together these complex tapestries; these complex systems, show evolutionary patterns in how they collaborate. When the pattern of collaboration is not known or understood, an organization adapts through sheer heroics of the working people. This, as you know, is a poor sustainment practice. An understood pattern provides access to organizational maturity, agility, and modeling. The Pattern is the "needle" of our tapestry that provides a mechanism to bring stakeholders together even though they may have different missions. It puts multiple needs of our stakeholders together in a way that differentiates but appears seamless. The pattern uses people, process, methods, and tools that in some cases are DoD specific or DoD enabled. Thisenables our team to identify, analyse, prescribe and assess our project from a top down approach which creates a greater likelyhood for project success. October 6, 2010 - 11:15 Room: 006

A Standard SOA for the Banking Ecosystem Driving Flexibility and Agility: Why ING Joined BIAN Speaker: Johan Smessaert, BIAN Day 2: Real World SOA Case Studies The banking industry is going through some profound changes due to mergers and acquisitions, increasing involvement of regulatory authorities, new players on the market, new distribution models, changing customer behaviour, new sourcing models... Addressing these challenges requires banks to be highly flexible and agile. In particular, in a complex banking application landscape, the key issue is to achieve a high degree of interoperability between the large number of heterogeneous systems. This presentation shows the journey ING went through, starting from an enterprise message bus in the early 90s, over an (in house developed) full blown enterprise service bus some 10 years ago, to finally implementing a commercial process enabled service bus and how during this evolution the focus shifted from technical related issues to more functional ones, setting the standards needed to apply SOA successfully at a large scale. As most banks and banking software companies are going through this transformation, some major market players decided a couple of years ago to join forces and create BIAN – the Banking Industry Architecture Network. The presentation shows how BIAN is laying the foundations of Service Oriented Architecture by developing the building blocks of an SOA for banking, giving a precise meaning to the basic concepts (BIAN metamodel), getting consensus on the overall banking service landscape and its associated object model, and by providing specifications at the semantic level of application services. It is also shown how the banking industry and ING in particular benefits from BIAN. October 6, 2010 - 13:15 Room: 006

Service Enablement in the DoD Business Mission Area through Architectural Design Patterns, Market Research, and BMA Strategy & Roadmap Speaker: Dr. Aaron J. Drew, US Department of Defense Day 2: Real World SOA Case Studies Based on a multi-year commitment, this briefing will discuss the crafting of the DoD Business Operations architectural design patterns related to the "AS-IS" and "TO-BE" implementation of strategic level concepts such as Data Warehousing, Business Intelligence (BI), Common Vocabulary (CV), Service Oriented Architecture (SOA), and Data Integration (DI). To assess the feasibility of theses strategic level concepts which led to the strategy, market research was conducted into the maturity and readiness to support the strategy in SOA. The organizations that passed the preliminary screenings, which ensured that their technologies were realistic and relevant, then provided live demonstrations of their development, test, operational, and production environments. In conjunction with the findings of the market research this effort was also driven by the mandates expressed in the DoD Business Mission Area (BMA) Federation Strategy and Roadmap version 2.4a and the Defense Business Transformation Agency (BTA) SOA Implementation Strategy Document. This presentation will discuss how the Business Mission Area built out the Service Oriented Architecture based Business Transformation Infrastructure (BTI), through a use case. The use case illustrates the original architectural design patterns, market research, the crafting of the Business Mission Area Federation Strategy & Roadmap and finally implementation in the form of a pilot. The pilot involved provisioning, publishing, proxying, and consuming a service which leveraged both micro and macro SOA infrastructure capabilities. October 6, 2010 - 14:15 Room: 006

Smart Grid Capacity Planning implemented with SOA Infrastructure Speaker: Dr. Thomas Rischbeck, IPT Day 2: Real World SOA Case Studies This presentation looks at how a major European transmission system operator (TSO) is building a new system for the scheduling of the electricity grid. The new system is at the core of supporting the stability of the grid. Through preplanning, the scheduling system will allow to steer transmissions and balance electricity demand and supply. The system is built using an SOA approach. Proven infrastructure assets are leveraged for the accelerated implementation of this system. Implementation therefore is little coding - but mostly the declarative configuration of a business rule engine (BRMS), an enterprise service bus (ESB) and a business process engine (BPM). This gives the TSO quick internal response times to new market and regulatory conditions. It also allows transparency and compliance auditing. Business can adapt the system not only theoretically but do so in practice. October 6, 2010 - 15:30 Room: 006

Cloudy SOA Speaker: Mark Little, Red Hat Day 2: SOA & Cloud: Infrastructure & Architecture In many ways Cloud has taken on the hype that was previously associated with SOA. But does SOA have a role to play in the Cloud and if so what? In this presentation we shall examine Cloud and show how SOA concepts are not only applicable to it but is critical to the successful realisation of all that it entails. We shall look at the evolution of Cloud from pre-Grid days to where we are today and consider the reasons for its continued growth. By examining the history behind it we shall predict where it is going in the future, and illustrate how SOA patterns and SOA infrastructures can benefit the developers of Cloud infrastructures as well as those who implement applications for the Cloud. October 6, 2010 - 10:15 Room: 001

Swarm Computing - Next Generation Clouds and the Role of SOA Speaker: Juergen Kress, Oracle Day 2: SOA & Cloud: Infrastructure & Architecture We either use public clouds for example Amazon EC2 for example for training or development purposes. This environments are only used for a limited time frame. The second cloud model are private clouds by cooperation in their own datacenters to increate the utilization of their servers across multiple applications. Today we use either private or public clouds for certain use cases. To enable a wider adoption of business solutions, hybrid clouds will be the future model. Key will be integration as well on the data level, the service level and the process level. Processes might start in a private cloud continue in a public cloud and will be completed in a private cloud. For example a company starts a promotion for pet food. In their private cloud the new product and price is added to the financial system. A Customer orders the promotional pet food in the public cloud online store. The order is processes and the shipped and billed from the private cloud system. SOA will be the key enabler for: SOA Integration: Integration on all levels will be key, to integrate data, services and processes between legacy systems, private cloud systems and public cloud systems to hybrid systems. BPMN process change: Processes based on BPMN 2.0 across hybrid clouds can be adopted by the business owner to respond on flexible business requirements. Middleware and SOA Governance enable atomic, loosely coupled participants. Swarm computing - future cloud solutions cloud are limited to a small number of use cases e.g. test system or training systems. For a wider business adoption more intelligent systems are required. Meta data and ontology's will be the enabler for intelligent systems which interconnect with each other October 6, 2010 - 11:15 Room: 001

The Rise of APIs: A New Twist to SOA & Cloud Speaker: Dimitri Sirota, Layer 7 Technologies and Martin Stroebele, AutoScout 24 Day 2: SOA & Cloud: Infrastructure & Architecture Over the past year more and more organizations have begun rethinking how they expose their data and applications to external developers. Encouraged by the runaway success of Facebook and iPhone, enterprises now see that by exposing their internal systems externally, they can remake their business into a platform - and in the process create new channels to market, new revenue opportunities and greater loyalty with partners and customers alike. In this presentation given by Layer 7 VP Marketing you will get an introduction to the API economy and hear real world examples of how global companies are transforming their businesses through developer focused API's. October 6, 2010 - 14:15 Room: 001

Architecting Cloudy Applications Speaker: David Chou, Microsoft Day 2: SOA & Cloud: Infrastructure & Architecture The true power of cloud computing lies in leveraging the cloud platform to build massively scalable applications. However, doing so represents a paradigm shift from traditional n-tier and RDBMS-driven architecture designs, and adopting "cloudy", distributed computing design fundamentals such as eventual consistency, shared-nothing, parallelization, multi-tenancy, failure resilient, asynchronous interaction, staged production, federated composition, eventual consistency, idempotency, etc. The end results are horizontally scalable applications that are built natively for cloud platforms. For this talk we will first discuss background information on how some "cloudy" applications are built today, then we will discuss the common design principles and patterns, and how they can be applied towards applications built on the new breed of platform-as-a-service clouds. October 6, 2010 - 15:30 Room: 001

