The SOA Magazine

Checking up on the Standards: Introducing the Big SOA Grid
by Robert Schneider and Chris Riley

Download this article as a PDF document.

Introduction

Architects and developers attempting to design, implement, and maintain a Web services-based service-oriented architecture face a bewildering array of standards and specifications. To make matters worse, these guidelines are managed by different standards bodies, and sponsored by an ever-changing array of vendors. Finally, they all continually evolve over time, adding extra complexity to the equation.

The Big SOA Grid is our humble attempt at providing a comprehensive, up-to-date snapshot of all the major standards that you need to be aware of when planning or maintaining your service-oriented enterprise. You'll find the following helpful details about each major specification:

•   the category to which the standard belongs, including:
    -   Data Definition
    -   Data Transformation & Extraction
    -   Interoperability
    -   Management
    -   Messaging
    -   Orchestration
    -   Registry
    -   Security
    -   Service Description
    -   Transactions
•   the standards body responsible for the specification
•   a link to the standard
•   the date of the standard
•   the standard's current revision
•   the primary contributing organizations
•   a brief summary of the standard and related notes

And since everything is constantly in flux, we'll soon be maintaining this helpful list at BigSOAGrid.com. If you have any questions or corrections, please contact us at info@bigsoagrid.com. And if you’d like to be notified of updates to the grid, please send an email to subscribe@bigsoagrid.com. Stay tuned, because in the near future we’ll be adding links to useful tutorials, as well as providing a comprehensive list of vendors that offer products for each standard. Be sure to also check out SOASpecs.com [REF-4] an established portal to most of the specifications listed below.

A Snapshot of the Current Standards World

MTOM
Category	Messaging
Standards Body	W3C
Version	1.2 (Recommendation)
Status	http://www.w3.org/TR/soap12-mtom/
Date	January 25, 2005
Contributors	Microsoft, IBM, BEA, Canon
Notes	MTOM, the Message Transmission Optimization Mechanism, has developed into an important standard intended to deal with many of the performance issues that have plagued Web services-based applications due to the overhead imposed by standard XML parsing and processing. MTOM essentially provides a mechanism for specifying pass-through elements in SOAP header and body sections as well as MIME attachments.

SAML
Category	Security
Standards Body	OASIS
Version	1.1
Status	http://www.oasis-open.org/committees/download.php/3400/oasis-sstc-saml-1.1-pdf-xsd.zip (1.0) http://docs.oasis-open.org/security/saml/v2.0/saml-2.0-os.zip (2.0)
Date	August 28, 2003 (1.0) February 28, 2005 (2.0)
Contributors	Sun, RSA, Netegrity (1.0) Enosis Group LLC, PA Consulting, RSA, Sun, NTT, NCSA, BEA, Entrust, Internet2, Oracle (2.0)
Notes	SAML (Security Assertion Markup Language) is an XML-based specification designed to authenticate and authorize a consumer of a service. It represents a key technology for enabling single sign-on functionality across Web services, a feature that is especially important when designing complex service compositions and applying the Service Composability design principle [REF-1]. Version 2.0 of SAML offers additional protocols for handling all aspects of authentication and authorization and is typically evaluated as a component of the overall WS-Security framework.

SOAP
Category	Messaging
Standards Body	W3C
Version	1.1, 1.2 (Recommendation)
Status	http://www.w3.org/TR/2000/NOTE-SOAP-20000508/ (1.1) http://www.w3.org/TR/soap12-part0/ (1.2)
Date	May 8, 2000
Contributors	Microsoft, IBM, Canon, Oracle Corporation, Sun Microsystems, W3C, UserLand Software, DevelopMentor (1.1) WSO2, Sun, IONA, Oracle, TIBCO, IBM, Sonic Software, Sonoa Systems, BEA (1.2)
Notes	This widely implemented version of the Simple Object Access Protocol defines the fundamental and foremost XML messaging format to communicate between Web Services. Version 1.2 of SOAP adds many important extensions, several of which came about as a result of WS-I recommendations. Note that as of this version, the specification is entitled only "SOAP" and the "Simple Object Access Protocol" title has been dropped. The influence of service-orientation is deemed the primary reason as this version of the SOAP standard is specifically for service interchange and no longer about object access.

SOAP with Attachments
Category	Messaging
Standards Body	W3C
Version	1.2
Status	http://www.w3.org/TR/soap12-af/
Date	June 8, 2004
Contributors	Microsoft, IBM
Notes	There was a time when no one knew whether SwA (SOAP with Attachments) or WS-Attachments [REF-3] would establish itself as the de facto standard for SOAP attachments. The majority of the SOA community now view SwA as the primary candidate as it has received relatively wide vendor support. The SwA standard extends SOAP to support the inclusion of the MIME media type attachments that are typically used to communicate non-SOAP data including binary data, images, audio etc.

XML
Category	Data Definition
Standards Body	W3C
Version	1.0, 1.1
Status	http://www.w3.org/TR/1998/REC-xml-19980210 (1.0) http://www.w3.org/TR/2006/REC-xml-20060816 (1.1)
Date	February 10, 1998 (1.0) September 29, 2006 (1.1)
Contributors	Microsoft, University of Illinois at Chicago, Textuality (1.0) Textuality, Netscape, Microsoft, W3C, Sun Microsystems (1.1)
Notes	Clearly the most fundamental and successful SOA-related standard produced by any standards organization. The Extensible Markup Language (a subset of SGML) was designed to provide a portable mechanism for exchanging information over the Web similar to the previously successful HTML. With the exception of XPath, all specifications listed in this grid are authored using XML.

XML Schema
Category	Data Definition
Standards Body	W3C
Version	1.0, 1.1 (submission)
Status	http://www.w3.org/XML/Schema#dev (1.0) http://www.w3.org/TR/xmlschema-1 (1.1)
Date	May 2, 2001 (1.0) October 28, 2004 (1.1)
Contributors	SGML Works!, Oracle Corporation, Kaiser Permanente, W3C
Notes	As fundamental to SOA as XML is, the XML Schema specification essentially allows for the definition of data models specifically for XML documents. All Web services specifications authored in XML are accompanied by pre-defined XML schema definitions that enforce the language constraints. In a nutshell, XML Schema allows for the expression of types, rules and validation logic used to describe valid XML document instances. It further utilizes namespaces to resolve conflicts and complex types.

XPath
Category	Data Transformation/Extraction
Standards Body	W3C
Version	1.0 (Recommendation) 2.0 (Requirements)
Status	http://www.w3.org/TR/xpath (1.0) http://www.w3.org/TR/xpath20req/ (2.0)
Date	November 16, 1999 (1.0) June 3, 2005 (2.0)
Contributors	Inso Corp., Brown University (1.0) AT&T, Oracle (2.0)
Notes	XPath (also known as XML Path Language) is a long-surviving utility specification that provides common syntax and semantics for searching and identifying parts of XML documents via a language that resembles the UNC syntax used for file paths. XPath is also one of the very few remaining specifications that are not actually written in XML. Other languages, such as XSLT and XQuery [REF-3], provide intrinsic support for XPath statements. The primary goals of version 2.0 include simplified manipulation of string and XML content, as well as improved interoperability and ease-of-use.

XQuery
Category	Data Transformation/Extraction
Standards Body	W3C
Version	1.0 (Recommendation)
Status	http://www.w3.org/TR/xquery
Date	January 23, 2007
Contributors	IBM, AT&T, Oracle, DataDirect
Notes	XQuery (also known as the XML Query Language) provides a specialized query syntax similar to SQL, designed to locate information within and across XML documents [REF-3]. As native XML support in databases has steadily increased, the XQuery standard has continued to receive broad vendor support in mainstream database products, such as SQL Server and DB2.

