yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Computing
Conference & Expo
November 2-4, 2009 NYC
Register Today and SAVE !..

2008 West
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
Red Hat
The Opening of Virtualization
User Environment Management – The Third Layer of the Desktop
Cloud Computing for Business Agility
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Return on Assests: Bringing Visibility to your SOA Strategy
Managing Hybrid Endpoint Environments
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
How Can AJAX Improve Homeland Security?
Beyond Widgets: What a RIA Platform Should Offer
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
In many cases, the end of the year gives you time to step back and take stock of the last 12 months. This is when many of us take a hard look at what worked and what did not, complete performance reviews, and formulate plans for the coming year. For me, it is all of those things plus a time when I u...
The WS* Standards - A Primer
What's coming — and what might be gone

Over the past couple of years, several technology vendors have defined a comprehensive set of specifications that, when complete, will provide an infrastructure for enterprise-class Web services interoperability. The names of these specifications generally begin with "WS-", so the group of them is sometimes referred to as WS* (pronounced "WS Splat").

This article identifies the important WS* standards, briefly defines those that have not yet achieved mass-market acceptance, and describes the current state of development for each. At the end, we offer our view of each specification's relative market importance.

We will use Figure 1 to structure the discussion. Note: "Composable" means that items are independent, and can be plugged together (or not) with relative ease. "Composable Service Elements" means that developers can add security, reliable messaging, and transactionality to their Web services in any combination.

1.  Transport Level

  • HTTP/HTTPS: Currently at version 1.1.
  • SMTP: Far less prevalent for Web services usage than HTTP. Worth considering for specific business applications.
2.  Messaging Level
  • XML (including XML, XSL, XPath, etc.): Currently at version 1.0, although v1.1 is a Proposed Recommendation.
  • SOAP: Currently version 1.1 is most widely deployed, although v1.2 has recently become a W3C Recommendation.
  • Attachments for SOAP: There are two important specifications around SOAP Attachments: SOAP with Attachments (SwA) and Message Transmission Optimization Mechanism (MTOM). A third specification, DIME, has recently lost its momentum and is therefore no longer particularly significant.
    - SwA: Currently available for both SOAP 1.1 and 1.2, SwA is by far the leading mechanism for handling attachments in Web services. However, it will likely be supplanted by MTOM.
    - MTOM: Some vendors are going straight to MTOM without supporting SwA. MTOM appears to be the important Attachment specification for the future (late 2004 and beyond).
  • WS-Addressing: This specification abstracts WS endpoint references away from the transport and messaging infrastructure, allowing them to be specified independently of the transport system. It is currently still private, and has not yet caught on significantly in the marketplace.
3.  Description Level
  • WSDL: Currently at version 1.1, with v2.0 in progress at W3C.
  • UDDI: Very important in the marketplace, although relatively few companies have actually deployed it. This spec is currently at version 2.0. However, v3.0 is already complete at the technical committee level and should supplant v2.0 shortly.
  • WS-Inspection: Once a potential complement and/or competitor for UDDI, this private specification appears to have lost steam.
  • WS-PolicyFramework (includes WS-PolicyAssertions and WS-PolicyAttachments): Currently a private specification, WS-Policy allows a Web service to specify exactly how it wants to be called. For example, a service might allow either Kerberos or X.509 authentication, but prefer Kerberos. We believe that this specification will become important and widely used over time.
  • WS-MetadataExchange: A new, private specification that allows a Web service client to easily get the policy, schema, and WSDL information about another Web service. Likely to grow in importance.
4.  Reliability
There are two competing efforts to ensure reliable transmission among Web services: The first is private, and is called WS-ReliableMessaging. The second is WS-Reliability, which is currently in OASIS. The jury is still out on which specification will achieve market prominence, or how the two might cooperate.

5.  Security

  • WS-Security: Already at an advanced stage within OASIS, WS-Security will continue to mature in 2004.
  • Other important security specifications: All of these are currently private. All are likely to be important, probably by late 2004.
    - WS-Trust: Using Tokens to establish trust in a conversation
    - WS-SecureConversation: Gives the same security to a long-running conversation that WS-Security gives to a single message
    - WS-Federation: Decentralizes control over trust, authentication, and authorization
    - WS-SecurityPolicy: Allows specification of specific security policies within the WS-Policy framework.
6.  Transactionality
  • Multiple competing frameworks: None of these have real market traction yet. One major private initiative is called WS-Transaction. A competing effort is WS-Composite Application Framework, currently in OASIS.
  • WS-Transaction: Describes coordination among distributed application components. It is made up of three sub-specifications: WS-Coordination, WS-AtomicTransaction (WS-AT), and WS-BusinessActivity (WS-BA).
    - WS-Coordination: Extensible framework for coordinating actions of distributed applications. This is the basis for transaction management (see next 2 sections).
    WS-AtomicTransaction: For managing tightly linked distributed transaction components using classic two-phase commit protocol.
    - WS-BusinessActivity: For managing transaction coordination between looser-knit components that may not be completely under the coordinator's control.
  • WS-Composite Application Framework (WS-CAF): An OASIS-sponsored effort. Its stated purpose is "to propose standard, interoperable mechanisms for managing shared context and ensuring [that] business processes achieve predictable results and recovery from failure." It includes the following:
    - Web Service Context (WS-CTX): Lightweight framework for simple context management
    - Web Service Coordination Framework (WS-CF): Sharable mechanism to manage the life cycle of composite application messages
    - Web Services Transaction Management (WS-TXM): Supports three protocols across transaction managers (two-phase commit, long-running actions, and business process flows)
7.  Service Composition
  • WS-BPEL: The de facto standard and state of the art for specifying Web service-based business process orchestration. Currently in OASIS, this specification is likely to emerge as a standard in late 2004.
  • Additional work is ongoing in W3C in the Web Services Choreography Working Group, which is drafting a more abstract definition of Web services-based business process components. A requirements document is complete, but this will take a long time to develop into something meaningful in the market.
8.  WS-I
  • The WS-I Basic Profile 1.0 (BP1.0) defines interoperability guidelines for XML, XML Schema, SOAP, WSDL, and UDDI. This standard is critical to the industry. Both Gartner and Forrester/ Giga recently began recommending BP1.0 conformance to most customers seeking Web services guidance.
  • BP1.0 is undergoing amendments for attachment processing, allowing multiple technologies.
  • WS-I expects to release the Basic Security Profile 1.0 (BSP1.0) in July 2004, which will define proper usage of WS-Security. This will also be an important conformance milestone.
  • Additional future WS-I profiles are not yet defined, but they are likely to follow the same prioritization as that described by this article.
9.  Management
OASIS is developing WSDM, the only major WS management standard candidate in the marketplace. Version 0.5 is expected in March, and v1.0 in June. Initially, WSDM will include two specifications. The first is MUWS (Management Using Web Services), which defines a generalized model of how to manage any resource with Web services. The second is MOWS (Management of Web Services), which adds to MUWS the specifics required to manage resources that are Web services.

10.  Portal
WSRP (Web Services for Remote Portlets) is a recently approved OASIS standard. It defines a framework for portlets based on standard Web services interfaces. The specification seems to have picked up market traction.

WS* Prioritizations
Following is our view of the relative market importance of each of the specifications mentioned here. If you are involved with Web services, we believe that Priority One items are absolutely required now. You should be working on Priority Two implementations, and planning for Priority Three. Priority Four items should be watched with interest.

Priority One

  1. HTTP v1.0 and/or v1.1
  2. XML (including XML Schema, XSL, XPath, XQuery)
  3. SOAP v1.1
  4. WSDL v1.1
  5. UDDI v2.0
  6. WS-I Basic Profile 1.0
  7. WS-BPEL
Priority Two
  1. SOAP v1.2
  2. SOAP Attachments: SwA and/or MTOM
  3. WS-I Attachment Profile 1.0
  4. WSDL v2.0
  5. WS-Security
  6. SMTP (as required)
Priority Three
  1. UDDI v3.0
  2. WS-I Basic Security Profile 1.0
  3. WS-Policy
  4. WS-ReliableMessaging or WS-Reliability
  5. WSDM
  6. WSRP
Priority Four
  1. WS-Addressing
  2. WS-MetadataExchange
  3. WS-Trust, WS-SecureConversation, WS-Federation, WS-SecurityPolicy
  4. WS-Transaction OR WS-Composite Application Framework
  5. WS-Choreography
About Andrew Astor
Andy Astor is co-founder, president and CEO of EnterpriseDB. Prior to EDB, he was a vice president at webMethods, Inc., where he was responsible for technical marketing, corporate acquisition integration and standards leadership and evangelism. While at webMethods, he was elected twice to the Board of Directors of the Web Services Interoperability Organization (WS-I), and he served as that organization's Marketing Chair. A frequent speaker at industry conferences, Andy is also on the International Advisory Board for SOA Web Services Journal.

About Prasad Yendluri
Prasad Yendluri is principal architect at webMethods with a focus on Web services and the related standardization efforts. Prasad represents webMethods in W3C, OASIS and WS-I and is currently serving as editor of WS-I Basic Profile and WS-BPEL specifications. He was also lead architect for and coauthor of the RosettaNet Implementation Framework 2.0 and co-author and contributor to the ebXML Messaging Specification. Prasad has published several papers on Web services, recently on Web services reliability and Web services choreography.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

XKMS is also missing.

This is really good article. I am also looking at the Web Services Standards information. I was wondering why the specifications like XML Encryption, Digital Signature, SAML, XACML, XrML etc. are missing from the priority lists.

I would appreciate the quick response to this one as this will help me in understanding the standards better.


Your Feedback
manoj juneja wrote: XKMS is also missing.
manoj juneja wrote: Hi, This is really good article. I am also looking at the Web Services Standards information. I was wondering why the specifications like XML Encryption, Digital Signature, SAML, XACML, XrML etc. are missing from the priority lists. I would appreciate the quick response to this one as this will help me in understanding the standards better. Regards, manoj.
SOA World Latest Stories
When building large, cloud-based applications that operate at a high scale, it’s important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. “Fly two mistakes ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand usin...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and sy...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portabil...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is founda...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder an...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)!

Advertise on this site! Contact advertising(at)! 201 802-3021

SYS-CON Featured Whitepapers
Most Read This Week