Resource Oriented Architecture

Author(s)

Business Relationship Manager - Product Lifecycle Management, Chevron Corporation

According to a 2008 Gartner Survey1 there has been an increase in the number of organizations implementing web services using Representational State Transfer (REST) and Plain Old XML (POX). RESTful web services are less complex, require fewer skills and have a lower entry cost than WS-* SOAP web services. However, RESTful web services by themselves do not provide a complete enterprise solution.

Resource Oriented Architecture (ROA) extends the REST architectural style and provides a deeper, more extensible and transport independent foundation. While RESTful web services require the use of HTTP, resource-oriented services support additional transports such as JMS or FTP. In this article, I will cover the key concepts of ROA referencing a set of resource-oriented services implemented using 1060 NetKernel2 and Apache ActiveMQ3. The demo, along with the source code and tests, can be downloaded from the Collaborative Consulting download page4.

Resources are the foundation of ROA; a resource is an abstraction of information. For instance, an employee is an abstract set of data points that can have different representational forms such as a XHTML, JSON or XML. Each immutable resource representation is identified by a relative Universal Resource Indicator (URI) and may contain links to other resources.

Figure 1 ROA Conceptual ModelFigure 1 ROA Conceptual Model

A URI consists of an address scheme, authority information and a path:

URI Syntax <scheme>:<authority><path>
URI Example http://host/context/employee/1234

But a relative URI simply refers to the path or address, ‘/employee/1234’. Consequently, the resource representation identifier is transport independent because it is divorced of a scheme (recall: http:// from prior example) and can be reused in multiple environments (e.g. QA or PROD) because it does not contain authority information. Finally, a resource provider is used to host a resource (System of Record) and a service exposes a uniform set of actions, Create, Retrieve, Update, and Delete (C.R.U.D.), for stateless access to a resource.

Since resource-oriented services are transport-independent there must a mechanism for exposing them to the outside world. This is accomplished using transports that reside at the edge of a system, detect external events and map those events into internal resource requests. For example, an HTTP transport listens for a consumer’s request for a Uniform Resource Locator (URL), specifying an access method (e.g. GET, PUT, POST, & DELETE). The URL is transformed into an internal relative URI and the access method is translated into an action.

Figure 2 Resource-Oriented Service ExampleFigure 2 Resource-Oriented Service Example

A JMS transport uses the properties of the message to map the request to a resource-oriented service. The two required properties are the relative URI and action; and if the consumer requires a response, as is the case when the action is retrieve, then the ReplyTo property is populated. In addition, the message type is used to determine if the submitted resource representation is binary or text.

Resource-oriented services use the transport to provide a guarantee of consumer identity or authentication. In the case of HTTP, Basic or Digest Authentication5 is used while encrypted credentials are passed as a property if the transport is JMS. Consumer and provider can insure confidentiality by securing the transport (e.g. SSL or VPN) or securing the message using encryption.

To prevent unauthorized resource access consumers are granted privileges or roles (sets of privileges) where a privilege is comprised of a relative URI and an action. Additionally, regular expressions can be used to represent the URI decreasing the number of privileges that are required for authorization.

Action
Relative URI (regex)
Description
Create
/employee/S{4}
Create an employee
Retrieve
/employee/S{4}
View employee
Retrieve
/business/.*
View any business resource
Update
/business/department/w*
Update any department
Delete
/employee/S{4}
Delete an employee
Delete
/business/department/w*/employee/S{4}
Delete department employee

And actions that change the state of a resource including, create, update, and delete, are audited.

Netkernel

ROA can be implemented using several technology platforms including the Spring Framework6, Ruby on Rails7 and NetKernel. However, only NetKernel is built upon a Resource-Oriented Computing Platform8 (hence, “ROC”). The core of resource-oriented computing is the separation of logical requests for information (resources) from the physical mechanism (code), which delivers the requests. Services built using ROC have proven to be small, simple, flexible and require less code compared to other technology platforms.

NetKernel provides access to resources identified by a Universal Resource Identifier (URI) address. All URI addresses are managed within a logical address space. A REST-based micro-kernel handles all requests for resources, resolving the URI from the address space and returning a representation of that resource. Requests to the micro-kernel can also be made to create new resources or update or delete existing resources.

The demo consists of a set of resource-oriented services used to manage personnel. The employee resource-oriented service allows a consumer to create, retrieve, update and delete resources either via HTTP or JMS. For instance, a consumer can create an employee by issuing an HTTP PUT of an employee representation or by sending an employee representation to an ActiveMQ queue. Both approaches result in an internal sub-request to update a department resource.

Figure 3: Resource-Oriented Service DemoFigure 3 Resource-Oriented Service Demo

When a consumer requests a department resource, the returned representation contains links to the employee resources. The consumer can then extract the relative URI, /foo/business/employee/1234, to update that employee resource via JMS and, in turn, that action would result in a sub-request to update the department resource.

<?xml version=”1.0″ encoding=”UTF-8″?>
<department>
<id>management</id>
<staff>
<employee>http://localhost:8060/foo/business/employee/1234</employee>
<employee>http://localhost:8060/foo/business/employee/4321</employee>
</staff>
</department>

Figure 4 Department Resource Representation

Implementing ROA provides an organization with enterprise architectural agility because it results in a logical layer of interconnected resources. This logical layer is decoupled from the physical implementation allowing consumer and provider to evolve independently over time. In addition, ROA pushes integration functionality to the edge of the network (as a URI), translating into better service management and scalability.

Similar Resources

Understanding the Difference Between a Certificate and Certification

Understanding the Difference Between a Certificate and Certification

Author(s):

Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

As professionals seek to advance their careers or pivot to new fields, understanding the variety of learning and credentialing options is essential. At BPMInstitute.org, we often encounter students wondering whether they should pursue a certificate or certification in Business Process Management (BPM). This article is designed to clarify the differences, highlight the benefits of each, and guide prospective students in making the best decision for their career goals.

Enhancing Your Team’s BPM Capabilities: The Value of External Expertise

Enhancing Your Team’s BPM Capabilities: The Value of External Expertise

Author(s):

Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Enhancing Your Team's BPM Capabilities: The Value of External Expertise In today’s dynamic business environment, managing and improving business processes is critical for any organization aiming to maintain a competitive edge. Many companies consider handling Business...

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+

Author(s):

Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+ Introduction In the evolving landscape of Business Process Management (BPM), the introduction of Shared Data Model Notation (SDMN) marks a significant advancement. As businesses increasingly seek to...

Featured Certificate: BPM Specialist

Everyone starts here.

You're looking for a way to improve your process improvement skills, but you're not sure where to start.

Earning your Business Process Management Specialist (BPMS) Certificate will give you the competitive advantage you need in today's world. Our courses help you deliver faster and makes projects easier.

Your skills will include building hierarchical process models, using tools to analyze and assess process performance, defining critical process metrics, using best practice principles to redesign processes, developing process improvement project plans, building a center of excellence, and establishing process governance.

The BPMS Certificate is the perfect way to show employers that you are serious about business process management. With in-depth knowledge of process improvement and management, you'll be able to take your business career to the next level.

Learn more about the BPM Specialist Certificate

Courses

  •  

 

Certificates

  • Business Process Management Specialist
  • Earning your Business Process Management Specialist (BPMS) Certificate will provide you with a distinct competitive advantage in today’s rapidly evolving business landscape. With in-depth knowledge of process improvement and management, you’ll be able to take your business career to the next level.
  • BPM Professional Certificate
    Business Process Management Professional
  • Earning your Business Process Management Professional (BPMP) Certificate will elevate your expertise and professional standing in the field of business process management. Our BPMP Certificate is a tangible symbol of your achievement, demonstrating your in-depth knowledge of process improvement and management.

Certification

BPM Certification

  • Make the most of your hard-earned skills. Earn the respect of your peers and superiors with Business Process Management Certification from the industry's top BPM educational organization.

Courses

 

Certificates

  • Operational Excellence Specialist
  • Earning your Operational Excellence Specialist Certificate will provide you with a distinct advantage in driving organizational excellence and achieving sustainable improvements in performance.
 

 

OpEx Professional Certificate

  • Operational Excellence Professional
  • Earn your Operational Excellence Professional Certificate and gain a competitive edge in driving organizational excellence and achieving sustainable improvements in performance.

Courses

Certificate
  •  

  • Agile BPM Specialist
  • Earn your Agile BPM Specialist Certificate and gain a competitive edge in driving business process management (BPM) with agile methodologies. You’ll gain a strong understanding of how to apply agile principles and concepts to business process management initiatives.  
 

Business Architecture

 

Certificates

  • Business Architecture Specialist
  • The Business Architecture Specialist (BAIS) Certificate is proof that you’ve begun your business architecture journey by committing to the industry’s most meaningful and credible business architecture training program.

  • Business Architecture Professional
  • When you earn your Business Architecture Professional (BAIP) Certificate, you will be able to design and implement a governance structure for your organization, develop and optimize business processes, and manage business information effectively.

BA CertificationCertification

  • Make the most of your hard-earned skills. Earn the respect of your peers and superiors with Business Architecture Certification from the industry's top BPM educational organization.

Courses

 

Certificates

  • Digital Transformation Specialist
  • Earning your Digital Transformation Specialist Certificate will provide you with a distinct advantage in today’s rapidly evolving business landscape. 
 

 

  • Digital Transformation Professional
  • The Digital Transformation Professional Certificate is the first program in the industry to cover all the key pillars of Digital Transformation holistically with practical recommendations and exercises.

Courses

Certificate

  • Agile Business Analysis Specialist
  • Earning your Agile Business Analysis Specialist Certificate will provide you with a distinct advantage in the world of agile software development.

Courses

Certificate
  • DAS Certificate
  • Decision Automation Specialist
  • Earning your Decision Automation Certificate will empower you to excel in the dynamic field of automated decision-making, where data-driven insights are pivotal to driving business innovation and efficiency.