ServiceTechMag.com > Archive > Issue XI: October 2007 > Checking up on the Standards: Introducing the Big SOA Grid
Robert Schneider

Robert Schneider

Biography

Robert D. Schneider, SOACP is a senior consultant, instructor, and published IT author with more than 15 years of experience leading successful IT initiatives and providing technical and architectural expertise for complex IT solutions. He is also an experienced speaker who has led many technical sessions and workshops at various events.

Robert was previously a Director with Above All and also the co-founder and Vice President of Professional Services for Optimize Solutions, Inc. Prior to Optimize, Robert held senior positions with Cape Clear and Visigenic Software, and also served as a senior consultant at Informix Software.

Robert has written four books and numerous articles on SOA and high-performance database applications and implementations. He is currently working on a new book dedicated to SOA Governance and he is a regular contributor to The Big SOA Grid, a Web site providing current data relating to WS-* specifications.

He may be reached at: robert.d.schneider@gmail.com

Contributions

rss  subscribe to this author

Chris Riley

Chris Riley

Biography

Chris Riley is an senior SOA consultant and instructor and has contributed to several SOA-related publications. He brings 10 years of experience in middleware, B2B platforms and Enterprise Service Bus (ESB).

Previously, Chris was the Director of Architecture Solutions and Technical Evangelist at Cape Clear software supporting the implementation of Enterprise Service Bus technologies. Prior to Cape Clear, Chris held several roles at Extricity, Segue Software and PTC.

Chris has also presented on various topics at the SOA Architecture Forum Series, Toronto JUG, Integration Consortium, and Webinars with Gartner.

Chris blogs about SOA issues at http://soasidewalk.blogspot.com

Contributions

rss  subscribe to this author

Bookmarks



Checking up on the Standards: Introducing the Big SOA Grid

Published: October 5th, 2007 • SOA Magazine Issue XI
 

Introduction

Architects and developers attempting to design, implement, and maintain a Web services-based service-oriented architecture face a bewildering array of standards and specifications. To make matters worse, these guidelines are managed by different standards bodies, and sponsored by an ever-changing array of vendors. Finally, they all continually evolve over time, adding extra complexity to the equation.

The Big SOA Grid is our humble attempt at providing a comprehensive, up-to-date snapshot of all the major standards that you need to be aware of when planning or maintaining your service-oriented enterprise. You'll find the following helpful details about each major specification:

  • the category to which the standard belongs, including:

    • Data Definition
    • Data Transformation & Extraction
    • Interoperability
    • Management
    • Messaging
    • Orchestration
    • Registry
    • Security
    • Service Description
    • Transactions
  • the standards body responsible for the specification
  • a link to the standard
  • the date of the standard
  • the standard's current revision
  • the primary contributing organizations
  • a brief summary of the standard and related notes

And since everything is constantly in flux, we'll soon be maintaining this helpful list at BigSOAGrid.com. If you have any questions or corrections, please contact us at info@bigsoagrid.com. And if you'd like to be notified of updates to the grid, please send an email to subscribe@bigsoagrid.com. Stay tuned, because in the near future we'll be adding links to useful tutorials, as well as providing a comprehensive list of vendors that offer products for each standard. Be sure to also check out SOASpecs.com [REF-4] an established portal to most of the specifications listed below.


A Snapshot of the Current Standards World

MTOM
Category Messaging
Standards Body W3C
Version 1.2 (Recommendation)
Status http://www.w3.org/TR/soap12-mtom/
Date January 25, 2005
Contributors Microsoft, IBM, BEA, Canon
Notes MTOM, the Message Transmission Optimization Mechanism, has developed into an important standard intended to deal with many of the performance issues that have plagued Web services-based applications due to the overhead imposed by standard XML parsing and processing. MTOM essentially provides a mechanism for specifying pass-through elements in SOAP header and body sections as well as MIME attachments.

SAML
Category Security
Standards Body OASIS
Version 1.1
Status http://www.oasis-open.org/committees/download.php/3400/oasis-sstc-saml-1.1-pdf-xsd.zip (1.0)
http://docs.oasis-open.org/security/saml/v2.0/saml-2.0-os.zip (2.0)
Date August 28, 2003 (1.0)
February 28, 2005 (2.0)
Contributors Sun, RSA, Netegrity (1.0)
Enosis Group LLC, PA Consulting, RSA, Sun, NTT, NCSA, BEA, Entrust, Internet2, Oracle (2.0)
Notes SAML (Security Assertion Markup Language) is an XML-based specification designed to authenticate and authorize a consumer of a service. It represents a key technology for enabling single sign-on functionality across Web services, a feature that is especially important when designing complex service compositions and applying the Service Composability design principle [REF-1]. Version 2.0 of SAML offers additional protocols for handling all aspects of authentication and authorization and is typically evaluated as a component of the overall WS-Security framework.

SOAP
Category Messaging
Standards Body W3C
Version 1.1, 1.2 (Recommendation)
Status http://www.w3.org/TR/2000/NOTE-SOAP-20000508/ (1.1)
http://www.w3.org/TR/soap12-part0/ (1.2)
Date May 8, 2000
Contributors Microsoft, IBM, Canon, Oracle Corporation, Sun Microsystems, W3C, UserLand Software, DevelopMentor (1.1)
WSO2, Sun, IONA, Oracle, TIBCO, IBM, Sonic Software, Sonoa Systems, BEA (1.2)
Notes This widely implemented version of the Simple Object Access Protocol defines the fundamental and foremost XML messaging format to communicate between Web Services. Version 1.2 of SOAP adds many important extensions, several of which came about as a result of WS-I recommendations. Note that as of this version, the specification is entitled only "SOAP" and the "Simple Object Access Protocol" title has been dropped. The influence of service-orientation is deemed the primary reason as this version of the SOAP standard is specifically for service interchange and no longer about object access.

SOAP with Attachments
Category Messaging
Standards Body W3C
Version 1.2
Status http://www.w3.org/TR/soap12-af/
Date June 8, 2004
Contributors Microsoft, IBM
Notes There was a time when no one knew whether SwA (SOAP with Attachments) or WS-Attachments [REF-3] would establish itself as the de facto standard for SOAP attachments. The majority of the SOA community now view SwA as the primary candidate as it has received relatively wide vendor support. The SwA standard extends SOAP to support the inclusion of the MIME media type attachments that are typically used to communicate non-SOAP data including binary data, images, audio etc.

XML
Category Data Definition
Standards Body W3C
Version 1.0, 1.1
Status http://www.w3.org/TR/1998/REC-xml-19980210 (1.0)
http://www.w3.org/TR/2006/REC-xml-20060816 (1.1)
Date February 10, 1998 (1.0)
September 29, 2006 (1.1)
Contributors Microsoft, University of Illinois at Chicago, Textuality (1.0)
Textuality, Netscape, Microsoft, W3C, Sun Microsystems (1.1)
Notes Clearly the most fundamental and successful SOA-related standard produced by any standards organization. The Extensible Markup Language (a subset of SGML) was designed to provide a portable mechanism for exchanging information over the Web similar to the previously successful HTML. With the exception of XPath, all specifications listed in this grid are authored using XML.

XML Schema
Category Data Definition
Standards Body W3C
Version 1.0, 1.1 (submission)
Status http://www.w3.org/XML/Schema#dev (1.0)
http://www.w3.org/TR/xmlschema-1 (1.1)
Date May 2, 2001 (1.0)
October 28, 2004 (1.1)
Contributors SGML Works!, Oracle Corporation, Kaiser Permanente, W3C
Notes As fundamental to SOA as XML is, the XML Schema specification essentially allows for the definition of data models specifically for XML documents. All Web services specifications authored in XML are accompanied by pre-defined XML schema definitions that enforce the language constraints. In a nutshell, XML Schema allows for the expression of types, rules and validation logic used to describe valid XML document instances. It further utilizes namespaces to resolve conflicts and complex types.

XPath
Category Data Transformation/Extraction
Standards Body W3C
Version 1.0 (Recommendation)
2.0 (Requirements)
Status http://www.w3.org/TR/xpath (1.0)
http://www.w3.org/TR/xpath20req/ (2.0)
Date November 16, 1999 (1.0)
June 3, 2005 (2.0)
Contributors Inso Corp., Brown University (1.0)
AT&T, Oracle (2.0)
Notes XPath (also known as XML Path Language) is a long-surviving utility specification that provides common syntax and semantics for searching and identifying parts of XML documents via a language that resembles the UNC syntax used for file paths. XPath is also one of the very few remaining specifications that are not actually written in XML. Other languages, such as XSLT and XQuery [REF-3], provide intrinsic support for XPath statements. The primary goals of version 2.0 include simplified manipulation of string and XML content, as well as improved interoperability and ease-of-use.

XQuery
Category Data Transformation/Extraction
Standards Body W3C
Version 1.0 (Recommendation)
Status http://www.w3.org/TR/xquery
Date January 23, 2007
Contributors IBM, AT&T, Oracle, DataDirect
Notes XQuery (also known as the XML Query Language) provides a specialized query syntax similar to SQL, designed to locate information within and across XML documents [REF-3]. As native XML support in databases has steadily increased, the XQuery standard has continued to receive broad vendor support in mainstream database products, such as SQL Server and DB2.

XSLT
Category Data Transformation/Extraction
Standards Body W3C
Version 1.0 (Recommendation)
2.0 (Recommendation)
Status http://www.w3.org/TR/xslt (1.0)
http://www.w3.org/TR/xslt20/
Date November 16, 1999 (1.0)
January 23, 2007 (2.0)
Contributors Saba, Microsoft, University of Edinburgh, Arbortext, Adobe, Saxonica
Notes While much of service-orientation (specifically the Standardized Service Contract design principle [REF-1]) is geared toward avoiding data transformation, the fact remains that overcoming disparate data sources will remain a reality for some time. XSLT is the foremost language employed to transform information between XML documents based on different XML Schema structures, and for converting XML into other output formats. Version 2.0 offers many new functions and usability enhancements and was designed to be used in conjunction with XPath 2.0.

WS-Addressing
Category Messaging
Standards Body W3C
Version 1.0 (Recommendation)
Status http://www.w3.org/TR/ws-addr-core/
Date May 9, 2006
Contributors Sun Microsystems, IBM, Microsoft, BEA, SAP
Notes By providing industry standard routing and correlation SOAP headers, the WS-Addressing [REF-2] specification has established itself as a core part of the Web services platform. It further provides support for invoking service instances and its headers are used by other specifications, such as WS-RM.

WS-AtomicTransaction
Category Transactions
Standards Body OASIS
Version 1.1
Status http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html
Date April 16, 2007
Contributors IBM, IONA, JBoss
Notes Atomic transactions typically refer to "all-or-nothing" events that are also generally short-lived. The WS-AtomicTransaction specification [REF-2] states how these transactions should behave, along with their interaction with coordination services (as defined by WS-Coordination).

WS-Base Notification
Category Messaging
Standards Body OASIS
Version 1.3 (Ratified)
Status http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsn
Date October 11, 2006
Contributors IBM, TIBCO, HP
Notes This base standard for a web services notifications has been more accepted in the Java community. It specifically describes the roles of Notification Producer and Notification Consumer for publish-and-subscribe data interchange. WS-BaseNotification is part of the overall WS-Notification framework [REF-2].

WS-I Basic Profile
Category Interoperability
Standards Body WS-I
Version 1.1, 1.2 (Board approval draft)
Status http://www.ws-i.org/Profiles/BasicProfile-1.1.html (1.1)
http://www.ws-i.org/Profiles/BasicProfile-1.2.html (1.2)
Date April 10, 2006 (1.1)
March 28, 2007 (1.2)
Contributors Microsoft, IBM, SAP, BEA, webMethods (1.1, 1.2)
Notes This important specification is designed to foster conformance and interoperability among vendor implementations of key service standards such as WSDL, SOAP, and UDDI. Version 1.2 fixes 1.1 errors and adds support for WS-Addressing and MTOM binary attachments.

WS-I Basic Security Profile
Category Interoperability
Standards Body WS-I
Version 1.0, 1.1 (Working group approval draft)
Status http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html (1.0)
http://www.ws-i.org/Profiles/BasicSecurityProfile-1.1.html (1.1)
Date March 30, 2007 (1.0)
February 20, 2007 (1.1)
Contributors IBM, Microsoft, Layer 7, Nortel (1.0, 1.1)
Notes This key security specification is designed to foster conformance and interoperability among vendor implementations of key security standards such as WS-Security, SAML, Kerberos, X.509 and REL.

WS-BPEL
Category Orchestration
Standards Body OASIS
Version 1.1, 2.0
Status http://www-106.ibm.com/developerworks/webservices/library/ws-bpel/ (1.1)
http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html (2.0)
Date May 5, 2003 (1.1)
April 11, 2007 (2.0)
Contributors Microsoft, IBM, Siebel Systems, BEA, SAP (1.1)
IBM, Microsoft, BEA, Intalio, Adobe, Systinet, JBoss, Sterling Commerce, SAP, Deloitte, TIBCO, webMethods, Oracle (2.0)
Notes WS-BPEL (the Web Services Business Process Execution Language) provides an industry standard syntax for expressing business process and Web service composition logic for execution within orchestration platforms. Version 1.1 was entitled BPEL4WS (Business Process Execution Language for Web Services) and received relatively wide industry support before even being submitted to a standards organization.

WS-Business Activity
Category Transactions
Standards Body OASIS
Version 1.1
Status http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html
Date April 16, 2007
Contributors IBM, IONA, JBoss
Notes This specification, in concert with WS-Coordination, is designed to support long-running activities that may span organizations and even involve manual steps. WS-BusinessActivity [REF-2] coordinated activities can span multiple atomic transactions.

WS-Coordination
Category Transactions
Standards Body OASIS
Version 1.1
Status http://docs.oasis-open.org/ws-tx/wstx-wscoor-1.1-spec-os/wstx-wscoor-1.1-spec-os.html
Date April 16, 2007
Contributors Microsoft, IONA, IBM
Notes WS-Coordination [REF-2] serves as a guideline and set of protocols for synchronizing and coordinating distributed computational tasks and activities. These activities can be both short running (as specified by WS-AtomicTransaction) and long running (as specified by WS-BusinessActivity).

WS-Distributed Management
Category Management
Standards Body OASIS
Version 1.0 (Legacy)
Status http://www.oasis-open.org/committees/wsdm/ipr.php
Date September 10, 2003
Contributors IBM, Talking Blocks, Computer Associates International
Notes This standard focuses on the distributed management of devices using Web services as well as the internal management of Web services.

WS-Federation
Category Interoperability
Standards Body OASIS
Version 1.2
Status http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsfed
Date June 18, 2007
Contributors IBM, Microsoft
Notes As part of the overall WS-Security framework, this specification enhances WS-Trust to support distributed trust authentication and authorization across security realms.

WS-Policy
Category Service Description
Standards Body W3C
Version 1.2 (Submission)
Status http://www.w3.org/Submission/WS-Policy/
Date April 25, 2006
Contributors Verisign, Microsoft, Sonic Software, IBM , SAP, BEA
Notes This fundamental standard extends the Web service contract to allow for the expression of technical policy assertions. The WS-Policy framework [REF-2] is comprised of three specifications that each cover an aspect of defining and applying policies. Various service-orientation principles can influence how and the extent to which policy assertions are incorporated in the overall service design [REF-1].

WS-RM
Category Messaging
Standards Body OASIS
Version 1.1
Status http://docs.oasis-open.org/ws-rx/wsrm/v1.1/wsrm.html
Date June 14, 2007
Contributors WS02, IBM, SAP, Coastin, BEA, Oracle
Notes WS-RM (also referred to as WS-ReliableMessaging) [REF-2] provides a transport-independent standard which enables Web Services to transmit sequences of messages across nodes reliably and in conformance with various rules called quality assurances.

WS-Secure Conversation
Category Interoperability
Standards Body OASIS
Version 1.3
Status http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx
Date March 1, 2007
Contributors IBM, Microsoft, Nortel, Verisign
Notes The WS-Secure Conversation specification defines extensions for WS-Security to allow security context definition and sharing, and session key derivation.

