As an architect, the time I spend with customers is valuable in helping me define industry trends. What I'm hearing lately indicates the current focus within Web services is the existence of threats. Organizations have been asking how to defend against network attacks, and about preventative measures to ensure they don't happen in the first place.
Articles, whitepapers and vendor presentations addressing these threats are peppered with exotic terms like schema poisoning, parameter tampering, coercive and parsing, giving an almost comic-book glamour to the unique risks associated with Web services.
Affected terminology aside, these are issues that require attention. Where the Web provides an HTML-constrained view of an application program interface (API), Web services are more raw, machine-to-machine communications. The flexibility and platform-independence they provide in a loosely-coupled architecture is truly beneficial, but also opens the door to a plethora of concerns.
