convergence in messaging frameworks pim van der eijk
TRANSCRIPT
Convergence in Messaging Frameworks
Pim van der Eijk
Managed public and private processes: B2B/G2G integration
Participation in e-business (e-Government) collaborations
Enterprise Application Integration, Workflow Management
PublicProcess
Rules Tier
IBM Patterns for e-Business http://www-106.ibm.com/developerworks/patterns/
ebXML
Technical and semantic interoperability Modular, cohesive set of standards developed from
1999 Open Standards (OASIS, ISO and UN/CEFACT) Initially over-hyped, now lacking visibility in the market
place, despite some (very) large end user projects and increasing vendor support
Advanced functionality for secure reliable messaging, choreographed business collaborations, partner agreements and management
Focused on external integration (B2B, G2G) ISO 15000 standards since 2004
ebXML modules ebXML Messaging (ebMS)
Secure, reliable business messaging Version 2, certified interoperable messaging since 2002 Version 3, OASIS standard since October 2007
Collaboration Protocol Agreements (CPA) Business service contract language Partner agreements, service profiles
Business Process (ebBP) Choreography of service/action invocations Business Activity Monitoring (BAM)
Registry Information Model and Services
Core Components Information model for vocabularies and business documents
ebXML Messaging B2B application of Web and Internet standards:
Leverages SOAP, MIME Attachments, HTTP bindings W3C XML Security and Encryption
Generic Business Document Header Business Partners Services and Business Transaction Semantics ConversationId: Business Context Applicable “Business Contract” Payload information
Reliable Message Delivery Once-and-Only message delivery
Security W3C Digital Signature Payload Encryption
Public Sector Deployments of ebMS Norway, Social Security / Healthcare UK, Healthcare Netherlands
Justice, Police, Youth protection OSB (“Government Service Bus”) ebMS
profile Sweden, Public Procurement Hong Kong government
AS2 EDIINT EDIINT: EDI over the Internet Internet Engineering Task Force (IETF)
“Applicability Statements” AS1: EDI using SMTP AS2: EDI using HTTP AS3: EDI using FTP
Wal-Mart endorsement of AS2 in 2002: AS2 (RFC 4130) is now the de facto standard in
electronic commerce AS2 also user-preferred protocol for new areas
Data synchronization, tracking and tracing
How about public sector? G2G protocols
OSCI “Online Service Computer Interface” German public sector standard
SHS Swedish public sector standard, developed at
Statskontoret (Swedish Agency for Public Management)
eLINK EU Commission, IDA, November 2004
SuwiML transactiestandaard BKWI (Netherlands Social Security)
eLink: http://ec.europa.eu/idabc/servlets/Doc?id=18685 OSCI http://www1.osci.de/sixcms/media.php/13/osci-specification_1_2_english.pdf
SHS http://www.statskontoret.se/upload/804/shs-architecture.pdfSuwiML http://www.bkwi.nl/fileadmin/downloads/Suwinet/sgr/SuwiML_Transactiestandaard_v0200.pdf
Web Services, WS-* Core standards:
SOAP, WSDL, UDDI Advanced functionality:
Security: WS-Security, WS-Trust and WS-SecureConversation
Reliability: WS-Reliability and WS-ReliableMessaging
Transactionality: WS-Transactions WS-I interoperability profiles
Web Services Deployments Basic Web services profiles are widely
used Denmark “RASP” WS-* profile France, PRESTO
Summary Today’s messaging environment is a mixed bag:
Pre-Internet protocols EDIINT Simple XML over HTTP Government specific frameworks ebXML Messaging 2.0 Web Services variants
Time for convergence? Requirements?
SME(*) support, client-only endpoints Intermediaries Non-Repudiation of Receipt (NRR) Large message support
(*) Including small-and-medium-size public sector agencies
ebXML Messaging 3.0 Web Services Convergence
SOAP 1.1 or SOAP 1.2 SOAP with Attachments or MTOM WS-Security 1.0 or 1.1 WS-Reliability 1.1 or WS-ReliableMessaging 1.1
New features Message Pulling (client-only endpoints) Intermediaries Non-Repudiation of Receipt (NRR) Compression
Compatible with WS-I profiles Basic Profile (BP), Basic Security Profile (BSP),
Reliable Secure Profile (RSP)
ebMS3 - WS Protocol Convergence
OASIS Standard Ballots in 2007, sorted descending by % positive votes
1. ebXML Messaging Services version 3.0, Part 1, Core Features2. WS-BPEL (Business Process Execution Language)3. DSS (Digital Signature Services)4. WS-Trust5. WS-ReliableMessaging6. WS-SecureConversation7. WS-Transaction8. WS-Context9. Election Markup Language (EML)10. Content Assembly Mechanism (CAM)11. OpenDocument 1.112. WS-SecurityPolicy 1.213. SAML Metadata Extension for v2.0 and v.1.114. Darwin Information Typing Architecture (DITA)15. XML Localization Interchange File Format (XLIFF) 1.2
Requirement: client-only endpoints Assumption in early work on ebXML and Web
Services: Message Sender = Client = “Active” Message Recipient = Server = “Passive” Assumes 24/7 available B2B server Assumes incoming connections through firewall
Compare this to the email model: Recipient “actively” collects mail from server Email is stored on server while client is off-line Clients need not be on-line 24/7 No need to open firewall
Submit Message (for sending) Message queued for future pulling Sender application need not be “pull-aware”
PullRequest Signal Generated by requesting MSH (not application) Targets a channel, secured/ authorized for the channel
Pulled Message Pulled message sent over HTTP response (if HTTP) Sent Reliably (“Exactly-Once” delivery)
“Pulling”V3 MSH
Pull-Capable V3 MSH
DeliverMessage
Pull Request
Pulled Message
12
3
4
1
2
3
ebMS 3.0 “Pull” mode
Requirement: Intermediaries Segmented (private) networks where
point-to-point communication is not possible (routing)
Store-and-forward and store-and-collect messaging
Business added-value (message traceability, archival, timestamping)
End-to-end reliability End-to-end security
Mixing intermediaries and “pull” “Push-then-push” store-and-forward or streaming Store-and-collect by mixing push and pull
Also allow a “pushed” message to be “pulled” Compatible with business added-value services
“Light”V3 MSH
Pull-Capable Intermediary
Pull Request
3
Pulled Message
4
DeliverMessage 5 Endpoint
MSH SubmitMessage
1
2Pushed Message
Comparison: OSCI Intermediaries, Active Recipient
AS4: a B2B Web Services Profile New project aimed at:
Creating the functional equivalent of AS2 by mapping those requirements onto the Web services platform.
Entry-level on-ramp for Web services B2B messaging.
Constrained profile for ebMS 3.0 and underlying WS-* standards, plus: Non-repudiation of receipt Large message support
Summary and Conclusion Today’s environment:
A variety of messaging frameworks are in deployment WS-* provides increasing sophistication and
standards in the lower-levels of the stack Some e-Government protocols have features not
addressed in any current WS-* standard ebMS 3.0 provides:
WS-* convergence Supports requirements for “active” (pulling)
messaging and non-repudiation AS4 and intermediary profiles add support for
interoperable transparent intermediaries, compression, NRR