Web services / e-Services Alessio Mura Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services Web service definitions W3C definition A web service is a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, tipically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards “Computer” - IEEE Computer Society Journal Web services are Web-based applications composed of coarsegrained business functions accessed through the Internet IBM Web services are self-contained, modular applications that can be described, published, located and invoked over a network, generally, the Web What is a web service Functions – A collection of operations – Machine-to-machine interaction Invoked / Accessed – Well defined interface Over a network (needs HTTP protocol) – Intranet – Web Loosely coupled – The service requester has no knowledge of the technical details of the provider’s implementation Why Web services Logical evolution of object-oriented techniques to e-business Promoting interoperability by minimizing the requirements for shared understanding – Common program-to-program communications model – Web services are platform and language independent Enabling just-in-time integration – Services are bound dinamically at runtime – Systems are self-configuring, adaptive and robust Reducing complexity by encapsulation – All components of an application are services Enabling interoperability of legacy applications Evolutionary or revolutionary? Web services are to be viewed as an evolutionary step towards software interoperability Before Web services: – Common Object Request Broker Architecture (CORBA) – Distributed Component Object Model (DCOM) Reasonable protocols for server-to-server communications; weaknesses in client-server communications on the Internet Use of non-standard protocols Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services Web services lifecycle A Web service needs to be created and its interface must be defined A Web service needs to be published to one or more intranet or Internet repositories for potential users to locate A Web service needs to be located to be invoked by potential users A Web service needs to be invoked to be of any benefit A Web service may need to be unpublished when it is no longer available or needed Web services interactions Web services architectures Web services – W3C standard – A universal client/server architecture – Allows disparate systems to communicate with each other without using proprietary client libraries Each vendor or standards organization defines Web services in a sligthly different way – Architectural stack Not all architectures of Web services are full interoperable W3C Conceptual Web services stack Discovery, Aggregation, Choreography, … Web services Description (WSDL) Messages SOAP Extension Reliability, Correlation, Transaction, … SOAP Communications HTTP, SMTP, FTP, … MANAGEMENT Descriptions Base Technologies: XML, DTD, Schema SECURITY Base Technologies: XML, DTD, Schema Processes IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow XML–Based messaging Exchange structured data between network applications Allows software running on disparate operating systems, and environments to make RPCs Simple Object Access Protocol (SOAP) – W3C standard – Built over XML Service Requestor Application Service Provider Web service SOAP SOAP Network Protocol Network Protocol SOAP message Envelope IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Service description The service provider defines all the specifications to invoke the Web service – Interface – Operations and messages The requestor and the provider don’t have to be aware of each other’s underlying platform Use of Web Service Description Language (WSDL) – W3C standard (it was proposed by Microsoft and IBM) – Based on XML documents IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Service publication Makes a Web service description available to a service requestor Direct publishing – The service provider sends the service description directly to the service requestor – E-mail attachment, FTP site, CD-ROM distribution,… Service description repository – Local cache of service descriptions Universal Description Discovery and Integration specification (UDDI) – Copyrigth by Accenture, Fujitsu-Siemens, HP, Intel, IBM, Microsoft, Oracle, SAP, Sun Microsystems,… – Organization for the Advanced of Structured Information Standards (OASIS) standard – A UDDI registry can be thought as a DNS for business application UDDI (1) Defines a way to publish and discover information about services White pages : provide listings of providers (name, Yellow pages : contains classification information Green pages : info to interact with companies’ Web text description, contact info and identifiers) about the business entity and types of the services the entity offers. E.g. Amazon can be a book seller and a bibliographic information broker Services (service description and binding information) UDDI (2) Use of UDDI browsers – http://www.soapclient.com/UDDISearch.html – http://uddi.microsoft.com/search/search.aspx Every Web service has an URI (Uniform Resource Identifier) Microsoft Web services – The list of the Web service methods is displayed when a browser loads the corresponding URI – These methods are invocable from such list IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Service discovery Acquires the service description and consumes it Acquiring – With the direct publishing approach, the service requestor caches the service description at design time – The service requestor retrieves a service description at design time or runtime from a service description repository (UDDI) Consuming – The service requestor processes the description to invoke the service At design time or runtime IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Service flow Choreography / Aggregation for W3C Web services are composable – The workflow will provide choreography for automatic interaction between Web services W3C / IBM and Microsoft / Sun and Oracle are competing for the standard definitions of this layer Work in progress IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Security There are four basic security requirements: Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes, and guarantees that the contents of the message are not disclosed to unauthorized individuals Authorization is the granting of authority, which includes the granting of access based on access rights and guarantees that the sender is authorized to send a message Data integrity is the property that data has not been undetectably altered or destroyed in an unauthorized manner or by unauthorized users thereby insuring that the message was not modified accidentally or deliberately in transit Proof of origin is evidence identifying the originator of a message or data. It asserts that the message was transmitted by a properly identified sender and is not a replay of a previously transmitted message. This requirement implies data integrity IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Management Management in this case means that a management application can discover the existence, availability and health of the Web service infrastructure, Web services and service registries It must be possible to manage Web services at all levels of the conceptual Web services stack The management interfaces should operate at the service level, and not at the relatively low level of the infrastructure – Basic reporting of Web services infrastructure availability – Information about performance, availability, events of Web services IBM Conceptual Web services stack WSFL Static -> UDDI Service Discovery Service Description SOAP XML–Based Messaging HTTP, FTP, email, etc. Network Quality of Service WSDL Management Service Publication Security Static -> UDDI Service Flow Quality of Service In XML-Based Messaging level – Reliable messaging : Ability of an infrastructure to deliver a message once, and only once, to its intended target or to provide a definite event, possibly to the source, if the delivery cannot be accomplished In service description level – Maximun duration after the requestor expects the provider to respond In service composition or service flow level – Expected execution time, timeout values,… The Quality of Service issues and solutions for Web Services are still emerging Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services Web Services development The development and deployment of Web services do not require a particular technology in the underlying platform A common text editor can be used to develop Web services There are several development tools that allow to easily develop Web services – Microsoft Visual Studio .NET – Sun ONE Studio – IBM WebSphere Studio or Eclipse IDE with WSDK – … Web services with Microsoft .NET You have to – Access to Internet Information Services (IIS) In a local or remote machine A server for web applications/services The service repository of one or more service providers – Create a Web service project in Microsoft Visual Studio .NET A Web service is composed by classes Usage of keyword WebMethod for the public methods invocable from the Internet Web services in Microsoft Visual Studio .NET Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services Considerations Web services standard today permits application-to-application interoperability – Server-to-server communications – Client-server communications The coordination of a set of Web services working towards a common end is an open issue – Transaction-based applications Service Oriented Architecture (SOA) From an IBM document on SOA “…SOA presents the big picture of what you can do with Web services…” “…It can be based on Web services, but it may use other technologies instead…” “…A service in SOA is an application function packaged as a reusable component for use in a business process…” Software as a Service (SaaS) – The key know-how involved is not who provides services but what service a transaction requires at any particular point – Separate the possession and ownership of software from its use – Ultra-late binding Service models Supplier’s software application service Service layer (application created on demand from smaller services) Service integration layer Service transport layer Current supply-led service model (it provides only a predetermined range of services from a remote server) Service transport layer Proposed demand-led service model (it has a service integration layer inserted above the transport layer) Service integration layer Service description, Service discovery – A machine readable semantic description of the functionality provided by the service Service composition (Service flow) – Automatic composition of Web services Service negotiation – The client and the provider must negotiate the service’s delivery terms and conditions automatically Contract’s duration Transaction’s agreed security features Service delivery – Monitors whether the service is supplied within agreed terms and conditions and suspends its provision if necessary – Determines legal or nonfunctional parameters (cost, QoS,…) Service-based software goals Personalised – Software capable of personalisation Self-adapting – Monitor and understand how software is being used Fine-grained – Small simple units – High cooperation Transparent – Software has to be seen as a single abstract object Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services Software engineering (considerations) Internet age has ushered in a new era of highly dynamic and agile organisations which must be in a constant state of evolution if they are to compete and survive in an increasingly global marketplace There is still criticism of software systems and the methods employed in their development, such as – High cost – Long time to market – Poor flexibility Many of these issues have been accentuated through the widespread use of Internet and the acceleration of business cycles Web service engineering (1) Web services are used for client-server interactions (Now Web service = set of classes) A Web service can be used in an application like a local class A Web service is similar to a component, the only difference is that it is accessible by the Web Component-based techniques – Reuse of services Web service engineering (2) Highly flexible and agile software, that should be able to meet changing business needs – Classical software engineering methods are not adapted Interdisciplinary view of software – Trust and confidence : users need appropriate mental models of software behaviour in order to have trust and confidence in its performance – Risk, responsibility, recovery : what happens when software fails and, with the emergence of componentbased approaches, how to ensure accountability in system development and evolution – Software personalisation and adaptation Web service engineering (conclusions) There is few material regarding this subject which is still a matter of study “Service-Oriented Software System Engineering: Challenges and Practices” Zoran Stojanovic and Ajantha Dahanayake, Delft University of Technology – – – – – Relevant theoretical background Modeling notation Tools Development processes Practical realisations Summary What is a Web service Web services architectures Web services development Web services in the future Web services engineering e-Services e-Services (1) From Wikipedia, the free encyclopedia e-Service is a term usually referring to the provision of services provided via the Internet (the prefix 'e' standing for "electronic", as it does in many other uses) e-Service includes "e-commerce", although it may also include non-commercial services Non-ecommerce e-Services include (at least some) "eGovernment" services From an article written by C.Peraire and D.Coleman An e-Service is some interaction offered to a user, across the Internet, that has meaning and economic value An e-Component is a software module that provides one or more e-Services. Thus, the e-Services provided by an eComponent constitute its interface e-Services (2) E-services is a business concept developed by Hewlett Packard (HP) HP e-Services integration platform – “… There are essentially no constraints on what the platform can aggregate into the portal – Web-enabled applications and informations stores, legacy applications, and applications on open client/server systems …” – Using HP's e-services concept, any application program or information resource is a potential e-service; Internet Service Providers (ISPs) and other companies are logical distributors or access points for such services Cisco e-Services – “…Cisco eServices provides a variety of voice processing for your Cisco IP Telephony implementation…” Cisco IP Integrated Voice Response (Cisco IP IVR) Cisco IP Integrated Contact Distributor (Cisco IP ICD) e-Services (conclusions) The word e-Service: – has a very general meaning – is used to represent all web-based applications In some environments Web services can be considered as e-Services References (1) “Web Services Computing: Advancing Software Interoperability” “Computer” IEEE Computer Society Journal October 2003 (Jen-Jao Chung, Kwei-Jay Lin, Richard G. Mathieu) “Turning Software into a Service” “Computer” IEEE Computer Society Journal October 2003 (Mark Turner, David Budgen, Pearl Brereton) “Web Services architecture overview” IBM Web Services Architecture Team - September 2000 - http://www106.ibm.com/developerworks/web/library/w-ovr/ “Web Services Conceptual Architecture (WSCA 1.0)” Heather Kreger – IBM Software Group – May 2001 - www306.ibm.com/software/solutions/webservices/pdf/WSCA.pdf “Web Services Architecture” – W3C Working Group – February 2004 – (David Booth, Hugo Haas, Francis McCabe, Eric Newcomer, Michael Champion, Chris Ferris, David Orchard) – http://www.w3.org/TR/2004/NOTE-ws-arch-200040211/ References (2) “Web Services Architectures” – Tect – Judith M. Myerson “Service-Oriented Architecture expands the vision of Web services, Part 1” – IBM Corporation – Mark Colan – www-106.ibm.com/developerworks/ library/ws-soaintro.html “Service-Based Software: The Future for Flexible Software” – Keith Bennett, Paul Layzell, David Budgen, Pearl Brereton, Linda Macaulay, Malcolm Munro “Modeling for E-Service Creation” Cecile Peraire and Derek Coleman “Semantic Web services and Web services standards” – Sinuhé Arroyo, Christoph Bussler and Rubén Lara – EEE04 – http://deri.semanticweb.org/ “Component-Based Software Engineering” – Wilhelm Hasselbring “Cisco eServices Architecture – Cisco IPCC Express Edition” Cisco Systems – http://www.cisco.com/en/US/products/sw/custcosw/ps1846/products_ administration_guide_chapter09186a00900eeac8.html WSDL documents <definitions> <types> Definition of a type (the datatypes used by the Web service) </types> <message> Definition of a message (the messages used by the Web service) </message> <portType> Definition of a port (the operation performed by the Web service) </portType> <binding> Definition of a binding (the communication protocols used by the Web service) </binding> </definitions> Glossary XML: eXtensible Markup Language – Example <person id=1> <name> Alessio </name> </person> DTD: Document Type Definition – Define the legal building blocks of an XML document, they define the document structure with a list of legal elements XML Schema – Provide a means for defining the structure, content and semantics of XML documents