XSLT
Category	Data Transformation/Extraction
Standards Body	W3C
Version	1.0 (Recommendation) 2.0 (Recommendation)
Status	http://www.w3.org/TR/xslt (1.0) http://www.w3.org/TR/xslt20/
Date	November 16, 1999 (1.0) January 23, 2007 (2.0)
Contributors	Saba, Microsoft, University of Edinburgh, Arbortext, Adobe, Saxonica
Notes	While much of service-orientation (specifically the Standardized Service Contract design principle [REF-1]) is geared toward avoiding data transformation, the fact remains that overcoming disparate data sources will remain a reality for some time. XSLT is the foremost language employed to transform information between XML documents based on different XML Schema structures, and for converting XML into other output formats. Version 2.0 offers many new functions and usability enhancements and was designed to be used in conjunction with XPath 2.0.

WS-Addressing
Category	Messaging
Standards Body	W3C
Version	1.0 (Recommendation)
Status	http://www.w3.org/TR/ws-addr-core/
Date	May 9, 2006
Contributors	Sun Microsystems, IBM, Microsoft, BEA, SAP
Notes	By providing industry standard routing and correlation SOAP headers, the WS-Addressing [REF-2] specification has established itself as a core part of the Web services platform. It further provides support for invoking service instances and its headers are used by other specifications, such as WS-RM.

WS-AtomicTransaction
Category	Transactions
Standards Body	OASIS
Version	1.1
Status	http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html
Date	April 16, 2007
Contributors	IBM, IONA, JBoss
Notes	Atomic transactions typically refer to "all-or-nothing" events that are also generally short-lived. The WS-AtomicTransaction specification [REF-2] states how these transactions should behave, along with their interaction with coordination services (as defined by WS-Coordination).

WS-Base Notification
Category	Messaging
Standards Body	OASIS
Version	1.3 (Ratified)
Status	http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsn
Date	October 11, 2006
Contributors	IBM, TIBCO, HP
Notes	This base standard for a web services notifications has been more accepted in the Java community. It specifically describes the roles of Notification Producer and Notification Consumer for publish-and-subscribe data interchange. WS-BaseNotification is part of the overall WS-Notification framework [REF-2].

WS-I Basic Profile
Category	Interoperability
Standards Body	WS-I
Version	1.1, 1.2 (Board approval draft)
Status	http://www.ws-i.org/Profiles/BasicProfile-1.1.html (1.1) http://www.ws-i.org/Profiles/BasicProfile-1.2.html (1.2)
Date	April 10, 2006 (1.1) March 28, 2007 (1.2)
Contributors	Microsoft, IBM, SAP, BEA, webMethods (1.1, 1.2)
Notes	This important specification is designed to foster conformance and interoperability among vendor implementations of key service standards such as WSDL, SOAP, and UDDI. Version 1.2 fixes 1.1 errors and adds support for WS-Addressing and MTOM binary attachments.

WS-I Basic Security Profile
Category	Interoperability
Standards Body	WS-I
Version	1.0, 1.1 (Working group approval draft)
Status	http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html (1.0) http://www.ws-i.org/Profiles/BasicSecurityProfile-1.1.html (1.1)
Date	March 30, 2007 (1.0) February 20, 2007 (1.1)
Contributors	IBM, Microsoft, Layer 7, Nortel (1.0, 1.1)
Notes	This key security specification is designed to foster conformance and interoperability among vendor implementations of key security standards such as WS-Security, SAML, Kerberos, X.509 and REL.

WS-BPEL
Category	Orchestration
Standards Body	OASIS
Version	1.1, 2.0
Status	http://www-106.ibm.com/developerworks/webservices/library/ws-bpel/ (1.1) http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html (2.0)
Date	May 5, 2003 (1.1) April 11, 2007 (2.0)
Contributors	Microsoft, IBM, Siebel Systems, BEA, SAP (1.1) IBM, Microsoft, BEA, Intalio, Adobe, Systinet, JBoss, Sterling Commerce, SAP, Deloitte, TIBCO, webMethods, Oracle (2.0)
Notes	WS-BPEL (the Web Services Business Process Execution Language) provides an industry standard syntax for expressing business process and Web service composition logic for execution within orchestration platforms. Version 1.1 was entitled BPEL4WS (Business Process Execution Language for Web Services) and received relatively wide industry support before even being submitted to a standards organization.

WS-Business Activity
Category	Transactions
Standards Body	OASIS
Version	1.1
Status	http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html
Date	April 16, 2007
Contributors	IBM, IONA, JBoss
Notes	This specification, in concert with WS-Coordination, is designed to support long-running activities that may span organizations and even involve manual steps. WS-BusinessActivity [REF-2] coordinated activities can span multiple atomic transactions.

WS-Coordination
Category	Transactions
Standards Body	OASIS
Version	1.1
Status	http://docs.oasis-open.org/ws-tx/wstx-wscoor-1.1-spec-os/wstx-wscoor-1.1-spec-os.html
Date	April 16, 2007
Contributors	Microsoft, IONA, IBM
Notes	WS-Coordination [REF-2] serves as a guideline and set of protocols for synchronizing and coordinating distributed computational tasks and activities. These activities can be both short running (as specified by WS-AtomicTransaction) and long running (as specified by WS-BusinessActivity).

WS-Distributed Management
Category	Management
Standards Body	OASIS
Version	1.0 (Legacy)
Status	http://www.oasis-open.org/committees/wsdm/ipr.php
Date	September 10, 2003
Contributors	IBM, Talking Blocks, Computer Associates International
Notes	This standard focuses on the distributed management of devices using Web services as well as the internal management of Web services.

WS-Federation
Category	Interoperability
Standards Body	OASIS
Version	1.2
Status	http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsfed
Date	June 18, 2007
Contributors	IBM, Microsoft
Notes	As part of the overall WS-Security framework, this specification enhances WS-Trust to support distributed trust authentication and authorization across security realms.

WS-Policy
Category	Service Description
Standards Body	W3C
Version	1.2 (Submission)
Status	http://www.w3.org/Submission/WS-Policy/
Date	April 25, 2006
Contributors	Verisign, Microsoft, Sonic Software, IBM , SAP, BEA
Notes	This fundamental standard extends the Web service contract to allow for the expression of technical policy assertions. The WS-Policy framework [REF-2] is comprised of three specifications that each cover an aspect of defining and applying policies. Various service-orientation principles can influence how and the extent to which policy assertions are incorporated in the overall service design [REF-1].

WS-RM
Category	Messaging
Standards Body	OASIS
Version	1.1
Status	http://docs.oasis-open.org/ws-rx/wsrm/v1.1/wsrm.html
Date	June 14, 2007
Contributors	WS02, IBM, SAP, Coastin, BEA, Oracle
Notes	WS-RM (also referred to as WS-ReliableMessaging) [REF-2] provides a transport-independent standard which enables Web Services to transmit sequences of messages across nodes reliably and in conformance with various rules called quality assurances.

WS-Secure Conversation
Category	Interoperability
Standards Body	OASIS
Version	1.3
Status	http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx
Date	March 1, 2007
Contributors	IBM, Microsoft, Nortel, Verisign
Notes	The WS-Secure Conversation specification defines extensions for WS-Security to allow security context definition and sharing, and session key derivation.

WS-Security
Category	Security
Standards Body	OASIS
Version	1.0, 1.1
Status	http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf (1.0) http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf (1.1)
Date	April 5, 2002 (1.0) February 21, 2006 (1.1)
Contributors	IBM, Sun, Microsoft, Verisign (1.0, 1.1)
Notes	WS-Security is considered one of the most important parts of the WS-* platform, providing essential and critical, industry-standard security functions. The framework is comprised of several standards, including X.509, SAML, Kerberos, Rights Expression Language, SOAP with Attachments.

WS-Topics
Category	Messaging
Standards Body	OASIS
Version	1.3 (Ratified)
Status	http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsn
Date	October 11, 2006
Contributors	HP, IBM
Notes	WS-Topics provides an XML model that is used in conjunction with WS-Base Notification for the definition of notification topics.

WS-TX (WS-Transaction)
Category	Transactions
Standards Body	OASIS
Version	1.1
Status	See WS-AtomicTransaction, WS-BusinessActivity, and WS-Coordination specifications.
Date	February 28, 2007
Contributors	Adobe, BEA, Fujitsu, Hitachi, IBM, IONA, Microsoft, Nortel, Oracle, Red Hat, Ricoh, Sun, TIBCO
Notes	An amalgamation of specifications that describe how Web service transactions, both short running (as specified by WS-AtomicTransaction), and long running (as specified by WS-BusinessActivity) should behave using coordinated resources (WS-Coordination).

WS-Trust
Category	Interoperability
Standards Body	OASIS
Version	1.3
Status	http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx
Date	March 19, 2007
Contributors	IBM, Microsoft, Nortel, Verisign
Notes	The WS-Trust specification defines extensions for WS-Security to allow for the exchange of security tokens and to establish specific types of trust relationships among Web services.

WSDL
Category	Service Description
Standards Body	W3C
Version	1.1, 2.0 (Recommendation)
Status	http://www.w3.org/TR/wsdl (1.1) http://www.w3.org/TR/wsdl20/ (2.0)
Date	March 15, 2001 (1.1) June 26, 2007 (2.0)
Contributors	Microsoft, IBM (1.1) IBM, Canon, WS02, Sun Microsystems (2.0)
Notes	The most basic of Web services standards that defines the core Web service technical contract. Specifically, WSDL (Web Services Description Language) [REF-2] definitions allow for the expression of service messages, operations, bindings and concrete service implementation details, such as location. The WSDL definition (together with XML schema and WS-Policy definitions) is a primary part of the Web services shaped by various service-orientation design principles, such as Standardized Service Contract, Service Loose Coupling, and Service Abstraction [REF-1].

UDDI
Category	Registry
Standards Body	UDDI.org (2.0) OASIS (3.0)
Version	2.0, 3.0
Status	http://www.oasis-open.org/committees/uddi-spec/doc/tcspecs.htm#uddiv2 (2.0) http://www.oasis-open.org/committees/uddi-spec/doc/tcspecs.htm#uddiv3 (3.0)
Date	July 19, 2002 (2.0) October 19, 2004 (3.0)
Contributors	IBM, Accenture, BEA, Fujitsu, Microsoft, HP, Verisign, Oracle, Sun, Intel, SAP, webMethods (2.0) Microsoft, Sun, HP, Oracle, Intel, SAP (3.0)
Notes	UDDI (Universal Description, Discovery, and Integration) [REF-3] is an XML registry standard originally designed to let providers of publicly available Web services register their offerings for open discovery. Now more utilized for internal private service registries, it has become a key part of SOA infrastructures. Version 3.0 introduced many improvements, including better WSDL capabilities, data model enhancements, multi-registry topologies and a new subscription API.

References

[REF-1] "SOA: Principles of Service Design", Thomas Erl, Prentice Hall/PearsonPTR (ISBN: 0132344823).

[REF-2] "Service-Oriented Architecture: Concepts, Technology, and Design", Thomas Erl, Prentice Hall/PearsonPTR (ISBN: 0131858580)

[REF-3] "Service-Oriented Architecture: A Field Guide to Integrating XML and Web Services", Thomas Erl, Prentice Hall/PearsonPTR (ISBN: 0131428985)

[REF-4] SOASpecs.com (www.soaspecs.com)

The Prentice Hall Service-Oriented Computing Series from Thomas Erl

Home Past Issues Contributors What is SOA? SOA Glossary SOA School SOA Books About Legal