DOCSLIB.ORG

WEB SERVICES: PRINCIPLES and TECHNOLOGY Michael P

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
WEB SERVICES: PRINCIPLES and TECHNOLOGY Michael P WEB SERVICES: PRINCIPLES WEB SERVICES: PRINCIPLES AND TECHNOLOGY Michael P. Papazoglou “This book is one of the most comprehensive treatments of Web services I have seen. It covers the full gamut of concepts, principles, supporting technology and necessary infrastructure required to build a service-oriented architecture using today’s advanced standards. I highly recommend this book.” Dave Chappell: author, Enterprise Service Bus “This book, authored by one of the most respected experts in the Web services fi eld, is an invaluable reference for both academics and practitioners. Because of its rigor and completeness it is bound to become the defi nitive guide to Web services technologies.” AND Francisco Curbera: manager, Component Systems, IBM T.J. Watson Research Center TECHNOLOGY Web services represent the next generation of web-based technology. They allow new and improved ways for enterprise applications to communicate and integrate with each other and, as such, are having a profound effect on both the worlds of business and of software development. In this new book, Michael Papazoglou offers a comprehensive examination of Web services which gives you all you will need to know to gain a solid foundation in this area. This book will help you to understand: ● The nature of Web services – what they actually are ● The underlying concepts, principles, and methodologies of Web services ● The fundamental technologies that underpin the Web services paradigm ● How Web services are introduced into organizations, and how they are designed, deployed and used Michael P. Papazoglou Papazoglou Michael P. ● The key standards necessary for the development of Web services Web Services: Principles and Technology is suitable for computer science students and also for professionals who need an introduction to this area. Key features to help reinforce your understanding include: ● Spiral approach to build on earlier knowledge as the topics become more advanced ● Numerous examples throughout demonstrate the practical application of the theory Michael P. Papazoglou ● Self-test questions, hints and tips, and discussion topics feature throughout Michael Papazoglou holds the chair of Computer Science and is director of INFOLAB/CRISM at Tilburg University, The Netherlands. WEB SERVICES: PRINCIPLES AND TECHNOLOGY www.pearson-books.com 9780321155559_COVER.indd 1 29/6/07 14:48:50 WEBS_A01.qxd 11/12/07 4:30 PM Page i Web Services Visit the Web Services: Principles and Technology Companion Website at www.pearsoned.co.uk/papazoglou to find valuable student learning material including: l Links to useful sites on the web WEBS_A01.qxd 11/12/07 4:30 PM Page ii We work with leading authors to develop the strongest educational materials in computing, bringing cutting-edge thinking and best learning practice to a global market Under a range of well-known imprints, including Prentice Hall, we craft high-quality print and electronic publications which help readers to understand and apply their content, whether studying or at work To find out more about the complete range of our publishing, please visit us on the World Wide Web at: www.pearsoned.co.uk WEBS_A01.qxd 11/12/07 4:30 PM Page iii Web Services: Principles and Technology Michael P. Papazoglou INFOLAB/CRISM, Tilburg University, The Netherlands WEBS_A01.qxd 11/12/07 4:30 PM Page iv This book is dedicated to Marion without whose support, continuous encouragement, and infinite patience this book would have been impossible. Pearson Education Limited Edinburgh Gate Harlow Essex CM20 2JE England and Associated Companies throughout the world Visit us on the World Wide Web at: www.pearsoned.co.uk First published 2008 © Pearson Education Limited 2008 The rights of Michael P. Papazoglou to be identified as author of this work have been asserted by him in accordance with the Copyright, Designs and Patents Act 1988. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without either the prior written permission of the publisher or a licence permitting restricted copying in the United Kingdom issued by the Copyright Licensing Agency Ltd, Saffron House, 6–10 Kirby Street, London EC1N 8TS. All trademarks used herein are the property of their respective owners. The use of any trademark in this text does not vest in the author or publisher any trademark ownership rights in such trademarks, nor does the use of such trademarks imply any affiliation with or endorsement of this book by such owners. ISBN: 978-0-321-15555-9 British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library 1098765432 11 10 09 08 07 Typeset in 10/12pt Times by 35 Printed and bound in Great Britain by Henry Ling Ltd., at the Dorset Press, Dorchester, Dorset The publisher’s policy is to use paper manufactured from sustainable forests. WEBS_A01.qxd 11/12/07 4:30 PM Page v Contents Preface xix Foreword xxix Acknowledgements xxxi Part I Basics 1 Chapter 1: Web services basics 3 1.1 Introduction 4 1.1.1 What are Web services? 5 1.1.2 Typical Web services scenarios 6 1.2 The concept of software as a service 8 1.3 A more complete definition of Web services 10 1.4 Characteristics of Web services 12 1.4.1 Types of Web services 12 1.4.1.1 Simple or informational services 13 1.4.1.2 Complex services or business processes 14 1.4.2 Functional and non-functional properties 15 1.4.3 State properties 15 1.4.4 Loose coupling 16 1.4.5 Service granularity 17 1.4.6 Synchronicity 17 1.4.7 Well-definedness 19 1.4.8 Service usage context 19 1.5 Service interface and implementation 19 1.6 The service-oriented architecture 22 1.6.1 Roles of interaction in the SOA 23 1.6.1.1 Web services provider 23 1.6.1.2 Web services requestor 23 1.6.1.3 Web services registry 24 1.6.2 Operations in the SOA 24 1.6.2.1 The publish operation 25 1.6.2.2 The find operation 25 1.6.2.3 The bind operation 26 WEBS_A01.qxd 11/12/07 4:30 PM Page vi vi Contents 1.6.3 SOA: an example involving complex services 26 1.6.4 Layers in an SOA 27 1.7 The Web services technology stack 32 1.8 Quality of service (QoS) 35 1.9 Web services interoperability 39 1.10 Web services versus components 40 1.11 Impact and shortcomings of Web services 43 1.12 Summary 46 Review questions 46 Exercises 47 Part II Enabling infrastructure 49 Chapter 2: Distributed computing infrastructure 51 2.1 Distributed computing and Internet protocols 52 2.1.1 Internet protocols 52 2.1.1.1 The Open Systems Interconnection reference model 53 2.1.1.2 The TCP/IP network protocol 55 2.1.2 Middleware 57 2.2 The client–server model 59 2.3 Characteristics of interprocess communication 60 2.3.1 Messaging 60 2.3.2 Message destinations and sockets 62 2.3.3 Synchronous and asynchronous forms of message communication 63 2.4 Synchronous forms of middleware 64 2.4.1 Remote procedure calls 64 2.4.2 Remote Method Invocation 66 2.5 Asynchronous forms of middleware 66 2.5.1 Store and forward messaging 67 2.5.2 Publish/subscribe messaging 69 2.5.3 Event-driven processing mechanisms 71 2.5.4 Point-to-point queuing 73 2.6 Request/reply messaging 74 2.7 Message-oriented middleware 75 2.7.1 Integration brokers 77 2.7.2 The Java Message Service (JMS) 80 2.8 Transaction-oriented middleware 81 2.9 Enterprise application and e-business integration 82 WEBS_A01.qxd 11/12/07 4:30 PM Page vii Contents vii 2.10 Summary 86 Review questions 86 Exercises 87 Chapter 3: Brief overview of XML 89 3.1 XML document structure 90 3.1.1 XML declaration 90 3.1.2 Elements 91 3.1.3 Attributes 92 3.2 URIs and XML namespaces 92 3.3 Defining structure in XML documents 95 3.3.1 The XML Schema Definition Language 95 3.3.2 The XML schema document 96 3.3.3 Type definitions, element, and attribute declarations 98 3.3.3.1 Element declarations 98 3.3.3.2 Attribute declarations 100 3.3.4 Simple types 100 3.3.5 Complex types 101 3.4 XML schemas reuse 101 3.4.1 Deriving complex types 102 3.4.1.1 Complex type extensions 102 3.4.1.2 Complex type restrictions 103 3.4.1.3 Polymorphism 103 3.4.2 Importing and including schemas 104 3.4.2.1 Including schemas 105 3.4.2.2 Importing schemas 106 3.5 Document navigation and transformation 109 3.5.1 The XML Path Language 109 3.5.2 Using XSLT to transform documents 111 3.6 Summary 114 Review questions 114 Exercises 115 Part III Core functionality and standards 117 Chapter 4: SOAP: Simple Object Access Protocol 119 4.1 Inter-application communication and wire protocols 120 4.1.1 SOAP as a wire representation 120 4.2 SOAP as a messaging protocol 121 WEBS_A01.qxd 11/12/07 4:30 PM Page viii viii Contents 4.3 Structure of a SOAP message 125 4.3.1 SOAP envelope 126 4.3.2 SOAP header 128 4.3.2.1 SOAP intermediaries 130 4.3.3 SOAP body 133 4.4 The SOAP communication model 134 4.4.1 RPC-style Web services 135 4.4.2 Document (message)-style Web services 137 4.4.3 Communication modes and messaging exchange patterns 139 4.5 Error handling in SOAP 139 4.6 SOAP over HTTP 140 4.7 Advantages and disadvantages of SOAP 143 4.8 Summary 144 Review questions 145 Exercises 145 Chapter 5: Describing Web services 147 5.1 Why is a service description needed? 