• United States



by Jean François Bissonnette

Service-Oriented Architecture: Changing the Landscape of Application Outsourcing

Feb 17, 20058 mins
CSO and CISOData and Information Security

Service-oriented architecture (SOA) is the IT industry’s latest attempt to promote the concept of component reusability in the development, integration, deployment and maintenance of enterprise applications. In today’s Internet-driven economy, companies are under relentless pressure to respond more quickly to the changing demands of their customers, partners, suppliers and employees. SOA promises to deliver the speed and adaptability companies need by making their applications more service driven. How it achieves this is by packaging application logic into highly reusable components that can be assembled to create new business processes on the fly, reducing the need for costly legacy integration and custom, single use development.

The trend toward SOA is growing. A Yankee Group survey of 473 enterprise decision-makers reveals that 75 percent of them plan to invest in SOA technology in 2005. Gartner also predicts that, by that by 2009, SOA will play a dominant role in new application projects. The increasing demand for SOA will have a structural impact on application outsourcing services, inducing companies to integrate SOA into their outsourcing strategies and make way for this new wave of development.

The nuts and bolts of SOA

Despite the current hype surrounding SOA, the concept behind it is not new. For the last two decades, software developers have been trying to figure out the best way to structure applications to facilitate integration and increase reusability. SOA has garnered more attention lately due to the growing popularity of Web services, a key technology for SOA deployment. While SOA does not require Web services and vice versa, Web services is viewed by many as the best choice among distributed computing technologies for SOA strategy implementation.

SOA is not a technology per se, but rather a set of principles and methodologies for designing and developing software “services” that can be deployed and managed across an enterprise network. These “services” are, in essence, software components-discrete pieces of code and/or data structures-that can be reused for different purposes. Reuse is possible because the components are packaged as self-contained, loosely coupled units, which enable developers to work with them without affecting other components. Because of their independent, modular nature, software components can be used like building blocks to develop a variety of new applications. They can also be made available externally to partners and suppliers for use in their applications.

The SOA concept of “service” kicks in when standardized interfaces are added to these building blocks, enabling them to interact with each other and with end users to perform a variety of “services” (for example, address change, order status, credit authorization, and so on). In the case of Web services, a Web Services Description Language (WSDL) document serves as the interface. This document describes the type of input required to request a specific service and what type of response to expect. Communication between these interfaces is handled through messaging protocols such as Simple Object Access Protocol (SOAP).

Software components can be transformed into Web services regardless of the language used to create them (for example, Java, C++, COBOL, etc.). All that a service requester sees is the WSDL, which is technology independent. This allows services on one platform to be integrated with services on a different platform

The benefits of this building block approach to development are huge. Through component reuse, developers avoid the time and expense involved in building new systems from scratch, resulting in lower development costs and faster time-to-market. The modular nature of components also enables them to be easily modified, added, deleted or swapped to deliver new or enhanced functionality in response to changing customer and market demands.

Ease of integration is another major selling point. In the past, disparate applications were integrated using proprietary interfaces and non-reusable code, resulting in a tangled Web of connections that were difficult to manage and modify. A change to one connection would often negatively impact other connections, resulting in high costs or an inability to make the change at all. Using open, industry-standard interfaces, SOA delivers a high degree of interoperability by allowing software components to be invoked, reused and combined to create new business processes, regardless of their underlying technology.

SOA’s impact on outsourcing

Coinciding with the increasing demand for SOA is the growing trend toward application outsourcing (AO). While companies have been outsourcing their applications for years, AO has gained momentum, and industry analysts predict the demand for AO will continue to grow over the next decade as a result of economic and market pressures. In the face of a challenging economy and fierce competition, companies are re-evaluating their application strategies and considering AO because of its compelling operational and transformational benefits, which ultimately translate into greater cost savings and faster time-to-market.

As these two trends-SOA and AO-converge, what will be the impact? Some pundits forecast the industrialization of IT where software “services” are produced on a mass scale and implemented in an assembly-line fashion. In the past, companies turned to outsourcers to build custom applications or to implement packaged solutions. With SOA, monolithic custom or purchased systems are progressively replaced with loosely coupled, reusable components that can be easily aggregated and integrated to deliver new services in response to changing market conditions. This level of industrialization helps to reduce technology dependency worries, enabling companies to leave component development to outsourcers and focus more attention on defining services that will drive their future growth.

Today, the supply of pre-built software “services” available for purchase by companies is limited. Most of these services fall within the areas of customer relationship management, finance and supply chain management. However, based on the growing awareness and demand for SOA, the number and range of available services will continue to expand.

For CIOs moving into SOA and AO, there are some key issues to keep in mind. Finding the right partner is the first major step toward a successful SOA implementation. Companies should look for a partner with broad SOA expertise and financial strength, as well as specific expertise in their industries. Because SOA implementation is still in its infancy, companies should evaluate how a potential supplier will address complex module integration, as well as its proficiency with multiple software platforms and software vendor relationships. They should also consider a prospective partner’s track record. How many successful “services” has it developed? Can it provide examples of running services for other clients?

Companies should also inquire into the possibility of flexible pricing models. In the past, fixed-cost agreements were standard in AO: the client paid a set price for the supplier to maintain its applications regardless of usage. With SOA, a supplier can host software “services”, opening the door to transaction-based pricing models.

Security and confidentiality are also big concerns. With SOA, companies must adapt to distributed computing environment, which raises serious security issues, especially if a public network is used. Typical network and data security functions will demand a high level of attention because of the various shared environments used to transport and store the information. In addition, each “service” becomes a system in and of itself and the same security issues raised at the application level must be dealt with at the service level (for example, who may access the service and when and how may it be accessed). Companies should make sure a prospective AO partner is able to provide a highly secure environment and protect the confidentiality of its data.

Reliability is another critical factor to consider. While the use of pre-built components results in improved quality and reliability because the components have already been tested, converting them to “services” and running them in an open, distributed environment raises reliability issues that need to be addressed. Other important issues in an SOA/AO relationship, include who will own the “services” and their interfaces, where will they be hosted and maintained and how will they be managed.


With the increasing demand for SOA and AO, CIOs should be proactive in understanding the benefits of combining both approaches to cost-effectively support their business evolution. By thinking about their applications from a service-oriented perspective, CIOs can drive the powerful business transformation and results that SOA and AO promise to deliver and are, in fact, delivering to a growing number of large enterprises.

About the Author

As Vice President of Business Engineering, Mr. Bissonnette is responsible for major application outsourcing pursuits at CGI, which ranks among the largest independent IT services company in North America. Prior to this role, Mr. Bissonnette led CGI’s consultancy and outsourcing services for the financial industry and public sector. He also worked for several years as a senior consultant in IT strategic planning, system architecture and large project management.