- Bibliographic Information
- Summary of Technology Specifications
- About Open Formats
- Principal References
Update 2007-07-03: In June 2007 the Massachusetts ITD issued a new major release of the Enterprise Technical Reference Model. ETRM Version 4.0 identifies four specification changes in the "Summary of Technology Specifications" table. Newly added specifications include "WS-I Basic Security Profile v1.0" and "Ecma 376: Office Open XML Formats (Open XML)". Specification updates are listed for OpenDocument v1.1 and XPath v2.0. A new Management Domain document covers Web Services and Systems. See the news story "Major Revision of Massachusetts Enterprise Technical Reference Model (ETRM)."
Update 2005-09-26: In September 2005, the Commonwealth of Massachusetts announced publication of the ETRM final version 3.5, which became effective on September 21, 2005. ETRM defines "open formats" as specifications for data file formats that are based on an underlying open standard, developed by an open community, affirmed and maintained by a standards body, and are fully documented and publicly available. ETRM declares OASIS OpenDocument, plain text, and HTML v4.01 as approved open formats. See the news story "Massachusetts Supports OASIS OpenDocument in Final Reference Model V3.5."
[March 25, 2005] The Commonwealth of Massachusetts has released a review draft Version 3.0 for its Enterprise Technical Reference Model (ETRM). The document "introduces Disciplines, Technology Areas, and Technology Specifications for the Information, Application, Integration and Security Domains. The authors invite comment on the review draft by April 1, 2005.
The design goal is that ETRM "will result in a Service Oriented Architecture for the Commonwealth that uses open standards solutions where appropriate to construct and deliver online government services. Agencies are expected to migrate towards compliance with the ETRM as they consider new information technology investments or make major enhancements/replacement to existing systems."
Rationale for the ETRM is provided in a 'Roadmap' statement: "The Commonwealth is transitioning from siloed, application centric and agency centric information technology investments to an enterprise approach where applications are designed to be flexible, to take advantage of shared and reusable components, to facilitate the sharing and reuse of data where appropriate and to make the best use of the technology infrastructure that is available. The technology specifications and standards detailed in this document are required to achieve the desired target state of a Service Oriented Architecture. These specifications and standards are required for all new IT investments."
The ETRM framework "borrows from the National Association of State Chief Information Officers (NASCIO) Enterprise Architecture Tool Kit as well as the work done by the federal government's Federal Enterprise Architecture Program.
The model is developed in terms of a hierarchy of components: (1) Domains are logical groupings of Disciplines that form the main building blocks within the technical architecture; (2) Disciplines: are logical functional areas addressed within each domain as part of the architecture documentation; (3) Technology Areas are technical topics that are relevant to each Discipline; (4) Technology Specifications are sets of product standards, protocols, specifications or configurations associated with each Technology Area. Version 3.0 also includes a conceptual architecture diagram that provides a high-level visual representation of the Service Oriented Architecture (SOA).
The Information Domain is of particular interest, as it addresses standards and guidelines for Data Interoperability, Data Management, Data Formats, and Records Management. "To help the Commonwealth achieve the enormous benefits of information and service reuse, the Information Domain emphasizes standards for data interoperability among diverse internal and external platforms and applications. By promoting the ubiquitous use of XML standards, the ETRM specifications insure that all new development initiatives result in interoperable services that can be reused across the enterprise, as well as with external business partners and governments where appropriate."
The Information Domain identifies use of the Global JXDM (sponsored by the Federal Government's OJP) as a key specification: "Initiatives such as Homeland Security rely upon all parties adhering to Community of Interest XML specifications, defined by open standards bodies comprised of representatives from Government, Business and Technology Communities." Relevant standards organizations named in the Information Domain document include IETF, ISO, OASIS, W3C, and WS-Interoperability (WS-I).
The principle of openness is featured prominently in the Information Domain's definition of open formats: "The Commonwealth defines open formats as specifications for data file formats based on an underlying open standard, developed by an open community, and affirmed by a standards body; or de facto format standards controlled by other entities that are fully documented and available for public use under perpetual, royalty-free, and nondiscriminatory terms. While data files formats that meet the open formats definition above are considered acceptable by the Commonwealth, it is our intent to move to open formats that are based on an underlying open standard, developed by an open community, and affirmed by a standards body as soon as they are ratified."
The draft document envisions that specifications incorporated into the model should be readily accessible in a reference location: "Given the level of complexity of integration projects, especially with multiple developers and teams collaborating on the development of services, data models should be explicitly visible to all architects, developers, and project managers as a coherent set of XML schemas, in a Commonwealth Registry, and service development should be driven by those schemas."
Introduction. "The Enterprise Technical Reference Model (ETRM) provides an architectural framework used to identify the standards, specifications and technologies1 that support the Commonwealth's computing environment. The ETRM uses the concepts of Domains, Disciplines, Technology Areas and Technology Specifications to define the enterprise architecture."
