The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors
NEWS
Cover Stories
Articles & Papers
Press Releases
CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG
TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps
EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Last modified: March 29, 2004
XML Industry News: 2004 Q1

XML News

This XML Industry News section consists mainly of links to company press releases announcing support for XML/XSL/XLink/XQuery etc. Other documents with reference collections:

Major articles on XML in the trade magazines, as well as the more substantive refereed articles on XML in technical publications, are listed in the dedicated database sections: Current XML Surveys and Overview Articles

Search: [Indexed Search]

  • [March 31, 2004] "OASIS WSRP Interop Demo Showcases New Portal Standard for Aggregating Content. BEA, Citrix, Gluecode, IBM, Oracle, Plumtree, and Others Demonstrate Web Services for Remote Portlets OASIS Standard at Delphi Enterprise On-Demand Summit." - "Seven vendors collaborated to showcase interoperability of the recently approved OASIS Standard, Web Services for Remote Portlets (WSRP), at today's Delphi Group Enterprise On-Demand Summit. Members of the OASIS WSRP Technical Committee demonstrated the use of WSRP to enable user-driven integration, by aggregating content from various sources and across multiple platforms. Together, they showed how portlets can be reused on portals via WSRP rather than requiring each portal to separately install a complete set of portlets. WSRP maximizes both control and availability for the portlet hosting site while minimizing costs for the remote portal sites. 'With WSRP, users browse through libraries of content and information resources, bringing them into portals and other applications through 'plug-and-play' integration,' explained Nathaniel Palmer, analyst for the Delphi Group. 'The WSRP OASIS Standard offers the opportunity to greatly reduce the cost of integration, without jeopardizing the integrity of information and content repositories.' In the OASIS WSRP Interop Demo, content from portlets running on five different platforms, including .NET, was aggregated and interacted with in a manner equal to that of locally hosted portlets. BEA, IBM, Oracle, and Plumtree provided test implementations of a WSRP Consumer within their portal servers. 'Without WSRP, this would require manual coding of integration points between portal vendors,' noted Rich Thompson of IBM, chair of the OASIS WSRP Technical Committee. 'With WSRP, portlet repositories continue to be maintained by the appropriate administrators, but the resources they provide are accessible to non-technical business users'..." General references: "Web Services for Remote Portals (WSRP)."

  • [March 29, 2004] "ISO Approves ebXML OASIS Standards. ebXML Suite of Technical Specifications Promises to Cut Costs and Simplify Processes for e-Business." - "The International Standards Organization (IS0) has approved a suite of four ebXML OASIS Standards that enable enterprises in any industry, of any size, anywhere in the world to conduct business over the Internet. The submissions from OASIS will be published as ISO technical specifications, ISO/TS 15000. The new ISO 15000 designation, under the general title, Electronic business eXtensible mark-up language, includes four parts, each corresponding to one of ebXML's modular suite of standards: [1] ISO 15000-1: ebXML Collaborative Partner Profile Agreement; [2] ISO 15000-2: ebXML Messaging Service Specification; [3] ISO 15000-3: ebXML Registry Information Model; [4] ISO 15000-4: ebXML Registry Services Specification. Until now, the technology available for most businesses to exchange data was electronic data interchange (EDI), which made significant contributions to productivity and inventory control. Many companies, however, find EDI expensive and difficult to implement. The ebXML initiative, using the economies of scale presented by the Internet, breaks through these obstacles. ebXML provides companies with a standard method to exchange business messages, conduct trading relationships, communicate data in common terms and define and register business processes. It aims to make it easier for organizations to interface with others within and outside their industry, open up new markets with less effort than before and, at the same time, cut costs and simplify process associated with traditional document exchange. 'ISO/TS 15000 underscores the importance of partnership between ISO and standards-developing organizations as OASIS to craft a common set of standards and reflects the international community's recognition of the importance of ebXML in enabling electronic business,' said Alan Bryden, ISO Secretary-General. 'We applaud the developers of ebXML within OASIS and the United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT) for their contributions to open trade data interchange and harmonization.' 'ISO approval is a gratifying endorsement of both ebXML and the OASIS open standards process,' noted Patrick Gannon, president and CEO of OASIS. 'ISO designation makes the already widely adopted ebXML standards even more accessible to adopters —particularly those implementing business solutions for governments — who look to ISO for assurance of long term viability.' John Borras, Director Technology Policy, U.K. Office of the e-Envoy, characterized the ISO approval as 'a milestone for domestic and international electronic trade. Government agencies, users, and trade organizations can specify ebXML compliance with even greater confidence.' ISO/TS 15000 was approved by ISO technical committee ISO/TC 154, Processes, data elements and documents in commerce, industry and administration..." General references in "Electronic Business XML Initiative (ebXML)."

  • [March 23, 2004] "XyEnterprise Announces Support for XSL-FO and a Web-Based Style Editor for XML Professional Publisher. New Offerings, Enhancements Create Significant Advantages for Standards-Based Publishing." - "XyEnterprise, the leading developer of XML content management and enterprise publishing software, announced today a new style creation tool and support for XSL-FO in its leading XML publishing software — XML Professional Publisher (XPP). XPP is used for automated and interactive publishing in XML publishing environments, providing unmatched support for XML content, automated rendering, and Web Services integration. The new features will enable customers to enjoy further productivity gains and standards support from the world's leading automated publishing engine. XSL-FO, a recommendation from the World Wide Web Consortium (W3C), is a standard way to describe rules for formatting XML content. XPP will apply an XSL stylesheet to an XML instance, and use this information to render XML content to Postscript or PDF output. Users will have access to the robust and unmatched publishing capabilities of XPP that supplement the XSL-FO standard, including the ability to interactively edit the formatted file, control the placement of graphics, and apply sophisticated controls for page and column balancing, hyphenation and justification, and complex tabular formatting... The new style creation and management interface, based on XPP's Web Services layer, presents a browser-based look and feel for creating and managing style information. The interface simplifies the selection of style choices and enhances the ability to use, modify, and apply styles. The Style Editor enables users to access style information in an intuitive point-and-click fashion, use existing styles as a basis for new styles, and re-use style settings across many XML documents. Because this is a Web Services interface, customers can configure or customize which features and functionality related to style management and publishing can be accessed by end users. This will reduce learning curves and enable more users to access the power and productivity offered by XPP. Mark Walter, Senior Analyst for the Seybold Consulting Group, stated: 'This new functionality advances the state of the art in standards-based publishing in two ways. First, it combines the capability to handle XML documents — from simple statements through complex typeset materials — with the proven publishing capabilities of XPP. Second, it embraces the services-oriented architecture that both corporate and commercial publishers are adopting. The XyEnterprise Style Editor exposes the rich functionality of the XPP composition engine to a broader base of users in the enterprise without compromising a graphic services department's ability to configure and control the implementation'..." See: (1) "XSL/XSLT Software Support"; (2) "Extensible Stylesheet Language (XSL/XSLT)."

  • [March 18, 2004] "Intel Joins the Liberty Alliance Project. Membership Underscores Intel's Commitment to Advance Open Standards Development." - "The Liberty Alliance Project today announced that Intel Corporation has joined the global consortium developing an open federated identity standard and business tools for implementing identity-based services, as both a sponsor member and participating company on the Alliance's Management Board. As a Liberty Alliance member, Intel will continue its efforts towards the evolution of additional devices that can take advantage of Liberty Alliance compliant infrastructure and services. Liberty's federated approach to identity management provides a standards-based foundation for identity networks and services. By identity-enabling systems and services, companies can increase security, create new efficiencies to cut internal IT costs, enable new business opportunities and make Web services more privacy friendly. Identities play a large role in the convergence between computing and communications, which is an evolution Intel has been driving for many years. Intel has worked hard to advance basic building blocks both at the silicon level as well as at the platform hardware/software level. Joining Liberty Alliance will help Intel continue to advance the development of identity standards that will become one of the basic building blocks for emerging computing and communications usage models. 'Authentication and identity management are critical to the success of new computer and communications usages,' said Colin Evans, Director System Software, Corporate Technology Group, Intel. 'Liberty Alliance brings together an exciting array of companies from many industries to define these standards and we are looking forward to working with our customers and member companies to make implementation a reality across all the hardware platforms we provide.' In addition, as the newest member on the Management Board, Intel is one of 15 companies responsible for overall governance and operations of the Liberty Alliance. This new membership status will allow Intel the opportunity to work with the Liberty Alliance membership to assist in the creation and recommendation of future specifications and business tools in the area of federated identity..." General references in "Liberty Alliance Specifications for Federated Network Identification and Authorization."

  • [March 17, 2004] "WS-I Completes Basic Profile 1.0 Deliverables with Availability of Testing Tools. Basic Profile 1.0 Testing Tools Assess Compliance. WS-I Now Sets Sights on Interoperability for Web Services Security." - "The Web Services Interoperability Organization ('WS-I') today announced the general availability of its testing tools for the assessment of Web services' interoperability with the WS-I Basic Profile. Final versions of the Web Service Communication Monitor and the Web Service Profile Analyzer are now available on the WS-I website... With C# and Java tools implementations available there is a version for every Web services platform. The news was announced at the WS-I Spring Community Meeting taking place this week in Vancouver... The Web Service Communication Monitor ('Monitor') captures messages exchanged with Web services, and stores these messages for analysis by the second tool, the Web Service Profile Analyzer ('Analyzer'). The Analyzer evaluates messages captured by the Monitor, and also validates the description and registration artifacts of the Web service. These artifacts include the WSDL document(s) that describes the Web service, the XML schema files that describe the data types used in the WSDL service definition, and the UDDI registration entries. More than 300 test cases have been written and automated for the Analyzer tool. Each test case exercises between 50 and 90 test procedures. The output from the Analyzer is a report that indicates whether or not a Web service meets the interoperability guidelines of the WS-I Basic Profile. The report provides details on the specific deviations and failures, so that users know which requirements of the WS-I Basic Profile were not met... Having completed the WS-I Basic Profile 1.0 deliverables, WS-I is currently working to develop interoperability guidelines to address attachments and Web services security. In December, WS-I published drafts of the Basic Profile 1.1, Simple SOAP Binding Profile 1.0 and the Attachments Profile 1.0 for public review. In addition, the Basic Security Profile Working Group expects to publish a draft of the Basic Security Profile early next quarter. The Basic Security Profile will profile the OASIS WS-Security specification and its associated normatively referenced specifications. Last month, WS-I announced the availability of the first Security Scenarios Working Group Draft for public review. This document outlines security risks in building interoperable Web services and countermeasures for these risks..." See details in the news story: "WS-I Releases Final Testing Tools Package for Basic Profile 1.0 Compliance." General references in "Web Services Interoperability Organization (WS-I)."

  • [March 16, 2004] "World Wide Web Consortium Issues VoiceXML 2.0 and Speech Recognition Grammar as W3C Recommendations. Critical Components of the W3C Speech Interface Framework Now Complete." - "Giving voice to the Web, the World Wide Web Consortium (W3C) has published VoiceXML 2.0 and Speech Recognition Grammar Specification (SRGS) as W3C Recommendations. The goal of VoiceXML 2.0 is to bring the advantages of Web-based development and content delivery to interactive voice response applications. SRGS is key to VoiceXML's support for speech recognition, and is used by developers to describe end-users responses to spoken prompts. Today's announcement marks the advancement to Recommendation status of the first two specifications in W3C's Speech Interface Framework. Aimed at the world's estimated two billion fixed line and mobile phones, W3C's Speech Interface Framework will allow an unprecedented number of people to use any telephone to interact with appropriately designed Web-based services via key pads, spoken commands, listening to pre-recorded speech, synthetic speech and music... In the W3C Speech Interface Framework, VoiceXML controls how the application interacts with the user, while the Speech Synthesis Markup Language (SSML) is used for spoken prompts and the Speech Recognition Grammar Specification (SRGS) for guiding the speech recognizers via grammars that describe the expected user responses. Other specifications in the Framework include Voice Browser Call Control (CCXML), which provides telephony call control support for VoiceXML and other dialog systems, and Semantic Interpretation for Speech Recognition, which defines how speech grammars bind to application semantics... The Speech Recognition Grammar Specification — SRGS — allows applications to specify the words and phrases that users are prompted to speak. This enables robust speaker independent recognition. SRGS covers both speech and DTMF input. DTMF input is valuable in noisy conditions or when the social context makes it awkward to speak. Speech recognizers are generally able to report the degree of confidence — that is, the likelihood of having correctly recognized the word or phrase — and may provide the most likely alternatives when the recognizer is uncertain as to which of them the user actually said..." See details in the news story: "VoiceXML 2.0 and Speech Recognition Grammar Published as W3C Recommendations." General references in "VoiceXML Forum."

  • [March 16, 2004] "Bowstreet Introduces Portlet Factory. Provides Compatibility with All JSR 168 Compliant Portals. Launches JSR 168 Validation Program with Industry Leaders." - "Bowstreet, a leading provider of development tools for adaptive Java 2, Enterprise Edition (J2EE) platform applications, announced the release of Bowstreet Portlet Factory version 5.8, compatible with all portal platforms that adhere to the JSR 168 standard. Bowstreet Portlet Factory version 5.8, introduced at DCI's Portals, Collaboration & Content Management Conference underway this week in San Francisco, enables the rapid creation of JSR 168 compliant portlets. JSR 168 was developed through the Java Community Process (JCP), the community-based process that designs and revises Java technology specifications, reference implementations, and technology compatibility kits. It is a standard that ensures a single way to design, build, test, package, and maintain portlets and thereby make those portlets available across a wide range of portals. In addition to launching Bowstreet Portlet Factory, the company also formed the Bowstreet JSR 168 validation program. Through this program, Bowstreet Portlet Factory will undergo validation with all program members' portals. To date, program members include Sun, Plumtree, and IBM. 'Sun's customers are starting to stretch their portal boundaries, looking for new ways to access and process information from their many back-end systems, and present it in a relevant, user-friendly way,' said Stuart Wells, vice president of market development, Sun Microsystems. 'Bowstreet Portlet Factory will help customers transform their portals, giving them a rich, user-adaptive portal experience in a fraction of the development time. Also, by supporting the JSR 168 and J2EE standards, Bowstreet is helping its customers broaden the reach and usefulness of the portlets they build.' 'Our Radical Openness product strategy is a long-term commitment to ensure that our solution is interoperable with customers' existing technologies,' said Glenn Kelman, vice president of product management and marketing, Plumtree. 'Supporting Bowstreet in its JSR 168 portlet validation initiative, together with other activities such as launching the Portlet Open Source Trading Site with Documentum and BEA last November, is part of our effort to ensure our software works with the widest range of platforms and tools in the industry.' Bowstreet simultaneously released version 5.8 of Portlet Factory for WebSphere, which provides direct, deep integration with IBM's WebSphere Portal APIs, in addition to integration through JSR 168. 'IBM continues to take a leadership role in defining and adopting standards, like JSR 168,' said Bill Swatling, product manager, WebSphere Portal, IBM. 'Bowstreet Portlet Factory's support of JSR 168 will give our customers an additional, standards-compliant tool they can use to develop and deploy portlets on WebSphere Portal.' 'Bowstreet's customers have realized significant benefits with our portlet development tools in terms of time and cost savings. We are now able to offer the same powerful development tools and solid value proposition to all standards-compliant portal users,' said Michael George, president and CEO, Bowstreet. 'In the next few weeks, we will be announcing new customers that have already selected Portlet Factory to develop and deploy portlets on a variety of portal platforms'..." See also references in See also "Portlet Open Source Trading (POST) Site for JSR 168 and WSRP Portlets."

  • [March 15, 2004] "Global eXchange Services Provides Philippines Bureau of Customs With Automated Customs Clearance Solution. RosettaNet Solution to Reduce Clearance Cycle Times and Transaction Costs." - "Global eXchange Services, Inc. today announced its selection to provide a RosettaNet-based automated customs clearance solution to the Philippines Bureau of Customs in Manila. The pilot implementation and connectivity testing are already underway, with the production system planned to go live in early 2004. The RosettaNet eCustoms Declaration Milestone Program initiative is focused on improving cycle time associated with customs clearance, including the generation and processing of shipping information required to move products through the customs process. RosettaNet's Partner Interface Process (PIP) Shipping Documentation 3B18 enables high-tech industry manufacturers, along with their freight forwarders and customs brokers, to send secure, RosettaNet Internet-based customs transactions directly to the Bureau of Customs' Automated Customs Operating System (ACOS), reducing both clearance cycle times and transaction costs. 'We are pleased to provide our customers with logistics solutions that reduce costs and improve the efficiency of global value chains. The Philippines eCustoms implementation is another example of RosettaNet solutions from Global eXchange Services that enable lower cost trading community integration for partners participating in the high-tech value chain,' said Ben Wong, Global eXchange Services' vice president of Asia-Pacific. Following a successful Malaysia implementation, the RosettaNet Philippines pilot involves movement of goods between Intel and Amkor Anam, with Exel Logistics providing freight forwarder and customs brokerage services. RosettaNet Philippines managing director Lito Zulaybar cited the progress in the RosettaNet eCustoms Program implementation as a major industry breakthrough with significant results being achieved in less than 12 months. 'The ability to facilitate trade, while reducing cycle times and costs, on both local and global levels, is a true indicator of RosettaNet's benefit to the industry,' said SY Foong, RosettaNet vice president of Asia. 'By further automating and standardizing the customs declaration process, companies will have the ability to conduct business through countless ports of entry and exit, in any country, with a single customs declaration form'..." See also: (1) "RosettaNet"; (2) RosettaNet PIPs; (3) "Uniform Code Council (UCC) XML Program."

  • [March 10, 2004] "AT&T WebService Connect Simplifies Integration Across the Networked Enterprise. Thomson Financial Sets New Standard in Financial Services Industry With Adoption of Innovative Service." - "AT&T today introduced an Internet-based business services network that dramatically reduces the cost, risk and complexity of integrating the networked enterprise across suppliers, partners and customers, enabling true interoperability and collaboration. AT&T WebService Connect leverages the ubiquity of the Web to help companies and government agencies easily and securely connect, create, share and manage business processes and applications with their suppliers and customers. The service creates an environment or platform, called a service-oriented architecture, where applications can be developed by enterprises or third parties, incorporated into a business process, and then shared on demand across the extended enterprise... AT&T WebService Connect is a comprehensive solution that delivers a fully secure, managed platform for businesses to share their critical services and information with partners and customers to drive additional revenue and efficiencies in their businesses. Because the service is based on open standards, companies can easily and securely share information, regardless of the diverse systems and applications used by their suppliers and customers... Thomson Financial, an operating unit of The Thomson Corporation and leading provider of information and technology solutions to the worldwide financial community, is one of the first customers of the new AT&T service... Point-to-Point connections only work for a small set of isolated relationships. Once the number of relationships and interconnections increases, this approach quickly becomes exponentially more complex, and ongoing changes become inflexible. Industry-specific communities sometimes provide limited ability to reach outside the boundaries of a specific industry. In some cases, a large percentage of customers are not part of the pre-defined industry. AT&T WebService Connect delivers an end-to-end, integration solution based on the award-winning business services network from San Francisco-based Grand Central Communications. By subscribing to the AT&T service, businesses benefit from a solution based on open standards, which lowers the total cost of ownership and allows them to communicate with all their partners and customers, regardless of their technical infrastructure. The Web-based business services network provides a framework for companies to rapidly and flexibly establish trusted connections with their diverse business units, partners and customers, without adding infrastructure. Connectivity to the network can be established with any application supporting Internet communications via the Simple Object Access Protocol (SOAP), version 1.1, the File Transfer Protocol (FTP), and the Electronic Data Interchange-Internet Integration (EDIINT) AS2 protocol. In addition, the service provides Web service gateways for exchanging data via additional Internet protocols, including Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP). No particular brand of software is required to connect an application with the network as long as the application employs one of the supported open communication standards..."

  • [March 08, 2004] "Adobe Launches Public Beta of New XML/PDF Form Design Software. Adobe Designer Delivers Powerful Capabilities for Easy Creation and Deployment of Intelligent Documents in PDF." - "Adobe Systems Incorporated today announced the public beta availability of Adobe Designer, a new point-and-click graphical XML form design tool for designing and deploying intelligent forms in Adobe PDF or HTML. The software enables organizations to build solutions using Adobe document services for automating form-based workflows and accelerating access to business-critical information. 'Adobe Designer supports organizations as they migrate to Web services and XML,' said Robert Glushko, Ph.D., with the School of Information Management and Systems, University of California, Berkeley. 'Creating new data connections with XML is straightforward and intuitive because the software lets you drag and drop form elements based on an XML schema. With Designer, even relatively novice users can create interactive, professional quality forms and connect them to backend systems.' Adobe Designer is part of Adobe's Intelligent Document Platform for generating, collaborating, processing and securing intelligent documents in the enterprise. The software provides all the capabilities needed to design forms with precision, including the ability to import information from existing formats, and define business logic on the form template. Developers can easily integrate form data with core enterprise systems via XML, OLEDB and web services. Additionally, Adobe Designer allows users to design forms that can be used with digital signature technologies for facilitating secure electronic transactions. The software is a desktop design tool that creates XML form templates for publishing to multiple formats, or users can import and add intelligence to existing form templates from PDF or Microsoft Word. Adobe Designer forms dynamically resize according to data input and only present the relevant form fields to the end user based on that input. For example, a single person applying for a mortgage will only be presented with form fields relevant to his or her status. These intelligent forms are accessed via a web browser, Adobe Acrobat or the ubiquitous Adobe Reader. 'To fully realize their investment in enterprise applications, organizations must extend the reach of these applications with processes that enable the secure capture, exchange and track information,' said Ivan Koon, senior vice president of the Intelligent Document Business Unit at Adobe. 'To meet these challenges, Adobe Designer offers a dynamic interface to end users that utilizes XML to create flexible, intelligent documents, while enabling interactive data capture and business collaboration via PDF for efficient, reliable, secure information exchange.' When combined with other document services from Adobe, the Adobe Designer enables organizations to extend core systems and automate business processes easily with internal and external users. From internal forms such as expense reports and purchase requisitions, to external forms such as applications and claims, Adobe's solutions enable enterprises to harness the power of PDF and XML for integrating intelligent documents into the IT environment..."

  • [March 08, 2004] "New Teros Gateway Provides Production-Ready Protection for Safe Deployment of Web Services Teros Secure Application Gateway Unifies XML and HTML Security to Protect Against Application Attack and Misuse." - "Teros, the company that secures web infrastructures from application-level attacks, today announced a new version of its award-winning Teros Secure Application Gateway that delivers learning-based XML attack protection for safely deploying web services today. The Teros Gateway is the only appliance that simultaneously protects XML and HTML applications, while preventing the disclosure of private data that can lead to identity theft. This integrated protection eliminates the need to deploy and manage a separate security infrastructure to protect new or existing web services applications. These new XML security capabilities are available at no additional cost on all Teros Gateways. 'Traditional security infrastructures were not designed, and as such are unable, to adequately protect web services from attack,' said Ray Wagner, research director, information security strategies at research firm Gartner. 'Many enterprises are deploying web services alongside traditional web applications. Integrated products that enforce security policies across both types of applications hold the potential to reduce capital expenditures and deliver more consistent security.' Web services are vulnerable to many of the same threats as HTML applications, including buffer overflows, SQL injection, and denial of service attacks, and are even more attractive targets for hackers since they often connect directly to mission-critical databases and back office applications. To secure web services and the data they access, the Teros Gateway combines advanced application learning, identity theft protection and application-layer attack defenses... Teros' adaptive learning engine learns the XML messages and data types received by applications with WSDL (Web Services Description Language) interfaces. Once correct behavior is learned, the Teros Gateway recommends constraints on application inputs to prevent attackers from inserting unexpected or malicious data that could compromise the web service. For example, the Teros Gateway will block the submission of a script to a web services port if that interface port is only expecting accounts numbers. By learning correct application behavior and controlling application inputs, the Teros Gateway protects against both known and unknown attacks... For web services applications that handle sensitive data such as credit card numbers, social security numbers and account numbers, the Teros Gateway ensures these data objects are never compromised by an application attack. Teros' family of SAFE modules detects the presence of protected data types in application responses and can remove or mask the information before it is disclosed. This capability is critical for organizations that are planning to broadly expose legacy mainframe or client/server applications to the Internet via web services interfaces..."

  • [March 01, 2004] "Successful SAML V1.1 Interop Lab at RSA2004 Conference." - [Rob Philpott, RSA Security Inc.]: "... some news regarding the SAML interoperability lab we held during the RSA2004 conference. The lab was hosted by RSA and sponsored by the General Services Administration (GSA) of the US government and by Sun Microsystems, who provided 19' LCD monitors for everyone to use... We had eleven vendors participating in the interop. We also had Enspier Technologies participating under contract to GSA. The vendors that participated in the event were Computer Associates, DataPower Technology, Entegrity Solutions, Entrust, Hewlett-Packard, Oblix, OpenNetwork, Ping Identity, RSA Security, Sun Microsystems, and Trustgenix. There were two key goals for the interop. First, we wanted to demonstrate SAML 1.1 interoperability for both Web SSO profiles and for general queries. The other main goal was to show an interoperable implementation of the GSA eGov program's eAuthentication architecture that builds on top of SAML. Also, given that the major change for SAML 1.1 dealt with improving XML DSIG interoperability, we certainly wanted to demonstrate this in the process... All vendors except DataPower implemented the Web SSO use cases, providing both the SAML 1.1 Web SSO Profile and eAuthentication demo scenarios. All of these vendors supported the Browser/Artifact Profile and all but two supported the Browser/POST Profile. Enspier provided a portal that implemented the additional exchanges defined by the eGov program's eAuthentication architecture. Each vendor implemented the AP and RP sides of these exchanges during the lab. The portal was also enhanced to support the generic SAML demo as well. The SAML query use case was demonstrated by DataPower who implemented a simple web services-based demo utilizing SAML 1.1 Attribute Queries to the RSA Attribute Authority... The interop testing proved that the SSTC's goal of producing a quality SAML V1.1 specification that improved interoperability was convincingly achieved. We found no defects in the V1.1 standard..." See: (1) "OASIS SAML Interoperability Event Demonstrates Single Sign-On at RSA Conference"; (2) general references in "Security Assertion Markup Language (SAML)."

  • [February 27, 2004] "Liberty Alliance Delivers Mobile Business Guidelines for Federated Identity Deployments. Liberty's Open Standard Paves the Way for Identity-Based Mobile Services." - "The Liberty Alliance has released its second business guideline document, outlining near-term market opportunities and business requirements for federated identity in the mobile market. The document examines how mobile operators, equipment providers, content and service providers as well as vendors and users can take advantage of the growth and demand for mobile services, and in turn, how Liberty's open standard can enable secure delivery of Web services. 'Federated identity has the potential to bring mobile networks and personalized services to the next level,' said Paola Tonelli, member of the Liberty Alliance management board and senior director of industry advocacy at Vodafone. 'However, federated identity is about more than just technology. The best practices and business guidelines that Liberty is delivering can help companies overcome some of the more complex challenges associated with federated identity deployments, such as privacy and security issues.' The mobile business guidelines, a Tier 2 document in Liberty's evolving library of business guidelines for federated identity deployment, expands on Liberty's Tier 1 overview delivered July 2003. Additional Tier 2 guidelines are in development with expected delivery later this year... Federated identity, which securely links and manages identity information among different systems, offers a number of benefits to the mobile industry: (1) For service providers, it helps authenticate who the user is, what he or she can access, and at the user's request, quickly gather preferences to deliver personalized services. (2) For operators, it provides an open framework for identity data roaming within and across global networks, allowing them to easily deliver revenue-generating services to more customers. (3) For consumers and businesses, it means they have access to valuable low-cost services from any operator while still retaining control of their information. Liberty Alliance enables these and other benefits, and is the only complete federated identity framework being implemented across the mobile ecosystem today. Liberty's global member base collectively represents more than 200 million mobile subscribers, more than half the world's mobile devices, 80% of all SIMs and 55% of the mobile network infrastructure..."

  • [February 25, 2004] "WS-I Publishes Web Services Security Interoperability Guidelines. Security Scenarios Outline Challenges, Threats and Countermeasures." - "Today at the thirteenth annual RSA Conference, the world's leading e-security event, the Web Services Interoperability Organization (WS-I) announced the availability of the first Security Scenarios Working Group Draft for public review. Developed by the WS-I Basic Security Profile Working Group, the Security Scenarios document identifies security challenges and threats in building interoperable Web services and countermeasures for these risks. The news was announced today during a media event at RSA featuring Web services security experts from the WS-I Basic Security Profile Working Group. The Security Scenarios document describes several security challenges, threats and countermeasures in building interoperable Web services, as well as usage scenarios and solutions, including: (1) Challenges: describes several security challenges, including ensuring data integrity, data confidentiality and message uniqueness; (2) Threats: outlines 10 threats on these challenges, such as message alteration, falsified messages, message replay and denial of service attacks; (3) Countermeasures: recommends how technologies like HTTPS and OASIS Web Services Security: SOAP Message Security 1.0 can be used to counter some of these threats; (4) Usage Scenarios and Solutions: describes how these technologies can be used with the Message Exchange Patterns (MEPs) that have been used in WS-I deliverables such as the Basic Profile 1.0 Sample Applications..." See details in the news story: "WS-I Releases Public Working Draft Document on Security Scenarios." General references in "Web Services Interoperability Organization (WS-I)."

  • [February 24, 2004] "DMTF Announces New Working Group for Utility Computing. OASIS, GGF and Industry Leaders Join Forces with DMTF to Further Management Standards for Utility Computing." - "Distributed Management Task Force, Inc. today [2004-02-17] announced the formation of the new Utility Computing Working Group, which will create interoperable and common object models for utility computing services within the DMTF's Common Information Model (CIM). Active participants in the working group include Cisco Systems, EMC, HP, IBM, Oracle Corp., Sun Microsystems Inc. and VERITAS Corporation, with the full support of the DMTF's more than 110 member companies. The DMTF Utility Computing Working Group will operate in close collaboration with other organizations, like the Global Grid Forum (GGF) and the Organization for the Advancement of Structured Information Standards (OASIS) Web Services Distributed Management (WSDM) Technical Committee, to develop standards related to utility computing. The result of this collaboration is to unify the industry on a set of highly functional and extensible management interfaces, enabling multiple vendors to interoperate and fulfill customer requirements for greater management automation. Improved multi-vendor integration will ultimately reduce the costs related to the management of IT resources. 'Management plays a central role in utility computing, and DMTF's CIM is already being used to address this space,' said Todd Guay of Oracle Corp., vice president of technology for the DMTF. 'The new DMTF Utility Computing Working Group will bring together the leaders of the industry to develop further improvements to CIM, meeting IT needs in this important and evolving area.' 'This is an important activity and we are excited to see the DMTF bring this group together, while simultaneously tapping related efforts, such as GGF's Open Grid Services Architecture (OGSA) and several new GGF research groups focused on commercial enterprise Grid application use cases and requirements,' said Charlie Catlett, Senior Fellow at Argonne National Laboratory and Chair of GGF. 'The collaboration will deliver the usability the industry requires, and provide standards that capitalize on existing efforts to deliver the management capabilities that will be essential to creating the tools and frameworks necessary for utility computing.' 'The DMTF is responding to a critical need for usable models and common, interoperable standards for the management industry and now for utility computing,' said Heather Kreger of IBM, co-chair of the OASIS Web Services Distributed Management (WSDM) Technical Committee. 'Collaborating with the OASIS WSDM Technical Committee and other groups on standards development will result in standards that converge to address end-to-end management needs. The OASIS WSDM Technical Committee will be appointing liaisons to the DMTF's Utility Computing Working Group, and we look forward to helping meet the needs of the industry through this effort'..." See: (1) the Working Group charter; (2) general references in "DMTF Common Information Model (CIM)."

  • [February 23, 2004] "Liberty Alliance White Paper Outlines Federated Identity's Ability to Reduce Identity Theft." - "The Liberty Alliance today announced the availability of a white paper calling out the growing problem of identity theft and detailing ways in which federated identity and Liberty's open standard can reduce online identity theft, its frequency and its potential impact on consumers. The white paper, The Liberty Alliance Protocol and Identity Theft White Paper, also presents deployment recommendations for federated identity as a means to further mitigate risks. Identity theft is a widespread and costly problem. Research analyst firm IDC reports that worldwide economic losses due to identity theft could reach $2 trillion by 2005 (April 2003). It's not only costly, it's time-consuming and a productivity drain on the economy. A U.S. Federal Trade Commission survey reports that in 2003 individuals spent an average of 30 hours to deal with their identity theft experience. 'Identity theft is extremely painful to consumers and very costly for businesses,' said Piper Cole, chair of Liberty's public policy expert group and vice president for global public policy at Sun Microsystems. 'It is costing merchants billions a year in charge-back fees and litigation and they are in need of an immediate solution to alleviate the bleed. Liberty's federated identity framework is a part of that solution.' Liberty's federated identity model, which distributes identity information across various trusted parties, is inherently more secure than a centralized model where all information is accessible in one location. If a centralized database is breached, the entire content of that database can be a goldmine for hackers and thieves. In addition to the federation safeguards, Liberty's framework also incorporates unique privacy controls and state-of-the-art security mechanisms to protect users and businesses..." General references in "Liberty Alliance Specifications for Federated Network Identification and Authorization."

  • [February 23, 2004] "Application Security Leaders Announce Support for AVDL OASIS Committee Draft. Cenzic, Citadel, Department of Energy CIAC, GuardedNet, NetContinuum, Qualys, SPI Dynamics, Teros and WhiteHat Among Growing Number of Organizations to Support AVDL." - "Leading application security vendors and organizations Cenzic, Citadel, Department of Energy Computer Incident Advisory Capability (CIAC), GuardedNet, NetContinuum, Qualys, SPI Dynamics, Teros and WhiteHat Security, today announced support for the new Application Vulnerability Description Language (AVDL) developed by the OASIS international standards consortium. Growing vendor adoption of AVDL gives security professionals far more freedom and flexibility in managing application security risk and securing critical resources. AVDL enables application security products from different vendors to easily and rapidly share data about security vulnerabilities. As originally promised, less than one year after its initial proposal, the OASIS AVDL Technical Committee (TC) has completed the 1.0 specification. 'Application vulnerabilities propagate so rapidly today that the old methods of dealing with them no longer suffice,' said John Pescatore, vice president at Gartner. 'New standards like AVDL offer one of the best hopes of breaking this cycle by dramatically reducing the time between the discovery of a new vulnerability and the effective response at enterprise sites.' AVDL addresses the business problem of how companies manage ongoing application security risk on a day-to-day basis. With application vulnerabilities now accounting for 75 percent of all attacks, companies have begun deploying a host of next-generation security tools to find application vulnerabilities, block application-layer attacks, patch systems and manage application security events. AVDL enables end users to take this protection one step further by enabling seamless communication between application security products at all stages of the application lifecycle. Several vendors will be demonstrating AVDL interoperability of their products at the 2004 RSA Conference to highlight the growing maturity and commercial viability of AVDL automation..." See also the news story "OASIS Committee Draft for the Application Vulnerability Description Language (AVDL)."

  • [Febuary 20, 2004] "Sun Microsystems and SupplyScape Offer Comprehensive RFID Package to Help Combat Drug Counterfeiting and Diversion. Integrated RFID Offering Safeguards Pharmaceutical Supply Chain." - "Sun Microsystems, Inc. and SupplyScape Corporation announced today a Pharmaceutical Anti-Counterfeit RFID Package, an offering enabling companies in the pharmaceutical supply chain to combat counterfeiting and diversion while gaining efficiencies throughout the supply chain. The offering addresses recommendations announced yesterday by the FDA Counterfeit Drug Task Force, as outlined in its 'Combating Counterfeit Drugs' report... According to the FDA report, 'RFID technology will make the copying of medications either extremely difficult or unprofitable.' Radio Frequency Identification (RFID) technology, coupled with the Electronic Product Code (EPC) and electronic pedigrees are key elements in a multi-layered approach to combat the growing problem of counterfeit drugs affecting patient safety in the United States. The SupplyScape on Sun offering supports the FDA and State government initiatives targeting counterfeit drugs by providing EPC-enabled RFID solutions for the pharmaceutical industry. 'Visionaries articulate a future in which RFID is ubiquitous and nearly everything is traceable,' said Michael Swenson, research manager of Life Science Insights, an IDC subsidiary. 'However, in this post Internet bubble era, broad visions of eventual pay-offs hold little appeal. It is vitally important that early RFID solutions deliver quick relief for pressing industry problems. Solutions must stand on their own merit and not rely on some future day in which RFID becomes pervasive. This Pharmaceutical Anti-Counterfeit solution appears to fit that profile.' The Pharmaceutical Anti-Counterfeit RFID package is based on Sun Java Enterprise System Software, an open and integrated software system, and Sun's RFID infrastructure software that features self-healing and provisioning and works with leading EPC-enabled readers, including Alien, AWID, Feig, Matrics, Tagsys and Tyco. Sun's EPC-compliant RFID software, combined with SupplyScape's electronic pedigree application, runs on low-cost Sun x86-based platform servers with the Solaris Operating System or Linux. Because all components adhere to the EPCglobal standards, pharmaceutical manufacturers, wholesale distributors, and pharmacies can quickly and cost-effectively add the solution to their current supply chain infrastructure and processes, helping streamline operations and secure the prescription drug delivery chain from counterfeits. 'The EPC-based Pharmaceutical Anti-Counterfeit package presented by SupplyScape and Sun highlights a novel and comprehensive way of addressing the issues of counterfeit drugs and product diversion,' said Robin Koh, Director, MIT Auto-ID Labs. 'They have worked with MIT's Auto-ID Labs, EPCglobal, Federal and State regulatory officials and the pharmaceutical industry to develop a complete solution that takes into account both regulatory and business requirements'..." See also: (1) "Radio Frequency Identification (RFID) Resources and Readings"; (2) "Physical Markup Language (PML) for Radio Frequency Identification (RFID)."

  • [Febuary 20, 2004] "Netegrity to Discuss Next Generation of SAML at RSA Conference." - "Netegrity, Inc., a leading provider of identity and access management solutions, today announced that Prateek Mishra, Director of Technology and Architecture at Netegrity and co-chair of the OASIS SAML Committee, will deliver a presentation at the RSA Conference discussing the next version of SAML (Security Assertion Markup Language). Mishra's presentation titled 'SAML 2.0: Unified Foundation for Federated Security' will be presented as part of the RSA Conference Standards Track on Tuesday, February 24th at 4:15 pm PT. Netegrity will also be exhibiting at the RSA Conference (Booth #1421) where the company will showcase its identity and access management solutions, including Netegrity's provisioning solution, Netegrity IdentityMinder eProvision. Mishra's presentation will discuss the new features of SAML 2.0 and how it brings together disparate efforts in order to create a single federated security umbrella. SAML 2.0 will build upon SAML 1.0 deployments and integrate with the enhanced functionality of the Liberty ID-FF (Identity Federation Framework) layers. In addition, Mishra will discuss the relationship between SAML 2.0 and other proposed standards, such as WS-Security, and how they jointly provide organizations with a trusted model to enable secure Web services and federation. Netegrity was one of the original creators of the SAML specification and over the last three years has helped to drive industry adoption of SAML, including support for the SAML standard within both the Netegrity SiteMinder Web access management product and the Netegrity TransactionMinder Web services security product. The company also recently shipped Netegrity SiteMinder 6.0 which provides advanced federated security capabilities through enhanced support for SAML..." See (1) the news story: "OASIS SAML Interoperability Event Demonstrates Single Sign-On at RSA Conference"; (2) "Security Assertion Markup Language (SAML)."

  • [February 13, 2004] "SRW/U and CQL Version 1.1 Specifications Released." - "The SRW Maintenance Agency at the Library of Congress, in conjunction with the SRW Development Group, announces the release of version 1.1 of SRW, the Search/Retrieve Web Service; SRU, Search and Retrieve by URL; and CQL, the Common Query Language. Version 1.1 supercedes Version 1.0, the initial, experimental version, which was released November 2002. Version 1.1 has been in development for more than a year and is the first official version. SRW is an XML-based protocol designed to be a low-barrier-to-entry solution for searching and other information retrieval operations across the internet. It uses existing, well tested, and easily available technologies, such as URI, XML, SOAP, HTTP, and XPath. The design reflects the many years of experience gained developing and using Z39.50; SRW is both robust and easy to understand while retaining many of the important aspects of Z39.50. Web technologies reduce the barriers to new information providers allowing them to make their resources available via a standard search and retrieve service. Building on Z39.50 semantics enables the creation of gateways to existing Z39.50 systems. The protocol may be carried via SOAP or as parameters in a URL. When carried via SOAP, it is referred to as SRW; via URL, as SRU. CQL is a formal language for representing queries to information retrieval systems, including web indexes, bibliographic catalogues, and museum-collections information. Traditionally, query languages are either (on one hand) powerful and expressive but complex and unfriendly — SQL, Xquery — or (on the other hand) simple and intuitive but neither powerful nor expressive, for example, Google. CQL's goal is to combine the simplicity and friendliness of Google searching with the expressive power of Z39.50, supporting queries ranging from very simple to arbitrarily complex expressions..." See details in the news story: "US LOC SRW Maintenance Agency Releases Search/Retrieve Web Service Version 1.1."

  • [February 11, 2004] "Invitation to Public Workshops on WS-Notification and WS-Resource Framework." Announcements were posted by William Vambenepe (Hewlett-Packard) for WS-Notification and WS-Resource Framework Public Review Workshops. February 23-24, 2004. [1] The authors of the recently-published WS-Notification specification are hosting a 1-day workshop on February 24, 2004, starting at 9am and ending at 5pm. This workshop will be hosted by Hewlett-Packard in Cupertino, CA. This is an ad-hoc, open forum for 1) the specification authors to share background information on the design of the specifications and to receive feedback and 2) software vendors and other interested parties to discuss their ideas about the specifications and practicality of implementing these and related Web Services specifications. The agenda for the workshop will include a review of WS-Notification by the authors, relationship to other WS specifications, participant Q&A and feedback, and discussion of next steps and standards plans... We'd like this to be an open meeting and collect a broad range of ideas. If you are interested in participating in the discussions, please reply to this mail by EOD 17 February 2004. Feel free to pass this invitation along to other potential participants, either in your company or elsewhere. The authors of WS -Notification intend to submit an updated version of the Specification to a standards body, in which case they intend to grant a Royalty-Free license to their necessary patent claims. Note that in order to attend, in support of this goal, the attached legal agreement MUST be signed by each attendee..." [2] "The authors of the recently-published WS Resource Framework white papers and specifications (WSRF, Modeling stateful resources with Web services, WS-ResourceProperties, WS-ResourceLifetime) are hosting a 1-day workshop on February 23, 2004, starting at 9am and ending at 5pm. This workshop will be hosted by Hewlett-Packard in Cupertino, CA..." See: (1) Logistics for WS-Resource Framework and WS-Notification Public Review Workshops (HP, Cupertino); (2) the news story "Web Services Notification and Web Services Resource Framework."

  • [February 09, 2004] "Compuware Takes Model-Driven Development Mainstream, Releases Compuware OptimalJ 3.1 and Announces Vision for New Paradigm of Enterprise Application Development. Model-Driven Pattern-Based (MDPB) Approach Bridges J2EE Skills Gap. Enables Companies to Increase Productivity of Enterprise Application Development." - "Compuware Corporation today outlined its vision for supporting software developers in successfully building service oriented, enterprise-class applications using the model-driven pattern-based (MDPB) approach. In support of its vision, the Company unveiled version 3.1 of its popular Compuware OptimalJ development platform with industry-leading support for Web Services security, a broader set of options for Compuware OptimalJ's integrated testing environment -- including testing support for BEA WebLogic Server and IBM WebSphere Application Server -- and enhanced features for legacy integration... Compuware OptimalJ 3.1 enables development organizations to do more with less, helping businesses easily migrate to MDPB development through: (1) Pioneering Web Services Security: One of the first development tools to support the new Web Services-Security specification as defined by the Organization for the Advancement of Structured Information Standards (OASIS) to ensure a secure web services implementation, enabling organizations to conduct business securely via web services. (2) Providing Flexible Modeling: Compuware OptimalJ expands its integration with world-class modeling tools, including IBM Rational Rose, Borland Together Control Center, SparxSystems Enterprise Architect and Objecteering, in addition to providing support for UML modeling. (3) Driving Legacy Modernization: Support is extended for IBM's infrastructure software to integrate with WebSphere MQ so that Compuware OptimalJ customers using the IBM platform can fully leverage their existing infrastructure investments. (4) Ensuring Platform Flexibility: Compuware OptimalJ broadens the options for deployment in the integrated test environment to include leading application servers BEA WebLogic Server and IBM WebSphere Application Server. This enables IT organizations to build, test and debug applications faster..." See also: (1) "OMG Model Driven Architecture (MDA)"; (2) "OASIS Web Services Security TC (WSS) Approves Committee Draft Specifications."

