The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: February 10, 2009
XML Daily Newslink. Tuesday, 10 February 2009

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Oracle Corporation

W3C Multimodal Standard 'EMMA' Brings Web to More People
Staff, W3C Announcement

W3C announced the publication of "EMMA: Extensible MultiModal Annotation Markup Language" as a W3C Recommendation. Edited by Michael Johnston of AT&T, this specification was produced by members of the Multimodal Interaction Working Group, which is part of the W3C Multimodal Interaction Activity. Facilities defined in this specification help ensure that "the Web is available to all people on any device." Extensible MultiModal Annotation Markup Language promotes the development of rich Web applications that can be adapted to more input modes (such as handwriting, natural language, and gestures) and output modes (such as synthesized speech) at lower cost. Document abstract: "The W3C Multimodal Interaction Working Group aims to develop specifications to enable access to the Web using multimodal interaction. This document is part of a set of specifications for multimodal systems, and provides details of an XML markup language for containing and annotating the interpretation of user input. Examples of interpretation of user input are a transcription into words of a raw signal, for instance derived from speech, pen or keystroke input, a set of attribute/value pairs describing their meaning, or a set of attribute/value pairs describing a gesture. The interpretation of the user's input is expected to be generated by signal interpretation processes, such as speech and ink recognition, semantic interpreters, and other types of processors for use by components that act on the user's inputs such as interaction managers." A list of implementations is included in the EMMA Implementation Report. The Working Group made a few editorial changes to the 15-December-2008 Proposed Recommendation. Changes from the Proposed Recommendation can be found in Appendix F. This document has been reviewed by W3C Members, by software developers, and by other W3C groups and interested parties, and is endorsed by the Director as a W3C Recommendation. It is a stable document and may be used as reference material or cited from another document. W3C's role in making the Recommendation is to draw attention to the specification and to promote its widespread deployment. This enhances the functionality and interoperability of the Web.

See also: the W3C announcement

Solution Deployment Descriptor Specification 1.0 Errata
Julia McCarthy and Merri Jensen (eds), OASIS Committee Draft

Members of the OASIS Solution Deployment Descriptor (SDD) Technical Committee announced the publication of an approved Committee Draft for "Solution Deployment Descriptor Specification 1.0 Errata." This document lists errata for Solution Deployment Descriptor (SDD) 1.0 OASIS Standard produced by the SDD Technical Committee. Public Review for this specification ends 18-February-2009. Issue ER001 change summary: "Appendix A of the SDD Specification 1.0 included direct references to schema file names and locations that reflected previous draft levels of the SDD schema. These references were not updated in the Open Standard draft of the SDD Specification 1.0 and thus referred to earlier drafts of the schema files. The content of the schema files has not changed; only the file names and URI locations are updated with this erratum. This erratum addresses issue ER001 by referring to a namespace document for the schema files, rather than to the schema files directly. In case future updates to schema files are needed, only the namespace documents will need to change; no additional changes will be required to the SDD Specification 1.0... The SDD Standard "defines schema for two XML document types: Package Descriptors and Deployment Descriptors. Package Descriptors define characteristics of a package used to deploy a solution. Deployment Descriptors define characteristics of the content of a solution package, including the requirements that are relevant for creation, configuration and maintenance of the solution content. The semantics of the descriptors are fully defined, allowing software implementations to precisely understand the intent of the descriptor authors and to use the information provided in the descriptors to support solution deployment."

See also: the OASIS announcement

Revised IETF Internet Draft: Host Metadata for the Web
Mark Nottingham and Eran Hammer-Lahav (eds), IETF Internet Draft

Editors of the IETF Internet Draft specification "Host Metadata for the Web" have published an updated version. The document describes a method for locating host-specific metadata for the Web. The earlier label "site-meta" (title: "Site-Wide Metadata") has given way to "host-meta". Other changes: changed from XML to text-based header-like format; remove capability for generic inline content; added registry for host-meta fields; clarified scope of metadata application; added security consideration about HTTP vs. HTTPS, expanding the scope. Summary: "It is increasingly common for Web-based protocols to require the discovery of policy or metadata before making a request. For example, the Robots Exclusion Protocol specifies a way for automated processes to obtain permission to access resources; likewise, the Platform for Privacy Preferences (W3C Recommendation) tells user-agents how to discover privacy policy beforehand. While there are several ways to access per-resource metadata (e.g., HTTP headers, WebDAV's PROPFIND as defined in RFC 4918), the overhead associated with them often precludes their use in these scenarios. When this happens, it is common to designate a 'well-known location' for such metadata, so that it can be easily located. However, this approach has the drawback of risking collisions, both with other such designated 'well-known locations' and with pre-existing resources. To address this, this memo proposes a single (and hopefully last) 'well-known location', /host-meta, which acts as a directory to the interesting metadata about a particular authority. Future mechanisms that require authority-wide metadata can easily include an entry in the host-meta resource, thereby making their metadata cheaply available (indeed, because it can be cached, the more mechanisms that use it, the more efficient it becomes) without impinging on others' URI space. Note that the metadata provided by a host-meta resource is explicitly scoped to apply to the entire authority (in the 'URI' RFC 3986 sense) associated with it (using the process described in Section 4); it does not apply to a subset, nor does it apply to other authorities (e.g., using another port, or a different hostname in the same domain). However, individual mechanisms (e.g., a relation type in the Link field) may reduce or expand this scope. This should only be done after careful consideration of the consequences upon security, administration, interoperability and network load..."

See also: discussion on the W3C public list ''

Distributed JBI: Topology Overview
Derek Frankforth, InfoQueue

The Java Business Integration (JBI) specification, known as JSR 208, describes an Enterprise Service Bus (ESB) and its interactions. These interactions are described in terms of components plugging into a software bus to exchange information. This construction, at first glance, appears to create a system where all pieces reside in the same process or virtual machine. OpenESB, an open source implementation of JBI, includes a homogeneous topology option using clustered JBI instances when run in a GlassFish Application Server. This allows for scalability and load balancing by increasing the number of clustered instances. Recently, a prototype implementation of a component called the Proxy Binding, allows OpenESB instances to be transparently linked together using a heterogeneous topology, much like extending the bus over a network. This article describes and contrasts the strengths and weaknesses of the two different styles of distributed access as applied to the OpenESB environment and shows how in the end they complement each other... Messaging qualities are even more important with this wider scope. The base NMR uses an in-memory messaging structure. Components that are layered on the NMR add external protocols. Some of these external protocols, like JMS, are useful in connecting components in a more reliable fashion than the components support themselves. The use of JMS as a distributed transport makes for a cohesive story. The additional capability to make messages part of transactions adds to the power of the solutions available. Additionally, we show that components can also play a key part of contributing to the overall functionality of the end result. Having components implement a common set of systemic qualities that can be configured gives the composite application designer the freedom to explore a large solution space. Larger isn't always better, but it's especially helpful when dealing with the integration of existing systems. Integration was the initial idea behind the spawning of JBI, but it will prove to be useful in other situations.

See also: JSR-000208 Java Business Integration 1.0

U.S. Stimulus Bill Pushes E-Health Records for All
Declan McCullagh, CNET

The U.S. Senate on Tuesday [2009-02-10] approved an $838 billion "stimulus" bill by a 61-37 vote, capping more than a week of political sparring between critics of the measure and President Obama, who claimed during a press conference that an "economic emergency" made it necessary. What didn't come up during the president's first press conference was how one section of the convoluted legislation—it's approximately 800 pages total—is intended to radically reshape the nation's medical system by having the government establish computerized medical records that would follow each American from birth to death. Billions will be handed to companies creating these databases. Billions will be handed to universities to incorporate patient databases "into the initial and ongoing training of health professionals." There's a mention of future "smart card functionality." Yet nowhere in this 140-page portion of the legislation does the government anticipate that some Americans may not want their medical histories electronically stored, shared, and searchable. Although a single paragraph promises that data-sharing will "be voluntary," there's no obvious way to opt out. "Without those protections, Americans' electronic health records could be shared—without their consent—with over 600,000 covered entities through the forthcoming nationally linked electronic health records network," said Sue Blevins, president of the Institute for Health Freedom, a nonprofit group that advocates health care privacy...

Heartland Data Breach Update: Now More Than 150 Institutions Impacted
Linda McGlasson, BankInfo Security

By the latest count, the number of institutions that have informed their card customers and members that they were hit as a result of the Heartland Payment Systems (HPY) data breach has swelled to 157. Heartland, the sixth-largest payments processor in the U.S., announced on January 20, 2009 that its processing systems were breached in 2008, exposing an undetermined number of consumers to potential fraud. Since then, scores of banks and credit unions from across North America have stepped forward to say their customers are among those whose cards were compromised in the breach... While Heartland and the credit card companies remain tight-lipped about the total number of institutions and card account numbers involved, Heartland has said that, at the time of the breach, it processed an average of 100 million transactions per month for more than 250,000 different retailers and merchants. The Independent Community Bankers of America (ICBA) conducted an informal survey of its members after the breach, asking if they had been contacted by Heartland. The survey elicited 512 responses from member banks, and 83 percent of them said they had either credit and/or debit cards affected by the Heartland breach. Only 13 percent of the banks said they didn't know yet if their customers' card accounts were compromised in the breach...

W3C First Public Working Draft: Widgets 1.0: APIs and Events
Arve Bersvendsen and Marcos Caceres (eds), W3C Technical Report

W3C announced that members of the Web Applications Working Group have published the First Public Working Draft for "Widgets 1.0: APIs and Events." This specification defines a set of APIs and events for widgets that enable baseline functionality for widgets. Widgets are full-fledged client-side applications that are authored using Web standards. They are typically downloaded and installed on a client machine or device where they typically run as stand-alone applications outside of a Web browser. Examples range from simple clocks, stock tickers, news casters, games and weather forecasters, to complex applications that pull data from multiple sources to be "mashed-up" and presented to a user in some interesting and useful way. The runtime environment in which a widget runs is referred to as a widget user agent... The specification is part of the Widgets 1.0 family of specifications, which together standardize widgets as a whole. The "Widgets 1.0: Packaging and Configuration" document standardizes a Zip-based packaging format, an XML-based configuration document format and a series of steps that user agents follow when processing and verifying various aspects of widgets. The "Widgets 1.0: Digital Signature" specification defines a means for widgets to be digitally signed using a custom profile of the XML-Signature Syntax and Processing Specification. The "Widgets: 1.0: Automatic Updates" specification defines a version control model that allows widgets to be kept up-to-date over HTTP. The APIs and Events defined by this specification defines, amongst other things, the means to: (1) access the metadata declared in a widget's configuration document; (2) receive events related to changes in the view state of a widget; (3) determine the locale under which a widget is currently running; (4) be notified of events relating to the widget being updated; (5) invoke a widget to open a URL on the system's default browser; (6) requests the user's attention in a device independent manner; (7) and check if any additional APIs requested via the configuration document's feature element have successfully loaded...

See also: the W3C Rich Web Client Activity

Solace Systems Announces Support for OASIS EDXL-DE Specification
Staff, Solace Systems Announcement

Solace Systems, a leading supplier of messaging middleware and content networking hardware, has announced support for the Emergency Data Exchange Language Distribution Element (EDXL-DE) specification. Ratified by the Organization for the Advancement of Structured Information Standards (OASIS) in 2006, EDXL-DE describes an XML-based message 'envelope' which facilitates data sharing within and across emergency information systems. Solace's ability to quickly and securely route these messages to the appropriate recipients enables faster identification and more effective management of potential and actual threats and disasters. The Department of Homeland Security (DHS) is driving the development of this infrastructure to support secure communications between intelligence services, other government agencies, first responders and front-line emergency services personnel. As one such standard, EDXL-DE ensures that all kinds of real-time updates, whether they are aerial photos, chemical weapons detection sensor data or ground coordination plans are delivered within milliseconds to organizations which need, and are authorized to receive, that kind of information... Solace's content routers "are the industry's first EDXL-DE compatible hardware appliances. Each router can simultaneously support millions of publishers and subscribers and can manage throughput of millions of messages per second to create a fully-functional EDXL-DE network grid. Multiple routers work together to deliver automated best-path routing, load balancing and fault tolerance to assure maximum uptime through both normal and crisis scenarios. Solace content routers can reduce datacenter capital, software and operations costs by ten or more times as a result of the inherent efficiency benefits of hardware over software."

See also: EDXL-DE and EMTC specifications

Book Publishers Object to Kindle's Text-To-Voice Feature
Greg Sandoval, CNET

Was your mother a lawbreaker when she read you "The Little Prince" or "Green Eggs and Ham?" That's the question raised Tuesday by the Authors Guild, an advocacy group for writers. Paul Aitken, the group's executive director objects to the text-to-speech feature on Amazon's Kindle 2 digital-book reader. Aitken told The Wall Street Journal: "They don't have the right to read a book out loud. That's an audio right, which is derivative under copyright law." Wow. If a computer can't lawfully read a book out loud, do human beings have the right? Amazon and Aitken could not be reached for comment. Well, mothers of America, never fear. You most certainly do have the right to privately perform copyright work, says Ben Sheffner, a copyright attorney. Sheffner, a well-known copyright advocate, says the issue of whether Amazon's Kindle infringes on intellectual property is not as cut and dry. Amazon's technology enables a computer voice to read text aloud to owners of the Kindle 2, the next-gen version of reader. Sheffner said it's unclear whether the text-to-speech feature could be considered a public performance. Under copyright law, if someone profits from, say, a public reading of a copyright work without authorization, they are breaking the law. Someone could argue, said Sheffner, that the Kindle's speech feature is a public performance because it enables scores of people to receive audio of a book. Sheffner added that the counter argument would be that the feature is only enabling lots of different private—and therefore legal—performances...

See also: XML and DRM


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
Microsoft Corporation
Oracle Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: