|
 In July I was appointed CIO at Sun, and one of my many new responsibilities includes overseeing strategies that make information more effective and valuable in the enterprise. This is a subject I've long found fascinating, and you may remember that I addressed some of these issues in a piece about Sarbanes-Oxley (SOX) compliance I wrote for the June edition of Sun Inner Circle.
I really enjoyed writing that piece — and was very pleased when I was recently asked to become the new sponsor of the Sun Inner Circle newsletter. As CIO, I spend a great deal of time talking to customers — exploring their issues, and then seeing that we respond by engineering technology that meets real-world business needs. Sponsorship of this online publication seemed to dovetail perfectly with these conversations.
Besides, I was also excited about continuing to contribute to in-depth overviews of technological trends. If you've been a regular reader, you know that Sun Inner Circle stories not only examine where IT seems to be headed but also usually include some background on the origins of these developments.
Last month, Sun Inner Circle took a look back at Web 1.0, which seemed to be appropriate on the 15th anniversary of the World Wide Web. This overview of an extraordinarily important development in technology history also provided the backdrop for a summary of the seven most important practical strategies Sun sees for getting the most out of Web 2.0.
One of these seven items included re-engineering legacy systems for service-oriented architecture (SOA). Increasingly, our customers need systems that share information among applications through Web services. Simply put, staying competitive depends on a company's ability to integrate legacy systems and deliver more services, thereby streamlining business processes and information flows.
This includes making sure an SOA is aligned with the business processes it's supposed to support — and that this service model bypasses the limitations of prepackaged applications to deliver information securely, regardless of the underlying system or process.
These processes include things like SOX — and as I noted in my June article, IT plays a critical role in these situations by merging security with compliance. I've fleshed this area out a bit more below, and as you read on, I think you'll have a better idea of how Sun's approach to SOA is helping its customers speed time to market with this breakthrough model of technology provisioning.
Narrowing the Gap Between IT Development and Business Processes
No mention of Sun's approach to SOA would be complete without mentioning the Sun Java Composite Application Platform Suite and the recent release of the Sun Java System Identity Manager 7.0. With both software packages, Sun is making huge steps forward in narrowing the gap between IT development and business processes. But before we take a look at how Sun is now integrating business information into business applications, a quick trip back in time may be helpful to explain how far we've come.
Being transported to the not-too-distant past of the mainframe would horrify many of today's executives. I know I find it difficult to picture working in environments where distance defined the relationship between developer and user. Some have described this as a waterfall process: business users just had to make do with whatever developers dropped on them.
Fortunately, this one-way flow of information ideas didn't last, thanks largely to James Martin's popularization of computer-aided software engineering (CASE) in the early 1990s. With the CASE emphasis on including business-oriented language and terminology to build applications, business requirements and development moved a little closer to each other.
Thinking about IT in business terms led us to the now-familiar model of object-oriented development, and complex machine language gave way to statements of business problems. This development alone would make any business time traveler sigh with relief. In short order, object-oriented development led to now-familiar Web services — and the ability to rapidly prototype and provision business services.
Each of these developments from CASE to Web services has closed the gap between development and constantly changing business process needs. This IT evolution has also marched us toward SOA's ability to assemble pre-existing components into new services or applications. And in this era of unprecedented mergers and acquisitions, this is critical, particularly since few companies are in the position to uproot entire legacy systems.
SOA Foundation: Sun Java Composite Application Platform Suite
Integrating already existing code found in legacy systems to deliver new services is a fundamental part of the Sun strategy for Web 2.0 — a strategy that enables our customers to immediately use an SOA to meet new business demands stemming from customer, product, and supplier requirements.
This allows even faster time to value, as Sun Java Composite Application Platform Suite enables existing applications to deliver new services with modules for business process management, monitoring, and moving bulk data among applications. All of this is made possible through an interface built on a Java EE core that spans systems and applications. Users link services together under an SOA, rather than relying on older methods of linkage such as EDI, which is limited to linking institutions with applications.
Traditional linking systems like EDI may have been limited in connecting applications with processes, but these computer-to-computer exchanges of information still provided substantial application access controls for security and regulatory compliance. It's a touchy subject for a number of high-tech companies that have recently jumped on the SOA bandwagon, because their Web services often have problems providing this kind of old-fashioned security. I think this is quite understandable. Web-based environments that link services together through multiple applications typically sacrifice access controls for overall application access.
Identity Manager 7.0 Combines Provisioning and Identity Auditing
Here at Sun, we think the way to secure Web-based applications is to tightly integrate services with identity management and identity provisioning capabilities. This is where the new release of the Sun Java System Identity Manager 7.0 comes in. Like Sun Java Composite Application Platform Suite, this solution revolves around processes rather than individual applications, because Sun's identity management solution bases security on levels of access authorization for particular services.
It does so well at automating identity controls inside and outside the enterprise that Gartner recently placed Sun in the Leaders Quadrant of its User Provisioning Magic Quadrant. Forrester, meanwhile, calls Sun "an identity management powerhouse" and "the undisputed provisioning market leader."
The Sun Java System Identity Manager also is built on the concept of managing provisioning and compliance together, facilitating compliance with internal and external auditors. Beyond its built-in preventative security measures, it provides proof that identity controls are being followed. Not only does this demonstrate compliance, but it helps speed the deployment of new business processes in an SOA based on the Sun Java Composite Application Platform Suite solution.
Sun and Accenture Partner to Deliver SOA Solutions
In my work, I spend a good amount of time listening to pressing customer issues, and I constantly hear about the importance of technologies like SOA being driven by business needs. Fortunately for our customers, Sun is a systems company, not just a SOA provider. As a result, we've made sure that our identity management solution integrates with the Sun Java Composite Application Platform Suite environment for a true SOA platform.
Sun has also recently taken the idea that business-based technology should actually be driven by business one step further by entering into a special relationship with Accenture, the world's largest management consulting company. It's an alliance that makes a lot of sense for our customers. Accenture has been using Sun Java Composite Application Platform Suite and Sun's identity management solutions in its consulting engagements for some time, and the firm's enormous inventory of business processes neatly dovetails with our own technological expertise in rapid SOA deployments.
And, as we announced just a few weeks ago, the new Accenture Innovation Center for Sun Solutions will employ development teams from both companies to use the Sun Java Composite Application Platform Suite and Sun's identity management technologies for specific client business processes, as well as providing prepackaged services for immediate integration. This will provide yet another option for customers who are considering re-engineering their systems for a SOA.
The Accenture Innovation Center for Sun Solutions will also be devoted to researching all the ways in which a SOA can ensure that business processes can direct the use of technology. To my thinking, this part of the partnership also represents a real win for our customers, who typically need new services and processes at speeds unimaginable in times past.
And as we leverage past lessons from CASE to Web services, I look forward to providing even more answers to pressing customer issues that revolve around speeding time to market and getting the most out of your technology investments. After all, another one of my responsibilities is making sure that Sun's customers are on board with our technology deployment strategy.
Bob Worrall
CIO, Sun Microsystems, Inc.
cio@sun.com
| 
