Convergence in Messaging Frameworks

1
Convergence in Messaging Frameworks

• Pim van der Eijk

2
Managed public and private processes B2B/G2G
integration
PublicProcessRules Tier
IBM Patterns for e-Business http//www-106.ibm.com
/developerworks/patterns/
3
ebXML

• Technical and semantic interoperability
• Modular, cohesive set of standards developed from
  1999
• Open Standards (OASIS, ISO and UN/CEFACT)
• Initially over-hyped, now lacking visibility in
  the market place, despite some (very) large end
  user projects and increasing vendor support
• Advanced functionality for secure reliable
  messaging, choreographed business collaborations,
  partner agreements and management
• Focused on external integration (B2B, G2G)
• ISO 15000 standards since 2004

4
ebXML modules

• ebXML Messaging (ebMS)
• Secure, reliable business messaging
• Version 2, certified interoperable messaging
  since 2002
• Version 3, OASIS standard since October 2007
• Collaboration Protocol Agreements (CPA)
• Business service contract language
• Partner agreements, service profiles
• Business Process (ebBP)
• Choreography of service/action invocations
• Business Activity Monitoring (BAM)
• Registry
• Information Model and Services
• Core Components
• Information model for vocabularies and business
  documents

5
ebXML Messaging

• B2B application of Web and Internet standards
• Leverages SOAP, MIME Attachments, HTTP bindings
• W3C XML Security and Encryption
• Generic Business Document Header
• Business Partners
• Services and Business Transaction Semantics
• ConversationId Business Context
• Applicable Business Contract
• Payload information
• Reliable Message Delivery
• Once-and-Only message delivery
• Security
• W3C Digital Signature
• Payload Encryption

6
Public Sector Deployments of ebMS

• Norway, Social Security / Healthcare
• UK, Healthcare
• Netherlands
• Justice, Police, Youth protection
• OSB (Government Service Bus) ebMS profile
• Sweden, Public Procurement
• Hong Kong government

7
AS2 EDIINT

• EDIINT EDI over the Internet
• Internet Engineering Task Force (IETF)
  Applicability Statements
• AS1 EDI using SMTP
• AS2 EDI using HTTP
• AS3 EDI using FTP
• Wal-Mart endorsement of AS2 in 2002
• AS2 (RFC 4130) is now the de facto standard in
  electronic commerce
• AS2 also user-preferred protocol for new areas
• Data synchronization, tracking and tracing

8
How about public sector? G2G protocols

• OSCI
• Online Service Computer Interface
• German public sector standard
• SHS
• Swedish public sector standard, developed at
  Statskontoret (Swedish Agency for Public
  Management)
• eLINK
• EU Commission, IDA, November 2004
• SuwiML transactiestandaard
• BKWI (Netherlands Social Security)

eLink http//ec.europa.eu/idabc/servlets/Doc?id1
8685 OSCI http//www1.osci.de/sixcms/media.php/13
/osci-specification_1_2_english.pdf SHS
http//www.statskontoret.se/upload/804/shs-archite
cture.pdf SuwiML http//www.bkwi.nl/fileadmin/down
loads/Suwinet/sgr/SuwiML_Transactiestandaard_v0200
.pdf
9
Web Services, WS-

• Core standards
• SOAP, WSDL, UDDI
• Advanced functionality
• Security WS-Security, WS-Trust and
  WS-SecureConversation
• Reliability WS-Reliability and
  WS-ReliableMessaging
• Transactionality WS-Transactions
• WS-I interoperability profiles

10
Web Services Deployments

• Basic Web services profiles are widely used
• Denmark RASP WS- profile
• France, PRESTO

11
Summary

• Todays messaging environment is a mixed bag
• Pre-Internet protocols
• EDIINT
• Simple XML over HTTP
• Government specific frameworks
• ebXML Messaging 2.0
• Web Services variants
• Time for convergence?
• Requirements?
• SME() support, client-only endpoints
• Intermediaries
• Non-Repudiation of Receipt (NRR)
• Large message support

() Including small-and-medium-size public sector
agencies
12
ebXML Messaging 3.0

• Web Services Convergence
• SOAP 1.1 or SOAP 1.2
• SOAP with Attachments or MTOM
• WS-Security 1.0 or 1.1
• WS-Reliability 1.1 or WS-ReliableMessaging 1.1
• New features
• Message Pulling (client-only endpoints)
• Intermediaries
• Non-Repudiation of Receipt (NRR)
• Compression
• Compatible with WS-I profiles
• Basic Profile (BP), Basic Security Profile (BSP),
  Reliable Secure Profile (RSP)

13
ebMS3 - WS Protocol Convergence
14
OASIS Standard Ballots in 2007, sorted descending
by positive votes

1. ebXML Messaging Services version 3.0, Part 1,
   Core Features
2. WS-BPEL (Business Process Execution Language)
3. DSS (Digital Signature Services)
4. WS-Trust
5. WS-ReliableMessaging
6. WS-SecureConversation
7. WS-Transaction
8. WS-Context
9. Election Markup Language (EML)
10. Content Assembly Mechanism (CAM)
11. OpenDocument 1.1
12. WS-SecurityPolicy 1.2
13. SAML Metadata Extension for v2.0 and v.1.1
14. Darwin Information Typing Architecture (DITA)
15. XML Localization Interchange File Format (XLIFF)
    1.2

15
Requirement client-only endpoints

• Assumption in early work on ebXML and Web
  Services
• Message Sender Client Active
• Message Recipient Server Passive
• Assumes 24/7 available B2B server
• Assumes incoming connections through firewall
• Compare this to the email model
• Recipient actively collects mail from server
• Email is stored on server while client is
  off-line
• Clients need not be on-line 24/7
• No need to open firewall

16
ebMS 3.0 Pull mode
2
Pull-Capable V3 MSH
Pulling V3 MSH
1
Pull Request
Deliver Message
4
3
Pulled Message

• Submit Message (for sending)
• Message queued for future pulling
• Sender application need not be pull-aware
• PullRequest Signal
• Generated by requesting MSH (not application)
• Targets a channel, secured/ authorized for the
  channel
• Pulled Message
• Pulled message sent over HTTP response (if HTTP)
• Sent Reliably (Exactly-Once delivery)

1
2
3
17
Requirement Intermediaries

• Segmented (private) networks where point-to-point
  communication is not possible (routing)
• Store-and-forward and store-and-collect messaging
• Business added-value (message traceability,
  archival, timestamping)
• End-to-end reliability
• End-to-end security

18
Mixing intermediaries and pull

• Push-then-push store-and-forward or streaming
• Store-and-collect by mixing push and pull
• Also allow a pushed message to be pulled
• Compatible with business added-value services

Pull-Capable Intermediary
Light V3 MSH
Endpoint MSH
19
Comparison OSCI Intermediaries, Active Recipient
20
AS4 a B2B Web Services Profile

• New project aimed at
• Creating the functional equivalent of AS2 by
  mapping those requirements onto the Web services
  platform.
• Entry-level on-ramp for Web services B2B
  messaging.
• Constrained profile for ebMS 3.0 and underlying
  WS- standards, plus
• Non-repudiation of receipt
• Large message support

21
Summary and Conclusion

• Todays environment
• A variety of messaging frameworks are in
  deployment
• WS- provides increasing sophistication and
  standards in the lower-levels of the stack
• Some e-Government protocols have features not
  addressed in any current WS- standard
• ebMS 3.0 provides
• WS- convergence
• Supports requirements for active (pulling)
  messaging and non-repudiation
• AS4 and intermediary profiles add support for
  interoperable transparent intermediaries,
  compression, NRR