As you can see from the title of this post "Governance", i'm going to provide some inside about SOA Governance, SOA architectural world has defined governance in two category.
Design time service governance, as the name implies, typically provides an integrated registry/repository that attempts to manage a service from its design to its deployment, but typically not during runtime execution of the services, albeit some do. Key components of design time service governance include
-A registry and/or repository for tracking service design, management, policy, security, and testing artifacts
-Design tools,including service modeling,dependency tracking,policy creation and management, and other tools that assist in the design of services
-Deployment tools, including service deployment, typically through binding with external development environments
-Links to testing tool sand services,providing the developer/designerthe ability to create a test plan and testing scenarios and then to leverage service-testing technology
In essence, design time service governance works up from the data to the services, gathering key information as it goes. You typically begin by defining the underlying data schema and turning that into metadata and perhaps an abstraction of the data. Then, working up from there, you further define the services that interact with the data, data services, and then transactional ser- vices on top of that. You can further define that into processes or orchestra- tion. All this occurs with design time information managed within the design time service governance system.
Runtime service governance - works and plays in the world of service man- agement and should be linked with design time service governance, but often is not. Design time is all about defining the policies around the use of services. Therefore, runtime governance is the process of enforcing and implementing those policies at service runtime, but it may do other things as well.
Runtime service governance, like design time service governance, comes in many flavors because of the number of vendors in that space and how it is defined by that vendor. There are no de facto standards as to what runtime ser- vice governance needs to be, but certain patterns are emerging.
Runtime service governance typically includes
Setting and maintaining appropriate service levels
Managing errors and exceptions
Enabling online upgrades and versioning
Auditing and logging
I hope this will provide some details about SOA governance.