Modern SOA Infrastructure and Open Source Speaker: Mark Little, Red Hat Day 2: SOA & Cloud: Infrastructure & Architecture SOA has achieved a level of acceptance that has taken it away from being simply hype and buzzword to being something that is generally accepted as being an important part of both business and architecture. In some ways it parallels the movement of open source from the domain of the few to an approach that is found in most areas of software development and deployment. But do open source and SOA come together successfully? In this presentation we shall examine the modern SOA Infrastructure and look at how open source implementations approach the various aspects of it. We shall attempt to provide an objective analysis of the pros and cons of choosing an open source solution versus a more traditional close source implementation. October 6, 2010 - 15:30 Room: 001

The Cloud Brings Big Business to SOA Speaker: Axel Angeli, Logosworld Day 2: Business of Cloud Computing First there was a trickle, then a stream, and now there is permanent chatter between trillions of services and an incessant flood of data that swamps servers, networks, and mail boxes. The majority of IT departments have understood that the future lies in disparate installation and dynamically expanding on-demand computing clouds. The pre-requisite to make this all function was a smart architecture that allows for quickly setting up and replacing communication between a client and a certain service, which is known as loose-coupling. Once SOA is in place new service will steadily offerings emerge and disappear; in one situation a procured service may prove to be better than a built-in one, in another case a better service would replace the good one. The SOA idea is around for over forty years now; the client-server technology became main-stream in the early 1990ties and the SOA hype started in 2003. So there is now a market around Service-oriented Architecture beyond selling Middleware and ESB components. There is a soaring need for services; for services to support and monitor other services; for new hardware to support sizing of the SOA cloud and for the right consulting to make all this brave new world happen. In brief: SOA is finally a big business. October 6, 2010 - 10:15 Room: 007

End-to-end Strategization of Cloud Adoption, Planning & Enablement Speaker: Winnie Hua, CTS Inc and Tony Shan, Keane Inc Day 2: Business of Cloud Computing This presentation introduces a holistic approach for end-to-end strategization of Cloud adoption, planning and enablement (ESCAPE). A Cloudification roadmap is of paramount importance to strategize and operationalize an effective Cloud program in a large-scale enterprise computing environment, which is typically complex and heterogeneous. To successfully leverage the real benefits of Cloud Computing, an organization must objectively assess the strengths and weaknesses, establish strategic direction, spot gaps, define a practical route, mitigate risks, rationalize portfolio, manage demands, justify tradeoffs, prioritize activities, balance long-term goals and short-term needs, and consistently reassess the route as the execution progresses. A systematic procedural workflow is designed in this work. There are 20 steps defined in this overarching framework, broken down into 4 tracks: 1) Planning and Analysis, 2) Design and Construction, 3) Deployment and Operations, and 4) Management and Governance. Step 1-5 in Track 1 copes with the high-level strategic planning, covering the areas of formulating vision and goals of the Cloud initiative, comprehensive assessment, target state design, gap analysis, and multi-generation plan. Track 2 comprising Step 6-10 is focused on strategy execution, ranging from business processing modelling, process-service-application mapping, service modelling, service inventory, service implementation, service testing, configuration, to verification and validation. In Step 11-15 of Track 3, services are deployed and run in the production environment. The key IT considerations in this stage are capacity planning, service virtualization, provisioning, metering, monitoring, SLA, QoS, change control, security, hardening, and reuse. Lastly, Track 4 of Step 16-20 deals with the service management and governance, particularly in the aspects of lifecycle, registry/repository, operational process, assets, fabric infrastructure, standards, policies, compliance, certification, and practices. The key inputs and prerequisites are specified for each step in the major tracks. The detailed artifacts in each step are articulated in the context. Templates, working artifacts, and real-world deliverables are discussed in the session. This roadmap serves as a holistic blueprint to adopt and implement Cloud Computing in a large organization. October 6, 2010 - 11:15 Room: 007

Process and Services Platform: Cloud based Middleware Speaker: Andreas Schmietendorf Day 2: Business of Cloud Computing The idea for this presentation was driven by an applied research project within T-Systems International. Our aim was to implement a so called "Process and Service Platform", with other words a cloud based solution for a broadly usable booking system. For example, this system is currently used for the management of kindergarten places. However cloud-solutions are not a technological innovation, the used techniques are well known from earlier integration technologies (e.g. EAI#, SOA#, Web 2.0, Grid Computing). The Cloud paradigm brings the possibilities of these technologies together. Therefore, the cloud paradigm can be described as business innovation, like mentioned in [Bitkom 2009]: "Evolution from the technologies point of view, but revolution in the business" Cloud services provide a flexible way of outsourcing. The provision of IT-services is realized by the use of the Web without complicated client-software. Typical benefits deal with cost reduction, pay-per-use models or the possibility for an agile implementation of IT supported business models. The specific peculiarities and challenges of this approach therefore refer to the following aspects: •  Security (authorization, authentication and activity logging)
•  Integration abilities (processes, business objects, organizations, applications)
•  Service quality (availability, performance, service level agreements)
•  Service management of cloud solutions (ITIL# as enabler) Accordingly to the published Hype cycle from Gartner, the Cloud-paradigm has reached the peak of inflated expectations in 2009 [Gartner 2009]. As mentioned before the cloud-paradigm deals with a new thinking about an agile sourcing of required IT-services. But these possibilities are only reachable under consideration of certain preconditions. A frequently used classification distinguishes process-, resource- and product-related aspects. October 6, 2010 - 13:15 Room: 007

The Economics of Cloud Computing and SOA (remote via Skype) Speaker: Joe McKendrick, CBS Interactive, ZDNet Day 2: Business of Cloud Computing The economics of cloud computing can look enormously attractive, especially when weighing the costs of storage or processing at a few cents per instance or gigabyte, versus the tens of thousands of dollars in up-front investments required for on-site solutions. Cloud providers, both internal and external, can deliver economies of scale not available to individual enterprises. But over the long run, do these huge savings hold up or collapse for enterprises? What about the costs associated with integration, configuration, data deduplication, and monitoring? Plus, the greatest economic shift of all enabled by service-oriented architecture and cloud computing is just starting to get underway – companies are becoming providers as well as consumers of services. This has implications for the ROI and value of cloud implementations beyond cost efficiencies and ROI. This session will examine the economic pros and cons of on-demand versus on-site computing, and where these approaches may or may not work. The emerging role of SOA as a foundation for cloud will be explored. In addition, the lessons learned from SOA will be examined, in terms of funding services, collaboration between business and IT departments, and determining ROI from service implementations. In addition, this session will explore the 10 top trends shaping organizations and the way they leverage information technology, from the rise of the "loosely coupled" company to the disruptive forces reshaping the vendor community. October 6, 2010 - 14:15 Room: 007

Is Cloud Computing Really Ready for the Prime Time? How to Ensure Your Organization Can Exploit the Benefits of Cloud Confidently without Losing Your Shirt! Speaker: Vic Morris, Vordel Day 2: Business of Cloud Computing In business, we constantly seek innovative ways to cut costs while increasing revenues, and continuing to provide high levels of customer service. If we are also to maintain our competitive advantages, corporate agility isn't just desirable, it's essential. With IT Stakeholders struggling to keep pace with increasingly demanding business requirements, Cloud Computing appears to offer a compelling solution, offering increased agility and flexibility for the business with potentially significant cost savings. But is Cloud Computing really ready for the prime time? In considering the various Cloud offerings, SaaS, PaaS and IaaS, are the cost savings really always there? By adopting Cloud Computing, companies are also need to assess if they are introducing new risks and challenges, which may be costly to address and thus potentially outweigh any of the tempting cost reduction benefits? Before fully embracing Cloud Computing there are several key issues that CIOs, CISOs and CFOs need to consider: •  What are the major challenges hindering the adoption of cloud computing by your enterprise?
•  How can your company overcome its concerns to ensure you benefit from cloud computing?
•  Can Cloud Services really be trusted?
•  Is it possible to control potential rogue cloud usage, while still allowing users the agility they demand in their day-to-day operational environment?
•  Can Cloud be part of an existing SOA strategy and thus generate increased ROI on my existing IT infrastructure? In this stimulating presentation Vic will share with the delegates many of the valuable insights garnered from Vordel's experience of real life Cloud deployments that they will help them dicatate their company's Cloud Computing strategy for today and into the future. October 6, 2010 - 15:30 Room: 007