  • [February 6, 2004] "Vignette First To Announce Self-Certified JSR 168-Compliant Portal. Vignette Application Portal 7.0 Also Supports Comprehensive Localization and Standards for Universal Access." - "Continuing to deliver on its mission to drive enhanced business efficiency, Vignette Corp. has announced initial availability of Vignette Application Portal 7.0, part of the Vignette V7 family of products. Vignette Application Portal 7.0 has been certified by Vignette on the Sun Microsystem's Test and Compatibility Kit (TCK) for compliance with the recently adopted JSR 168 portlet interoperability standard. With this move, Vignette believes that it has become the first independent software vendor to announce a self-certified JSR 168 portal. The release of Vignette Application Portal 7.0 reaffirms Vignette's leadership in delivering standards-based portal solutions that scale and evolve from department level to enterprisewide deployments. As a founding member of both the Java Community Process's JSR 168 Expert Group and OASIS' WSRP Technical Committee, Vignette has played a pivotal role in helping define JSR 168 and WSRP since their inceptions in January 2002. By driving innovation through the usage of Web services and portal standards, Vignette enables customers to increase efficiency and reduce the complexity and cost of sharing information across organizations by supporting their evolving enterprise portal strategies. 'JSR 168 represents a significant milestone for the industry and will play a key role in advancing an organization's ability to integrate portal deployments and provide a single, consolidated view for end users,' said Craig Roth, vice president, Web and collaboration strategies at Meta Group Inc. 'Organizations should look to vendors that are showing a commitment to industry standards as a means to increase developer productivity and significantly reduce deployment costs.' In conjunction with its support for JSR 168, Vignette will provide plug-ins for the leading integrated development environments (IDE) to provide developers with a seamless experience when deploying IDE-developed JSR 168 portlets within Vignette Application Portal 7.0. In addition, the latest release of Vignette Application Portal provides enhanced localization of portal administrative consoles and multibyte support for compliance with Section 508, enabling disabled administrators to easily manage portal sites, and i18N, allowing diverse administrators in multidialect regions to access a shared portal console that is localized for each individual administrator's dialect..." See also: (1) JSR 168 Portlet API Specification 1.0 Released for Public Review"; (2) "Portlet Open Source Trading (POST) Site for JSR 168 and WSRP Portlets."

  • [February 06, 2004] "CECID Completes XML Schema Design and Management Guide." - "The Center for E-Commerce Infrastructure Development (CECID) of the University of Hong Kong (HKU) has completed the XML Schema Design and Management Guide for Information and Technology Services Department (ITSD) of the HKSAR Government (HKSARG). The Guide, which aims to provide a process for designing and defining quality, consistent and reusable XML Schema Definitions (XSDs) in a systematic manner, is now available for download at ITSD website... The Hong Kong Observatory, Department of Health and Commerce, Industry and Technology Bureau are first to use this Guide in their XML projects of weather news, notifiable infectious disease notification and electronic surveillance system and Integrated Criminal Justice System respectively. Based on international best practices such as UN/CEFACT's Modeling Methodology (UMM), ebXML Core Components (CC), and Universal Business Language (UBL), CECID developed the XML Schema Design & Management Guide for HKSARG to assist bureaux and departments, as well as their business partners, in implementing e-government joined-up service projects (G2G and G2B). When a new joined-up service project is implemented, project teams must conduct a data alignment exercise to agree on the definition and representation of each data element of the information to be exchanged. Further, data conversion or data mapping between the exchanged data may need to be performed. To achieve interoperability for information exchange, XML has been identified by HKSARG as the technical standard. This XML Schema Design and Management Guide will facilitate data interoperability by providing (i) a methodology to specify the definitions and representations of information in a consistent and structured way as reusable information models; (ii) an approach to convert the information models of data elements into XML Schema Definition (XSD) code; and (iii) guidelines to adopt, contribute, and manage XML Schemas to maximize reuse..." See details in the news story "CECID Releases XML Schema Guide Based on UN/CEFACT UMM, ebXML Core Components, and UBL."

  • [February 04, 2004] "OASIS Members Collaborate on 'Dataweb' Standard for Exchange of Machine-Readable Information." - "Members of the international standards consortium, OASIS, have organized to create a standard for sharing, linking, and synchronizing data over the Internet and other networks using XML documents and Extensible Resource Identifiers (XRIs). XRI is a URI-compatible abstract identifier scheme also developed within OASIS. The new OASIS XRI Data Interchange (XDI) Technical Committee will enable implementers to automatically interchange XDI documents and to express controls over the authority, security, privacy, and rights of shared data as XDI links. 'The goal of XDI is to do for controlled data sharing what the Web did for open content sharing,' explained Drummond Reed of Cordance, co-convenor of the OASIS XDI Technical Committee. 'XDI does not displace any specialized XML vocabulary designed to support specific applications or Web services. Rather, it augments them by providing a standard, generalized way to identify, describe, exchange, link, and synchronize other XML documents encoded in any XML language or schema--tying them all into one global 'Dataweb.' 'The formation of this technical committee represents an important step toward a shared vision for a more capable Internet,' added Geoffrey Strongin of AMD, co-convenor of the OASIS XDI Technical Committee. 'XDI will help solve fundamental problems associated with data sharing over the Internet by leveraging and building on the entire array of existing and emerging XML standards.' XDI will address interoperable, automated data interchange across distributed applications and trust domains. Examples of potential applications include: (1) Exchange, linking, and lifetime synchronization of electronic business cards, public keys, and other common identity attributes across distributed directories (dynamic address books); (2) Internet calendar sharing; (3) Trusted search (searches that need to cross multiple private websites); (4) Auto-configuration and intelligent data synchronization across multiple user devices (desktop, laptop, PDA, land phone, cell phone, etc.); (5) Automated website registration, form-fill, and e-commerce transactions; (6) Cross-domain security and privacy management. OASIS XDI Technical Committee members include representatives of AMD, AmSoft Systems, Booz Allen Hamilton, Cordance, Epok, Neustar, NRI, and others..." See details in the news story: "OASIS Members Form XRI Data Interchange (XDI) Technical Committee."

  • [January 29, 2004] "Systinet Closes Highly Successful 2003 with Strong Momentum and Growth. Leading Independent Web Services Software Provider Grows its Revenue 5X in 2003, Signs Over 70 Customer Deals and is Poised for Continued Growth in 2004." - Systinet, the leading independent provider of Web services infrastructure software, today announced strong momentum in 2003, positioning itself for continued growth in 2004. Systinet's 2003 revenue was five times greater than its revenue in 2002, which was the result of more than 70 new customer deals. In Q4 2003 alone, Systinet signed 30 new customers, including N2 Broadband, British Telecom, GlaxoSmithKline, The Hartford Financial Group, Mizuho Capital and CoreMedia, adding to its already strong roster of 2003 customer wins that included Amazon, Kodak, BMC Software and Northrop Grumman... New Systinet customers signed in Q4 2003 include: (1) CoreMedia: CoreMedia provides content management, digital rights management and multi-channel delivery technologies, with clients including Bertelsmann, Continental AG, SAP and NEC/Mitsubishi. CoreMedia use Systinet WASP Server for C++ to provide embedded Web services functionality for all its products. 'CoreMedia has integrated Systinet WASP into our Smart Content Technology and our OMA DRM solution for mobile services that is used by leading telecommunication and media companies' explains Soren Stamer, Co-Founder and CEO of CoreMedia. (2) The Hartford Financial Group: One of the largest investment and insurance companies, The Hartford uses Systinet WASP UDDI as a registry to advertise and discover Web services that support a legacy SEMCI (Single Entry Multiple Company Interface) system. WASP UDDI stores all of The Hartford's proprietary XML schema documents and all of the new SOAP services it is building. The Hartford estimates it will save $50,000-$75,000 in internal development costs on a 'per service' basis, using WASP UDDI. The company will recoup its investment in Systinet's product within the first 90 days of usage. (3) N2 Broadband: A leading supplier of scalable, open-standards solutions that enable cable operators to offer on-demand services, N2 Broadband embeds Systinet WASP Server for Java in their OpenStream video-on-demand (VOD) product. WASP is used for back-end data processing and transactions. Systinet's WASP suite of products is a complete solution for building, deploying, securing and managing Web services. Systinet WASP Server for Java and WASP Server for C++ are industrial-strength Web services runtime environments that fully support industry standards, including SOAP 1.1, SOAP 1.2 and WSDL 1.1. WASP UDDI is the only commercially available, fully V2 compliant registry with advanced UDDI V3 functionality..." See also "New Features in WASP 4.7"

  • [January 27, 2004] "CambridgeDocs Announces Linux Versions of Its xDoc Server Products for XML Conversion and Publishing. Server Provides End to End Document Transformation and Publishing Services Using XML for Unstructured Content for Linux." - "CambridgeDocs, a leader in the emerging market for XML-based content integration, today announced the Linux versions of its xDoc Content Transformation Server (xCTS). The xDoc Content Transformation Server provides XML-based transformations of documents and content from multiple legacy source formats into XML and then publishing to popular desktop formats, such as Adobe PDF, HTML, and Microsoft Word documents. The xCTS includes the xDoc Conversion Server, which can transform documents from legacy formats, such as PDF, HTML, Microsoft Excel, Microsoft Word and WordPerfect into meaningful and well-structured XML. The transformation can retain the 'look and feel,' layout, graphics and content of the source document. On the other side, the xCTS includes the PDF-XML Publishing server, which allows for the transformation of XML. 'The xCTS on LINUX is the first end-to-end transformation tool for unstructured content using XML,' said Rizwan Virk, CambridgeDocs CTO and co-founder. 'While most content conversion tools are written on Windows, the xCTS is fully cross-platform and can be integrated into any J2EE environment. It also allows end to end transformations. You can begin with say, a Microsoft Word File on Linux, convert it to XML, and then publish the XML as a PDF file. Or, you could start with a PDF file, convert it to XML, and then publish it as Microsoft Word document. Furthermore, the newly published content can be aggregated from sections of existing content.' Organizations today have thousands and thousands of legacy documents that need to be made available dynamically to end users both within the organization and outside the organization. Linux is the first of a number of Unix platforms that will be fully supported by CambridgeDocs XML Content Backbone. The xCTS uses the XTE (xDoc Transformation Engine) underneath the hood, a patent-pending technology for transforming unstructured content into meaningful XML. It supports open, XML-based standards for publishing and transformation, including XSLT, and XSL:FO and can also use any XML-schema or DTD as the target or source for transformation, including DocBook XML, 3001 MIL STD, Legal XML, or customer-specific schemas or DTDs. The xCTS works with popular J2EE application servers, such as TomCat, EAServer, as well as with Microsoft IIS based applications. The server can be invoked on Linux using its Servlet API or its Java API..."

  • [January 27, 2004] "Parasoft Releases SOAPtest 2.5 for Comprehensive Web Services Testing. Web Services Testing Product Now Offers Security Features, MIME Attachment Support and Enhanced Load Testing Features/" - "Parasoft, leading provider of Automated Error Prevention (AEP) software solutions, announced today the release of SOAPtest 2.5, the most comprehensive Web services testing product available today, verifying every aspect of a Web service from WSDL validation, to client/server unit and functional testing, to performance testing. The latest version of SOAPtest offers support for WS-Security, MIME attachments, enhanced load testing features, and other features designed to help development teams prevent errors and accelerate time to market for their Web service initiatives. 'As Web services mature and more companies adopt them, they need comprehensive tools to address key issues such as interoperability, security, change management and scalability,' said Gary Brunell, Parasoft Vice President of Professional Services. 'SOAPtest 2.5 offers the functionality to address all of these issues while improving the software lifecycle by preventing errors early in the development process.' PPQ#What's New in SOAPtest 2.5#PPQ (1) WS-Security support including fully configurable SOAP Headers and support for X509, SAML, username security tokens, XML Digital Signature and XML Encryption. (2) MIME Attachment support including meeting SOAP with Attachments and OASIS ebXML specifications and sending and receiving both text/XML and binary attachments. (3) Enhanced load testing features including SNMP and Windows monitors, customizable HTML reports and detailed report histograms. (4) WS-I Analyzer Tool to verify WSDL and SOAP traffic for conformance, includes WS-I Testing Tool 1.0 and produces WS-I conformance reports. (5) Supports JMS and Asynchronous testing..." See also "Web Services Interoperability Organization (WS-I)."

  • [January 26, 2004] "Denmark Becomes First Country to Adopt OASIS Universal Business Language." - "The Danish National XML Committee announced today that it has formally adopted an early version of the OASIS Universal Business Language (UBL) as a standard for e-Commerce in the public sector. Following a 30-day public hearing, the Danish XML Committee decided to use UBL 0.7 to enable integration between systems controlled by state authorities and a newly implemented portal for public procurement. UBL provides an XML library of common business data components together with a set of standard business documents such as purchase orders and invoices that are assembled from the component library. UBL is the product of an international technical committee of the Organization for the Advancement of Structured Information Standards (OASIS), a non-profit consortium dedicated to the creation of XML standards. Currently at version 1.0 Beta, UBL is produced in an open, publicly visible process and is made available without royalties or other fees. The Public Procurement Portal is an electronic market place to which both private and public purchasers and their suppliers have access, and whose functionality, interface, security and transaction costs are regulated by the public sector. It is the first public procurement portal in Europe. The establishment of the Public Procurement Portal is an important part of the strategy to make procurement efficient and is implemented on the basis of the wish to create a common infrastructure for the trade between the public units and the suppliers. With a public sector procurement of goods and services for approximately DKK 100 billion per year, even modest improvements in efficiency will be of great value for Danish society. By virtue of the public sector's purchasing volume, increased use of e-commerce will furthermore contribute to the penetration of e-commerce in Denmark in general. The suppliers will get accustomed to e-commerce and an infrastructure will be established. Particularly favourable arrangements have been made to secure access by small suppliers. 'A royalty free standard with strong and broad vendor support is a key enabler for the development of both e-Business and e-Government. We are pleased to be a part of the OASIS UBL initiative,' said Michael Bang Kjeldgaard of the Danish National IT and Telecom Agency, chair of the Danish XML Committee. 'We have learned valuable lessons from the work being carried out in the OASIS UBL Technical Committee. Not only does UBL deliver a royalty free standard for electronic commerce, but the 'Naming and Design Rules,' that dictate how UBL is expressed in XML Schema, have inspired us in the development of other XML vocabularies'..." General references in "Universal Business Language (UBL)."

  • [January 26, 2004] "The OASIS Symposium on Reliable Infrastructures for XML OASIS Annual General Meeting and Technical Committee Meetings to Follow April 26 - 29, 2004 in New Orleans, Louisiana, USA." - "OASIS, the Organization for the Advancement of Structured Information Standards, invites you to submit a proposal for a presentation, panel discussion or tutorial for the OASIS Symposium on Reliable Infrastructures for XML, including web services architectures. The goals of the symposium are to: (1) Provide a forum for OASIS Technical Committee members to exchange ideas and present results of ongoing work, works-in-progress, etc.; (2) Identify areas where coordination between standards efforts is needed to promote interoperability; (3) Identify unaddressed topics where standards development is needed; (4) Enable outside experts to present issues / opportunities to OASIS members... The symposium will be followed immediately with two days (April 28-29, 2004) reserved for OASIS Technical Committees, Joint Committees and Member Sections to use for face-to-face working sessions. Conference rooms will be available to TC's to use for their meetings based on the number of rooms booked at the designated hotel; space is limited. The OASIS Annual General Meeting will also be held in conjunction with the symposium. The OASIS Symposium will be held on Monday, April 26th and Tuesday, April 27th at the Marriott in New Orleans, Louisiana, USA. The symposium registration fee for OASIS members is 265 USD. The OASIS Annual General Meeting will be held Tuesday evening. All OASIS members are invited to attend... Many different (and partially interchangeable) technologies are proposed or available to increase the reliability of XML-based messaging and networking infrastructure. These include technologies applied: at the transport layer (e.g., reliable messaging specifications); at the application layer (e.g., transaction protocols); at intermediate levels (e.g., routing, point-to-point compared to end-to-end); by using Message-Oriented Middleware as a carrier for XML messages. We define "reliable" to mean that implementing one or more of these technologies in an infrastructure removes some of the burden of ensuring application integrity from software programmers and architects. The OASIS Symposium is focused on exploring the current state of these technologies and exploring areas where open standards are needed..."

  • [January 22, 2004] "OFX Consortium Releases OFX 2.0.2 XML Schema. Building OFX Clients and Servers Now Easier and More Cost-Effective Than Ever." - "The Open Financial Exchange Consortium today announced the public availability of the OFX 2.0.2 XML Schema. This release enables financial institutions and their technology providers to build state-of-the-art OFX systems faster and more cost-effectively using the many off-the-shelf XML development systems that are currently available. The new OFX 2.0.2 XML Schema is compliant with the World Wide Web Consortium's XML Schema Recommendation, 2 May 2001. It complements the existing OFX 2.0.2 specification and DTD (Document Type Definition) to enable software developers to utilize the latest in XML technology. Additionally, the new OFX XML Schema provides a clear expansion path to allow OFX to support other important XML technologies such as SOAP and WSDL. It also expands OFX to support account aggregation in a manner that conforms to the latest BITS Phase II Aggregation guidelines. 'OFX is fast becoming the industry standard and the preferred method of downloading data by Quicken and QuickBooks customers,' said Gil Clark, OFX program manager, Intuit. 'Because it enables an easier, faster and more accurate download experience for our customers, Intuit is focusing all future development of online banking solutions on OFX. The new schema serves users who are upgrading their systems to new XML technology as well as those who are using OFX for new functionality such as account aggregation equally well.' 'Microsoft is committed to simplifying connectivity for financial institutions that want to make it easier for their customers to access their account information electronically,' said Greg Martin, financial products connectivity evangelist at Microsoft Corp. 'The OFX XML schema enables financial institutions to utilize existing XML systems to easily and quickly implement cost-effective OFX solutions.' As well as enabling financial institutions to connect to their customers, OFX can support connectivity within the systems of the financial institutions themselves. The OFX XML schema allows intra-enterprise-oriented tools to be developed using the latest XML technology that, while dedicated to internal purposes, also adheres to a recognized industry standard. This helps assure interoperability with other internal and external systems. 'The XML schema definition for OFX 2.0.2 will allow financial institutions and vendors the opportunity to leverage modern development tools to develop solutions that use OFX. Citigroup was pleased to participate in this effort to produce a XML schema for OFX, and supports and encourages the use of open standards,' said Michael Grandcolas, chief architect, Citibanking Technology Solutions Group. The OFX 2.0.2 XML Schema was developed by the OFX Web services working group chaired by Business Logic. Other key contributors were Intuit, Microsoft and Citigroup..." General references in "Open Financial Exchange (OFX)."

  • [January 20, 2004] "OGC Members Adopt Implementation Specification for Location Based Services." - "At meetings held at United Nations Headquarters, OGC members approved the OpenGIS Location Services (OpenLS) Specification for public release... The OpenLS Implementation Specification defines a set of core interfaces for implementing interoperable location service applications. The core interfaces are for accessing directory services (such as yellow pages), route determination, location determination gateway, geocoding, reverse geocoding, and portrayal services using standard Web protocols. The interfaces allow telecommunications companies, telematics service providers, traditional GIS technology companies, and location-based services (LBS) providers to efficiently implement interoperable LBS applications that seamlessly access multiple content repositories and service frameworks that work across the world's many different wireless networks and devices. The following organizations submitted the OpenGIS OpenLS Implementation Specification for formal adoption: Autodesk, ESRI, Image Matters, Intergraph IntelliWhere, MapInfo, and Webraska. The submitters acknowledge the following OGC member organizations for their in-kind contributions: Hutchison 3G, IONIC Software sa, Navigation Technologies, Oracle, and Sun Microsystems. The OpenLS Specification grew from work performed in OGC's Interoperability Program, a global, collaborative, hands-on engineering and testing program that rapidly delivers proven candidate specifications into OGC's Specification Program, where they are formalized for public release. In OGC's Interoperability Initiatives, international teams of technology providers work together to solve specific geoprocessing interoperability problems posed by the Initiative's sponsoring organizations... OGC is an international industry consortium of more than 255 companies, government agencies and universities participating in a consensus process to develop publicly available interface specifications. OpenGIS Specifications support interoperable solutions that "geo-enable" the Web, wireless and location-based services, and mainstream IT. The specifications empower technology developers to make complex spatial information and services accessible and useful with all kinds of applications..." General references in "Geography Markup Language (GML)".

