Welcome!

Java IoT Authors: Pat Romanski, Elizabeth White, Zakia Bouachraoui, William Schmarzo, Yeshim Deniz

Related Topics: Java IoT

Java IoT: Article

Goodbye "Middleware," Hello SOA Applications

Exclusive Q&A with David A. Litwack, Senior Vice President of Web Application Development Products, Novell

  • JDJ Industry Perspective: "The End of Middleware"
  • "Middleware Is Alive and Well, Thanks!" Says Deshpande
  • JDJ Exclusive: The Future Of Middleware & Tools

    David Litwack is responsible for the development and advancement of Novell's secure Web services strategy, a position he assumed in July 2002 following Novell's acquisition of SilverStream Software, a company for which he'd served as president and CEO since 1997. He is also a member of Novell's Worldwide Management Committee. JDJ speaks with him about a range of contemporary computing issues.

    JDJ: You've worked on PC products in the '80s, then pioneered client/server in the '90s. Since then we've had the Web, and now "Web services." Is it the right term, do you think? For example, an old Powersoft colleague of yours, Mitchell Kertzman, prefers to call the distributed application architecture "client/service." Do you agree - should we be talking about client/service architectures now?
    DL: Web services is a technology, not an application architecture. Client/server was comprised of a number of technologies, such as Windows, OO, SQL, ODBC, etc., which together allowed us to build applications in a new way. Web services - as the packaging, description, and discovery model - is only part of the new puzzle. It's the use of "services" as a component-based foundation for applications that is important. At its essence is a clean separation between the source of information and its delivery, which enables a far more flexible and personalized form of application.

    There were two things wrong with client/server: the client referred to a specific hardware device and the server referred to a specific back-end system. There was a hard wiring between the two. The goal today is to provision any information or systems, regardless of how they are physically imple-mented, to any audience, regardless of how they connect, in a secure and personalized way based on identity. What we want is to dynamically match the logical service to an identity. In effect, identity/services is a better description of this new architecture.

    JDJ: What about the buzzword of 2004, SOAs?
    DL: The industry has struggled a lot more with naming this architecture than client/server, maybe because it's a more comprehensive set of technologies. As I've just described, the essence is the service. So SOA is as descriptive as anything I've heard and seems to have broader acceptance today than any other term. I always try to refer to SOA rather than Web services. In fact, I believe you can be true SOA, without even being SOAP based.

    JDJ: Still on Java - what's your position on the JCP - is it the right way to do things?
    DL: JCPs are time-consuming and complex, but so are all standards groups. I suspect the hidden agenda when the JCP question is asked is whether the JCP process is "fair," meaning, does Sun bias it? In fact it has been a fair and reasonable process, and Sun has been as reasonable a custodian as can be expected, considering the JCP is not a pure, open standard.

     
    David Litwack at a recent SYS-CON Radio interview. (Photo copyright: SYS-CON)

    JDJ: Would/could anyone else safely be a custodian of Java? The open source community or IBM?!! How about Novell? ;-)
    DL: Tough question. Could Java move from Sun to a more truly open standard? Yes, I think so, with so many organizations already committed to the process. Could it move to open source? Maybe. But remember that you can be an open standard without being open source. Let's separate the two questions. I think Java becoming an open standard would be helpful with some of the industry politics and make Java generally more acceptable to everyone. It would also free up some Java-based efforts from some of Sun's restrictive licensing practices.

    As far as open source, Novell has become a huge proponent. However, there are many flavors of open source, some more diffused in the community and some more focused in one or two organizations. Java and J2EE are huge and would require support from some large players. We could start with open sourcing some key pieces, like the JVM, if we could work around Sun's licenses.

    JDJ: You have said that few Web services will be open source, since these are frequently tied to strategic, proprietary systems. Can we still expect that the presentation that consumes the Web service will be open sourced, though?
    DL: Remember that the essence of Web services is to black box a variety of back ends, to hide their technology. Inside these black boxes there is no standard. They could be mainframes, HP3000, relational databases, EDI, Web sites, SAP systems, and so forth. But on the consumption side, the world is becoming more ordered, with standards such as the Java Portlet spec and XForms. Novell has invested heavily in XForms, working with W3C, because we see it as the missing link that binds XML to presentation. A commonly accepted way of doing things is one of the elements that fosters open source.

    JDJ: What's the overall effect on Java of the compelling economics of Linux?
    DL: Linux is clearly the next market wave. It's driven by the perception that open source has a better economic model for customers and frees them from vendor oppression. A lot of Linux will move into the corporate world in the next few years. Linux will not replace the mass of older systems out there. But there is an ethic about Linux that it will simplify and consolidate. Therefore, I believe that SOA will frequently ride into an organization on the back of Linux.

    There are not as many new Java applications being written today as we would like because, frankly, there are not as many new systems being written, period. The adoption of Linux will drive an effort to simplify the historic IT mess, and SOA will be a big part of it. Java and J2EE are excellent environments for implementing SOA.

    JDJ: How much closer are we to resolving the security aspects of Web services?
    DL: There are three things required to resolve Web services security: a general understanding of the issues; a universally accepted place where the solution will be determined; and acceptance and implementation by the industry. The first has largely occurred. The second involves a consolidation of sometimes competing standards groups. I think by the end of this year, the way will be clear for the delivery of all the key security standards, rapidly followed by commercial implementations by vendors like Novell.

    JDJ: What about identity management, is it all sorted yet?
    DL: Identity management is yet another really broad term, with many facets. This category has grown up with big players starting from the directory/ metadirectory, and smaller players starting from a variety of areas, like password self-service, workflow-based provisioning, identity-based applications like white pages, and newer areas like virtual metadirectories.

    Identity management mirrors SOA in some ways, with a number of moving parts that are fragmented but should really someday integrate to one thing. We're already seeing this consolidation occur, with a number of smaller players recently being acquired.

    Ultimately, identity management should be about:

    • Maintaining and administering a single view of identity, across disparate identity stores. This may include multiple directories or application data stores within or across organizational boundaries.
    • Authorizing access based on role or organizational group, either via an administrator, delegate, or user self-service
    • Provisioning resources based on centrally maintained policies or via workflow-based approvals
    • Providing identity-based applications, such as white pages, yellow pages, org charts, skills inventories, etc., in an easily customized way that may also be embedded within applications
    • Auditing and monitoring of all identity-based activities in a way that can satisfy regulatory requirements
    It will increasingly become the industry view that this is one integrated whole, and not piece parts.

    JDJ: Talking of complexity, is J2EE too complex? If so, what's the best way forward?
    DL: I believe that all standards go through three phases. First, the standard demonstrates its value but is immature, missing some of the basics, and we eagerly await the next version. Then the standard matures substantially, with many of the most frequently used pieces becoming robust. The standard is now enterprise ready, but it becomes harder for vendors to implement the much more complex standard, especially now that they have a large customer base to support and migrate. Finally, the standards body spends much of its effort on peripheral issues that a very small percent of the base will use or even understand. This occurs at precisely the time when the standard becomes mainstream and a core set of features are used widely, by mainstream users who hardly know about the more exotic features. At this point, vendors begin to question the need to implement the entire spec.

    J2EE is well into the second phase. As the complexity increases, the relevance of incremental features diminishes and the standard starts to stabilize. An interesting side note with J2EE is that in the next year or so, you will see enterprise class, compliant, open source J2EE servers. It's possible, despite Sun's certification practices, that the pressure from the open source community for mainstream enhancements will trump the more theoretical nature of the mature standards committees.

    JDJ: Why did Sun's Jonathan Schwartz say "Middleware is history"? Is middleware in fact just beginning? Or is Schwartz right, and end-to-end "systems" will supplant it?
    DL: What's in a name? SOA is an inherently middle-tier centric architecture. There's no doubt that in the world of SOA we will have application, integration, and portal servers; content management systems; policy and workflow engines; directories and metadirectories; identity providers; proxies; etc. These are all technically middleware. But as a market category, middleware may very well go away. Why? Because all of these things listed are only a means to an end and, therefore, not what people want to buy. People don't buy carburetors to have carburetors. Carburetors are a means to an end. People buy cars.

    What is the equivalent of the car? An SOA application. At Novell, we've been working to bring together all aspects of identity-based SOA into a suite for that reason. The more transparent we can make middleware, the easier it will be to deliver SOA applications. That will be the new category.

  • More Stories By Jeremy Geelan

    Jeremy Geelan is Chairman & CEO of the 21st Century Internet Group, Inc. and an Executive Academy Member of the International Academy of Digital Arts & Sciences. Formerly he was President & COO at Cloud Expo, Inc. and Conference Chair of the worldwide Cloud Expo series. He appears regularly at conferences and trade shows, speaking to technology audiences across six continents. You can follow him on twitter: @jg21.

    Comments (4)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    IoT & Smart Cities Stories
    Tapping into blockchain revolution early enough translates into a substantial business competitiveness advantage. Codete comprehensively develops custom, blockchain-based business solutions, founded on the most advanced cryptographic innovations, and striking a balance point between complexity of the technologies used in quickly-changing stack building, business impact, and cost-effectiveness. Codete researches and provides business consultancy in the field of single most thrilling innovative te...
    Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
    In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...
    The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
    With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
    CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City.
    Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
    Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
    At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
    Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...