With almost every software vendor scrambling to reposition products to address the Web services technology paradigm, Web services have arguably become the hottest phenomenon in today's IT market.But in the stampede to get on the Web services bandwagon, the definition of Web services has become so corrupted and abused that the true meaning has been lost and the value often misunderstood.
Defining Web services
Just what are Web services? The answer depends on whom you ask. To business users, Web services are the key to finally integrating disparate systems, users, and data into one cohesive environment, using the Internet as the communications medium.
To the technology enthusiast, Web services are a combination of programming interfaces, communication protocols and object definitions with a continuing debate of whether XML interfaces alone is the only requirement or if Web services also require the acronym consortium which includes: SOAP, HTTP, UDDI and WSDL.
For a common understanding, I'll define Web services as a set of XML-based standards and programming rules that enable reusable, self-contained applications to be accessed and executed and to swap data over the Internet. In theory, these capabilities would enable the seamless process interaction and sharing of data across heterogeneous systems regardless of their underlying technology.
The dream is that one day it will be possible to outsource most system functionality to achieve true e-outsourcing via the Internet. This will involve the incorporation of a plethora of Web services that are dynamically accessed and assembled in a "plug-and-play" world of interoperability.
An insurer's internal IT systems would still retain custodianship of the data, but from a functional and services perspective, the in-house systems would merely act as the conductor of the Web services orchestra.
Even if this brave new world of "e-outsourcing functions and services" is achievable, will any insurer rely on ad-hoc services for its core mission critical processing? I doubt that any insurance company would be willing to fully abdicate this level of control to a multiplicity of Web service providers outside their operation.
Realistically, the functions that will be implemented through Web services are those that are carefully chosen as a complement to the core operations that will remain in-house.
Even if an insurer were to choose the outsource-everything approach, performance is the first hurdle one would encounter. The unavoidable delay involved in any remote processing, along with assembling and deconstruction of XML messages, will be a real performance challenge.
Web services security remains a huge challenge today in that there doesn't yet exist an easy way to manage security policies that require control across multiple organizations.
Today, Web services can be relatively defenseless against cyber terrorists especially with clever hackers and their attempts to cause Internet havoc by flooding specific services with legitimate-looking messages. Given the around-the-clock service levels that insurance demands, the business risks and exposures currently presented through remote Web services may be intolerable.
Another formidable challenge for Web services to overcome in insurance is the seemingly endless struggle for insurance data standards: Until XML implementation standards become universal, the true "plug-and-play" promise of Web services will remain elusive.
This inability to come to a common set of definitions within the industry leaves us, by definition, without a standard. Only when collaboration amongs vendors, insurers, and industry organizations is strong enough, will stable standards emerge.
Universal standards for building Web services for core insurance processing elements still need to emerge. Until this occurs, there will be no widespread adoption of Web services for core functions, leaving Web services application currently limited to peripheral services such as credit scores, document management, first notice of loss, and personal line quotes.
A great way to start
Given their current shortcomings, do Web services still have a place? Absolutely, and as Web services technology matures, it will only get better.
To prepare for the inevitable future of Web services, IT architects need to move toward a more service-oriented application design paradigm to enable the gradual incorporation of Web services as an option. The pace of adoption will be governed by performance, security issues resolution, and the emergence of standards. Internally hosting Web services rather than accessing them remotely over the Web is a great way to start.
There is no denying that Web services are a big part of the IT future, but like a fine wine they need to have time to age and mature before reaching their full potential. Expecting too much, too soon from Web services will just leave the industry with a bad taste.
Rodney Griffin is the director of product marketing and management with WorldGroup.