  • [January 15, 2004] "Global eXchange Services to Acquire Product Information Management Leader HAHT Commerce. Acquisition Creates 'One-Stop Shop' for Comprehensive Data Synchronization Solutions." - "Global eXchange Services, Inc., the B2B e-commerce software, services and solutions pioneer, today announced that it has signed a definitive agreement to acquire HAHT Commerce, an award-winning provider of demand chain management applications. Under terms of the agreement, Global eXchange Services will acquire all the capital stock of HAHT Commerce through a merger for approximately $30 million in a combination of cash and shares of GXS Holdings. GXS Holdings is the parent company of Global eXchange Services, Inc. The transaction is subject to the approval of HAHT Commerce's shareholders and other conditions. Global eXchange Services expects the acquisition to be completed in February 2004. The acquisition will bring together two providers of complementary B2B e-commerce solutions that help retailers, manufacturers and suppliers of all sizes to increase revenues, reduce costs, expand collaboration and expedite time-to-market for new products. The addition of HAHT Commerce will enable Global eXchange Services to provide businesses of all sizes with the industry's most comprehensive solution for product information management (PIM) and data synchronization -- enabling retailers, manufacturers and suppliers to manage product information from concept to consumer. With this acquisition, Global eXchange Services will be able to deliver a complete solution suite that includes software to integrate data into and out of back-end systems, management tools to publish and syndicate product information accurately, transaction delivery services to move the information, and community enablement to electronically connect all trading partners in the global retail supply chain... Global eXchange Services will rapidly integrate the following key components in its end-to-end data synchronization solution: (1) Feature-Rich Product Information Management - The Product Information Management (PIM) solution of the HAHT Commerce Suite features a powerful UCCnet-interoperable catalog capable of aggregating, organizing, structuring and managing item-related content. The PIM can aggregate data from multiple internal sources including leading ERP systems, create a scalable data repository (catalog) for centralized management, and optimize data flow to multiple destinations. (2) Simple Syndication with UCCNet - HAHT Commerce's Quick Connect Package is a fast and cost-effective entry point for suppliers and manufacturers seeking to leverage a machine-to-machine XML interface to synchronize items with retail partners through the UCCnet foundation service. (3) Hosted Catalog Services and Data Pools - The Global eXchange Services Global Product Catalogue provides a multi-community, multi-industry data repository of more than 65 million line items, comprehensive trading partner profiles and synchronization services supporting over 17,000 trading partners. (4) Rapid, Worldwide Community Enablement - From EDI to AS2 and XML formats, Global eXchange Services can on-board businesses to quickly and easily exchange product information electronically in more than 36 countries with multi-language support..." See also "Uniform Code Council (UCC) XML Program."

  • [January 14, 2004] "NISO-Sponsored INFO URI Scheme is Information Gateway to the Web. Publishing and Library Communities Join Forces to Facilitate and Expedite Representation of Standard Identifiers such as Library of Congress Control Numbers on the Web." - "Working under the auspices of the National Information Standards Organization (NISO), a joint task force of the publishing and library communities has developed and published a Uniform Resource Identifier (URI) scheme aimed at the identification of information assets. Information assets should be interpreted rather broadly to include, for example, documents and terms from classification schemes. The INFO URI scheme is a consistent and reliable way to represent and reference such standard identifiers as Dewey Decimal Classifications on the Web so that these identifiers can be 'read' and understood by Web applications. Led by four NISO members and associates -- Los Alamos National Laboratory, Online Computer Library Center (OCLC), Elsevier, and Manifest Solutions -- the initiative builds on earlier consultations with representatives from the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF)... Herbert Van de Sompel, Digital Library Research & Prototyping at the Los Alamos National Laboratory's Research Library, stated, 'A good example of the problem that the INFO URI scheme solves involves PubMed identifiers: unique numbers assigned to records in the PubMed database maintained by the National Center for Biotechnology Information (NCBI) of the National Library of Medicine. PubMed identifiers originated prior to the Web, so they are not URIs. As such they do not exist naturally in the Web infrastructure because the Web only recognizes URIs as a means to identify information resources. So Web applications cannot use PubMed identifiers, and hence cannot reference PubMed records that are identified by them. The solution is to turn PubMed identifiers into URIs. The INFO Registry enables the registration of public namespaces of standard identifiers; NCBI registered its PubMed identifier namespace under the INFO Registry-their namespace is pmid-so we can now talk about the record with the PubMed identifier '12376099' in URI terms as <info:pmid/12376099>.' 'The goal of INFO is to act as a bridging mechanism to the Web by providing a lightweight means for registering public namespaces used for the identification of information assets,' said Tony Hammond, Advanced Technology Group at Elsevier, a world-leading publisher of scientific, technical and medical information products and services. 'We see INFO as an enabling technology for the library, publishing and media communities-a way to facilitate and speed the growth of the Web as a truly global information place beyond a basic document repository. The Library of Congress, the National Library of Medicine, and NASA are among those organizations that have already registered public namespaces with the INFO Registry.' 'There are different ways to represent these identifiers on the Web,' explained Pat Harris, NISO's Executive Director, 'but the INFO URI scheme really simplifies matters. As a Web user, you aren't likely to see the scheme in action on your screen-for example, <info:lccn/2002022641>, because it's an under-the-hood way of communicating the identity of an information asset to a Web application'..."

  • [January 13, 2004] "VeriSign Selected to Operate Root Directory for EPCglobal Network. Highly Scalable, Secure and Global Network Directory Service Will Enhance the Application of EPC Technologies in the Supply Chain." - "VeriSign, Inc., the leading provider of critical infrastructure services for the Internet and telecommunications networks, announced today it has been selected by EPCglobal, a not-for-profit standards organization, to operate the Object Naming Service or ONS as the root directory for the EPCglobal Network. The EPCglobal Network is a system that leverages the existing Internet infrastructure to create a low-cost, standards-based set of services for trading partners to use Radio Frequency Identification (RFID) and the electronic product code (EPC) to capture and share information on items throughout the supply chain. When the EPC is linked to the directory it becomes a tool that enables new ways of doing business. The EPC is a unique number that can be assigned to individual items in cases and pallets within the supply chain for identification and tracking. Similar to today's bar code, these 'license plates' for products are embedded in EPC tags, which can transmit EPC information to special readers placed in dock doors and other locations. This makes it easier to track products as they move through the supply chain. Through the use of the EPCglobal Network, businesses can become more efficient and productive in logistics, inventory management and product placement. To support this new model for supply chain management thousands of enterprises need to be able to securely access, in real-time, potentially billions of unique EPCs from a highly available global ONS directory..." See: (1) "Physical Markup Language (PML) for Radio Frequency Identification (RFID)"; (2) "Radio Frequency Identification (RFID) Resources and Readings."

  • [January 12, 2003] "METRO Group to Introduce RFID Across the Company. First Use of RFID Technology Along The Entire Process Chain. Comprehensive Pilot Project to Kick Off With 100 Suppliers, 10 Central Warehouses and Approximately 250 Stores." - "METRO Group, the world's fifth-largest retailing company, will begin using RFID technology (Radio Frequency Identification) throughout its entire process chain. Beginning in November 2004, approximately 100 suppliers initially will affix RFID tags to their pallets and transport packages for delivery to ten central warehouses and around 250 stores within the METRO Group's sales divisions Metro Cash & Carry, Real hypermarkets, Extra supermarkets and Galeria Kaufhof department stores. Tests with the new RFID tags have been successfully conducted over recent months at the METRO Group's Extra Future Store in Rheinberg, Germany, the first project of the METRO Group Future Store Initiative. In Rheinberg, the Initiative tests the use and interaction of a number of new retailing technologies under real-life conditions, with the objective to develop benefit-driven solutions -- both for customers and retailers. To achieve this, RFID technology is of particular importance, as it enables non-contact transmission of product information such as price, manufacturer, expiration date and a product's weight via radio frequency... Thus far, the Initiative is only testing RFID in certain areas of the process chain, primarily in warehouse management. RFID technology enables the automatic inspection of incoming goods: Delivery of goods to the Future Store in Rheinberg are fitted with RFID tags in the central warehouse and read in upon arrival at the store. During transport from the store's warehouse to the salesroom, goods are read in again, and identified as 'moved to the frontstore.' The tests in Rheinberg have shown that RFID offers retailers and their customers enormous advantages: more effective processes and consequently lower costs, which benefits both parties. Using RFID, goods will be able to be located along the entire process chain -- from production all the way through to the shelf in the store. Managing orders can be optimized, losses reduced and out-of-stock situations avoided, assuring an even more consistent availability of goods for the customer. Utilization of RFID for the first time along the entire process chain is the most sweeping project thus far for the METRO Group Future Store Initiative. It is a multi-stage plan beginning November 2004 that provides for approximately 100 of Metro's suppliers to already outfit all pallets and transport packages with RFID tags in their production facilities for goods bound for ten of the METRO Group's central warehouses. The goods' path from manufacturer to METRO Group's warehouses will thus be recorded using RFID technology. 100 stores from the Real and Extra sales divisions, 122 Galeria Kaufhof department stores, and 59 Metro Cash & Carry wholesale stores in Germany will be receiving RFID-tagged deliveries from these warehouses. To assure a smooth implementation of the project, METRO Group sets up a lab for the suppliers involved. In this lab, the functionality of the RFID technology, e.g. the reading of tags, is being tested..." See: (1) "Physical Markup Language (PML) for Radio Frequency Identification (RFID)"; (2) "Radio Frequency Identification (RFID) Resources and Readings."

Earlier Announcements 2003 Q4

  • [December 31, 2003] "W3C Director Tim Berners-Lee to be Knighted by Queen Elizabeth. Web Inventor Recognized for Contributions to Internet Development." - "Tim Berners-Lee, the inventor of the World Wide Web and director of the World Wide Web Consortium (W3C), will be made a Knight Commander, Order of the British Empire (KBE) by Queen Elizabeth. This was announced earlier today by Buckingham Palace as part of the 2004 New Year's Honours list. The rank of Knight Commander is the second most senior rank of the Order of the British Empire, one of the Orders of Chivalry awarded. Berners-Lee, 48, a British citizen who lives in the United States, is being knighted in recognition of his 'services to the global development of the Internet' through the invention of the World Wide Web. 'This is an honor which applies to the whole Web development community, and to the inventors and developers of the Internet, whose work made the Web possible, ' stated Berners-Lee. 'I accept this as an endorsement of the spirit of the Web; of building it in a decentralized way; of making best efforts to keep it open and fair; and of ensuring its fundamental technologies are available to all for broad use and innovation, and without having to pay licensing fees.' 'By recognizing the Web in such a significant way, it also makes clear the responsibility its creators and users share,' he continued. 'Information technology changes the world, and as a result, its practitioners cannot be disconnected from its technical and societal impacts. Rather, we share a responsibility to make this work for the common good, and to take into account the diverse populations it serves.' Born in London, Berners-Lee graduated from the Queen's College at Oxford University, England in 1976. While there he built his first computer with a soldering iron, TTL gates, an M6800 processor and an old television. In 1980, while Berners-Lee worked as a consultant software engineer at CERN, the European Particle Physics Laboratory in Geneva, he wrote for his own private use his first program for storing information using the kind of random associations the brain makes. The 'Enquire' program -- which was never published -- formed the conceptual basis for the future development of the Web. While at CERN in 1989, he proposed a global hypertext project to be known as the World Wide Web. Based on the earlier 'Enquire' work, it was designed to allow people to work together by combining their knowledge in a Web of hypertext documents. He wrote the first World Wide Web server, 'httpd', and the first client, 'World Wide Web,' in October 1990. He also wrote the first version of the document formatting language with the capability for hypertext links, known as HTML..."

