11.6 The Software Glue

11.6 The Software Glue

In the same way that HTML catalyzed a vast web of human-accessible content, several new software standards will enable a web of machine-accessible services, such as this proposed EVS. Web services are defined by three information and communication system standards:

1. Simple Object Access Protocol (SOAP), which performs the transfer of XML-encoded messages

2. Web services description language (WSDL), which declares what the Web service can do and is an XML equivalent of a "software resume"

3. Universal Description, Discovery, and Integration (UDDI), which performs a global lookup at three levels: white pages, yellow pages and green pages, and defines a directory for authorization

SOAP is a lightweight protocol for the exchange of information in a decentralized environment, typically across the Internet or intranet. Based on XML, SOAP has three main parts. First, it provides an envelope that defines a framework for describing what is in a message and how to process it. Secondly, it provides a set of encoding rules for expressing instances of application-defined data types. Thirdly, it contains a convention for representing responses across a network.

WSDL functions like an XML resume; it declares what a Web service can do, where it lives, and how to invoke it. It is a defining interface language, and it is the method by which services in a network can be found and categorized. Coupled with the third standard, UDDI, it allows a Web service to find what Web services exist on the Internet, an intranet, or a proprietary network.

UDDI operates on three separate levels: white pages (address information), yellow pages (business information), and green pages (technical details as to how transactions are to be conducted). As a matter of security and confidentiality, it is obvious that for this EVS, private and restricted UDDI servers would be maintained, accessible only to those individuals and devices with appropriate authorization.

There are currently no security standards specific to Web services, but the existing standards for secure and authenticated HTTP can be used in most cases. HTTPS, which is HTTP running over SSL, uses a digital-certificate scheme that allows the client and server to verify each other's identities and communicate over a secure, encrypted channel. Then, there is HTTP basic authentication, which allows specific URLs to be password protected, so that only client users with the appropriate credentials can gain access. Finally, there are SOAP security extensions, which allow individual pieces of a payload to be electronically signed and encrypted. IBM has already released a prototype called SOAP Security Extensions that is part of its Web services toolkit.

Increasingly, the trend in information systems is toward decentralization. In a few short years we have gone from mainframes to minicomputers, PCs, laptops, and wireless organizers. We have gone from client/server architectures to the Web, to peer-to-peer networks, and soon to Web services. As the world moves toward decentralized information storage, the problem of validating a person's identity in a network arises. Because an entity can be described as a set of information nuggets, it should be possible to store these nuggets in various databases in a network and to reconstruct a profile from these nuggets when needed. This would enable different Web services to store specific aspects of a person's profile and identity. For example, one set of Web services could store credit information, whereas another set of services could store license data, another financial, yet another travel activity data, another pictures of the person with details about data appearance, income, public records, and so forth.

The critical point is that a secured EVS, as a high-level Web service, would be able to reconstruct part or all of a person's profile by orchestrating the information nuggets held by the lower-level Web services. And because of the technologies used by such a service, alerts could be sent not only to human personnel, such as a customs inspector, but also to devices, such as an airline kiosk or an ATM. This is the EVS architectural design; however, challenges remain in the development of a truly evolutionary data mining system, which would be the creator and assembler of these profile nuggets. There nuggets must be able to be dynamically updated and created with new data by advanced new algorithms, guided by experienced counter-intelligence human analysts, who would know that if a person is 40 years old and has no public records, something is amiss.