SOA Governance

Here's a 5 minute "essentials of SOA Governance" capsule extracted from my couple of hours worth of digging -

SOA Governance has two components . It controls how Services are:
(a) Designed & Developed ( Development Governance)
(b) Deployed and Operated (Runtime Governance)

(a) Development Governance - Use Registries and Repositories to govern development. Registries (for example UDDI) can help re-use of service - a directory of what's available and how to use/re-use it - Contains information about the service, its interface, versioning and security contracts. Because of its use of standards - allows interoperability and true discovery & re-use. Repositories contain all the info needed to implement the service - the implementation code, configuraiton, dependencies and infrastructue specific deployment profiles.

(b) Runtime Governance - Ensures that your SOA is operating smoothly and delivering the value that you think it should be . Ensures that you have consistent policy Management (i.e. Security, Logging , Auditng, SLA ). Uses standards like WS-Policy, WS-Security, WS-Reliability.

Service Policies can be separated from development. Developers can focus on developing services to meet business needs and then at the time of deployment the policy makers can define the policies.