Developers moving toward still-elusive goal of true interoperability.
Web services crossed key thresholds of enterprise acceptance during the last months of 2003, with corporate IT builders expressing dramatically greater interest in using the model for transactions up and down the supply chain as well as for in-house applications.
Last fall, Forrester Research Inc. found almost three-fifths of a sample of 75 large corporate sites planning customer service initiatives and more than two-fifths planning supply chain projects using Web services technologies. Crucially, the same study found comparable or greater percentages of these sites migrating customer and product/service data to XML-based formats, an important precursor to broader use of Web services models. Gartner Inc., of Stamford, Conn., went further, projecting that Web services would be the dominant modelused for at least two-thirds of all new development projectsby next year.
Conventional wisdom has been that outward-facing Web services would not gain momentum until key security issues were addressed directly by Web services standards.
This view failed to appreciate the strong value proposition of loosely coupled interactions among heterogeneous systems, according to John Lily, vice president and chief technology officer at Web services security company Reactivity Inc., in Belmont, Calif. "Theres a whole set of businesses whose reason for being is connection with others," Lily said, citing the use of Web services by transportation companies with many local partners and by financial services companies providing 401(k) and other services that companies want to integrate into their employee Web portals.
As for security, said Lily, theres no longer a notable difference between internal and external standards. At one company, he said, the labels applied to internal and external users were formerly "trusted" and "untrusted." Now, Lily said, the labels are "untrusted" and "hostile"a difference in degree rather than kind. Both inside and outside the firewall, he said, the default is moving from "grant unless forbidden" to "deny unless authorized."
In this environment, Web services are at no particular disadvantage, but their security improvement is the focus of considerable industry effort.
Next page: Services Destination
Peter Coffee is Director of Platform Research at salesforce.com, where he serves as a liaison with the developer community to define the opportunity and clarify developers' technical requirements on the company's evolving Apex Platform. Peter previously spent 18 years with eWEEK (formerly PC Week), the national news magazine of enterprise technology practice, where he reviewed software development tools and methods and wrote regular columns on emerging technologies and professional community issues.Before he began writing full-time in 1989, Peter spent eleven years in technical and management positions at Exxon and The Aerospace Corporation, including management of the latter company's first desktop computing planning team and applied research in applications of artificial intelligence techniques. He holds an engineering degree from MIT and an MBA from Pepperdine University, he has held teaching appointments in computer science, business analytics and information systems management at Pepperdine, UCLA, and Chapman College.