148 5.2 WSDL: Web Services Description Language 148 5.2.1 WSDL interface definition 150 5.2.2 WSDL implementation 157 5.2.3 WSDL message exchange patterns 164 5.3 Using WSDL to generate client stubs 168 5.4 Non-functional descriptions in WSDL 171 5.5 Summary 171 Review questions 172 Exercises 173 Chapter 6: Registering and discovering Web services
Load more

Recommended publications
  • ICSOC Phd Symposium 2008
    Hamid Reza Motahari-Nezhad Farouk Toumani Yannis Velegrakis (Eds.) ICSOC PhD Symposium 2008 Co-located with 6th International Conference on Service Ori- ented Computing (ICSOC) Sydney, Australia, 1 December 2008 Proceedings Sponsor: IBM Research, USA Copyright c 2008 for the individual papers by the papers’ authors. Copying permitted for private and academic purposes. Re-publication of material from this volume requires permission by the copyright owners. Preface Service oriented computing (SOC) has rapidly transformed from a vision, in the beginning of the century, to realisation in paradigms such as Web services, Software-as-a-Service (SaaS) and cloud services. While this has provided the industry and practitioners with the opportunities for a new generation of products and services, it has brought forward a tremendous amount of challenges and open issues for researchers. The International Con- ferences on Service Oriented Computing (ICSOC) is a pioneering event for researchers, practitioners and industry leaders to discuss and share the success and achievements in this area. The ICSOC PhD Symposium, as part of the ICSOC conference, is an international forum for PhD students working in the broad areas of service computing, web services and ser- vice engineering to present and discuss emerging research problems and ideas on how to tackle these issues. The forum is intended to bring together PhD students and give them the opportunity to present and discuss their research in a constructively critical atmosphere. The symposium operates in a workshop format, giving PhD students an opportunity to showcase their research and providing them with feedback from senior international re- searchers and peer PhD students.
    [Show full text]
  • Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery V.Prasath K.C.E.T, Department of IT S.Kumarapuram, Cuddalore India 607109
    ©2010 International Journal of Computer Applications (0975 – 8887) Volume 1 – No. 13 Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery V.Prasath K.C.E.T, Department of IT S.Kumarapuram, Cuddalore India 607109. ABSTRACT of descriptions to various services that provide similar service Current trends in performing business-to-business transactions functionality. Automation of dynamic web service discovery is and enterprise application integration have been extended to the made viable by expression of domain specific knowledge [2] [4]. use of web service. With web services being accepted and Today’s systems, and the enterprises in which they reside, are so deployed in both research and industrial areas, the security related complex that even the most capable risk measurement tools are issues become important. Web services security has attracted the unlikely to yield risk values that are much better than rough attention of researchers in the area of security due to the proven indications of relative risk which, we should quickly add, is often fact that most attacks to businesses and organizations exploit web quite good enough in many situations. The problem is that the service vulnerabilities. The main goal of this research is to value of risk, whatever it turns out to be, is likely to be surrounded achieve security concept of the web service can be summarized to by a fairly large but unknown amount of uncertainty. This can this single value. In this paper, we evaluate common security create a dilemma for the decision-maker who must then decide patterns with respect to the STRIDE model of attacks by whether to invest in further safeguards, which will undoubtedly examining the attacks performed in different web services system.
    [Show full text]
  • REST Web Service Description for Graph-Based Service Discovery
    REST Web Service Description for Graph-Based Service Discovery B Rosa Alarcon, Rodrigo Saffie, Nikolas Bravo( ), and Javiera Cabello Computer Science Department, Pontificia Universidad Catolica de Chile, Santiago, Chile [email protected], {rasaffie,ngbravo,jacabell}@uc.cl Abstract. Unlike WSDL/SOAP based services, REST services lack a widely accepted service description since it increases the coupling between clients and servers, hampering service evolution. In practice, REST services are described through informal, ad-hoc and semi- structured documents, often written in natural language, which wors- ens the level of coupling. Most of the few REST service descriptions currently proposed follow an operation-centric approach with unclear additional benefits for developers and consumers. We propose a service description model focused on hypermedia allowing the generation of a graph that captures state transitions in an activity layer;wealsocapture resource, transition, and response semantics in a semantic layer. Using graph queries we traverse the graph and facilitate service discovery and composition. The service model was implemented as Microdata-based annotations, and a JSON description. A prototype was developed using Neo4J, and a set of real Web APIs was chosen to illustrate our approach. 1 Introduction The Web is an Internet-scale distributed hypermedia that provides a uniform way of accessing information through embedding action controls within the infor- mation retrieved from remote sites (i.e. representations). These features have made possible for the Web to evolve from a content-distribution platform to an application platform, and nowadays, to a distributed services platform, where functionality can be integrated into new services for massive consumption.
    [Show full text]
  • 16Th ICCRTS “Collective C2 in Multinational Civil-Military Operations”
    16th ICCRTS “Collective C2 in Multinational Civil-Military Operations” Title of Paper Adapting WS-Discovery for use in tactical networks Topic(s) Primary: Topic 9: Networks and Networking Alternatives: Topic 8: Architectures, Technologies, and Tools, Topic 6: Experimentation, Metrics, and Analysis Name of Author(s) Frank T. Johnsen and Trude Hafsøe Norwegian Defence Research Establishment (FFI) P.O. Box 25 2027 Kjeller, Norway Point of Contact Frank T. Johnsen Norwegian Defence Research Establishment (FFI) P.O. Box 25 2027 Kjeller, Norway [email protected] Abstract The NATO Network Enabled Capabilities (NNEC) feasibility study has identified Web services as a key enabling technology for NNEC. The technology is founded on a number of civil standards, ensuring interoperability across different operating systems and programming languages. This also makes the technology a natural choice for interoperability also in multinational civil-military operations, where a large number of heterogeneous systems need to exchange information. Web services provide loose coupling and late binding, which are desirable properties in such a setting. Discovering available services in an operation is essential, and the discovery process must leverage standards to ensure interoperable information exchange. WS-Discovery is a standard for Web services discovery suited for dynamic environments and civil networks, but has high overhead and is not so suitable for tactical networks. Like the other Web services standards, it uses XML for encoding messages. In civil networks bandwidth is abundant, but in tactical networks XML may incur unacceptable overhead. However, the W3C has created a specification for efficient XML interchange (EXI), which reduces XML overhead by defining a binary interchange format.
    [Show full text]
  • Paper Title (Use Style: Paper Title)
    Federated Single Sign On in Disconnected, Intermittent and Limited (DIL) Networks Marianne R. Brannsten Norwegian Defence Research Establishment (FFI) P O Box 25, NO-2027 Kjeller Abstract—In a military setting resource exchange amongst coalition partners is of great importance. Using SAML2.0 in a II. RELATED WORK Single Sign On scheme in a federated setting can be a solution to Earlier work has shown that it is possible to use Web Web authentication of Web resources. The problem of adding services in tactical networks [15]. Standards “out of the box” security in a potentially disconnected, intermittent and limited might not handle the additional challenges DIL environments (DIL) network environment is the security overhead. In this introduce, but by using specialized proxies, the technology paper tests are performed to measure this overhead, and the could work despite the DIL limitations. This lets us attain the results are evaluated. advantages of SOA using Web services on a tactical level. Keywords—Single Sign On(SSO); Enterprise; Federation; WS- Lund et al. [1] have proved this in their “Delay- and distruption Federation;SAML2.0 tolerant SOAP proxy”. Johnsen et al. [2] have shown that service discovery also can be brought into tactical networks using a discovery protocol translations enabled gateway I. INTRODUCTION solution. Both solutions bring Web services to the tactical In both operations and exercises, NATO needs to connect domain, but none of them are evaluated with use of relevant to coalition partners. FMN (Federated Mission Networking)[8] security standards. The work presented in this paper can by this is defined by NATO to enable information and service be viewed as orthogonal and complementary to this earlier exchange amongst coalition participants in such events.
    [Show full text]
  • Service Discovery in Hybrid Environments
    Service Discovery in Hybrid Environments Sabrina Alam Chowdhury Department of Informatics Faculty of mathematics and natural sciences UNIVERSITETET OF OSLO 01/08/2017 1 2 Service Discovery in Hybrid Environments 3 © 2017 Sabrina Alam Chowdhury Service Discovery in Hybrid Environments http://www.duo.uio.no/ Printed: Reprosentralen, University of Oslo 4 Abstract The thesis topic is based on Service discovery of heterogeneous Web services across hybrid environments. Here it also describes a clear definition of SOA and Web service with different standards to implement those services in different environments. Furthermore an analysis and survey of Web services standards also given in this thesis. An overview also discussed here that how different Web service discovery mechanism solution is currently available to discover services in different environments which include from cloud to non-cloud , non- cloud to cloud and other platforms with some research challenges on service discovery for SOAP and RESTful Web services. A prototype has been implemented as a proof of concept for enabling common service discovery for hybrid environments for different Web services. 5 6 Preface The thesis represents the final product of my master degree in Informatics at the University of Oslo. The work described herein is conducted under the supervision of Dr. Frank Trethan Johnsen and Cand. Scient. Trude Hafsøe Bloebaum. The thesis has been a long journey, and I would not have been able to complete it without the precious help and support given by various people. The learning curve of my career becomes so high, and I got to understand lots of interesting things while working on this thesis.
    [Show full text]
  • Web Service Discovery with Implicit Qos Filtering
    Web Service Discovery with Implicit QoS Filtering Natallia Kokash DIT - University of Trento, Via Sommarive, 14, 38050 Trento, Italy email: [email protected] Abstract. Web Service (WS) discovery is a critical problem hinder- ing web service technology proliferation. The current solution, based on catalog-style browsing, provides no control over the quality of registered services. Application of matching techniques for WS retrieval is still un- der investigation. The objective of this work is the design of a framework to improve WS discovery. Our approach is based on application of dis- tributed recommendation system to provide Quality of Service (QoS) information and on testing of retrieval methods on service specifications. 1 Introduction WS paradigm is a promising model of software technology, based on loosely coupled, distributed and independent services operating via the web infrastruc- ture. To overcome platform and language dependence, services are described using Web Service Description Language (WSDL). Standardized XML-based interfaces help performing service reuse. Service descriptions are cataloged in Universal Discovery, Description and Integration (UDDI) registries. Although there exists a stack of standards to regulate the communication of processes and automated tools to convert legacy applications into web services, WS technology is still not widely used. One of the reasons is the lack of means to support WS discovery, i.e., the identification of existing WSs that can be used by new web applications. This problem is rather extensive and admits various interpretations [4]. Under automated discovery, a requester agent performs service search and evaluates the results. Currently UDDI registries are the dominating technolog- ical basis for WS discovery.
    [Show full text]
  • Web Service: Been There, Done That?
    Wright State University CORE Scholar The Ohio Center of Excellence in Knowledge- Kno.e.sis Publications Enabled Computing (Kno.e.sis) 1-2003 Web Service: Been There, Done That? Steffen Staab Will van der Aalst V. Richard Benjamins Amit P. Sheth Wright State University - Main Campus, [email protected] John A. Miller Wright State University - Main Campus See next page for additional authors Follow this and additional works at: https://corescholar.libraries.wright.edu/knoesis Part of the Bioinformatics Commons, Communication Technology and New Media Commons, Databases and Information Systems Commons, OS and Networks Commons, and the Science and Technology Studies Commons Repository Citation Staab, S., van der Aalst, W., Benjamins, V. R., Sheth, A. P., Miller, J. A., Bussler, C., Maedche, A., Fensel, D., & Gannon, D. (2003). Web Service: Been There, Done That?. IEEE Intelligent Systems, 18 (1), 72-85. https://corescholar.libraries.wright.edu/knoesis/189 This Article is brought to you for free and open access by the The Ohio Center of Excellence in Knowledge-Enabled Computing (Kno.e.sis) at CORE Scholar. It has been accepted for inclusion in Kno.e.sis Publications by an authorized administrator of CORE Scholar. For more information, please contact [email protected]. Authors Steffen Staab, Will van der Aalst, V. Richard Benjamins, Amit P. Sheth, John A. Miller, Chistoph Bussler, Alexander Maedche, Dieter Fensel, and Dennis Gannon This article is available at CORE Scholar: https://corescholar.libraries.wright.edu/knoesis/189 Trends & Controversies
    [Show full text]
  • CICS TS for Z/OS: Using Web Services with CICS Chapter 1
