The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors
NEWS
Cover Stories
Articles & Papers
Press Releases
CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG
TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps
EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Last modified: May 14, 2007
XML Daily Newslink. Monday, 14 May 2007

A Cover Pages Publication http://xml.coverpages.org/
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Primeton http://www.primeton.com

Securent: You Are Not Entitled to This Program

Clint Boulton Securent, a startup that makes software to regulate what corporate-data employees can access on their computers, has upgraded its platform with new support for databases and collaboration applications. The startup hopes its software will gain traction in the emerging entitlement management software market, where Securent, Oracle, BEA, CA, and others are trying to imbue corporate networks with more fine-grained access control. Securent's Entitlement Management Solution (EMS) version 3.0, based on the OASIS Extensible Access Control Markup Language (XACML) standard, uses strict policy enforcement to protect sensitive data for Oracle Database and Microsoft SQL Server. Securent EMS v3.0 also covers more collaboration applications than v2.0, including Microsoft Office SharePoint Server 2007 (MOSS), JBoss Portal 2.4 and 2.6, and BEA WebLogic Portal 9.2. Targeting these collaboration applications is hardly an accident. Such applications enable ad-hoc collaboration environments, which are huge vulnerability pots for enterprises. The broader applications coverage is possible through new agents that dictate what application user can access what information and for what duration; if end users try to monkey with the policies, Securent's agents intervene. Stringent control database and applications control is a boon for companies concerned about enforcing internal or external compliance rules, such as HIPAA, Sarbanes-Oxley and SEC 17a-4. To ensure this granularity, each EMS component can be deployed independently of one another in co-located, distributed, federated, and many-to-many configurations. Securent, which Howard Ting said now has 15 customers in production, aims to appeal to large enterprises, scaling to millions of users and thousands of applications.

See also: XACML references

Breaking SOA Bottlenecks
Galen Gruman, InfoWorld

Those who experiment with SOA on a small scale generally have a smooth ride. But start to scale, and obstacles quickly emerge. This article explores the common SOA choke points—and their antidotes. If you think that using WS-* standards, licensing an ESB (enterprise service bus), and deploying service registry means you've arrived, think again. All of the above may be desirable, depending on what you're trying to do. But by themselves those piece parts won't reap the savings or agility that SOA promises. It's easy to miss what SOA is really about. For example, SOA is not integration, although it's easy to see why people think so. XML, the one standard most closely associated with SOA, was originally designed to foster open, message-based alternatives to proprietary integration. But integrating applications is incidental to creating services that map to business functions—the underlying principle of SOA. Integration is a bridge; SOA is a whole new landscape. SOA is typically championed by technologists. That makes it easy to view SOA as merely a technology for which new tools can be bought -- a premise vendors are all too happy to support. But it doesn't matter what technology you use to do SOA, according to analyst Manes. After all, a key premise of SOA is that services are designed to work together regardless of the specific technologies they are based on. That's why it's a mistake to buy SOA infrastructure, governance, or development tools until you have your enterprise architecture in place, along with the operational architecture—that is, the design for how you will actually run your services. From those architectures, you'll understand how many services you are likely to have, how they are likely to interact with other services, and what their performance, security, and other requirements are. Only then can you build the right infrastructure for them and know what tools you may need.

Norwegian Standards Council Recommends Mandatory Use of ODF and PDF
Andy Updegrove, ConsortiumInfo Standards Blog

Norway is the latest European country to move closer to mandatory government use of ODF (and PDF). According to a press release provided in translation to me by an authoritative source, Norway now joins Belgium, Finland, and France (among other nations) in moving towards a final decision to require such use. The Norwegian recommendation was revealed by Minister of Renewal Heidi Grande Roys, on behalf of the Cabinet-appointed Norwegian Standards Council. If adopted, it would require all government agencies and services to use these two formats, and would permit other formats (such as OOXML) to be used only in a redundant capacity. Reflecting a pragmatic approach to the continuing consideration of OOXML by ISO/IEC JTC 1, the recommendation calls for Norway to "promote the convergence of the ODF and OOXML, in order to avoid having two standards covering the same usage." According to the press release, the recommendation will be the subject of open hearings, with opinions to be rendered to the Cabinet before August 20 this summer. The Cabinet would then make its own (and in this case binding) recommendation to the Norwegian government. This announcement is the latest in a series of news items, some concrete and some promotional, from which the relative progress of ODF and OOXML can be inferred. The former category includes actual announcements of recommendations and adoption by governments (such as this) and standards bodies (such as ISO/IEC's JTC1, updating the "fast track" progress of OOXML), while the latter includes a continuing series of blog postings—such as this recent post by Microsoft Program Manager Brian Jones, pointing to a new Open OOXML Community site, at which Microsoft is inviting its partners to post messages of support.

