News Stay informed about the latest enterprise technology news and product updates.

WS-Policy on SOA fast track, W3C approval this summer

WS-Policy, which has been in the W3C process since April, is progressing quickly towards the goal of becoming an approved W3C standard in the coming year.

Part two of our look at emerging SOA standards for 2007 covers WS-Policy, which has been in the W3C process since April. Part one covered the current status of Service Component Architecture (SCA) and Service Data Objects (SDO) as the specifications move toward maturity and inclusion in a standards process in the coming year.

WS-Policy is the missing link in SOA, according Toufic Boubez, CTO for Layer 7 Technologies Inc., and the good news is that by the end of 2007 it may not be missing anymore.

Everybody is working very hard because its recognized that policy is the missing link to make things work interoperably in SOA.
Toufic Boubez
CTOLayer 7 Technologies Inc.

Boubez, who is one of the editors working to move WS-Policy through the adoption procedures in W3C, says he has never seen a standards body process work more effectively and efficiently. The members of the W3C working group are driven to complete their task as soon as possible because they share a belief that the policy standard is the missing link in SOA, he said.

Asir Vedamuthu, technical diplomat for Microsoft, echoed that sentiment.

"I think people understand how critical this is and that we need it now," he said.

The Web services governance specification supported by rival vendors IBM and Microsoft was accepted into the W3C process this past April. The first working draft of WS-Policy 1.5 was published in July and final working drafts were published in November.

The current schedule published by the W3C calls for Candidate Recommendation drafts to be published in March 2007 and Proposed Recommendation drafts to be published in July 2007. The W3C Recommendations would be published in August 2007. If approved by W3C member voters, WS-Policy, which floated around as a vendor specification for three years before W3C took it on, would finally become an official standard.

Members of the W3C Web Services Policy Working Group are meeting weekly to achieve that goal, Boubez said, and he is confident they will make it.

"Everybody is working very hard because its recognized that policy is the missing link to make things work interoperably in SOA," he said. "It will provide a framework for different entities that participate in an SOA, whether it's a service or a service consumer, or an intermediary, will have a framework to exchange their constraints and their capabilities."

For more information
The WS-Policy Story

SOA standards SCA and SDO homeless for holidays

Boubez offers an example of how it will work in a security for SOA.

"If you're writing services and you're building an SOA, the only interoperable things are the service APIs through WSDL and the service message through SOAP," he explained. "If you want to write any kind of security for credentials, confidentiality requirements or privacy requirements, there's no way for those systems to interoperate without programmers sitting down and talking to each other and then writing that in code. What WS-Policy gives you is a framework for all these things to be automated."

He said it will work somewhat like the way Secure Socket Layers (SSL) works between the Web browser and the server to resolve security issues.

Once the WS-Policy framework becomes the standard, he believes 2007 will mark the year SOA begins to achieve its promise.

Dig Deeper on Topics Archive

Boubez: SOA virtualization, SLAs and access control policy In part 1 of this interview with Toufic Boubez, chief technology officer for XML networking vendor Layer 7 Technologies Inc., he said the WS-Policy standard work at W3C is complete and that standard is being implemented. In part 2, he explains that there is still work to be done on specifications for policy languages expressing access control and service level agreements (SLAs) within WS-Policy. Boubez, co-author of the original UDDI specification, worked as an editor on the W3C working group that completed the WS-Policy specification this past summer. Now he is working informally with other vendors to provide the security, access control and federation specifications for SOA. He also discussed virtualization as it related to SOA.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchSoftwareQuality

SearchAWS

SearchCloudComputing

TheServerSide.com

Close