1.3. A Service-Oriented View of the Microsoft Application Platform

The Open Group is a consortium that mainly deals with open standards and interoperability among technologies that originated on UNIX or Linux systems, for example, LDAP. It does a good job of describing the standard services found in an application platform, and it is an interesting exercise to map the Open Group model to the Microsoft stack. According to the Open Group, an application platform consists of the following standard service categories: Data Interchange Services, Data Management Services, Graphics and Imaging Services, International Operation Services, Location and Directory Services, Network Services, Operating System Services, Software Engineering Services, Transaction Processing Services, User Interface Services, Security Services, and System and Network Management Services. Figure 1-2 shows both the Open Group Service Map (left) and the Microsoft Application Platform Service Map (right).

It is convenient to replace Graphics and Imaging Systems with the more general Media Services category. This new category then contains Graphics and Imaging Services, Animation Services, and Audio and Video Services. Also, Transaction Processing Services are omitted and described instead as a feature of Data Management Services.

In addition, the Open Group defines standard infrastructure applications, which are built on and extend the capabilities of the application platform. While the capabilities of infrastructure applications are also well standardized and somewhat generic in the industry, the key differentiator is that these applications do provide (or simulate) business capabilities rather than platform services, and are typically designed with user interaction in mind.

The Open Group classified Workflow Services, Publish and Subscription Services, Payment and Funds Transfer Services, Calendar and Scheduling Services, System Management and Monitoring Services, and Web Browsing Services as infrastructure applications. This implies that more than one implementation of each might exist for a given enterprise platform. We now know this implication is not necessary.

It is possible that the Open Group classified these as infrastructure applications rather than as platform services for a couple of reasons. For one, these services can be built using the application platform and so are "a level above," or derivative of the platform. Or, it could be because until recently these scenarios were typically built as one-off applications rather than as generic platform services; a typical development project would be to construct a Capital Requisition workflow application, not a Workflow Framework. The fact that the Open Group chose to include International Operations as a platform service lends strength to this argument. In the Microsoft stack shown on the right-hand side of Figure 1-2, you can see that several of these are now first-class platform services upon which applications are built, and not simply tacked-on instances.

The categories used by the Open Group are convenient to describe application platform services, though the definitions described here will differ from the official Open Group specification.

1.3.1. Data Interchange Services

Data Interchange Services support the exchange of information between the application platform and external systems. Examples include importing data from a DB2 database hosted on an external AS/400 server into SQL Server, the translation of an invoice from a supplier's XML format to your own in an electronic data interchange (EDI) system, the conversion of an incoming fax into a TIFF file that can then be stored in a file system, or the encoding of video into a computer-playable format.

The following table lists the Microsoft technologies that provide Data Interchange Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	Data Interchange Services and Features
BizTalk	Data Mapping Services provide interoperability among data storage systems by clearly identifying data sources, destinations, and transformations.
	Data Orchestration provides workflow for business systems by describing the orchestration of business processes involving more than one system.
Host Integration Server	Data Adapter Services include TCP/IP and SNA services, which allow connectivity to data stored on hosts, including IBM mainframes and AS/400s. A common scenario is to interoperate with an IBM DB2 database.
SQL Server	Integration Services (SSIS) provides data integration with external systems. SSIS supports the movement and optional transformation of data into or out of a SQL database.
Office SharePoint Server	Business Data Catalog (BDC) Services allow for the definition of connections to external data stores including web services, SQL Server stored procedures, and ODBC sources. The BDC offers a common object model and user interface components (Web Parts).
	Document Conversion Services allow the automatic conversion of documents. Built-in converters include Word-to-HTML and Word-to-PDF converters.
.NET Framework	Data Providers provide a common interface for "plugging in" connectivity to database platforms. This creates a loosely coupled relationship between connecting to the data and subsequent manipulation. Standard .NET data providers include SQL Server, Oracle, and ODBC.

