By Fatima Ahmed
On the Windows .NET front, XML-based user authentication technology, code-named 'HailStorm', topped the list. In march 2001, Microsoft ® Corporation announced "a set of new technologies"; designed to advance the Microsoft .NET strategy. The technology is a user-centric architecture and set of XML Web services, Microsoft .NET My Services (formerly codenamed "HailStorm").
'It's probably the most important .NET building block service. This is a revolution where the user's creativity and the power of all their devices can be used.'said Microsoft Chairman Bill Gates. HailStorm will allow client-side applications and Web services to exchange user information much faster and easier.
What Is .NET My Services?
The .NET My Services platform is a collection of XML Web services that are invoked over the Internet by means of industry-standard protocols that includes SOAP, XML, and Universal Description, Discovery, and Integration (UDDI). .NET My Services authenticates users, provides the ability to send alerts, and stores personal information, including contacts, e-mail, calendar, profile, lists, electronic wallet, physical location, document stores, application settings, favorite Web sites, devices owned, and preferences for receiving alerts.
.NET My Services takes advantage of the Microsoft .NET-based technologies and architecture that make it possible for applications, devices, and services to work together. These services make user consent the basis for who can access user information, what they can do with it, and how long they have permission to do it.
Salient features of .NET MY SERVICES
PRIVACY
Privacy is a key design requirement in the .NET My Services architecture, and the .NET My Services data model is provided with a specific security and access control model that allows end users to control how and with whom their personal information is shared. This intelligent and excellent software allows users to:
· Determine who or which services have access rights to their data.
· Share data with any party at will. .NET My Services will employ a strict opt-in platform for user's data.
· Revoke sharing/access privileges at will, providing a unique level of control not commonly available on the Web and sites.
· Arrange for sharing that expires at a given time by system-managed and time-based data access revocation.
In addition to providing the technical capabilities, Microsoft will mandate strict data collection and use practices among .NET My Services licensees to guarantee that user's privacy is protected. Specifically, Microsoft intends to bind licensees to specific terms of use that control what can and cannot be done with user data originating from a .NET My Services source through a contract. Moreover, Microsoft will electronically and physically secure data managed by .NET My Services to prevent unauthorized access or use. Finally, Microsoft will have no right to mine, target, sell, or publish any .NET My Services user data without explicit user consent.
Open Access
.NET My Services can be accessed from any device, service, or application with an Internet connection, the ability to authenticate a user, and the ability to send and receive SOAP messages. Microsoft has already demonstrated .NET My Services being accessed from Microsoft Windows®, Macintosh, Palm PC, Pocket PC, and a variety of UNIX-based products.
For users, HailStorm will be accessed through their applications, devices and services (also known as "HailStorm end-points"). Naturally, the .NET infrastructure provided by Visual Studio.NET, the .NET Framework, and the .NET Enterprise Servers will fully incorporate support for HailStorm to make it as simple as possible for developers to use HailStorm services in their applications.
DISCO:
Microsoft has also defined a discovery mechanism (an XML schema and a search algorithm), called Discovery of Web Services (DISCO), that you can use to locate Web services.You use DISCO (short for Discovery) to locate a Web service at development time, then your development tool creates a proxy that allows you to use the Web service without having to use the discovery mechanism again. The proxy contains a hard-coded URL for the Web service, but you can override this location in your client by setting the "Url" property on your proxy object.
WSDL
The actual descriptions of .NET My Services are conveyed through WSDL (Web Service Description Language) documents. These documents convey all of the information a client needs to interact with the service, including all of the different objects, types, and methods that a particular Web Service exposes. The more strong the Web Service, the more complex and unwieldy is the WSDL document describing the service.
SDP:
The Microsoft SDP provides structure, including the following, for the development or extended 'HailStorm' services: (1) Call for proposals for new 'HailStorm' extended services; (2) Creation of SDP working groups; (3) Definition and testing of extended 'HailStorm' services; (4) Certification of extended 'HailStorm' services; (5) Deployment of new services. The Microsoft Shared Development Process (SDP) provides a mechanism for fast, focused and profitable collaboration on key technology initiatives between Microsoft and industry partners.
Authentication-Centric
Microsoft .NET Passport is a powerful authentication system that lets consumers safely store personal information on the Web and control how that information can be used. .NET Passport services, including .NET Passport Single Sign In service and .NET Passport Express Purchase service that simplify the online purchase process and help Internet-commerce Web sites build stronger relationships with customers. Kerberos is a proven industry standard security protocol that is used by Microsoft® Windows 2000 and XP for user authentication. Kerberos is responsible for authenticating client requests based on centralized security information and distributing "tickets," which are temporary encryption keys that clients use to access specific services.
Independant & decentralized
The HailStorm platform uses an open access model, which means it can be used with any device, application or services, regardless of any operating system, object model, programming language or network provider. All HailStorm services are XML Web SOAP; no Microsoft runtime or tool is required to call them. This decentralization of the client is designed to allow Hailstorm applications to spread as quickly as possible.
While decentralizing client-code, Microsoft centralizes the three core aspects of the service:
· Identity (using Passport)
· Security (using Kerberos)
· Definitions and Descriptions (using HailStorm's globally standardized schema)
First, you cannot use a non-Passport identity within HailStorm, and at least for now, that means that using HailStorm requires a Microsoft-hosted identity.
Second, developers might not be able to write HailStorm services or clients without using the Microsoft-extended version of Kerberos.
Third, you cannot use a non-Microsoft copyrighted schema to broker transactions within HailStorm, nor can you alter or build on existing schema without Microsoft's permission.
Simplified Access (Any Time and On Any Device)
User's life is made easier because no longer must a user log on to one service to check e-mail, use another application to check a work calendar and yet another to check personal calendar entries, start a browser to check favorite Web sites, enter passwords, addresses, and other personal information in the fifty different consumer Web sites they visit.
Because of the data-centric nature of XML Web services, .NET My Services will enable end users to be able to access their key information and receive alerts about important events anywhere, on any device, and at any time.
Security:
Authentication of a HailStorm user is provided via Kerberos, a secure method developed at MIT for authenticating a request for a service in a computer network. It creates potential incompatibilities between clients running non-Microsoft versions of Kerberos and servers running Microsoft's versions. By making the system transparent to developers but not freely extensible, Microsoft hopes to gain the growth that comes with openness, while avoiding the erosion of control that also comes with openness.
Enterprise-Scale Security
Network security enhancements:
· Kerberos Security Protocol
· Efficient authentication to servers.
· Mutual authentication
· Interoperability
· Secure Sockets Layer (SSL) Support for Web Server
· Protected Store
· Smart Card Cryptographic Service Provider (CSP)
.NET My Services Endpoints
Microsoft is actively working to create numerous third-party endpoints for .NET My Services. This means that Microsoft applications, including everything from Microsoft Office to the Microsoft games, will support .NET My Services. Services including MSN and Microsoft bCentral™ small business portal will be .NET My Services endpoints, and a variety of devices powered by Microsoft software will be potential .NET My Services endpoints, including Microsoft Xbox™ video game console, Pocket PC, and Microsoft's smart phone software platform, currently codename "Stinger." A number of Microsoft operating systems, including Windows XP and Windows CE, will also be .NET My Services endpoints themselves.
How .NET My Services Work
Considering the developer's perspective, .NET My Services is a set of XML Web services, accessed by sending and receiving SOAP messages sent though the HTTP or DIME protocols, and using the .NET Passport system for authentication. But how do .NET Services work?
.NET My Services consists of three things:
· Authentication, which will be provided by .NET Passport when .NET My Services goes live
· SOAP, the communication protocol
· XML, following the rules and schemas set out in the XMI Reference, which provides the data formatting and organization
In the end i would say that this "Hailstorm" can really bring a big storm in the world of web services.
