Web Services: A position paper
For the W3C

Gerald W. Edgar
Boeing Commercial Airplanes Group
February 22, 2001

This position paper proposes directions for the development of Web services to provide value for application development and deployment.

Abstract:

Web services have the potential of enabling a platform-independent integration architecture if the right tools and infrastructure are in place. To this writer the key elements of Web services consist of the following: search and discovery mechanisms, methods of secure transport, and verifiable means to prevent data interception and corruption. Each of these elements are currently being worked by different groups and organizations. For Web services to deliver on its potential requires that each element work in concert, and that the whole infrastructure is configured to support development and deployment.

Web services development needs to encompass discovering and using information object definitions, using platform- and implementation-specific capabilities to access the information objects along with packaging for using the objects. Using a broadly available infrastructure, Web services enable applications to create requests for service, a transport mechanism to send the request, and then the capability to receive results. These parts all work in concert to enable the creation and deployment of new applications in a stable (always working) but dynamic (always changing) environment. Each element in the infrastructure provides support and a connection to other elements, enabling development. When an application is deployed, the elements also need to support its operation. All these parts need to work together to maximize their value. Each element of this has value, and that value is increased as the parts work together better.

From all of this, Web services may enable "self healing" applications through the use of registries and stable addresses for applications that can change over time.

Web Services

For this position paper "Web services" are those data sources or processing capabilities available through a network interface. "Web services" form building blocks to construct distributed, network-based applications. XML-based interface protocols enable the most flexible means to both expose and utilize these Web services, especially when they are using an existing infrastructure developed to support the Web. Web services utilize this existing infrastructure, but in new ways, to enable application development. Web services enable an application to use other application services, regardless of how the application providing the service was created. This position paper does not discuss the application development platform (i.e., operating system or language) only how services are exposed, utilized, and made secure from corruption or interception.

For this paradigm to be effectively used, several parts need to work in concert.
First:

Development environment is connected to a Web services discovery capability to assist developers in creating the applications. This connection enables the developer to find the services available.
Second
An address service for deployed applications to provide a stable address for services that may change platform or location. For the applications, the stable address is a requirement for the current environment where services may change more quickly.
Third
A security service to ensure that services available are not subject to security risks of message corruption or compromise.

Web Services Framework

Overall, a Web services framework has to encompass the whole picture, from services request, to request packaging, to transport, to receiving the request, to processing the response, to setting up packages and sending it to its destination. The framework should describe the required capabilities for deployed applications using the service. This has to be used together and along with infrastructure to provide a stable address for an application that may migrate, and a stable discovery capability for an information structure that may change.

Some have it that Web services do not have a framework for describing the composition and orchestration of endpoints. There is a need for a complete framework for describing and using the discovery mechanism, the means to form and transport Web requests or messages; to receive responses, and manage the message environment. This could be extended to covering the stimulus response of messages being sent and received, as well and as the means for message confirmation and verifying the message has not been either corrupted or intercepted. There must be the means to pass messages safely in a business environment that includes open transport channels. Information security is important to trusting these new ways of accessing information and applications.

Finally, there needs to be means to deal with a dynamic environment and provide a stable application in spite of that dynamic environment. A stable address for applications that may migrate to different platforms is one element, a registry of information object definitions is another, and the tools to enable applications to use the stable references is the third aspect that form this trio. This infrastructure and the capability to use that infrastructure will enable self healing applications-  applications that can deal with a dynamic environment and provide a stable response. The measure of how well this orchestration is carried out may be measured by how well the parts fit together as defined by the standards. How well do development tools use available resources registered? how well do development environments use registered services? how much manual effort is required in using infrastructure? How well do discovery services enable applications to connect to services? How well do service descriptions allow development of links between applications? Can these links be updated in a deployment environment without further development?

Each element of this infrastructure could be used independently of other parts. Using all of these elements in concert increases capability and provides increased capability for Web services. We need to look at the whole picture and how to maximize what Web services provide by having the parts work together, from development to deployment and beyond.

Appendix:

Web services pose the problem of orchestrating a number of separate standards efforts and other activities. These are all independent but related activities addressing individual portions of Web services. The challenge is bringing these separate actors and agents together to provide the infrastructure for extending what we think of as the current application framework.

Description and Definition: services and structures which allow you to describe a service's business rules (scope and constraints), parameter for use (TPA), hardware/software constraints, and required structures (schemas and components).

STEP APs
OMG eDOC and UML
ebXML TPA and CPP and CPA
W3C XML Schema
Naming and Linking: services and structures which allow you to uniquely describe a location and name of an object.
W3C XPath, XLink, XPointer
W3C Namespaces
ISO Formal Public Identifiers
URNs, URIs
Cataloging and Categorization: services and structures which allow you to describe the metadata which is attached to objects of interest.
W3C RDF
ISO 13250 (xmlized version XTM)
W3C Namespaces
Various Industry Taxonomic schemes
Orchestrations: services and structures which allow you to describe sequences of tasks, events, processes, or applications which must work together to accomplish something.
WFMC workflow
Microsoft XLang
Registration and Discovery: services and architecture which allow you to locate, research, and analyze registry records (on structures, services, sequences, tools, etc.) stored in a registry.
UDDI services registry
ebXML Registry and Repository
WSDL
W3C XQL
ISO 10774 HyTime Groves
Packaging and Distribution: services and structures which allow you to package, route, and distribute information (XML and non-XML) in a secure, reliable, indisputable manner.
Packaging
W3C XP (SOAP)
ebXML Transport and Packaging
Security
W3C P3P
W3C DSIG
ebXML Transport and Packaging
Display and Transformation:
XSL
XSLT
DOM
SVG
WebCGM
CSS
XHTML