Interview: The role of directories in Web services

As CTO of the Sun ONE (Open Net Environment) software products group, Hal Stern tries to be a unifying force within Sun Microsystems Inc. Stern, who has been quietly guiding the products that Sun acquired from Netscape, has been fairly effective at getting Sun to line up on a common enterprise software infrastructure. In this interview, Stern outlines where Sun needs to go from here to create the next generation of software infrastructure for Web services using directories.

Q: Where do you see Sun's strength of late in the software space?We've been getting a lot of traction around the Web services ideas and a significant amount of traction around the notion of network identity. The problem is categorizing and enumerating all the different places where we store identity information and authorization information, so it's very rewarding to see the amount of attention being paid to Liberty Alliance.

Q: Where are we as an industry in terms of the adoption of Web services? I think that we're sort of on the downswing of the hype curve around Web services and the upswing of people actually doing interesting things with them. And we're now starting to look at what [is] the right granularity [that is] needed to go create Web services.

Q: What roles does a directory play in the grand scheme of Web services?If you look at the bigger problem -- Web services security -- I don't think you're going to solve this by adding security stuff to SOAP [Simple Object Access Protocol]. You can make SOAP a little more secure, but if you go up a level, I can guarantee my XML isn't exposed and that my SOAP isn't exposed using SSL [Secure Sockets Layer]. I can validate the contents of my XML using digital signatures. Are the Web services allowed to do what they really asked to go do? What's been offered for them in terms of the range of services? And that becomes a question of context: Where are they? What's their bandwidth? What are they doing? What's their authorization? What's their authentication? How strongly do they authenticate and what's the list of services that have to deal with that? I think a lot of those things live in directories, and the taxonomies for them are kept in directories. Network identity is now the gatekeeper of how you come through a portal, how you come through a delivery vehicle to access this world of services.

Q: What is the relationship between SOAP and LDAP?They're complementary. SOAP is a reasonable transport, but if you look at the real, practical aspects of network identity, things that are LDAP-based are going to be accessed indirectly -- maybe through the Web server, through the app server, or through the portal server. You're not going to really go and code to LDAP. XML is another way of coding to the directory.

Q: How do directories need to evolve to support Web services?The directory and the current environment for how it does synchronization, how it does replication, are absolutely sufficient. The next issue is that you want to go use the directory at the edge for capturing things like context and to have a very high rate of change. I think that there's an opportunity for more transactional capabilities being added to the directory. The big change there is we went from being Reads equal to 1, Writes equal to 0.1 in terms of speed, to Reads equal to 1, Writes equal to about 0.9. When you do that, then you can start talking about doing things in a transactional way with a directory.

Q: How important are directories going to be to carriers as we move forward? I think the carriers are realizing now that by owning the last mile of delivery, they are the owners of context. They have a great opportunity for the carriers to be the operators of network identity -- or at least parts of network identity systems -- because they can go capture the context.

Q: So how is Sun different today than it was a year ago?Sun's value, historically, has been hardware and Solaris. Well, it turns out that that's not a sufficient value proposition anymore. So we want to do hardware, Solaris, and Sun ONE. That's actually the stack we offer. This is everything you need to do Web services, network-based computing, and this is the platform on which you do it. This is the thing we sell as the system that represents a premium position in the market.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Liberty Alliance

Show Comments