WS-Security
Category Security
Standards Body OASIS
Version 1.0, 1.1
Status http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf (1.0)
http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf (1.1)
Date April 5, 2002 (1.0)
February 21, 2006 (1.1)
Contributors IBM, Sun, Microsoft, Verisign (1.0, 1.1)
Notes WS-Security is considered one of the most important parts of the WS-* platform, providing essential and critical, industry-standard security functions. The framework is comprised of several standards, including X.509, SAML, Kerberos, Rights Expression Language, SOAP with Attachments.

WS-Topics
Category Messaging
Standards Body OASIS
Version 1.3 (Ratified)
Status http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsn
Date October 11, 2006
Contributors HP, IBM
Notes WS-Topics provides an XML model that is used in conjunction with WS-Base Notification for the definition of notification topics.

WS-TX (WS-Transaction)
Category Transactions
Standards Body OASIS
Version 1.1
Status See WS-AtomicTransaction, WS-BusinessActivity, and WS-Coordination specifications.
Date February 28, 2007
Contributors Adobe, BEA, Fujitsu, Hitachi, IBM, IONA, Microsoft, Nortel, Oracle, Red Hat, Ricoh, Sun, TIBCO
Notes An amalgamation of specifications that describe how Web service transactions, both short running (as specified by WS-AtomicTransaction), and long running (as specified by WS-BusinessActivity) should behave using coordinated resources (WS-Coordination).

WS-Trust
Category Interoperability
Standards Body OASIS
Version 1.3
Status http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx
Date March 19, 2007
Contributors IBM, Microsoft, Nortel, Verisign
Notes The WS-Trust specification defines extensions for WS-Security to allow for the exchange of security tokens and to establish specific types of trust relationships among Web services.

WSDL
Category Service Description
Standards Body W3C
Version 1.1, 2.0 (Recommendation)
Status http://www.w3.org/TR/wsdl (1.1)
http://www.w3.org/TR/wsdl20/ (2.0)
Date March 15, 2001 (1.1)
June 26, 2007 (2.0)
Contributors Microsoft, IBM (1.1)
IBM, Canon, WS02, Sun Microsystems (2.0)
Notes The most basic of Web services standards that defines the core Web service technical contract. Specifically, WSDL (Web Services Description Language) [REF-2] definitions allow for the expression of service messages, operations, bindings and concrete service implementation details, such as location. The WSDL definition (together with XML schema and WS-Policy definitions) is a primary part of the Web services shaped by various service-orientation design principles, such as Standardized Service Contract, Service Loose Coupling, and Service Abstraction [REF-1].

UDDI
Category Registry
Standards Body UDDI.org (2.0)
OASIS (3.0)
Version 2.0, 3.0
Status http://www.oasis-open.org/committees/uddi-spec/doc/tcspecs.htm#uddiv2 (2.0)
http://www.oasis-open.org/committees/uddi-spec/doc/tcspecs.htm#uddiv3 (3.0)
Date July 19, 2002 (2.0)
October 19, 2004 (3.0)
Contributors IBM, Accenture, BEA, Fujitsu, Microsoft, HP, Verisign, Oracle, Sun, Intel, SAP, webMethods (2.0)
Microsoft, Sun, HP, Oracle, Intel, SAP (3.0)
Notes UDDI (Universal Description, Discovery, and Integration) [REF-3] is an XML registry standard originally designed to let providers of publicly available Web services register their offerings for open discovery. Now more utilized for internal private service registries, it has become a key part of SOA infrastructures. Version 3.0 introduced many improvements, including better WSDL capabilities, data model enhancements, multi-registry topologies and a new subscription API.


References

[REF-1] "SOA: Principles of Service Design", Thomas Erl, Prentice Hall/PearsonPTR (ISBN: 0132344823).

[REF-2] "Service-Oriented Architecture: Concepts, Technology, and Design", Thomas Erl, Prentice Hall/PearsonPTR (ISBN: 0131858580)

[REF-3] "Service-Oriented Architecture: A Field Guide to Integrating XML and Web Services", Thomas Erl, Prentice Hall/PearsonPTR (ISBN: 0131428985)

[REF-4] SOASpecs.com (www.soaspecs.com)