Oxford Computer Consultants

Welcome to the new OCC eNewsletter with its insight into how emerging Information Technology will impact on your business.

Our aim is to inform business managers and technical directors in clear language about topical aspects of IT. Every quarter we’ll explain how businesses are using IT to gain a competitive advantage and improve their business processes. Each article will be supported by case studies outlining how organizations have successfully deployed the technology, and how OCC has been able to help them seize the opportunities the articles outline.

In the next few issues we’ll publish informative articles on quality processes in software design; re-usable user interfaces; database development options in 2006; and how semantics are impacting on web applications.

In this issue we look at web-services, the technology underlying many of the applications which, in addition to allowing e-Commerce to flourish have revolutionized the way we use the web, and that we all take for granted.

Interoperability and Web-Services

What are Web-Services?

In the last decade the world wide web has changed beyond recognition. What was once an academic tool allowing the display of mostly static and often poorly designed websites, with little quality content has been revolutionized by the development of new technologies for dynamic content, the establishment of high quality data sources and the advent of e-Commerce. As individuals, the means by which we run our lives; the way we bank, book our holidays, buy birthday and Christmas presents, and communicate with our friends have all been altered radically over the last decade. Businesses now trade with their suppliers and customers and manage their inventories and logistics over the web. As these applications and needs have developed, so have the technologies with which they are constructed. In particular, the advent of web services has provided a standardised, simple way to access an application remotely.

The World Wide Web Consortium (W3C) defines web services as follows:

“A Web service is a software application identified by a URI, whose interface and bindings are capable of being identified, described and discovered by XML artefacts and supports direct interactions with other software applications using XML based messages via Internet-based protocols.”

URIs (Uniform Resource Identifiers) are a system of uniquely identifying resources, the most common example being the "web address", or URL (Uniform Resource Locator) of a web page.

Web services extend the infrastructure of the World Wide Web to enable software to connect to other software applications remotely, using the same protocol for data transfer, HTTP (Hyper-Text Transfer Protocol), as standard web pages. Web services allow applications to span different languages, operating systems and locations, transferring data and messages seamlessly to and fro.

Interoperability

Wikipedia defines interoperability as

“Interoperability is the ability of products, systems, or business processes to work together to accomplish a common task. The term can be defined in a technical way or in a broad way, taking into account social, political and organizational factors.”

Web services are accessed using ubiquitous protocols and standards such as XML, SOAP and HTTP. The extensive abstraction between the implementation and consumption of the service allows a web service to be implemented in any language, on any operating system, in any location, yet from the consumer's point of view behave in an identical manner to any other web service. This enables applications developed by different companies to communicate with each other in a simple fashion, providing they know what the web services exposed by the other application looks like, allowing them to "interoperate". Interoperability relies on technological standards, published by organisations such as W3C and OASIS, being followed so that disparate systems have enough commonality to communicate with each other.

• XML (eXtensible Mark-up Language), is a text-based language similar to HTML (Hyper-Text Mark-up Language), which can be extended easily to represent arbitrary data structures. Most other standards in web services are based on this.
• SOAP (Simple Object Access Protocol) is an XML format for sending messages, and is used for sending and receiving data from web services.
• WSDL (Web Services Description Language) is an XML format for providing a rigorous description of a web service so that a remote user can deduce how to query it (using SOAP)

Interoperability allows individuals and organisations access to a wide base of published information, allowing data to be easily integrated from multiple sources.

As an example, one can download an API (Application Programming Interface) for Google's web service (http://www.google.com/apis/index.html) that will allow you to do Google searches from within your application, whatever the language you are writing your application in.

Much effort has been put into allowing the rapid development of web services as an integral part of application development. Many new development platforms such as Microsoft's .Net Framework, BEA Web Logic and Sun ONE offer this facility, making web services a simple and cost-effective means of integrating heterogeneous applications.

E-Commerce and Orchestration

The advent of e-Commerce was the driving force in the development of web services, and web services lie behind many of the online shopping, banking and searching applications that we take for granted today. Booking a holiday, for example, can involve the use of many web-services; you check with various airlines for the flight prices and availabilities for your chosen days of travel, select and book the seats online, you then find and book a hotel at your destination, online, and then go through the same process for hiring a car.

It is common for all these functions to be offered at one website; generally behind this will be an engine which orchestrates the calls to the various web services offered by the airline, the hoteliers and the car-hire company which are necessary to provide a seamless service to the user. This can include complex business logic (for example, cancelling the holiday will imply initiating actions to cancel the hotel, airline tickets and hire car, each of these actions being with a different company), and a range of software to build processes with this logic has been developed, such as BPEL4WS (http://www-128.ibm.com/developerworks/library/specification/ws-bpel/) and Microsoft Biztalk Server (http://www.microsoft.com/biztalk/default.mspx). This technology is known as service orchestration or service choreography. This topic is still in evolution, and in the process of being standardised.

Security

The communication protocol, SOAP, used by web services does not define security protocols as it can be sent to its destination by many modes of transport, and so security was not originally fully integrated into the development environments of web services. This has since been rectified with efforts such as WS-Security, which provides a number of extensions to SOAP to deal with these issues. The objective of security technologies is to provide a trusted and convenient environment where transactions, communication and other business can be carried out safely. Security falls into several categories, below:

• Authentication is proving to the web service that the user is who he claims to be. This is usually done by the user providing some credentials. This is commonly a user name and password, but other schemes including certificate-based authentication using public-key cryptography and authentication integrated with Windows log-on exist.
• Authorisation is establishing whether the user, once authenticated, has the rights to access a certain piece of data or service. Windows uses Access Control Lists (ACLs) to protect resources such as files from un-authorised access.
• Confidentiality is ensured by encryption of data transmitted, received or stored by the web service.
• Integrity is ensuring that messages sent and received by the web service have not been tampered with in any way.

Discovery of Web Services

There are a vast number of web services available, but how does one discover the existence of web services, their URI and their interface? There are two complementary methods.

UDDI

UDDI (Universal Description, Discovery and Integration) is analogous to a "Yellow Pages" for web services. A UDDI Server can itself be exposed as a web service, and offers facilities for web services to publish all the information necessary for potential users to work out how to use them, in addition to the description of what the service does, who operates it and its interface in the form of a WSDL.

DISCO

DISCO (Discovery of Web Services) provides a means to discover and retrieve WSDL descriptions of web services on remote machines. A discovery document is sent to the remote server and if any web services exist, a WSDL document will be retrieved. This method relies on knowing the location of the remote server, so is less versatile than UDDI.

Other Applications of Web Services

Legacy Systems

The advent of web services provides us with opportunities to prolong the life of legacy systems. Perhaps there is a key database or business application that contains critical information which needs to be made available to another application, to an intranet or even to the internet in general? Rather than having to re-engineer the entire application, providing a web service interface to the legacy application enables it to be seamlessly used by applications in any language, and on any machine that has the appropriate permissions to access the appropriate URI.

UI / Business Logic Separation

A common use for web services is to provide a level of abstraction between the user interface and the underlying business logic. A common application configuration is to have a data store (for example a database) being operated on by some code representing a higher level business logic. This in turn is then accessed by a user interface. By containing the business logic within a web service we can be certain that we can re-use this code for both thick-client and thin-client development. Again, this is because we know that web services can be accessed remotely, web applications can call them in exactly the same way as thick Windows clients.

OCC Case Studies

OCC has been involved in web services development since their first appearance with a coherent SDK(Software Development Kit) in the .Net Framework 1.0 in 2002. Since then we have written a number of web services for tasks as diverse as a distributed calculation system, web access to local authority databases, and research into future web technologies.

Replacing Spreadsheets

In5D (http://www.indeva.com/in5d-edm/) is an Enterprise Decision Management system designed to replace the spreadsheet in the modelling of the future revenues and profits of large corporations. The database that stores the model is exposed to the user interface via a web service, to fulfil a requirement that the database can be accessed remotely, and by many concurrent users. The application also allows the calculation of the values of large models to be distributed onto many machines, with the machines communicating using web-services.

Web Services Enable e-Government

OCC is writing a database for use by organisations that provide services to vulnerable people. Typical services are women's refuges, counselling services for alcoholics and homeless shelters. These organisations are typically run on a tight budget, and the application is designed so that it can be accessed over an internet browser without installation of any software on the client machine. These organisations, "Providers", have to report statistics on use, budget and performance to their local authority. PSOCC, Supporting People software for Providers, uses a web services interface on the local authority database, PSOCC (http://www.oxfordcclg.co.uk/psocc.html), to transmit this information.

Exchanging Information With Legacy Systems

The TERREGOV Project (http://www.terregov.eupm.net/) is a European Union funded project devoted to enabling e-Government services, including legacy systems, to interoperate using web-services. Above and beyond web-services this project focuses on providing a common semantic description of e-Government services across the European Union and across language barriers to enable requests for services to be made in a natural way, creating frameworks in which privacy laws (for example medical confidentiality and the UK Data Protection Act) can be enforced easily, and providing building blocks which other web services can use. This is written in an open-source environment using Java-based technologies.

Top

What is OCC?

The purpose of OCC (http://www.oxfordcc.co.uk/) is to create original, robust and flexible IT solutions. Our aim to add value to customers' businesses by enabling them to grasp the opportunities of information technology and the Internet. In so doing, we aim to give our staff challenging jobs and competitive rewards. We work in the IT field because we enjoy the technology, because we’re good at it and because we can see the positive impact IT has on both business and society. We aim to achieve our purpose by:

• recruiting and retaining highly skilled staff. We believe that the intelligence and skill of our developers is one of our competitive advantages,
• working closely with our customers. It is always our aim to allow any prospective client to contact any of our previous or on-going clients for a reference,
• using our results and reputation to win repeat business and generate new business. We believe that our reputation should speak for itself and that people should use us because they have heard of our reputation; and
• undertaking leading edge R&D because this is the life blood of innovative companies. This ensures that we have expertise in emerging as well as current software technologies.

Read our Company Profile (http://www.oxfordcc.co.uk/Doc17747.html) .

What Does OCC Do?

OCC promotes itself as having a strong ability to grasp a client’s business needs and to use technology to “add value” to client processes. Our strengths are reflected in the quality of our development staff, our high levels of repeat business (over 93% of clients buy again from OCC), and our knowledge and experience in specific sectors such as energy, engineering, local government and health.

OCC’s Services and Expertise

Software Services

A complete range of design, development and support services for:

• Custom software applications;
• Re-engineering of software in legacy applications; and
• Content Management System based web sites and web applications based on standard and emerging web services technology.

Business Sectors

Over 16 years of experience, reference sites and testimonials from our customers in:

• Energy and Oil; (http://www.oxfordcc.co.uk/Doc18197.html) Environment (http://www.oxfordcc.co.uk/Doc18183.html) ;
• Public Sector (http://www.oxfordcc.co.uk/Doc20351.html) (including Local Government and the NHS);
• Blue chip companies such as Canon and National Grid; and
• Innovative SMEs in all sectors.

Technologies

All mainstream and emerging technologies including:

• Database applications;
• Mathematical modeling software with graphical outputs; and
• Web applications based on Content Management technologies, web services and the semantic web.

Socially Responsible Business Practice

Oxford Computer Consultants adheres to socially responsible business practice. The company has formal environment and ethics policies that are communicated to all staff.