Access and Delivery Domain. "The Access and Delivery Domain addresses how information, transactions and services are delivered to and accessed by the Commonwealth's constituents and business partners. The manner in which government information, transactions and services are delivered constitutes the public face of the Commonwealth. Accuracy, timeliness and efficiency are as important as consistent look and feel, ease of navigation and accessibility. The majority of government information, services and transactions can be accessed through web technologies using a variety of access mechanisms such as web browsers, Personal Digital Assistants (PDAs), cell phones, and interactive voice response systems. Information, services and transactions are available to government's constituents and business partners at the time and location most convenient to them..."
Information Domain. "A process-independent, enterprise view of government information enables data sharing where appropriate within the bounds of security and privacy considerations. Service oriented architectures promote information and service reuse through open standards. nitiatives such as Homeland Security rely upon all parties adhering to Community of Interest XML specifications, defined by open standards bodies comprised of representatives from Government, Business and Technology Communities. Open formats for data files ensure that government records remain independent of underlying systems and applications thereby preserving their accessibility over very long periods of time..."
Application Domain. "The Application Domain defines how service oriented applications are designed and developed. The Application Domain identifies open standards to facilitate rapid service oriented development, integration and implementation of new applications and business processes. In addition to having well-defined SOA governance processes that identify and maintain high-quality service components, it is essential to have a standards-based service oriented development model (SODA), and development methodology that enables reuse of these components..."
Integration Domain. "The Integration Domain addresses how information, transactions, security, systems management and Business Services are integrated across intra-enterprise entities, e.g. agencies, as well as extra-enterprise entities, e.g. business partners. The vision is to create an enterprise messaging environment based on open standards that facilitates trusted and timely communications between Business Services. This environment is a fundamental building block of the Commonwealth's SOA..."
Security Domain. "The Security Domain addresses the approach, methodology and technology components necessary to provide the appropriate level of protection for the information assets of the Commonwealth, its constituents and business partners. Security is a crosscutting component of the architecture that impacts every other Domain. Although security requirements exist across all computing models, e.g. client/server and Web Services, the application of these security requirements on Web Services is different. For example, since SOAP messages can move across multiple legs of a communication link, a transport-centric authentication technique (such as SSL) is insufficient to assure data integrity and confidentially across the multiple "hops". The security context is lost as SOAP messages are routed between end-points..."
The Introduction to ETRM version 3.0 provides a tabular "Summary of Domains, Disciplines, and Technology Areas" and "Summary of Technology Specifications", adapted here:
The Access and Delivery Domain has disciplines Access Channels, Delivery Channels, and Content Transport, covering these Technology Areas: Web Browsers, Personal Digital Assistant (PDA), Wireless, Interactive Voice Response (IVR), Enterprise Portal, Executive Office Sub Portals & Agency Websites, Formats, Protocols.
- Web Browsers: Must support 128 bit encryption and X.509 v.3 digital certificates
- Enterprise Portal: [no spec listed]
- Executive Office Sub Portals & Agency Websites
- Java Specification Request (JSR) 168 for J2EE based applications
- C# Portlets for .Net based applications
- Web Services for Remote Portal (WSRP) v 1.0 for web services
- Hypertext Markup Language (HTML) v. 4.01
- Extensible Markup Language (XML) v. 1.0 (Third Edition) or v 1.1 when necessary
- Hypertext Transfer Protocol (HTTP)/1.1
- Secure Hypertext Transfer Protocol (HTTPS) - SSL, minimum 128 bit key length
- Simple Object Transfer Protocol (SOAP) v. 1.2
The Information Domain has disciplines Data Interoperability, Data Management, Data Formats, and Records Management, covering these Technology Areas: XML Specifications, Community of Interest XML, Metadata, Document Formats, Records Formats, Records Metadata, Archiving.
- XML Specifications
- Extensible Markup Language (XML) v. 1.0
- XML Schema Part 1: Structures and XML Schema Part 2: Datatypes
- Extensible Stylesheet Language (XSL) v. 1.0
- XML Query Language (XQUERY) 1.0
- Community of Interest XML: Global Justice XML Data Model (Global JXDM) v. 3.0.2
- Metadata: Web Service Description Language (WSDL) v. 1.1
- Open Formats
- Rich Text Format v. 1.7 (.rtf)
- Plain Text Format (.txt)
- Hypertext Document Format (.htm)
- Portable Document Format (.pdf) - Reference version 1.5
- Open Document Format for Office Applications (OpenDocument)
- MS Office XML Document Formats
- XML Specifications
The Application Domain has a Design and Development discipline with Development Model Development Methodology as a Technology Area.
- Development Model: Interoperability Basic Profile (WS-I Basic Profile) v. 1.0
- Development Methodology: Unified Process (UP)
The Integration Domain has disciplines Registry Services and Enterprise Service Bus, covering these Technology Areas: Web Service Registry, Messaging Services, Transformation Services, Orchestration Services, Choreography Services.
- Web Service Registry: Universal Description, Discovery and Integration (UDDI) v. 2.0
- Messaging Services
- Java Messaging Service (JMS) v. 1.1
- Simple Object Access Protocol (SOAP) v 1.1
The Security Domain has disciplines Identity Management and Web Service Security, covering these Technology Areas: Identity Repository, Identity Assertion, Authentication, Encryption, Message Header.
- Identity Repository: Lightweight Directroy Access Protocol (LDAP) v. 3.0
- Identity Assertion: Security Assertion Markup Language (SAML) v. 1.1
- Web Service Authentication: XML Signature
- Encryption: XML Encryption
- Web Service Message Header: WS-Security v. 1.0
A document Informal comments on Open Formats was released on January 15, 2005 by Eric Kriss (Secretary, Administration and Finance, Commonwealth of Massachusetts) as an edited and condensed transcription from the Massachusetts Software Council Annual Meeting. Excerpts:
Exactly a year ago (January 13, 2004) the Commonwealth of Massachusetts launched a new Open Standards policy regarding the planning, development, and implementation of IT systems. These initial 2004 Open Standards began a continuous evolutionary process to better define and understand the issues, not only for those of us in state government, but for the wider vendor community and citizens as well.
We are now ready to extend the concept of Open Standards to the next stage in an informal announcement today. As always, we look forward to your feedback; one of the best assets that we have is the collective brainpower of the software industry in Massachusetts.
We will extend the definition of Open Standards to include what we will be calling Open Formats. Open Standards, as you know, are specifications for systems developed by an open community and affirmed by a standards body. An example is XML, a method of exchanging data.
Open Formats are specifications for data file formats based on an underlying open standard, developed by an open community, and affirmed by a standards body; or de facto format standards controlled by other entities that are fully documented and available for public use under perpetual, royalty-free, and nondiscriminatory terms. An example is TXT text and PDF document files..."
We will increasingly rely on the promulgation of Open Standards for file formats by national and international standards bodies. The Oasis OpenOffice XML format technical community would be one example of that. As we look to the future, we will require full support of Open Formats, as well as already released Open Standards.
We published our initial Open Standards policy, as I indicated, one year ago. The latest version (although we're going to revise the language we use to describe formats) designates TXT, RTF, HTM, PDF and XML - to the extent XML is used to specify a format — as Open Formats.
We have been in a conversation with Microsoft for several months with regard to the patent that they have on, and the license surrounding their use of, XML to define the schema of DOC files in Microsoft Office 2003.
They have made representations to us recently they are planning to modify that license, and we believe, if they do so in the way that we understand that they have spoken about (we will leave it obviously to them to describe exactly what they are going to do), it is our expectation that the next iteration of the Open Format standard will include some Microsoft proprietary formats. These formats, like DOC files, will be deemed to be Open Formats because they will no longer have restrictions on their use..."
In connection with the "conversation" between Microsoft and the Commonwealth of Massachusetts, a document of December 3, 2003 (updated January 27, 2005 or later) was issued to "expand upon the rights that Microsoft grants to certain Microsoft Office 2003 XML schemas. As described in this document, the technical specifications for the schemas include rights under copyright to make reproductions and to display and distribute those reproductions, subject to certain terms and conditions. The purpose of this document is to provide a patent license to individuals and organizations interested in implementing software programs that can read and write files that conform to such specifications..."
The situation is not helped by the additional clarification which indicates that public records as qualifying "government documents" may be read by end users without violating the Microsoft patent license: "By way of clarification of the foregoing, given the unique role of government institutions, end users will not violate this license by merely reading government documents that constitute files that comply with the Microsoft specifications for the Office Schemas, or by using (solely for the purpose of reading such files) any software that enables them to do so. The term 'government documents' includes public records." Hmmm... what about non-government institutions that play no such "unique role," and what about "merely reading" other kinds of documents other than "government documents"?
- Enterprise Technical Reference Model Version 3.0. Draft for Public Review.
- Access and Delivery Domain
- Information Domain
- Application Domain
- Integration Domain
- Security Domain
- Informal comments on Open Formats
- Comments: send feedback on the review draft to Standards@state.ma.us by April 1, 2005.
- Information Technology Division (ITD)
- NASCIO National Association of State Chief Information Officers (NASCIO) "represents state chief information officers and information resource executives and managers from the 50 states, six U. S. territories, and the District of Columbia. State members are senior officials from any of the three branches of state government who have executive-level and statewide responsibility for information resource management."
- [Microsoft] Office 2003 XML Reference Schema Patent License
- "Patents and Open Standards" - Main reference page.
- "Open Standards" - Main reference page.