Web services are programs that run on internet and requires integrated platform to run the various client and server apps. Web Services and integration (WS-I) represent the programs easily accessed by highest number of viewers, where all the programs should be interoperable and highly secure to thwart any internet-based security issues. For example – the app made in Dot net should run on Java. These are typically programs or APIs that are accessed on HTTP and executed through remote system hosting. The programmer and the user, integrate through the systems using message exchanges. A number of programming languages provide various methods of the execution for these services, widely used in applications such as CRM, ERP etc.
Most preeminent programming models have interoperability between apps to enhance reusability, where message schemas (XML –based) are standards used for exchanging messages. E.g. Web services can be integrated using applications – Enterprise Application Integration (EAI) which integrates the legacy software with organization with a worldwide view. CROS Organization Integration - B2B allows partners to work together through internal system.
Frameworks for WS-I (Web Service Integration)
COBRA framework is widely used for integration purpose. It is based on large and complex methods requiring installation and support where the WS uses HTTP and XML.
SOAP includes XML, HTTP, and JSON, and is based on RPC. It uses lightweight programming to exchange information across distributed environment. WSDL is used for interface specification and UDDI for directory.
Representational State transfer (REST) is the one of the approach which uses the mechanism of Horizontal Protocols E.g. World Wide Web that is system of interlinked documents. This can be based on hybrid style and network based architecture, where a single connector interface can be present. Such system allows the client to access the codes and simplify implementation.
Risks of Integration
SOAP faces a number of security issues such as distributed system risk where the web application can be disrupted by malicious attacks and most network firewalls are unable to detect such risks. Message risks exist where the document or data can be viewed by a variety of intermediaries from different geographical locations and technical domains.
REST offers basic integration but the security can be low and a standard support is needed for the program to function on different platforms.
The risk involves the disruption and denial of services where the attacker can access services at network levels to make it vulnerable.
Security is still the area of concern and a number of works are going on across the world to enhance security and develop standards to prevent such risks.
These net based services are based on interoperability and there are many services which are not directly controlled by an organization. In such conditions, limited ability to handle the whole system can lower assurance and confidence in security overall. To promote defense, a process to monitor all the web services is needed but there are not many such services which can be audited or identified by all the other systems to restrict risks completely.
For more information contact Mont Digital on www.montdigital.com or email info (@) Montdigital.com