Web Services Glossary

Editor's Draft 05 June 2002

This version:
http://www.w3.org/TR/2002/WD-wsa-gloss-20020605
Latest version:
http://www.w3.org/TR/wsa-gloss
Editor:
Allen Brown, Microsoft <[email protected]>

Abstract

Glossary of Web Service terms

Status of this Document

This document is an editors' copy that has no official standing.

This section describes the status of this document at the time of its publication. Other documents may supersede this document. The latest status of this document series is maintained at the W3C.

Comments on this document should be sent to [email protected] (public archive). It is inappropriate to send discussion emails to this address.

Discussion of this document takes place on the public [email protected] mailing list (public archive) per the email communication rules in the Web Services Architecture Working Group charter.


Short Table of Contents

1. Terms


Table of Contents

1. Terms


1. Terms

Architecture

The software architecture of a program or computing system is the structure or structures of the system, which comprise software components, the externally visible properties of those components, and the relationships among them."

Binding

An association between an Interface, a concrete protocol and a data format. A Binding specifies the protocol and data format to be used in transmitting messages defined by the associated Interface.

Client

A Client is a software that makes use of a Web Service, acting as its 'user' or 'customer'.

Interface

A logical grouping of operations. An Interface represents an abstract Service type, independent of transmission protocol and data format.

Message

The basic unit of communication between a Web service and a Client: data to be communicated to or from a Web service as a single logical transmission.

Operation

A set of messages related to a single Web service action.

Port

An association between a Binding and a network address, specified by a URI, that may be used to communicate with an instance of a Service. A Port indicates a specific location for accessing a Service using a specific protocol and data format.

Reference Architecture

A reference architecture is the generalized architecture of several end systems that share one or more common domains. The reference architecture defines the infrastructure common to the end systems and the interfaces of components that will be included in the end systems. The reference architecture is then instantiated to create a software architecture of a specific system. The definition of the reference architecture facilitates deriving and extending new software architectures for classes of systems. A reference architecture, therefore, plays a dual role with regard to specific target software architectures. First, it generalizes and extracts common functions and configurations. Second, it provides a base for instantiating target systems that use that common base more reliably and cost effectively.

Service

A collection of EndPoints.

SOAP

The formal set of conventions governing the format and processing rules of an SOAP message and basic control of interaction among applications generating and accepting SOAP messages for the purpose of exchanging information along an SOAP message path.

SOAP block

The syntactic construct or structure defined in an SOAP module. SOAP blocks are processed by SOAP handlers.

SOAP handler

An SOAP handler is responsible for processing SOAP Blocks targeted at it according to any rules defined in the corresponding SOAP module.

SOAP module

An SOAP module is a basic unit for the definition of extensions to SOAP. An SOAP module encapsulates the definition of one or more related SOAP blocks and their associated processing rules. These processing rules are realised in one or more SOAP handlers.

SOAP binding

The formal set of rules for carrying an SOAP message within or on top of another protocol for the purpose of transmission. Typical SOAP bindings include carrying an SOAP message within an HTTP message, or on top of TCP.

SOAP message

An SOAP message is the basic unit of communication between peer SOAP processors.

SOAP processor

An SOAP Processor processes an SOAP message according to the formal set of conventions defined by SOAP. It is responsible for enforcing the rules that govern the exchange of SOAP messages and accesses the services provided by the underlying protocols through SOAP bindings. An SOAP processor is responsible for invoking local SOAP Handlers and providing the services of the SOAP layer to those SOAP handlers. Non-compliance with SOAP conventions or failure in an SOAP handler can cause an SOAP processor to generate an SOAP fault (see also SOAP receiver and SOAP sender).

SOAP envelope

The outermost syntactical construct or structure of an SOAP message defined by SOAP within which all other syntactical elements of the message are enclosed.

SOAP header

A collection or zero or more SOAP blocks which may be targeted at any SOAP receiver within the SOAP message path

SOAP body

A collection or zero, or more SOAP blocks targeted at the ultimate SOAP receiver within the SOAP message path.

SOAP fault

A special SOAP block which contains fault information generated by an SOAP processor or handler.

SOAP node

An SOAP Node is an encapsulation of SOAP handlers and their associated SOAP processor.

SOAP sender

An SOAP Sender is an SOAP Node that transmits an SOAP Message.

SOAP receiver

An SOAP Receiver is an SOAP Node that accepts an SOAP Message.

SOAP message path

The set of SOAP senders and SOAP receivers through which a single SOAP message passes. This includes the initial SOAP sender, zero or more SOAP intermediaries, and the ultimate SOAP receiver.

SOAP initial sender

The SOAP sender that originates an SOAP message as the starting point of an SOAP message path.

SOAP intermediary

An SOAP intermediary is both an SOAP receiver and an SOAP sender, target-able from within an SOAP message. It processes a defined set of blocks in an SOAP message along an SOAP message path. It acts in order to forward the SOAP message towards the ultimate SOAP receiver.

SOAP ultimate receiver

The SOAP receiver that the initial sender specifies as the final destination of the SOAP message within an SOAP message path. An SOAP message may not reach the ultimate recipient because of an SOAP fault generated by an SOAP processor or an SOAP Handler along the SOAP message path.

SOAP data model

A set of abstract constructs that can be used to describe common data types and link relationships in data defined by SOAP modules.

SOAP data encoding

The syntactic representation of data described by the SOAP data model within one or more SOAP blocks in an SOAP message.

Web service

A Web Service is a software application identified by a URI [IETF RFC 2396], whose interfaces and binding are capable of being defined, described and discovered by XML artifacts and supports direct interactions with other software applications using XML based messages via internet-based protocols.

Web service

A Web service is a software application identified by a URI, whose interfaces and binding are capable of being defined, described and discovered by XML artifacts and supports direct interactions with other software applications using XML based messages via internet-based protocols

Authentication

To positively verify the identity of a user, device, or other entity in a computer system, often as a prerequisite to allowing access to resources in a system.

Integrity

Assuring information will not be accidentally or maliciously altered or destroyed.

Non-Repudiation

Method by which the sender of data is provided with proof of delivery and the recipient is assured of the sender's identity, so that neither can later deny having processed the data.

Confidentiality

Assuring information will be kept secret, with access limited to appropriate persons.

Authorization

The process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. Usually, authorization is in the context of authentication. Once a subject is authenticated, it may be authorized to perform different types of access.

Access

To interact with a system entity in order to manipulate, use, gain knowledge of, and/or obtain a representation of some or all of a system entity’s resources. [RFC2828]

Access Control

Protection of resources against unauthorized access; a process by which use of resources is regulated according to a security policy and is permitted by only authorized system entities according to that policy. [RFC2828]

Access Control Information

Any information used for access control purposes, including contextual information [X.812]. Contextual information might include source IP address, encryption strength, the type of operation being requested, time of day, etc. Portions of access control information may be specific to the request itself, some may be associated with the connection via which the request is transmitted, and others (for example, time of day) may be "environmental". [RFC2829]

Access Rights

A description of the type of authorized interactions a subject can have with a resource. Examples include read, write, execute, add, modify, and delete.

Anonymity

The quality or state of being anonymous, which is the condition of having a name or identity that is unknown or concealed. [RFC2828]

Credentials

Data that is transferred to establish a claimed principal identity. [X.800]

Principal

A system entity whose identity can be authenticated. [X.811]

Proxy Server

A computer process that relays a protocol between client and server computer systems, by appearing to the client to be the server and appearing to the server to be the client. [RFC2828]

Security Architecture

A plan and set of principles for an administrative domain and its security domains that describe the security services that a system is required to provide to meet the needs of its users, the system elements required to implement the services, and the performance levels required in the elements to deal with the threat environment. A complete security architecture for a system addresses administrative security, communication security, computer security, emanations security, personnel security, and physical security, and prescribes security policies for each. A complete security architecture needs to deal with both intentional, intelligent threats and accidental threats. A security architecture should explicitly evolve over time as an integral part of its administrative domain’s evolution. [RFC2828]

Security Domain

An environment or context that is defined by security models and a security architecture, including a set of resources and set of system entities that are authorized to access the resources. One or more security domains may reside in a single administrative domain. The traits defining a given security domain typically evolve over time.

Security Domain

An environment or context that is defined by security models and a security architecture, including a set of resources and set of system entities that are authorized to access the resources. One or more security domains may reside in a single administrative domain. The traits defining a given security domain typically evolve over time.

Security Policy

A set of rules and practices that specify or regulate how a system or organization provides security services to protect resources. Security policies are components of security architectures. Significant portions of security policies are implemented via security services, using security policy expressions. [RFC2828]

Security Policy Expression

A mapping of principal identities and/or attributes thereof with allowable actions. Security policy expressions are often essentially access control lists.

Security Service

A processing or communication service that is provided by a system to give a specific kind of protection to resources, where said resources may reside with said system or reside with other systems, for example, an authentication service or a PKI-based document attribution and authentication service. A security service is a superset of AAA services. Security services typically implement portions of security policies and are implemented via security mechanisms. [RFC2828]

System Entity

An active element of a computer/network system. For example, an automated process or set of processes, a subsystem, a person or group of persons that incorporates a distinct set of functionality. [RFC2828]

Uniform Resource Identifier

A compact string of characters for identifying an abstract or physical resource.

