Governance Interoperability Framework

Last updated June 19, 2021

The Governance Interoperability Framework (GIF) is an open, standards-based specification and set of technologies that describes and promotes interoperability among components of a service-oriented architecture (SOA). GIF integrates SOA ecosystem technologies to achieve heterogeneous service lifecycle governance and is supported by Hewlett-Packard Company and by GIF partners.

SOA Governance and creating a system-of-record

Governance is recognized as a foundational requirement for successful enterprise adoption of SOA: Gartner has stated that “governance isn’t an option but an imperative”, and predicts that the dominant mode of SOA project failure will be a lack of adequate governance.^[1]

The primary products used by most organizations to achieve SOA governance are based on an integrated registry-repository, and provide support for managing and communication information in an SOA as well as automating key governance activities.^[2] These SOA governance systems provide a central system-of-record for all services and related information in an SOA, and are the place where services can be advertised by providers and discovered by consumers. As such, they act as a key control point for governing service availability, versioning, service lifecycle management, and for ensuring compliance with business and technical policies.

To be effective, SOA governance systems need a mechanism for exchanging information between all the disparate technologies that support an SOA. Interoperability is a fundamental requirement for the visibility, trust and control required for effective SOA governance.^[3] The objective of GIF is to drive interoperability through the adoption of standards and common approaches to modeling and exchanging information.

GIF Overview

GIF represents a collection of APIs defined by standards organizations, data mappings and classifications and leverages UDDI and WS-Policy standards, among others, as building blocks. In order to promote commonality of approaches and understanding of the information represented, GIF also defines vocabularies for the purpose of applying metadata to service information.

Integration with the Governance Interoperability Framework is based on two primary pillars of integration: Control Integration and Service Data Integration. These themes are based on the famed Model–View–Controller (MVC) pattern:

Control integration – Consists of alerting and notification integration; launching events and actions; and integration of business service governance and lifecycle.

Data integration – Consists of leveraging the Business Service Registry as the primary service description, characteristic, and policy catalog.

GIF provides control and data integration needed to support activities such as the governance of business service provisioning and lifecycle management. Aspects of this are:

Provisioning integration – Leverage the SOA governance system as part of the provisioning and deployment process of business services. Once integrated, bi-directional exchange of service information between participants is enabled.

Deployment integration – Upon deployment of services, any party should have the ability to alert others to the existence of the service and the need to put the service and its definitions under management.

Lifecycle management – Lifecycle management of all facets of a business service is required. This means collaborating and integrating components for the purpose of managing:

service and artifact versioning
lifecycle information (e.g. development, test, production, deprecated)
lifecycle status and state of the service (availability)
deployment information including up-time, first deployed date, last deployment date
contact and support information about the service or template (owner, responsible organization, support contact, manager, etc.)
compliance status
dependencies and relationships between:
- services – those dependencies that the partner creates partner
- proxies and the services they proxy
- services consumed by another service

GIF has been driven by several use cases, including:

SOA governance system acting as the authoritative source of service descriptions and metadata to other components of an SOA ecosystem.
SOA governance system as the recipient of service descriptions, metadata and policy information, including but not limited to publishing service descriptions (typically WSDL documents and associated metadata) and lifecycle information.
Publish service characteristics to the SOA governance system to enable the searching and reporting of services and their artifacts. This may include publishing performance data, historical trends and other facets of service information such as constraints and capabilities of the service.
Make service characteristics, such as configuration, constraints and capabilities typically expressed as policy, discoverable.
Publishing and making available protocol and binding information, such as the WSDLs of proxied services by security or management partners, and their associated business service (functional) WSDLs.

GIF organization and membership

GIF is not a standard itself, but rather leverages existing standards to support SOA governance interoperability. GIF is supported by Hewlett-Packard Company and by GIF partners. For more information about the GIF specification, existing GIF partners and how to join GIF, visit HP’s website.

Related Research Articles

The term Web service (WS) is either:

An e-GIF, or eGovernment Interoperability Framework, is a scheme for ensuring the inter-operation of computer-based systems. It is intended to resolve and prevent problems arising from incompatible content of different computer systems. An e-GIF may aim to facilitate government processes at local, national or international levels.

BEA Systems, Inc. was a company that specialized in enterprise infrastructure software products which was wholly acquired by Oracle Corporation on April 29, 2008.

Service-oriented architecture (SOA) is an architectural style that supports service orientation. By consequence, it is as well applied in the field of software design where services are provided to the other components by application components, through a communication protocol over a network. A service is a discrete unit of functionality that can be accessed remotely and acted upon and updated independently, such as retrieving a credit card statement online. SOA is also intended to be independent of vendors, products and technologies.

Data Management comprises all disciplines related to managing data as a valuable/vital resource.

Enterprise Architecture (EA) is as a discipline that: i) defines, organises, standardizes, and documents the whole architecture and all important elements of the respective organisation, covering relevant domains such as business, digital, physical, or organisational; and ii) the relations and interactions between elements that belong to those domains, such as processes, functions, applications, events, data, or technologies.

Java Business Integration (JBI) is a specification developed under the Java Community Process (JCP) for an approach to implementing a service-oriented architecture (SOA). The JCP reference is JSR 208 for JBI 1.0 and JSR 312 for JBI 2.0. JSR 312 was removed from the JCP balloting process on 17 Dec, 2010 by the submitters without being accepted.

An XML appliance is a special-purpose network device used to secure, manage and mediate XML traffic. They are most popularly implemented in service-oriented architectures (SOA) to control XML-based web services traffic, and increasingly in cloud-oriented computing to help enterprises integrate on premises applications with off-premises cloud-hosted applications. XML appliances are also commonly referred to as SOA appliances, SOA gateways, XML gateways, and cloud brokers. Some have also been deployed for more specific applications like Message-oriented middleware. While the originators of the product category deployed exclusively as hardware, today most XML appliances are also available as software gateways and virtual appliances for environments like VMWare.

Oracle Fusion Middleware consists of several software products from Oracle Corporation. FMW spans multiple services, including Java EE and developer tools, integration services, business intelligence, collaboration, and content management. FMW depends on open standards such as BPEL, SOAP, XML and JMS.

A data steward is an oversight or data governance role within an organization, and is responsible for ensuring the quality and fitness for purpose of the organization's data assets, including the metadata for those data assets. A data steward may share some responsibilities with a data custodian, such as the awareness, accessibility, release, appropriate use, security and management of data. A data steward would also participate in the development and implementation of data assets. A data steward may seek to improve the quality and fitness for purpose of other data assets their organization depends upon but is not responsible for.

The Devices Profile for Web Services (DPWS) defines a minimal set of implementation constraints to enable secure web service messaging, discovery, description, and eventing on resource-constrained devices.

OpenESB is a Java-based open-source enterprise service bus. It can be used as a platform for both enterprise application integration and service-oriented architecture. OpenESB allows you to integrate legacy systems, external and internal partners and new development in your Business Process. OpenESB is the unique open-source ESB relying on standard JBI, XML, XML Schema, WSDL, BPEL and Composite application that provides you with simplicity, efficiency, long-term durability, and savings on your present and future investments with a very low TCO.

SOA Governance is a set of processes used for activities related to exercising control over services in a service-oriented architecture (SOA). One viewpoint, from IBM and others, is that SOA governance is an extension (subset) of IT governance which itself is an extension of corporate governance. The implicit assumption in this view is that services created using SOA are just one more type of IT asset in need of governance, with the corollary that SOA governance does not apply to IT assets that are "not SOA". A contrasting viewpoint, expressed by blogger Dave Oliver and others, is that service orientation provides a broad organising principle for all aspects of IT in an organisation — including IT governance. Hence SOA governance is nothing but IT governance informed by SOA principles.

An information server is an integrated software platform consisting of a set of core functional modules that enables organizations to integrate data from disparate sources and deliver trusted and complete information, at the time it is required and in the format it is needed. Similar to how an application server is a software engine that delivers applications to client computers, an information server delivers consistent information to consuming applications, business processes and portals.

Service-oriented architectures (SOA) are based on the notion of software services, which are high-level software components that include web services. Implementation of an SOA requires tools as well as run-time infrastructure software. This is collectively referred to as a service-oriented architecture implementation framework or (SOAIF). The SOAIF envisions a comprehensive framework that provides all the technology that an enterprise might need to build and run an SOA. An SOAIF includes both design-time and run-time capabilities as well as all the software functionality an enterprise needs to build and operate an SOA, including service-oriented:

SOA Repository Artifact Model & Protocol (S-RAMP) is a specification of SOA repository released by HP, IBM, Software AG, TIBCO, and Red Hat. The SOA repository provides environments for designing, running and monitoring services. The repository manages artifacts like schemas, service descriptions, business process definitions and policies. The SOA Repository Artifact Model and Protocol (S-RAMP) defines a common data model for SOA repositories as well as an interaction protocol to facilitate the use of common tooling and sharing of data. This ATOM binding specifications documents the syntax for interaction with a compliant repository for create, read, update, delete and query operations. The S-RAMP specification promotes interoperability of SOA Repositories. The S-RAMP specification is one of the SOA standards.

IBM WebSphere Service Registry and Repository (WSRR) is a service registry for use in a Service-oriented architecture.

Business-oriented architecture is an enterprise architecture approach for designing and implementing strategically aligned business models.

Sparx Systems Enterprise Architect is a visual modeling and design tool based on the OMG UML. The platform supports: the design and construction of software systems; modeling business processes; and modeling industry based domains. It is used by businesses and organizations to not only model the architecture of their systems, but to process the implementation of these models across the full application development life-cycle.

References

↑ Paolo Malinverno, Gartner Research Service-Oriented Architecture Craves Governance, January 2006
↑ Philip J. Windley, SOA Governance: Rules of the Game Archived 2008-07-24 at the Wayback Machine , InfoWorld.com, 23 January 2006
↑ Frank Kenney, Daryl Plummer, Magic Quadrant for Integrated SOA Governance Technology Sets, 2007, January 2007

Paolo Malinverno, Gartner Research Service-Oriented Architecture Craves Governance, January 2006
Philip J. Windley, SOA Governance: Rules of the Game, InfoWorld.com, 23 January 2006
Frank Kenney, Daryl Plummer, Magic Quadrant for Integrated SOA Governance Technology Sets, January 2007

External links

Information about the Governance Interoperability Framework