The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: February 10, 2010
XML Daily Newslink. Wednesday, 10 February 2010

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Sun Microsystems, Inc.

New BACnet Standard Addenda Support Data Representation in XML
Staff, ASHRAE Announcement

ASHRAE (American Society of Heating, Refrigerating And Air-Conditioning Engineers) recently announced the approval of XML Addendum to the BACnet Standard. "Arguably one of the most significant addenda in some time, Addendum 135-2008t was approved for publication at the ASHRAE Winter Meeting in Orlando, FL. The base specification is "ANSI/ASHRAE Standard 135, A Data Communication Protocol for Building Automation and Control Networks." In all, eight addenda were approved, and are expected to be available on by the end of February, 2010.

The addenda include a specification for a standard way of representing data in XML that will give BACnet new capabilities for communications between a wide range of applications. The Extensible Markup Language (XML) is a popular technology in the data processing and communications worlds due to its capability to model complex data and its flexibility to be transformed and extended...

The BACnet XML syntax is intended to be the core data representation for a variety of uses: (1) Powerful new Web services that are capable of efficient exchange of complex structured data. (2) An electronic version of a BACnet PICS document, consumable by workstations and other tools, to describe the capabilities of a device. (3) An "as built" description of a deployed device, distributed either as a separate file or as a BACnet File object resident in the device itself. (4) Descriptions of proprietary objects, properties and data types, which may be simple, for basic data sharing purposes, or extremely rich, providing complete descriptions of the meaning and usage of the data in multiple human languages. (5) An export/import format for tools and workstations publish their knowledge of a complete system of devices and networks. (6) An XML version of an EPICS, including the complete test database and other test-oriented data.

BACnet International is an industry association that facilitates the successful use of the BACnet protocol in building automation and control systems through interoperability testing, educational programs, and promotional activities. The BACnet standard was developed by ASHRAE and has been made publicly available so that manufacturers can create interoperable systems of products. BACnet International complements the work of the ASHRAE standards committee and BACnet-related interest groups around the world. BACnet International members include building owners, consulting engineers and facility managers, as well as companies involved in the design, manufacturing installation, commissioning, and maintenance of control equipment that uses BACnet for communication..."

See also: Building Automation and Control Networks (BACnet)

W3C Member Submission for Representing vCard Objects in RDF
Renato Iannella, Harry Halpin, Brian Suda, Norman Walsh; W3C Submission

W3C has acknowledged receipt of a Member Submission Representing vCard Objects in RDF from NICTA, Australian ICT Research Centre of Excellence. The document "specifies a Resource Description Framework (RDF) encoding of the vCard profile defined by RFC 2426 and to provide equivalent functionality to its standard format. The motivation is to enable the common and consistent description of people and organisations (using the existing semantics of vCard) and to encode these in RDF formats."

The specification is not intended to create a separate definition for the vCard schema. The sole purpose for the Member Submission is to define an alternative RDF mapping for the format defined by vCard. The RDF vCard does not introduce any capability not expressible in the format defined by vCard. However, an attempt has been made to leverage the capabilities of the RDF model to appropriately articulate the vCard semantics...

According to the W3C Team Comment on the Submission: "This submission updates an earlier member submission, 'Representing vCard Objects in RDF/XML'. The update is necessary since the original vCard member submission, one of the earliest vocabularies created by RDF, was found by some users to be difficult to deploy. This led to Norm Walsh and others creating an easy-to-use syntax, An ontology for vCards for the purpose of creating an easy-to-use mapping of the popular hCard microformat. However, this ontology was not given proper review or W3C status, and it was difficult to express many of the more complex vCard constructions using this language, even though in its most basic form it was deployed by applications like Yahoo! SearchMonkey. Furthermore, the existence of two distinct and conflicting specifications for expressing vCard in RDF left end-users in considerable confusion... We hope that the extensible nature of RDF as used in this member submission allows these various formats and versions to interoperate, and that the the necessary updates can be made in the context of the Semantic Web Interest Group and future Working Group. We expect there may be concrete recommendations for the future standardization in the final report of the Social Web..."

The IETF vCard specification "defines a data format for representing and exchanging a variety of information about individuals and other entities (e.g., formatted and structured name and delivery addresses, email address, multiple telephone numbers, photograph, logo, audio clips, ....) Electronic address books have become ubiquitous. Their increased presence on portable, connected devices as well as the diversity of platforms exchanging contact data call for this standard... A vCard XML Schema specification is also being developed and reviewed within IETF' It defines an XML representation for vCard. The underlying data structure is exactly the same, enabling a 1-to-1 mapping between the original vCard format and the XML representation. The XML formatting may be preferred in some contexts where an XML engine is readily available and may be reused instead of writing a stand-alone vCard parser... The general idea is to map vCard parameters, properties, and value types to XML elements..."

See also: vCard via the OASIS WS-Calendar Technical Committee

Down-to-Earth Contracts that Keep the Cloud Aloft
Keith Swenson and Jacques Durand, SYS-CON Cloud Computing Journal

"In this article the authors examine basic interoperability requirements when communicating with the Cloud, and in particular at techniques and standards used to express and enforce wire-level contracts between communicating parties, as these parties are increasingly also contracting parties in a Cloud environment. Many standards already developed for Web services and service-oriented architectures provide to the communicating parties a good understanding and control of the expected quality of service at the most basic level of the interaction...

Web services define contracts that cover various aspects of a Web interaction between different parties that are actual contracting business partners. These contractual aspects are in turn supported by various Web services standards: (1) The service interface definition covers the basic data transfer protocol. This is typically covered by a Web Service Definition File (WSDL W3C standard), which defines in turn the operations to be invoked and their binding to messaging protocol details... (2) The security requirements are described by policies (WS-Policy standard) that in turn relate to digital security-enabling standards that control access, integrity, authentication and confidentiality such as XML signature and encryption, SAML, XACML. Such policies can be attached to the Web service endpoint. (3) Reliability requirements are also covered by policy assertions (WS-Policy) attached to the Web service definition. They define the level of delivery assurance (message acknowledgements and resending rules, duplicate elimination, ordering) as covered by the WS-ReliableMessaging standard. (4) Other aspects of the Web services contract, such as where to send errors, where to send responses and how to make use of the underlying messaging protocol, are also described using established standards—WS-Addressing, SOAP bindings...

Various combinations of Cloud-based and in-house computing are expected to evolve. One model growing in popularity is the hybrid Cloud, where in-house applications - which may run themselves over an internal Cloud -- are accessing resources and sub-processes in the public Cloud. Another example is queue-based data transfers (e.g., cross-application transfer of records related to a customer or a patient). A third example is for a cloud to host a public face to another otherwise internal application. The rise of hybrid Clouds makes interoperability (technical contracts) a key requirement...

Such interoperability in turn will rely on three tenets: (1) Standard interfaces and protocols; (2) Distribution, assembly and choreography technologies—BPM, SOA and EDA will enable the design and deployment of applications distributed fully or partially over the Cloud. (3) Support for document-centric as well as service-centric communication... As Cloud applications move from pilot projects to production mode, these standards will also be valued in how well they support the contractual aspect of the Cloud, which concerns all the layers of the communication stack..."

Real-time Inter-Network Defense
Kathleen M. Moriarty (ed), IETF Internet Draft

An updated draft has been published for Real-time Inter-Network Defense (RID), relevant to the IETF Extended Incident Handling Working Group. Document Section 5 presents the RID XML Schema Definition where RID acts as an envelope for IODEF documents to support the exchange of messages. The XML schema and transport requirements contained in this document are normative, all other information provided is intended as informative. "Network security incidents, such as system compromises, worms, viruses, phishing incidents, and denial of service, typically result in the loss of service, data, and resources both human and system. Network providers and Computer Security Incident Response Teams need to be equipped and ready to assist in communicating and tracing security incidents with tools and procedures in place before the occurrence of an attack. Real-time Inter-network Defense outlines a proactive inter-network communication method to facilitate sharing incident handling data while integrating existing detection, tracing, source identification, and mitigation mechanisms across for a complete incident handling solution. Combining these capabilities in a communication system provides a way to achieve higher security levels on networks. Policy guidelines for handling incidents are recommended and can be agreed upon by a consortium using the security recommendations and considerations.

Details: "Incident handling involves the detection, reporting, identification, and mitigation of an attack, whether it be a system compromise, socially engineered phishing attack, or a denial of service attack. When an attack is detected, the response may include simply filing a report, notification to the source of the attack, a request for mitigation, or the request to locate the source. One of the more difficult cases is that in which the source of an attack is unknown, requiring the ability to trace the attack traffic iteratively upstream through the network for the possibility of any further actions to take place.

A communication mechanism is needed to facilitate the transfer of information to continue traces accurately and efficiently to upstream networks. The communication mechanism described in this paper, Real-time Inter-network Defense (RID), takes into consideration the information needed by various single network trace implementations and the requirement for network providers to decide if a trace request should be permitted to continue. The data in RID messages is represented in an Extensible Markup Language (XML) document using the Incident Object Description Exchange Format (IODEF) and RID. By following this model, integration with other aspects of the network for incident handling is simplified. Finally, methods are incorporated into the communication system to indicate what actions need to be taken closest to the source in order to halt or mitigate the effects of the attack at hand. RID is intended to provide a method to communicate the relevant information between Computer Security Incident Response Teams (CSIRTs) while being compatible with a variety of existing and possible future detection tracing and response approaches.

Security and privacy considerations are of high concern since potentially sensitive information may be passed through RID messages. RID messaging takes advantage of XML security and privacy policy information set in the RID schema. The RID schema acts as an XML envelope to support the communication of IODEF documents for exchanging or tracing information security incidents. RID messages are encapsulated for transport, which is defined in a separate document. The authentication, integrity, and authorization features each layer has to offer is used to achieve necessary level of security..."

See also: the IETF Extended Incident Handling (INCH) Working Group

Right-to-left Scripts for IDNA
Harald Tveit Alvestrand and Cary Karp, IETF Internet Draft

The Internet Engineering Steering Group (IESG) announced the approval of Right-to-left Scripts for IDNA as an IETF Proposed Standard. The specification was produced by members of the IETF Internationalized Domain Names in Applications, Revised (IDNABIS) Working Group, chaired by Vinton Cerf. This WG WG was chartered to decouple IDNA from specific versions of Unicode using algorithms that define validity based on Unicode properties.

Abstract: "The use of right-to-left scripts in internationalized domain names has presented several challenges. This memo proposes a new BIDI rule for IDNA labels, based on the encountered problems with some scripts, and some shortcomings in the 2003 IDNA BIDI criterion. Document Section 2 defines a rule, the 'BIDI rule', which can be used on a domain name label to check how safe it is to use in a domain name of possibly mixed directionality. The primary initial use of this rule is as part of the IDNA 2008 protocol. Section 3 sets out the requirements for defining the BIDI rule. Section 4 gives detailed examples that serve as justification for the new rule. Section 5 to Section 9 describe various situations that can occur when dealing with domain names with characters of different directionality."

"The initial impetus for the revisiting of the IDNA 2003 proposed standards emerged in written form in RFC 4690. An informal technical team worked to develop a framework for consideration that was later discussed, edited, and ratified to create the IDNABIS working group in 2008. Readers will note that this is nearly 2010 but the new specifications bear the label IDNA2008 because the work was started in that year. The documents resulting from the IDNABIS Working Group effort have been extensively discussed over a two year period by the WG and by interested parties especially language experts in the Chinese, Japanese and Hangul spaces, speakers of Hebrew, Indic languages as well as a working group of expert Arabic speakers. The WG has had the participation of several Unicode consortium representatives. There was controversy during the development of these documents but a rough consensus has formed around the recommendations.

Document Quality: "There are test implementations of the rules proposed by IDNA 2008 but no released operational software. Such implementations have awaited the achievement of rough consensus on the controversial parts of the new proposals. Inputs from special expert bodies such as a Korean expert language group, an informal Arabic speakers group, and a number of individual commentators from the Unicode community, among others, have contributed to the documents as they now exist. Multiple implementations of the Tables rules have confirmed the stability of the definitions under distinct implementations."

See also: the Internationalized Domain Names in Applications, Revised (idnabis) Working Group

Using Apache Wink, Eclipse, and Maven to Develop RESTful Web Services
Gabriel Mateescu, IBM developerWorks

"Apache Wink is an Apache incubator project that enables the creation and consumption of REST Web services. With REST Web services, the interaction between clients and services is constrained to a set of predefined operations, and the complexity of the client-server interactions is limited to the resource representations exchanged between the client and services. This approach allows you to build interoperable, scalable, and reliable REST-based distributed hypermedia systems...

This article shows how to develop, deploy, and run RESTful Web services using Apache Wink along with the Eclipse IDE and the Maven project management tool... JAX-RS defines an API for RESTful Java Web Services over the HTTP protocol. JAX-RS implementations include Apache Wink, Sun Jersey, and JBoss RESTEasy. This article uses Apache Wink.

JAX-RS harnesses the power of Java annotations, using annotations to perform operations such as: (1) Binding HTTP methods and URIs to methods of a Java class; (2) Injecting elements from the URI or the HTTP header as method parameters; (3) Converting the body of an HTTP message to and from a Java type; (4) Binding URI patterns to Java classes and methods—the @Path annotation; (5) Binding HTTP operations to Java methods—the @GET, @POST, @PUT, and @DELETE annotations...

This article only scratches the surface of developing Apache Wink services. Other important features of Apache Wink include link builders, custom message body readers, and writers for non-supported data formats."

See also: the Apache Wink Incubation Project

Fujitsu's Smarter RFID Tags Track Loads of Laundry
R. Colin Johnson, Smarter Technology

"When the new Fairmont Pacific Rim Hotel opened this month in Vancouver, British Columbia—just in time for the Winter Olympics—it served as the showcase for a smarter radio frequency identification (RFID) system that is tracking its 10,000 employee uniforms and 25,000 bathrobes, towels, tablecloths, sheets and other linens. All 35,000 textiles in Fairmont's real-time inventory have now been made smarter by having Fujitsu WT-A511 RFID tags sewn into them...

Dan Dalton, director of new product development at Fujitsu Frontech: "In both the hotel and the garment rental industries, you've got literally hundreds of garments going in and out of facilities everyday, and right now a lot are using bar codes, which have to be laboriously scanned in one at a time... We are at the beginning of a whole new marketplace for hotels, uniform rental services, tuxedo rental services, cleaning services of all types—where 50, 100, even 200 garments can be scanned at the same time."

Fujitsu's RFID tags are designed to last longer than a garment's average lifetime—about 200 washings or 50 dry-cleaning cycles—and to withstand temperatures of 250 degrees Fahrenheit for drying and 400 degrees Fahrenheit for manual ironing and uniform-pressing machines..."

See also: the earlier memo on Physical Markup Language (PML)

Google to Test Ultrafast Broadband to the Home
Stephen Shankland, CNET

"Google, never satisfied with the pace of change, plans a test that will provide 50,000 to 500,000 people with fiber-optic broadband Internet access with a network speed of a gigabit per second starting as soon as this year. The company plans to use the experiment to test new ways to build fiber networks and to see what applications programmers can write. And Chief Executive Eric Schmidt called for better Internet access in the United States in a Washington Post op-ed Wednesday, calling it a matter of national competitiveness..."

Google product managers Minnie Ingersoll and James Kelly: "We're planning to build and test ultra high-speed broadband networks in a small number of trial locations across the United States. We'll deliver Internet speeds more than 100 times faster than what most Americans have access to today with 1 gigabit per second, fiber-to-the-home connections..."

"Other Google services stand to gain from faster Net speeds. For example, high-definition video could help attract studios and make YouTube a pay-per-view competitor to Netflix and cable TV. Or Chrome OS, with its Web-based applications, could become a more responsive competitor to traditional operating systems. Google Voice, which is being augmented with voice-over-IP service, could become more compelling."

From the Google announcement: "Imagine sitting in a rural health clinic, streaming three-dimensional medical imaging over the web and discussing a unique condition with a specialist in New York. Or downloading a high-definition, full-length feature film in less than five minutes. Or collaborating with classmates around the world while watching live 3-D video of a university lecture. Universal, ultra high-speed Internet access will make all this and more possible... We'll deliver Internet speeds more than 100 times faster than what most Americans have access to today with 1 gigabit per second, fiber-to-the-home connections. We plan to offer service at a competitive price to at least 50,000 and potentially up to 500,000 people... Our goal is to experiment with new ways to help make Internet access better and faster for everyone. Here are some specific things that we have in mind: (1) Next generation apps: We want to see what developers and users can do with ultra high-speeds, whether it's creating new bandwidth-intensive 'killer apps' and services, or other uses we can't yet imagine. (2) New deployment techniques: We'll test new ways to build fiber networks, and to help inform and support deployments elsewhere... (3) Openness and choice: We'll operate an 'open access' network, giving users the choice of multiple service providers..." The RFI adds some details.

See also: the Google announcement


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
Microsoft Corporation
Oracle Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: