DOD aims to marshal its Web services

Von Heather Havenstein

Two years after individual U.S. Department of Defense agencies began developing Web services to integrate applications, the DOD is ramping up efforts to make hundreds of Web services available to end users throughout the military"s operations.

The DOD has begun installing Web services registry technology from Burlington, Mass.-based Systinet Corp. at its enterprise computing center in Columbus, Ohio. Slated to go into production this summer, the registry is intended to allow developers across the department to locate specific Web services.

The Defense Information Systems Agency will begin cataloging Web services developed by the U.S. Air Force, Army, Navy and other groups within the DOD, said Robert Vietmeyer, DISA"s chief engineer for the Net-Centric Enterprise Services program.

The DISA contract to be announced Monday is worth more than US$2 million over five years -- perhaps the biggest deal for registry technology to date - and signifies a critical mass of Web services at the DOD, said Anne Thomas Manes, an analyst at Burton Group in Midvale, Utah. Manes previously was chief technology officer at Systinet.

The latest contract is unrelated to an early 2004 deal under which Systinet customized its Web services development tool for DISA.

A registry houses centralized metadata describing the location of Web services and policies governing their use.

"We"re seeing the registry being positioned as the heart of the service-oriented architecture," Vietmeyer said. "If the SOA requires governance ... you can only govern those things you can have visibility across. We don"t have good visibility across the department today."

Several hundred Web services exist across the DOD, and some agencies predict that they will have 150 to 200 available by the end of the year, Vietmeyer said. The department has used more than 100 Web services to integrate applications in military exercises, he said.

The Systinet technology will let the DOD classify Web services and their associated policies, said Dave Butler, Systinet vice president of marketing. He added that it can insert a policy into a Web service at runtime. For example, a Web service published by the Army to check weapons inventory could be restricted only to logistics users, he said.

The DISA registry project represents a big commitment by the U.S. government to SOA use and is a bellwether for other federal agencies, said Ron Schmelzer, an analyst at ZapThink LLC in Waltham, Mass.

"If the DOD can show this is a success ... then a lot of agencies are going to want to do that," Schmelzer said.

DISA has tapped WebLayers Inc. in Cambridge, Mass., to help it develop the policies the registry will enforce. WebLayers this week announced that DISA had awarded it a contract to provide technology to define, configure and enforce Web services policies. In addition, Oakland, Calif.-based AmberPoint Inc. is providing an enterprise service management product to assist in monitoring the NCES runtime environment, said a DISA spokeswoman.

The DOD is still hammering out the details of all of the policies surrounding its use of Web services, Vietmeyer said. DISA has begun working with a team from the department"s CIO office to develop a profile for the interoperability of Web services, he said.

Some of the most vexing challenges regarding the use of Web services will be setting policies for security, mainly access control and authentication, Vietmeyer said.

"We"re moving from a client/server environment where we had tightly coupled enclaves ... to say we need to make this information available to users," he said.