The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: July 24, 2008
XML Daily Newslink. Thursday, 24 July 2008

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
IBM Corporation

Applying SKOS Concept Schemes
Brian Sletten,

The semantic web technology stack provides several technologies for describing terms and relating them. The Simple Knowledge Organization System (SKOS) provides a simple way to represent concept schemas like thesauri, taxonomies, controlled vocabularies, and subject headers... At the lowest level [of the Semantic Web Layer Cake], the Unicode and Uniform Resource Identifier (URI) specs introduce the ability to encode human languages into machine-processable character sets and the ability to identify, address, disambiguate, and reference those documents in Internet-sized global name spaces. At the next level, the XML and namespace specifications provide the means to create structured, extensible languages and the opportunity to keep separate elements from alternate naming schemes. The Resource Description Framework (RDF) provides the ability to express facts about URI-addressable content (for example, documents, data, services and concepts) as a series of one of more triples. These triples are named relationships between subjects and values. The RDFS and web ontology specifications allow the subjects, predicates, and objects to be classified in ways that make machine-processability a powerful reality. The layers on top of OWL are still being defined... New tools and books are emerging to help lower the bar to OWL modeling, but there remains a need to satisfy the requirements for traditional knowledge management schemes and workers. This article introduces the kinds of data that has been produced so far and how the Simple Knowledge Organization System (SKOS) helps support lightweight but still relatively formal concept schemes... Librarians and other data stewards have been using a wide variety of well-understood knowledge organizing schemes for years in the form of taxonomies, thesauri, controlled vocabularies, and subject headers. These approaches allow the organization of concepts into concept schemes where it is possible to indicate relationships between terms. A taxonomy introduces the notion of hierarchical relationships. A thesaurus indicates notions of synonomy, antonymy, and the idea of broader or narrower terms. A controlled vocabulary standardizes a concept space around an established set of preferred names for the topics of interest in a domain. By defining these relationships, an information manager can expose user interfaces driven by the kinds of concepts a user is likely to expect. An everyday example of this is the product category navigation menus of just about any e-commerce site... The Semantically-Interlinked Online Communities (SIOC) project is attempting to link topics, conversations and authors across blogs, Usenet postings, etc. They are mixing concepts from the Friend-of-a-Friend (FOAF) vocabulary with SIOC vocabularies and SKOS concepts. This kind of cross-community, cross-blog linkage highlights the power and utility of these data models. Moving away from simple tags to lightweight but more formal knowledge organization systems like SKOS helps you get ready to be a full participant in the social data web of tomorrow.

See also: the W3C SKOS home page

OASIS Symmetric Key Services Markup Language (SKSML) Version 1.0
Allen Schaaf (ed), OASIS Public Review Draft

OASIS announced the release of the "Symmetric Key Services Markup Language (SKSML) Version 1.0" specification as an approved TC deliverable suitable for public review. The review period ends September 23, 2008. This document "defines the first (1.0) version of the Symmetric Key Services Markup Language (SKSML), an XML-based messaging protocol, by which applications executing on computing devices may request and receive symmetric key-management services from centralized key-management servers, securely, over networks. Applications using SKSML are expected to either implement the SKSML protocol, or use a software library—called the Symmetric Key Client Library (SKCL)—that implements this protocol. SKSML messages are transported within a SOAP layer, protected by a Web Services Security (WSS) header and can be used over standard HTTP securely... In a rush to provide solutions to the market, vendors have created many device-specific, platform-specific, database-specific and application-specific encryption and key-management tools. While these tools may be capable of performing their stated tasks adequately, a typical enterprise would have to deal with many encryption and key-management solutions to adequately protect sensitive data. Not only does this raise the cost of ownership for implementing companies, but it raises the possibility that with many dissimilar key-management systems, because of the typical complexity of key-management schemes, there is a greater likelihood of human error leading to a vulnerability. To ensure that encryption policies and designs are specified and used uniformly across applications, a common key-management service capable of supporting enterprise platforms, applications and devices is needed. To enable such applications to communicate with this service, a uniform protocol is needed. The Symmetric Key Services Markup Language (SKSML) is that protocol..." Update: See Symmetric Key Services Markup Language (SKSML) V1.0, Public Review Draft 02.

See also: the OASIS Enterprise Key Management Infrastructure (EKMI) TC

Last Call Review for Web Security Context: User Interface Guidelines
Thomas Roessler and Anil Saldhana (eds), W3C Technical Report

W3C announced that the Web Security Context Working Group has published the Last Call Working Draft for "Web Security Context: User Interface Guidelines." specification deals with the trust decisions that users must make online, and with ways to support them in making safe and informed decisions where possible. In order to achieve that goal, this specification includes recommendations on the presentation of identity information by Web user agents. We also include recommendations on handling errors in security protocols. The error handling recommendations both minimize the trust decisions left to users, and represent known best practice in inducing users toward safe behavior where they have to make these decisions. To complement the interaction and decision related parts of this specification, Section 7 'Robustness' addresses the question of how the communication of context information needed to make decisions can be made more robust against attacks. This document specifies user interactions with a goal toward making security usable, based on known best practice in this area. Subsequent testing of this specification will include conformance, interoperability, and usability testing. This specification comes with two companion documents: " Web Security Experience, Indicators and Trust: Scope and Use Cases" documents the use cases and assumptions that underly this specification. " Web User Interaction: Threat Trees" documents the Working Group's threat analysis.

See also: the W3C Web Security Context Working Group

W3C First Public Working Draft: SOAP over Java Message Service 1.0
Peter Easton, Bhakti Mehta, Roland Merrick (eds), W3C Technical Report

An intial public Working Draft for "SOAP over Java Message Service 1.0" has been released by the W3C SOAP-JMS Binding Working Group, which is part of the W3C Web Services Activity. The work described in this and related documents is aimed at a set of standards for the transport of SOAP messages over JMS (Java Message Service). The main purpose is to ensure interoperability between the implementations of different Web services vendors. It should also enable customers to implement their own Web services for part of their infrastructure, and to have this interoperate with vendor provided Web services. The main audience will be implementers of Web services stacks; in particular people who wish to extend a Web services stack with an implementation of SOAP/JMS. It should enable them to write a SOAP/JMS implementation that will interoperate with other SOAP/JMS implementations, and that will not be dependent on any specific JMS implementation. A motivational example is a customer who has different departments that use Web services infrastructure from two different vendors, VendorA and VendorB. The customer has a need for reliable Web services interaction between the departments. Where both these vendors provide support for SOAP/JMS according to this standard, it should be possible for a client running using VendorA to interoperate with a service using VendorB. The standards will also be of interest to providers of Web services intermediary services such as routing gateways; or SOAP/HTTP to SOAP/JMS gateways. We do not discuss any details of how such gateways should be designed and configured, but adherence to the standard will help the gateway ensure proper interoperation with SOAP/JMS clients and services.

See also: the W3C Web Services Activity

The Microsoft Perspective on ORM: Conversation with the Engineers
Terry Coatta, ACM Queue

ACM Queue has recently featured several articles on object-relational issues: "ORM in Dynamic Languages", "Bridging the Object-Relational Divide," and "Exposing the ORM Cache." In any discussion about ORM (object-relational mapping), Microsoft's approach is inevitably a part of the conversation. With LINQ (language-integrated query) and the Entity Framework, Microsoft divided its traditional ORM technology into two parts: one part that handles querying (LINQ) and one part that handles mapping (Entity Framework). To understand more about these technologies and why Microsoft took this approach, ACM Queue invited two Microsoft engineers closely involved with their development, Erik Meijer and Jose Blakeley, to speak with editorial board member Terry Coatta. Meijer is an accomplished programming-language designer who has worked on a wide range of languages, such as Haskell, Mondrian, X#, C-Omega, C#, and Visual Basic. Blakeley is lead architect in the SQL server engine working on server-side programmability, scale-out query processing, and object-relational technologies. Meijer: "While, superficially, LINQ might look like you're embedding SQL queries in your code, actually it's radically different. What LINQ really does is allow you to query arbitrary collections, which could be tables, objects, in-memory objects, or XML. The secret sauce behind LINQ is what we call the standard query operators. If you have a data source on which you can define these standard query operators, then you can query it using LINQ. Think about it like this: you have SQL, which is based on relational algebra. Now imagine that we abstract from the relational part and have a query algebra that is represented by these standard query operators. So, now the languages have this query syntax that they translate into calls to these query operators, but each data source can give a different implementation of these operators, allowing you to query over a wide range of data sources..." Blakeley: "If I may add a little, at the outside level, it's the same type of collections-based operation. If there is a difference, it would be that in the relational world you would be going over collections of records. In the XML world you would be going over collections of objects that model the infosets for XML. It's a collection of elements, a collection of attributes, and those kinds of things. In essence, you are performing operations over collections of things..."

