1. Building a Scalable and Open Worldwide
Web of Things
15 January 2009
Vlad Trifa & Dominique Guinard
‣ REST & ROA on devices
‣ Research directions
15.1.2009 Vlad Trifa - Institute for Pervasive Computing
‣ GOAL: build tools for fast prototyping of distributed
applications for networked sensing systems
‣ Heterogeneous HW/SW, how to design code easily?
‣ How to simplify development for non-CS experts?
‣ How to maximize interoperability & scalability?
15.1.2009 Vlad Trifa - Institute for Pervasive Computing
4. A brief history of middlewares
‣ Building distributed applications is nothing new
• CORBA, Jini, RPC, ...
• Tightly-coupled, limited interoperability
‣ Building distributed apps for embedded devices is
not new either...
• GSN, SenseWeb, EmSTAR, ...
• Integration of distributed devices in centralized systems
(database, server => bottleneck)
• Limited scope, optimized for specific use cases
15.1.2009 Vlad Trifa - Institute for Pervasive Computing
5. Service-oriented architectures
‣ A huge trend in distributed applications is SOA
‣ Unfortunately SOA’s most famous implementation
(WS-*) is a legacy from old RPC systems
‣ Has many advantages and is an industrial standard
‣ WS-* were developed in a hurry
‣ Too complex for building simple applications
‣ Certainly not suited for embedded devices
15.1.2009 Vlad Trifa - Institute for Pervasive Computing
6. Web Services Standards Overview Dependencies
© innoQ Deutschland GmbH. All Rights Reserved. The poster may also contain references to other company, organisation, brand and product names. These company, organisation, brand and product names are used herein for identification purposes only and may be the trademarks of their respective owners.
Interoperability Business Process Specifications Management Specifications Presentation
SOAP Message Transmission Optimization Mechanism
Management Using Web Management Of
Business Process Execution Web Service Choreography WS-BaseNotification
WS-Choreography Model Web Service Choreography WS-Management
Services (WSDM-MUWS) Web Services (WSDM-MOWS)
Language for Web Services 1.1 Interface
Overview Description Language WS-Topics
AMD, Dell, Intel, Microsoft and Sun
(BPEL4WS) · 1.1 · BEA Systems, IBM, (WSCI) · 1.0 · W3C Microsystems
1.0 · W3C (CDL4WS) · 1.0 · W3C WS-BrokeredNotification
Microsoft, SAP, Sun Microsystems, SAP, BEA Systems Web Services for Remote
OASIS OASIS Published Specification
Working Draft Candidate Recommendation
Basic Profile Siebel Systems · OASIS-Standard and Intalio · Note OASIS-Standard OASIS-Standard
Portlets (WSRP) WS-Addressing – Core
Business Process Execution Language for Web Services WS-Choreography Model Overview defines the format Web Service Choreography Interface (WSCI) describes Web Service Choreography Description Language Web Service Distributed Management: Management Using Web Service Distributed Management: Management Of WS-Management describes a general SOAP-based
WS-I WS-Addressing – WSDL Binding
1.1(BPEL4WS) provides a language for the formal and structure of the (SOAP) messages that are exchanged, how Web Service operations can be choreographed in the (CDL4WS) is to specify a declarative, XML based language Web Services (WSDM-MUWS) defines how an IT resource Web Services (WSDM-MOWS) addresses management of protocol for managing systems such as PCs, servers, OASIS
Final Specification specification of business processes and business interaction and the sequence and conditions in which the messages context of a message exchange in which the Web Service that defines from a global viewpoint the common and connected to a network provides manageability interfaces the components that form the network, the Web services devices, Web services and other applications, and other
Committee Draft WS-Addressing – SOAP Binding
protocols using Web Services. are exchanged. participates. complementary observable behaviour, where message such that the IT resource can be managed locally and from endpoints, using Web services protocols. manageable entities.
exchanges occur, and when the jointly agreed ordering remote locations using Web services technologies.
Basic Profile – The Basic Profile 1.1 provides Web Services for Remote Portlets (WSRP) defines a
rules are satisfied.
Business Process Execution Business Process Management
implementation guidelines for how related set of non- set of interfaces and related semantics which standardize
XML Process Definition
proprietary Web Service specifications should be used interactions with components providing user-facing WS-Enumeration
Language for Web Services 2.0 Language (BPML) Service Modeling Language
together for best interoperability. markup, including the processing of user interactions with
Language (XPDL) that markup.
(BPEL4WS) · 2.0 1.1 IBM, BEA, BMC, Cisco, Dell, HP, Intel,
OASIS, BEA Systems, IBM, Microsoft, SAP, BPMI.org Microsoft, Sun
Siebel Systems · Committee Draft Final Draft Draft Specification
Business Process Execution Language for Web Services Business Process Management Language (BPML) XML Process Definition Language (XPDL) provides an
2.0 (BPEL4WS) provides a language for the formal provides a meta-language for expressing business XML file format that can be used to interchange process Servcie Modeling Language (SML) is used to model
WS-I specification of business processes and business interaction processes and supporting entities. models between tools. complex IT services and systems, including their structure, WS-PolicyAssertions
Working Group Draft protocols using Web Services.
constraints, policies, and best practices.
Basic Profile – The Basic Profile 1.2 builds on Basic Profile
1.1 by incorporating Basic Profile 1.1 errata, requirements
from Simple SOAP Binding Profile 1.0, and adding support
for WS-Addressing and MTOM.
Universal Description, Discovery and Integration
Web Service Description Language 1.1
Web Service Description Language 2.0 Core
Metadata Specifications Reliability Security Specifications Transaction Resource
Web Service Description Language 2.0 SOAP Binding
Working Group Draft
Specifications Specifications Specifications Security Specifications
Basic Profile – The Basic Profile 2.0 is an update of WS-I
BP that includes a profile of SOAP 1.2.
1.1 1.1 WS-Security
BEA Systems, IBM, Microsoft,
W3C OASIS WS-Coordination
IBM, Microsoft, SAP RSA Security, VeriSign WS-Security: SOAP Message Security
Attachments Profile Working Draft OASIS-Standard
WS-ReliableMessaging Resource Framework (WSRF)
Public Draft Public Draft 1.1
1.0 WS-Security: Kerberos Binding
WS-I Working Draft
WS-Policy describes the capabilities and constraints of WS-PolicyAssertions provides an initial set of assertions WS-Security is a communications protocol providing a WS-SecurityPolicy defines how to describe policies related
Final Specification WS-Security: SAML Token Profile
the policies on intermediaries and endpoints (e.g. business to address some common needs of Web Services means for applying security to Web Services. to various features defined in the WS-Security specification.
WS-Coordination describes an extensible framework for providing
rules, required security tokens, supported encryption applications.
protocols that coordinate the actions of distributed applications. WS-Security: X.509 Certificate Token Profile
algorithms, privacy rules). Web Services Resource Framework (WSRF) defines a family of
Attachments Profile – The Attachment Profile 1.0 specifications for accessing stateful resources using Web Services.
WS-ReliableMessaging describes a protocol that allows
complements the Basic Profile 1.1 to add support WS-Security: Username Token Profile
Web services to communicate reliable in the presence of
for interoperable SOAP Messages with attachments-based
software component, system, or network failures. It defines
Web Services. WS-SecurityPolicy
SOAP Message Security Username Token Profile OASIS 1.2
a SOAP binding that is required for interoperability.
WS-PolicyAttachment WS-Discovery Working Draft OASIS
1.1 1.1 WS-Trust
1.2 Microsoft, BEA Systems, Canon,
Simple SOAP WS-Business Activity provides the definition of the business activity
WS-Reliable Messaging WS-Federation
Public Review Draft Public Review Draft
W3C Intel and webMethods coordination type that is to be used with the extensible coordination WS-BaseFaults (WSRF) defines a base set of information
Binding Profile Policy Assertion (WS-RM Policy) framework described in the WS-Coordination specification.
W3C Member Submission Draft that may appear in fault messages. WS-BaseFaults defines an WS-SecureConversation
WS-Security: SOAP Message Security describes WS-Security: Username Token Profile describes how
1.0 XML schema type for base faults, along with rules for how
enhancements to SOAP messaging to provide message a Web Service consumer can supply a Username Token as a this base fault type is used and extended by Web Services.
WS-I OASIS integrity and confidentiality. Specifically, this specification means of identifying the requestor by username, and
WS-PolicyAttachment defines two general-purpose WS-Discovery defines a multicast discovery protocol for
Final Specification 1.1
Committee Draft provides support for multiple security token formats, trust optionally using a password (or shared secret, etc.) to
mechanisms for associating policies with the subjects to dynamic discovery of services on ad-hoc and managed
domains, signature formats and encryption technologies. authenticate that identity to the Web Service producer.
which they apply; the policies may be defined as part networks.
Committee Draft 1.2
Simple SOAP Binding Profile – The Simple SOAP Binding The token formats and semantics for using these are
of existing metadata about the subject or the policies may Web Services ReliableMessaging Policy Assertion
Profile consists of those Basic Profile 1.0 requirements defined in the associated profile documents. OASIS
be defined independently and associated through an
(WS-RM Policy) describes a domain-specific policy assertion WS-ReliableMessaging
WS-Atomic Transaction defines protocols that enable existing
related to the serialization of the envelope and its external binding to the subject. Working Draft
for WS-ReliableMessaging that that can be specified within
representation in the message. transaction processing systems to wrap their proprietary protocols
a policy alternative as defined in WS-Policy Framework.
and interoperate across different hardware and software vendors.
WS-ServiceGroup (WSRF) defines a means by which Web
WS-MetadataExchange Universal Description, WS-Security: WS-Federation Services and WS-Resources can be aggregated or grouped
WS-Composite Application WS-Reliable Messaging Policy Assertion
together for a domain specific purpose.
Discovery and Integration (UDDI) Kerberos Binding 1.0
Basic Security Profile BEA Systems, Computer Associates,
IBM, Microsoft, BEA Systems,
IBM, Microsoft, SAP, Sun Microsystems and 1.0 · Arjuna Technologies, Fujitsu, IONA,
1.0 RSA Security, and VeriSign
OASIS Microsoft, IBM, OASIS
Oracle and Sun Microsystems
WS-I Initial Draft
OASIS-Standard Working Draft
Public Draft OASIS
Board Approval Draft OASIS-Standard Working Draft
Web Service Resource Framework
WS-Composite Application Framework (WS-CAF) is a
WS-MetadataExchange enables a service to provide Universal Description, Discovery and Integration (UDDI) WS-Security: Kerberos Binding defines how to encode WS-Federation describes how to manage and broker the
collection of three specifications aimed at solving problems
metadata to others through a Web services interface. Given defines a set of services supporting the description Kerberos tickets and attach them to SOAP messages. As trust relationships in a heterogeneous federated WS-ResourceProperties specifies the means by which the
Basic Security Profile defines the WS-I Basic Security that arise when multiple Web Services are used in combina- WS-BaseFaults
only a reference to a Web service, a user can access a set and discovery of businesses, organizations, and other Web well, it specifies how to add signatures and encryption to the environment including support for federated identities.
WS-Reliability is a SOAP-based protocol for exchanging definition of the properties of a WS-Resource may be declared
Profile 1.0, based on a set of non-proprietary Web services tion. It proposes standard, interoperable mechanisms for
of WSDL /SOAP operations to retrieve the metadata that services providers, the Web services they make available, SOAP message, in accordance with WS-Security, which
SOAP messages with guaranteed delivery, no duplicates, as part of the Web Service interface. The declaration of the
specifications, along with clarifications and amendments managing shared context and ensuring business processes
describes the service. and the technical interfaces which may be used to access uses and references the Kerberos tokens. WS-ServiceGroup
and guaranteed message ordering. WS-Reliability is WS-Resource properties represents a projection of or a view
to those specifications which promote interoperability. achieve predictable results and recovery from failure.
those services. defined as SOAP header extensions and is independent of on the WS-Resource state.
the underlying protocol. This specification contains a WS-ResourceProperties
binding to HTTP.
Web Service Description WS-Trust
Web Service Description WS-Security: WS-ResourceLifetime
REL Token Profile Language 2.0 Core SAML Token Profile BEA Systems, Computer Associates, IBM, Layer 7 Arjuna Technologies, Fujitsu, IONA, Oracle OASIS
This poster is not to be reproduced or transmitted in any form or for any purpose without the express permission of innoQ Deutschland GmbH. · Copyright
Technologies, Microsoft, Netegrity, Oblix,
SOAP Binding and Sun Microsystems
1.0 Working Draft
2.0 1.1 OpenNetwork, Ping Identity Corporation, Committee Draft
WS-I W3C OASIS
2.0 Resource Representation SOAP Header Block (RRSHB)
Reactivity, RSA Security, VeriSign and Westbridge
WS-ResourceLifetime is to standardize the terminology,
Working Group Draft Candidate Recommendation Public Review Draft
W3C · Working Draft Technology · Initial Draft WS-Context (WS-CTX) is intended as a lightweight mechanism concepts, message exchanges, WSDL and XML needed to
for allowing multiple Web Services to share a common context.
monitor the lifetime of, and destroy WS-Resources.
