Interoperability Framework for Web Services

stizzahaddockΛογισμικό & κατασκευή λογ/κού

14 Δεκ 2013 (πριν από 3 χρόνια και 5 μήνες)

57 εμφανίσεις

BYU Interoperability Framework

for Web Services


This document establishes
the Interoperability Framework (IF) standard

for publishing
and using
web services

between
BYU software systems. The standard aims to make it
easier for consumers of those services

to discover and connect to BYU software systems.


Web Services

Organizations make use of software systems to enable their business. When a system
provides answers to other systems, it is known as a
service provider
. When it gets
answers from another sys
tem, it is known as a
service
consumer
. These systems are
written on various platforms in various programming languages. In a traditional setup of
services, connecting a consumer to a service means writing custom integration code for
both the service and t
he consumer.


An interoperability framework provides for standardized communication between service
and consumer. This allows disparate systems to communicate with each other in real time
in a non
-
proprietary way

since t
hey have agreed to use a common prot
ocol for the
exchange of data
.
The protocol for w
eb services

is

based on Internet standards such as
HTTP, XML, and so forth.


The BYU Interoperability Framework

The BYU IF establish
es what standards apply to BYU w
eb services so that

if

consumer

and provi
der
conform

to those standards
both

can successfully interoperate.


This IF has been created, discussed and agreed upon by the EGAB and is being submitted
to Kelly Flanagan as a recommendation for approval and adoption. It represents the initial
version an
d will provide the framework for campus entities to
exchange data using w
eb
services based on the SOAP protocol. Later versions will extend the IF to support the
REST protocol and other interoperability protocols that may warrant consideration.


When the I
F was presented for a vote, 8 of the 13 voting members were present and all
voted yea. An email was sent out after the meeting to the absent members asking for their
concurrence or dissent. All 5 voted yea. Kelly McDonald and Phil Windley are non
voting me
mbers.


EGAB Members:

Kelly McDonald


Chair

Phil Windley
-

Advisor

Bill Cope
-

OIT

Mike Cunningham


Alumni Association

Hans Douma


SAS

Tracy Flinders


Brian Evans area

Bryce Goodwin


Physical Facilities

Matt Kieffer


CSR Community

Bill Lund


Library

Jon Mott


John Tanner area

Shawn O’Neil
-

SAS

Bart Schaerrer


Continuing Education

Matt Wilkinson
-

OIT

Rick Williams
-

SAAS

Danny Yeo


CSR Community


Date

August 14
, 2008

Version

1.0

Status

Proposed

Purpose

To provide a standard whereby entities a
round campus can produce and
consume web services.

Scope

BYU

Campus

Submitter

EGAB



Approved

This is a standard that is mature and adopted by BYU.

Investigation

This standard is still maturing and is being watched.

Incubation

This standard is mature
but is not widely adopted. This is a wait and see
indicator.



Transport



HTTP

Approved

The Hypertext
-
specification (RFC 2616, HTTP v1.1)
includes online public services provided on the internet.
RFC 2616 contains an upgrading mechanism in
HTTP/1.1 to s
tart a Transport Layer Security (TLS) via an
existing TCP connection.

HTTPS

Approved

Secure version of HTTP designed to transmit individual
messages securely.




Data Interoperability


XML 1.0

Approved

XML, a specification developed by the W3C, is a pa
red
-
down version of SGML, designed especially for Web
documents. It allows designers to create their own
customized tags, enabling the definition, transmission,
validation, and interpretation of data between applications
and organizations.

XML Schema 1.0

Approved

W3C XML Schema as defined by W3C

XSL

Approved

XSL (Extensible Stylesheet Language) as defined by
W3C




Foundation Web Services


SOAP 1.1

Approved

Communications protocol, allowing applications to
communicate with each other using http with XM
L based
information. This can be used in the exchange of
structured and automatically generated information
amongst parties in a
decentralized

and branched
environment.

WSDL 1.1

Approved

Web Service Description Language is used to describe
applications o
r services, i.e. location, functional calls and
any other information relevant for the use of the
applications or services.

UDDI 3.0

Incubation

Universal Description, Discovery and Integration is used
for describing the service and for discovery of the se
rvice
in a wider perspective.





Security



XML Sig

Approved

XMLsig as defined by W3C. XML Signatures ensures
origin and integrity in XML messages and
standardizes

the process, where XML contents are signed and put in
XML documents. XML Signature Secu
rity is used, when
different
organizations

and/or geographically
separated

addresses are integrated by means of XML. Through the
use of the signature the receiver of a document can be
certain that the
contents have

not been damaged

or
altered
.

XML Enc

App
roved

XMLenc as defined by W3C. XML Encryption is used to
ensure encrypted transportation of contents. It Is used,
when the level of security in transport (like SSL) is not
considered satisfactory.

SAML 1.1

Approved

SAML facilitates Single Sign
-
on and act
ivates
identification mechanisms in the public sector. SAML is a
framework for exchange of authentication and
authorization

information. SAML standardiz
es the way
security accreditives are presented in XML
-
format.

WS
-
Security 1.0

Approved

WS
-
Security is u
sed when different organisations and/or
geographically separated addresses are integrated by
means of SOAP. WS
-
security works with XML Encryption
and XML Signature.




Validation



WS
-
I Basic Profile
1.1

Approved

A set of non
-
proprietary Web services sp
ecifications,
along with clarifications, refinements, interpretations and
amplifications of those specifications which promote
interoperability. Web services meeting BP1.1 conform to
specified levels of interoperability.

WS
-
I Basic
Security Profile
1.0

Ap
proved

A set of non
-
proprietary Web services security
specifications, along with clarifications and amendments
to those specifications which promote interoperability.




Policy



WS
-
Policy 1.2

Investigation

A core set of constructs to indicate how choic
es and/or
combinations of domain
-
specific policy assertions apply
in a Web services environment