Interview With Oracle's Ted Farrell

New technology never sells unless it can demonstrate a clear business benefit. How would you describe SOA's value to a CEO?

Lower cost of ownership. With SOA, you don't have long, drawn-out development cycles where you have to version everything and test everything at the same time, then deploy it and take the hit for updating. You can update the individual pieces without affecting the rest of the system.

What would a pilot project look like?

The successful pilots tend to be well-defined, short-lived, involving a small group of people. You take four to six people for two to four months, target exactly what you want to do and start building.You're not going off and writing the pilot from scratch. You're thinking about what you have in your organization that could be exposed as services, the pieces of your current infrastructure that you want to reuse, and building and extending from that.

Earlier this year Oracle started talking about SOA 2.0. Are we really so far along that we're ready for a new generation?

I'm not sure if "SOA 2.0" was coined by us or not. All it's really saying is that this is the complete end-to-end stack, as opposed to taking a business process engine and some Web services and trying to build an application out of that and having to fill in all the other pieces yourself. Our stack fills in the pieces.

So you disavow all responsibility for coining the phrase?

Definitely. I'm not sure who did coin it--probably Al Gore!What is the main thing a technology staff needs to figure out to do a broader SOA implementation?

A common customer question is: "How many services should I have? Four really broad services, or 100 more granular ones?" And the answer is that there isn't one--it depends on your organization. It also depends on your expected time to market and the type of application you're building.

What is it about certain industries, like telecommunications and health care, that have attracted them to SOA?

Both of those industries deal with heterogeneous, diverse environments. In health care, you're dealing with different insurance companies, hospitals, doctors, patient information. Those companies have spent millions, if not billions, writing code to get all these things all working together. It makes a lot of sense that they'd be early adopters of SOA. It's a perfect fit.

That sort of cross-company system-building sounds dangerous. What in SOA allows me to secure my data?There's nothing inherent in SOA that lets you secure data. That's one thing that a lot people overlooked early on, when they started wiring together business processes and Web services. Obviously with ones that you build yourself, you can have some control, but a lot of times you don't. It's really important in a SOA solution to have a coordinated security offering.

Acquisitions have figured heavily in your moves into SOA--you bought Collaxa in 2004 and Oblix in 2005. What's your strategy there?

We don't run out and buy the biggest player in a particular space just because it's the biggest player in the space. We look for companies that will integrate well into our stack because that's how everything else is. If we ended up with one that didn't integrate, it would really stand out.