Web Service Description Language SOAP Binding Web Service Description Language 2.0 Core is an XML- WS-Security: SAML Token Profile defines the use of WS-Trust describes a framework for trust models that enables Additionally, it defines resource properties that may be used
REL Token Profile is based on a non-proprietary describes the concrete details for using WSDL 2.0 in based language for describing Web services and how to Security Assertion Markup Language (SAML) v1.1 assertions Web Services to securely interoperate. It uses WS-Security base to inspect and monitor the lifetime of a WS-Resource.
Web services specification, along with clarifications and conjunction with SOAP 1.1 protocol. access them. It specifies the location of the service and the in the context of WSS: SOAP Message Security including mechanisms and defines additional primitives and extensions
amendments to that specification which promote
operations (or methods) the service exposes. for the purpose of securing SOAP messages and SOAP for security token exchange to enable the issuance and
interoperability. 1.0 · Arjuna Technologies, Fujitsu, IONA,
message exchanges. dissemination of credentials within different trust domains.
Oracle and Sun Microsystems W3C
Management Of Web Services
Committee Draft W3C Member Submission
WS-SecureConversation Management Using Web Services
Web Service Description WS-Security: X.509 WS-Coordination Framework (WS-CF) allows the
SAML Token Profile WS-Transfer describes a general SOAP-based protocol for
BEA Systems, Computer Associates, IBM, management and coordination in a Web Services interaction
Language 1.1 Certificate Token Profile accessing XML representations of Web service-based resources.
of a number of activities related to an overall application.
Layer 7 Technologies, Microsoft, Netegrity,
1.0 Service Modeling Language
WS-I 1.1 1.1
Ping Identity Corporation, Reactivity,
Working Group Draft W3C OASIS
Business Process Specifications
SOAP Header Block (RRSHB)
RSA Security, VeriSign and Westbridge
Note Public Review Draft
Technology ·Public Draft W3C
1.0 · Arjuna Technologies, Fujitsu, IONA,
SAML Token Profile is based on a non-proprietary Recommendation
Web Service Description Language 1.1 is an XML-based WS-Security: X.509 Certificate Token Profile describes WS-SecureConversation specifies how to manage and Oracle and Sun Microsystems
Web services specification, along with clarifications and language for describing Web services and how to access the use of the X.509 authentication framework with the authenticate message exchanges between parties including Business Process Execution Language for Web Services
amendments to that specification which promote Resource Representation SOAP Header Block (RRSHB)
them. It specifies the location of the service and the WS-Security: SOAP Message Security specification. security context exchange and establishing and deriving
interoperability. operations (or methods) the service exposes. complements MTOM by defining mechanisms for
session keys. WS-Transaction Management (WS-TXM) defines a core infrastructure Web Service Choreography Description Language
describing and conveying non-XML resource representations
service consisting of a Transaction Service for Web Services.
in a SOAP 1.2 message.
Web Service Choreography Interface
Conformance Claim WS-Choreography Model Overview
Attachment Mechanism (CCAM)
Business Process Management Language
Business Process Execution Language for Web Serv. 2.0
XML Process Definition Language
Conformance Claim Attachment Mechanism (CCAM)
catalogues mechanisms that can be used to attach WS-I
Messaging Specifications SOAP
Profile Conformance Claims to Web services artefacts
(e.g., WSDL descriptions, UDDI registries).
Reliable Asynchronous WS-Notification is a WS-BrokeredNotification WS-BaseNotification WS-Eventing defines a WS-Addressing – Core SOAP Message
Messaging Profile (RAMP) SOAP Message WS-Atomic Transaction
family of related white defines the interface for standardizes the terminology, baseline set of operations provides transport-neutral
WS-Notification WS-BrokeredNotification WS-BaseNotification WS-Addressing – Core SOAP
1.0 papers and specifications the NotificationBroker. concepts, operations, WSDL that allow Web services to mechanisms to address
Transmission Optimization WS-Coordination
that define a standard A NotificationBroker is an and XML needed to express provide asynchronous Web services and messages.