1.3.2. Data Management Services

Data Management Services support the storage, manipulation, and retrieval of data, and optionally support transaction management as a guarantee of data integrity. Query processing, data-reporting, and analysis services once existed mainly as applications distinct from data management service providers (e.g., Crystal Reports and Cognos Business Intelligence), but these capabilities are now commonly integrated into the data management layer.

The following table lists the Microsoft technologies that provide Data Management Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	Data Management Services and Features
NTFS	File System Services allow for the discovery, storage, and retrieval of files, which may hold data, configuration, or executable instructions.
SQL Server	Relational Database Management System (RDBMS) Services provide for the structural definition, storage, retrieval, querying, and manipulation of relational data.
	Reporting Services support the definition, management, calculation, and rendering of reports.
	Analysis Services support data-mining capabilities, including the definition, management, calculation, and rendering of data cubes.
	Transaction Services guarantee that multistep operations will succeed or fail as a single unit, and not partially.
	Replication Services facilitate the replication of data from server to server, optionally with a witness service to guarantee transactional integrity.
Windows SharePoint Services	Database Services provide for the structural definition, storage, retrieval, and filtering of lists and list items.
	Index Services enable the indexing and subsequent querying of SharePoint objects and their metadata.
Office SharePoint Server	Document Lifecycle Management Services provide for the definition and enforcement of policies per document type (a.k.a. "content type"). Processes and rules in the definition may include major and minor versioning, rules for retention, associated workflow processes, and rules for authorization (i.e., digital rights management).
	Records Management Services provide a managed repository for the secure storage, controlled access, and enforced auditing of data declared as a "record."
	Index Services in OSS gain capabilities beyond WSS, including the indexing of data stored external to SharePoint such as imported Active Directory profiles and data described by the Business Data Catalog.
	Digital Rights Management Services ensures that rights assigned in a document library travel along with documents as they are opened or downloaded from the library.
Windows Workflow Foundation (WF)	Workflow Services provide a common execution engine for the management of states and transitions as information moves through a process involving one or more applications.
.NET Framework	The ADO.NET programming model allows the in-memory representation, manipulation, and querying of relational data. The XML object model provided by .NET allows the in-memory management of hierarchical data.

1.3.3. Media Services

Media Services support the creation, manipulation, and distribution of media assets, including images, animation, video, and audio. Creation includes automatic generation or rendering, for example, the rendering of objects, skins, and textures in a video game. Manipulation includes the use or modification of existing artifacts, for example adding an echo effect to an audio sample, or adding titles to a video sequence. Distribution includes the broadcast or streaming of audio or audio-video files. The Open Group specification also includes the storage and retrieval, but even a digital asset management system is more appropriately considered a form of data management service, and this layer operates independently of the media being stored and retrieved.

Examples include Data Visualization Services, Flash Server, the graphics subsystem of any operating system or video game console, and Windows Media Server. The following table lists the Microsoft technologies that provide Media Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	Media Services and Features
Windows SharePoint Services (WSS)	Picture Library Services provide a user interface and basic data structure for the browsing and management of images.
Office SharePoint Server	Business Intelligence Visualization Services (delivered as Web Parts) provide a user interface for Analysis Services and Business Intelligence Services.
	Slide Library Services provide a user interface and smart client (PowerPoint) integration for the storage and management of presentation slides.
SQL Server Reporting Services	Reporting Services (delivered as web services) render reports in a variety of formats including HTML, Excel, and PDF.
Microsoft Media Services	Media Services provide for the creation, digital rights management (DRM), and streaming or broadcast of audio, video, and television content.
.NET Framework	The .NET Framework provides classes and methods for rendering images at runtime.

1.3.4. International Operation Services

International Operation Services provide a means to build applications independently of the language or locale in which they will be presented or operated and allow extending an application to support additional language or culture-specific interfaces. To enable the construction of culturally distinct applications, International Operation Services provide a means of storing and rendering information about: character sets, data representation (e.g., numbers, dates, and currency), and media resources including on-screen text, graphics and associated audio. Content stored in an application is in the realm of Data Management Services, but if services related to a specific structure or schema are provided by the platform to aid in the storage and retrieval of multi-cultural content, that aspect is an International Operation Service.

The following table lists the Microsoft technologies that provide International Operation Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	International Operations Services and Features
Windows SharePoint Services	Language Packs install language-specific Site Templates for SharePoint.
Office SharePoint Server	Content Management Services provide the Site Variation feature which allows designation of one primary site branch (e.g., http://myserver/en/default.aspx) and one or more tertiary site branches (e.g., http://myserver/fr/default.aspx). New sites in the primary branch are automatically distributed to the tertiary branches for translation.
.NET Framework	The Resource File and Satellite Assembly model allow a UI to contain placeholders for text and graphics, which are replaced at runtime by mappings defined in a culture-specific Resource File. Resource Files are packaged and distributed as Satellite Assemblies.

1.3.5. Location and Directory Services

Location and Directory Services support the naming, registration, search, and retrieval of metadata of resources, primarily to identify the names and addresses used to locate resources on a network. With respect to authentication, a Directory Service may act as a credential store and group membership service, but Security Services are responsible for challenging a consumer to provide credentials and controlling access to resources.

Examples include Lightweight Directory Access Protocol (LDAP), Active Directory (AD), Domain Name System (DNS) services, and Universal Description, Discovery and Integration (UDDI) services. The following table lists the Microsoft technologies that provide Location and Directory Services and describes the specific services provided by the technologies:

Microsoft Technology	Location and Directory Services and Features
Active Directory (AD)	Directory Services of AD allow Users and Computers in a security zone to be managed in a directory tree, as well as the definition of Groups, and the association of Users with Groups. Attributes of the User schema are extensible. For authorized entities, AD also supports queries to list members or to verify group membership.
	Authentication Services provide credential management and positive identification of entities (users or agents) upon request.
	AD is designed to comply with the IETF Lightweight Directory Access Protocol (LDAP).
Domain Name System (DNS) Server	Directory Services provided by DNS Server translate domain and computer host names into IP addresses.

1.3.6. Network Services

Network Services define the services and protocols available to distributed applications where components that compose the application or resources used by the application exist at different logical or physical locations on a network. Examples include Hypertext Transport Protocol (HTTP), electronic mail services (SMTP and POP3), network time services (NTP), remote print services, file replication services, voice over IP services (VoIP), remote process invocation (e.g., RPC), videoconferencing services (e.g., H.323), and text messaging services (e.g., SMS).

The following table lists the Microsoft technologies that provide Network Services and describes the specific services or framework features provided by the technologies:

Microsoft Technology	Network Services and Features
Internet Information Server (IIS)	Hypertext Transport Protocol (HTTP) Services implemented by IIS enable the hosting of web applications and web services (see Operating System Services).
	File Transport Protocol (FTP) Services implemented by IIS enable remote File Management Services.
Exchange Server	Electronic Mail Services allow the receipt and transmission of electronic mail.
	Shared Calendar Services support the central storage and management of event calendars.
Windows Server	Network TCP/IP Services allow communication among the services hosted both within a server and external to a server.
	Replication Services facilitate the distribution or "mirroring" of files stored in NTFS from a primary server to alternate servers.
Windows Communication Foundation (WCF)	Communication Services provided by the WCF provide a secure, reliable mechanism for applications to communicate via HTTP web services.
.NET Framework	Remoting Services provide a mechanism for applications to communicate over any TCP/IP channel.
	The .NET Framework provides integration with Component Object Model (COM) Services, COM+ and related technologies to enable communication with COM-based services. COM-based services include Microsoft Message Queuing (MSMQ), Active Directory (AD), and Windows Management and Instrumentation (WMI).

