Web Services - Knitting with Style

Speech for Web Services Development Summit - London.

If you happen to follow what I write, then you’ll know that I’m a confirmed techno-cynic. After almost twenty years of following and researching almost every roller-coaster-like innovation in software since the good old days of DOS and CPM, experience tells me that if a new product or a new standard sounds too good to be true, then it probably is and business will have to pick-up the bill until such a time as the problems are ironed out. Only last month, one well-known industry figure told me, that in his opinion, UK business is wasting approximately £20 billion each year on IT project that fail or that are simply not fit for purpose.

Today, it’s time to take a hard look at the claims being made for Web Services. They are of course the next ‘Big Thing’ following on the heels of Linux and ASP (Applications Service Provision) and the potential market for this next wave in technology which will allow different websites to integrate their business processes in many different and intelligent ways, is valued in the hundreds of millions or billions, depending on which analyst group’s opinion you subscribe to. One of the largest, IDC predicts that the total software, services and hardware opportunity derived from Web services would climb from $1.6 billion in 2004 to $34 billion by 2007.

As we all know Web Services is a grander way of describing the knitting of applications and disparate systems together with Internet (IP) standards, relying on XML as a language for tagging data. "Web services are reusable software components, which rather than requiring programmers to write one start-to-finish set of instructions after another, the component-based model allows developers to reuse the building blocks of code created by others to assemble and extend them in new ways and opens up a world where we are able to share and request information in ways we never could before we never did before because it is designed to solve existing back-end integration and automation challenges

The evolving nature of the Web Service business can be broadly split into two camps, as it ever was in this industry. There’s Microsoft, which created SOAP, (the Simple Object Access Protocol), and the others, a group called the Liberty Alliance which doesn’t wish to hand the future over to Microsoft on a plate.

The others and in particular, Sun Microsystems, were reluctant to see Microsoft dominating the development agenda through its web services project Hailstorm and its single sign-on software Passport and so the Liberty Alliance, whose members viewed Microsoft's plans to become as the sole owner of a centralised authentication system on the web as an anathema, was formed to promote an open view of web services.

A decade ago, business embraced clunky, client-server technology and tomorrow, we’re promised a geographically dispersed mix of Applications Servers and Web clients, which will seamlessly and transparently move business processes around the Internet, in a manner that will address every conceivable transactional relationship. Hiding under the bonnet this has the Simple Object Access Protocol (SOAP) as a standard for transferring the data and something called the Web Services Description Language (WSDL) an IBM and Microsoft-backed XML format for describing network services. Finally, we have (UDDI), the Universal Description, Discovery, and Integration standard which describe where these services are located.

Most recently, middleware heavyweight, BEA systems and Microsoft have cooperated on the development of three new specifications to address transacted communications and a new language to describe business processes. One of these, named, ‘BPEL4WS’, is designed to allow companies to describe complex business processes that can span multiple companies, such as order processing, lead management and claims handling.

The key expressions that lie behind the evangelical ‘Hype’ of the Web Services industry are ‘integration’ and ‘streamlining’. Two years into the 21st century, applications still take too long and cost too much to integrate into legacy systems and high-profile government failures are an excellent example of the many promises falling short of the harsher realities in this business. As more companies attempt to integrate their supply chain, through linking their own infrastructure with those of clients or partners outside the firewall, they discover that conflicting standards get in the way. As a consequence, the ‘dynamic’ streamlining of middleware integration, promised on behalf of Web services is supposed to eliminate any requirement for the customized coding and re-coding of business processes or an understanding of another company’s infrastructure, looks very much like the Holy Grail of IT.

Database giant Oracle is launching a concerted effort to attract industry consensus on a Web services specification for standard XML-based mechanisms for business-to-business collaboration across supply chains on the Internet. It is lobbying W3C, the World Wide Web Consortium to form an industry-wide working group to guide the development of standards, in order to develop what’s described as “A unified choreography language” on WSDL, the Web Services Description Language. In theory of course, Web Services are all about the vendors cooperating on a common set of standards and the industry is grappling with a number of separate proposals from IBM, Microsoft, BEA Systems and Sun Microsystems.

Such cooperation rather implies that the proprietary evils which have locked business into one vendor or another will become a thing of the past. But in practice, don’t be so sure about this, as it’s rather like this government living up to the ‘Freedom of Information Act’ in its manifesto.

At this time, the Web Services industry is immature and many potential customers will have learned a great deal from the overblown promises of the ASP industry two years ago. Most analysts would agree that Web Services are not yet ready for mission critical projects and larger companies should think of throwing out their traditional EDI (Electronic Data Interchange) systems for a while yet. In IDC's opinion, Web services will go through a three-step evolution.

“First, Web services will be deployed within the firewall and this will happen from now until 2003. During this period, there will also be a lot of development work going on”.
“As the technology becomes more mature and more vendors become conclusive about similar standards of interoperability, companies will extend Web services to partners and customers in 2004.”

“Between 2005 or 2007, we will probably see some subscription-based services, casual ad-hoc use of the services and even new business models being generated as Web services adoption become widespread. The use of Web services by then, would also be extended beyond the traditional devices to include wireless”.
In fact, IDC doesn’t see the movement reaching its full potential before 2008 and one analyst from the Aberdeen Group has said that: “I think it's important to realize that these standards are fresh, not fully cooked and there are needs for more standards”.

In the opinion of the Giga Group:
“Effective sharing of information in a network of related entities is highly dependent on the use of common technology and interfaces. Therefore, any organization able to support Web Services internally would still find it difficult to deploy across its value chain, as it is unlikely that this capability would be universally adopted by its trading partners for quite some time. The impact of this phenomenon will vary by vertical industry, with some, such as financial services and travel services, implementing service-oriented architectures that will drive higher levels of Web Services adoption and result in a critical mass of users in these sectors. However, Giga is not as optimistic that Web Services will be widely adopted in other sectors in the near future”.

The greatest problem of all still remains that of security when large amounts of sensitive data are being shared between companies over the Internet. Microsoft was taken to task in August by the FTC over inflated claims involving Passport and the privacy/security dilemma is still a very long way from being solved to everyone’s satisfaction. Without this, the industry remains constrained in what it can achieve, and there is no real consensus on what the problems are, the framework for security provision and how the many individual efforts might fit together.

One example of the relatively unsophisticated nature of the market can be seen in the release of Amazon's new web services APIs (AWS) permit third party developers to access its business using either SOAP or XML over HTTP protocols but it remains very limited. Developers can't use the API to add content to Amazon.com in the form of reviews or lists and are limited to one call per second, or transactions no greater than 20k.

It is however important, not be dazzled by evidence of cooperation between vendors in the support of the ‘common’ standards mentioned earlier. Web Services represent the lower level detail, the DNA of IP connectivity but building and integrating a complex business process, rather like creating a dinosaur in Jurassic Park, requires rather more than joining strands of DNA together. While the industry can’t evolve without agreement over the middleware detail, there’s no real evidence that by simply exposing one’s data and business process to a Web Services architecture, it will result in the magical appearance of much bigger business applications, such as financial services portals, without the assistance of very specialized and arguably, very expensive applications integration software.

Today's era of XML web services is coming to an end in the minds of leading strategists at Microsoft and IBM. Speaking at the XML Web Services One conference in Boston, Don Box, Microsoft architect and Simple Object Access Protocol (SOAP) co-author, has stated "We have a couple more years of plumbing work, but after that we move on to applications,"

According to Simon Holloway, the Business Solutions Manager at Sun Microsystems, the potential of Web Services lies in solving: “Self service applications, rather like home banking where a customer might manage some part of his personal details and the bank provides the transactional element of the relationship”. At Sun, we are now starting to explore the second layer of Web Services, which are identity management, security, business process management and the developer set, so we are now trying to understand how to develop and exchange business processes using these standards”.
If the vendors are working on the lower level details, as reflected by the appearance of standards, then where do they make their money and will Web Service really open-up an industry that constantly strives to lock its customers in to proprietary solutions or services? Simon Holloway believes that in Sun’s case, “It will drive its future revenue from the products that it has and will create to support the Web Services standards. Customers won’t be locked in and will still have the same choice, as you might have in buying a portal product, from a particular vendor, which, in turn, will sit on top of the standards that are now appearing. If you don’t like the portal solution then you should be able to move to another from a different vendor but in certain circumstances, which will of course be determined by the manner in which the organization in question has implemented those standards”.

The catch of course lies with those “certain circumstances”, because it implies that Web Services are rather more than plug and play and that the implementation process can lock you in to a vendor or solution in a repeat of the Client-server experience of the past. Customers need solutions that are multi vendor, interoperable and not driven by one or two of the larger vendors – think Microsoft’s .Net or SunOne - and they need to have the option of being able to switch vendors if they ever need to. Portability, vendor independence and interoperability might be promised but like freedom of information, we may have to wait a long time before we see it Déjà vu as I’m sure you’ll agree?

To quote one analyst: “If you build your Web services-based applications using their portal servers or application frameworks, you're locked into them in much the same way that customers were locked into MVS 40 years ago, and Windows 20 years ago, and are just beginning to escape now. In other words, you're driving the Pontiac for life”.

But being cynical shouldn’t stand in the way of progress. Like Java in the past, Web Services will have an enormous impact on this industry and what one shouldn’t do is ignore the inevitable. It may not be ready for distributed mission critical applications but it’s appropriate to experiment with smaller pilot projects inside the firewall to see how the technology ‘Knits’ the services and applications together. Just remember that we are in the middle of an IT recession and that the larger vendors need new sources of revenue to boost disappointing quarterly results. As a consequence, business should be wary of this new technology being oversold prematurely and while continuing to observe emerging Web Services industry with interest, shouldn’t rush to be a first mover until it becomes less of a magic wand and more of a solid proposition.


Popular posts from this blog

Civilisational Data Mining

The Nature of Nurture?