This issue of XML Daily Newslink is sponsored by:
IBM Corporation http://www.ibm.com
- Applying SKOS Concept Schemes
- OASIS Symmetric Key Services Markup Language (SKSML) Version 1.0
- Last Call Review for Web Security Context: User Interface Guidelines
- W3C First Public Working Draft: SOAP over Java Message Service 1.0
- The Microsoft Perspective on ORM: Conversation with the Engineers
- Object Relational Mapping: User Case Studies
- How to Handle SOA Vendor Consolidation
Applying SKOS Concept Schemes
Brian Sletten, DevX.com
The semantic web technology stack provides several technologies for describing terms and relating them. The Simple Knowledge Organization System (SKOS) provides a simple way to represent concept schemas like thesauri, taxonomies, controlled vocabularies, and subject headers... At the lowest level [of the Semantic Web Layer Cake], the Unicode and Uniform Resource Identifier (URI) specs introduce the ability to encode human languages into machine-processable character sets and the ability to identify, address, disambiguate, and reference those documents in Internet-sized global name spaces. At the next level, the XML and namespace specifications provide the means to create structured, extensible languages and the opportunity to keep separate elements from alternate naming schemes. The Resource Description Framework (RDF) provides the ability to express facts about URI-addressable content (for example, documents, data, services and concepts) as a series of one of more triples. These triples are named relationships between subjects and values. The RDFS and web ontology specifications allow the subjects, predicates, and objects to be classified in ways that make machine-processability a powerful reality. The layers on top of OWL are still being defined... New tools and books are emerging to help lower the bar to OWL modeling, but there remains a need to satisfy the requirements for traditional knowledge management schemes and workers. This article introduces the kinds of data that has been produced so far and how the Simple Knowledge Organization System (SKOS) helps support lightweight but still relatively formal concept schemes... Librarians and other data stewards have been using a wide variety of well-understood knowledge organizing schemes for years in the form of taxonomies, thesauri, controlled vocabularies, and subject headers. These approaches allow the organization of concepts into concept schemes where it is possible to indicate relationships between terms. A taxonomy introduces the notion of hierarchical relationships. A thesaurus indicates notions of synonomy, antonymy, and the idea of broader or narrower terms. A controlled vocabulary standardizes a concept space around an established set of preferred names for the topics of interest in a domain. By defining these relationships, an information manager can expose user interfaces driven by the kinds of concepts a user is likely to expect. An everyday example of this is the product category navigation menus of just about any e-commerce site... The Semantically-Interlinked Online Communities (SIOC) project is attempting to link topics, conversations and authors across blogs, Usenet postings, etc. They are mixing concepts from the Friend-of-a-Friend (FOAF) vocabulary with SIOC vocabularies and SKOS concepts. This kind of cross-community, cross-blog linkage highlights the power and utility of these data models. Moving away from simple tags to lightweight but more formal knowledge organization systems like SKOS helps you get ready to be a full participant in the social data web of tomorrow.
See also: the W3C SKOS home page
OASIS Symmetric Key Services Markup Language (SKSML) Version 1.0
Allen Schaaf (ed), OASIS Public Review Draft
OASIS announced the release of the "Symmetric Key Services Markup Language (SKSML) Version 1.0" specification as an approved TC deliverable suitable for public review. The review period ends September 23, 2008. This document "defines the first (1.0) version of the Symmetric Key Services Markup Language (SKSML), an XML-based messaging protocol, by which applications executing on computing devices may request and receive symmetric key-management services from centralized key-management servers, securely, over networks. Applications using SKSML are expected to either implement the SKSML protocol, or use a software library—called the Symmetric Key Client Library (SKCL)—that implements this protocol. SKSML messages are transported within a SOAP layer, protected by a Web Services Security (WSS) header and can be used over standard HTTP securely... In a rush to provide solutions to the market, vendors have created many device-specific, platform-specific, database-specific and application-specific encryption and key-management tools. While these tools may be capable of performing their stated tasks adequately, a typical enterprise would have to deal with many encryption and key-management solutions to adequately protect sensitive data. Not only does this raise the cost of ownership for implementing companies, but it raises the possibility that with many dissimilar key-management systems, because of the typical complexity of key-management schemes, there is a greater likelihood of human error leading to a vulnerability. To ensure that encryption policies and designs are specified and used uniformly across applications, a common key-management service capable of supporting enterprise platforms, applications and devices is needed. To enable such applications to communicate with this service, a uniform protocol is needed. The Symmetric Key Services Markup Language (SKSML) is that protocol..." Update: See Symmetric Key Services Markup Language (SKSML) V1.0, Public Review Draft 02.
Last Call Review for Web Security Context: User Interface Guidelines
Thomas Roessler and Anil Saldhana (eds), W3C Technical Report
W3C announced that the Web Security Context Working Group has published the Last Call Working Draft for "Web Security Context: User Interface Guidelines." specification deals with the trust decisions that users must make online, and with ways to support them in making safe and informed decisions where possible. In order to achieve that goal, this specification includes recommendations on the presentation of identity information by Web user agents. We also include recommendations on handling errors in security protocols. The error handling recommendations both minimize the trust decisions left to users, and represent known best practice in inducing users toward safe behavior where they have to make these decisions. To complement the interaction and decision related parts of this specification, Section 7 'Robustness' addresses the question of how the communication of context information needed to make decisions can be made more robust against attacks. This document specifies user interactions with a goal toward making security usable, based on known best practice in this area. Subsequent testing of this specification will include conformance, interoperability, and usability testing. This specification comes with two companion documents: " Web Security Experience, Indicators and Trust: Scope and Use Cases" documents the use cases and assumptions that underly this specification. " Web User Interaction: Threat Trees" documents the Working Group's threat analysis.
W3C First Public Working Draft: SOAP over Java Message Service 1.0
Peter Easton, Bhakti Mehta, Roland Merrick (eds), W3C Technical Report
An intial public Working Draft for "SOAP over Java Message Service 1.0" has been released by the W3C SOAP-JMS Binding Working Group, which is part of the W3C Web Services Activity. The work described in this and related documents is aimed at a set of standards for the transport of SOAP messages over JMS (Java Message Service). The main purpose is to ensure interoperability between the implementations of different Web services vendors. It should also enable customers to implement their own Web services for part of their infrastructure, and to have this interoperate with vendor provided Web services. The main audience will be implementers of Web services stacks; in particular people who wish to extend a Web services stack with an implementation of SOAP/JMS. It should enable them to write a SOAP/JMS implementation that will interoperate with other SOAP/JMS implementations, and that will not be dependent on any specific JMS implementation. A motivational example is a customer who has different departments that use Web services infrastructure from two different vendors, VendorA and VendorB. The customer has a need for reliable Web services interaction between the departments. Where both these vendors provide support for SOAP/JMS according to this standard, it should be possible for a client running using VendorA to interoperate with a service using VendorB. The standards will also be of interest to providers of Web services intermediary services such as routing gateways; or SOAP/HTTP to SOAP/JMS gateways. We do not discuss any details of how such gateways should be designed and configured, but adherence to the standard will help the gateway ensure proper interoperation with SOAP/JMS clients and services.
See also: the W3C Web Services Activity
The Microsoft Perspective on ORM: Conversation with the Engineers
Terry Coatta, ACM Queue
ACM Queue has recently featured several articles on object-relational issues: "ORM in Dynamic Languages", "Bridging the Object-Relational Divide," and "Exposing the ORM Cache." In any discussion about ORM (object-relational mapping), Microsoft's approach is inevitably a part of the conversation. With LINQ (language-integrated query) and the Entity Framework, Microsoft divided its traditional ORM technology into two parts: one part that handles querying (LINQ) and one part that handles mapping (Entity Framework). To understand more about these technologies and why Microsoft took this approach, ACM Queue invited two Microsoft engineers closely involved with their development, Erik Meijer and Jose Blakeley, to speak with editorial board member Terry Coatta. Meijer is an accomplished programming-language designer who has worked on a wide range of languages, such as Haskell, Mondrian, X#, C-Omega, C#, and Visual Basic. Blakeley is lead architect in the SQL server engine working on server-side programmability, scale-out query processing, and object-relational technologies. Meijer: "While, superficially, LINQ might look like you're embedding SQL queries in your code, actually it's radically different. What LINQ really does is allow you to query arbitrary collections, which could be tables, objects, in-memory objects, or XML. The secret sauce behind LINQ is what we call the standard query operators. If you have a data source on which you can define these standard query operators, then you can query it using LINQ. Think about it like this: you have SQL, which is based on relational algebra. Now imagine that we abstract from the relational part and have a query algebra that is represented by these standard query operators. So, now the languages have this query syntax that they translate into calls to these query operators, but each data source can give a different implementation of these operators, allowing you to query over a wide range of data sources..." Blakeley: "If I may add a little, at the outside level, it's the same type of collections-based operation. If there is a difference, it would be that in the relational world you would be going over collections of records. In the XML world you would be going over collections of objects that model the infosets for XML. It's a collection of elements, a collection of attributes, and those kinds of things. In essence, you are performing operations over collections of things..."
Object Relational Mapping: User Case Studies
Steven Robbins, InfoQueue
Roberto Zicari, from ODBMS.org, collected interviews and stories from several users of Object/Relational mapping technologies. The main point of the cases was around "impedance mismatch" between the object technology in the domain model and the relational technology in the data model. Professor Zicari had five questions or topics of each user. The lead questions focused on explaining the applications, the O/R obstacles, and how users solved or worked around them. The last questions explored how ODBMS technology could or has helped in these areas. Eleven (11) user reports were published from the following users: Gerd Klevesaat (Siemens); Pieter van Zyl (CSIR); Philippe Roose (Liuppa); William Westlake (SAIC); Stefan Edlich (TFH Berlin); Udayan Banerjee (NIIT); Nishio Shuichi (ATR Labs); John Davies (Iona); Scott Ambler (IBM); Mike Card (Syracuse); Rich Ahrens (Merrill Lynch)... While there has been much debate over the definition of and even the existence of the O/R impedance mismatch, many of the people in the cases said that they had experienced it in their projects... In general, Zicari's study was aimed at exposing the problems with object-oriented systems using relational database technologies. It also showed how many development and business organizations are starting to view object databases and other object persistence technologies as up and coming options for enterprise technologies when applied to the right set of problems. [Note: ODBMS.ORG was created to serve faculty and students at educational and research institutions as well as OO software developers in the open source community or at commercial companies. It is designed to meet the fast-growing need for resources focusing on object database technology and the integration of object-oriented programming and databases.]
See also: Zicari's reports on Impedance Mismatch
How to Handle SOA Vendor Consolidation
Paul Krill, InfoWorld
The SOA concept—developing a software architecture based on service components that can be mixed and matched as needed to reduce development time and increase application deployment flexibility—is only a few years old, but the providers of SOA-supporting infrastructure are fast consolidating. Oracle captured the headlines with its acquisition of BEA Systems this spring, and Progress Software recently bought Iona Technologies. That means the choices for infrastructure providers -- from enterprise service buses (ESBs) to shared code repositories—is shrinking just as more companies are exploring SOA. A few vendors such as IBM and Oracle now offer the convenience of a soup-to-nuts SOA platform, but at the risk of locking in their customers to a proprietary stack or selling them more than they need as part of a suite or package... Vendors such as Hewlett-Packard, Itko, Software AG, Tibco, and WSO2 that offer specific SOA platform components will continue to exist. But some of them fear that because their customers increasingly are using platform offerings from the large vendors, they could be displaced by the larger vendor, either because it offers a similar component or doesn't integrate well with the smaller vendor's tool. For example, Software AG says that IBM's claim of integration with and accommodation of other vendors' products is misleading, putting it at a disadvantage... But the choices in the SOA market are not so clearly between proprietary but integrated stacks and "best of breed," but rather nonintegrated components, says Randy Heffner, a Forrester Research analyst. That's because by its nature, SOA uses standard interfaces such as SOAP, WSDL, BPEL, and XML to connect services to each other. Thus, even a large vendor like IBM is forced to compete with a startup like WSO2. In a true SOA approach, individual services can run over proprietary infrastructure, but the interfaces among them typically adhere to the established standards. That reduces lock-in risk to the infrastructure, not the applications running over them, Heffner says—but only if IT avoids vendors' proprietary extensions to those standards...
XML Daily Newslink and Cover Pages sponsored by:
|Sun Microsystems, Inc.||http://sun.com|
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/