The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: October 27, 2009
XML Daily Newslink. Tuesday, 27 October 2009

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Microsoft Corporation

2009 Encryption and Key Management Industry Benchmark Report
Kimberly Getgen, Trust Catalyst Research Report

"Over the next 12 months, regulation requiring the protection of data and mandatory breach notification will only continue to grow. At the same, many organizations will continue to experience damaging, costly, and very public data breaches. As this survey shows, encryption is one of the most effective means to protect data. Using encryption with automated key management goes a long way toward helping organizations achieve their compliance and IT oprations objectives...

Key management concerns continue to plague organizations attempting to encrypt sensitive data. Once this data is encrypted, it must be recoverable at some point in the future, with little room for error. First and foremost, data must be available. Concerns around data availability have made planning an organization's key management strategy no easy feat. A third of survey respondents (34 percent) have been planning their key management strategy for over a year (up from 26 percent in 2008)... For most applications, encrypted data needs to be recovered in less than a day, but for business-critical applications like databases, network link encryption, and payment processing applications, data often must be recovered in less than an hour...

This report identifies these key findings: (1) Unnecessary risk. The Achilles' heel of many organizations remains the same as last year: unencrypted databases and backup tapes... (4) Lost keys disrupt business. 8 percent of organizations have experienced problems with lost encryption keys, creating security concerns (50 percent), causing data to be permanently destroyed (39 percent), or disrupting the business..."

See also: Trust Catalyst research reports

Thales Encryption Manager for Storage Integrated with Brocade Encryption Switching Solutions
Staff, Brocade and Thales Joint Announcement

Brocade and Thales have announced the integration of Thales Encryption Manager for Storage (TEMS) with the Brocade encryption SAN switching solutions. The combination of TEMS, the industry's first standards-based encryption key management appliance for storage, and the Brocade encryption SAN switching solutions protect enterprise data and helps organizations meet growing compliance demands. The solution cost-effectively simplifies the storage encryption process by eliminating the need for storage professionals to deploy multiple storage encryption systems and helps ensure safe and reliable data access. The Brocade Encryption Switch and Brocade FS8-18 Encryption Blade are part of a family of fabric-based encryption platforms that helps organizations meet their security and corporate governance objectives by encrypting critical corporate data with high performance and centralized fabric management.

These leading-edge solutions offer an innovative approach to fabric-wide encryption for data-at-rest within the data center. The Brocade encryption SAN switching solutions provide encryption for both disk and tape storage systems... Brocade and Thales are committed to the development and adoption of open standards. TEMS is the first key manager to support the draft IEEE P1619.3 key management specification. Subsequent releases will also support the recently announced OASIS KMIP key management standard, originally co-authored by Thales..."

See other details in the complete text of the announcement: "Brocade and Thales Announce Integration of Thales Encryption Manager for Storage with Brocade Encryption Switching Solutions. Industry's First Standards-Based Encryption Key Management Appliance and Leading Encryption SAN Switching Solutions Deliver Simplified, Cost-Effective Storage Encryption."

See also: Cryptographic Key Management

Civic Location Format Extension for Utility and Lamp Post Numbers
Robins George, Qian Sun, Henning Schulzrinne; IETF Internet Draft

Members of the IETF Emergency Context Resolution with Internet Technologies (ECRIT) Working Group have published an Internet Draft describing an extension to civic location format which adds a new element for PN (pole number). PN carries pole number information which can identify a civic location for emergency purposes. The I-D is Civic Location Format Extension for Utility and Lamp Post Numbers.

For example, in many cities in China, utility and lamp posts carry a unique identifier, which we call a pole number in this document. In some countries, the label on the lamp post also carries the local emergency service number, such as '110', encouraging callers to use the pole number to identify their location. This method is initially provided and implemented in China by Shenzhen police department. One suspects that this is particularly useful in cities where street naming and numbering systems make it difficult to accurately identify locations. The pole number is also useful to report broken street lights. The major disadvantage is that callers would have to enter the pole number manually, although it may be possible in the future to simply point a camera phone at the number and have it recognize the number using pattern recognition.

The solution augments descriptions for civic location identification defined by RFC 4776 ("Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information") and RFC 5139 ("Revised Civic Location Format for Presence Information Data Format Location Object (PIDF-LO)"). Specifically, RFC 4776 lists several civic address types (CAtypes) that require support in the formal PIDF-LO definition that are not in RFC 4119 ("A Presence-based GEOPRIV Location Object Format").

See also: the IETF Emergency Context Resolution with Internet Technologies (ECRIT) Working Group

Microsoft Opens Outlook Format, Gives Programs Access to Mail, Calendar, Contacts
John Fontana, ComputerWorld

Microsoft announced that it will "provide patent- and license-free use rights to the format behind its Outlook Personal Folders opening e-mail, calendar, contacts and other information to a host of applications such as antimalware or cloud-based services. Documenting and publishing the .pst format could open up entirely new feature sets for programs such as search tools for mining mailboxes for relevant corporate data, new security tools that scan .pst data for malicious software, or e-discovery tools for meeting compliance regulations...

The written documentation would explain how to parse the contents of the '.pst' file, which houses the e-mail, calendar and contact contents of Outlook Personal Folders. The documentation will detail how the data is stored, along with guidance for accessing that data from other software applications. The effort is designed to give programs the knowledge to read Outlook data stored on user desktops.

Full details are presented in the blog article of Paul Lorimer (Group Manager, Microsoft Office Interoperability) "Roadmap for Outlook Personal Folders (.pst) Documentation." Excerpt: "On desktops, this data is stored in Outlook Personal Folders... Developers can already access the data stored in the .pst file, using Messaging API (MAPI) and the Outlook Object Model—a rich set of connections to all of the data stored by Outlook and Exchange Server—but only if Outlook is installed on the desktop. In order to facilitate interoperability and enable customers and vendors to access the data in .pst files on a variety of platforms, we will be releasing documentation for the '.pst' file format. This will allow developers to read, create, and interoperate with the data in .pst files in server and client scenarios using the programming language and platform of their choice.. it will be released under our Open Specification Promise, which will allow anyone to implement the .pst file format on any platform and in any tool, without concerns about patents, and without the need to contact Microsoft in any way. Designing our high volume products to enable such data portability is a key commitment under our Interoperability Principles, which we announced in early 2008. We support this commitment through our product features, documented formats, and implementation of standards..."

See also: Lorimer's blog article

Meet the Object/XML Mapping Support in Spring
Brian Carey, IBM developerWorks

"Spring, a robust Java application framework developed by Rod Johnson, has gained wide acceptance within the Java development community. It is famous for high-tech buzz phrases such as "dependency injection," "inversion of control," and "aspect-oriented programming." It also supports the Model-View-Controller (MVC) pattern and plays nicely with various and sundry database drivers for data access. Additionally, it supports transaction management, unit testing, batch processing, and security...

A new feature, as of Spring 3.0, is the O/X Mapper. The concept of an O/X mapper is not new. The O stands for Object. The X stands for XML. The idea is to translate a Java object, almost always a plain old Java object or POJO, into an XML document and vice versa. So, for example, you might have a simple bean with a few attributes and you have a business need to translate that Java object into an XML document. Spring's O/X Mapper can handle that for you. If the reverse is true, Spring's O/X Mapper can also handle that. The Spring O/X Mapper simply defines consistent interfaces that are implemented by popular third-party frameworks. To take advantage of Spring's O/X functionality, you need a utility that handles the translation from Java object to XML and vice versa...

Spring's O/X mapping interface is a powerful addition to the Spring framework, allowing you can translate XML documents into Java objects and you can also translate Java objects into XML documents. It leverages one of the key advantages of Spring: dependency injection. Using dependency injection together with Spring's O/X Mapper, you can easily develop a solution using any one of a variety of O/X implementations such Castor, XBeans, JiBX, JAXB, and XStream..."

W3C Publishes Health Care and Life Science Interest Group Notes
Staff, W3C Announcement

W3C announced that members of the Scientific Discourse Task Force, part of the Semantic Web Health Care and Life Sciences Interest Group, have published three Interest Group Notes

Semantic Web Applications in Neuromedicine (SWAN) Ontology was edited by Paolo Ciccarese of Massachusetts General Hospital / Harvard Medical School. "Developing cures for highly complex diseases, such as neurodegenerative disorders, requires extensive interdisciplinary collaboration and exchange of biomedical information in context. Our ability to exchange such information across sub-specialties today is limited by the current scientific knowledge ecosystem's inability to properly contextualize and integrate data and discourse in machine-interpretable form. This inherently limits the productivity of research and the progress toward cures for devastating diseases such as Alzheimer's and Parkinson's. The SWAN (Semantic Web Applications in Neuromedicine) ontology is an ontology for modeling scientific discourse and has been developed in the context of building a series of applications for biomedical researchers, as well as extensive discussions and collaborations with the larger bio-ontologies community. This document describes the SWAN ontology of scientific discourse..."

SIOC, SIOC Types and Health Care and Life Sciences was edited by Alexandre Passant, DERI Galway at the National University of Ireland. "As in several other scientific domains, the use of social software (such as blogs or wikis) and social networking applications is now commonly accepted in the Health Care and Life Science (HCLS) research community, with services such as the SWAN Alzheimer Knowledge Base, myExperiment, WikiProfessional Concept Web, Connotea and Nature Networks. In general, however, these applications suffer from a lack of interoperability, and this makes the reuse of information a complex task. The SIOC Ontology (Semantically-Interlinked Online Communities) aims to solve these issues and provides a comprehensive model to represent online communities and related user-generated content items thanks to Semantic Web technologies. This note describes the changes to the SIOC Core Ontology since its W3C Member Submission in June 2007, the SIOC Types Module, and their relevance in the Health Care and Life Sciences context..."

"SWAN/SIOC: Alignment Between the SWAN and SIOC Ontologies describes the "alignment between the SWAN (Semantic Web Applications in Neuromedicine) and SIOC (Semantically-Interlinked Online Communities) ontologies, providing a complete model to represent Scientific Discourse in online communities at different levels of granularity (discourse elements and content items). The goal of this alignment is to make the discourse structure and component relationships much more accessible to computation, so that information can be navigated, compared and understood in context far better that at present, across and within domains..."

See also: the Semantic Web Health Care and Life Sciences (HCLS) Interest Group

Public Review: Election Markup Language (EML) Specification Version 6.0
John Borras and David Webber (eds), OASIS Public Review Draft

Members of the OASIS Election and Voter Services Technical Committee have approved a Committee Draft of "Election Markup Language (EML) Specification Version 6.0" and approved the document for public review through December 22, 2009.

EML Version 6.0 "describes the background and purpose of the Election Markup Language, the electoral processes from which it derives its structure and the security and audit mechanisms it is designed to support. It also provides an explanation of the core schemas used throughout, definitions of the simple and complex datatypes, plus the EML schemas themselves. It also covers the conventions used in the specification and the use of namespaces, as well as the guidance on the constraints, extendibility, and splitting of messages..."

Section 2 outlines the business and technical needs the committee is attempting to meet, the challenges and scope of the effort, and introduces some of the key framing concepts and terminology used in the remainder of the document. Section 3 describes two complementary high-level process models of an election exercise, based on the human and technical views of the processes involved. It is intended to identify all the generic steps involved in the process and highlight all the areas where standardized data is to be exchanged or referenced. The discussions in this section presents details of how the messages and data formats detailed in the EML specifications themselves can be used to achieve the goals of open interoperability between system components. Section 4 provides an overview of the approach that has been taken to creating the XML schemas. Section 5 provides descriptions of the core elements, data types and schemas developed to date. Appendices provide information on internet voting security concerns; use of the EML defined TimeStamp schema; the W3C Digital Signature technology; and Acknowledgements and a revision history..."

See also: earlier EML versions

ICANN to Move Toward Internationalized Domain Names
Rebecca Wanjiku, ComputerWorld

"The Internet Corporation for Assigned Names and Numbers appears poised to move forward on allowing Internationalized Domain Names, with a vote on the matter set for Friday [2009-10-30] at the organization's meeting in Seoul. For the last five years, ICANN has come under pressure to move away from the use of Web addresses written only in the Roman alphabet, so that users around the world can write Web addresses in their own languages and scripts. Some countries are impatient to adopt their own domain name systems for doing this, but such moves could fragment the Internet, making parts of it invisible to countries not using the same DNS. IDNs have been undergoing tests for the last three years and starting November 16, 2009, countries can apply to test country-code Top-Level Domains...

While [currently] some parts of a URL can be written in non-Latin languages, the country-code portion, such as .ru (Russia) or .jp (Japan), for instance, must use the Roman alphabet. Chinese, Arabic, Korean, Japanese, Greek, Hindi, Hebrew and Russian have been among the languages that cannot be used in a ccTLD or full e-mail address. For instance, a business card might be written in Korean, but the Internet domain and e-mail address were in English... Out of the 1.6 billion Internet users worldwide, 56% use languages that have scripts based on alphabets other than Latin, which was a catalyst in the IDN process..."

Update: see the announcement "ICANN Bringing the Languages of the World to the Global Internet: Fast Track Process for Internationalized Domain Names Launches November 16, 2009."

See also: the Wall Street Journal

Qualcomm Opens Focuses on Open Source With New Subsidiary
Nancy Gohring, InfoWorld

Qualcomm has built a new subsidiary to better integrate its products with mobile open-source software, in hopes of capitalizing on the trend toward open platforms in the mobile industry. The wholly owned subsidiary, called Qualcomm Innovation Center, currently consists of software engineers who work on hardware-optimizing, open-source mobile operating systems and applications...

In opening the new group, Qualcomm is following a clear trend in the mobile industry. According to a recent report from Juniper Research, 60 percent of the smartphone market is using an open-source operating system. As smartphones continue to make up a growing portion of the mobile-phone market, sales of open-source smartphones are expected to grow. Smartphones shipped with open-source operating systems will increase from 106 million in 2009 to 223 million by 2014..."

See also: the Qualcomm announcement


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
Microsoft Corporation
Oracle Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: