Example CEP Forum at UNIX.COM

September 30, 2007

In response to this post by David Luckham, we created an example forum for CEP at UNIX.COM.

If you have an ideas or suggestions for sub-forums, please comment and we will make changes or additions you suggest.

If the EP/CEP community finds the forums useful, as either a model to build a future forum, or to actually use as a forum, our admins are pleased to host it for the community.

Registered forum uses do not see any Google Ads, BTW, so please register, kick the tires, and try it out.

Also, please feel free to contribute to the original UNIX forums.

SOA Security (Part 1)

September 30, 2007

While we are on the topic of SOA, or “modular distributed computing” as many friends are calling SOA these days, let us take a moment to visit SOA security.

Many of the security issues associated with SOA come from the fact that security, SOA-style, attempts to replace traditional security controls with new, open standards. Most of these new SOA security standards are relatively immature and unproven. In addition, the SOA standards that have emerged, like XML, SOAP, WSDL, and UDDI, have done little, if anything to address IT security.

XML, SOAP, WSDL, and UDDI are open standards that enable the transmission and description of data and interprocess communications between systems. These standards do not address SOA security and, by themselves, are simple a security breach that easily circumvent firewalls and put organizations at higher risk.

Therefore, as we move to “modular distributed computing” the architecture of loose coupling has the second order effect of decreasing SOA adoption when we get past the market hype and move into the details of how to actually secure this loosely coupled monster we are building.

In this series, wearing my CISSP hat, we will visit many of the key issues in SOA security and talk about why event processing is critical to securing modular distributed architectures.

Prepare for a Lively SOA Request-Reply Debate

September 27, 2007

It looks like the event processing blogosphere is about to be energized with a lively discussion. Opher has opined that SOA is not inherently request-reply. Pen to paper! Let the lively debates begin!

Kindly turn your attention to IBM’s discussion of SOA and their figure below.

The IBM figure was derived from the original W3.org view of SOA, Register-Find-Bind, found here in a figure titled “SOA”.

Kindly notice that Bind, as defined by W3.org, and also represented by IBM in a similar way, has a two-way arrow. This is a request-reply architecture where the client binds to the server.

In addition, IBM (from the link referenced above) also defines these properties of an SOA:

Capability Description
Loosely coupled interactions Services are invoked independently of their technology and location
One-to-one communications One specific service is invoked by one consumer at a time. The communications are bidirectional
Consumer-based trigger The flow of control is initiated by the client (the service consumer)
Synchronous Replies are sent back to the consumer in a synchronous way



EDA, SOA and EP in the Blogosphere

September 27, 2007

My dear EPRAWG co-chair and leading event processing community builder Opher Etzion, added to the chorus of my recent post, EDA is EDA. SOA is SOA. with More on EDA is EDA and SOA is SOA. Opher correctly elaborates that event processing can be event driven, as in EDA; or event processing can be request-reply driven, as in SOA and similar request-reply architectures.

Now, if I could just convince all my fellow CEP and EP bloggers to turn on trackbacks and pingbacks so we could benefit from the core sense of community that blogs offer! TIBCO’s CEP blog does not respond to trackbacks and pingbacks; so this isolates their posts from the true benefit of the blogosphere. Opher’s blog is not responding to pingbacks and trackbacks either.

So, I kindly ask all my friends in the CEP/EP community to take a moment to insure that their trackbacks are working, so we can benefit from building the CEP/EP blogosphere as a community.

In closing, I think I speak for everyone in our community when I say that we greatly miss the leadership and insight of our good friend Mark Palmer in the blogosphere – and we wish him the very best and look forward to his future posts and collaboration!

Highlights of the Gartner Event Processing Symposium 2007

September 26, 2007

There have been some good blog posts on the Orlando conference from Alan Lundberg and Paul Vincent (TIBCO), John Trigg (Apama) and Opher Etzion (IBM), so I’ll try not to be repetitive and provide a few highlights. from my perspective.

Roy Schulte did a great job putting together the program for Gartner’s first Event Processing Symposium. The symposium was so successful that Gartner’s Pascal Winckel has already announced the second conference in August 2008, to be held in New York.

Off the top of my head, I enjoyed Dr. Mani Chandi’s talk on the cost-benefits of EDA and how to view the trade-offs desiging SOA and EDA applications.

My favorite presentation was by Ian Koenig of Thompson Financial. Ian did a wonderful job describing event processing, and NewsML, from a financial services perspective. His talk was very timely as he masterfully told a story of processing and correlating events from Level 1 and Level 2 quotes, News, Research, Filings, Deals (M&A), Financials and Estimates.

I was also impressed with Eric Bruner and Joe Tooman’s (SallieMae) presentation on web click-stream processing. Eric and Joe had some very impressive dashboards they made with Java ChartDirector, which they (joking) said they eventually purchased for $99.

It was difficult for me to choose between watching my former colleagues at TIBCO or eBay’s Scott Clement presentation about their system monitoring solution with BEA. Being a frequent eBay’er and long standing “network guy” I ended up at the eBay/BEA session. It was very good.

Also, it was enjoyable to watch Wombat’s Danny Moore and BoA’s Robert Almgren talk about their event processing experiences in financial services. Robert did an excellent job to demystify the “mythical events per second,” followed by a solid editorial comment by Opher.

Dr. David Luckham gave one of his best presentations. Following in the historical footsteps of Alvin Toffler and John Naisbitt, David painted the “Jetson’s View” of the future of event processing, covering such topics as:

  • Global Air Traffic Control;
  • World Wide Epidemiology;
  • Long Term Environmental Forecasts;
  • Mobility in the Future Metropolis (Meet George Jetson!); and
  • Privacy for the Common Man.

The audience left the conference greatly inspired by David and his clear vision of the future of event processing.

Congratulations are in order to Gartner for a successful program!

The 7th – Cyber Defense Initiative Conference 2007 (CDIC 2007)

September 25, 2007

The 7th – Cyber Defense Initiative Conference will be held in Bangkok, Thailand, November 22-23rd, 2007.   The title of my presentation will be, Next Generation Security Event Management (SEM) with Complex Event Processing (CEP).


September 24, 2007

The marketing folks and their friends are buzzing with hype. Well intended, they want to convince the marketplace that EDA is really a type of SOA, or that EDA is an evolution of SOA. Unfortunately for the end user, they are mostly off target.

On this topic, I tend to agree with Dr. Mani Chandi.  Mani gave an excellent talk at the recent Gartner Event Processing Symposium titled, Evaluating Costs and Benefits of Event-Driven Applications. In his keynote presentation, Dr. Chandi did not make any marketing statements about EDA (and events) somehow being the “magic” missing from SOA. Instead, he focused his keynote on the differences between SOA (request-reply) and EDA (proactive event push) and how to determine the best architectural pattern (EDA, SOA or both) when designing an application.

I was really pleased to listen to a CEP presentation based on sound design principles and not on the “EDA piggybacks on SOA market share” story to promote CEP and EDA. Most, if not all, good network engineers know that orchestrated request-reply is quite different than asynchronous event processing. Only marketing folks would convince us otherwise, hoping to somehow get the CEP “camel’s nose” under the “SOA tent”!

Baa Humbug!

There is a downside (more than one!) to trying to put the CEP nose under the SOA tent. First of all, SOA, while a great idea, suffers from over hype and the increasing weight of it’s less-than-successful status, even after years of over marketing. Secondly, EDA and CEP actually have a chance of success. SOA has seen such a lack of progress that the analysts continue to redefine it, so it will eventually fit somewhere!

If you fly high enough, the snow bears, the igloos and the snow all look the same – and we are seeing folks flying snow blind in the EDA and SOA space.

Network engineers have been dealing with events and EDA in the form of SNMP traps for many years, and SOA in the form of polling devices for information for the same amount of time. Experienced engineers don’t debate which is better, SNMP traps or SNMP polling, they use the appropriate pattern based on solid design principals and engineering tradeoffs, just like Dr. Chandi discussed in his recent presentation.

EDA is not SOA. SOA is not EDA.


Let’s don’t send CEP on an ill-fated flight to the future of event processing with a large SOA stone around it’s neck.