Time to plan your Web services
Tim Landgrave
Published: 08 Aug 2002 14:05 BST
Of course, no significant deployment of Web services will take place until security and reliability standards are agreed upon and integrated into development tools, operating systems, and application servers.
The work on security standards development moved one step closer recently when the Organisation for the Advancement of Structured Information Standards (OASIS) formed a technical committee to review the WS-Security specification championed by IBM, Microsoft, and other members of the Web Services Interoperability (WS-I) group. OASIS also has a working group focusing on the development of Security Assertion Markup Language (SAML), designed to standardise the definition of credentials used to pass between Web services. With these two key specifications being reviewed under the OASIS umbrella, I expect for many of the Web services security issues to be resolved by early 2003. Development toolsets and operating systems from Microsoft, IBM, and Sun will be revved up in early 2003 to reflect these changes, making it possible to deploy secure Web services by next summer.
Begin your planning now
Given that the first real opportunity to deploy secure, externally accessible Web services isn't until next summer, what can you do now to get ready? First, follow the lead of companies like Amazon and Google by figuring out what corporate data you should be making available as public, read-only data. For example, if your company has product information, support data, or other information that's of use to your customers, figure out how to allow them to access the data programmatically rather than having to slog through your Web site to find it.
Second, begin piloting a secure Web services application with key customers or partners using existing Internet technology like SSL or certificates to secure the connection. The information you learn from going through the process will prepare you to ask the right questions when it comes down to integrating new security standards from OASIS when they're finally released.
Third, have someone on your team start research now on the standards development process for Web services. This same person should be responsible for tracking vendor participation and implementation of the standards.
By getting involved now, you'll be able to make an intelligent choice about which development tools and platforms you can use to deploy your first truly interactive, secure, and reliable Web services by the end of 2003. The companies who make early investments in this technology will be the ones who benefit the most from its adoption.
At some point in the future, the number of Web services connections you maintain will be in direct proportion to the revenue you're able to generate. The earlier you start enabling those connections, the more likely you are to be able to generate more.
Have your say instantly in the Tech Update forum.
Find out what's where in the new Tech Update with our Guided Tour.
Let the editors know what you think in the Mailroom.
Previous
Did you find this article useful?
70 out of 151 people found this useful
- Share this article:
