This issue of XML Daily Newslink is sponsored by:
Sun Microsystems, Inc. http://sun.com
- Public Review for OASIS Product Life Cycle Support DEXs Version R1
- Portable Symmetric Key Container Specification
- W3C Publishes Web Compatibility Test for Mobile Browsers
- Scala and XML: XML Processing Made Easy
- Drummond Group Forms AS4 Initiative for Web Services Interoperability
- Adobe Breathes Fresh AIR into RIA
- Create Collaborative and Dynamic Method Content Using Web 2.0
Public Review for OASIS Product Life Cycle Support DEXs Version R1
Tor Arne Irgens (ed), Approved Public Review Draft
Members of the OASIS Product Life Cycle Support (PLCS) TC have approved a draft of the "Product Life Cycle Support DEXs Version R1" specification for 60-day public review. The specification is published as an interactive hypertext application with some 4300 linked files. The purpose of the OASIS Product Life Cycle Support (PLCS) standard is to support complex engineered assets such as planes and ships throughout their total life cycle. It puts particular emphasis on the in-service phase of the product and, in particular, it supports the seamless transition from design and manufacture through to product support and feedback of usage and change. The data needed is often distributed over multiple IT systems and organizations, and historically has been difficult to access and consolidate. The PLCS standard provides a large, integrated information model covering the whole lifecycle. Together with the XML binding described in ISO 10303-28, the PLCS standard provides the basic mechanisms enabling neutral file exchanges between IT systems and organisations. This helps remove delays and costs for both the end user of the product and the supplier, and is particularly important for service-based contracts such as 'power-by-the-hour'. The PLCS information model is larger than any single existing application, and needs detailed application rules in order to be used uniformly by different users and supported by different software applications. This standard, "OASIS PLCS DEXs ed. 2008:1" defines the usage of the PLCS information model by breaking it up into smaller parts (DEXs) that directly support real life business processes. It builds the DEXs from reusable components (Templates) that guarantees uniform interpretation of PLCS between different DEXs, and adds extendible business terminology (Reference Data) to the model. Each Data Exchange Specification (DEX) provides data exchange and sharing capabilities for a focused set of transactions based upon the integrated data model of ISO 10303 (STEP) Application Protocol 239 (Product Life Cycle Support). Future editions of the OASIS PLCS DEXs will extend the number of DEXs, Templates and Reference Data, as well as other parts to facilitate the adoption of the PLCS standard.
See also: the public review announcement
Portable Symmetric Key Container Specification
Philip Hoyer, M. Pei, S. Machani (eds), IETF Internet Draft
Members of the IETF Provisioning of Symmetric Keys (KEYPROV) Working Group have published an Internet Draft specification for "Portable Symmetric Key Container," together with a separate XML schema. The portable key container is based on an XML schema definition and contains the following main entities: KeyContainer entity, Device entity, and Key entity; additionally other XML schema types have been defined. A Content-type registration 'application/pskc+xml' is defined. The KEYPROV Working Group, part of the IETF Security Area, is chaired by Phillip Hallam-Baker and Hannes Tschofenig; it was chartered to develop protocols and data formats required to support provisioning and management of symmetric key authentication tokens, both proprietary and standards based. Current developments in deployment of Shared Symmetric Key (SSK) tokens have highlighted the need for a standard protocol for provisioning symmetric keys; in particular the ability to provision symmetric keys and associated attributes dynamically to already issued devices such as cell phones and USB drives is highly desirable. The "Portable Symmetric Key Container" document specifies a symmetric key format for transport and provisioning of symmetric keys—for example One Time Password (OTP) shared secrets or symmetric cryptographic keys—to different types of crypto modules such as a strong authentication device. The standard key transport format enables enterprises to deploy best-of-breed solutions combining components from different vendors into the same infrastructure. This work is a joint effort by the members of OATH (Initiative for Open AuTHentication) to specify a format that can be freely distributed to the technical community. The authors believe that a common and shared specification will facilitate adoption of two-factor authentication on the Internet by enabling interoperability between commercial and open-source implementations. With increasing use of symmetric key based authentication systems such as systems based one time password (OTP) and challenge response mechanisms, there is a need for vendor interoperability and a standard format for importing, exporting or provisioning symmetric keys from one system to another. Traditionally authentication server vendors and service providers have used proprietary formats for importing, exporting and provisioning these keys into their systems making it hard to use tokens from vendor A with a server from vendor B. The goal is that the format will facilitate dynamic provisioning and transfer of a symmetric keys such as an OTP shared secret or an encryption key of different types. In the case of OTP shared secrets, the format will facilitate dynamic provisioning using an online provisioning protocol to different flavors of embedded tokens or allow customers to import new or existing tokens in batch or single instances into a compliant system. This draft also specifies the key attributes required for computation such as the initial event counter used in the HOTP algorithm.
W3C Publishes Web Compatibility Test for Mobile Browsers
Staff, W3C Announcement
Scala and XML: XML Processing Made Easy
Michael Galpin, IBM developerWorks
Scala is a popular new programming language that runs on the Java Virtual Machine (JVM.) Scala compiles into byte-code and thus it can leverage the Java programming language. Its syntax, however, makes it a powerful alternative to Java code in certain scenarios. One of those scenarios is XML processing. Scala lets you navigate and process parsed XML in several ways. It also has first class support for XML built right in, so you don't need to create strings of XML or programmatically build DOM trees. Like most programming languages, Scala gives you multiple options for parsing XML. These are the same basic ones: InfoSet/DOM based representations, push (SAX) or pull (StAX) events, or data-binding similar to Java Architecture for XML Binding (JAXB.) You will explore the DOM based manipulation, as it demonstrates many of the benefits of Scala's syntax. Many programming languages represent XML as a DOM tree. This has many advantages but it can be laborious to programmatically traverse a tree to extract data from the XML document. Java technology has libraries that leverage XPath syntax. Scala takes a similar approach, but it has some advantages. Scala has many functional language aspects to it. There are no operators (like + or *) in Scala. Instead symbols like + or * are used to define functions that can do things like normal numerical addition and subtraction. This also means that you can define operators (since they are actually just functions) to any type. It is much more powerful than operator overloading in languages like C++. In the case of XPath, you are able to use certain parts of XPath syntax directly in Scala, as it just gets translated into a function call.
See also: the online book 'scala.xml'
Drummond Group Forms AS4 Initiative for Web Services Interoperability
Staff, Drummond Group Announcement
Drummond Group Inc, a leading B2B software certification authority, announced that it has transitioned a set of functional requirements developed with Cisco, Extol, Sterling Commerce and others over to the OASIS ebXML Messaging Services Technical Committee (ebMS 3.0) which will provide a standardized entry-level on-ramp for secure, payload-agnostic document exchange using Web services. These functional requirements are based on mapping IETF RFC 4130 (AS2) to a simplified composition of WS-* specifications and WS-I profiles in an effort to promote the adoption and interoperability of Web services for B2B messaging. With the recent publication of the ebMS 3.0 specification and its foundation on WS-* specifications and WS-I profiles, it seemed natural that this body of work should be realized as a Conformance Profile of ebMS 3.0. Recently, the OASIS ebXML Messaging Services TC approved the creation of a subcommittee to develop a profile of ebMS 3.0 entitled "AS4: Secure B2B Document Exchange Using Web Services." For nearly a year, Drummond Group has facilitated meetings with a group of software vendors who recognized the need to address lingering interoperability issues and the practical desire to reduce complexity associated with Web services messaging. While many of the vendors involved in this effort had experienced implementing the widely successful AS2 (RFC 4130) messaging protocol, the Web services standards landscape was largely devoid of a similar "simple and elegant" solution for secure document exchange over a WS-* based specification stack. Furthermore, the group recognized that compliance to conformance engine testing is not a replacement for full-matrix interoperability testing to ensure supply chains and vertical markets with a robust pool of interoperable software implementations. After surveying the existing Web services standards landscape, it was clear that this group of vendors shared some common goals with the ebMS 3.0 technical committee at OASIS, and that an industry-sponsored profile of ebMS 3.0 presented a win-win scenario for a simplified on-ramp to Web services B2B messaging.
Adobe Breathes Fresh AIR into RIA
James R. Borck, InfoWorld Product Review
See also: the product description
Create Collaborative and Dynamic Method Content Using Web 2.0
John Boyer, Bertrand Portier, Eoin Lane; IBM developerWorks
This article describes how to leverage Web 2.0 technologies to extend software development process content, which is typically published static as HTML. It explains how you can develop the ability to collaboratively edit method content and have access to the latest dynamic content within a method context. Software development methods like RUP and IBM RUP Service-Oriented Modeling and Architecture (SOMA) provide static process guidance that's published as HTML. For a method to be truly useful it needs to be augmented with context-specific assets. These are generally content, tooling, and people assets. The content assets include a range of resources, such as documents, presentations, models, social bookmarks, and others. For example, if this method is being applied to aid in business modeling in a telephone company (telco) vertical account, then the method should provide guidance around specific tooling and content that can be leveraged. Because the method content is frozen after being published, it's not extensible. Therefore, you can leverage Web 2.0 technologies to augment the static content with supplemental wiki pages that enable collaborative editing and dynamic Web feeds. These pages are referred to as extension points... [In our example] the wiki site contains the following two areas. The first area contains current information on service identification tool offerings to make the activity more consistent and streamlined. Because this is a collaborative area, the SOA architect is encouraged to edit these instructions to keep them up to date and to provide the latest field-based development thinking around these tools. The second area of the wiki Web site provides dynamic content relevant to the architect for this particular extension point in the form of Web feeds. In the case of the service identification extension, the area is populated by dynamic content around service identification. This is made possible by being able to embed all of this dynamic content in a wiki with syndicated Web feeds formatted as RSS or Atom. Each of the dynamic items above has its own Web feed, and these feeds are aggregated to provide all of the dynamic content. This is already possible, and by standardizing on Web 2.0 technology and tags, for example, all service identification-related content checked into an asset repository are tags with the service identification and dynamic-method keyword. After an item is checked into the Web feed-enabled asset repository with these keywords, the Web feed provided by the asset repository is automatically updated. As the extension page is refreshed for the service identification extension point, the updated content is now available to the method practitioner.
XML Daily Newslink and Cover Pages are sponsored by:
|BEA Systems, Inc.||http://www.bea.com|
|Sun Microsystems, Inc.||http://sun.com|
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/