What is an Enterprise architecture? [closed] - modeling

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
I am a web developer, I want to become software architect, and I learn everyday about it, but when I am learning software architecture I see TOGAF framework for enterprise architecture, I want to get solid understand in an enterprise architecture.

Overview
Enterprise architecture focuses on the future state solution for : Current business problem , business strategy , business process improvement (BPI), business process re-engineering and business adventures. If you ask one enterprise architect what they are working on, most likely you are going to find out that they are working on one of these areas, unless they have a more specialized domain, which we cover later in this article.
“The What”
Enterprise Architecture does not prescribe the “how” only the what,
Deliverables
Depending on your company solution lifecycle standards and templates, your deliverable may be called “solution architecture”, “Enterprise Architecture blueprint” or some other name.
Architecture layers
It is a good practice to include in your deliverable minimum six architecture layers:
Security: End to end view of your solution from security perspective, this captures authentication and access management, data in transit and at rest protection.
Application: A view of your solution from the application perspective, includes domain specific programming language, and application design patterns and decisions for your font end, back-end and middle tier.
Infrastructure: This layer shows a view of your running platform, it may include cloud, containerization and virtualization.
Information: This captures your entire information lifecycle management from data modeling to acquisition, classification, and retirement.
Network: This architecture layer depicts the network end points and their paths.
Integration: This layer shows your data transportation and systems conversations, for example it shows your separations of data transportation from orchestration.
While these layers are not the only layers hat you can add to your architecture, you can add more as needed for example “business continuity” and “devops”, but all depends on the type of your organization and objectives.
The Enterprise Architect role
Being an Enterprise Architect (EA) entails command in multiple domains , however most of us in this industry started our careers in one domain such as development, networking, DBA, etc, an architect usually have expertise in at least one of the following and experience in the rest.
Expertise in one programming language (expert level means very familiar with the language and design patterns specific to the language).
Expertise in one database vendor ( Oracle, MSSql, DB2) expert level means - - Expertise in SQL , SQL:2016 being the latest standard in addition to server side language (PLSQL, TSQL)
Experience in networking basic concepts of networking and knowledge of new trends such as software defined networks (SDN).
Experience in integration patterns
Experience in infrastructure such as cloud , virtualization and containerization
Experience in information security: Identity and access management , Data in transit and data at rest protection.
In addition basic knowledge in : Data modeling, data warehousing, big data, Web UI frameworks, major cloud providers, compliance (ie: PCI, HIPPA), IPV4, IPV6, SOA.
And also helps if you have your own vision of the future landscape (ie: server-less , self-rendering services )
Architecture frameworks
There are multiple frameworks that depending on the situation may fit in your deliverables, these frameworks try to address the common architecture patterns in a prescriptive way.
TOGAF
Zachman
DoDAF
To answer your question " what s the difference between system architecture, application, software architecture":
Application architecture is one of the layers in your architecture.
System architecture, software architecture, solution architecture can be used interchangeably. Just don't lose your the big picture .
Some of the inputs for the architecture are
business strategy.
use cases
business cases.
Business continuity strategy
Compliance
Some of the outputs are
High level designs
A vertical partition) of your architecture layers.
Software specifications
A prescriptive and technology oriented specifications of your solution.

I have presented on Enterprise Architecture a few times over the past couple of years. One of the quotes (from myself) that I use in my talks is: "Just because I am an Enterprise Architect, that does not mean that I am an Enterprise Architect". That might seem like a strange quote but it's basically just a fun way to say that enterprise architecture can mean different things to different organizations and people.
Enterprise architects tend to work across a broad domain of concerns, occasionally focusing on specific aspects of a specific technology and/or business process. Some organizations (they tend to be the ones with a more mature EA practice) will have architects that work across all domains within the organization (or, enterprise - hence enterprise architect). Some organizations will have specific types of architects (e.g. applications architect, solutions architect, data architect, network/systems architect, business architect, etc.) that focus on a particular area. Having various types of architects within an organization is one way to "ease" yourself into the architecture space.
For example, the organization I work for has the role, Lead Developer. Each development team has a lead developer and they essentially act as applications architects (even if that is not their specific title). For someone new to that role, they focus on learning the business domain their team is typically responsible for. They also provide the overall architectural vision and design for the apps their team produces. And, they also work closely with the enterprise architects to ensure they are working within the parameters of the organization as a whole (i.e. not reinventing the wheel or making use of a technology or approach that does not fit within the enterprise architecture as a whole).
Starting out as a lead developer is one way to get your foot in the door, so to speak. There are other ways. For example, if you're interested in data architecture, then joining a BI team would be a great way to learn more about data architecture at scale. Joining a network team would go a long way toward gaining knowledge that could be applied as a network/systems architect.
You mention TOGAF in your question above but there are many architectural frameworks out there (TOGAF, Zachman, DoDAF, etc.). Depending upon your specific situation, a "canned" framework might make sense for your organization and it might not. However, becoming familiar with some of the available frameworks will give you insights into some of the common challenges faced by enterprise architects. In the end, however, you will want to do what is right for your organization. You might take bits and pieces from multiple frameworks and wrap them all up into your own framework. As with many challenges, do what works for you.
Along with everything else, keep in mind that enterprise architects tend to think strategically and keep a focus on the future. That does not mean that they do not think tactically or are not concerned with the "here and now". They just tend to have strengths when it comes to strategy and vision.
While this is a bit of a wordy answer, the reality is that nothing beats experience. If you want to become an enterprise architect then you should try to apply architectural practices to your everyday tasks. The more you work and act like an enterprise architect the more ready you will be when an opportunity presents itself.
Hope this helps!

If you want to be a software architect - aka Application Architect, then TOGAF is useful to know, but not necessary for you. Enterprise architects deal with things that impact the entire organisation, particularly things like Strategy & Planning. Organisational modelling, etc.
They can be sometimes involved as a governance role to ensure alignment with organisational design standards, or security standards. They can also sometimes be involved in setting organisational policy.
Either way - too many people assuming taking the "most senior looking" title will get them the best pay and the best life - this is not always true and an EA role is very very different to a software architect - even though they are both "Architects"
Now getting a solid understanding of Enterprise Archtiecture will be a challenge - because 1. its kind of undefined right now - or more accurately - there is around 460+ different models of what an Enterprise Architecture is - TOGAF only being one of them. 2. Most EAs like to get completely OCD around model definitions, and each one has a different OCD point of view exactly what they are - I should know, I'm one of them :)
One of the best general models I have found is DoDAF, but it sure isn't light bedtime reading. Wikipedia has a reasonably light definition though and it might be worth starting there if you haven't already

Enterprise Architecture (EA) entails the whole organization and possibly beyond. It includes Business Architecture, Information Architecture, Technology Architecture & Application Architecture. EA is strategic and thus it is "What" needs to be done.

Related

How to decide which framework to use for frontend?

