The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: May 10, 2010
XML Daily Newslink. Monday, 10 May 2010

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
ISIS Papyrus

SOA Repository Artifact Model and Protocol (S-RAMP) Specifications
HP, IBM, Software AG, and TIBCO; Industry Specification

Note 2010-09-29: See the Charter Proposal for an OASIS SOA Repository Artifact Model and Protocol (S-RAMP) Technical Committee.

Draft versions of a two-part SOA Repository Artifact Model and Protocol (S-RAMP) specification have been published by members of Hewlett-Packard Company (HP), International Business Machines Corporation (IBM), Software AG (SAG), and TIBCO Software Inc. As of 2010-05-10, the SOA Repository Artifact Model & Protocol was made available as a jointly authored specification, "but the authors plan to move this effort to an existing standards body during 2010. The authoring companies are currently evaluating an appropriate standards body for submission of this specification."

Background: "Service Oriented Architecture (SOA) is an architectural approach to designing applications and business processes by consuming business logic from reusable software components exposed as network accessible services. In today's environment, vendors offer tools to facilitate various activities across the life cycle of a SOA artifact, such as design, assembly, quality assurance, deployment and runtime operation of SOA based applications and business processes. The SOA repository provides the foundation for all these activities. The draft specification 'SOA - Repository Artifact Model and Protocol (S-RAMP)' codifies how SOA information models are represented by artifacts (including their associated metadata) in a SOA repository. This specification also defines bindings to support interaction with the SOA repository, including create, read, update, delete, query, and subscription for notifications. It defines the Artifact Type Model and provides various bindings which define the syntax needed to support interaction with a SOA repository. This approach to providing flexible access to SOA artifacts will facilitate interoperability and provide customers with more choices of tools that can be used to interoperate with any S-RAMP compliant SOA repository implementation...

The 'SOA - Repository Artifact Model and Protocol' (S-RAMP) specification defines a common data model for SOA repositories to facilitate the use of common tooling and sharing of data. It provides a rich representation data model that supports query. It includes binding(s) which document the syntax for interaction with a compliant repository for create, read, update, delete and query operations within the context of each binding. Initially, only one binding will be defined, but others can be added... The SOA Repository specification references the SOA Ontology work of The Open Group; the SOA Repository specification's dependence on the SOA Ontology, while important, is only a single element of this specification, and the authors' intent is that S-RAMP will be updated as necessary upon completion of the SOA Ontology work...

The SOA Repository specification is organized into multiple documents: (1) The Foundation document is the base (common) document for the specification. It describes the data model and a binding independent XML Schema serialization, together with other features which are common to all the protocol specific API binding(s). The Foundation document further defines a profile of OWL Lite to establish a simple yet powerful grammar for users to create classification systems which can be interoperable between repository implementations. Finally, the Foundation document defines a profile of XPath2 to support query operations. (2) The Atom Binding document defines an API mapping to Atom which supports create, read, update, delete and query operations with a SOA Repository. It is designed to maximize the information available to an Atom reader while still supporting the meta-data richness available in the SOA Repository data model. It also defines an XML Schema for the Atom specific serialization..." Supporting resources include Atom Binding Model Schema, Core Model Schema, Policy Model Schema, Service Implementation Model Schema, SOA Model Schema, SOAP WSDL Model Schema, WSDL Model Schema, and XSD Model Schema. [Note: a presentation Emerging Standards for Service Registry and Repository from the IBM developerWorks web site provides an overview of S-RAMP.]

See also: the S-RAMP project web site

Flatirons iCMS iPhone App Supports CMIS Standard
Staff, Flatirons Solutions Corporation Announcement

Flatirons Solutions has announced the availability of a new mobile device application that allows authorized users to securely access Enterprise Content Management (ECM) platforms to view assets and metadata, participate in workflows, and view rich media on their mobile device. The iPhone version of iCMS is now available at no cost at the Apple iTunes App Store.

The application, called iCMS, builds on the OASIS Content Management Interoperability Services (CMIS) standard, and supports the EMC Documentum solution as well as iPhone and iPod Touch mobile devices. Flatirons Solutions plans to extend the iCMS application to support other CMIS-compliant content management platforms and mobile devices, including Android and the recently released Apple iPad.

The lightweight iCMS architecture includes both client and JSON-based server side components, and can be extended to support a wide array of client-specific business needs. iCMS is ideally suited for organizations whose knowledge workers need mobile access to an ECM repository in order to make decisions, advance business processes and approve formally managed content.

Flatirons Solutions Chief Technical Officer Eric Severson noted that the iCMS application is a good example of the leading edge work that Flatirons Solutions does to support the rapidly evolving needs of its clients: 'As knowledge workers come to rely on mobile devices as a means of accessing enterprise information, optimizing the delivery of content to these devices becomes a critical business requirement. iCMS demonstrates Flatirons' leadership in meeting these requirements'..."

See also: general CMIS references

IETF Update: vCard Format Specification
Simon Perreault and Peter W. Resnick (eds), IETF Internet Draft

Members of the IETF vCard and CardDAV (VCARDDAV) Working Group have released an updated level -11 draft for the vCard Format Specification. vCard defines a data format for representing and exchanging a variety of information about individuals and other entities (e.g., formatted and structured name and delivery addresses, email address, multiple telephone numbers, photograph, logo, audio clips, etc.). Electronic address books have become ubiquitous. Their increased presence on portable, connected devices as well as the diversity of platforms exchanging contact data call for a standard. The vCard Format Specification defines the vCard format, which allows the capture and exchange of information normally stored within an address book or directory application.

The format defined by vCard is a text-based format (as opposed to a binary format). An associated specification 'vCard XML Representation' defines an XML representation for vCard. The underlying data structure is exactly the same, enabling a 1-to-1 mapping between the original vCard format and the XML representation. The XML formatting may be preferred in some contexts where an XML engine is readily available and may be reused instead of writing a stand-alone vCard parser. The general idea in the design is to map vCard parameters, properties, and value types to XML elements. For example, the 'FN' property is mapped to the 'fn' element. That element in turn contains a text element whose content corresponds to the vCard property's value.

Principal changes in the updated vCard level -11 IETF Internet Draft include: Change 'XML chunk' to 'XML fragment'; Cite W3C document containing definition of 'fragment'; Added 'XML' to property name ABNF; Clarified newline escaping rule; Replaced one remaining 'type' with 'property'; Removed case insensitivity of parameter values; XML property can now only contain one element that is not in the vCard 4 namespace; Clarified interrelationship between LANGUAGE, cardinality, and PID; Added 'textphone' TEL type; Fixed quoting of comma in ORG examples.

The IETF vCard and CardDAV (VCARDDAV) Working Group was chartered to define "standards track access protocols for personal address book data, to support the following applications: (1) Mail User Agents use PAB data to assist outgoing email addressing and may use vCard attachments to transport PAB data between users. (2) Calendar User Agents use PAB data to invite attendees to events (3) Instant Messaging User Agents can provide additional information about a user's buddies if they can be associated with a user's PAB entry. (4) A server-side Sieve engine with the spamtest/virustest extension would benefit from access to a user's PAB to provide per-user white list capabilities. (5) Various deployed challenge-response mechanisms for email present in Mail Transfer Agents, such as TMDA, would be improved by a PAB-based white list. (6) Mobile device synchronization software might be simplified by a single cross-platform PAB access protocol. (7) A voice conference or IP telephony system could access a user's PAB to provide name-based or nickname-based dialing... [Hitherto] due to the lack of a standard access control model for LDAP, the lack of a standard LDAP schema and DIT-model for vCard PAB objects, and the different access patterns for PAB data (as opposed to directory data), the use of LDAP as an access protocol for PABs has had mixed results in practice..."

See also: the vCard XML Representation specification

W3C Publishes XML Linking Language (XLink) 1.1 as a W3C Recommendation
Steve DeRose, Eve Maler, David Orchard, Norman Walsh (eds), W3C Technical Report

An announcement from W3C reports on the approval of XML Linking Language (XLink) Version 1.1 as a W3C Recommendation, effective May 06, 2010. The updated specification was produced by members of the W3C XML Core Working Group as part of the W3C XML Activity.

The XLink Version 1.1 specification defines the XML Linking Language which which allows structural elements to be inserted into XML documents in order to create and describe links between resources. It uses XML syntax to create structures that can describe links similar to the simple unidirectional hyperlinks of today's HTML, as well as more sophisticated links. Changes from XLink 1.0 include: 'xlink:type' is no longer required for simple links, IRIs [Internationalized Resource Identifiers] are used instead of URIs, and the specification includes non-normative sample XML Schema and RELAX NG grammars.

From the document Introduction: "XLink provides a framework for creating both basic unidirectional links and more complex linking structures. It allows XML documents to: assert linking relationships among more than two resources, associate metadata with a link, and express links that reside in a location separate from the linked resources An important application of XLink is in hypermedia systems that have hyperlinks. A simple case of a hyperlink is an HTML 'A' element, which has these characteristics: (1) The hyperlink uses IRIs as its locator technology. (2) The hyperlink is expressed at one of its two ends. (3) The hyperlink identifies the other end (although a server may have great freedom in finding or dynamically creating that destination). (4) Users can initiate traversal only from the end where the hyperlink is expressed to the other end. (5) The hyperlink's effect on windows, frames, go-back lists, style sheets in use, and so on is determined by user agents, not by the hyperlink itself. For example, traversal of 'A' links normally replaces the current view, perhaps with a user option to open a new window. This set of characteristics is powerful, but the model that underlies them limits the range of possible hyperlink functionality. The model defined in this specification shares with HTML the use of IRI technology, but goes beyond HTML in offering features, previously available only in dedicated hypermedia systems, that make hyperlinking more scalable and flexible. Along with providing linking data structures, XLink provides a minimal link behavior model; higher-level applications layered on XLink will often specify alternate or more sophisticated rendering and processing treatments..."

The W3C XML Core Working Group has been chartered through January 2011 to maintain and develop as needed core XML specifications. The XML Core Working Group is chartered to consider comments on the following existing specifications: XML 1.0, XML 1.1; Namespaces in XML 1.0, Namespaces in XML 1.1; XML Information Set; XML Base; xml:id; Associating Stylesheets with XML; XML Linking Language; XInclude; XPointer Framework, xmlns() scheme, element() scheme. The Working Group is responsible for updating errata documents and publishing new editions incorporating published errata when appropriate... The XML Core Working Group is also responsible for maintaining the test suites associated with the specifications listed in the Charter Scope section and providing careful updates as warranted.

See also: the W3C XML Core Working Group

Public Review for OASIS XACML TC Specifications
Staff, OASIS Announcement

Members of the OASIS Extensible Access Control Markup Language (XACML) Technical Committee have approved a specification package for public review through June 6, 2010. The specification set includes five separate prose documents and multiple associated XML Schema files.

Extensible Access Control Markup Language (XACML) Version 3.0 defines mechanisms to express well-established ideas in the field of access control policy using an extension language of XML, including: a method for combining individual rules and policies into a single policy set that applies to a particular decision request; a method for flexible definition of the procedure by which rules and policies are combined; a method for dealing with multiple subjects acting in different capacities; a method for basing an authorization decision on attributes of the subject and resource; a method for dealing with multi-valued attributes; method for basing an authorization decision on the contents of an information resource; set of logical and mathematical operators on attributes of the subject, resource and environment; a method for handling a distributed set of policy components, while abstracting the method for locating, retrieving and authenticating the policy components... If implemented throughout an enterprise, a common policy language allows the enterprise to manage the enforcement of all the elements of its security policy in all the components of its information systems. Managing security policy may include some or all of the following steps: writing, reviewing, testing, approving, issuing, combining, analyzing, modifying, withdrawing, retrieving, and enforcing policy.

The SAML 2.0 Profile of XACML Version 2.0 specification defines a profile for the integration of the OASIS Security Assertion Markup Language (SAML) Version 2.0 with all versions of XACML. SAML 2.0 complements XACML functionality in many ways, so a number of somewhat independent functions are described in this profile: (1) use of SAML 2.0 Attribute Assertions with XACML, including the use of SAML Attribute Assertions in a SOAP Header to convey Attributes that can be consumed by an XACML PDP, (2) use of SAML to carry XACML authorization decisions, authorization decision queries, and authorization decision responses, (3)use of SAML to carry XACML policies, policy queries, and policy query responses, (4) use of XACML authorization decisions or policies as Advice in SAML Assertions, and (5) use of XACML responses in SAML Assertions as authorization tokens. Particular implementations may provide only a subset of these functions.

The specification XACML v3.0 Multiple Decision Profile Version 1.0 provides a profile for requesting more than one access control decision in a single XACML Request Context, or for requesting a single combined decision based on multiple individual decisions. XACML v3.0 Hierarchical Resource Profile Version 1.0 provides a profile for the use XACML with resources that are structured as hierarchies. The profile addresses resources represented as nodes in XML documents or represented in some non-XML way. The profile covers identifying nodes in a hierarchy, requesting access to nodes in a hierarchy, and specifying policies that apply to nodes in a hierarchy. XACML Intellectual Property Control (IPC) Profile Version 1.0 defines a profile for the use of XACML in expressing policies for intellectual property control (IPC). It defines standard attribute identifiers useful in such policies, and recommends attribute value ranges for certain attributes.

See also: the OASIS announcement

Open Source 'TAMELizer' Test Engine for Verifying Semantic Consistency
Jacques R. Durand, Technical Communication

Members of the OASIS Test Assertions Guidelines (TAG) Technical Committee and others have collaborated to create community open source TAMELizer software featuring a test engine to verify semantic consistency of XML artifacts and content. This general purpose testing tool for XML artifacts is the result of three years of experience and development with a similar but more specialized tool for WS-I profile testing. Tamelizer capitalizes on and generalizes the learnings of WS-I profile testing as a typical case of system testing (Web Services endpoints) involving various XML artifacts, where more conventional document-focused XML test tools were initally tried but were not sufficient.

From the Web site description: "TAMELizer can verify structural and semantic constraints (including arithmetic and date calculations), compatibility across documents, and other content profiles. However the focus is more on rules and constraints—within and across documents — than on expressing or enforcing document structure (e.g. using schema-like representations). TAMELizer leverages the expression power of XPath 2.0 and of its libraries. The basic unit of test expression and of test execution is the test assertion that can be seen as a rule (both semantic and syntactic) over and across XML artifacts and documents.

TAMELizer uses an approach different from existing XML test tools more specialized on document testing, because the XML artifacts it processes can represent any kind of entity subject to testing in addition to business documents: catalogs, metadata files, configuration files, monitor captures, output of previous tests, and test definitions themselves. Strong correlation, consistency checking and reporting capabilities in handling combinations of such artifacts allows TAMELizer to facilitate the testing of software systems and applications — e.g. for conformance to a standard or a specification...

The underlying model uses conventional test constructs: a test suite is defined as a workflow of individual test cases, here executable test assertions. The innovation is in leveraging XPath and XSLT for expressing and processing these test assertions. Every test assertion is a separate test unit to be reported on, but also as a rule that can be subject to inferences: an embedded forward-chaining rule engine automatically combines and orders test assertions into logical workflows (e.g. 'do test B only if test A was successful'). A test assertion can also 'summarize' the results of a group of test assertions... The TAMELizer project is funded and maintained by Fujitsu America, Inc. in order to promote the development of test assertions and to facilitate and standardize the testing of software systems and applications..."

See also: the OASIS Test Assertions Guidelines (TAG) TC


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: