WS-I adding to blueprints for Web services usage

Blueprints for implementing interoperable and secure Web services are being amended by the Web Services Interoperability Organization (WS-I) to incorporate the latest SOAP technology and reliable message transmission, representatives of organization said on Thursday.

During a meeting at the Burton Group Catalyst Conference in San Francisco, WS-I officials cited plans to upgrade the group’s Basic Profile and Basic Security Profile and release a Reliable Secure Profile. WS-I profiles feature implementation guidelines on using related Web services specifications together for interoperability.

Membership in WS-I features a roster of the computer industry’s major players. Companies like BEA Systems, IBM, Microsoft, Novell, Oracle, and Sun are among the participants.

The industry has embraced the WS-I Basic Profile to enable interoperability of Web services between different vendors’ products, said Michael Bechauf, WS-I president and chairman. “The reception has been incredible,” said Bechauf, who also is vice president of industry standards at WS-I member SAP.

WS-I is working concurrently on two upgrades to Basic Profile, versions 1.2 and 2.0.

Due by the end of the year, version 1.2 adds support for SOAP-based attachments and WS-Addressing for addressing of Web services and messages. Version 2.0, expected in 2008, changes the SOAP implementation from SOAP 1.1 to SOAP 1.2, promising performance improvements for embedded devices, WS-I officials said.

WS-I did not consolidate the two Basic Profile upgrades because switching SOAP versions requires a major upgrade to products.

Basic Profile 1.0 was published in August 2003 with version 1.1 following a year later. The advent of Basic Profile has had a positive impact on Web services, said analyst Anne Thomas Manes, vice president and research director of Burton Group.

“Once that came out, a lot of our most egregious interoperability issues went away,” Manes said. Vendors began adopting it, and people followed these rules as systems were being developed, she said. Manes cited errors in WSDL 1.1 as an example of egregious errors that impeded Web services implementation.

Basic Security Profile 1.1, planned for ratification by the end of 2007, includes capabilities for single sign-on for Web services applications in multiple systems. This is accomplished through support for the WS-Security 1.1 specification, which backs new token profiles, particularly around SAML. WS-I is seeking five interoperable implementations of Basic Security Profile 1.1, which is a requirement for ratification.

Basic Security Profile 1.0 was published March 30.

With Reliable Secure Profile 1.0, also anticipated by the end of the year, WS-I is accommodating reliable transmission of messages. This differs from the Basic Security Profile, which covers encryption and signatures. Reliable Secure Profile will incorporate support for the WS-ReliableMessaging 1.1 and WS-SecureConversation 1.3 specifications.

WS-I at the conference Thursday evening plans to demonstrate interoperability offered by Basic Security Profile, featuring technologies from IBM, Microsoft, Novell, SAP, and Sun involved in a supply chain management application.

Also, a group of companies at the conference will be featured in an interoperability demonstration of the eXtensible Access Control Markup Language 2.0 standard from OASIS. Among the participants are IBM, CA, Oracle, and Red Hat.

Correction: This story as originally posted misstated the acronym for the markup language supported in WS-Security. The article has been amended.