Hardly any financial firms are implementing Web services--mainly because of concerns over security. Why is Fidelity? It provides us with a common interface and language between our applications...so that our integration of applications becomes easier. That's a huge thing for us.
Many customers are concerned about Web services security. When will Web services become more secure?
When we can understand identity. We have to be able to understand who we are getting called from--whether it is a VPN pipe to a certificate-based implementation. That is for the external Web services. For the internal Web services, we can move a lot faster. We still have to apply security, but it is different from the external.
How far are you from seeing the external type of Web services at Fidelity, those that allow your internal systems to link to those of other companies in the mainstream corporate world?
In the mainstream it is starting to appear, and it is starting to appear from us as well.
It will become more prevalent once Web services security is just right?
Yes, and that is the hard one. Web services has been very powerful for us and has helped us move our application development faster. We don't spend time arguing about what the protocol is to talk to each other.
Do you think this will lead to cost savings and an increase in productivity?
Productivity is always improved because you don't have to discuss how you're communicating. Making it simpler is always better. Better productivity usually leads to some form of cost savings.
Has the adoption of Web services developed as you had expected? Did you expect companies to embrace application integration?
Yes. It's moving very quickly, and that's a very positive thing.
Because you'll be able to interoperate with these other companies?
And because the tools will be much more accessible, and we'll be able to pick and choose technology much more easily.
Have you come across any unexpected uses for Web services, perhaps not foreseen a few years ago?
We see people trying to use Web services everywhere, and perhaps it's not always appropriate. Maybe in large batch files it's not as appropriate--that is, a file transfer of 1MB files or larger in a request-and-response model is not recommended.
Web services works really well in a request-and-response transactional model when someone sends a request and gets a response--short, small transactions. I think in some of the other areas, there still needs to be some work.
When it comes to the challenges of implementing Web services, you've referred to the difficulty of working with groups to bring everyone up to speed--from other companies to other technology makers. As a customer, are there any developments on the horizon that lead you to believe that it will become easier to work with these various groups?
Web services is moving much faster than any other type of standards implementation ever did in the computing industry. Our ability to move quickly in the past two or three years--from basic XML (Extensible Markup Language) over HTTP (Hypertext Transfer Protocol) to SOAP (Simple Object Access Protocol) 1.1, and WSDL (Web Services Description Language) to UDDI (Universal Description, Discovery and Integration)--has been unprecedented. Vendors are also coming out with products much faster than we have ever seen in the past.
What about the standards battle between the major hardware and software makers? Might your gains be short-circuited by the standards war?
I wouldn't say short-circuited, but we're actively participating in standards organizations like WS-I (Web Services Interoperability Organization), W3C (World Wide Web Consortium), OASIS and the Liberty Project, and those types of organizations to help keep moving this forward. We're one of the few business groups in these organizations with the many vendors that are there.
When working with these groups, what is the ideal goal for companies like Fidelity that are actually using Web services?
That we maintain the standards efforts and keep moving the environment forward. Everyone is standardizing on SOAP 1.1 and WS-I. Everyone is working interoperability around security to have standard identity systems among platforms. Being able to communicate and not have to translate different variances of people's systems is going to be a big deal.
What areas--standards, tools, skills development--will be most important in the coming six to 12 months? Is there enough talent to run and maintain Web services?
I think it is much better than it used to be. You can actually go buy a book on (Web services). In the past, we were always inventing our own interfaces, and you always had to learn how to build them. You always had to learn that...This is making it a lot simpler.
Are people coming out of college somewhat trained?
Yes. You get college kids who understand XML and what it means to have a tag structure. It's a big win for us.
If you could change one thing about the way Web services has evolved in the past few years--marketing, supplier bickering, standards evolution, customer adoption--what would it be?
I think the vendor bickering would be part of that, and getting them to work together. Everyone can build tools in this space. For Web services to work, everyone has to participate. You can't exclude one group or another.
Do you foresee the suppliers being more accommodating to one another?
I see it getting better. They worked through some issues, and I don't see any roadblocks at this moment. There are plenty of hard things to solve, but these guys in the large companies are working on it.
What other hard things are they working through?
The issues of security and workflow.
What other areas still need work?
I think the work in the binary objects that is going on--when you want to send a word document as an object and/or attach an image to a message. There needs to be work in large-data file movement.
Being able to serialize services for better workflow, I think, is going to be important. To go from point A to point B to point C--making sure all the steps are followed.
Security is very important. Web services has to be secure, and we have to be able to trust who is calling us and who we are calling.
Back to Vision Series
intro
