Blueprints for implementing interoperable and secure web services are being amended by the Web Services Interoperability Organisation (WS-I) to incorporate the latest SOAP technology and reliable message transmission, representatives of the organisation say.
During a meeting at the Burton Group Catalyst Conference in San Francisco earlier this month, WS-I officials cited plans to upgrade the group’s Basic Profile and Basic Security Profile, and release a Reliable Secure Profile. WS-I profiles feature implementation guidelines on using related web services specifications together for interoperability.
Members of WS-I include BEA Systems, IBM, Microsoft, Novell, Oracle and Sun.
The industry has embraced the WS-I Basic Profile to enable interoperability of web services between different vendors’ products, says WS-I president and chairman Michael Bechauf. “The reception has been incredible,” says Bechauf, who also is vice president of industry standards at WS-I member SAP.
WS-I is working concurrently on two upgrades to Basic Profile, versions 1.2 and 2.0.
Due by the end of the year, version 1.2 adds support for SOAP-based attachments and WS-Addressing for addressing of web services and messages. Version 2.0, expected in 2008, changes the SOAP implementation from SOAP 1.1 to SOAP 1.2, promising performance improvements for embedded devices, WS-I officials say.
WS-I did not consolidate the two Basic Profile upgrades because switching SOAP versions requires a major upgrade to products.
Basic Profile 1.0 was published in August 2003 with version 1.1 following a year later. The advent of Basic Profile has had a positive impact on web services, says analyst Anne Thomas Manes, vice president and research director of Burton Group.
“Once that came out, a lot of our most egregious interoperability issues went away,” Manes says. Vendors began adopting it, and people followed these rules as systems were being developed, she says. Manes cites errors in WSDL 1.1 as an example of egregious errors that impeded web services implementation.
Basic Security Profile 1.1, planned for ratification by the end of 2007, includes capabilities for single sign-on for web services applications in multiple systems. This is accomplished through support for the WS-Security 1.1 specification, which backs new token profiles, particularly around XAML. WS-I is seeking five interoperable implementations of Basic Security Profile 1.1, which is a requirement for ratification.
Basic Security Profile 1.0 was published March 30.
With Reliable Secure Profile 1.0, also anticipated by the end of the year, WS-I is accommodating reliable transmission of messages. This differs from the Basic Security Profile, which covers encryption and signatures. Reliable Secure Profile will incorporate support for the WS-ReliableMessaging 1.1 and WS-SecureConversation 1.3 specifications.
At the conference, WS-I revealed plans to demonstrate the interoperability offered by Basic Security Profile, featuring technologies from IBM, Microsoft, Novell, SAP and Sun in a supply chain management application.
Also, a group of companies at the conference will be featured in an interoperability demonstration of the Extensible Access Control Markup Language 2.0 standard from OASIS. Among the participants are IBM, CA, Oracle and Red Hat.