    CICS Transaction Server for z/OS 5.5 Using Web Services with CICS IBM Note Before using this information and the product it supports, read the information in “Notices” on page 635. This edition applies to the IBM® CICS® Transaction Server for z/OS® Version 5 Release 5 (product number 5655-Y04) and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright International Business Machines Corporation 1974, 2020. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents About this PDF.....................................................................................................vii Chapter 1. CICS and web services..........................................................................1 CICS and SOAP web services ......................................................................................................................3 Message handlers and pipelines............................................................................................................4 SOAP nodes.......................................................................................................................................... 12 SOAP messages and the application data structure........................................................................... 12 WSDL and the application data structure............................................................................................15 WSDL and message exchange patterns...............................................................................................16
    [Show full text]
  • Service Oriented Architectures and Semantic Web Processes
    Wright State University CORE Scholar The Ohio Center of Excellence in Knowledge- Kno.e.sis Publications Enabled Computing (Kno.e.sis) 2004 Service Oriented Architectures and Semantic Web Processes Francisco Cubera Kunal Verma Amit P. Sheth Wright State University - Main Campus, [email protected] Follow this and additional works at: https://corescholar.libraries.wright.edu/knoesis Part of the Bioinformatics Commons, Communication Technology and New Media Commons, Databases and Information Systems Commons, OS and Networks Commons, and the Science and Technology Studies Commons Repository Citation Cubera, F., Verma, K., & Sheth, A. P. (2004). Service Oriented Architectures and Semantic Web Processes. https://corescholar.libraries.wright.edu/knoesis/62 This Tutorial is brought to you for free and open access by the The Ohio Center of Excellence in Knowledge-Enabled Computing (Kno.e.sis) at CORE Scholar. It has been accepted for inclusion in Kno.e.sis Publications by an authorized administrator of CORE Scholar. For more information, please contact [email protected]. Service Oriented Architectures and Semantic Web Processes Jorge Cardoso1, Francisco Curbera2, Amit Sheth3 1University of Madeira (Portugal) 2IBM T.J. Watson Research Center (USA) 3 LSDIS Lab, University of Georgia and Semagix, Inc (USA) 2 Service Oriented Architectures and Web Services Semantic Web Processes 2 3 Semantic Web Processes Part 3 Service Oriented Architectures and Web Services 5 Overview z IT for a new business model z Service Oriented Architectures (SOAs). z Web services as an XML based instantiation of SOA. z Protocols. z Metadata. z Discovery. z Composition. z Summary. 5 6 A New Business Environment z Business outsource every non-essential function.
    [Show full text]
  • Web Services: an Architectural Overview
    Web Services: An Architectural Overview Roseli Persson Hansen Cassia T. Santos Sérgio Crespo C. S. Pinto Guilherme L. Lanius Fernando Massen Email:{roseli,cassiats,crespo,speka,ferhr}@exatas.unisinos.br Post-Graduation InterSubjective Program in Applied Computing - PIPCA UNISINOS Abstract ture are described, such as some development plat- forms that are being deployed today. Then the Sec- Web Services represents an architectural structure tion 4 ends with an comparison between architecture that allows communication between applications. and platform proposals. The use of eXtensible Markup Language (XML)- based Technology allows exploitation of services without needing to know what platform or language 2 What is Web Services? was used to create those services. This document aims to offer an overview of the main Web Services are modularized applications that can approaches about Web Services architecture, stab- be described, published and invoked under a net- lishing what are the common points between them. work, commonly being WEB-based. I.e., Web Ser- vices are interfaces that describes an collection of operations that are accessible through the network 1 Introduction by throwing standard XML messages. Web Services allow serivce integration in an fast, effective way Web Services represent an architectural structure ([21, 8]). that allows communication between applications. A Web Service is a software component that in- An service can be invoked remotely or be used to depends on the implementation and platform. It can employ a new service together with another ser- be described using an service description language, vices. Beyond the basic Web Services structure, this published in a registry and discovered by an stan- paper will be presenting some standard technolo- dard mechanism.
    [Show full text]
  • Nist Sp 800-95
    Special Publication 800-95 (Draft) Guide to Secure Web Services Recommendations of the National Institute of Standards and Technology Anoop Singhal Theodore Winograd Karen Scarfone NIST Special Publication 800-95 Guide to Secure Web Services Recommendations of the National Institute of Standards and Technology Anoop Singhal Theodore Winograd Karen Scarfone C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 August 2007 U.S. Department of Commerce Carlos M. Gutierrez, Secretary National Institute of Standards and Technology William Jeffrey, Director GUIDE TO SECURE WEB SERVICES Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-95 Natl. Inst. Stand. Technol. Spec. Publ. 800-95, 128 pages (Aug. 2007) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]