[Cache from http://www.w3.org/2001/03/WSWS-popa/paper40; use this canonical version if possible.]
Allen Brown
Microsoft Corporation
AllenBr@microsoft.com
+1(425)705-3290
© 2001 Microsoft Corporation. All rights reserved.
Note: The W3C-Document-License was
granted
Message-based electronic commerce and services require reliable messaging. We anticipate the development of an XML-based messaging protocol to provide reliable end-to-end messaging, and propose a set of assertions that such a protocol must guarantee despite the challenges of an evolving and unpredictable environment. The main purpose of this protocol is to carry messages reliably on behalf of business processes. These processes will often be longer-lived than the computational and communications resources hosting them.
The Internet's universal connectivity, based on open standards, has encouraged the growth of both business-to-business and business-to-consumer electronic commerce. The communications implicit in such commerce are increasingly taking place through the medium of XML, and, in particular, using the XML messaging framework of SOAP 1.1.[1] This framework does not, of itself, address the various quality-of-service demands that will be imposed by electronic commerce. Any workable approach to business integration across the Internet requires that an open messaging protocol provide a consistent, composable, reliable communication mechanism between participating applications.
In this note we examine the requirements for a messaging protocol whose primary goal is to carry message traffic reliably, in an evolving and unpredictable environment, where the core business may outlive the components carrying the messages.
Many mechanisms and services are necessary for the fully functional high-performance messaging required by electronic business, including
While these enumerated services are not the subject of the subject of this note, we fully expect such services to be specified separately using the SOAP composability model (or that of its W3C-sanctioned successor) and composed with reliable message delivery services.
We believe that the goal articulated above is best achieved by a protocol design that can guarantee (any combination of) the following quality-of-service assertions.
With the exception of the last, these assertions are entirely uncontroversial. Indeed, any number of transport protocols have guaranteed such assertions, although at a finer granularity than the business message. The need for a new protocol to guarantee these assertions arises from the fact that such guarantees need to be imposed at a granularity coarser than that historically addressed, and in an environment where there are considerations that do not obtain at the transport level. We will come to those considerations in the due course.
Novel among the assertions above is the symmetry of failure. In the setting of typical asymmetric reliable messaging protocols one of the participants in a dialogue that has suffered an irreparable failure is usually unaware that such a failure has occurred. This circumstance requires intervention on the part of the informed participant to bring the other participant in the dialogue to a similar state of awareness. Another consequence of asymmetry is that both parties to the dialogue must expend resources in diagnosing the nature of the failure. Symmetric failure reduces an application’s software complexity burden (in adhering to the protocol) on both counts. That is, symmetric failure makes simpler the writing of applications programs.
In addition to the set of assertions that a reliable messaging protocol must be able to guarantee, there is also a set of environmental circumstances that such a protocol must accommodate with little or no software complexity burden imposed upon an application using the protocol.
We imagine that a business process is an evolving set of sub-processes carrying on pair-wise conversations with one another. The (sub-)processes are hosted on physical machines. The conversations are mediated by channels (both physical and logical). Machines and channels are subject to failures. The business process must be immune to such failures. Reliable messaging has a substantial role to play in providing such immunity.
Both processes and conversations should be viewed as mobile. In order to achieve reliability of service and economy of resource utilization, the platforms hosting the (sub‑)processes and the channels mediating the conversations may change during the lifetime of a business process. Indeed, the protocol itself may change during the lifetime of a business process. The reliable messaging protocol should accommodate such mobility.
Finally, a business conversation may be brokered by any number of intermediaries. The correspondents in a service-related conversation will often have no a priori knowledge of one another. Not only might the conversation have come into being between two correspondents through the intervention of (one or more) brokers, these intermediaries may themselves come and go during the course of the conversation. Reliable messaging between the end points should be both supportive of and robust in the face of such brokering.
In this note we have describes the role of a reliable messaging protocol in the evolving environment of Internet-based electronic commerce. We have also elucidated the specific quality-of-service guarantees that such a protocol should enforce. Finally, we have presented a number of environmental conditions endemic to a dynamically evolving web infrastructure. A reliable messaging protocol needs to meet the challenges offered by these conditions with minimal impact upon the applications using the protocol. Such a protocol will support reliable business messaging while simplifying the writing of applications.
[1] We expect that SOAP 1.1 will soon be succeeded by a very similar protocol developed within the W3C XML protocol working group and sanctioned by the W3C.