Users Cast Wary Eye at Web Services
IT managers are interested but worry about immature standards, lack of skills
Computerworld - Boston
IT professionals on an exploratory mission at last week's XML Web Services One conference here expressed keen interest in testing out new technologies to address some of their most painful application integration headaches.
But their interest was tempered by a variety of concerns, including immature and sometimes overlapping standards, the potential for differing implementations of those standards by vendors and a dearth of skills at some companies to build Web services that use standard Internet technologies such as XML and the Simple Object Access Protocol to link disparate applications.
"My nightmare would be a standards arms race," said Chet Ensign, senior director of architecture and development services in the Newark, N.J., office of LexisNexis Group. "That's what the world does not need."
One ray of hope for attendees such as Ensign was a daylong joint presentation by two of the groups working on key Web services standards - the World Wide Web Consortium and the Organization for the Advancement of Structured Information Standards. But even though the cooperative spirit was encouraging, some users were left with just as many questions as answers.
"It confirmed to me that we're not the only ones who are confused," said Ensign, who gave a user presentation at the forum. "I think everyone outside of the small groups of security specialists who have been working on this problem are confused. We don't yet see a clear story of what the security problems are, the framework for how the security will be provided and how the individual efforts fit together."
Kevin Cronin, chief technical architect at Niteo Partners Inc., a Boston-based services firm that's owned by NEC Corp., said its clients in the financial services industry are confused about the overlap of some of the proposed security standards. And until the issues are resolved, he said, the use of Web services may be limited at the retail banking level.
Advanced security issues such as rights management are of great concern to financial services firms as well as to publishers such as LexisNexis, which manages content from a wide range of sources and must control access to meet its business obligations to its content providers and customers. Ensign said he now sees potential overlap among three standards - Security Assertion Markup Language, Extensible Access Control Markup Language and Extensible Rights Markup Language.
"That's an expensive problem to solve if we have to invent our own solution to every single permissions issue as it comes along," Ensign said. He added that if standards are implemented by vendors in a clear and consistent way, "our customers
- Five Steps to Achieve Success in your Application Security Program This white paper provides a general framework your organization can use to create or build upon an application security program. It includes guidelines...
- Unlock the Value of Enterprise Mobility Download this guide and learn how to manage the secure deployment of enterprise mobile apps and data, while still encouraging the levels of...
- Rebranded Quadmark revamps its IT solutions with Google Apps Switching to Google Apps halved Quadmark's IT admin costs while achieving 10% time savings per employee. The global consulting firm now spends 80%...
- Manufacturing Outlook: Improving time to market, operational effectiveness and innovation in a highly competitive environment An enterprise project portfolio management solution can help manufacturers position themselves in the new competitive landscape.
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- Video Stream Quality Impacts Viewer Behavior This scientific white paper, using statistical data from Amakai's streaming network, analyzes how changes in video quality cause changes in viewer behavior.
- Service-Enabling CICS Applications: Best Practices This informative webcast provides an informed, thorough look into CICS service-enablement options and how they can affect your environment. You'll learn how to...