The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors
NEWS
Cover Stories
Articles & Papers
Press Releases
CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG
TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps
EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Last modified: September 30, 2003
XML Articles and Papers September 2003

XML General Articles and Papers: Surveys, Overviews, Presentations, Introductions, Announcements

Other collections with references to general and technical publications on XML:

September 2003

  • [September 30, 2003] "OASIS to Build Web Services Framework. Committee Will Define Vendor-Neutral Methodology." By Paul Krill. In InfoWorld (September 30, 2003). "Members of OASIS this week announced plans to develop a global Web services framework to define a methodology for a broad-based, multiplatform and vendor-neutral implementation. The OASIS Framework for Web Services Implementation (FWSI) Technical Committee plans to design a template for Web services deployment to enable systems integrators, software vendors, and in-house developers to build e-commerce solutions more quickly, according to OASIS. The committee will define functionality for building Web services applications and service-oriented architectures. Specifically, the committee will specify a set of functional elements for practical implementation of Web services-based systems. At first glance, the OASIS project appears similar to the Basic Profile for Web services being set up by the Web Services Interoperability Organization (WS-I). But the technical committee expects to complement WS-I, according to OASIS. Committee member Sun Microsystems also is a major supporter of the WS-I Basic Profile. The committee plans to leverage applicable work within OASIS and other standards groups..." See details in the news story "OASIS Announces Framework for Web Services Implementation (FWSI) TC."

  • [September 30, 2003] "Taking XML's Measure." By David Becker. In CNET News.com (September 23, 2003). "Tim Bray and his colleagues in the World Wide Web Consortium had a very specific mission when they set out to define a new standard seven years ago. They needed a new format for Internet-connected systems to exchange data, a task being handled with increasing awkwardness by HyperText Markup Language. The solution Bray helped concoct was XML (Extensible Markup Language), which has since become one of the building blocks of information technology and today serves as the basic language for disparate computing systems to exchange data. Microsoft is betting heavily on XML-based technology that will turn the new version of Office into a conduit for viewing and exchanging data from backend systems. The biggest players in technology are betting heavily on Web services based on XML. And corporate giants such as Wal-Mart Stores are relying on XML to streamline their business processes. Bray has since gone on to address another big challenge -- the visual representation of data -- with his company, Antartica, which sells tools that display information from Web searches, corporate portals and other sources in an intuitive map-based format. Bray talked about the spread of XML, challenges in search technology and other concerns with CNET News.com..." [Excerpt, on standards:] "Standards processes don't do well in dealing with new technologies, so I disagree that being ahead of the market is a good thing. The standards process works best when you've got a problem that's already been solved, and we have a consensus on what the right way to go is, and you just need to write down the rules. That's totally what XML was. There had been 15 years of SGML, so there was a really good set of knowledge as to how markup and text should work. And the Web had been around for five years, so we knew how URLs (Uniform Resource Locators) worked, and Unicode had been around, so we knew how to do internationalization. XML just took those solved problems, packaged them up neatly and got consensus on it all..."

  • [September 30, 2003] "Sun: Office 2003 Will 'Protect Microsoft's Monopoly'." By Andrew Colley. In ZDNet Australia (September 30, 2003). "Document protection tools in the next version of Microsoft's office suite represent extremes of proprietary thinking, says a Sun document. Sun Microsystems has expressed concerns that document protection tools that Microsoft will include in Office 2003 will fortify the software giant's domination over enterprise desktops. In a document never before released outside Sun, but shared with ZDNet Australia this week, Laurie Wong, Sun Microsystems software product manager, argued that while document rights management was a positive step, Microsoft was using its rights management regime to protect its 'monopoly'. According to Wong, Microsoft's adoption of rights management services would negate any positive impact that might have resulted from its decision to adopt open standards for its file storage format. 'In summary, on the one hand Microsoft claims to have opened up the storage format from a proprietary binary one to XML, an open one. On the other they have locked this 'open' format up with rights management,' wrote Wong, adding 'Yes, a couple of deck chairs have been shifted around, but you certainly are not on a different ship. It is a vexatious issue, promulgated by the extremes of proprietary thinking'. Wong argued that Windows RMS locks out members of the community using non-Microsoft products by coupling document protection systems to proprietary features of Microsoft's latest server technology. Windows RMS is designed to give enterprises control over their documents by specifying who can access them and how they can be used at the time they are created. Windows RMS requires the list of restrictions attached to each document to be registered on a RMS-capable Microsoft server. The server authenticates each user and issues him or her with a license to use an RMS-protected document. Anyone without access to the RMS technology server is effectively locked out of a protected document. When concerns about this were raised when Microsoft announced its rights management technology early this year, the company said that RMS was targeted for internal corporate use and that it could be incorporated into the Passport service for wider community inclusion. However, Wong is not satisfied by either argument. Nodding in the direction of the global divide between the technology have and have-nots, Wong said that users shouldn't be forced to buy one company's products for the privilege of using widely used document formats. Adding to Wong's concerns, Microsoft has added the capability to apply rights management to emails and Web pages through Outlook 2003 and Internet Explorer..." See: (1) "Microsoft Announces Windows Rights Management Services (RMS)"; (2) general references in "XML and Digital Rights Management (DRM)."

  • [September 30, 2003] "Adobe's PDF-Everywhere Strategy." By David Becker. In CNET News.com (September 30, 2003). "Adobe Systems wants to put more than a few pulp mills out of business. Formed more than 20 years ago with the mission of ensuring uniform typefaces, the San Jose, Calif.-based software maker has since built a grand e-paper network, with Adobe products replacing or supplementing paper for tasks that range from tax forms to book publishing. But with its Portable Document Format (PDF) now widely used for distributing documents electronically, Adobe now wants to expand the PDF format into a multiplatform foundation for viewing and sharing corporate data. It's an ambitious plan that will likely bring Adobe into more direct competition with Microsoft -- though this would not be the first time the two companies have clashed. Meanwhile, Adobe is looking to extend its reach with publishing and graphics professionals. Adobe Creative Suite, a package of software the company announced earlier this week, combines common applications such as Photoshop with new tools for collaboration and managing files. Among other things, the package is expected to help boost market share for Adobe's InDesign page layout software, one of the company's most competitive products. Adobe CEO Bruce Chizen talked with CNET News.com about its suite approach, the future of the PDF and the possible confrontation with Microsoft, among other issues. [Chizen:] "The market we're going after is different from the market [Microsoft is] focused on. We're focused on those customers and those industries that care about the reliability of the document outside their environment, and they want to have intelligent documents that cut across platforms--and it's where good-enough -- meaning HTML -- is not going to meet their requirements. Our industries are banking, insurance, legal, manufacturing, pharmaceuticals, government--places where they want to do business with partners or customers or citizens, where they can't dictate the operating environment. They don't want to tell their customers, "If you want to open a certain document, you have to go out and buy a certain operating system and a certain piece of software... Version Cue is really designed for individual and work groups of 25 or fewer people. And as those individuals scale up, they're going to want a much more comprehensive, administrative-intense solution, and that's when they'll go buy an enterprise solution. And because we use industry standards that are built around XML schemas, we'll integrate well with those solutions. And we already are well along the way of creating partnerships with folks like IBM and Documentum..."

  • [September 30, 2003] "Create Web Services Using Apache Axis and Castor. How to Integrate Axis and Castor in a Document-Style Web Service Client and Server" By Kevin Gibbs, Brian D Goodman, and Elias Torres (IBM). From IBM developerWorks, Web services. September 30, 2003. ['Recent work has pointed out the benefits of using Document-style Web services over RPC -- they're cleaner, more natural to XML, and facilitate object exchange. However, Document-style services can be less than straightforward to deploy using Axis, since Axis's data binding framework can be difficult to use, doesn't support some popular features of XML-Schema, and most importantly, lacks validation support. This article addresses those woes by providing a step-by-step tutorial which explains how to integrate Axis with the Castor data-binding framework, creating a best-of-both worlds Web service that combines the Web services prowess of Axis with the data-binding brawn of Castor.'] "RPC-style encoding is ultimately a limiting, unnatural use of its underlying technology, XML. It represents a misuse of technology -- when simple XML alone, in a Document-style service, provides all the expressibility desired. Keeping technology standards in the vein of the most natural, straightforward solutions, like Document style, is the true spirit of Web services, where interfaces are exposed, back-end and middleware systems are hidden, and dynamic discovery, binding, and endless reuse abound. This article shows how to use Castor XML binding to make Document-style Web services within an Apache Axis environment easier, cleaner, and more intuitive. It begins with a discussion of Web service encoding methods and an explanation of why Castor and Axis together make a good solution. It provides instructions and explanations for all of the necessary steps to getting a Document-style Web service up and running -- everything from designing the schema and service to generating the service and client code. The article covers configuring Axis to use Castor and attempts to cover any 'gotchas' a developer might encounter as they get their hands dirty... But once you're off the ground, you've got a Web service that gains all the flexibility and clarity of Document-style, the robust Web services support of Axis, and the validation and data binding prowess of Castor. When you've got Document-style services, Castor, and Axis set up, there are a lot of other interesting directions you can go in. For instance, in just a few more lines of code, you can have your server-side Castor objects marshall themselves into an SQL database, using Castor JDO. You can also use the regular expression and validation support of Castor to clean up Web service data so that your service and client have less room for potential bugs in their data..."

  • [September 30, 2003] "What is Service-Oriented Architecture?" By Hao He. From O'Reilly WebServices.XML.com (September 30, 2003). "Service Oriented Architecture (SOA) is an architectural style whose goal is to achieve loose coupling among interacting software agents. A service is a unit of work done by a service provider to achieve desired end results for a service consumer. Both provider and consumer are roles played by software agents on behalf of their owners. SOA achieves loose coupling among interacting software agents by employing two architectural constraints: (1) a small set of simple and ubiquitous interfaces to all participating software agents. Only generic semantics are encoded at the interfaces. The interfaces should be universally available for all providers and consumers. (2) Descriptive messages constrained by an extensible schema delivered through the interfaces. No, or only minimal, system behavior is prescribed by messages. A schema limits the vocabulary and structure of messages. An extensible schema allows new versions of services to be introduced without breaking existing services... Interfacing is fundamentally important: if interfaces do not work, systems do not work. Interfacing is also expensive and error-prone for distributed applications. An interface needs to prescribe system behavior, and this is very difficult to implement correctly across different platforms and languages. Remote interfaces are also the slowest part of most distributed applications. Instead of building new interfaces for each application, it makes sense to reuse a few generic ones for all applications. Since we have only a few generic interfaces available, we must express application-specific semantics in messages. We can send any kind of message over our interfaces, but there are a few rules to follow before we can call say that an architecture is service oriented. First, the messages must be descriptive, rather than instructive, because the service provider is responsible for solving the problem. This is like going to a restaurant: you tell your waiter what you would like to order and your preferences but you don't tell their cook how to cook your dish step by step. Second, service providers will be unable to understand your request if your messages are not written in a format, structure, and vocabulary that is understood by all parties. Limiting the vocabulary and structure of messages is a necessity for any efficient communication. The more restricted a message is, the easier it is to understand the message, although it comes at the expense of reduced extensibility. Third, extensibility is vitally important... If messages are not extensible, consumers and providers will be locked into one particular version of a service. Despite the importance of extensibility, it has been traditionally overlooked. At best, it was regarded simply as a good practice rather than something fundamental. Restriction and extensibility are deeply entwined. You need both, and increasing one comes at the expense of reducing the other. The trick is to have a right balance. Fourth, an SOA must have a mechanism that enables a consumer to discover a service provider under the context of a service sought by the consumer. The mechanism can be really flexible, and it does not have to be a centralized registry..."

