You are on page 1of 4

Inter-Process Communications Technologies

y y y y y For example, Microsoft developed the Component Object Model, or COM, as the mechanism for communicating between applications and components running on the Windows platform. Developers can use COM to create reusable software components, link components together to build applications, and take advantage of Windows services. Microsoft originally designed COM to enable communications between components and applications running on the same computer. COM was followed by DCOM (distributed COM), enabling applications to access components running on other computers over a network. DCOM was itself followed by COM+. COM+ incorporated features such as integration with Microsoft Transaction Server, enabling applications to group operations on components together into transactions so that the results of these operations could either be made permanent (committed) if they were all successful, or automatically undone (rolled back) if some sort of error occurred. COM+ provided additional capabilities, such as automatic resource management (for example, if a component connects to a database, you can ensure that the connection is closed when the application finishes using the component), and asynchronous operations (useful if an application makes a request to a component that can take a long time to fulfill; the application can continue processing, and the component can alert the application by sending it a message when the operation has completed). COM+ was followed in turn by the .NET Framework, which further extended the features available and renamed the technology as Enterprise Services. The .NET Framework also provided several new technologies for building networked components. One example was Remoting, which enabled a client application to access a remote object hosted by a remote server application as though it was running locally, inside the client application.

y

y y

The Web and Web Services
y Technologies such as COM, DCOM, COM+, Enterprise Services, and .NET Framework Remoting all work well when applications and components are running within the same local area network inside an organization. The World Wide Web provides an infrastructure that enables developers to build applications that can combine components and other elements located almost anywhere in the world, running on computers of varying architectures, and executing using a bewildering array of operating systems (not just Windows). The first generation of ³Web applications´ was quite simple, consisting of static Web pages that users could download and view using a Web browser application running on their local computer. The second generation provided elements of programmability, initially through the use of components, or applets, that could be downloaded from Web sites and executed locally in the users¶ Web browser.

y

y

y

developers had to agree on a common format for that data that was independent of the architecture of the computer they were using. How does an application know how to format data so that another application can read it correctly? The answer is that both applications have to agree on a layout. including a common format for data. A Web service can receive requests from applications running on the user¶s computer. and lets you define a grammar for describing just about any type of data that you need to handle. These are global. or XML. by adopting XML and schemas as a common data format. distributed applications. hosted elsewhere on the Internet. Using XML as a Common Data Format y y Different types of computers can store the same values by using different internal representations So. Web services and client applications communicate with each other by using the Simple Object Access Protocol. A Web service can also invoke operations in other Web services. This layout is referred to as the XML schema for the data. a protocol for sending and receiving requests. Using XML and XML schemas to format data enables Web services and users¶ (or client) applications to pass data back and forth in an unambiguous manner. developers had to agree on several points. The currently accepted universal data format is eXtensible Markup Language. . perform operations on the computer hosting the Web service. To establish Web services as a global mechanism for building distributed applications. XML is text-based and human-readable (just). However. <Person> <Forename>John</Forename> <Surname>Sharp</Surname> <Age>42</Age> </Person> Or <Person Forename="John" Surname="Sharp" Age="42" /> y y y y y y y y y There are many other variations possible as well. to share data successfully between applications running on different computers.y y y y y These have been followed by the third generation±Web services. and handling security. and send a response back to the application running on the user¶s computer. client applications and Web services still need to agree on a protocol when sending and receiving requests. or SOAP. So. Additionally. applications running on different computers can at least understand the data that they are using. a client application needs to be able to know what messages it can send to a Web service and what responses it can expect to receive. A Web service is an application or component that executes on the computer hosting the Web site rather than the user¶s computer.

In an isolated. incorporate many security features into their own platforms. such as their passwords. The most important are the following:  The format of a SOAP message  How data should be encoded  How to send messages  How to handle replies to these messages Web service can advertise the messages that a client application can send it. such as within a single organization. desktop environment. These solutions can work well in an environment where it is possible to maintain such a list. by publishing a Web Services Description Language (WSDL) document. and components running on a computer over a network have the appropriate access rights. and Kerberos tokens. and equally important. Privacy is closely related to security. non-networked. but clearly it is not feasible to record identity and credential information for all computers and users accessing your services across the World Wide Web if you wish to make your services available outside of your enterprise. Typically. you now have to ensure that users accessing shared resources. especially when you start to communicate with services on the World Wide Web. You don't want other users to be able to intercept and read the messages flowing between your applications and Web services. A lot of research has been performed in understanding the challenges of maintaining security in a global environment. A WSDL document is a piece of XML that conforms to a standard XML schema and that describes the messages the Web service can accept and the structure of the responses it will send back. such as using username/password pairs. X509 certificates. and many solutions have been proposed. Handling Security and Privacy in a Global Environment y y Security is concerned with identifying users and services and then authorizing their access to resources. such as Microsoft with Windows. The Organization for the Advancement of Structured Information Standards (OASIS) is a consortium of organizations that have proposed a number of standard mechanisms for implementing security. When you connect computers together over a network. this is no longer sufficient. and the responses the client application will receive. If you are creating Web services that provide access to privileged information. A client application can use this information to determine how to communicate with the Web service. Companies developing operating systems.y y y y The SOAP specification defines a number of things. Web services and client applications need to agree on the form of security that they will use and how they will identify and verify each other. Web services and client applications must y y y y y y . To communicate in a secure manner. you could physically secure a PC to prevent an unauthorized user from typing on its keyboard or viewing its screen. To this end. these features include maintaining a list of users and the credentials that they use to identify these users. you should consider using one of these mechanisms to authenticate users. data.

To make life easier for developers building Web services using the Microsoft . y .also agree on a mechanism to ensure the privacy of their conversations. It provides you with wizards and other tools that you can use to generate much of the code necessary to help protect Web services and client applications and can simplify the configuration and deployment of Web services. visit the Wikipedia Web site at http://en. this means encrypting the messages that they exchange. there are several mechanisms available for encrypting messages.org/wiki/Public-key_cryptography. More Info For a good overview and introduction to public key cryptography. Incorporating security and privacy into a Web service and client application can be a non-trivial task. the most common of which relies on using public and private keys. WSE is a fully supported add-on to Microsoft Visual Studio. Microsoft introduced the Web Services Enhancements (WSE) package.NET Framework.wikipedia. designed to help you create Web services that retain compatibility with the evolving Web service standards. As with security. Typically.