1	San Diego Supercomputer Center January 29, 2004
2	Agenda Overview Introduction of panel members Presentations by panelists Questions and answers
3	Whither Web Services? 2002 forecasts Gartner: $30 billion market by 2005 IDC: $34 billion by 2006 Typical web services project IDC: $50,000 budget, 90 days Plans for Web services Gartner (recent survey) 54% plan web services in next year Forrester Research (recent survey) 85% of enterprises plan web services 50% of services will be for customers 24% will join industry standards groups
4	Web Services Adoption Gartner Dataquest survey (April 2003) North America 92% of system integration projects use Web services 86% XML 31% SOAP 14% UDDI 3% WSDL Europe, Middle, Africa 57% XML, 12% UDDI, 10% SOAP, 9% WSDL
5	Web Services Adoption BEA survey (July 2002) 85% of top 100 US financial institutions will deploy within two years IDC (April 2003) 3300 deployed in 2002 $21.7 billion market by 2007 Professional services to increase by 146% $1 billion (2003) to $2.7 (2004) Infoworld survey (August 2003) 51% of programmers working on web services
6	Standards Turf War Languages ISO, ECMA, Java Community Process Architectures, Web Services, eBusiness W3C OASIS WS-I IETF Liberty Alliance UN/CEFACT (ebXML) DISA (X12) OMG Open Group
7
8	Internet Security Challenges Ubiquitous access Community of hackers System administrators and DBAs leave doors open Internet Explorer 31 known security flaws Exporting business processes = exporting access to data
9	Security in the 21^st Century Cyber-warfare Nations Terrorist organizations Competitors Corporate challenges Industrial espionage Business intelligence (protecting information) Outsourcing Software development and IT services Tech support Call centers, customer service centers, CRM
10	Threats Sniffers Spyware Process-injection Trojans XML injection SOAP processing denial-of-service Spoofing XML parser denial-of-service and more
11	Challenges Secure documents Secure messages Confidentiality Integrity Authentication and authorization Non-repudiation
12	Infrastructure Specifications Networking TCP/IP IP Sec Secure Sockets (SSL) X.509 Kerberos Public keys (PKI)
13	Infrastructure / Plumbing Web services stack builds on Internet technologies Security at several levels Use secure connections, servers, operating systems, documents
14	Security Technologies Secure sockets (SSL) for secure network connections IP security (IPSec) Public key encryption for messages, authentication Multi-part authentication (see RSA) encryption, tokens, tickets
15	Security in the XML World XML Encryption XML Digital Signatures (DSig) XML Key Management System Security Assertion Markup Language (SAML)
16	Specs Related to Web Services Infrastructure XML, Schema, WSDL, namespaces Messaging SOAP, SOAP Message Security, Username Token Profile WS-Security Federated Identity
17	Secure Messaging Message Confidentiality Encryption Security tokens Message Integrity XML Signature Security tokens
18	Authorization and Identity Liberty Alliance .NET Passport WS-Federation and similar solutions
19	Global XML Architecture Specs (Security) WS-Security WS-Policy WS-Trust WS-Privacy WS-SecureConversation WS-Federation WS-Authorization
20	Other Web Services Specs WS-Addressing WS-MetadataExchange WS-ReliableMessaging WS-Transactions WS-Coordination
21	WS-Security Associate token with messages Expanded into multiple specs Kerberos X.509 Opaque encrypted keys SOAP enhancements (quality of protection) Message integrity Confidentiality Single message authentication
22	Federated Identity Profiles Active Passive Trust
23	Hardware Assist XML servers XML accelerators Content processors Sarvega Tarari
24	More Information Database research, training www.sqlsummit.com Web services information webservicessummit.com
25	Expert Panel Jeff Carmichael Tarari Mark Colan IBM Rajiv Gupta Confluent Thor Larholm PivX Gene Thurston AmberPoint