Bumpy road for Web services

Anyone who pays attention to corporate IT knows that there’s a long, winding road between the first claims that a technology will transform the way business works and the point at which we see the technology actually working in business.

That’s partially because in the world of technology, hype outstrips performance almost every time. But often, more constructive forces are at work that must play themselves out as well.

Take Web services. You can read about them almost every week in the IT trade press and, with remarkable frequency, in the general business press. What you can’t read about very often are actual implementations in companies that trust Web services for key functions. The reason is simple: There aren’t many such deployments.

It’s clear that for vendors, Web services are a done deal. The heavyweights -companies such as Microsoft Corp., IBM Corp., BEA Systems Inc. – are up to their usual schizophrenic antics, muscling one another out of the way when they can, forming partnerships to tackle common problems when they can’t. They’re currently joining together to promote the development of urgently needed standards to bolster the security and reliability of Web services. And like tick birds on the backs of rhinos, the smaller vendors keep up their side of the relationship by generating Web services applications as they ride on the momentum of the big boys.

But somehow, the corporate users out there haven’t gotten the message that Web services are inevitable and indispensible. Those attending a recent Gartner conference in Chicago were no more than tepid about bringing Web services into their shops, especially for the purpose of enterprise application integration (EAI). Isn’t EAI supposed to be the sweet spot for Web services, the way the technology will prove itself once and for all and earn the confidence of Fortune 1,000 users?

Maybe, but those IT managers in Chicago told Computerworld that they weren’t about to take chances on Web services for mission-critical integrations, especially those that require high security or are transaction-intensive. “The standards aren’t there yet,” was the flat assessment of a senior technical designer at U.S. Steel.

He was specifically referring to Web services security, but he might have been talking about almost any aspect of the technology. And the problem is more complex than the admittedly difficult task of building confidence in the corporate IT community. Web services remain lost in a fog of confusion about what they really are.

Last September at the XML Web Services One Conference in Boston, a presenter got a laugh with the line, “Ask five people to define Web services, and you’ll get six definitions.” It was refreshing to find a speaker at an industry event acknowledging that the experts are sometimes as befuddled as corporate IT is about the exact nature of Web services.

At that conference, Computerworld reporter Carol Sliwa followed up by asking five high-ranking computer scientists from companies such as IBM, Software AG and a respected Gartner analyst to define Web services. The result was – you guessed it – six different definitions. Sure, there was overlap, but there was also enough inconsistency to suggest that there’s an unsettlingly elusive quality to this latest set of transforming technologies.

Which is why Web services technology desperately needs the sturdy framework of standards that appears to be several years away. The foundation of XML, SOAP, WSDL and UDDI are a start, and they’ve enabled plenty of Web services applications to come to market. But the difficult process of trying to sell the technology has the beneficial effect of exposing what needs to be done.

IBM, Microsoft and VeriSign are now pushing WS-Security and all its follow-on specifications, which will define security and privacy policy implementation and trust relationships. BEA and Microsoft are behind the creation of Business Process Execution Language for Web Services, a potentially significant step toward making Web services ready for prime time.

Which gets us back to that long road between initial hype and widespread acceptance into business. We’ve been hearing so much about Web services for so long, it’s hard to remember that the technology is just developing. The path into corporate IT shops will be paved by technical refinements and conform to a map provided by mature standards. But the journey will take a while. Web services are going to be the next big thing for a long time.