10 Things You Didn't Know About Cloud Platforms: Azure, GAE and Amazon EC2/SimpleDB Speaker: Anna Liu, NICTA and Hiroshi Wada, NICTA and Kevin Lee, NICTA Day 2: Cloud Computing Governance, Policies & Security Everyone knows about eventual consistency properties of the cloud, but do you know how long it will take for a piece of data to become consistent/fresh? Despite the aim of providing infinite scalability, is there any hard limits on some of the leading cloud platform services? We know cloud platforms aims to provide auto-scaling, but is it really all magic? We at the University of NSW and National ICT Australia (NICTA) have been evaluating Cloud platforms over the last 18 months. In this session, we will share with the audience some of these (often surprising) evaluation findings, that should be of interest to application architects and developers looking at designing and building solutions using the cloud. October 6, 2010 - 10:15 Room: 008

The New Silos: Build Once, Deploy Anywhere? Speaker: Toufic Boubez, SOA Systems Day 2: Cloud Computing Governance, Policies & Security The current state of the art in enterprise computing offers good news and bad news. The good news first: the software engineering community has figured out, over the last several years, the ineffectiveness of building siloed application stacks. Service Oriented Architecture (SOA) and Service Oriented Computing (SOC) are the latest incarnations of this train of thought. One of the fundamental principles, as outlined in the SOA Manifesto, is the concept of intrinsic interoperability. Intrinsic interoperability is mainly achieved through standardization, on technology, architecture principles and design guidelines. Now for the bad news. For a while, it seemed that Cloud Computing would be the next iteration in this roadmap to computing nirvana, with the promise of fluid or elastic deployment scenarios. To coin a new motto: we all want to "Build Once, Deploy Anywhere". The reality on the ground however points to the sad reality that whatever lessons were learned about siloed applications have been lost, and we are in the process of building new silos, this time at the infrastructure level. This talk will give an overview of the current cloud computing landscape, with an eye towards the state of elastic computing and application mobility. October 6, 2010 - 11:15 Room: 008

Data in the Cloud Speaker: Herbjorn Wilhelmsen, Forefront Consulting Group Day 2: Cloud Computing Governance, Policies & Security The vast majority of today's solutions, service-oriented or not, can do well using a relational database as a data store. In fact, the relational database has solved some problems so successfully in the past that a lot of developers and architects cannot even conceive building a business critical system without relying on such a database. However, when data is stored in the cloud two issues becomes more prominent; Security and scalability. The security aspect is much related to legal issues. Some insights provided by the CAP theorem (that relates to data stored in multiple partitions) will change some of the more usual perceptions on how to store and work with data. A brief overview of the advantages of some NOSQL alternatives as well as some SQL alternatives will be provided. The lecture is finished off with some advice on what kind of data store to select for different cloud-based solutions. October 6, 2010 - 13:15 Room: 008

High Performance Websites in the Cloud Speaker: Matt Wood, Amazon Day 2: Cloud Computing Governance, Policies & Security It's never been easier for new tools and services to gain exposure and new customers on the web. However, surviving the wave of traffic from viral uptake or very spiky usage can be difficult to manage. On-demand, pay-as-you-go elastic compute infrastructures such as Amazon Web Services' EC2 can help scale websites during periods of heavy traffic and help reduce costs in quiet spells by reducing capacity dynamically. This talk will explore how to architect websites for high traffic, high availability and high speed, including: •  Identifying units of scale
•  Horizontal scaling
•  Extending layered architectures
•  Adding caching
•  Use of the Cloud ecosystem
•  Scaling storage
•  Scaling databases for high availability
•  Load balancing
•  Content delivery A handful of simple rules and techniques can help design very high availability, without any initial capital expenditure, and very low run rates provided by the economies of Amazon's scale. October 6, 2010 - 14:15 Room: 008

PaaS, the Sweet Spot for Private Clouds & Underlying Infrastructure Speaker: Mohamad Afshar, Oracle Day 2: Cloud Computing Governance, Policies & Security Virtualized hardware is all the rage in enterprise IT. However, is a purely virtualization-focused, infrastructure as a service (IaaS) approach really the right one for enterprises and government? What's clear is that virtualization is but a part of a strategy for fast self-service deployment and ultra efficient operations, referred to as "platform as a service" (PaaS). PaaS is built on a set of Java EE, SOA, BPM, data management, and enterprise management technologies that empower the business users while reducing IT burden at the same time. PaaS allows business analysts and less sophisticated IT developers to be extremely productive in creating new applications or making customizations to fit the need of the business in a Cloud based deployment by delivering capabilities to model user interfaces, build our processes and embed analytics - all through a Web-based interface. On the operational side, PaaS goes beyond the notion of virtual machines and moves to the concept of "Platforms" that constitute logical components that are provisioned, scaled, monitored and managed as logical units and constitute the infrastructure for deploying and managing one or more applications. This presentation discusses the key benefits of a Private PaaS, outlines key architectural capabilities and components and discusses best practices for building and operating a PaaS. This session is a must for anyone considering building a Private Cloud. October 6, 2010 - 15:30 Room: 008

Revisiting the SOA Manifesto Day 1: Expert Panel With the one-year anniversary of the SOA Manifesto declaration nearby, members of the original SOA Manifesto Working Group will come together once more to discuss how the manifesto has been adopted October 5, 2010 - 18:15 Room: 001 Panelists (in alphabetical order): Paul Brown, John DeVadoss, Nicolai Josuttis (Moderator), Dirk Krafzig, Mark Little, Joe McKendrick, Steve Ross-Talbot, Anne Thoams Manes, Herbjorn Wilhelmsen, Brian Loesgen

How Can the Business Value of SOA be Measured? Day 1: Expert Panel The strategic nature of service-orientation requires that SOA initiatives utilize distinct and effective reporting techniques to assess and measure the extent to which SOA adoption is successful. This panel will propose different metrics and approaches for concretely measuring factors and statistics pertaining to the business value. October 5, 2010 - 18:15 Room: 002 Panelists (in alphabetical order): Daniel Adelhardt, Howard Cohen, Eric Jan, Sean Gu, Juergen Kress, Linus Malmberg (Moderator),

Correlating BPM, Workflow and SOA (Where does business analysis end and where does service modeling begin?) Day 1: Expert Panel This panel is dedicated to exploring the relationship between BPM modeling, workflow definition, and specifically the service modeling and service-oriented analysis stages of typical SOA projects. The panelists will be discussing where to draw the line when defining analysis processes pertaining to business process definition and service identification and definition. October 5, 2010 - 18:15 Room: 004 Panelists (in alphabetical order): Sean Gu, Hajo Normann, Evgenia Rosa, Volker Stiehl, Bernd Trops, Torsten Winterberg (Moderator)

Why Adopt Cloud Computing Without SOA? (Does it make sense to build silos in the cloud?) Day 1: Expert Panel Why Adopt Cloud Computing Without SOA? (Does it make sense to build silos in the cloud?) One of the primary messages delivered in this year's opening keynotes is that while cloud computing innovations provide great potential, they do not prevent us from building silo-based applications all over again, only this time labeled with "cloud" and "services". This panel discusses the need for cloud technologies to be leveraged in conjunction with service-orientation practices in order to utilize clouds for truly strategic business value. October 5, 2010 - 18:15 Room: 003 Panelists (in alphabetical order): Toufic Boubez, David Chou,Art Ligthart (Moderator), Mark Little, Jesus Rodriguez, Tony Shan

Rest Services vs. Web Services - A Live Debate Day 2: Expert Panel A head-on debate about the two most common service implementation mediums: SOAP-based Web Services and REST Services. Discussions will tackle issues such as suitability for service-orientation, practical applications, industry standardization, security, transactions, etc. October 6, 2010 - 17:00 Room: 001 Panelists (in alphabetical order): Toufic Boubez, Nicolai Josuttis, Mark Little, Cesare Pautasso (Moderator), Stefan Tilkov, David Chou

Services and the Semantic Web Day 2: Expert Panel The relationship between SOA and semantic Web technologies and practices continues to be defined as this technology space continues to mature. This panel will discuss advances in semantic Web service technologies and platforms and will further address applicability to service-orientation practices. October 6, 2010 - 17:00 Room: 004 Panelists (in alphabetical order):Thomas Bandholtz, Johan Kumps, Joe McKendrick, Audrey Theunisz

SOA Design Patterns: Revisiting the Most Popular Patterns and Introducing New Patterns Day 2: Expert Panel The SOA design patterns catalog is nearing its second year of existence. This panel will discuss the most important and popular patterns being used in practice and will further introduce the many new candidate patterns that have been proposed over the past 12 months. (Learn about SOA design patterns at the SOA patterns community site: www.soapatterns.org.) October 6, 2010 - 17:00 Room: 002 Panelists (in alphabetical order): Howard Cohen, John deVadoss, Juergen Kress (Moderator), Brian Loesgen, Clemens Utschig-Utschig, Herbjorn Wilhelmsen

Cloud Interoperability - Where are We Today? Day 2: Expert Panel Lack of industry standardization continues to inhibit adoption of cloud computing. With an emphasis on cross-cloud interoperability and mobility, this panel will address how and where industry standards currently are playing a role and further advances being made by standards organizations. October 6, 2010 - 17:00 Room: 003 Panelists (in alphabetical order): Anthony Assi, Stuart Boardman, Toufic Boubez, Holger Kisker, Tony Shan (Moderator)

SOACP Self-Study Kit Giveaway Day 1: Special Event The SOA Certified Professional Program is holding a special Self-Study Kit Giveaway. To enter, simply visit the SOA School Exhibition booth before 15:00 on October 5th, and drop your business card off into the entry box. Winners will be selected at 15:00. October 5, 2010 - 15:00 Room: Exhibitor Area

Book Signing & Book Giveaway Contest: SOA with .NET & Windows Azure Day 1: Special Event Publishers representing various SOA authors that are speaking at the symposium will be providing hundreds books that will be handed out to conference registrants as part of book launch ceremonies and various contests. The authors of "SOA with .NET & Windows Azure" will also be doing book signings at this time. October 5, 2010 - 12:00 Room: Exhibitor Area

SOA Governance Galley Giveaway Day 2: Special Event Publishers representing various SOA authors that are speaking at the symposium will be pre-release galleys that will be handed out to conference registrants as part of book launch ceremonies and various contests. October 6, 2010 - 16:45 Room: Exhibitor Area

Lunch Training Seminar with Reservoir Speaker: Damien Hubaux, Stéphane Mouton, CETIC Day 2: Special Event

Damien HUBAUX (RESERVOIR Training Manager) and Stéphane Mouton will be giving a lunch training session. Number of participants to this seminar will be limited.

The RESERVOIR project aims to build a cloud infrastructure transparently provisioned and managed using virtualization technologies. It is providing a foundation supporting the on-demand set-up and deployment of services across disparate locations. The infrastructure is built using open source Cloud Middleware and Service Management components like: OpenNebula, which offers a Virtual Infrastructure Management toolkit, KVM (the Kernel-based Virtual Machine) extended to support live VM migration without shared storage, and the Claudia platform, which offers a Service Management toolkit. During this special seminar, RESERVOIR experts will explain how the project's results can be used to build a Cloud infrastructure and uncover the developments of the RESERVOIR Framework.

It is recommended to register. Please contact: reservoir@cetic.be. Be sure to also attend the RESERVOIR in a 'Lightning Talk' at the CloudCamp
pre-conference event on October 4.

October 6, 2010 - 12:00 Room: TBA