$34.95

This item cannot be shipped to your selected delivery location. Please choose a different delivery location.

Have one to sell?

Sell on Amazon

Flip to back Flip to front

Listen Playing... Paused You're listening to a sample of the Audible audio edition.
Learn more

See this image

Follow the Author

Roger Sessions

Software Fortresses: Modeling Enterprise Architectures

by Roger Sessions (Author)

(4.0) 5 ratings

See all formats and editions

Price

New from

Used from

Paperback

"Please retry"

$34.95

$9.17

Paperback
$22.99 - $34.95

6 Used from $9.17 1 New from $34.95

Purchase options and add-ons

While UML is very effective at modeling software systems, it is deficient in its ability to help practitioners understand how software systems interact -- this is where the software fortress model picks up. The vendor-independent software fortress model treats enterprise systems as a series of self-contained software fortresses. Each fortress makes its own choices as to software platform and data storage mechanisms, and interacts with other fortresses through carefully crafted treaties. This unique approach simplifies the enterprise. It helps the software professional truly understand how systems interact. This book defines, clarifies, and explains the basics of software fortresses. The author believes this new approach will grow in popularity and evolve over time, and this book will be the genesis of a popular enterprise development movement.

ISBN-10

0321166086
ISBN-13

978-0321166081
Publisher

Addison-Wesley Professional
Publication date

February 24, 2003
Language

English
Dimensions

7.3 x 0.8 x 9.3 inches
Print length

304 pages
See all details

Editorial Reviews

From the Back Cover

This book introduces a new approach for modeling large enterprise systems: the software fortress model. In the software fortress model, an enterprise architecture is viewed as a series of self-contained, mutually suspicious, marginally cooperating software fortresses interacting with each other through carefully crafted and meticulously managed treaty relationships.

The software fortress model is an intuitive, simple, expressive approach that maps readily to existing technologies such as .NET and Java 2 Enterprise Edition (J2EE). This book is designed to meet an immediate need to define, clarify, and explain the basics of this new modeling methodology for large enterprise software architectures.

Software Fortresses is your essential roadmap to all aspects of software fortresses.

Key topics include:

The fundamental concepts and terminology of software fortresses
Documentation techniques, including Fortress Ally Responsibility Cards (based on Class Responsibility Cards) and Sequence Ally Diagrams (based on UML's Class Sequence Diagrams)
The proper use of drawbridges to provide fortress interoperability
The innovative software fortress model for enterprise security
Correct design approaches to fortress walls, which keep intruders out, and to guards, which let allies in.
The role of loosely coupled and tightly coupled transactions in a software fortress architecture
Design and technology issues associated with the six major software fortress types

This book is a must-read for all enterprise software professionals, whether you are a manager seeking to rein in run-away enterprise system complexity, an architect seeking to design interoperable, scalable, and highly secure systems, a consultant expected to give advice on how .NET and J2EE fit into the enterprise space, an implementer wanting to understand how your system relates to a larger enterprise architecture, or a business analyst needing to know that your system requirements will be translated into a successful software implementation.

0321166086B12202002

About the Author

Roger Sessions is one of the world's leading experts in enterprise software architectures and the developer of the software fortress model. He has written six books and dozens of articles. He writes and publishes ObjectWatch, a widely read, highly regarded newsletter covering hotly debated topics on high-end software technologies. More than 50,000 people have attended his architect-level workshops in more than 30 countries.

0321166086AB01242003

Excerpt. © Reprinted by permission. All rights reserved.

You and I have never met. I have no idea what your business is. However, I do know what your enterprise architecture looks like. I can even show you the exact picture you use to describe your enterprise system. Take a look at Figure P.1. Look familiar?

It goes without saying that your enterprise is a perfect three-tier (or N-tier) software architecture. When describing your system, you wax poetic about your perky presentation tier, accepting HTTP requests from complacent clients and SOAP requests from congenial collaborators. You illuminate in minutiae how you manage your middle tier, running well-behaved business logic cherubs, all gleefully sharing database connections and other valuable system resources. Behind all of this, your enterprisewide database shouts encouragement from its sheltered back end.

See? I told you I know what your enterprise architecture looks like. I also know one other thing. I know you lie. You lie through your teeth. Your enterprise architecture looks nothing like Figure P.1. Do you want to see the real picture of your enterprise architecture? Take a look at Figure P.2. But first sit down. It isn't pretty!

In the real world your clients are not meek, but malicious. Your middle tier is not well behaved, but made up of a disparate bunch of applications developed without regard for the needs of their stablemates. Your "database" is not an enterprisewide anything, but rather a series of disorganized data storage technologies that spend most of their time cringing from the unreasonable and often conflicting demands of the business logic.

As architects, we have two choices. We can ignore this chaos, or we can model it. When we model it, we have the opportunity to bring it under some degree of intellectual control.

The Software Fortress Model

This book introduces a new approach for modeling large enterprise systems: the software fortress model. The software fortress model treats enterprise systems as a series of self-contained software fortresses. Each fortress makes its own choices as to software platform and data storage mechanisms and interacts with other fortresses through carefully crafted treaties. Without going into too much detail this early, I present in Figure P.3 a view of the same enterprise that is shown in Figure P.2, but as seen from the software fortress model. Don't worry at this point about what the cartoon figures mean; they will become familiar soon enough.

The software fortress model pushes simplification of the enterprise architecture further and further. As we use the model to decompose the enterprise, Figure P.3 becomes a series of collaborations, as shown in Figure P.4.

I will discuss what the software fortress model is throughout this book. For now, let's focus on why we need this model.

The most important reason for the software fortress model is so that we can better understand how our systems interact within our overall enterprise architecture. Even without knowing the details of how the software fortress model works, you can quickly get the sense that Figures P.3 and P.4 are a lot more approachable than Figure P.2.

We already have many good techniques for modeling software systems. The most prevalent is the Unified Modeling Language (UML). But existing systems, including UML, focus on the issues involved with designing software systems. They have little to offer the enterprise architect in modeling how the various software systems that make up the enterprise architecture relate to each other. In other words, they are fine for modeling a sales system, an inventory system, or an accounts payable system. They are not useful for showing how sales, inventory, and accounts payable systems need to work together to coordinate a customer purchase.

The software fortress model picks up where techniques like UML leave off. Or, to be more precise, UML picks up where the software fortress model leaves off. The software fortress model helps us describe and plan for the relationships between software systems. These relationships ultimately define the enterprise architecture. UML and related technologies can then be used to document how individual software systems are designed.

Who Cares about Software Fortresses?

The software fortress model has a lot to offer, especially for the high-level manager who is trying to understand the overall enterprise architecture, and for the enterprise architect who is trying to explain it.

For CTOs, the software fortress model offers these immediate payoffs:

It aligns technology boundaries with organizational boundaries within the enterprise.
It provides an intellectual framework for modeling and managing the technical complexity of enterprise systems.
It cleanly separates issues that must be decided at the enterprise level from those that can be decided at the local level.
It is independent of technology and allows groups with different technology biases to discuss architectures using a common language.

Enterprise architects will appreciate the following additional benefits of the software fortress model:

It cleanly defines natural technical boundaries across which autonomous groups can agree to disagree.
It provides a methodology for achieving interoperability between software systems.
It provides a methodology for defining security at the enterprise level.
It provides an intellectual framework within which different technologies can be meaningfully compared.

But CTOs and enterprise architects are not the only ones who will gain from the software fortress model; this model has the power to transform the entire industry. For the first time, the entire industry will have a lingua franca for discussing enterprise applications. Customers and clients will be able to communicate readily with programmers and architects, Java programmers will be able to understand Visual Basic programmers, and architects from different business fields will be able to compare approaches to common problems.

Over time, the software fortress model will influence the software platforms themselves. Tools will appear to directly support the model. Platforms will evolve as the model exposes underlying platform weaknesses. New technological approaches will be explored as the model helps us better understand the needs of the enterprise.

Perhaps the most important contribution of the model is simplification: simplification of security, simplification of interoperability, and simplification of collaboration. Simple systems are inherently better than complex systems. They are cheaper to build, they are more reliable, and they are more secure. We can all get behind that.

The Goals of This Book

The software fortress model is still quite young, even by software standards. However, I have already presented the main ideas that make up this model to over 3,000 developers and conducted in-depth workshops with very high-level enterprise architects from many large companies. I have also introduced the ideas to the readership of the ObjectWatch Newsletter, which has more than 20,000 readers, including highly placed managers and architects at virtually all of the Fortune 500 companies.

The response to the software fortress model, even in its relative state of immaturity, has been overwhelming. Almost everybody who is exposed to the software fortress model feels a strong sense of resonance, as if this model addresses a very basic requirement at their organization: the requirement to model and simplify their enterprise.

This book is designed to meet an immediate need: to define, clarify, and explain the basics of this new approach to modeling large-enterprise software architectures. This approach will evolve, and I hope the evolution will be aided by a universal language for describing software fortresses and a universal approach to modeling them. Once we can all speak the same language, we can quickly start to learn from each other. One goal of this book is to provide this common language.

Who Should Read This Book

The software fortress model is not for everyone. If you are one of five developers working in a ten-person company, this modeling technique is overkill for anything you need to do. You don't need this methodology, and you don't need this book.

The software fortress model is for the enterprise. If you are one of a hundred or more developers, architects, or technical managers working in a large corporate IT organization, then this modeling technique will prove invaluable, and the language defined in this book will likely soon be used throughout your organization.

If you work in a large enterprise, even if you are not directly involved in defining software fortresses, it will be important that you are able to understand and contribute to discussions about them.

If you are a consultant advising large enterprises, the information in this book will be critical to you. Whether or not you believe in software fortresses will be unimportant, but you will need to be able to discuss them. You can be for them or against them, but you can't ignore them.

If you are a client paying the bill for a corporate system, the software fortress model is your best shot at making sure that software architects understand your needs and that developers implement systems you can use.

The History of the Software Fortress Model

As I look back over the last year, the time during which I formed the basic ideas of the software fortress model, I can see clearly several threads that came together to form this tapestry.

First, I have been teaching master's classes for enterprise software architects for most of the last decade. For a decade before that, I was heavily involved in building enterprise infrastructure technologies. During most of this time, I have been preaching a consistent message: The two major issues facing the enterprise are interoperability and security. I have been looking for a modeling methodology that would focus on these critical issues.

Second, I have always been interested in the modeling ideas that were known as data silos. Those ideas seem to capture a key idea of data ownership.

Third, the architectural ideas introduced by transaction processing monitors—namely, the three-tier architectural model—gave us some important clues to understanding what was needed to build highly scalable software systems. I have been working in the middle-tier technologies for many years now, and these ideas have been extrapolated into the software fortress model.

Fourth, Pat Helland of Microsoft has been proposing a model for autonomous computing. It is based on what he calls software fiefdoms, with emissaries linking together different fiefdoms. This model has been very influential on me, especially because it seems to capture the idea of systems working together to accomplish a higher goal. I will discuss Helland's ideas further in Chapter 10 (Internet Fortresses), where they are most relevant.

Fifth, the readers of the ObjectWatch Newsletter, now more than 20,000 strong, have read earlier drafts of my software fortress ideas and have written back with excellent insights.

Sixth, participants at my two-day workshop have added immeasurably to my understanding of software fortresses. I have been fortunate to work with very high-level enterprise architects, with many years of collective real-world experience in building large enterprise systems. These participants have contributed valuable insights.

Finally, I have had opportunities to present the software fortress ideas at perhaps a dozen conferences to over 3,000 enterprise architects in the last year. The feedback of my audiences has been tremendously helpful.

I am grateful to all of these sources for the insight each has contributed to the ideas discussed in this book. I am also grateful to you, the reader, who I hope will be helping to advance these ideas in the near future.

The Organization of This Book

Chapter 1 of this book is an introduction to software fortresses, discussing what they are, the terminologies we use to describe them, and how interfortress relationships work.

Chapter 2 is an overview of the various techniques we use to document fortresses, including fortress-ally-responsibility cards (based on class-responsibility-collaborator cards) and sequence-ally diagrams (based on UML's class sequence diagrams).

Chapter 3 gives an overview of transactional integrity. This is a background chapter needed to understand the many flavors of the word transaction and how different parts of software fortresses cooperate to coordinate their work.

Chapter 4 gives an overview of drawbridges. The two major subcategories of drawbridges, synchronous and asynchronous, are covered in more detail in Chapters 5 and 6, respectively.

Chapter 5 covers synchronous drawbridges, including component technologies on which they are based.

Chapter 6 covers asynchronous drawbridges, including the message queues on which they are based.

Chapter 7 discusses how security is implemented in software fortress architectures. It covers the two important aspects of security: keeping things out (wall technologies) and letting things in (guard technologies).

Chapter 8 discusses how software fortresses form partnerships and work together, through well-defined treaty relationships.

Chapter 9 gives a general overview of issues that are relevant to all fortress types.

Chapter 10 discusses the two Internet-connected fortresses: Web service fortresses, which accept programmatic requests over the Internet, and presentation fortresses, which interact with browsers.

Chapter 11 discusses the business application fortresses that run your mission-critical business systems.

Chapter 12 covers legacy, service, and treaty management fortresses.

Chapter 13 enumerates 25 important issues you should consider in a design review of a software fortress architecture.

Chapter 14 presents a software fortress architecture case study.

Chapter 15 gives a few (well, maybe more than a few) final thoughts on software fortresses.

Acknowledgments

I would like to thank the many people who have contributed to this book. I am especially grateful to my wife, Alice, and my children, Emily and Michael, for their support. Janet would like to thank her daughter Kate for her patience and smiles.

We would both still be half asleep if not for the continuous supply of marvelous macchiatos and luscious lattes made by the crew at our local Starbucks: Corey, Jo, Bert, Charlotte, Casey, Scott, Jay, Travis, and Z.

I have taught much of this material in one form or another to thousands of workshop participants. The discussion from these workshops has been tremendously helpful in refining these ideas. Thanks to all of the participants in these many workshops, and to the many more I hope to meet in the future.

This book has benefited from early reviews by some very talented and experienced individuals. I appreciate the feedback of the following people (company affiliations are included where allowed): Richard Campbell, Chris Corrado, Charles Erickson (VP of Development, WhisperWire), Stephen Fulcher (Principal, DeveloperLabs), Lynn Keele, Ruth Leuzinger (Senior IT Architect, Zurich Insurance Company, Switzerland), Don Pipkin, Ruben Prieto-Diaz, Carlos Recalde (Executive Director of Technology - Americas Region, KPMG. LLP), Stuart Sands (a Director of Technology Solutions at a major brokerage firm), and David L. Smith.

It has been great working with the staff at Addison-Wesley: Peter Gordon, Amy Fleischer, John Fuller, Bernard Gaffney, Karin Hansen, and unknown others. I am grateful for the careful attention of my copy editor, Stephanie Hiebert. After removing my many dangling modifiers, this book was greatly improved. (I know, I know . . . "Her removal of my many dangling modifiers greatly improved this book!")

Thanks to all of you.

—Roger Sessions
Austin, Texas

0321166086P01292003

Product details

Publisher ‏ : ‎ Addison-Wesley Professional (February 24, 2003)
Language ‏ : ‎ English
Paperback ‏ : ‎ 304 pages
ISBN-10 ‏ : ‎ 0321166086
ISBN-13 ‏ : ‎ 978-0321166081
Item Weight ‏ : ‎ 1.32 pounds
Dimensions ‏ : ‎ 7.3 x 0.8 x 9.3 inches

Best Sellers Rank: #5,106,514 in Books (See Top 100 in Books)
- #1,507 in Computer Hardware Design & Architecture
- #2,273 in Software Design & Engineering
- #7,948 in Software Development (Books)

Customer Reviews:
(4.0) 5 ratings

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Videos

Help others learn more about this product by uploading a video!

Upload your video

About the author

Follow authors to get new release updates, plus improved recommendations.

Roger Sessions

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Discover more of the author’s books, see similar authors, read author blogs and more

Customer reviews

4 out of 5

5 global ratings

5 star		60%
4 star		20%
3 star 0% (0%)		0%
2 star 0% (0%)		0%
1 star		20%

How customer reviews and ratings work

Top reviews from the United States

There was a problem filtering reviews right now. Please try again later.

Thomas Adams

Fortress = Interoperability with Security

Reviewed in the United States 🇺🇸 on June 19, 2003

In his previous two books, Roger made the distinction between implementation technology (objects) and distribution technology (his definition of components). Briefly, Sessions says components are different from and should not be confused with objects. The distinction is important because of transactions. Components need to take advantage of COMWare (COM+) transaction management in order to be scalable. In this book he introduces interoperability technology (fortresses) as the next higher level above components.
Roger says interoperability and security are now the two biggest problems in the industry. His Fortress model is designed to solve the problem of disparate systems doing business together securely. It is appropriate for large-scale enterprise systems - "hundreds of programmers in autonomous groups".
The book presents a modeling language based on a new architectural philosophy. He sets out sound principles for designing systems, clearly explains pitfalls and complexities that abound, and breaks the problem into easily remembered, easily understood chunks. It is based on the "autonomous fiefdom" model developed by Pat Helland of Microsoft...
The Fortress Model
A Software Fortress is a collection of parts that work together as an integrated whole. The formal definition is: "... a conglomerate of software systems serving a common purpose and typically owned by a cohesive group of individuals. These software systems work together in a tight trust relationship to provide consistent and meaningful functionality to a hostile outside world." A Software Fortress is an entire system that contains components and can span several computers. An Enterprise will have different types of fortresses working as allies.
Every Fortress has a Wall to prevent communications from entering except through a Drawbridge. Every message coming in the Drawbridge is compared against a Treaty by a Guard who rejects it or approves it and forwards appropriate requests to Workers. Workers access the Data Strongbox to complete the requests. An Envoy takes the completed work and prepares it (according to a Treaty) for communication to another fortress.
Fortresses are all about trust boundaries, both technical and organizational. No fortress trusts any other fortress, but all the parts within a fortress trust each other. Since everything outside the fortress is potentially hostile, the Guard is a key player, and Treaties define legitimate communications. The Guard reforms every communication: nothing from the outside is ever passed directly to workers inside.
While all fortresses share many features (above), Sessions has identified unique characteristics of 6 different types of Fortresses. The Fortress types are: Presentation, Web Service, Legacy, Business Application, Service, and Treaty Management. You'll have to read the book for more information.
He concludes the book with chapters on design reviews, a case study, and "the part of tens" just like the "for dummies" books. The design review contains 8 pertinent questions to be asked and answered for overall project management, 7 for enterprise architects, and 9 for fortress architects. The case study is made-up, but it illustrates the steps of design, use of tools, and trade-offs that are made. The "tens" summarize by reiterating the basics of fortresses, the reasons to adopt fortress architecture and fortress design rules. The most interesting "tens" are the 10 most controversial ideas in Software Fortresses, and 10 criticisms of the software industry.
He wraps up by stating "This model has the potential to move us as far beyond three-tier/N-tier architectures as three-tier/N-tier architectures moved us beyond client-server systems."

Analysis
It all sounds great, and I have a lot of respect for Roger because of his deep knowledge of this problem space, but at this stage, the book is just hand waving. He doesn't reference actual success stories using his architecture. Because it is new, unproven concept not invented by IBM or Microsoft, there are no tools that implement his architecture.
I know Sessions writes for people seeking a conceptual understanding of issues, not for coders. Roger is very good at explaining the concepts - I know of no one better. Nonetheless, I would be happier if he had designed and coded an enterprise with working fortresses - as an example along the Rocky Lhotka line ISBN 1-861002-07-6 (alternate, alternate).
Roger concedes that the model hasn't been proven, but the problem remains: what is being done now doesn't work, and he says there is no other solution on offer. After a little exploration, I think Model Driven Architecture (MDA) from the OMB...may be his competition. MDA provides:
·Portability
· Cross-platform Interoperability
· Platform Independence
Domain Specificity
· Productivity
MDA makes portability and platform independence goals, which Roger says is a waste of time. MDA doesn't have security as a goal, which is one of Roger's key points. MDA is an industry standard, where Software Fortresses is just one guy's idea.
Conclusion
No matter how good an idea, I don't think Software Fortresses is going very far unless it gets adopted as a standard. Roger gets in his own way here. He is brilliant, but he doesn't seem to play well with others. His books have minimal "additional resources" appendices and no footnotes to other authors work. His acknowledgements to other authors are sketchy. When asked, he could make no recommendation on a book on programming Objects Vs Components, and referred me to his newsletter article....
Learn about the Software Fortress architecture and use what you can.

13 people found this helpful

Helpful

James Edelen

Software Fortress Architecture Overview

Reviewed in the United States 🇺🇸 on April 15, 2003

This book provides a basic introduction the Software Fortress model. Whether you are a systems architect, network engineer, developer, developer or consultant, you would benefit from knowing and understanding the software fortress architecture. This book uses excellent diagrams to illustrate and explain the discussed concepts very well.
I found the discussion of fortress design principles very easy to understand. After reading, you will gain an understanding of the fortress model from a general perspective and have enough background in fortress architecture to be able to discuss the model in conversation and be able to comprehend what is going on if presented with a fortress model in your job. I however don't think the book delves into enough detail to be able to implement fortress software development techniques.
The book talked a lot about theoretical fortresses, rather than focusing on practices. The book talks about the abstract concept of components, be discusses very little about actually building them. It tells you what to do with components, but not how to do it.
I do not think this was a bad book at all, in fact I enjoyed it very much, but realize that the book does not cover Software Fortress practices, but more of and overview of the model itself gives you the ideas for how to design a fortress architecture, but no details on how to actually build it. Keep this in mind when deciding if this is the right book for you or not.

6 people found this helpful

Helpful

Michael Tan

Excellent for Enterprise Systems Architecture

Reviewed in the United States 🇺🇸 on February 24, 2005

I enjoyed the book thoroughly. The concept of using the fortress as a metaphor for system is fluently presented. It starts with simple and well understood characters in a typical fortress and evolves logically into the more difficult concepts, always building on previous discussions and reiterating important concepts if necessary.

I found the book very useful in my role as an enterprise architect (more about that later) for a scientific agency here in Canberra. As an agency, we are concern about data interoperability. Our stakeholders download data from our internet site to use with their researches and other business activities. They need interoperable data. The same can be said about our own researchers who need interoperable data from other sites. So we need a system that facilitates that exchange of data. It will start with manual interface at first but will require machine2machine interfaces in time to come. We know web services technology is the obvious answer. Our challenge is to logically evolve from the big picture (all the requirements) to the technologies we need to build the system. Discussions about heterogenous/homogeneous synchronous/asynchronous drawbridges are excellent way to evolve logical designs to physical designs. Technology selection does not have to base on personal experiences anymore. The fortress software metaphor also gives me a perfect tool in painting the big picture to general users and management. The fortress analogy creates resonance immediately because we, as government agent, are paranoid about security.

From a software development practice viewpoint, the software fortress model carries many of the virtues of object-based programming like reuse and data encapsulation. This is not a coincidence given the fact that author is a guru in this area. What the model gives us is also the opportunity to transition into this important practice from the current amateurish programming habits.

From the point of an enterprise architect, software fortress is an excellent tool to develop the enterprise technology architecture from an enterprise system architecture. An enterprise system architecture satisfies the enterprise information architecture which in turn satisfies the enterprise business architecture. At the moment, that transition from systems to technology is more an art than a science. As the author asserted the software industry has no conceptual model for building enterprise systems.

If I have any objection with the author, it is the usage of the term "enterprise architecture" in the book. Enterprise Architecture actually has a well defined meaning and acceptance, at least in USA. If you point your browser to [...] , you will see "enterprise architecture" actually consist of business, information, system and technology architecture. By "enterprise architectures" in the book, the author actually refers to enterprise system architecture. As an enterprise architect, I hope we all have a consistent use and meaning of the terminology.

Helpful