I am trying to develop web application but I can't decide which framework to choose for front-end.
I could use Vue.js, Angular, React or Vanilla.js.
What are the parameters we need to consider while choosing front-end technology?
Stage of your business Your technology stack plays an important role at every stage of your business. If you’re just starting out, your primary goal must be launch the MVP as quickly as possible. Any language/framework/CMS tool that lets you put together a working prototype in the shortest possible time should be a good fit. WordPress is the ideal choice for a customer facing website or building a landing page as you do not require heavy programming knowledge. If your business is in the finance or banking space that requires security from the onset, opt for Java from the beginning.
Project requirement Before choosing any tech stack, understand the requirements of the project. Does your app require real-time functionality, such as a chatbot or live chat? In such cases, go with a tech stack that is good at concurrency, such as Node. If you’re a blogger who requires a functional website to increase conversions, WordPress or Drupal will work best. Is your frontend UI full of complex interactions? Then React or Angular may be good front-end tech stacks. Complete understanding of the project goals and business objectives along with the right selection of tech stack plays an important role in long-term success. Wrong selection may lead to financial loss.
Availability of resources The availability of developers who will create your product is one of the most influential factors defining your company's technology stack. Look whether your developers are willing and able to work within your chosen tech stack. Suppose you select a programming language not in common use such as Lisp, you will be hard-pressed to find programmers who know how to use it. If they do, they’ll charge a premium. Pick a tech stack that has a dynamic developer community. Commonly used programming languages will thrive in the near future and as a business owner it is easy for you to add new developers to the team.
Development and maintenance cost The technology stack directly influences development cost. There are a couple of factors to consider before picking up the right tech stack:
The cost of hiring a developer: Developers must be skilled professionals and the cost of hiring them varies based on the technologies they work with. Maintenance cost: The job doesn’t get over with the development completion of the MVP. Take into account the maintenance and upgradation cost. Consider sticking to open source technologies because they are cheaper and can be updated and changed without any restrictions.
Time to market Time to market is perhaps the most important for all startups. The faster you develop and launch your application, the more exposure you’ll get. Also, the less the time you spend developing initially, the more time you get to learn from the feedback of the users. Here is a list of the common issues you must consider while choosing a suitable tech stack: Third-party integration: Make sure the technology stack you choose allows third-party integrations, to integrate the features you need into your web or mobile application without reinventing the wheel. Developer availability: To turn your idea into a great web application, you need to have an experienced team of developers that can use the tools you choose and work with you in the long-term. Ask them if they will offer post-launch support. Testing: Make informed decisions based on how easy it would be to run tests on the chosen platform. No software product is developed perfectly the very first time. The chosen tech stack should allow you to fix bugs or tweak features easily without eating up a lot of time.
Scalability and security Products require a well-defined scalability matrix that works on both the scenarios either vertically or horizontally. Vertical scalability: lets you add more features on top of the core value proposition of your product. Horizontal scenario: lets you handle increased volume of users and transactions on the platform. Security Always make sure the application is developed keeping the best practices of security and threat mitigation in mind. Run security tests both on client and server side to eliminate the common security threats. The more robust your product is, the easier it becomes to sell in the market. At the end, make a choice that works best for your business. You can choose the technology to go with, based on your business goals, requirements and the resources you can afford.
there are plenty of articles on the internet if you search:
https://medium.com/unicorn-supplies/9-steps-how-to-choose-a-technology-stack-for-your-web-application-a6e302398e55
https://hackernoon.com/how-to-pick-the-right-web-technology-stack-for-your-product-f6d94440af2f
https://www.upwork.com/hiring/for-clients/how-to-choose-a-technology-stack-for-web-application-development/
etc.
For start, choose the technology you know better :)

Microservices dependence management - Governance or Domain Driven Design?