Access

1. To interact with a system entity in order to manipulate, use, gain knowledge of, and/or obtain a representation of some or all of a system entity’s resources. [1] 2. in the system domain, what an End user does to a Web site using a browser, or what a Client does to a Web service; 3. in the business domain, what a Consumer does to a Web service or a Web site hosted by a Producer;

Access Control

Protection of resources against unauthorized access; a process by which use of resources is regulated according to a security policy and is permitted by only authorized system entities according to that policy.

Access Rights

A description of the type of authorized interactions a subject can have with a resource. Examples include read, write, execute, add, modify, and delete.

Account

The set of attributes that together define a user’s access to a given service. Each service may define a unique set of attributes to define an account. An account defines user or system access to a resource or service. A means of supporting a hierarchy of adaptations or properties related to portlet invocation for the consuming portal

Action

A notification that your state has changed.

Administrator

A person who installs or maintains a system (for example, a SAML-based security system) or who uses it to manage system entities, users, and/or content (as opposed to application purposes; see also End User). An administrator is typically affiliated with a particular administrative domain and may be affiliated with more than one administrative domain.

Anonymity

The quality or state of being anonymous, which is the condition of having a name or identity that is unknown or concealed.

Attribute

A distinct characteristic of an object. An object’s attributes are said to describe the object. Objects’ attributes are often specified in terms of their physical traits, such as size, shape, weight, and color, etc., for real-world objects. Objects in cyberspace might have attributes describing size, type of encoding, network address, etc. Salient attributes of an object is decided by the beholder.

Browser

A system entity that is used by an end user to access a Web site. A browser provides a run-time environment for distributed application components on the client’s device.

Client

a system entity (not a business entity) that accesses a Web service.

Company

The quick brown foxAny organizational entity

Consumer Application

A web application that uses one or more WSIA Web Services

Consumer

A business entity that accesses a Web service or a Web site. Contrast with End user and Customer A business entity creating Consumer Applications

Customer

A business entity that purchases goods or services

End User

1. A natural person who makes use of resources for application purposes (as opposed to system management purposes; see Administrator, User). [4] 2. A person who uses a device specific Browser to access a Web site

Event

A notification that some state in the system (that you are interested in) has changed

Host

to run an application on an execution platform, which typically consists of hardware and software

Identity

The unique identifier for a person, organization, resource, or service.

Login, Logon, Sign-On

The process whereby a user presents credentials to an authentication authority, establishes a simple session, and optionally establishes a rich session.

Logout, Logoff, Sign-Off

The process of presenting credentials to an authentication authority, establishing a simple session, and optionally establishing a rich session.

Party

Refers to any person who interacts with the system and/or the network the system is managing.

Producer

A business entity that hosts a Web service or a Web site One or more WSIA web services A business entity creating, publishing and supporting WSIA Web Services

Provider

A business entity that sells access to or use of Web services

Pull

To actively request information from a system entity.

Push

To provide information to a system entity that did not actively request it.

Role

The combination of access rights available to a particular actor.

Service

1. A specific type of resource that is not physically obtained by a user, but is accessed periodically by the user. [4] 2. See Web Service

Service Attribute

Characteristics or qualifiers of a service – which describe details like type of encoding, network address, mailbox size for email, storage space for backup, and so on.

Service Offer

The unique combination of service attributes and service options that is provisioned to an identity

Service Option

The choices available within a service – which could be custom configured by the service provider as opposed to a service attribute which is inherent to the service. For example, a Gold Option and a Silver Option – which have to be part of the provisioning data.

Service Provider

The organizational entity that provides the service

Session

A lasting interaction between system entities, often involving a user, typified by the maintenance of some state of the interaction for the duration of the interaction.

Site

An informal term for an administrative domain in geographical or DNS name sense. It may refer to a particular geographical or topological portion of an administrative domain, or it may encompass multiple administrative domains, as may be the case at an ASP site. one portal-specific example of an administrative domain, user group, etc.

System / System Entity

An active element of a computer/network system. For example, an automated process or set of processes, a subsystem, a person or group of persons that incorporates a distinct set of functionality.

Time-Out

A period of time after which some condition becomes true if some event has not occurred. For example, a session that is terminated because its state has been inactive for a specified period of time is said to “time out”.

User

A natural person who makes use of a system and its resources for any purpose [7]. See also administrator, end user. A natural person who makes use of a system and its resources for any purpose. See also end user.

Username/User Identity

The unique identity for a user with a system