Sunday, April 11, 2021

A Practical Guide to Safe And Easy Web Services

Safe and easy are now two words you can think when you’re thinking Web services.

The Web Services Interoperability Organization (WS-I) has published
the WS-I Basic Security Profile (BSP 1.0), a guide for making sure Web
services are secure and interoperable.

Web services (define), or communication between disparate
applications, can automate certain business transactions, including order
fulfillment for supply chains and services.

Many companies are considering using Web services but cannot build their own,
and the lack of security, interoperability and management as part of a
standards framework prohibits businesses from adopting them.

WS-I, whose backers Microsoft (Quote), IBM (Quote),
Oracle (Quote) and others, has been working since 2002 to
foment standards that make Web services practical.

Burton Group analyst Anne Thomas Manes said BSP 1.0 builds on the Basic
Profile 1.1 from WS-I and is designed to make Web services safe and
practical over the Internet.

The document focuses on the interoperability traits for HTTP over TLS and
Web Services Security: SOAP Message Security.

HTTP over TLS secures the confidentiality of information that flows over
an HTTP connection. Web Services Security: SOAP Message Security provides
security protection for SOAP (define) messages and their
attachments across several disparate nodes.

The BSP 1.0 also incorporates the following components of OASIS’ Web
Services Security standards: Username Token Profile, X.509 Certificate Token
Profile, Kerberos Token Profile, SAML Token Profile and XRML Token Profile.

The new document was approved by the WS-I board after IBM, Microsoft, Novell, Oracle and
SAP demonstrated interoperability of BSP 1.0.

Manes said documents such as BSP 1.0 are necessary to remove some of the
interoperability stumbling blocks developers run into.

“One of the challenges we have with specifications is that specifications
are designed to support a lot of different cases and offer a lot of
different options,” Manes said.

“When you’re a developer who’s trying to implement a particular
specification, sometimes it’s hard to figure out how to interpret the
specifics and the options supplied by a specification. That tends to lead to
interoperability challenges.”

Profiles such as BSP 1.0, Manes said, are a strong indicator that a
specification is ready for prime time.

This article was first published on To read the full article, click here.

Similar articles

Latest Articles

The Conversational AI Revolution:...

One of the things I’m looking forward to seeing at next week’s NVIDIA GTC event is an update on their Conversational AI efforts. I’m fascinated...

Edge Computing

Edge computing is a broad term that refers to a highly distributed computing framework that moves compute and storage resources closer to the exact...

Data-Driven Decision Making: Top...

The phrase data-driven decision making – certainly popular in the field of data analytics – may seem redundant. After all, nearly everything is driven...

Top Performing Artificial Intelligence...

As artificial intelligence has become a growing force in business, today’s top AI companies are leaders in this emerging technology. Often leveraging cloud computing and...