Background: an international company with a federation model is transforming into Microservices due to chronic Monolithic pain. Autonomous teams with quick deployment is highly desirable. In spite of theory, services are indeed dependent on each other for higher functionality, but are autonomous (independently developed and deployed). Since this is a federation model and decentralized control, we cannot impose strict rules - just like the UN. Without a governance platform that will manage dependencies else due to the multiple versions in production in different countries, we foresee uncontrollable chaos.
Let's call set of Microservices that needs to collaborate a "Compatibility Set". A service can be deployed but may not satisfy the higher functionality in its Compatibility Set. For example MicroService A-4.3 is fully autonomous, deployed and working perfectly. However to satisfy BusinessFunctionality 8.6 it must work together with MicroService B-5.4 and MicroService C-2.9. Together (A-4.3 , B-5.4 and C-2.9) they form a "Compatibility Set"
There are two approaches to this dilemma. Microservice in real life where the rubber hits the road and the learning from experience begins...
Approach 1) Governance Platform
Rationale: Federal model in an International company in 100+ countries. Which means Central IT can lay down the model but individual countries can choose their own destiny - and they frequently do. It frequently devolves to chaos and the Central IT team is on the hook. DDD is the solution for an ideal world where version inconsistencies do not derail functionality like releasing services which do not fit into the Compatibility set, individually blameless but together they fall apart or result in flawed or inconsistent functionality.
There is no homogeneity, there isn't even standardization of terminology
Developers are mixed skill, many junior, and many learning reactive programming and cloud native technologies
Bounded Context heavily depends on Shared Vocabulary and it can get subtle, but this is impossible to enforce and naive to assume in an International, mixed skill, fragmented scenario with multiple versions running
Standardization on a Single Business Model is not realistic in such a heterogeneous system (but ideal)
How what is Central IT to do when they're held responsible for this Chaos?
Enforce a Governance Platform
Create a Microservices governance system or framework to enforce dependency management. It verifies and enforces at design and run time dependencies on a particular Microservice through a manifest and performs some checks and balances to verify the service implementations being offered - the "Compatibility Set".
Approach 2) Domain Driven Design (DDD)
DDD is about modelling domains that are constantly evolving, where domain experts (typically a business stakeholder, or perhaps an analyst) will work alongside developers to design the system. Within each domain, a ubiquitous language is formed, such that within that context, the same word always means the same thing. An important thing to realise is that in one part of your system, “Order” might mean one thing, it might mean for example a list of products. In another part of your system, “Order” might mean something else, it might mean a financial transaction that happened. This is where the model you describe can fall down, if my service needs to get a list of orders, perhaps there is a capability out there that supplies a list of orders, but which orders are they? The list of products or the financial transaction? Trying to coordinate as many developers as you have to all use the same language here is an impossible task that is doomed to fail.
In DDD, rather than trying to manage this at a system level and force every service to use the same definition of Order, DDD embraces the inherent complexity in coordinating very large deployments with huge numbers of developers involved, and allows each team to work independently, coordinating with other teams as needed, not through some centralised dependency management system. The term used in DDD is bounded contexts, where in one context, Order means one thing, and in another bounded context, Order can mean another thing. These contexts can function truly autonomously – you describe your services as being autonomous, but if they have to match their definition of order with the entire system by registering and supplied dependencies to a central registry, then really they are tightly coupled to the rest of the system and what it considers an order to be – you end up with all the painful coupling of a monolith, with all the pain of building a distributed system, and you won’t realise many of the benefits of microservices if you try to take this approach.
So a DDD based approach doesn’t ever try to take a heavy handed approach of enforcing dependencies or capabilities at the system level, rather, it allows individual teams to work without needing central coordination, if Service A needs to interact with Service B, then the team who manages Service A will work with the team that manages service B, they can build an interface between their bounded contexts, and come to an agreement on language for that interface. It is up to these teams to manage their dependencies with each other, at the system level things can remain quite opaque / unenforced.
Too often we see people implement “Microservices” but end up with a system that is just as, if not more inflexible, and often more fragile, than a monolith. Also called a "Minilith" or "Monolith 2.0" Microservices require a complete rethink of architecture and software development processes, and require not just allowing services to be autonomous and independently managed, but also for teams to be independent, not centrally managed. Centralising the management of dependencies and capabilities in a system is likely to be an inhibitor to successfully building a microservice based system.
Intelligent and Pragmatic comments invited...
Approach 1 (Governance) is pragmatic and tactical and intended to solve very real challenges. Question is - will it undermine the long term strategic DDD model of the Enterprise?
Approach 2 (DDD) is ideal and aspirational but doesn't address the very real challenges that we have to deal with right now.
Opinions? Thought? Comments?
I've seen multi-national companies try to cooperate on a project (or be controlled from a central IT team) and it's a nightmare. This response is highly subjective to what I've personally read and seen, so it's just my opinion, it's probably not everyone's opinion. Generally broad questions aren't encouraged on Stack Overflow as they attract highly opinionated answers.
I'd say DDD probably isn't the answer. You'd need a large number of a developers to buy into the DDD idea. If you don't have that buy-in then (unless you have a team of exceptionally self-motivated people) you'll see the developers try to build the new system on-top of the existing database.
I'd also argue that microservices aren't the answer. Companies that have used microservices to their advantage are essentially using them to compartmentalise their code into small, stacks of individually running services/apps that each do a single job. These microservices (from the success stories I've seen) tend to be loosely coupled. I imagine that if you have a large number of services that are highly coupled, then you've still got the spaghetti aspects of a monolith, but one that's spread out over a network.
It sounds like you just need a well architected system, designed to your specific needs. I agree that using DDD would be great, but is it a realistic goal across a multi-national project?
I also dealt with the problem described in the question. And I came up with an approach in which I use API-definitions like OpenAPI-definitions to check compatibility between two services. The API-definitions must be attached as metadata to each service and therefore it is possible to do the check at run and design time. Important is that the API-definitions are part of the metadata as well when the API is offered and when the API is used. With tools like Swagger-Diff or OpenAPI-Diff it is possible to do the compatibility-check automated.

Is Domain-Driven Design a right fit for a product in Enterprise Architecture Domain?

Our client has a requirement to re-design from scratch a product in an Enterprise Architecture Business Domain. The product has an ability to model business processes, information, technology, infrastructure, data etc. for the entire organization of the end user with the help of standard E.A. Framework methods & tools like BPM/N, TOGAF, ArchiMate, etc.
There are many abstract (meta) modelling concepts which enables the product to also integrate with multiple third-party systems e.g. ERP, CRM, Project Management, Financial Management & Service Delivery systems of the end-customers for data synchronization purpose.
The question - Is Domain-Driven Design a right fit for modeling the core domain of this kind of product?
I recommend reading the books "Domain-Driven Design" of Eric Evans and "Implementing Domain-Driven Design" of Vaughn Vernon. The first thing to realize is NOT to build the ONE big model that rules them all. DDD is about domains (one of which is the core domain) and subdomains. And it is about bounded contexts which could be connected in a variety of ways described in the books. So basically you will end up with a lot of autonomous subsystems with seemingly redundant data, that communicate with each other in an loosely coupled way and synchronize part of their data with loosely coupled communication. Much overarching constraints will be only eventually consistent and system, processes and users must tolerate this.
So in a landscape of the complexity you describe I think YES. DDD is a right fit for possibly several core domains of several systems. But feel free to use simpler methods in subsystems that are pure crud and data centric.
The Enterprise Architecture project will provide a layered model of your business... it will precise all the componentized parts of your domain : actors, departments, services, functions... If your goal is to align the solution on the domain (as I suppose), I think Domain Driven Development is a very good fit for what you are trying to achieve. Basically, EA can show you how your solution should look like. As DDD is all about "specialization", rather than "reuse" or "generalization", you should be careful on not depending on Legacy Services that could break your Bounded Contexts (in DDD, for instance, Business Rules implementations should remain in the BC they serve, and not being scattered in the whole solution across external dependencies...). EA is a wonderful tool to define Ubiquitous Language, Bounded Context boundaries. DDD is great at designing Services boundaries. EA will provide strategic tools that will help you designing the BCs. As DDD, SOA, EA share many common first-citizen principles, they will fit very well.
My contribution comes late, have you some experience to share with us ?

What is Domain Driven Design?