Advance Notice of Workshop: RDF Access to Relational Databases
Staff, W3C Announcement

W3C announced plans to hold a "Workshop on RDF Access to Relational Databases". The event will take place on October 25-26, 2007 in Cambridge, MA, USA, hosted by Novartis. Systems for exporting relational data to RDF have existed since the beginning of the semantic web. Recently, the semantic web developers have focused on SPARQL query-rewriters and interpreters to access relational data directly. Both of these approaches share an expression of relational data in RDF. This workshop will draw members of the semantic web and relational database communities together to examine commonalities, distinctions and next steps for expressing relational data in RDF. The ubiquity of relational data makes it an attractive next target for the semantic web. Much of the data that is used in automation is stored in relational databases. RDF's grounding in universal terms makes RDF attractive to the relational database community. Expressing relational data in RDF allows them to join relational data with data in other databases or in other forms.

See also: W3C Workshops

Context, Terms, Models and Options for Digital Identity Management
Daniel Greenwood, OECD Workshop Presentation

This paper was presented at the OECD Workshop on Digital Identity Management in Trondheim, Norway. Three Models of Identity Management Systems: (1) Centralized Ownership and Decision Making—The people identified are not in charge of their identity within this system; the system adheres based upon command and control from the center; Nearly all X.500, LDAP, X.509 and other directory related identity management systems fall under this category. (2) Federated Ownership and Decision Making— The people identified are typically not in charge of their identity within this system. (3) Individual Ownership and Decision Making—The Pretty Good Privacy [PGP] application is a good example of this model, allowing individual users to trade...

Oracle Announces Development Kit for Spring
Staff, SYS-CON Java News Desk

Oracle has announced availability of the Oracle Development Kit for Spring. The new development kit is designed to simplify the development, deployment and management of Spring-based enterprise Java applications. As developers look to quickly and easily create high-quality applications, they require the freedom to choose the technologies, components and frameworks that best meet their requirements. As a result, developers are increasingly using components of Oracle Fusion Middleware with Spring's leading open source application development framework. Spring's layered architecture allows developers to pick and choose pieces of the framework, which provides optimal flexibility without sacrificing performance. Oracle's free Integrated Development Environment (IDE), or Oracle Application Server with Spring, the Oracle Development Kit for Spring includes the Spring Framework 2.0—the latest version of Spring's light-weight, open source application development framework. Oracle JDeveloper Extension for Spring provides wizards and full editor support for both Spring 1.x and 2.0-style definitions complete with code insight, auto-complete and XML validation; Oracle Developer Depot is a free, Spring-based developer productivity tool that dramatically simplifies the way Java developers find, configure and provision Java applications. Pre-packaged Sample Applications and tutorials help developers get Spring-based applications up and running quickly. Transaction Manager Integration allows developers to leverage the lightweight programming model of Spring with the high-performance transactional capabilities of Oracle Application Server.

See also: the FAQ

Microsoft Takes On The Free World
Roger Parloff, Fortune Magazine

Microsoft claims that free software like Linux, which runs a big chunk of corporate America, violates 235 of its patents. It wants royalties from distributors and users. A broad community of developers, from individuals to large companies like IBM, is constantly working to improve free software and introduce new features. No wonder the business world has embraced it so enthusiastically: More than half the companies in the Fortune 500 are thought to be using the free operating system Linux in their data centers. But now there's a shadow hanging over Linux and other free software, and it's being cast by Microsoft. [According to Fortune] The Redmond behemoth asserts that one reason free software is of such high quality is that it violates more than 200 of Microsoft's patents. And as a mature company facing unfavorable market trends and fearsome competitors like Google, Microsoft is pulling no punches: It wants royalties. If the company gets its way, free software won't be free anymore. Microsoft General Counsel Brad Smith and licensing chief Horacio Gutierrez sat down with Fortune recently to map out their strategy for getting FOSS users to pay royalties. Revealing the precise figure for the first time, they state that FOSS infringes on no fewer than 235 Microsoft patents. Gutierrez refuses to identify specific patents or explain how they're being infringed, lest FOSS advocates start filing challenges to them. But he does break down the total number allegedly violated (235) into categories. He says that the Linux kernel - the deepest layer of the free operating system, which interacts most directly with the computer hardware - violates 42 Microsoft patents. The Linux graphical user interfaces - essentially, the way design elements like menus and toolbars are set up - run afoul of another 65, he claims. The Open Office suite of programs, which is analogous to Microsoft Office, infringes 45 more. E-mail programs infringe 15, while other assorted FOSS programs allegedly transgress 68.

See also: Patents and Open Standards

Sponsors

XML Daily Newslink and Cover Pages are sponsored by:

BEA Systems, Inc.http://www.bea.com
IBM Corporationhttp://www.ibm.com
Primetonhttp://www.primeton.com
SAP AGhttp://www.sap.com
Sun Microsystems, Inc.http://sun.com

XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: newsletter-subscribe@xml.coverpages.org
Newsletter unsubscribe: newsletter-unsubscribe@xml.coverpages.org
Newsletter help: newsletter-help@xml.coverpages.org
Cover Pages: http://xml.coverpages.org/
Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI: http://xml.coverpages.org/newsletter/news2007-05-14.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org