secure infrastructures
Flamenco Networks, Grand Central Web Services Network

by Mana Tominaga
April 2002

With the commoditization of application servers and decreasing costs of hardware and broadband, companies are increasingly using the Web to deploy rich and complex applications with multiple backend systems, databases, and authentication layers. Web services—applications that connect to each other and share data without human intervention—are an extension of such trends. Various vendors have shipped IDEs and platforms for Web service development, and several publicly available Web services have appeared (for a listing, see xmethods.com).

The basic Web service architecture resembles that of the ASP model, assuming hosted, shared applications. Web services rely on open standards, notably SOAP, UDDI, WSDL, and XML, and networks using HTTP for messaging and connectivity with each other. The problem with deploying Web services, though, is that HTTP (and to a lesser extent, FTP) wasn't designed for application deployment. Instead, it was designed for content delivery. Apps requiring uninterrupted sessions have traditionally been built around secure, distributed computing environments like CORBA. Companies evaluating Web services must ask: is it safe to expose business process logic and data using an application-messaging infrastructure that relies on HTTP?

It's possible to provide services that underlie the Web services architecture to ensure reliability, security, and transactional stability. Flamenco Networks and Grand Central Communication are two companies that try to do just this by providing an infrastructure for centralized Web services management. Each relies on a different topology. Flamenco Networks uses a decentralized P2P/groupware model, while Grand Central uses a centralized hub-and-spoke model.