Some say Web services represent an evolutionary force that will transform electronic government. The argument goes that for the first time, the stuff Web services is built on -- an alphabet soup of interrelated Internet standards -- gives agencies access to information stored in other agencies' siloed systems fairly painlessly.

In theory, Web services means agency A no longer has to ask agency B's staff to crank out code that will allow A to pick certain types of data off B's mainframe. The process is automated through a Web browser and uses XML (extensible markup language), SOAP (simple object access protocol), UDDI (universal description, discovery and integration) and WSDL (Web services description language) to move data from B to A with little human interaction.

In reality, most government agencies approach the promising new technology with cautious optimism. It may sound easy, but several issues must be sorted out before governments make widespread use of Web services.

The newness of Web services has once bitten, twice shy public-sector IT staff a little hesitant. Immature standards also raise concerns about the infrastructure consistency behind Web services wares hawked by vendors.

Finally, observers say another force is at work: the age-old inclination of government agencies to protect their data, and of public employees to protect their livelihoods.

Using Web Services

Stripped to the basics, Web services are a set of technology standards and tools: XML is the language that tags the data exchanged between computers; SOAP defines how the data transfer will take place; WSDL describes services available to computers involved in the data transfer; and UDDI lists available services to computers making the transfer.

Government agencies are just beginning to use Web services to power applications like secure, personalized electronic services to constituents; link legacy mainframes to Web portals; and manage identities of employees who need remote access to information in several back-end systems.

Several years ago, Hillsborough County, Fla., rethought its approach to identity management.

"We realized having a central repository, where security rights and access to things were in a single location, was a good thing," said Bill Kannberg, the county's CTO. "Web services kind of grew into the ability to hit an identity management system. It was a product that was waiting for something like identity management, and identity management was looking for services it could leverage."

Web services helped the county two ways: by replacing its remote access process and making it possible to deliver customized access to applications based on user identity.

In the past, employees' PCs were outfitted with VPN clients and remote access software. That was not necessarily a good value proposition for the county, Kannberg said, because when the VPN software caused problems, county IT staff essentially became after-hours support for remote users. Now remote employees need only a PC with a Web browser to access a public Web site that serves as an employee portal to county applications.

Once the employee's identity is verified, a portal services engine developed by Novell renders a personalized Web site to the employee -- complete with access to applications the employees need to do their jobs. The portal serves users from 37 county agencies.

Next in Line

Kannberg said he's working to deploy other Web services-based projects in the near future.

"We're laying down the next generation of the foundation that came with portal services, and that's to have a central identity management system," he said. "In our case, our human resources information system tells who should be in the system and who shouldn't be in the system. We're using XML on the back end to kick off actions from that central identity management system, so if an employee leaves the county,

Shane Peterson  |  Associate Editor