Web Services Acronyms, Demystified
January 9, 2002
In many cultures, the end of the year is a time for review and contemplation. Most of my work is related to Web services, and it should come as no surprise that I would like to take a look at the latest developments in that field. More than twenty acronyms related to Web services came to light during 2001, and in this article I present a quick guide to the protocols and the specifications behind them, including a description of how they relate to each other and where each sits on the Web services landscape. Some of those acronyms are scrutinized in O'Reilly's recently published Programming Web Services with SOAP, which is a complete guide to using SOAP and other leading Web services standards, including WSDL and UDDI. This book is a good resource for more information on the concepts touched on in this article (shameless disclaimer: I'm one of the co-authors).
The Web services architecture is implemented through the layering of several types of technologies. These technologies can be organized into the following four layers that build upon one another:
Each layer of the Web services stack addresses a separate business problem, such as security, reliable messaging, transactions, routing, workflow and so on. Addressing the need for standardization in this field, several players have come up with a set of specifications that serve as the foundation for their own versions of a comprehensive Web services architecture: Microsoft with its "Global XML Web Services Architecture", IBM and the Organization for the Advancement of Structured Information Standards (OASIS) with the "Web Services Component Model" (WSCM), Sun with its "Open Net Environment" (SUN ONE) and HP with its "Services Framework Specification".
Let's wade through a bit of the acronym soup first to get a sense of the breadth and scope of the proposals floating around right now, and then we'll map those protocols to the architecture stacks being pushed by some of the companies.
(Direct Internet Message Encapsulation)
A lightweight, binary message format designed to encapsulate one or more application-defined payloads into a single message construct;
- HTTPR (Reliable HTTP)
A protocol that offers the reliable delivery of HTTP packets between the server and client;
Packaging and Extensions
- SOAP (Simple Object
A lightweight XML-based protocol for exchange of information in a decentralized, distributed environment;
(SOAP Security Extensions: Digital Signature)
A SOAP extension to use XML Digital signature syntax in SOAP messages;
- SWA (SOAP
Messages with Attachments)
A binding for SOAP message to be carried within a MIME multipart/related message;
- WS-License (Web Services License Language)
A SOAP extension for the description of encoding commonly used license types; specifically, X.509 certificates and Kerberos tickets, as well as arbitrary binary credentials;
- WS-Referral (Web Services Referral Protocol)
A SOAP-based protocol that enables the routing strategies used by SOAP nodes in a message path to be dynamically configured;
- WS-Routing (Web Services Routing Protocol)
A SOAP extension for routing SOAP messages in an asynchronous manner;
- WS-Security (Web Services Security Language)
A SOAP extension that enable secure interactions between Web services providing credential exchange, message integrity, and message confidentiality;
- WSCL (Web Services Conversation Language)
An XML format for the description of the sequences of legal message exchanges (interactions) that Web services can exchange;
(Web Services Component Model)
A component model that defines mechanism for packaging the display components of a Web service;
- WSDL (Web Services
An XML format for the description of network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information;
(Web Services Endpoint Language)
An XML format for the description of non-operational characteristics of service endpoints, like quality-of-service, cost or security properties;
(Web Services Flow Language)
An XML format for the description of Web Services compositions that specify usage and interaction patterns;
- WSML (Web Services Meta Language)
An XML format for the description of the information that maps the operations of a service to specific methods in the COM object;
(Web Services Experience Language)
A Web services centric component model for interactive Web applications;
- WSUI (Web Services User Interface)
A component model for adding presentation and multistage interaction to XML and SOAP-based network services;
(Web Services for Business Process Design)
An XML format for the description of message exchange behavior among participating Web services;
- UDDI (Universal Description,
Discovery and Integration)
An XML-based framework to enable businesses to discover each other, define how they interact and share information in global registry;
- USML (UDDI Search Markup Language)
An XML-based protocol for carrying a search request, including multiple queries, key words, UDDI sources, and aggregation operators;
- WS-Inspection (Web Services Inspection Language)
An XML format for assisting in the inspection of a site for available services and a set of rules for how inspection related information should be made available for consumption.
As you can see, the picture is quite complex! To make things even more confusing, some of these specifications define extensions for SOAP messages (WS-Routing, WS-Security, WS-License and SOAP-DSIG), some define packaging format (SWA, DIME), some define SOAP-based protocol (UDDI and WS-Referral) or XML-based protocol (USML), and others define an XML format for service description or orchestration (WSDL, WSEL, WSFL, WSUI and the rest).
Now for the most interesting part: how do all of these acronyms fit into the big picture? Let's look at a couple of the architecture stacks that are being promoted.
HTTPR brings reliability for HTTP transport, so any SOAP interaction built on top of it will benefit from transport reliability in a way that doesn't require any changes to the framework. The same result can be achieved using MQSeries or other reliable transports.
The combination of the WSDL, WSEL and WSFL specifications implements three levels of functionality, required to support business processes and workflow: description of services (WSDL), non-operational characteristics (WSEL), and interaction and composition of services (WSFL).
WSCM and its sub-proposal WSXL address how Web services are componentized. "IBM is pleased to contribute WSXL to be considered as part of WSCM," says Bob Sutor, director of e-business standards strategy at IBM. "As an XML and Web services-centric component model for interactive Web applications, WSCM will enable businesses to more easily distribute those interactive Web applications through multiple channels. It will also help create new ones by leveraging existing resources across the Web. IBM is a longtime supporter of OASIS, and we're very happy to have the opportunity to chair the OASIS WSCM Technical Committee."
UDDI and WS-Inspection complete the stack, allowing the query of public or private repository for available services based on business or technical criteria (UDDI) or the query of a Web service provider for range and characteristics of available services (WS-Inspection). WS-Inspection, introduced by IBM and Microsoft, superseded two other standards from those companies: DISCO (Microsoft) and ADS (IBM).
Now, on to Microsoft's view of the Web services world:
Microsoft published several specifications that define packaging and extensions. For example, the DIME specification defines a binary packaging format, as an alternative for MIME-based SOAP with Attachments (SWA). A group of SOAP extensions (WS-Security, WS-License and WS-Routing) are integrated as part of Microsoft's Global XML Web Services Architecture. Keith Ballinger, program manager in Microsoft, pointed out to me that those are not really acronyms, however for the sake of completeness we will also cover them here. WS-Security (similar to SOAP-DSIG) defines how to use XML Signature and XML Encryption specifications in SOAP messages. WS-License works in combination with WS-Security and defines how digital credentials and their semantics can be associated with SOAP messages. WS-Routing (formerly SOAP-RP) describes how to enable SOAP messages to travel across multiple destinations along a message path. WS-Referral is a protocol that enables the routing between SOAP nodes to be dynamically configured.
The description layer consists largely of three specifications: WSDL, WSML and XLANG. WSDL defines service description, XLANG defines message exchange behavior from the business perspective and WSML defines the mapping between Web service functionality and the methods of a COM object behind it.
Other companies and groups are also backing their own specifications in addition to the widely supported ones like SOAP, SWA, WSDL, and UDDI. United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT) and OASIS sponsor ebXML, a modular suite of specifications that uses SOAP and SWA for their Messaging Service, but has their own specifications for description and discovery layers: Collaboration Protocol Profile (CPP) for description and ebXML Registry Service for discovery. HP has WSCL as part of their Services Framework Specification that addresses problems in the same domain as XLANG and WSFL.
Several pieces like transaction support and management interfaces are still missing, so we may expect new specifications coming into existence during the next year. Expect to see even more acronyms. All these moving pieces sometimes make me nostalgic for XML-RPC.
- OASIS, IBM: Web Services Component Model (WSCM)
- Sun: Open Net Environment (SUN ONE)
- HP: Services Framework Specification
- Microsoft: Global XML Web Services Architecture
- UN/CEFACT, OASIS: ebXML
O'Reilly & Associates recently released (December 2001) Programming Web Services with SOAP.