AmberPoint's new Exception Manager product has a very functional name that doesn't really do it justice. As soon as I understood what it does, it put me in mind of an article by Jon Udell earlier this year on test-driven development. Proponents of this form of development recommend writing the tests before starting to build the software. "The tests create a safety net," Jon explains, "enabling the programmer to engage in the risky but necessary practice of refactoring continuously reorganizing the code without fear of breakage."
In a service-oriented architecture, the one thing you can guarantee is that the 'code' is continuously going to get reorganized, because the architecture assumes, even encourages, the reassembly of services in new configurations. You need a product like AmberPoint's Exception Manager because this is an environment in which Murphy's Law operates with a vengeance: What can go wrong, will go wrong.
This is particularly true, as Ward Cunningham told Jon in an interview that accompanied his article, in a business context, where exceptions (to use AmberPoint's term) are things "like an out-of-sequence endorsement on an insurance contract." Ward's variety of test-driven development allows business analysts to construct a variety of scenarios (exceptions, in AmberPoint's language) that developers should test for.
After AmberPoint briefed me on their product, I started collecting some real-life examples of Murphy's Law in operation on the Web. There were plenty in the news. This shouldn't be a surprise. The more connections you have, the more unintended consequences you're going to have. Here are some that could have done with being caught:
Automated search ads can boomerang: [Appearing alongside search results for "child pornography",] the ads -- one selling services for a criminal defense attorney and the other for an adult Web site -- came courtesy of Google, whose free software powers searches on the National Coalition Against Censorship's (NCAC) Web site ... Google and Overture's advertisements frequently find their way onto partner and affiliated Web sites -- like NCAC's -- whose advertising policies may differ from their own.
... In one recently publicized case, Google sold placement for the keyword "suitcase" to a luggage company, and its ad appeared near a story on the New York Post's site about a murder victim whose parts were found in a suitcase.
Car shoppers' credit details exposed in bulk: The exposed site was an administrative page at the Tennessee-based hosting company Dealerskins, a firm that provides turnkey Web solutions to automotive dealerships. The page -- which was not password protected and included no warnings that it was private -- allowed visitors to view, in reverse-chronological order, all of the information that had been typed into Web forms on Dealerskins-hosted sites, like autocentersdirect.com and courtesyflm.com.
Unfortunately, I haven't yet seen any news coverage that does a good job of explaining what AmberPoint's product is all about, but perhaps they will come later in the week. However, I'm pleased to see that eWeek have corrected an earlier imbalance in their story, CA, AmberPoint Offer New Web Services Management Tools, by eliminating some comments that were not as impartial as they had appeared to be.
posted by Phil Wainewright 11:29 AM (GMT) | comments | link
Tuesday, September 30, 2003
Where to draw the line
Actional's announcement of new features yesterday illustrates one of the trickiest challenges with web services, namely where to draw the line between best-of-breed and bundling. In principle, the loosely coupled web services architecture allows you to build a system by hooking up different modules of functionality from anywhere in the network, so you can select the very best resources available for each individual element. In practice, the benefit may be outweighed by the performance hit you'll take with each separate hop across the network, especially if there's a lot of shared information you need to send out to all the participants.
So Actional has decided to add an integrated XML firewall to its product, because, says senior VP of product James Phillips, "One hop, one parse [provides] far better performance than serial deployment."
On the other hand, Actional takes the view that business activity monitoring and service level management don't belong in the web services management layer. "Some web services management vendors are going around saying they give business insight into what's happening customers say that's nonsensical," says James. The right place to monitor business processes is in your business process management console, he says. Management products like Actional simply provide information about what's going on in the infrastructure, which BPM products can then put into context.
The key element in this trade-off is context. Including the firewall with web services management makes sense because the management environment already contains a lot of the relevant context that the firewall has to work with. Whereas the business process context is external to the management environment.
The only flaw in this logic is that you might argue that business process shouldn't be so divorced from management as is currently the norm. Certainly, web services management tools are increasingly having to heed business context parameters when implementing resource allocation, routing or failover processes. This is the role of Actional's third new feature, which implements predetermined responses to problems as they arise in the services infrastructure. Many of those responses will be driven by business considerations, and so wherever the line has been drawn between the two functions, the handover between them still needs to be as seamless as possible.
posted by Phil Wainewright 2:31 AM (GMT) | comments | link
Assembling on-demand services to automate business, commerce, and the sharing of knowledge