I was happy to read Dion Hinchcliffe's posting of last month: "2007: The year enterprises open their SOAs to the Internet?" sorry I missed it when it posted. Also Joe McKendrick's follow up comments and Phil Wainewright's post which reflects the same notion. Joe states: "So, Web services started out as an external play, was turned into an internal play, and now things will be turned inside-out to once again." Of I was happy to read Dion Hinchcliffe’s posting of last month: “2007: The year enterprises open their SOAs to the Internet?” sorry I missed it when it posted. Also Joe McKendrick’s follow up comments and Phil Wainewright’s post which reflects the same notion. Joe states:“So, Web services started out as an external play, was turned into an internal play, and now things will be turned inside-out to once again.”Of course, this notion has been on my radar screen for a few years now, consider my past posts: Web 2.0 = The Global SOACan your Enterprise See the Emerging Web?More Synergy between Mashups and SOA As I’ve stated a few times, this is one of the most exciting aspects of the emerging notion of SOA, the ability to work and play well with services outside of the firewall, and do so transparently…inside-out and outside-in. This does not happen by evolution, by the way, it’s going to take some good work from the architects to design their SOAs to accommodate external services, as well as open their services up to remote systems. So, if we all agree that this is coming, what can you do?First, accept the notion that it’s okay to leverage services that are hosted on the Internet as part of your SOA, and it’s okay to expose services to systems you don’t control. Normal security management needs to apply, of course. The largest issue, unfortunately, is acceptance. The technology is not that complex, many of the political and people issues are. Second, create a strategy for the consumption and management of outside-in services, as well as the exposure of inside-out services, including how you’ll deal with semantic management, security, transactions, etc. Same good SOA requirements work applies here. Finally, create a proof of concept now. This does a few things including getting you through the initial learning process and providing proof points as to the feasibility of leveraging remote services, as well as exposing services. This is the fun part, by the way. Software Development