  • [September 30, 2003] "QA Framework: Operational Guidelines." Edited by Lofton Henderson, Dominique Hazaël-Massieux Lynne Rosenthal, and Kirill Gavrylyuk. W3C Candidate Recommendation. 22-September-2003. Latest version URL: http://www.w3.org/TR/qaframe-ops/. Produced by members of the W3C QA Working Group under the W3C Quality Assurance (QA) Activity. This document outlines a "common operational framework for building conformance test materials for W3C specifications is defined. It presents operational and procedural guidelines for groups undertaking conformance materials development. This document is one of the QA Framework family of documents of the Quality Assurance (QA) Activity, which includes the other existing or in-progress specifications: Introduction; Specification Guidelines; and, Test Guidelines. The scope of this specification is a set of verifiable requirements for the process and operational aspects of the quality practices of W3C Working Groups. The primary goal is to help the W3C Working Groups (WGs) with the planning, development, deployment, and maintenance of conformance test materials (TM). For this guidelines document, the term conformance test materials includes conformance test suites, validation tools, conformance checklists, any other materials that are used to check or indicate conformance of an implementation to a specification... As the complexity of W3C specifications and their interdependencies increase, quality assurance becomes even more important to ensuring acceptance and deployment in the market. These guidelines aim to capture the experiences, good practices, activities, and lessons-learned of the Working Groups, and to present them in a comprehensive, cohesive set of documents for all to use and benefit from. They thereby aim to: (1) standardize the best of current practice, (2) allow the WG's to reuse what works rather than having to reinvent, (3) which should facilitate and expedite the work of the WGs, (4) and should also promote consistency across the various WG quality activities and deliverables..." See also the "Implementation Plan and Report for the QA Operational Guidelines" and the public archives of the 'www-qa' list.

  • [September 30, 2003] "An Introduction to StAX." By Elliotte Rusty Harold. In XML.com (September 17, 2003). "Most current XML APIs fall into one of two broad classes: event-based APIs like SAX and XNI or tree-based APIs like DOM and JDOM. Most programmers find the tree-based APIs to be easier to use; but such APIs are less efficient, especially with respect to memory usage. An in-memory tree tends to be several times larger than the document it models. Thus tree APIs are normally not practical for documents larger than a few megabytes in size or in memory constrained environments such as J2ME. In these situations, a streaming API such as SAX or XNI is normally preferred. A streaming API uses much less memory than a tree API since it doesn't have to hold the entire document in memory simultaneously. It can process the document in small pieces. Furthermore, streaming APIs are fast. They can start generating output from the input almost immediately, without waiting for the entire document to be read. They don't have to build excessively complicated tree data structures they'll just pull apart again into smaller pieces. However, the common streaming APIs like SAX are all push APIs. They feed the content of the document to the application as soon as they see it, whether the application is ready to receive that data or not. SAX and XNI are fast and efficient, but the patterns they require programmers to adopt are unfamiliar and uncomfortable to many developers. Pull APIs are a more comfortable alternative for streaming processing of XML. A pull API is based around the more familiar iterator design pattern rather than the less well-known observer design pattern. In a pull API, the client program asks the parser for the next piece of information rather than the parser telling the client program when the next datum is available. In a pull API the client program drives the parser. In a push API the parser drives the client. [Now] the next generation API is here. BEA Systems, working in conjunction with Sun, XMLPULL developers Stefan Haustein and Aleksandr Slominski, XML heavyweight James Clark, and others in the Java Community Process are on the verge of releasing StAX, the Streaming API for XML. StAX is a pull parsing API for XML which avoids most of the pitfalls I noted in XMLPULL. XMLPULL was a nice proof of concept. StAX is suitable for real work. Like SAX, StAX is a parser independent, pure Java API based on interfaces that can be implemented by multiple parsers. Currently there is only one implementation, the reference implementation bundled with the draft specification... StAX is a fast, potentially extremely fast, straight-forward, memory-thrifty way to loading data from an XML document the structure of which is well known in advance; it will be a very useful addition to any Java developer's XML toolkit..." See details in the following bibliographic reference.

  • [September 30, 2003] "Streaming API for XML." Java Specification Request (JSR) #173. Specification Lead: Christopher Fry (BEA Systems). Produced under the Java Community Process. Expert Group Members: Arnaud Blandin, Intalio, Inc.), Andy Clark (Apache), James Clark, Christopher Fry (BEA Systems, Specification Lead), Stefan Haustein). Simon Horrell (Developmentor), K. Karun (Oracle), Glenn Marcy (IBM), Gregory M. Messner (Breeze Factor), Aleksander Slominski), David Stephenson (Hewlett-Packard), James Strachan), and Anil Vijendran (Sun Microsystems). JSR-000173 Streaming API for XML Specification 0.7. Proposed Final Draft. August 27, 2003. 61 pages. A reference implementation is included in the ZIP archive containing the draft specification. "This specification describes the Streaming API for XML (StAX), a bi-directional API for reading and writing XML. This document along with the associated API documentation is the formal specification for JSR-173... This document specifies a new API for parsing and streaming XML between applications in an efficient manner. Efficient XML processing is fundamental for several areas of computing, such as XML based RPC and Data Binding... The Streaming API for XML gives parsing control to the programmer by exposing a simple iterator based API and an underlying stream of events. Methods such as next() and hasNext() allow an application developer to ask for the next event (pull the event) rather than handling the event in a callback. This gives a developer more procedural control over the processing of the XML document. The Streaming API also allows the programmer to stop processing the document, skip ahead to sections of the document, and get subsections of the document. The Streaming API for XML consists of two styles: A low-level cursor API, designed for creating object models and a higher-level event iterator API, designed to be used in pipelines and be easily extensible..." Background to the StAX design: "Processing XML has become a standard function in most computing environments. Two main approaches exist: (1) the Simple API for XML processing [SAX] and (2) the Document Object Model (DOM). SAX is a low-level parsing API while DOM provides a random-access tree-like structure. One drawback to the SAX API is that the programmer must keep track of the current state of the document in the code each time they process an XML document and thus cannot iteratively process it. Another drawback to SAX is that the entire document needs to be parsed at one time. DOM provides APIs that allow random access and manipulation of an in-memory XML document. At first glance this seems like a win for the application developer. However, this perceived simplicity comes at a very high cost: performance. For very large documents one may be required to read the entire document into memory before taking appropriate actions based on the data..." See preceding bibliographic entry.

  • [September 30, 2003] "Marking Up Bureaucracy." By Paul Ford. From XML.com (September 24, 2003). "If there is a perfect user of XML, it's the huge, sprawling United States government. With thousands of diverse offices, from the Navy to National Park Service, each federal agency routinely exchanges gigabytes-worths of documents and data with other offices, businesses, and citizens. Organizations as large as the US government rarely move quickly, so at first it's surprising to see so much XML activity underway. Historically, however, many government organizations are not strangers to markup... Right now, centralization is the exception, not the norm. Different XML applications are scattered across different government agencies. The DoD, EPA, IRS, and others create schemas as needed, and apply them internally. In an effort to encourage centralization of all online government services, including those using XML, the White House created the E-government initiative, which divides government technology into three roles: Government-to-Government (G2G), Government-to-Business (G2B), and Government-to-Citizen (G2C). Most effort has been focused on G2G. As described above, one of the major creators and consumers of markup is the the Department of Defense. Earlier efforts at standardizing schemas DoD-wide met with significant resistance, so now the DoD uses a 'market-oriented' strategy to manage its own XML registry. According to Owen Ambur, co-founder and co-chair of the XML working group, 'essentially, individual departments are encouraged to post schemas,' and other departments are encouraged to work with existing schemas instead of inventing new ones with the hope that, over time, individual schemas will be identified as most useful and promoted broadly throughout government. Much effort is also being applied to the E-Forms for E-Gov project, which is currently creating an infrastructure for using XForms, PDF, and related technologies to allow the myriad different federal forms to be filled out and signed electronically. This technology is expected to be useful both in G2G and G2B and will allow the processing of common forms, like passports applications, applications for federal assistance, and travel vouchers to be completely automated..."

