IBM backs Microsoft

Microsoft Corp. hopes to clean up how businesses communicate on-line with its own brand of SOAP.

The Simple Object Access Protocol 1.1 developer program is an open standards-based interoperability protocol that uses Extensible Markup Language (XML) as a means of providing a common messaging format linking any applications and services anywhere on the Web.

SOAP consists of three parts: it defines an overall framework for expressing what is in a message, who should deal with it, and whether it is optional or mandatory; it provides encoding rules defining a serialization mechanism that can be used to exchange instances of application-defined data types; and it defines a convention that can be used to represent remote procedure calls and responses.

Co-developed with Userland Software Inc. and IBM Corp., Michael Flynn, developer tools marketing manager for Microsoft Canada in Mississauga, Ont., said the latest version of SOAP answers the problems businesses face over competing programming models.

“It provides a transparency between application models,” Flynn explained. “This version is more extensible than our previous versions…a huge amount of companies have said SOAP is the right protocol.”

Sun Microsystems and Oracle support their own proprietary models based on the Java programming language and the Common Object Request Broker Architecture (CORBA). SOAP could serve as a common communications format that would link the various models together allowing businesses to conduct e-commerce-related transactions regardless of which model they’re operating on, he said.

“You could have two different platforms each with its own component, each running on its own application,” Flynn said. “It’s pretty damned powerful and easy to implement.”

While the original version of SOAP was exclusively designed by Microsoft, version 1.1 features input from IBM and subsidiary Lotus Development Corp. – something of a surprise since IBM had allegedly been critical of what it called Microsoft’s lack of commitment to pure XML standards.

Be that as it may, IBM, Ariba, Commerce One, Compaq, Hewlett-Packard and SAP joined Microsoft when it submitted the technology to the World Wide Web Consortium (W3C) for consideration.

When the software giant originally unveiled the technology in October 1999, IBM executives reportedly said that SOAP too closely favoured Microsoft technologies over industry standards, and said it should have originated from a standards organization, not from Microsoft. Version 1.1 – the third rendition of SOAP – is more compliant with XML standards and it is based on a loosely-coupled architecture. Unlike previous incarnations, Version 1.1 can ride on top of other protocols.

David Smith, an analyst with the Stamford, Conn.-based Gartner Group, said IBM’s support for SOAP lends instant credibility.

“IBM claims they were never openly critical of it – I think Sun Microsystems has been more critical of it than IBM,” Smith said. “IBM was in a position whereby they could influence Microsoft to deal with their major issues…such as the program uses transports other than HTTP, like IBM’s MQSeries.”

One of the more important changes in the latest version of SOAP includes the ability to not only exchange data over the Internet but through other technology, such as messaging software.

However, Kate Fessenden, an analyst with the Aberdeen Group in Boston, expressed concerns over SOAP’s security.

“SOAP has been notorious for not being secure,” she said. “I don’t think IBM eases the perception of SOAP at all. Do you want your business applications to be in clear text as they go across the Internet?”

But Smith countered that some things are naturally insecure.

“I don’t think [text over the Internet] much of an issue,” he said. “There’s no reason you can’t encrypt the information…it implies nothing done over the ‘net is in plain text.”

Added Flynn, “That’s nonsense, there are a number of different ways to secure (the information), by logging onto our platform there’s security at that level. [Our] security capabilities include firewalls and a Microsoft proxy server, in addition to other folks’ having their own firewalls and proxy servers.”