Web apps need standards

Integration and open standards empower web services, says Mike Lucas.

New Asset  
Integration and open standards empower web services, says Mike Lucas.





Since the world wide web took off a decade ago, businesses have been using the internet to get closer to their stakeholders: shareholders, employees, customers and partners.

Web services offer the opportunity to design, develop and build a new generation of integrated applications based around open web standards.

For businesses, the benefit of converting traditional paper-based processes into web-based electronic ones and streamlining core business processes is enormous, both in cost and time savings. Until now, the biggest barrier to adopting web services has been the lack of open security standards.

The Web Services Security (WS-Security) specifications, a set of commonly agreed and defined security techniques and algorithms, have been defined by the Organisation for the Advancement of Structured Information Standards (Oasis). These specifications, due to be ratified early in 2004, are supported by suppliers such as Microsoft, BEA and Compuware.

WS-Security will be the first standards to support, integrate and unify multiple security models, mechanisms and technologies, ensuring the highest levels of security. However, it is essential that suppliers fully comply with and apply the standard - no proprietary tweaks or failure to implement the tricky bits - otherwise interoperability and the security between disparate systems and platforms may be compromised.

On their own, web services, even with security standards, only solve some of the technological problems of platform incompatibility and distributed computing systems. Potentially they could end up building their own web of interdependencies, leading to logistical nightmares for IT managers.

If they are to be successfully implemented, web services need to be developed within a framework that unites the business model with the applications that provide the desired functionality - a service-orientated architecture.

This is important in the development of web services because it incorporates structural features that delve deep into the corporate IT system.

The strengths of web services lie in allowing functions to be made public. Without a service orientated architecture IT systems and web services become a collection of disjointed and uncohesive packages and functions consuming increasing resources for maintenance and development.

By using web services that conform to the Oasis-defined security standards and a service orientated architecture, organisations will be able to integrate disparate systems within a scalable architecture that can create a single coherent and secure system to handle every link in the communication chain, creating a technology that will truly change business operations.

Mike Lucas is regional technology manager at Compuware

Read more on Web software