Navigating the Standards

fizzlargeSecurity

Nov 3, 2013 (3 years and 9 months ago)

66 views

Web Services:

Navigating the Standards
Landscape

Marc N. Haines

CTI Workgroup


Web Services

19
-
May
-
2005

© Marc Haines

2

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM

19
-
May
-
2005

© Marc Haines

3

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM


XML Foundation


19
-
May
-
2005

© Marc Haines

4

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM


Web Services Core


?

19
-
May
-
2005

© Marc Haines

5

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM


Commercial

Web Services


19
-
May
-
2005

© Marc Haines

6

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM


Competing

Standards Universes


19
-
May
-
2005

© Marc Haines

7

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM


Vertical

Standards


19
-
May
-
2005

© Marc Haines

8

Web Services Standards


The Web Services Standards Landscape

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM


Web Services

Nirvana


19
-
May
-
2005

© Marc Haines

9

Web Services Standards


Standardization


Players


Process


Standards

19
-
May
-
2005

© Marc Haines

10


The Players


Web Services Standards

Internet

Related

Standards

e
-
Business

Related

Standards

Standards

ISO

UN/CEFACT

UN/ITU
-
T

W3C

OASIS

V

V

V

IEEE

WS
-
I

19
-
May
-
2005

© Marc Haines

11

Web Services Standards


Standardization Process


The Players


W3C


OASIS



ISO


IEEE


UN/CEFACT, UN/ITU
-
T



Vertical standards groups



WS
-
I


19
-
May
-
2005

© Marc Haines

12

Web Services Standards


Standardization Process


Different standardization organizations use varying terminology to
indicate the status of their work


OASIS

W3C

Working Draft

Working Draft

Committee Draft

Public Review Draft

OASIS Standard

public

internal

Public Working Draft

Proposed Recommendation

Recommendation

endorsement

Candidate Recommendation

implementation

Committee Specification

19
-
May
-
2005

© Marc Haines

13

Web Services Standards


Standardization Process


The Food Chain


Initiator

Globalizer

Standardizer

Idea and

First initial draft of a specification

Expose draft to larger audience

Refine and find common
denomiator

Provide recommendation

(a.k.a. standard)

Approves “local” standard and
gives it “global” visibility

ISO

IEEE
UN/CEFACT

W3C

OASIS

IT Vendors

Research
Organizations

Individuals

19
-
May
-
2005

© Marc Haines

14

Web Services Standards


Standardization Process


The Food Chain


Initiator

Globalizer

Standardizer

Microsoft

W3C

SOAP

Various

OASIS /

UN/CEFACT

ebXML

ISO

(ISO
-
15000)

Jon Bosak,
Tim Bray

W3C

XML

ISO

?

19
-
May
-
2005

© Marc Haines

15

Web Services Standards


Standardization Process


The Food Chain


Initiator

Globalizer

Standardizer

CERN

Tim Berners
-
Lee

W3C

HTML

ISO

(ISO
-
15445)

XHTML

19
-
May
-
2005

© Marc Haines

16

Web Services Standards


The Standards

XML

XML Schema

XSLT

SOAP

WSDL

UDDI

WS
-
Security

ebXML

ebXML

Messaging

WS
-
Reliability

ebXML

Registry

UBL

WS
-
BPEL

IFX

ACORD

HL7

GJXDM

XML Encryption

WS
-
Eventing

WS
-
Adressing

Semantic Web

RDF

OWL/S

SOAP
-
MTOM

19
-
May
-
2005

© Marc Haines

17

Web Services Standards


XML Foundation


XML Base


A language to define other languages


XML
-
based languages share a common alphabet and a few
syntactical base rules but have very different vocabularies


Based on SGML


XML Schema


XSL


XML Encryption






19
-
May
-
2005

© Marc Haines

18

Web Services Standards


XML Foundation


XML Base
(XML 1.1, Feb. 2004)


Document Definition


XML Schema
(XSL 1.0, 1.1 working draft)


DTD


Relax NG


Document Presentation / Transformation


XSL


XSLT (2.0) , FO, XPath (2.0)


XQuery
(1.0)


Security


XML Encryption
(1.0?, W3C recommendation Dec. 2002)

19
-
May
-
2005

© Marc Haines

19

Web Services Standards


Web Services Core


SOAP


WSDL


UDDI

Registry

UDDI

Provider

WSDL

Consumer

SOAP

Publish

Find

Bind

19
-
May
-
2005

© Marc Haines

20

Web Services Standards


Web Services Core


SOAP


Organization


W3C


Status


SOAP 1.2: Recommendation since June 2003


Elements


SOAP Messaging Framework and Adjuncts



XML
-
binary Optimized Packaging


SOAP Message Transmission Optimization Mechanism


Resource Representation SOAP Header Block

»
Recommendations since Jan. 2005

19
-
May
-
2005

© Marc Haines

21

Web Services Standards


Web Services Core


SOAP


SOAP 1.2 is the current W3C “standard”


Changed fault handling


Array serialization


HTTP media type





SOAP is no longer “Simple Object Access Protocol”



SOAP 1.1 is recommended by the WS
-
I for
interoperabiltiy


Few implementations of SOAP 1.2 in development tools



SOAP is no longer “Simple Object Access Protocol”

19
-
May
-
2005

© Marc Haines

22

Web Services Standards


Web Services Core


WSDL


Organization


W3C


Status


WSDL 1.1: Only W3C Note (This is the one right now!)


WSDL 1.2: Working Draft in June 2003, but was never ratified


WSDL 2.0: Working Draft since May 2005


Elements


Core Language


Adjuncts

»
SOAP and HTTP bindings

»
Predefined Message Patterns

19
-
May
-
2005

© Marc Haines

23

Web Services Standards


Web Services Core


UDDI
[Universal Description, Discovery and Integration]


Organization


OASIS


Status


UDDI v3 is OASIS Standard since February 2005


Elements


All in one specification (3.0.2)

19
-
May
-
2005

© Marc Haines

24

Web Services Standards


Web Services Core


UDDI


Interestingly listed both under Web Services and but e
-
Commerce on OASIS Web site!


Along with ebXML and UBL


Business entity is key element in registry


UDDI may be used to discover other interfaces than WSDL


Only 22% of all Web services are publicized using
UDDI
[according to a recent WebServices.org survey]


Most Web services implementations involve only 1
-
5 services


Web services “power users” (>50 services) do use UDDI to
manage and publicize their services

19
-
May
-
2005

© Marc Haines

25

Web Services Standards


Commercial Web Services


WS
-
Security


WS
-
Reliability


WS
-
BPEL



WS
-
Eventing


WS
-
Adressing


WS
-
Policy





19
-
May
-
2005

© Marc Haines

26

Web Services Standards


Commercial Web Services


WS
-
Security


Organization


OASIS


Status


WS
-
Security 1.0: OASIS Standard since March 2004


Elements


Message Security 1.0

»
SAML Token Profile (Oasis standard Dec. 2004)

»
SOAP with Attachments [SwA] (Committee Draft)


UsernameToken Profile 1.0


X.509 Certificate Token Profile

»
X.509 is a UN/ITU
-
T standard for PKI

19
-
May
-
2005

© Marc Haines

27

Web Services Standards


Commercial Web Services


WS
-
Reliability


Organization


OASIS (Web Services Reliable Messaging TC)


Status


WS
-
Reliability 1.1: OASIS Standard since Nov. 2004


Elements


WS
-
Reliable Messaging

»
The other proposal for reliable messaging

»
“More commonalities than differences with WS
-
Reliabilty”

»
Who wins???

19
-
May
-
2005

© Marc Haines

28

Web Services Standards


Commercial Web Services


WS
-
BPEL
[Business Process Execution Language]


Organization


OASIS


Status


WS
-
BPEL 2.0: Working Draft since February 2005

»
Formerly BPEL4WS 1.1

»
Initiative from IBM, SAP, Siebel, BEA, Microsoft



19
-
May
-
2005

© Marc Haines

29

Web Services Standards


Commercial Web Services


WS
-
Eventing


Organization


Industry Consortium

»
IBM, BEA, Computer Associates, Microsoft, Sun
Microsystems, TIBCO Software


Status


Public draft release


Purpose


The WS
-
Eventing specification defines a baseline set of
operations that allow Web services to provide asynchronous
notifications to interested parties.


19
-
May
-
2005

© Marc Haines

30

Web Services Standards


Commercial Web Services


WS
-
Addressing


Organization


W3C

»
Submitted by BEA, IBM, Microsoft, SAP and Sun (3/2004)


Status


WS
-
Addressing 1.0: Working Draft since March 2005


Purpose


Web Services Addressing provides transport
-
neutral
mechanisms to address Web services and messages.


19
-
May
-
2005

© Marc Haines

31

Web Services Standards


Commercial Web Services


WS
-
Policy
[Web Services Policy Framework]


Organization


Industry Consortium

»
BEA, IBM, Microsoft, SAP


Status


WS
-
Policy 1.1: Initial public draft


Purpose


The Web Services Policy Framework (WS
-
Policy) provides a
general purpose model and corresponding syntax to describe
and communicate the policies of a Web Service.


19
-
May
-
2005

© Marc Haines

32

Web Services Standards


Commercial Web Services


WS
-
I


“The guardian of interoperability”


Does not create any specifications/standards


Picks “mature standards” and assembles them in an profile
with some extra rules for interoperability

»
Basic Profile 1.1 (Final, Aug. 2004)

»
Simple SOAP Binding Profile (Final, Aug. 2004)

»
Basic Security Profile 1.0 (Draft, Jan. 2005)


Does not guarantee interoperability, but it’s the best bet!

