The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: July 19, 2010
XML Daily Newslink. Monday, 19 July 2010

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Oracle Corporation

Rackspace Joins NASA in Open-Source OpenStack Cloud Platform
Darryl K. Taft, eWEEK

"Rackspace Hosting has announced the launch of OpenStack, an open-source cloud platform designed to foster the emergence of technology standards and cloud interoperability. Rackspace said it is donating the code that powers its Cloud Files and Cloud Servers public-cloud offerings to the OpenStack project...

Jonathan Bryce, co-founder of the Rackspace cloud, said the OpenStack project also will incorporate technology that powers the NASA Nebula Cloud Platform. Rackspace and NASA plan to actively collaborate on joint technology development and leverage the efforts of open-source software developers worldwide. Rackspace and NASA have committed to use OpenStack to power their cloud platforms, and Rackspace will dedicate open-source developers and resources to support adoption of OpenStack among enterprises and service providers.

NASA Nebula is a cloud computing service based at NASA Ames Research Center that provides high performance compute, network and data storage services to NASA scientists and researchers. Nebula allows NASA to share and process large scientific data sets and was one of three flagship projects highlighted in NASA's Open Government Plan...

Lew Moorman, president of the cloud business and chief strategy officer at Rackspace: 'We are founding the OpenStack initiative to help drive industry standards, prevent vendor lock-in and generally increase the velocity of innovation in cloud technologies.. Nebula Cloud Platform is a tremendous boost to the OpenStack community. We expect ongoing collaboration with NASA and the rest of the community to drive more-rapid cloud adoption and innovation, in the private and public spheres'..."

See also: NASA's Open Government Plan

A Pure SASL Mechanism for OpenID Using SAML
Klaas Wierenga and Eliot Lear (eds), IETF Internet Draft

IETF has published an updated Internet Draft for a spefification defining A SASL Mechanism for SAML. Abstract: "Security Assertion Markup Language (SAML) has found its usage on the Internet for Web Single Sign-On. Simple Authentication and Security Layer (SASL) and the Generic Security Service Application Program Interface (GSS-API) are application frameworks to generalize authentication. This memo specifies a SASL mechanism and GSS-API mechanism for SAML 2.0 that allows the integration of existing SAML Identity Providers with applications using SASL and GSS-API. This revision provides support for authorization identity, adds GSS-API specifics, and adds a client supplied IdP...

From the Introduction: "Simple Authentication and Security Layer (SASL) is a generalized mechanism for identifying and authenticating a user and for optionally negotiating a security layer for subsequent protocol interactions. SASL is used by application protocols like IMAP, POP and XMPP. The effect is to make modular authentication, so that newer authentication mechanisms can be added as needed. This memo specifies just such a mechanism.

The Generic Security Service Application Program Interface (GSS-API) provides a framework for applications to support multiple authentication mechanisms through a unified interface. This document defines a pure SASL mechanism for OpenID, but it conforms to the new bridge between SASL and the GSS-API called GS2. This means that this document defines both a SASL mechanism and a GSS-API mechanism. We want to point out that the GSS-API interface is optional for SASL implementers, and the GSS-API considerations can be avoided in environments that uses SASL directly without GSS-API.

As currently envisioned, this mechanism is to allow the interworking between SASL and SAML in order to assert identity and other attributes to relying parties. As such, while servers (as relying parties) will advertise SASL mechanisms (including SAML), clients will select the SAML SASL mechanism as their SASL mechanism of choice. The SAML mechanism described in this memo aims to re-use the available SAML deployment to a maximum extent and therefore does not establish a separate authentication, integrity and confidentiality mechanism. It is anticipated that existing security layers, such as Transport Layer Security (TLS), will continued to be used..."

See also: the OASIS Security Services (SAML) Technical Committee

What's This Thing Called CMIS? Part 3: Folders, Path, Versions
Jens Hübel, Open Text Blog

From Part 3 in an ongoing series: "Folders are well known concept. They are present even in the simplest form of file systems used all over the place. Access by path is also a well known pattern from the files system or from the World Wide Web. Versions are typically not available in a file system but are available in most document management systems. They are essential for any kind of collaborative editing and they can be used to preserve the history of a document...

In CMIS every repository can have a folder hierarchy. Each folder has at least one parent folder. There is one special folder without a parent called the root folder. The navigation service in CMIS is used to navigate along the folder hierarchy. There are methods to get the parent(s) for an object or to enumerate the children. Each folder has a unique ID. The id of the root folder is part of the repository info. The details how repository implementations implement folders vary. Therefore the CMIS specification has some optional. One of this options allows a document being contained in more than one folder. This feature is called multi-filing and is only available for documents. A document therefore can have multiple parents...

Path Access: In many cases CMIS objects are identified by the path. The path points to the location in the folder hierarchy with a special character '/' separating the folders. A path is another mechanism to access a document in addition to the object ID. Paths are used in the World Wide Web (URL) or from file systems. CMIS supports retrieving objects by their path (getObjectByPath in the ObjectService) or by their ID (getObject)...

Versions: A document in CMIS can exist in multiple versions. Only documents can be versioned: other objects like folders, relationships, etc. can't be versioned. Not every document can be versioned. Whether versioning is supported or not is determined by the Document Type (versionable property). CMIS supports a simple linear versioning model. Versions can be major or minor. A version series indicates all versions that belong to one document... The VersioningService is used to create and access versions. To create a new version in a version series the document needs to be checked out. After checking out you get a private working copy (PWC). A private working copy also has an ID. Only one PWC can exist at any point in time for a version series, where a PWC can be updated and edited by the user who owns the PWC..."

See also: the OASIS CMIS TC web site

Microsoft SharePoint 2010 Administration Toolkit v1.0 Supports CMIS
Ryan Duguid, Microsoft Announcement

According to the Version 1.0 Software documentation, Release notes of July 08, 2010: "Content Management Interoperability Services (CMIS) connector can be installed on any computer running Windows Server 2008 x64 or Windows Server 2008 R2 x64 and the Secure Store Service in SharePoint Server 2010.

"The Microsoft SharePoint 2010 Administration Toolkit contains functionality to help administer and manage Microsoft SharePoint Foundation 2010 and Microsoft SharePoint Server 2010... Content Management Interoperability Services (CMIS) connector for SharePoint Server 2010: The Content Management Interoperability Services (CMIS) connector for SharePoint Server 2010 enables SharePoint users to interact with content stored in any repository that has implemented the CMIS standard, as well as making SharePoint 2010 content available to any application that has implemented the CMIS standard.

The CMIS connector for SharePoint Server 2010 includes two features: (1) The Content Management Interoperability Services (CMIS) Consumer Web Part, which can be added to any SharePoint page. This Web Part displays and lets users interact with the contents of any CMIS repository. (2) The Content Management Interoperability Services (CMIS) Producer, which allows applications to interact with SharePoint lists and document libraries programmatically by means of the interfaces defined in the CMIS standard..."

Further details about the CMIS connector are provided in blogs by Bill Baer and Ryan Duguid, from the MSDN Blog Postings.

WeWebU Open Source OpenWorkdesk Supports CMIS-Compliant ECM Systems
Staff, Sodtware Product Announcement from WeWebU Software AG

"WeWebU Software AG, manufacturer of standard software for Enterprise Information Management (EIM), has released the Community Edition of its OpenWorkdesk. This suite of applications for Enterprise Content Management (ECM) with an intuitive and user-friendly Web 2.0 front -end is now available as Open Source software and can be downloaded completely without charge from SourceForge.

For many years, customers have grown to rely on the proven technology of WeWebU OpenWorkdesk's powerful functionality, usability, versatility, security, stability, and performance. The OpenWorkdesk Community Edition is now the Open Source standard for intuitive usability and management of CMIS-compliant ECM systems. It provides all the necessary features for eFile management and retrieval and hence enables users without ECM system experience to use state-of-the-art ECM functionalities with minimal training.

The Community Edition allows customers and system integrators to build their own Composite Content Applications and vertical document solutions using WeWebU OpenWorkdesk. It also enables them to combine these solutions with minimal effort with their other existing applications. Furthermore, the regular availability of future Community Edition releases gives the customers the exclusive chance to try out all the latest new features at the earliest possible opportunity.

Combining OpenWorkdesk with a CMIS-compliant ECM repository, such as Alfresco ECM, provides a powerful low-cost alternative solution, which delivers document management and retrieval in a professional way. Once customers are certain that OpenWorkdesk suits their needs and they would like to be able to run more advanced projects with higher demands on security and functionality, they should consider either subscribing to OpenWorkdesk Pro Edition or licensing OpenWorkdesk Enterprise Edition..."

See also: the blog article

Considering SugarCRM? Don't Fall Into the Open Source Purity Trap
Savio Rodrigues, InfoWorld

"SugarCRM's recent launch of Sugar 6 CRM raised the thorny 'but is it open source' question yet again. The question puts too much weight on the accessibility of the product's source code or whether the product has a large enough user community...

SugarCRM offers a free AGPLv3-licensed Sugar Community Edition and commercially licensed Sugar Professional and Sugar Enterprise editions. All three editions provide the user with the product's source code. Paying customers with access to the Professional or Enterprise edition's source code can modify the code, but they are not allowed to redistribute the source code as per term 3 of the commercial license.

SugarCRM officials have noted that, like many other open source products, SugarCRM customers virtually never make code modifications, despite having access to the source code. Not surprisingly, functional differences among the Community, Professional, and Enterprise editions of Sugar 6 CRM exist. These differences, specifically the new user interface that is available only to paying customers, has drawn attention from pundits and commenters.

As large and vibrant as the SugarCRM user community is, even with access to the product's source code, expecting that another vendor will rise from the community to provide a better customer-to-vendor experience than SugarCRM does itself is a big, iffy assumption—one that should not be part of your product selection decision. Keep in mind that Vtiger has already forked the SugarCRM code, and yet has not been able to provide a sufficiently strong value proposition to attract enough existing or potential SugarCRM customers..."

Moving to the Edge: An ACM CTO Roundtable on Network Virtualization
Mache Creeger, ACM Queue

How will virtualization technologies affect network service architectures? The general IT community is just beginning to digest how the advent of virtual machines and cloud computing is changing their world. These new technologies promise to make applications more portable and increase the opportunity for more flexibility and efficiency in both on-premises and outsourced support infrastructures. However, virtualization can break long-standing linkages between applications and their supporting physical devices. Before data-center managers can take advantage of these new opportunities, they must have a better understanding of service infrastructure requirements and their linkages to applications.

In this ACM CTO Roundtable, leading providers and users of network virtualization technologies discuss how virtualization and clouds impact network service architectures, in their abilities both to move legacy applications to more flexible and efficient virtualized environments and to enable new types of network functionality. Roundtable participants include Simon Crosby (Citrix Systems), Oliver Tavakoli (Juniper Networks), Lin Nease (Hewlett-Packard), Martin Casado (Nicira Inc), Surendra Reddy (Yahoo!), Charles Beeler (El Dorado Ventures), Steve Bourne (Past President, ACM), Mache Creeger (Emergent Technology Associates).

Excerpt: [CROSBY]: "Virtualization challenges the binding of infrastructural services to physical devices. One can no longer reason about the presence or the utility of a service function physically bound to a device and its relationship to a specific workload. Workloads now move around, based on demand, response time, available service capacity, resource prices, etc. While the networking industry was founded on a value proposition tied to a specific physical box, virtualization as a separation layer has introduced a profound challenge to that premise...

[REDDY:] In the next two to three years our goal is to make the building of an application, its packaging, and deployment completely transparent. I want to specify SLA (service-level agreement), latency, and x-megabit-per-second throughput and receive a virtual network that satisfies the requirement. I don't care if it's Cisco, Juniper, or whatever. What I want is a service provider that constructs and delivers the network that is required. As the end user, I care about only the above-the-line result..."

Create Rich Data-Centric Web Applications Using JAX-RS, JPA, and Dojo
Michael Galpin, IBM developerWorks

Many web applications are data centric: they present persistent data and allow the user to create or update this data. It sounds simple enough, but even when it comes to something as basic as reading and writing data from a database, things can get ugly. However, the Java Persistence API (JPA) greatly reduces the amount of tedious boilerplate code that you must write

This article demonstrates a quick way to create a rich, data-centric web application. We use several key technologies to remove tedious boilerplate code both from the server side and the client side: JPA, JAX-RS, and Dojo. In many cases we make use of default conventions to further reduce the amount of code needed to create your web application.

The result is a very modern web application created with minimal code. All of the technologies it uses are extensible and production-quality, so you can confidently expand the sample application (or your own application) for more robust use cases in a straightforward manner. Even better is that there is no lock-in. We use open standards on the server side. You could easily switch out database technologies, for example. We use REST and JSON on the front end, meaning you can use a different UI kit, or you can easily hook up a mobile client.

Familiarity with Java and JavaScript is recommended to get the most out of this article. You will need a Java 1.6 JDK to compile and run the code; JDK 1.6.0_20 was used in this article. You will also need a Java Web container; Apache Tomcat 6.0.14 was used in this article. For data persistence, any database with a JDCB 2.0 compliant driver can be used. To keep things simple, an embedded database, Apache Derby 10.6.1, was used. This article uses the Java API for RESTful Web Services (JAX-RS), with Jersey 1.3 for the JAX-RS implementation. You will also use the Java Persistence API (JPA) with Hibernate 3.5.3 for the implementation. Finally, the Dojo toolkit 1.4 was used..."

Is Ubiquitous Encryption Technology on the Horizon?
Michael Cooney, Layer 8 Blog

Will ubiquitous encryption of important network traffic ever happen? A group of researchers presenting at next month's Usenix Security Symposium will talk about a technology they say could make end-to-end encryption of TCP traffic the default, not the exception.

The group, made of mostly Stanford University researchers, will talk up a TCP extension known as tcpcrypt. Implemented in the transport layer, tcpcrypt protects legacy applications and provides backwards compatibility with legacy TCP stacks and middleboxes, the groups says.

The technology also provides a hook for integration with application-layer authentication, largely obviating the need for applications to encrypt their own network traffic and minimizing the need for duplication of features. Finally, tcpcrypt minimizes the cost of key negotiation on servers; a server using tcpcrypt can accept connections at 36 times the rate achieved using SSL...

The group says that by using what it calls the asymmetry of common public key ciphers, it is possible for a server to accept and service around 20,000 tcpcrypt connections per second without session caching. Even higher rates are possible with caching. Data transfer rates are not an issue either; encryption and integrity protection can be done at several gigabits p/sec without hardware support on 2008-era hardware..."

GE Healthcare ePrescribing Solution Approved In Ohio
Nicole Lewis, InformationWeek

"The Centricity electronic medical record Advanced ePrescribing solution that uses biometrics to authenticate physicians ordering patient medications has been approved by the Ohio Pharmacy Board.

GE executives said the technology met Ohio's stringent ePrescribing requirements by successfully integrating biometrics technology into its Centricity Electronic Medical Record solution. By adding an external scanner, the technology calls for physicians to identify themselves by providing their fingerprint before ordering a patient's prescription...

'When we first set the module up, each clinician with access to it places a finger on an external keypad. The fingerprint is scanned and stored. Each time that clinician orders a medication for a patient, he or she must scan that same finger again. If the prints match, the order goes through'...

As the healthcare industry becomes increasingly concerned about medical fraud, GE executives predict that many states will replicate Ohio's pharmacy law. The Centricity EMR's Advanced ePrescribing solution provides an extra layer of authentication and documentation required by the Ohio law and which helps prevent forgery..."

Nokia Donates Java Runtime to Symbian Foundation
John K. Waters, Application Development Trends

"In an effort to make it easier for Java developers to build applications for its Symbian-based mobile devices, Nokia is contributing the 2.1 version of its Java Runtime implementation to the open source Symbian Foundation.

The newly open sourced Mobile Runtime for Java Applications (JRT) is comprised of a set of Java APIs designed to enable the hosting -- installing, managing, running and debugging—of Java applications. It also provides information about installed applications and the runtime itself

The overall JRT contribution includes a million lines of Java and C++ source code that comprises the runtime, application installer, API libraries, test cases, and documentation.

This version of the JRT also includes an implementation of the 1.0.3 version of eSWT user interface API from the Eclipse Embedded Rich Client Platform (eRCP) project, which extends the Eclipse RCP to embedded devices..."


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: