Services for which information is distributed through a communication network are generally referred to as network services. So-called “web services” are an example of network services, and represent the next generation of web-based technology being used for automatically exchanging information between different applications over the public Internet network.
Web services are the framework for building distributed web-based applications over the Internet. Web services generally follow a Publish-Find-Bind communication model. In this model, a service description is published by the service provider into a registry, the service is found in the registry by potential service consumers, and a binding is made between a service consumer and the service based on the service description found in the registry. In the Web services context, web server resident applications are described using the standardized Web Services Description Language (WSDL), and published to a Services Registry using Universal Description, Discovery, and Integration (UDDI), and binding (service invocation) between service provider and consumer is made with Simple Object Access Protocol (SOAP).
A web service is an interface that describes a collection of operations that are network-accessible through standardized eXtensible Markup Language (XML) messaging. SOAP, a standardized messaging protocol, is typically used to access a web service. A web service performs a set of tasks that are described using a standard formal XML notation, called the service description. The service description of a web service includes the service location, the transport protocols that should be used to access the service, and the message formats and sequences the service expects when communicating with its consumer.
Web services provide a new way to distribute applications and data over the Web. Applications are built with pieces of code and data, web services, that may come from anywhere in the public Internet. An international order processing system may be built, for example, using one company's currency converter and another company's tracking system. Web services also enable different types of computer systems, having different hardware platforms, operating systems, and/or development platforms, to “speak” the same language. Current web services technology is in fact a collection of XML-based standards that provide for passing information between end-point applications, in the format of XML documents.
Web services have already proven themselves successful in the enterprise private network space, gaining rapid acceptance as the standard way for applications to communicate. Most current web services, however, are hosted by application servers which are located behind firewalls in corporate enterprise networks.
Efforts to support web services interactions within and beyond the enterprise space over the basic Internet infrastructure have concentrated on ad-hoc approaches. According to one approach, different enterprises between which web services were to be offered had to agree on using compatible applications, common proprietary software, custom interfaces and APIs, and common communication protocols. Enterprises also had to agree on data security and the way any secure communications were to be managed. In addition, each enterprise had to open their internal firewalls to let business traffic flow between applications in a point-to-point manner.
Adding new web services business partners in an enterprise environment has always been a difficult and time consuming process, since any potential new business partners tend to have different sets of rules and standards. Modifications to a new partner's applications and custom code revisions to the enterprise offering the new applications are often required.
There are currently no known management solutions for managing public and private network services in an extranet web service architecture, targeting a communication network provider's space as opposed to enterprise space. For example, although XML Virtual Private Network (VPN) devices exist, these devices are intended for implementation in enterprise networks behind firewalls. In the case of a communication network provider taking on the task of managing enterprise equipment, so as to offload from the enterprise the management of enterprise network services which are offered outside the enterprise, hardware problems with enterprise equipment would require corrective action by the network provider, which may become costly and time consuming.
Existing software-based security products which address the enterprise market do not scale to the requirements of the provider network edge, where a large number of enterprises with various policy/security/admission control requirements might wish to provide web services through the same network. Enterprise-class products, including server-based architectures and hardware XML devices, also do not typically satisfy the high availability and speed requirements of communication network provider edge equipment.
A network-based provider-managed Web services extranet service is desirable because it allows enterprises to offer and consume web services with minimal capital expenditures, minimal integration effort, and trusted service management. Enterprises need not construct the extranet service themselves, but use the operator's infrastructure and assistance for business-to-business transactions over the Web.