leader replacement system - Department of Public Social Services ...

More documents

Recommendations

Info

Los Angeles County Department of Public Social Services LEADER Replacement System (LRS) 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 Web Service Orchestration Atomic, composite, and federated Web services may all be developed using a specification language such as Business Process Execution Language (BPEL) and executed by a workflow engine (usually part of the SOA infrastructure). That is, individual Web services may be executed in a certain order (orchestrated) to fulfill a specific business process. Web Service Types There are two basic types of Web services: SOAP and REST. Currently, SOAP is the more common, but REST is rapidly gaining momentum. SOAP is a standard that defines how XML messages are transmitted over specific protocols. For example, SOAP over HTTP or SOAP over JMS (Java). SOAP acts like an envelope that carries a variety of XML messages each with a particular purpose. For example, there are XML messages (schemas) for handling security. SOAP messages can handle complex data objects, such as customer, payment, or license details. REST typically handles simpler XML messages and therefore, is more efficient because they require little overhead. However, currently REST is limited to the HTTP protocol. Web Service Standards There are two main organizations that define Web service standards: W3C - World Wide Web Consortium http://www.w3.org/ . OASIS – Organization for the Advancement of Structured Information Standards http://www.oasis-open.org/home/index.php . There are many standards for the various parts of Web services. Please refer to the Web Services White Paper for a fairly complete description of the standards as well as links to more detailed information. Enterprise Service Bus (ESB) Connecting systems and automating business processes are strong drivers to reducing costs, improving operational efficiency, and capturing new business opportunities. For these reasons, technologies that facilitate integration are a high priority for many technology executives. Some of the more popular approaches are ETL (Extract, Transform, and Load), Batch, FTP, Information Brokers, and ESB. The latter has emerged as the preferred method to connect Web services as well as provide interoperability among applications, mainframe, and third party systems. ESBs are based on lessons learned from integration brokers and best practices from standardsbased infrastructure based on XML, Web services, reliable asynchronous messaging, and distributed components. These collectively form an architecture for a highly distributed, loosely coupled integration fabric to deliver all the key features of an integration broker, but without the barriers. In simple terms, ESBs: • Route messages between services. • Convert transport protocols between requestor and service. LRS RFP - Attachment H (Technical Exhibits) Page 27 November 30, 2007
Los Angeles County Department of Public Social Services LEADER Replacement System (LRS) 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 • Transform message formats between requestor and service. • Handle business events from disparate sources. Some ESB vendors include additional features: • Service composition • Business process management SOA Security Because SOA is XML message-based, security in the SOA world is handled via specific sections within an XML message. WS-Security from OASIS defines the mechanism for including integrity, confidentiality, and single message authentication features within a SOAP message. WS-Security makes use of the XML Signature and XML Encryption specifications and defines how to include digital signatures, message digests, and encrypted data in a SOAP message. Identity and Authentication Authentication means verifying the identity of a user. The Web service security standards allow for the notion of identity authorities and trusted relationships. That is, an identity service can be federated among departments; however there is only one authority for a given type of identity (for example, a Citizen Authority which would be the single point of authenticating any citizen performing an interaction requiring security). Other citizen-based applications would trust this authentication and not re-authenticate as the user’s interactions invoke different applications. SAML (Security Access Markup Language) Security Assertion Markup Language (SAML) from OASIS provides a means for partner applications to share user authentication and authorization information. This is essentially the single sign-on (SSO) feature being offered by all major vendors in their e-commerce products. In the absence of any standard protocol on sharing authentication information, vendors normally use cookies in HTTP communication to implement SSO. With the advent of SAML, this same data can be wrapped inside XML in a standard way, so that cookies are not needed and interoperable SSO can be achieved. SAML is an XML vocabulary that defines the syntax necessary to exchange identity information between applications. Security Standards There are many Web service security standards. Please see the Security Standards for Web Services section in the SOA Security White Paper for detailed descriptions. Reference SOA Architecture Establishing an Enterprise Reference Architecture is important for the big picture. SOA is a key subset of the enterprise and it is sometimes not obvious where SOA fits into the enterprise. That is, one can get lost in the many details and standards surrounding SOA. So, a Reference SOA Architecture is provided (see following diagram). LRS RFP - Attachment H (Technical Exhibits) Page 28 November 30, 2007
Page 1 and 2: LEADER REPLACEMENT SYSTEM Request f
Page 3 and 4: Los Angeles County Department of Pu
Page 17 and 18: 266 Function Operating Systems Clie
Page 29: Los Angeles County Department of Pu
Page 53: Los Angeles County Department of Pu

leader replacement system - Department of Public Social Services ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?