[论文摘录] Classification of SOA Contract Specification Languages(ICWS, 2008), 第一部分
Joseph C. Okika , Anders P. Ravn, "Classification of SOA Contract Specification Languages," ICWS (Application and Industry Track#Web Services Specifications), 2008
Joseph C. Okika
Aalborg University(丹麦) researcher & PHD.
Research Interest:
analysis and verification of service contract which is part of the Project COSoDIS (Contract-Oriented Software Development for Internet Services)
Web Service领域的标准和协议名目繁多, 来源复杂, 要解决的问题各有不同但也会有重叠, 可能很少会有人去看长篇累牍的协议正文, 初学者更是云里雾里, 搞不清楚这些协议到底解决了什么问题, 还有哪些问题尚待解决. 如果对这些协议不了解, reviewer可能会challenge你的论文: 人家都已经有协议了, 你干吗又要解决这个问题?
作者Okika主要研究SOA领域内的协议, 本文对这些”Contract Specification Languages”做了比较系统的介绍与比较, 通过这篇论文, 对相关标准和协议的内容可窥一斑.
这篇论文将这些"Contract Specification Language"分为三个系列:
Web Services (WS-*): 包括WSDL, BPEL, WS-CDL, WSLA/WS-Policy/WS-Security/WS-TRust
Semantic Web Services (*-S): OWL-S, WSMO
Electronic Business (Eb-*): BPSS, CPP, CPA
由于内容较多, 分成2篇, 这一篇介绍WS-*系列, 下一篇介绍另外2个系列.
Web Service (WS-*)系列
WSDL (Web Service Definition Language)
用来描述(syntactically)Web服务的功能, 接口和访问地址. 分为abstract part(定义接口, portType, operation, input/output, message) 和implementation/concrete part(指定access point). 发音: 'wiz-dəl'.
版本历史:
WSDL 1.0 (Sep. 2000), developed by IBM, Microsoft and Ariba
WSDL 1.1 (Mar. 2001), No major changes were introduced between 1.0 and 1.1.
WSDL 1.2 (June. 2003), still a working draft at W3C
WSDL 2.0 (June 2007), became a W3C recommendation. WSDL 1.2 was renamed to WSDL 2.0 because it has substantial differences from WSDL 1.1. Changes:
* Adding further semantics to the description language
* Removal of message constructs
* No support for operator overloading
* PortTypes renamed to interfaces
* Ports renamed to endpoints.
Example(1.1版本, abstract part):
BPEL (Business Process Execution Language for Web Services)
一种静态Web服务组合语言, 基于工作流, 支持常见的流程结构(sequence, parallel, conditional branch, loop等), 是一种orchestration语言.
几个重要的概念
partnerLink
"BPEL把与流程交互的其他服务称为伙伴(partner).在PARTNERLINK元素中, 可以通过"myRole"和"partnerRole"属性来定义流程和伙伴的角色.如果流程作为服务的提供者,需要使用myRole属性,而当流程作为服务的请求者时,则使用partnerRole属性.partnerLink通过引用partnerLinkType来定义流程与伙伴服务之间的通信接口(实际上是WSDL文档中的Port Type)." (以上这段话摘自网上)
activities
分为basic activities(e.g. invoke/receive)和structured activities(e.g. flow, switch, pick)
Executable business processes
model actual behavior of a participant in a business interaction.
Abstract business processes
partially specified processes that are not intended to be executed.
版本历史
Apr. 2003, BEA Systems, IBM, Microsoft, SAP and Siebel Systems submitted BPEL4WS 1.1 to OASIS for standardization
Sep. 2004, OASIS WS-BPEL technical committee name their spec WS-BPEL 2.0
Jun. 2007, Active Endpoints, Adobe, BEA, IBM, Oracle and SAP published the BPEL4People and WS-HumanTask specifications
WS-CDL (Web Services Choreography Description Language)
"an XML-based language that describes peer-to-peer collaborations of participants by defining, from a global viewpoint, their common and complementary observable behavior; where ordered message exchanges result in accomplishing a common business goal." (W3C 文档上的定义). 我对这个语言基本不了解, 只清楚orchestration和choreography的大致区别(这两个单词不大好记, 一开始经常搞混, 接触了几次才能正确拼写出来)
版本历史
Nov. 2005, a W3C candidate recommendation, WS-CDL 1.0
WSLA (Web Service Level Agreements)
定义和监控Web Service的SLAs.
版本历史
January 2003, IBM Corporation, WSLA Language Specification, Version 1.0
An example of service level objective
IBM网站上提供的一个完整例子
WS-Policy
provider: 用来广告其policies(on security, QoS, etc.)
consumer: specifiy their policy requirements
不过这个specification没有定义如何运输和发现一个policy.
版本历史
Apr. 2006, WS-Policy 1.2
Sep. 2007, WS-Policy 1.5, W3C recommendation
WS-Security
"a communications protocol providing a means for applying security to Web services". WS-Security应用于application layer, 通过扩展SOAP消息(应该是对SOAP Header), 使消息可以跟security token联系起来.
涉及到以下安全相关内容:
(1) contains specification on how integrity and confidentiality can be enforced on Web services messaging
(2) details on the use of SAML and Kerberos, and certificate formats such as X.509
(3) describes how to attach signatures and encryption headers to SOAP message
(4) describes how to attach security tokes, including binary security tokens such as X.509 certificates and Kerberos tickets, to message.
版本历史
Apr. 2004, WS-Security 1.0, released by Oasis-Open
Feb. 2006, WS-Security 1.1, released by Oasis-Open
WS-Trust
a WS-* specification and OASIS standard that provides extensions to WS-Security . The goal is to enable applications to construct trusted message exchange. The trust is represented through the exchange and brokering of security tokens.
版本历史
Mar. 2007, WS-Trust, authored by representatives of a number of companies, and was approved by OASIS.