WS-I 1.3 1.3 1.3 1.0 1.2
Web services approach to intermediary, which, among the basic roles involved in notifications to interested This specification defines describes an
Working Draft OASIS OASIS OASIS W3C W3C WS-Composite Application Framework
notification using a topic- other things, allows Web services publish and parties. XML elements to identify abstract feature for
Public Draft 1.0 · W3C
OASIS-Standard OASIS-Standard OASIS-Standard Recommendation Recommendation
based publish/subscribe publication of messages subscribe for notification Web service endpoints and optimizing the
Reliable Asynchronous Messaging Profile (RAMP) is a pattern. from entities that are not message exchange. to secure end-to-end transmission and/or WS-Transaction Management
profile, in the fashion of the WS-I profiles, that enables, themselves service endpoint identification in wire format of a
among other things, basic B2B integration scenarios using providers. messages. SOAP message. WS-Context
Web services technologies.
WS-Enumeration describes WS-Topics defines three WS-Addressing – WSDL WS-Addressing – SOAP SOAP is a lightweight,
WS-Addressing – WSDL WS-Addressing –
WS-Enumeration Binding defines how the Binding provides transport-
a general SOAP-based topic expression dialects XML-based protocol for WS-Coordination Framework
protocol for enumerating that can be used as sub- abstract properties defined neutral mechanisms to exchange of information
Binding SOAP Binding
Systinet, Microsoft, Sonic Software, BEA a sequence of XML scription expressions in in Web Services Addressing address Web services and in a decentralized,
Systems and elements that is suitable subscribe request messages – Core are described using messages. distributed environment.
for traversing logs, message and other parts of the WSDL.
Computer Associates W3C W3C
queues, or other linear WS-Notification system.
Public Draft Candidate Recommendation Recommendation
Web Services for Remote Portlets
The Organization for the Advancement of Structured Information
Standards (OASIS) is a not-for-profit, international consortium
that drives the development, convergence, and adoption of e-business standards. The
consortium produces more Web services standards than any other organization along with stan-
dards for security, e-business, and standardization efforts in the public sector and for applica-
tion-specific markets. Founded in 1993, OASIS has more than 4,000 participants representing
Version 3.0 · February 2007
over 600 organizations and individual members in 100 countries.
The World Wide Web Consortium (W3C) was created in October 1994 to lead the
World Wide Web to its full potential by developing common protocols that promote
its evolution and ensure its interoperability. W3C has over 350 Member organiza-
tions from all over the world and has earned international recognition for its contributions to the
growth of the Web. W3C is designing the infrastructure, and defining the architecture and the core
technologies for Web services. In September 2000, W3C started the XML Protocol Activity to address
the need for an XML-based protocol for application-to-application messaging. In January 2002, the
Web Services Activity was launched, subsuming the XML Protocol Activity and extending its scope. XML – Extensible Markup XML – Extensible Markup Namespaces in XML XML Information Set is XML Schema – XML XML binary Optimized Describing Media Content
Describing Media Content
XML binary Optimized Packaging (XOP) is an XML of Binary Data in XML
Language is a pared-down Language is a pared-down provides a simple method an abstract data set to Schema Definition Language
XML 1.1 XML 1.0 Namespaces in XML XML Information Set XML Schema
The Web Services Interoperability Organization (WS-I) is an open industry (DMCBDX) specifies how to
version of SGML, designed version of SGML, designed for qualifying element and provide a consistent set of is an XML language for language for describing and
of Binary Data in XML
organization chartered to promote Web services interoperability across platforms, especially for Web especially for Web attribute names used in XML definitions for use in other describing and constraining constraining the content of indicate the content-type
1.1 1.0 1.1 1.0 1.1
operating systems and programming languages. The organization’s diverse community of Web
documents. It allows one to documents. It allows one to documents by associating specifications that need to the content of XML XML documents. associated with binary
W3C W3C W3C W3C W3C
services leaders helps customers to develop interoperable Web services by providing guidance,
create own customized tags, create own customized tags, them with namespaces refer to the information documents. element content in an XML
recommended practices and supporting resources. Specifically, WS-I creates, promotes and
Recommendation Recommendation Recommendation Recommendation Working Draft
enabling the definition, enabling the definition, identified by IRI references. in a well-formed XML document and to specify, in
supports generic protocols for the interoperable exchange of messages between Web services. Recommendation Note
transmission, validation, and transmission, validation, and document. XML Schema, the expected
interpretation of data interpretation of data content-type(s) associated
The Internet Engineering Task Force (IETF) is a large open international
between applications and between applications and with binary element
innoQ Deutschland GmbH innoQ Schweiz GmbH
community of network designers, operators, vendors, and researchers
between organizations. between organizations. content.
concerned with the evolution of the Internet architecture and the smooth
operation of the Internet.