It only took about two business days for Oakville, Ont.-based developer Logistics Technologies to integrate package tracking from Yellow Transportation into Shipment Commander software, according to development tool supplier Magic Software. Application logic published by Yellow Transportation as
a Web service provided the basis for the speedy implementation, making Shipment Commander the first product to successfully interface with that tracking module.
The Web services vision has been ambitious from the start: a vision of applications built of individual task modules “”discovered”” on the Web and used (“”consumed””) through the standards around XML, UDDI and SOAP — infinitely reusable code, eliminating the need to reinvent IT wheels.
Thanks to Web Service Description Language(WSDL, a Web service is self-describing, and thanks to Universal Description, Discovery and Integration (UDDI) registries, it can easily be published so others can find and incorporate it into their applications.
According to IDC, approximately 3,300 Web services-based projects were implemented in North America last year, and the spending on related professional services will break the billion dollar (US) mark this year. It expects an increase of 146 percent next year, to US$2.7 billion.
And that’s just the tip of the iceberg. In total, IDC sees hardware, software and services revenue hitting US$21 billion south of the border alone by 2007, peaking at US$27 billion in 2010.
At the moment, however, the hype is ahead of the capabilities, according to John Donaldson, business unit executive for WebSphere software at IBM Canada. “”Over the next 12 – 18 months, we will see more extranet and business to business implementations of Web services,”” he said. “”Then we’ll see public consumption of the services a year later.””
Dimitri Sirota, vice president of marketing and co-founder of Vancouver-based Layer 7 Technologies, agrees. “”We’re seeing a lot of large and mid market enterprises beginning the process of researching the architecture, and to a lesser extent, deploying it,”” he said. “”My suspicion is that in the coming year to year and a half, almost every integration project will be with Web services.””
But this doesn’t mean everyone understands the technology. “”There was a lot of confusion around what Web Services really are,”” said Ben Watson, Microsoft Canada’s senior product manager for Web services. “”(In an IDC study) more companies planned to adopt Web services than knew what they were! It’s like any early technology – there’s always a certain amount of confusion, a certain amount of fear.””
Not ready for prime time?
There is also some doubt Web services are ready for the enterprise, according to Dmitri Tcherevik, divisional vice president, office of the CTO, at Computer Associates. Issues like standards, security and manageability still stand in the way of wide deployment. “”These three must be controlled before Web services are ready for prime time,”” he insisted.
Added Layer 7’s chief technology officer and co-founder Toufic Boubez, “”The technology for building Web services is well understood, and the tools are available. The technology for connecting services together, and securing services, is less well understood. The most fundamental question in Web services today is, how do I connect a service so it’s secure? The concept of trusting just any service on the Web is far-fetched.””
We might think that these vendors, who offer products to address just these challenges, are speaking purely out of self-interest, but Waltham, Mass.-based analyst firm ZapThink, which specializes in the XML and Web services market, concurs. In an article in its e-mail newsletter, ZapFlash, senior analysts Ronald Schmelzer and Jason Bloomberg stated, “”(In 2002) much of the to-do about Web services was more hype than substance. The fact of the matter is, Web services adoption hit a series of roadblocks in 2002, and more are yet to come . . . IT organizations realized that they had to overcome critical security and management challenges before their Web services implementations would meet broad enterprise needs.””
Lack of maturity
In fact, 52 percent of respondents in a February 2003 poll conducted by Peerstone Research cited lack of mature security standards as a major obstacle to the deployment of Web services, and a further 43 percent said it was a minor obstacle.
Still, said Glenn Johnson, director of marketing for Magic Software, “”Security is the responsibility of the people implementing the Web services. If the application is poorly written, there is risk. The question is, can they trust a Web Service created by someone else – that’s where the real challenge lies ahead.””
“”There are a number of ways to address security,”” added Shawn Cruise, regional director, NetManage Canada. “”Web services don’t necessarily change it, or add an extra layer of security to the environment. Most companies have already implemented some sort of Web-based access control.””
“”It’s easy to control security inside the firewall,”” noted Donaldson. “”It’s a different story outside the firewall. All of the security standards around public directories are still to be developed. We need to work through these issues as an industry to protect our customers.””
Watson suggests that there are actually three phases in the adoption of Web services, each building on its predecessor.
The first is building services inside the firewall to integrate existing applications. Watson cited Canadian research that says almost half of companies are planning to develop strategies in this area.
It takes two and three
The second phase occurs when companies consume Web services from outside the firewall. Operations like currency conversions, for example, are ideal for implementation as Web services. Microsoft plans to offer its Passport authentication as a Web service, saving companies the bother of building their own.
The third phase, Watson said, is when Web services begin to touch users through their connected computers, PDAs and mobile phones. Based on who they are, and how they’re logged in, they will be able to receive personalized information through the technology.
However, he cautioned, “”It has a long way to go.””
But while vendors talk about the importance of standards in Web services, the development of those standards is being hampered by infighting between industry groups. Both the Organization for the Advancement of Structured Information Standards (OASIS) and the World Wide Web Consortium (W3C) are working on standards in various areas of Web services, and recently Microsoft, BEA Systems, SAP and IBM submitted a proposal to OASIS for Business Process Execution Language (BPEL), which would help automate business processes via Web services.
The W3C’s WS-Choreography group is working on a similar standard, and analysts fear that the industry will end up with two incompatible standards. ZapThink’s Schmelzer said in an interview on internetnews.com: “”It is not at all okay for standards organizations to compete and to have ‘camps’ of standards organizations. It’s detrimental to the industry and of course adoption of Web services. So, what is needed is some sort of agreement about what various groups will handle. If not, we’ll continue to find vendors working one standards or against another to no one’s real benefit.””
Meanwhile companies, and the VARs and ISVs that serve them, are struggling to develop and implement Web services-based applications and they too are facing standards choices. Chief among them is the selection of platform – do they go with Microsoft .NET or adopt Java2 Enterprise Edition (J2EE)?
Half and half
Johnson thinks both will be pres