  • [December 28, 2003] "Perens To Highlight Legal, Technical Curbs on Information Exchange in NISO Keynote. Annual Meeting Free and Open to All. Other Events Include ISBN and NISO Standards Briefings." - "With a focus on the potential threats to the future of libraries, Open Source leader Bruce Perens will address the National Information Standards Organization's (NISO) Annual Meeting, to be held in conjunction with the midwinter meeting of the American Library Association. The international meeting -- free and open to the public -- on Sunday, January 11, 2004 at the U.S. Grant Hotel in San Diego will include participants from technology vendors and software developers, publishing companies, content aggregators, universities, government, and libraries. Citing the value of an Open-Source approach to information standards and distribution, Perens will explore the places where intellectual property law can impinge on the operation of libraries. 'We now have the technological means to control the copyright of material in ways we never had before,' he noted. 'I will cover specific efforts to curb the distribution of information by libraries or otherwise restrict it' in the speech entitled 'A World of Constraint.' Among those efforts are HR 3261, the Database and Collections of Information Misappropriate Act; the Digital Millennium Copyright Act (DMCA); and software patenting. 'The big question for libraries,' Perens continued, 'is "will it be considered legal to be a lending repository of knowledge?"' Perens (www.perens.com) is a leader in the Free Software and Open Source community. He is creator of the Open Source Definition, the manifesto of the Open Source movement in Software. He is founder or co-founder of the Open Source Initiative, The Linux Standard Base, Software in the Public Interest, and No-Code International... On January 12, 2004 NISO will continue its programming with 'An ISBN Briefing: Size Matters!' The program in Room 2 of the San Diego Convention Center will tell participants how to transition to the new 13-digit International Standard Book Number (ISBN) from the current 10-digit format... On January 9, 2004 NISO will hold a joint meeting with the Automation Vendor Information Advisory Committee (AVIAC) at the San Diego Convention Center, Room 17A/B. The meeting will focus on the new NISO Networked Reference Protocol and the trial implementations to be launched in the first quarter 2004. Participants will explore how this new standard can be the cornerstone of expanding a company's services... On January 10, NISO will conduct a standards briefing for the Library & Information Technology Association (LITA) Standards Special Interest Group. To be held at the Courtyard by Marriott Bankers Room, the meeting will explore the new Statistics and Metrics Standard, the OpenURL, and the Metasearch Initiative, among other projects... NISO, a non-profit association accredited by the American National Standards Institute (ANSI), identifies, develops, maintains, and publishes technical standards to manage information in our changing and ever-more digital environment. NISO standards apply both traditional and new technologies to the full range of information-related needs, including retrieval, re-purposing, storage, metadata, and preservation..."

  • [December 15, 2003] "BEA Systems Delivers New Innovations, Standards Contributions to Help Developers Reduce Coding Complexity for Dramatically Increased Productivity. New Portability Kit, Open Source Project and Web Site Further Drive Investment Protection and Faster Time to Value for Customers." - "As part of its ongoing effort to reduce computing complexity, BEA Systems, Inc., the world's leading application infrastructure software company, today announced new resources, including a Page Flow Portability Kit, XML Beans as an Apache Project and a BEA standards portal, all designed to help developers realize increased productivity and to help customers realize faster time to value. By delivering these innovations to the standards community, BEA continues its commitment to creating customer-driven innovations which can help ensure interoperability and therefore customers' long-term IT investment. Today's news -- Page Flow Portability Kit, XML Beans as an Apache Project and a BEA standards portal -- was issued in response to customers' and developers' demand for easier application development and increased flexibility. BEA has traditionally provided these offerings by delivering both the first and the best implementations of new standards, helping to allow customers to experience exceptional reuse and portability of their applications. As an example, BEA created XML Beans to make XML and Java easier to use together. More recently, customers requested portability kits and open source initiatives and again, BEA has responded to help ensure application portability and interoperability... The BEA WebLogic Workshop Java Page Flow innovation is designed to make it easier for developers to build enterprise-class Web applications on BEA WebLogic Platform 8.1. The new Page Flow Portability Kit is designed to give customers the flexibility to deploy their page flows to the J2EE platform of their choice. Page Flows can provide a software engineering framework that is designed to allow developers to separate user interface code from navigational control and other business logic, and to track application status. WebLogic Workshop's Page Flows are based on Struts 1.1, a popular framework embraced by many developers for building large, enterprise-scale Web sites. Struts 1.1 is powerful, but difficult to use due to the vast amount of files and configurations developers must learn and manage. Workshop's Page Flows can offer significant advantages, including the automatic generation and synchronization of XML configuration files, plus a sophisticated graphical IDE to define, build, deploy and maintain the Web application... Launched earlier this year, XML Beans is an innovative technology that is designed to help Java developers more easily manage XML documents. XML Beans can provide Java object interfaces while preserving full access to the underlying XML messages, helping ensure true loose-coupling between applications for greater application reliability and scalability. By BEA submitting XML Beans as an Apache Project, developers can be assured that the technology will drive interoperability by supporting the broadest spectrum of XML and schema types..."

  • [December 10, 2003] "OASIS Interoperability Demos Showcase ebXML, SAML, UBL, WS-Reliability, and XACML at XML 2003. Adobe, BEA, Citrix, Cyclone Commerce, Drake Certivo, Fujitsu, Hitachi, IBM, Korean National Computerization Agency (NCA), NEC, US National Institute of Standards and Technology (NIST), Oracle, Sun Microsystems, Vignette, and Others Demonstrate Interoperability of Standards." - "Companies, users, and government agencies from around the world collaborated on four separate interoperability demonstrations of OASIS Standards and specifications at the XML 2003 conference this week. In scenarios as varied as epidemic management, weather portal aggregation, supply chain operations, and messaging, the practical usage of OASIS Standards was shown. 'These demonstrations provide more evidence that e-business, security and Web services standards are being deployed to solve real-world challenges,' said James Bryce Clark, OASIS Manager for Technical Services Development. 'The excitment here is not limited to what is being demonstrated. The types of participants -- vendors and end users, large and small, government agenies--as well as the geographic span they represent clearly indicates buy-in from all stake-holders.' Demos: (1) Achieving Interoperability Using Test Frameworks: Drake Certivo, NCA, and NIST implemented a real-world ebXML test scenario involving a supply chain in which a buyer tests an upgrade with their solutions as well as with their customers' solutions. The enhancements were then integrated into production operations. The demo also provided access to services via an ebXML Registry which supported the supply chain operations. (2) OASIS WS-Reliability Interoperability Demonstration: Fujitsu, Hitachi, NEC, Oracle, and Sun Microsystems demonstrated their independently developed implementations of the OASIS WS-Reliability specification. WS-Reliability is intended for use in mission critical applications that require guaranteed delivery, duplicate message elimination, and/or message ordering within a transaction. These three fundamental properties of the WS-Reliability specification were demonstrated utilizing a use case derived from a commercial scenario. (3) Epidemic Management Using OASIS ebXML, UBL and XACML: Adobe, Cyclone Commerce, NIST, Sun Microsytems, and others demonstrated an end-to-end data transmission process using OASIS Standards for ebXML Registry, ebXML Messaging, ebXML Collaboration Protocol Profile and Agreement (CPP/A), ebXML Business Process Specification Schema (BPSS), Security Assertion Markup Language (SAML), Universal Business Language (UBL), and eXtensible Access Control Markup Language (XACML). In the demo, a public health care entity for disease control, uses a registry to manage epidemiological data. Laboratories, emergency rooms, and airports send periodic reports on persons that may be carrying communicable diseases to the registry. (4) Web Services for Remote Portlets (WSRP): BEA, Citrix, IBM, Oracle, and Vignette showcased a common use case for WSRP in which a weather site was configured as a portal. Pages on the site were aggregated by the portal and all of the application components used to produce the forecasts and other data were implemented as portlets. These portlets were then reused on other portals via WSRP rather than requiring the portals to separately install the complete set of portlets. WSRP was shown to maximize both control and availability for the weather site while minimizing costs for the remote portal sites..."

  • [December 10, 2003] "WS-I Delivers Sample Applications for Basic Profile. Sample Applications Provide Real-World Business Requirements to Web Services." - "The Web Services Interoperability Organization ('WS-I') today announced the general availability of the WS-I Sample Application 1.0. This important deliverable consists of the WS-I Supply Chain Management Use Cases 1.0, the WS-I Usage Scenarios 1.0, the WS-I Supply Chain Management Technical Architecture 1.0 and Sample Application 1.0 implementations developed by 10 vendor companies. These documents and implementations model a simplified supply chain management scenario and demonstrate the features in the recently released WS-I Basic Profile 1.0. The availability of this material was announced today at the XML Conference & Exposition 2003 taking place this week in Philadelphia. 'The availability of the WS-I Sample Application 1.0 deliverables help define best practices for using the Basic Profile 1.0, and provide the real-world implementation guidance and support necessary for customers deploying Web services,' said Sinisa Zimek, chairman of the Sample Applications Working Group. 'We believe that the WS-I Sample Application 1.0 is an important catalyst in the WS-I effort to create industry-level Web services profiles and tools.' The WS-I Sample Application 1.0 provides a configurable collection of Web services, which exercise the WS-I Basic Profile 1.0 using a supply chain scenario that models the interactions between multiple retail storefronts, warehouses and manufacturers. Implementations of the Sample Application have been delivered by BEA Systems, Bowstreet, Corillian, IBM, Microsoft, Novell, Oracle, Quovadx, SAP, and Sun Microsystems. WS-I will be demonstrating these implementations at an interoperability showcase this week at the XML Conference & Exposition 2003. The Sample Application Technical Architecture 1.0 details a common design and implementation of the supply chain management application. One of the goals of the WS-I Sample Application 1.0 is to exploit as many of the aspects of the Basic Profile 1.0 as possible. To this end, the Sample Application Technical Architecture implements several schema-naming conventions, SOAP message formats, SOAP message styles, and WSDL design practices that all conform to the Basic Profile..." See: (1) Supply Chain Sample Applications; (2) general references in "Web Services Interoperability Organization (WS-I)."

  • [December 10, 2003] "IDEAlliance Issues ICE 2.0 RFC at Industry News Standards Summit. Industry Strength, Web-Services Compliant Syndication Protocol Nears Final Approval." - "IDEAlliance, a leading trade association dedicated to fostering information technology standards, highlighted the new ICE 2.0 Specification and issued a Request for Comment at the News Standards Summit held in conjunction with the XML 2003 Conference and Exposition. XML 2003 is being held Dec. 7-12, 2003 at the Pennsylvania Convention Center. The News Standards Summit, co-sponsored by IDEAlliance, IFRA (INCA-FIEJ Research Association), IPTC (International Press Telecommunications Council), NAA (Newspaper Association of America), and OASIS, brought together 75 major players in the news industry -- experts on news metadata standards, as well as commercial news providers and aggregators, to analyze the current state of (and future expectations for) XML-enabled news publishing efforts from both the content and processing-model perspectives. The ICE specification, originally developed in 1998 by a community of 80 content providers and software venders, provides businesses with an XML-based common language and architecture that facilitates automatic delivery, updating and managing content assets in a trusted fashion without manual packaging or knowledge of remote Web-site structures. With the development of this major revision to the ICE Specification, robust content syndication is supported in a Web Services environment for the first time. According to Dr. Richard Martin, Chairman of the ICE2 Specification Development Committee, 'For Version 2.0 of the ICE protocol, it was critical to consider integration of Web Services related standards for the ICE2 definition. Given that ICE content syndication and the Web Services standards are squarely focused on distributed computing space, the synergy between the two sets of standards should be exploited to make ICE2 more complete and easier to adopt.' Dianne Kennedy, Vice President of Publishing Technologies for IDEAlliance and Editor of the ICE 2.0 Specification, commented, 'Unlike RSS and other light-weight syndication protocols, ICE 2.0 is designed to support industrial-strength content syndication. It provides for subscription management, verification of delivery, and sched