Object Relational Mapping: User Case Studies
Steven Robbins, InfoQueue

Roberto Zicari, from, collected interviews and stories from several users of Object/Relational mapping technologies. The main point of the cases was around "impedance mismatch" between the object technology in the domain model and the relational technology in the data model. Professor Zicari had five questions or topics of each user. The lead questions focused on explaining the applications, the O/R obstacles, and how users solved or worked around them. The last questions explored how ODBMS technology could or has helped in these areas. Eleven (11) user reports were published from the following users: Gerd Klevesaat (Siemens); Pieter van Zyl (CSIR); Philippe Roose (Liuppa); William Westlake (SAIC); Stefan Edlich (TFH Berlin); Udayan Banerjee (NIIT); Nishio Shuichi (ATR Labs); John Davies (Iona); Scott Ambler (IBM); Mike Card (Syracuse); Rich Ahrens (Merrill Lynch)... While there has been much debate over the definition of and even the existence of the O/R impedance mismatch, many of the people in the cases said that they had experienced it in their projects... In general, Zicari's study was aimed at exposing the problems with object-oriented systems using relational database technologies. It also showed how many development and business organizations are starting to view object databases and other object persistence technologies as up and coming options for enterprise technologies when applied to the right set of problems. [Note: ODBMS.ORG was created to serve faculty and students at educational and research institutions as well as OO software developers in the open source community or at commercial companies. It is designed to meet the fast-growing need for resources focusing on object database technology and the integration of object-oriented programming and databases.]

See also: Zicari's reports on Impedance Mismatch

How to Handle SOA Vendor Consolidation
Paul Krill, InfoWorld

The SOA concept—developing a software architecture based on service components that can be mixed and matched as needed to reduce development time and increase application deployment flexibility—is only a few years old, but the providers of SOA-supporting infrastructure are fast consolidating. Oracle captured the headlines with its acquisition of BEA Systems this spring, and Progress Software recently bought Iona Technologies. That means the choices for infrastructure providers -- from enterprise service buses (ESBs) to shared code repositories—is shrinking just as more companies are exploring SOA. A few vendors such as IBM and Oracle now offer the convenience of a soup-to-nuts SOA platform, but at the risk of locking in their customers to a proprietary stack or selling them more than they need as part of a suite or package... Vendors such as Hewlett-Packard, Itko, Software AG, Tibco, and WSO2 that offer specific SOA platform components will continue to exist. But some of them fear that because their customers increasingly are using platform offerings from the large vendors, they could be displaced by the larger vendor, either because it offers a similar component or doesn't integrate well with the smaller vendor's tool. For example, Software AG says that IBM's claim of integration with and accommodation of other vendors' products is misleading, putting it at a disadvantage... But the choices in the SOA market are not so clearly between proprietary but integrated stacks and "best of breed," but rather nonintegrated components, says Randy Heffner, a Forrester Research analyst. That's because by its nature, SOA uses standard interfaces such as SOAP, WSDL, BPEL, and XML to connect services to each other. Thus, even a large vendor like IBM is forced to compete with a startup like WSO2. In a true SOA approach, individual services can run over proprietary infrastructure, but the interfaces among them typically adhere to the established standards. That reduces lock-in risk to the infrastructure, not the applications running over them, Heffner says—but only if IT avoids vendors' proprietary extensions to those standards...


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
Oracle Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: