The role of Web 2.0 in service-oriented architecture (SOA) is usually associated with the now commonly prevalent notion of rich service consumer ecosystems powered by rich Internet apps (RIAs) enhancing the reach and applicability of SOA, wherein the service providers are considered as primarily driving the backend systems in SOA style. However, the emerging trends in the interplay of SOA and Web 2.0 promises to be deeper with wider implications for enterprises. This conviction of deeper enterprise entrenchment of the Web 2.0/SOA linkage appears from multiple trends we are observing in the enterprise context.
The first trend we observe is a maturing of mashups, the killer apps moving from the first generation data aggregation focus to more mature enterprise-oriented mashups Serena Mashup Composer and like products are giving a new spin to mashups by evolving the paradigm of "business mashups." These mashups are focused on business-centric process and logic functions including enterprise resource planning (ERP), supply chain management (SCM) and customer relationship management (CRM) applications.
Likewise, yet another trend coming from the business process management (BPM) school of thought, is the focus on usage of lightweight Web 2.0 based models for providing a lightweight interaction model for BPM systems. In this context, the linkage between Web 2.0 and SOA has the potential to be the right enabler for lightweight Web2.0-SOA-BPM models.
While the above mentioned trends are welcome from an enterprise perspective, there is one serious cause of concern which might be the biggest stumbling block in the realization of this enterprise vision of Web 2.0/SOA linkage – namely the issue of standardization. While Web 2.0 is all about lightweight models and the evolution of the Web as a universal platform, unfortunately the current platform trend is that of emergence of a few big platform players with proliferation of individual custom mechanisms and APIs for mashup developers. This lack of standardization has the potential to be the single biggest threat to penetration of Web 2.0 into enterprise via business mashups, due to the dependence on the few proprietary APIs/languages offered by these big ticket platforms. There exists a serious threat of platform lock-in leading to higher long-term costs of maintaining such software systems and the inherent complexity of the underlying technology reducing overall development productivity.
SOA success in the enterprise, especially in context of back end enterprise integration, has been due to the penetration of the WS-* core standards stack into the enterprise. Notwithstanding the debate on standards like SOAP being heavyweight versus Web 2.0 standards like REST being lightweight, the need for standardization while retaining the lightweight nature of interaction models in Web 2.0 should be highlighted. The standardization efforts in Web 2.0 are still to pick up momentum, though initial efforts are on at W3C and OpenAjax Alliance. From richer standards within the lightweight models, some candidates for standardization in Web 2.0 include metadata within RSS/ATOM/JSON, standards for common data elements, standards for non-functional requirements like security in REST interactions, etc.
The standardization need for non-functional requirements for Web 2.0 interactions is often understated. The lightweight interaction models based on REST services, RSS/ATOM and JSON in Web 2.0 are open invitations to security threats and vulnerabilities. The need for creation of standards for all the security requirements in the Web 2.0 interaction models like REST is vital for enterprise adoption. The minimal usage of HTTP mechanisms advocated by REST has prompted either reliance on inadequate lower level techniques like transport layer security (TLS) and/or proprietary mechanisms like ones offered by big ticket mashup platforms. Both approaches have inherent disadvantages in either being incapable of handling the emerging Web 2.0 threats or getting locked into proprietary techniques.
Thus we issue a clarion call to standardize the diverse enterprise requirements in the Web 2.0 world ranging from functional business orientation requirements (for client side Web 2.0 style composition) right through to non-functional requirements (like security). The key is to maintain the basic tenets of Web 2.0 in terms of Web as the platform and lightweight interaction models, however with extensions for standards to be incorporated to enable enterprise adoption. Until this happens the Web 2.0–SOA interplay penetration in enterprises will continue to be dominated with proprietary platforms and shall elude the mainstream vision of truly end-user facing Web-based lightweight interaction model based approach to enterprise business computing.
About the author
Dr Srinivas Padmanabhuni is a principal researcher with SETLabs, the research arm of Infosys Technologies Ltd. He specializes in Web services, enterprise architecture and Semantic Web alongside pursuing interests in Web 2.0 and BPM. He has widely published and spoken on the topics of SOA and Web services. He can be contacted at Srinivas_p@infosys.com.