Web services leverage legacy systems, enrich functionality
By Judith Lamont, KMWorld senior writer
With increasing emphasis in government on accountability and strategic planning, application integration is becoming an important focus. It allows decision-makers to see a unified view of the information they need to direct their organizations. Web services technology is rapidly gaining ground because of its ability to draw in data from many applications and to link business processes in a low-cost and efficient manner.
The Office of Research Development (ORD) of the U.S. Environmental Protection Agency is charged with conducting advanced research on ways to prevent pollution, protect human health and reduce risk. To support its work, ORD uses several specialized applications including a system called the ORD Management Information System (OMIS) that contains modules for research planning, lab work, budgeting and accounting. However, OMIS had never been integrated into the EPA’s primary financial system, so data had to be re-keyed. In addition, ORD used PeopleSoft’s HR module and a travel and expense management application that needed to be integrated with EPA’s legacy systems. ORD selected the webMethods Integration Platform as the best way to achieve a rapid integration of all of those applications.
Using the Web services technology on which webMethods’ solution is based, ORD was able to integrate its applications in just four months. The quick turnaround of the implementation is impressive because it included the addition of 128-bit encryption after the project had already begun. That change was the result of new federal guidelines for cybersecurity that followed the attacks of 9/11/01. Cost reductions in data entry allowed ORD to recoup its investment in about a year. The system has been operating for the past several years, during which it has accomplished its goals of streamlining ORD’s business processes and extending the life of its legacy systems.
webMethods made an early commitment to Web services, having based its integration strategy and architecture on Web services since 1996. The company was involved in the creation of SOAP standards and is actively involved in assessment and resolution of interoperability issues.
“A great value of Web services is that they can touch systems built before the technology was available,” says Jim Ivers, VP of corporate marketing at webMethods.
Government organizations at all levels often are saddled with legacy systems, and few can afford to waste the potential of those data sources. In Virginia, the Fairfax County Public School (FCPS) system had linked many core applications so they could exchange data, but the complex integration that evolved over the past 20 years had become unmanageable.
FCPS selected webMethods to provide a single integration platform for all of its applications. Gradually, FCPS has been adding applications, beginning with the Schools Administrative Student Information Software (SASI) and a human resources application from Lawson. The integration of the applications is designed to capture the most up-to-date student information and correlate student performance with teacher qualifications. All of the previous point-to-point integration is scheduled to be replaced by webMethods by June. In addition, FCPS plans to partner with an e-commerce provider to enable online registration and payment for adult education courses, using the webMethods Integration Platform to exchange data. Another planned innovation is to offer first responders access to emergency care information about students via PDAs and cell phones through webMethods Mobile.
Ivers sees Web services as a complement to enterprise application integration (EAI) products rather than as a replacement for them. “Certain applications need functionality that is not yet available in Web services,” he comments. “Web services technology is ideal for situations in which underlying functions remain constant but adaptability is important. High-level business rules may change but the basic processes are constant.”
Many software vendors are using a Web services strategy to help integrate their own modules as well as to connect their customers’ applications. For example, PeopleSoft was able to quickly incorporate the J.D. Edwards functionality into Its EnterpriseOne product line.
“PeopleSoft moved to a pure Internet architecture in 2000 when we introduced Version 8 of our Enterprise product line,” says William McKinney, product marketing manager at PeopleSoft. “It was based on XML messaging, and as new Web services standards came along, they were adopted into the products.” McKinney sees Web services as a way to achieve fast and low-cost integration, and to adapt to changes in business. He agrees that certain uses, such as those involving very high levels of transactions, are better suited to EAI.
Composite applications, in which multiple applications are joined to carry out a variety of other processes, are one place where Web services really shine. “For example, when a new employee joins a company, interaction with many enterprise systems is required,” says McKinney. “First, their information needs to be entered into an HR system. Then, they may need to enroll with a healthcare provider that is outside the company, and choose a life insurance policy. To order business cards or a laptop computer, they need to interface with procurement. They may need to go through a background check.” Web services brings together all those different functions. New applications can be added with little disruption of the existing workflow.
Web services technology is also effective in extending the value of legacy data that may have originally been built for a specific function, not necessarily to share data.
“We never start with a clean piece of paper,” says Wayne Beekman, co-founder of Information Concepts, which builds large-scale custom database applications. “Although we build our applications from scratch, we get most of the data from legacy databases.” Organizations may also build new Web services applications on top of existing applications. For example, Information Concepts worked with an association that wanted to create a Web services framework on top of its legacy applications.
“The original applications can remain untouched,” Beekman continues, “and the Web services framework can be changed as needed.” On security, Beekman points out that any application can be built in a secure or insecure way, and that the developers have options to make sure it’s done correctly. He emphasizes that the same holds true for Web services applications.
The intelligence community was an early adopter of Web services because of its need to bring together pieces of information stored in disparate locations to form a coherent picture. “These groups were way out front in implementing Web services,” says Jim Jones, CTO of the Enterprise Security Solutions Business Unit at SAIC. “Even before standards were developed, the intel community was crafting solutions, but the emergence of standards is helping a lot with the security aspect.”
For example, the XACML extension supports granular access control at the data element level. “Each security issue has to be solved one at a time,” maintains Jones, “including encryption, authentication and other security issues.”
The most mature organizations, whether intelligence-related or not, also have mature security architectures and involve the security staff early in development efforts, but Jones believes that is still the exception. More often, the risk assessment is too low to justify the costs of incorporating strong security. But exceptions are found in government where national security is critical or where personal information must be protected. In the commercial sector, the banking industry has been concerned because one incident can cost a company a lot.
“The biggest damage is not from the actual financial loss but from damage to the public trust,” notes Jones. “The same goes for fraud, where banks can suffer a loss to their reputation.” But policies can limit data sharing more than technology restrictions. Organizations such as banks, as well as government agencies, are prohibited from sharing data with other organizations because of privacy regulations.
......................................................................................................................................................................................
Judith Lamont is a research analyst with Zentek Corp., e-mail jlamont@sprintmail.com.