Sunday, July 3, 2016

Oracle Integration Cloud Service / iPaaS (Integration Platform as a Service)

CLOUD-TO-CLOUD
ICS’s building blocks:
  • Oracle Cloud Application Framework
  • Oracle Service Bus
  • Oracle SOA Suite 12c
  • Oracle WebLogic 12c
  • Oracle DB 12c
  • Oracle Exalogic Elastic Cloud
  • Oracle Alta UI
  • Oracle Public Cloud
  • Java 7

How do we request and/or create new adapters so we can integrate with diverse SaaS providers for which Oracle has not yet provided a connector?

A: Developers can use Oracle's Cloud Adapter SDK to build new ready-to-use connectors in a simple, standardized fashion. A “Cloud Marketplace” will also be available for Oracle PaaS subscribers. Consumers will be able to browse, pay for and subsequently reuse custom adapters developed by third parties, as well as to publish and commercialize their own creations

idea behind Oracle ICS is: Subscribe -> Design & Configure -> Activate -> Voila!

Very good scenario: https://community.oracle.com/docs/DOC-991161

  • As has been made clear by the use case, iPaaS is the most adequate and dynamic option for cloud integration scenarios in the modern industry.
  • Regarding Cloud Architectures, it is very important to stay away from traditional point-to-point integrations in order to avoid ending up with a spaghetti of interfaces. The whole point of cloud-based solutions is to simplify the IT landscape, reduce TCO, and increase the performance/reliability of our information systems.
  • Oracle’s ICS is a highly robust and enterprise-ready cloud integration platform that can quickly unlock a whole set of technical and business opportunities for organizations with cloud strategies

CLOUD-TO-ON PREMISES
Security
The nature of a company’s information can be classified as follows:

  • Critical: Indispensable for the business’s operation
  • Valuable: An important asset to the organization
  • Sensitive: Only authorized access must be allowed, probably even protected by law

Information security is usually an enterprise-wide discipline that touches upon availability, communication, risk management, integrity, confidentiality, compliance and more. When correctly applied, such security will ensure that the organization’s information will always comply with the following essential characteristics:

  • Confidentiality: Disallows information delivery or broadcasting to unauthorized recipients, whether those are persons or systems. Access will be granted only to well-identified entities that possess an appropriate clearance level.
  • Integrity: Protects data from unauthorized modifications. Information must be delivered in a consistent and true manner, without any tampering or alteration by third persons or processes.
  • Availability: Information must be available to be accessed every time it is required by any party, person or system with the right level of authorization.
Once again, this becomes particularly relevant when dealing with public clouds, where the multi-tenancy trait, which is so distinctive of this cloud deployment model, can potentially cause the overlap of multiple trust boundaries pertaining to different organizations. In such a scenario, additional security measures and design patterns must be put in place to prevent critical security breaches, which can eventually compromise cloud consumers.

 SLA and Consistency

  1. Speed of on-premises v/s cloud application : due to underlying technology, infrastructure, throughput, etc.
  2. SLAs and thresholds are usually very detailed and increasingly aggressive for cloud-based solutions. It is not aggressive for on-premises application. 
  3. Change management (upgrading, patching and improving the environment) is highly automated for cloud applications as opposed to on-premises. So we need to be at par with this else could be lead to disastrous outcomes.
  4. Availability and resiliency(overcoming from failover) is better in cloud as compared to on-premises. But architects need to be aware of it. 
Monitoring/Traceability
  • Integrating on-premises and cloud application means huge flow of data
  • Cloud computing important feature is pay as you go. Keeping a track of resource usage is important (volume of data and resource consumption per unit of time) 



We see  the security concerns above. For increasingly complex scenarios that require process/service orchestration, middleware technology such as Oracle SOA Suite can provide the necessary capabilities on the on-premises side, where most of these activities will be taking place. Additionally, different monitoring and/or governance tools (e.g., EM Cloud Control, API Platform, etc.) can also be leveraged in order to provide the required level of insight and control into the designed cloud integration solution.

VERY GOOD SITUATION : https://community.oracle.com/docs/DOC-996804

First of all, security will be addressed by the implementation of an SSL/TLS tunnel between XYZ and Oracle’s Public Cloud. All communications will be encrypted and any system that participates in the transaction will require appropriate SSL certificates to identify itself.

It’s important to note that the architecture depicted above will comply with the following characteristics:

  • Confidentiality: by encrypting the messages
  • Integrity: using digital signatures
  • Authentication: through X.509 certs and tokens

DESIGN PATTERNS
  1. Multi-Device Broker: OSB can be used. Routing/transformation done and no point-to-point
  2. Service State Management: SOA/BPEL can be used. State management using dehydration
  3. Service Agent Architecture: Oracle API Gateway(OAG) offers XML-JSON/REST-SOAP transformation, security policies, usage monitoring, cache and throttling, tracing and logging, etc.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)