Web Service technologies are fundamentally changing the software industry, and redefining the process by which software is developed, sold, and managed. Web Services are also being hailed by CEOs, CIOs, and CTOs as the next-generation vehicle for driving top line growth and controlling bottom lines. However, simply jumping on the Web Services bandwagon won’t lead to corporate success.

Web Services will have a significant impact on established business processes and operations. Those companies that jump headfirst into Web Services without first planning for these changes will fail to realize the true value of this technology.

The anybody-to-anybody characteristic of Web Services enables new as well as more fluid business relationships. Although the business benefits of using Web Services are clear, this new technology also presents numerous challenges and risks within traditional enterprise environments.

Web Services and the Enterprise
Why will IS departments that have demanded control over all aspects of enterprise applications adopt a distributed and shared software architecture that moves administrative control over various parts of applications outside of the enterprise? The runtime characteristics of Web Services-based applications will have critical dependencies upon remotely hosted and remotely managed external businesses. This is a severe departure from the centrally controlled as well as the guaranteed predictability and reliability that have become the hallmarks of enterprise software and the IS departments that manage them.

Moreover, Web Services expose critical application interfaces and operations and make them accessible through HTTP traffic. Each of these hundreds and thousands of operations represents a potential security problem. Instead of hiding information about how to access and use each of these operations, Web Services publish this information via WSDL files. Additionally, since the messaging format used by Web Services is XML, each of the data fields are self-describing and highlight to hackers the means by which to interact with each service.

Enterprise IS departments will find themselves in the middle, responsible for reconciling the business benefits with the risks of adopting Web Services within the enterprise. In an effort to gain a controlling foothold over risky and potentially harmful Web Services traffic, IS departments will insist on controlling with which Web Services an enterprise application can interact. A misbehaving Web Service will simply be cut off from interacting with any enterprise applications; such cut offs may even be pre-emptive if there is a history of problems or a perception of a threat.

To accomplish this, IS will take on a more strategic role within enterprises and will align itself more closely with individual business units. Business decisions by these units, such as the partners from which to source components, will have to be cleared by IS if those partners’ Web Services will interact with the company’s applications.

This will have major ramifications for enterprise application architectures. Applications will support dynamic and swappable Web Services – hardwired Web Service invocations will no longer suffice. IS will use management environments to deploy enterprise-wide policies for Web Services that will monitor and strictly enforce the Web Services applications can use.

There is no doubt that the uptake of Web Services within the enterprise will require changes. Many of these changes will be to established procedures and existing policies that have been supported by years of experience. Nonetheless, the potential benefits – both financial and strategic – to adopting Web Services are sufficiently large to justify such changes.

Sandeep Chatterjee
Some material in this article are from various chapters of Developing Enterprise Web Services: An Architect’s Guide by Sandeep Chatterjee, Ph.D. and James Webber, Ph.D., ISBN 0-13-140160-2, copyright 2004. All rights reserved. These materials are used with permission from Prentice Hall PTR.

Page(s)   1  2