Can somebody please explain (in succinct terms) what exactly is domain driven design? I see the term quite a lot but really don't understand what it is or what it looks like. How does it differ from non-domain driven design?
Also, can somebody explain what a Domain Object is? How does domain differ from normal objects?
EDIT:
As this seem to be a top result on Google and my answer below is not, please refer to this much better answer:
https://stackoverflow.com/a/1222488/1240557
OLD ANSWER (not so complete :))
In order to create good software, you have to know what that software
is all about. You cannot create a banking software system unless you
have a good understanding of what banking is all about, one must
understand the domain of banking.
From: Domain Driven Design by Eric Evans.
This book does a pretty good job of describing DDD.
Register to download a summary of the book.
Domain Driven Design is a methodology and process prescription for the development of complex systems whose focus is mapping activities, tasks, events, and data within a problem domain into the technology artifacts of a solution domain.
The emphasis of Domain Driven Design is to understand the problem domain in order to create an abstract model of the problem domain which can then be implemented in a particular set of technologies. Domain Driven Design as a methodology provides guidelines for how this model development and technology development can result in a system that meets the needs of the people using it while also being robust in the face of change in the problem domain.
The process side of Domain Driven Design involves the collaboration between domain experts, people who know the problem domain, and the design/architecture experts, people who know the solution domain. The idea is to have a shared model with shared language so that as people from these two different domains with their two different perspectives discuss the solution they are actually discussing a shared knowledge base with shared concepts.
The lack of a shared problem domain understanding between the people who need a particular system and the people who are designing and implementing the system seems to be a core impediment to successful projects. Domain Driven Design is a methodology to address this impediment.
It is more than having an object model. The focus is really about the shared communication and improving collaboration so that the actual needs within the problem domain can be discovered and an appropriate solution created to meet those needs.
Domain-Driven Design: The Good and The Challenging provides a brief overview with this comment:
DDD helps discover the top-level architecture and inform about the
mechanics and dynamics of the domain that the software needs to
replicate. Concretely, it means that a well done DDD analysis
minimizes misunderstandings between domain experts and software
architects, and it reduces the subsequent number of expensive requests
for change. By splitting the domain complexity in smaller contexts,
DDD avoids forcing project architects to design a bloated object
model, which is where a lot of time is lost in working out
implementation details — in part because the number of entities to
deal with often grows beyond the size of conference-room white boards.
Also see this article Domain Driven Design for Services Architecture which provides a short example. The article provides the following thumbnail description of Domain Driven Design.
Domain Driven Design advocates modeling based on the reality of
business as relevant to our use cases. As it is now getting older and
hype level decreasing, many of us forget that the DDD approach really
helps in understanding the problem at hand and design software towards
the common understanding of the solution. When building applications,
DDD talks about problems as domains and subdomains. It describes
independent steps/areas of problems as bounded contexts, emphasizes a
common language to talk about these problems, and adds many technical
concepts, like entities, value objects and aggregate root rules to
support the implementation.
Martin Fowler has written a number of articles in which Domain Driven Design as a methodology is mentioned. For instance this article, BoundedContext, provides an overview of the bounded context concept from Domain Driven Development.
In those younger days we were advised to build a unified model of the
entire business, but DDD recognizes that we've learned that "total
unification of the domain model for a large system will not be
feasible or cost-effective" 1. So instead DDD divides up a large
system into Bounded Contexts, each of which can have a unified model -
essentially a way of structuring MultipleCanonicalModels.
You CAN ONLY understand Domain driven design by first comprehending what the following are:
What is a domain?
The field for which a system is built. Airport management, insurance sales, coffee shops, orbital flight, you name it.
It's not unusual for an application to span several different domains. For example, an online retail system might be working in the domains of shipping (picking appropriate ways to deliver, depending on items and destination), pricing (including promotions and user-specific pricing by, say, location), and recommendations (calculating related products by purchase history).
What is a model?
"A useful approximation to the problem at hand." -- Gerry Sussman
An Employee class is not a real employee. It models a real employee. We know that the model does not capture everything about real employees, and that's not the point of it. It's only meant to capture what we are interested in for the current context.
Different domains may be interested in different ways to model the same thing. For example, the salary department and the human resources department may model employees in different ways.
What is a domain model?
A model for a domain.
What is Domain-Driven Design (DDD)?
It is a development approach that deeply values the domain model and connects it to the implementation. DDD was coined and initially developed by Eric Evans.
Culled from here
Here is another good article that you may check out on Domain Driven Design. if your application is anything serious than college assignment. The basic premise is structure everything around your entities and have a strong domain model. Differentiate between services that provide infrastructure related things (like sending email, persisting data) and services that actually do things that are your core business requirments.
Hope that helps.
As in TDD & BDD you/ team focus the most on test and behavior of the system than code implementation.
Similar way when system analyst, product owner, development team and ofcourse the code - entities/ classes, variables, functions, user interfaces processes communicate using the same language, its called Domain Driven Design
DDD is a thought process. When modeling a design of software you need to keep business domain/process in the center of attention rather than data structures, data flows, technology, internal and external dependencies.
There are many approaches to model systerm using DDD
event sourcing (using events as a single source of truth)
relational databases
graph databases
using functional languages
Domain object:
In very naive words, an object which
has name based on business process/flow
has complete control on its internal state i.e exposes methods to manipulate state.
always fulfill all business invariants/business rules in context of its use.
follows single responsibility principle
DDD(domain driven design) is a useful concept for analyse of requirements of a project and handling the complexity of these requirements.Before that people were analysing these requirements with considering the relationships between classes and tables and in fact their design were based on database tables relationships it is not old but it has some problems:
In big projects with complex requirements it is not useful although this is a great way of design for small projects.
when you are dealing with none technical persons that they don,t have technical concept, this conflict may cause some huge problems in our project.
So DDD handle the first problem with considering the main project as a Domain and splitting each part of this project to small pieces which we are famous to Bounded Context and each of them do not have any influence on other pieces.
And the second problem has been solved with a ubiquitous language which is a common language between technical team members and Product owners which are not technical but have enough knowledge about their requirements
Generally the simple definition for Domain is the main project that makes money for the owners and other teams.
I do not want to repeat others' answers, so, in short I explain some common misunderstanding
Practical resource: PATTERNS, PRINCIPLES, AND PRACTICES OF DOMAIN-DRIVEN DESIGN by Scott Millett
It is a methodology for complicated business systems. It takes all the technical matters out when communicating with business experts
It provides an extensive understanding of (simplified and distilled model of) business across the whole dev team.
it keeps business model in sync with code model by using ubiquitous language (the language understood by the whole dev team, business experts, business analysts, ...), which is used for communication within the dev team or dev with other teams
It has nothing to do with Project Management. Although it can be perfectly used in project management methods like Agile.
You should avoid using it all across your project
DDD stresses the need to focus the most effort on the core subdomain. The core subdomain is the
area of your product that will be the difference between it being a success and it being a failure. It’s
the product’s unique selling point, the reason it is being built rather than bought.
Basically, it is because it takes too much time and effort. So, it is suggested to break down the whole domain into subdomain and just apply it in those with high business value. (ex not in generic subdomain like email, ...)
It is not object oriented programming. It is mostly problem solving approach and (sometimes) you do not need to use OO patterns (such as Gang of Four) in your domain models. Simply because it can not be understood by Business Experts (they do not know much about Factory, Decorator, ...). There are even some patterns in DDD (such as The Transaction Script, Table Module) which are not 100% in line with OO concepts.
I believe the following pdf will give you the bigger picture. Domain Driven Design by Eric Evans
NOTE: Think of a project you can work on, apply the little things you understood and see best practices. It will help you to grow your ability to the micro service architecture design approach too.
Get an organization wide understanding of the problem domain by
developing a ubiquitous language (a common mental model) per sub-problem-domain.
Use that language as close as possible in solution domains (code).
Only then choose technologies.
Don't be technology driven but problem domain or business driven.

Design Patterns for security and data access control

Having recently discovered design patterns, and having acquired the excellent Head First Design Patterns book (can really recommend it!), I am now wondering about design patterns for security and controlling access to records in data stores.
My use case is a bespoke CRM style application, with contacts, businesses, and users who have different levels of access, including being limited to read only access, or even a subset of records. I will only be doing distinct entity level access control, not field level.
Can anyone recommend any security orientated design patterns that would fit the above?
If it makes a difference, I am using ASP.Net MVC, Entity Framework 4 and SQL Server 2008.
Security is what we call Cross-cutting concern and it's never easy deal with.
If you need to deal with the security from ASP.NET MVC level you would consider to look at MVC tutorial :
http://www.asp.net/learn/mvc/
If you want to know more about the security from the domain model level, an interesting question was already asked :
DDD User Security Policies
Hope this helps
There does exists a group of patterns realted to security, though most of them fucuses on securing integrated systems. I have found no book that is as well written and usable as GOF/Head-first, though I did enjoy the one online at www.securitypatterns.org.
Security is as much about architecture (sever setup, network topology...) as its about programing, so I would recommend that you start out with a general security book. Also pick up a book specifically on .NET/Windows security, since robust security programming is very technology specific (I, as UNIX/Java programmer, will have a completly different toolbox than
a .NET programmer and can unfortunatly not help you with a book on this last subject).
A good place to start on security (although not necessarily a "security design patterns" book) is Ross Anderson's Security Engineering.

Resources