1.3.7. Operating System Services

Operating System Services support loose coupling between the description of applications as programming language instructions, and the hardware that executes those instructions. Subcategories include operating systems and virtual machines. Examples include the Windows application programming interface (API), the .NET Common Language Runtime (CLR), and the Java Virtual Machine (JVM). Virtualization Services such as Virtual Server and VMWare are not included in this category as their existence should be completely irrelevant to applications.

Note that this definition is a general version of the Open Group specification, which defines OS Services solely as the layer between an application and physical hardware, and does not include the further abstraction made possible by virtual machines.

The following table lists the Microsoft technologies that provide Operating System Services and describes the specific services and API features provided by the technologies:

Microsoft Technology	OS Services and Features
Windows SharePoint Services	Collaboration Services are provided by Windows SharePoint Services (WSS), which is a free component of Windows Server executed on an instance of the .NET CLR hosted inside an IIS web application.
.NET Common Language Runtime (CLR)	Virtual Machine Services of the CLR provide a common execution language for Microsoft .NET languages. The only criteria for .NET languages are that they comply with the Common Language Infrastructure (CLI) specification and compile to MSIL, which is the language executed by the CLR.
Windows Server	Windows Server provides Web Application Hosting Services implemented by Internet Information Services (IIS).
	The Windows application programming interface (API) provides access to server resources not managed by the CLR.

1.3.8. Software Engineering Services

Software Engineering Services support the design and construction of applications. Examples include Visual Studio, SharePoint Designer, Team Foundation Server, Visual Source Safe, SourceGear Vault, language compilers (e.g., C#, VB.NET, IronPython and Ruby), script interpreters (e.g., Classic ASP) and build management services (e.g., MSBuild).

The following table lists the Microsoft technologies that provide Software Engineering Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	Software Engineering Services and Features
Visual Studio (VS)	VS is an integrated developer environment (IDE) which supports the design, construction, compilation, and testing of applications on the Microsoft Application Platform.
SharePoint Designer (SPD)	SPD is an IDE for SharePoint. SPD supports the management, extension, and modification of sites, data structures, and workflows.
Visual SourceSafe (VSS)	Source Code Management Services allow the controlled storage and management of applications' source code.
Team Foundation Server (TFS)	TFS provides Project Management Services specific to team software development projects with features supporting the architecture, development, testing, and bug tracking of applications.
.NET Reflection	Reflection allows .NET code to inspect or emit .NET code. Reflection can infer information about assemblies, modules, types, parameters, and other .NET objects by examining their metadata. Reflection emits code by dynamically generating Microsoft Intermediate Language (MSIL) opcodes; for example, to create dynamic types or their instances, or to invoke methods.

1.3.9. User Interface Services

User Interface Services define how users interact with an application. Examples include Web Browser Services, Speech Recognition Services, Text-to-Speech services, Print Services, and Computer-Based Training Services (e.g., SCORM servers).

The following table lists the Microsoft technologies that provide user Interface Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	UI Services and Features
Speech Server	Speech Recognition Services support user interfaces controlled by voice or phone keypad rather than by keyboard or mouse.
Windows SharePoint Services (WSS)	Content Management Services in WSS start with an HTTPModule that interprets each requested URL and composes the output with that URL's configured Asp.NET Master Page, SharePoint Page Layout, SharePoint Configuration, SharePoint Personalization, and SharePoint Content.
	WSS includes a Web Part Zone object, which hosts Web Parts on SharePoint-hosted pages. The SharePoint Web Part Zone differs from the ASP.NET Web Part in that it provides backward compatibility with WSS 2.0 Web Parts, while the ASP.NET version supports the hosting of user controls (.ascx).
	Aside from this exception, the WSS user interface is almost entirely implemented with ASP.NET.
ASP.NET	User Interface Services provide a programming model and runtime browser utilities (e.g., JavaScript code) for the construction, rendering, and configuration of cross-platform HTML, DHTML, and CSS.
	Personalization Services allow users to personalize Web Part configuration in any given ASP.NET or SharePoint page.
.NET Framework	The .NET Framework provides a development platform for Desktop Applications (a.k.a. "WebForms") and Web Applications (a.k.a. "WinForms").

1.3.10. Security Services

Security Services secure application resources so that only authorized entities have access to them. Therefore a Security Service is responsible for authenticating the identity of one who requests access to a resource (AuthN), confirming that the identity is authorized to access the resource (AuthZ), ensuring that credentials are kept confidential in transit, and ensuring the appropriate protection of the application resource both as it is stored and transmitted. Security Services often rely upon secure credential stores provided by a Directory Service and access control lists stored with a secure Data Management Service.

Security categories include: Authentication Services, Authorization Services, Security Auditing Services, Trusted Communication Services (e.g., SSL), Cryptographic Key Management Services, Encryption Services, and Single Sign-On (SSO) Services.

The following table lists the Microsoft technologies that provide Security Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	Security Services and Features
Windows SharePoint Services	Authorization Services provide management of Access Control Lists (ACLs) at the levels of Farm, Site, List, and List Item. ACL entries pair AD Users, AD Groups, and custom site groups with site roles. Site roles are associated with permission levels, which may be customized or extended. Permissions assigned in a site are inherited by child sites and contained lists, and permissions assigned in a list are inherited by contained list items unless the inheritance is explicitly broken. Whenever inheritance is broken, a new ACL is created for the object.
Office SharePoint Server	Single Sign-On (SSO) Services in SharePoint provide a credential store to associate authenticated SharePoint users and service accounts with additional credentials required to access external resources.
	Information Rights Management Services bind a user's document library permissions with document permissions, which are applied to the document whenever a document is opened or downloaded from SharePoint. The document is encrypted locally for offline protection.
Internet Information Server	Trusted Communication Services implemented by the Secure Sockets Layer (SSL) transport to provide encryption for HTTP conversations between two machines.
	Configuration Services allow the selection of Anonymous, NTLM, or certificate-based authentication.
.NET Framework	The Membership Provider model allows for the loose coupling of an authentication model and presentation-layer features, including login, logout, and change password controls. Out-of-box providers include NTLM Authentication, Forms-based Authentication (FBA), and Windows Live (aka Passport) Authentication.
	The Code Access Security (CAS) model requires that running code be provided with explicit permissions to access resources.
	Encryption services provide standard libraries for the encryption and decryption of data.

1.3.11. System and Network Management Services

System and Network Management Services support the deployment, configuration, monitoring, and fault management of applications and the network resources that serve applications. Examples in this category include configuration management (CM) services for all component resources, performance monitors and indicators, fault detection monitors with response escalation, accounting management services to calculate chargebacks on usage, capacity management services to monitor resources and proactively plan expansion, and specific management tools for Print Services, Storage Array Services, and other network appliances.

This is a two-way street—your applications should include services that allow for their programmatic configuration, monitoring, and administration by System and Network Management Services. When it comes time to build test harnesses, to populate your application with data, or to plug your application into a continuous monitoring tool like Microsoft Operations Manager (MOM), you will likely discover that a little extra attention in this oft-neglected area provides great returns.

The following table lists the Microsoft technologies that provide System and Network Management Services and describes the specific services and framework features provided by the technologies:

Microsoft Technology	System and Network Management Services and Features
Microsoft Operations Manager (MOM)	Monitoring Services provided by MOM allow the real-time monitoring and logging of servers, applications, and network appliances on a network.
	Publish and Subscribe Services allow people and processes to subscribe to and presumably act upon events raised by MOM.
Systems Management Server (SMS)	Deployment Services provided by SMS facilitate the automatic installation and upgrade of software installed to machines within a physical or logical zone.
Windows SharePoint Services	Configuration Management Services allow the assignment of servers to roles in a SharePoint farm.