1 / 62

EA Technology Policies

EA Technology Policies. An Emerging ICT Strategy for HA Transformation. Positioning IS/IT Policies. Business-driven (Top-down). Focus is on the “To-Be” not “As-Is”. Based on the maxim: “One Agency = One Enterprise Architecture”. As-is situation.

halen
Download Presentation

EA Technology Policies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EA Technology Policies An Emerging ICT Strategy for HA Transformation

  2. Positioning IS/IT Policies • Business-driven (Top-down). • Focus is on the “To-Be” not “As-Is”. • Based on the maxim: “One Agency = One Enterprise Architecture”

  3. As-is situation • Two separate technical infrastructures • OSS vs. BSS • OSS is 16x greater in financial terms • Two “parallel universes” - competing architectures • Fails “One Agency = One EA” maxim

  4. Network Convergence • One Agency = One network • Expand NRTS – leverage investment in national fibre network • Standardise on IP for Data, Voice and Video • Single terminal access via a UOI • Economies of scale • Integration • Flexibility

  5. Unified Operator Interface • Single “terminal” access • Mosaic/Model Office • Supersedes tactical KVM/SKRIBE • ESSO - Enterprise Single Sign-On • Builds on NTCC Model (HAbIT network integration) • Effectively the Strategic HA Desktop • Universal Access

  6. Single Virtual Data Centre • Delivered as a “Metro” Cluster across [at least] two geographically separate locations • Cluster Interconnect via resilient NRTS CWDM • Fibre-Channel SAN

  7. Universal Access • The 3 C’s: • Centralisation • Consolidation • Convergence • Location transparency • Independent of Agency’s organisational structures • ‘Martini’ virtualised access: • Any Time • Any Place • Anywhere • Resilient/Disaster Tolerant • No Single Point of Failure • Business Continuity

  8. Server Consolidation • Server sprawl: • Adding dedicated servers for new projects • Growth in capacity especially data storage • Inefficiencies – low utilisation of individual servers • Rising costs and increased carbon footprint: • Cost of managing lots of servers • Cost of power now exceeds the cost of the server (system fans are biggest drain) • …. • Resulting trend is towards consolidated ‘server farms’

  9. VMware Infrastructure Enterprise Virtualisation Virtual Machines Virtual Machines ESX Server ESX Server ESX Server ESX Server ESX Server ESX Server ESX Server ESX Server Server Server Farm Network Storage Server Virtualisation (Example) • Partition CPU and memory in multiple virtual machines • Store virtual machine disks on local or shared storage. VMFS cluster file system manages virtual machine disk storage • Build networks within or across ESX Servers.

  10. Modular Data Centres • 21st Century Data Centres now focus on power (watts/sq. metre) as most critical factors in design • Implements densely packed commodity clusters • Utilises macro-modules based on standard shipping containers for ease of transport • Modular building blocks • Extends the idea of blade servers • Improved efficiency • Addresses “Green” issues • Implement via Managed Service contract

  11. Domains • Although one logical network… • Physically, a network of networks as per the Public Sector Network (PSN) • Supports the DfT concept for a “System of Systems” • Concept of domains and “Circle of Trust” • Federated identities (Single Sign-On)

  12. Identity ManagementBusiness Value “Identity management projects are much more than technology implementations — they drive real business value by reducing direct costs, improving operational efficiency and enabling regulatory compliance.”

  13. Business Automation Customers (B2C) Intra-Agency (B2E) Partners (B2B) Mobility Applications Client Server Internet Mainframe Explosion of ID’s # of Digital IDs Time Pre 1980’s 1980’s 1990’s 2000’s

  14. The Disconnected Reality • Authentication • Authorisation • Identity Data • Authentication • Authorisation • Identity Data • Authentication • Authorisation • Identity Data • Authentication • Authorisation • Identity Data • Authentication • Authorisation • Identity Data • Authentication • Authorisation • Identity Data • Authentication • Authorisation • Identity Data HR System NOS Web Apps Enterprise Directory Infrastructure Application COTS Application In-House Application In-House Application • “Identity Chaos” • Lots of users and systems required to do business • Multiple repositories of identity information; Multiple user IDs, multiple passwords • Decentralised management, ad hoc data sharing

  15. Our SUPPLIERS Our CUSTOMERS Our REMOTE andVIRTUAL EMPLOYEES Our PARTNERS Multiple Contexts Customer satisfaction & customer intimacy Cost competitiveness Reach, personalisation Collaboration Outsourcing Faster business cycles; process automation Value chain Our AGENCY and EMPLOYEES Mobile workforce Flexible/temp workforce

  16. Pain Points IT Admin Developer End User Security/ Compliance BusinessOwner • Too many user stores and account admin requests • Unsafe sync scripts • Redundant code in each app • Rework code too often • Too many passwords • Long waits for access to apps, resources • Too many orphaned accounts • Limited auditing ability • Too expensive to reach new partners, channels • Need for control

  17. To-Be Authentication • Should only have to login once • Identity is federated across domains • Access permissions determined by Role(s), Groups and Policies • Automated provisioning linked to ERP Systems • Employees joining/leaving (HR) • Contractors (Procurement)

  18. Federated Identities • Cross domain trust using: • Security Access Markup Language (SAML) • Liberty Alliance (ID-FF)/WS-Federation protocols • Digital Certificates

  19. The Connectivity challenge • Point-to-point, many-to-many interfaces • Batch latencies • Complex processes and systems • Difficult to modify • High maintenance cost

  20. Enterprise Service Bus • ESB - Next Gen Enterprise Application Integration (EAI) • Distributed – Fault-tolerant • Standards-based • Lower TCO

  21. Is ESB just the latest“flavour of the month”? • The term “ESB” was first coined by the Sonic Software division of Progress Software in 2002 to describe its then new Extensible Markup Language (XML)-enabled Message-Oriented Middleware (MOM) product, SonicXQ, which is now known as Sonic ESB.

  22. Real-world ITS Example • Founded in 1972, Brisa is Portugal's largest highway management concessionaire. • ITSIBus - Intelligent Transportation Systems Interoperability Bus is a Service-Oriented Architecture originally developed by ISEL in 2002. • In production since 2004.

  23. Enterprise Service Bus Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Signal Feed Service Orchestration (Mediation)‏ ESB provides basic message delivery services - Complex Event Processing (CEP) is used to enhance error identification. A State Engine is configured from basic logic components. Data Services Transformation Event Driven Services Routing Trackernet2 LUIM Network Other Transport ESB Example:Transport for London Tracker Net UI is a subscriber to events from the ESB. The lightweight MQ Telemetry Transport (MQTT) protocol is used to delivery messages via Micro Brokers - these in turn deliver to Message Managers which assure delivery of Messages to ESB. Transport is resilient, with logging and audit of message delivery.

  24. Other ESB Examples in Government:Police (www.iss4ps.police.uk)

  25. Customs & Excise

  26. Defra’s INSPIRE Blueprint

  27. EU Federated Approach EU Integration of service buses allows application and data services to be shared across EU and between Member States Architecture replicated in each Member State for ‘local’ services and in EU for ‘EU-wide’ services Member State Member State Member State

  28. Federated ESB’s • Supports multiple domains. • Requires unified Governance, Security and Management. • Highly distributed geographic locations across the Agency. • Best practice requirements to isolate operationally critical environments. • Differing ESB requirements across the Agency and, potentially beyond to other third-parties. • The need for asynchronous development and incremental deployment.

  29. To-Be Architecture – TMC’s • Real-time data flow. • Publish & Subscribe message exchange pattern. • Example adapters (e.g. JCA, JMS).

  30. Common Control Room Framework • Common Services supporting: • Incident Management • Traffic Management • Custom Business Process Orchestrations: • NTCC • RCC’s • Role-Based Access Control (RBAC)

  31. Traffic Management • With increasing demand for travel, more and more road networks are experiencing Traffic Congestion. • In many cases this could be reduced if more real-time information was available to traffic engineers and drivers.

  32. Drivers for change • Shared Operational Picture • Increasing need for real-time access to a common operational picture. • Increased Data Volumes • Real-time dissemination of massive data volumes, often on a large scale. • Loosely coupled, Plug & Play • Need to cope with emerging ITS demands such as CVHS. • Interoperability • Need to share information end-to-end, in the new emerging System of Systems. • Interoperability is a key enabler to meeting new demands.

  33. Intelligent Highways Increasing amounts and sophistication now and in the future… …More devices (IPv6) …More data …in Real-Time…. “The right data at the right place at the right time … … all the time”.

  34. Roadside Devices • Signs and Signals • Sensors: • Inductive loops • ANPR • Weather • DSRC (e-Toll) • Past, present and future • Multi-vendor • V2I/I2V

  35. Roadside UTMC-basedReference Architecture Encapsulated internals Unified Operator Interface Software as a Service Information as a Service ESB and Legacy Integration NRTS Network Layers UTMC MIB’s, Datex II XML

  36. Service-Oriented Device Architecture When modelled as services, device access and control can be made available to a wide range of enterprise application software using service-oriented architecture mechanisms.

  37. SODA Architecture • In this model, responsibility for encapsulating services can be appropriately shifted to the suppliers who know them: • One side deals with their device specific connections and protocol • Other side deals with network interfaces needed to pump the data over a streaming protocol. • A standard specified service can have a wide variety of underlying hardware, firmware, software and networking implementations.

  38. SODA Objectives • To insulate SOA from device interfaces and proprietary vendor implementations. • To facilitate integration. • To accelerate and focus the convergence of technologies through a combination of: • Standards • Open source software • Reference implementations • Partners and community building …to achieve these objectives it builds upon the OSGi Service Platform…

  39. SODA Device Kit • Modeling Driven Design (MDD) • Control Markup Language (CML) • Auto-generate OSGi code for all four layers of the device adapter • Contains more than 200 plug-ins for design time and runtime

  40. OSGi(Formerly known as the Open Services Gateway initiative) • The OSGi Service Platform spans: • Digital mobile phones • Vehicles • Telematics • Embedded appliances • Residential gateways • Industrial computers • Desktop PCs • High-end servers

  41. OSGi Architecture The framework is conceptually divided into the following areas: • Bundles - Bundles are normal jar components with extra manifest headers. • Services - The services layer connects bundles in a dynamic way by offering a publish-find-bind model for Plain Old Java objects(POJO). • Services Registry - The API for management services (ServiceRegistration, ServiceTracker and ServiceReference). • Life-Cycle - The API for life cycle management (install, start, stop, update, and uninstall bundles). • Modules - The layer that defines encapsulation and declaration of dependencies (how a bundle can import and export code). • Security - The layer that handles the security aspects by limiting bundle functionality to pre-defined capabilities. • Execution Environment - Defines what methods and classes are available in a specific platform.

  42. Transport Example:Global System for Telematics • GST Open Systems Implementation Guide • Building Blocks for a Global System for Telematics • Builds on OSGi Service Platform • Runs on Java Virtual Machine

  43. Device Management • OSGi Network Management is protocol agnostic.

  44. Streaming services • The real world never shuts up!!! • Sensors and actuators do not match an HTTP request-response model. • Data must be streaming. • Enterprise Service Bus (ESB) streaming protocols include: • Proprietary Message-Oriented Middleware (MoM). • Java Messaging Service (JMS) for Java-centric busses. • Extensible Messaging and Presence Protocol (XMPP) for low-band device data. • Real-time Transport Protocol (RTP) for broadband device data. • OMG Data Distribution Service (DDS) for mission-critical data.

  45. Life at the Edge: Traffic Management Example

  46. The Gap:Differing Requirements

  47. Data Distribution:Middleware choices • Really only three choices: • Use proprietary middleware • MQ Series, Tibco, BEA • Java Messaging Service (JMS) • Standards-based • Popular in the “Enterprise” domain • API only, no wire interoperability • Data Distribution Service (DDS) • Standards-based • Popular in the “Edge” domain

  48. DDS Applicability

  49. Global Data Space –Publish & Subscribe

More Related