Cover Pages: XML Daily Newslink: Thursday, 14 February 2008

A Cover Pages Publication http://xml.coverpages.org/
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Sun Microsystems, Inc. http://sun.com

Headlines

ActiveBPEL Community Edition Supports WS-Human Task and BPEL4People
Google Code Project Provides an Enterprise Java XACML Implementation
Updated Liberty Identity Assurance Framework (IAF) Based upon Public Review
W3C Publishes Best Practices for XML Internationalization
Red Hat Expands JBoss SOA, Community Efforts

ActiveBPEL Community Edition Supports WS-Human Task and BPEL4People
Staff, Active Endpoints Announcement

Active Endpoints, Inc., inventor of visual orchestration systems (VOS), has announced the availability of Milestone 1 of ActiveBPEL Community Edition 5.0 Server. The ActiveBPEL engine comprehensively implements both the BPEL4WS 1.1 specification and the WSBPEL 2.0 standard. The engine supports the full complement of BPEL activities, event handling, exception handling and scope/compensation management. ActiveBPEL 5.0 represents the world's first release of an open-source implementation of both BPEL4People and WS-Human Task. These specifications allow human interactions to be included in services-based applications. By incorporating human tasks in composite applications, WS-Human Task and BPEL4People expand project teams' flexibility and efficiency in delivering standards-based solutions. With BPEL4People and WS-Human Task, application developers no longer have to cede control of business logic to proprietary workflow engines. Instead, these specifications allow human interaction to become a core, natural and open part of creating, deploying, testing and maintaining standards-based applications. For project teams struggling with the complexity of integrating closed workflow systems into composite applications, BPEL4People is a breakthrough specification and makes WS-BPEL itself an even more compelling alternative to overweight, piece-parts approaches to creating composite applications. Active Endpoints is an author of both the WS-Human Task and BPEL4People specifications. As a co-submitter of these specifications to OASIS, the company will play an active role in improving these through its participation in the OASIS WS-BPEL Extension for People Technical Committee. By releasing ActiveBPEL 5.0 Milestone 1 to the open source community, the company hopes to gain experience in the implementation of these specifications in order to permit Active Endpoints to more quickly promote the specifications as OASIS standards. Rapid finalization of these specifications will deliver major productivity to project teams interested in modernizing applications using standards-based technologies.

Google Code Project Provides an Enterprise Java XACML Implementation
Zian Wang, Software Announcement

The 'enterprise-java-xacml' Google Code Project provides a high performance XACML 2.0 implementation that can used in the enterprise environment. A first release has been announced; the software is made available under the Apache License 2.0. Enterprise Java XACML intends to fully implement OASIS XACML 2.0 and will support XACML 3.0 in the future. It is a totally independent implementation. It fully implements XACML 2.0 core standard and has passed all conformance tests. It provides PDP that can accept XACML requests and returns XACML responses. The software is said to offer a highly effective target indexing mechanism that greatly speeds up policy searching: completely cached decisions that can speed up the evaluation, and completely cached policies that can speed up the evaluation. It supports a plugable data store mechanism: users can implement their own data store by implementing only a few interfaces; a file data store implementation is provided. It features a plugable context factory: users can implement their own context factory that wrap request/response in a specific format, and a default implementation is supplied. A plugable logger mechanism means users can implement their own logger mechanism: "I've provided 2 types of logger, one is log4j, the other is a default logger; if log4j conflicts with user's system, they may want to use this default one." The tool supports an extensible XACML function registering mechanism; users can write their own functions and register them to PDP and then use in policies. The extensible attribute retriever mechanism means that users can write their own attribute retriever to retrieve attributes from external systems. It provides simple PAP APIs that can be used to produce XACML policy files; users who want write an XACML policy administrative UI can also rely on these APIs. Both XACML APIs and an application framework are supported, which means users can incorporate this implementation by calling XACML APIs from their own applications. The implementation also provides a standalone application framework that users can start and directly send XACML request to it for evaluation. The software is distributed with unit tests and conformance tests against XACML 2.0.

See also: XACML references

Updated Liberty Identity Assurance Framework (IAF) Based upon Public Review
Staff, Liberty Alliance

Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released the latest version of the Liberty Identity Assurance Framework (IAF). The IAF is a policy-based organizational framework being developed collaboratively within the Liberty Alliance Identity Assurance Expert Group and corresponding public special interest group to advance trusted identity federations based on standardized and certified identity assurance levels. The latest version of the IAF is based on recent input from over 40 representatives from the global financial services, government, telecom, healthcare, system integrator, and technology sectors and is available for additional review and comment. Liberty Alliance formed the Identity Assurance Expert Group (IAEG) to foster adoption of identity trust services. Utilizing initial contributions from the e-Authentication Partnership (EAP) and the U.S. E-Authentication Federation, the IAEG's objective is to create a framework of baseline policies, business rules, and commercial terms against which identity trust services can be assessed and evaluated. The goal is to facilitate trusted identity federation to promote uniformity and interoperability amongst identity service providers. The primary deliverable of IAEG is the Liberty Identity Assurance Framework (LIAF). The LIAF leverages the EAP Trust Framework and the US E-Authentication Federation Credential Assessment Framework (CAF) as a baseline in forming the criteria for a harmonized, best-of-breed industry identity assurance standard. The LIAF is a framework supporting mutual acceptance, validation, and life cycle maintenance across identity federations. The main components of the LIAF are detailed discussions of Assurance Level criteria, Service and Credential Assessment Criteria, an Accreditation and Certification Model, and the associated business rules. Assurance Levels (ALs) are the levels of trust associated with a credential as measured by the associated technology, processes, and policy and practice statements. Liberty Alliance is also announcing four public webcasts, each designed to review and gather industry input into primary sections of the IAF as the Framework moves to final during 2Q of 2008.

See also: Liberty Alliance references

W3C Publishes Best Practices for XML Internationalization
Yves Savourel, Jirka Kosek, and Richard Ishida; W3C WG Note

W3C's Internationalization Tag Set (ITS) Working Group has published a Group Note for "Best Practices for XML Internationalization." The specification provides a set of guidelines for developing XML documents and schemas that are internationalized properly. Following the best practices describes here allow both the developer of XML applications, as well as the author of XML content to create material in different languages. This document and "Internationalization Tag Set (ITS) Version 1.0" implement requirements formulated in "Internationalization and Localization Markup Requirements." This note is intended to complement the W3C ITS Recommendation, since not all internationalization-related issues can be resolved by the special markup described in ITS. The best practices in this document therefore go beyond application of ITS markup to address a number of problems that can be avoided by correctly designing the XML format, and by applying a additional guidelines when developing content. Guidelines for designers and developers of XML applications are presented in three sections. Section 2 "When Designing an XML Application" provides a list of some of the important design choices you should make in order to ensure the internationalization of your format. Section 4 "Generic Techniques" provides additional generic techniques such as writing ITS rules or adding an attribute to a schema; such techniques apply to many of the best practices. Section 5 "ITS Applied to Existing Formats" provides a set of concrete examples on how to apply ITS to existing XML based formats; this section illustrates many of the guidelines in this document. Guidelines for users and authors of XML content are outlined in other document sections. Section 3 "When Authoring XML Content" provides a number of guidelines on how to create content with internationalization in mind. Many of these best practices are relevant regardless of whether or not your XML format was developed especially for internationalization. Section 4.1 "Writing ITS Rules" provides practical guidelines on how to write ITS rules. Such techniques may be useful when applying some of the more advanced authoring best practices.

Red Hat Expands JBoss SOA, Community Efforts
Sean Michael Kerner, InternetNews.com

Red Hat is out this week with a series of initiatives to further expand and develop its JBoss middleware platform. On the commercially available product side there is the JBoss SOA platform and on the community side there are three separate projects including Black Tie (for BEA Tuxedo migration), RHQ (a management effort for middleware management) and SOA Governance. All told, the projects are part of Red Hat's effort to accelerate JBoss to take on 50 percent of the enterprise middleware market. During a conference call with the media, JBoss CTO Sacha Labourey explained that the Black Tie effort came out of JBoss's acquisition of Ajuna in 2005. The goal of Black Tie is simple: to get users of BEA's Tuxedo transaction server. Black Tie which is expected to have its first open source release in the next 60 days will allow for interoperability with Tuxedo as a transaction server. Labourey claimed it could possibly serve as a replacement to Tuxedo in certain scenarios as well. In terms of governance, JBoss is kicking off a series of projects all under the larger banner of SOA governance. Craig Muzilla, VP Middleware Business at Red Hat, explained that all of the SOA governance projects are aimed at helping the adoption of JBoss's middleware. While Muzilla could not provide all the hard details on the SOA governance project he did indicate that there will be at least three core areas including registry, repository and policy management. In addition to the new open source efforts, JBoss also announced the general availability of its SOA platform. The JBoss SOA platform is an integrated set of JBoss technologies that have been combined to form a full SOA solution. Among the JBoss tools included in JBoss SOA is JBoss ESB (for service integration), jBPM (for workflow) and JBoss Rules (for policy). See the text of the Red Hat announcement: "Red Hat Announces Release of JBoss Enterprise SOA Platform. Red Hat Offers the Market's First Comprehensive Open Source SOA Platform to Help Businesses Integration Applications, Services, and Process to Accelerate Enterprise Transformation."


SEARCH \| ABOUT \| INDEX \| NEWS \| CORE STANDARDS \| TECHNOLOGY REPORTS \| EVENTS \| LIBRARY

Headlines

Sponsors