The laws of SOA FAQ WebServices can lead to function oriented services, while REST can lead to a resource oriented architecture. Are both SOA? Law 1 and 2 - Does this mean that you recommend small, fine grained services? I don't think I understand what's meant with law 4 and 5 (I understand the words, but not what you want people to do and when) I think I agree with law 3, Establish service ownership and Key Performance Indicators for your services, but an example of a KPI would be helpful I think I agree with law 8, Security is not optional in SOA, but I don't understand what you mean by it yet In SOA - Is my customer the same entity as your customer? Is my product list the same as your product list? In which situations?