»
Provides testing tools for interoperability


Lag behind standards organizations

»
SOAP 1.1 in current profile, but 1.2 is current W3C
recommendation


19
-
May
-
2005

© Marc Haines

33

Web Services Standards


Commercial Web Services


WS
-
I


Basic Profile


Messaging:



SOAP 1.1


Description:



WSDL 1.1


Publication and Discovery:

UDDI 2.0


Security:




TLS 1.0 / SSL 3.0


Basic Security Profile


Transport Layer




TLS 1.0 / SSL 3.0


SOAP Message Security


WS
-
Security 1.0







XML Signature








XML Encryption



19
-
May
-
2005

© Marc Haines

34

Web Services Standards


Payload / Vertical Standards


Pick your industry …


Chemical


CIDX


Energy / Oil


POSC


Justice


GJXDM, LegalXML


Insurance


ACORD


Finance


IFX


Healthcare


HL7

What about your industry?

19
-
May
-
2005

© Marc Haines

35

Web Services Standards


Payload / Vertical Standards


UBL (Universal Business Language)


Organization


OASIS


Status


UBL 1.0: OASIS Standard


Purpose


While industry
-
specific data formats have the advantage of maximal
optimization for their business context, the existence of
different
formats to accomplish the same purpose

in different business
domains is attended by a number of significant disadvantages as
well. […] The OASIS Universal Business Language (UBL) is intended
to help solve these problems by defining a
generic XML interchange
format

for business documents that
can be extended to meet the
requirements of particular industries
.


19
-
May
-
2005

© Marc Haines

36

Web Services Standards


Competing Standards Universes


ebXML



RosettaNet



UCCNet


19
-
May
-
2005

© Marc Haines

37

Web Services Standards


Competing Standards Universes


ebXML


Standard


OASIS & UN/CEFACT (1999)


ISO 15000 (2004)


Purpose



The ebXML initiative was conceived due to the widely held
need to enable enterprises of any size and in any geographical
location to conduct business electronically in a simple, cheap
reliable way.”


History


Response to EDI costs


Developed pre
-
Web services

»
SOAP still controlled by Microsoft


Adopted in a variety of industries, particularly strong in Asia.

19
-
May
-
2005

© Marc Haines

38

Web Services Standards


Competing Standards Universes


ebXML



Syntax

XML

ebXML

Web Services

XML

Messaging

Registry

Reliability

Security

Process

Payload

ebXML
-
MSG*

SOAP

UDDI

ebXML
-
RIM/RS

ebXML
-
MSG

ebXML
-
MSG

WS
-
Reliability

WS
-
Security

WS
-
BPEL

ebXML
-

BP

Core Components

not specified

Interop.

ebXML IIC

WS
-
I

19
-
May
-
2005

© Marc Haines

39

Web Services Standards


Competing Standards Universes


ebXML


Dual Transport Support


“Health Level Seven (HL7) recently announced that two
Version 3 (V3) transport specifications
-

Web Services and
ebXML
-

have passed the ballot stage and have been
approved as Draft Standards for Trial Use (DSTUs).”


(Ann Arbor, Mich.
--

April 27, 2004
--

Health Level Seven, Inc.)


Same for other industries (AIAG etc.)


Multiple Registries


UDDI and ebXML Registries


Convergence/Overlap of ebXML and Web Services?


ebXML can leverage SOAP

19
-
May
-
2005

© Marc Haines

40

Web Services Standards


Web Services Utopia


Semantic Web


The goal of the Semantic Web is to develop enabling
standards and technologies designed to help machines
understand more information on the Web so that they
can support richer discovery, data integration,
navigation, and automation of tasks. […]


(Berners
-
Lee, 2001)

19
-
May
-
2005

© Marc Haines

41

Web Services Standards


Web Services Utopia


Semantic Web


Many proposed WSDL/UDDI extensions/alternatives


e.g. DAML [DARPA Agent Markup Language]


OWL
-
S
[Web Ontology Language for Services]


Semantic Markup for Web Services


OWL is a W3C recommendation (Feb. 2004)


RDF
[Resource Description Framework]


RDF/XML is a W3C recommendation (Feb. 2004)

19
-
May
-
2005

© Marc Haines

42

Web Services Standards


Standardization


Resources


Standardization Organizations


www.w3c.org


www.oasis
-
open.org


www.ws
-
i.org


http://www.unece.org/cefact/


Other


www.ebxml.org


http://www.ibm.com/developerworks/webservices/library/



www.marchaines.com/standards


19
-
May
-
2005

© Marc Haines

43

Web Services Standards


Questions



Which are the important standards for you?



How much should you care about standards
development/maturity?