Web services: companies keep it simple

Many of the standards are still being ironed out, and customers may not be taking full advantage of the technology, but experts say Web services is nonetheless becoming a quiet but important player in the IT scene.

For those unfamiliar with the term, Web services is a means of integrating Web applications in a standardized way using agreed-upon industry standards. Among the more important are Extensible Markup Language (XML), which tags data, and Secure Object Access Protocol (SOAP), which enables the data to be transferred.

Much of the work occurs behind the GUI applications interface and companies can share their business logic across any platform. Thus an invoked “service” or application can, in theory, be used across a supply chain without concern.

Although it is finding traction in the Canadian market, organizations aren’t taking an ambitious approach to Web services, according to one research firm.

IDC Canada Ltd. says the bulk of projects in Canada are made up of simple and narrowly defined integration initiatives, or “projects that aren’t relying on someone outside the firewall,” said Warren Shiau, Toronto-based software analyst at IDC.

The firm divides Web services projects into three tiers – the first being focused on intranets. Approximately one-quarter of Canadian Web services users are working in this stage. The second are those deployed over an extranet, a project another quarter have under “consideration.” The third are those projects focused on the Internet, or the full scope of Web services.

But it’s in this area that the number of projects drops off steeply. “There’s lots of concern,” Shiau explained. “Standards issues need to be addressed.”

Ben Watson, senior product manager for Web services at Microsoft Canada Co. in Mississauga, Ont., said most of the projects he sees are “proof of concept” in nature. But he said the trend of starting small and tentative makes sense.

“If I was doing it, I would take a simple project first,” Watson said. He pointed to the banks as aggressive early adopters, building Web services to tie into legacy applications. Still, “we’re just beginning to see the first public-facing Web services,” he added.

One of the original designers of Web services specifications said the technology is far from mature. “Five years from now people won’t be using this term,” said Toufic Boubez, former chief architect of IBM’s Web services initiatives, co-author of the UDDI API specification and now chief technology officer of Layer 7 Technologies in Vancouver. That’s because Web services were never meant to be a visible technology, akin to HTTP.

Boubez said the way organizations are using Web services now, as a less expensive form of middleware, is a detour from the original concept, which was to promote applications, de-coupled from business logic, flowing freely between partners.

“People are responding a little bit negatively to the hype. I think that’s affecting things.”

They’re also waiting for some standards issues and questions over security to be resolved. But the latter point, Boubez said, is well on its way to resolution. In fact, he said he helped launch Layer 7 last summer in part to address the security concern. Layer 7 is about to launch Trust Foundation, a solution that helps developers design and manage security between shared services and their authorized users. It also manages user credentials, security keys and access rules.

However, there’s “too many standards right now,” Shiau said. He said standards bodies, such as the Web Service Interoperability organization and the World Wide Web Consortium, must continue to develop and refine to make Web services more attractive.