  • [September 30, 2003] "Report: Widespread Use of Microsoft Poses Security Risk. Organizations Should Diversify Their Software Mix, Says Industry Group." By Stacy Cowley. In InfoWorld (September 24, 2003). "Whatever Microsoft's strengths or failings as a developer of reliable software, the mere existence of an operating system monopoly is a critical security risk, argues a new report released Wednesday at a Computer & Communications Industry Association (CCIA) gathering in Washington, D.C. Written by seven IT security researchers, CyberInsecurity -- The Cost of Monopoly calls on governments and businesses to consider in their buying decisions the dangers of homogenous systems, and to diversify the software mix deployed in their organizations. It also urges the U.S. government to counterbalance Microsoft's user lock-in tactics by forcing the company to offer multiplatform support for its dominant applications, including Internet Explorer and Microsoft Office products... While Microsoft is a focus of the report, the company isn't solely responsible for the risky situation that now exists, the authors said... None of the report's authors were paid for their contributions, and the CCIA is merely acting as the paper's publisher and did not influence its content, according to the report's instigator, @stake Inc. Chief Technical Officer Dan Geer. The report's conclusions do, however, dovetail with CCIA's push for tighter regulatory controls on Microsoft and for greater diversity in the U.S. federal government's IT systems. The group plans to feature the report at this week's conference, and in its conversations with representatives of Congress and federal agencies. The report's authors said they hope it will aid corporate IT workers in efforts to convince executives at their companies that Microsoft's software shouldn't be deployed by default. 'There isn't a lot of talk about monoculture and security problems. Our hope is that we can bring this into the debate,' [Perry] Metzger said. Beyond recommending diversification, the paper suggests steps the U.S. government could take to mitigate the effects of Microsoft's monopoly position. Forced publication of APIs (application program interfaces) for Microsoft's Windows and Office software would help, as would requiring the company to work with other industry vendors on development of future specifications through a process similar to the Internet Society's RFC (request for comments) system, the report said..." Note: The "@stake Inc. Chief Technical Officer Dan Geer" mentioned above was fired in connection with his authorship contribution in this report. See: (1) "Security Expert Geer Sounds Off on Dismissal"; (2) "Former @stake CTO Dan Geer on Microsoft Report, Firing." Bibliographic reference for the report is cited below.

  • [September 30, 2003] "CyberInsecurity: The Cost of Monopoly. How the Dominance of Microsoft's Products Poses a Risk to Security." By Daniel Geer, Sc.D (Chief Technical Officer, @Stake), Charles P. Pfleeger, Ph.D (Master Security Architect, Exodus Communications, Inc.), Bruce Schneier (Founder, Chief Technical Officer, Counterpane Internet Security), John S. Quarterman (Founder, InternetPerils, Matrix NetSystems, Inc.), Perry Metzger (Independent Consultant), Rebecca Bace (CEO, Infidel), and Peter Gutmann (Researcher, Department of Computer Science, University of Auckland). Published by Computer & Communications Industry Association (CCIA). September 2003. 25 pages. "... As fast as the world's computing infrastructure is growing, security vulnerabilities within it are growing faster still. The security situation is deteriorating, and that deterioration compounds when nearly all computers in the hands of end users rely on a single operating system subject to the same vulnerabilities the world over. Most of the world's computers run Microsoft's operating systems, thus most of the world's computers are vulnerable to the same viruses and worms at the same time. The only way to stop this is to avoid monoculture in computer operating systems, and for reasons just as reasonable and obvious as avoiding monoculture in farming. Microsoft exacerbates this problem via a wide range of practices that lock users to its platform. The impact on security of this lock-in is real and endangers society. Because Microsoft's near-monopoly status itself magnifies security risk, it is essential that society become less dependent on a single operating system from a single vendor if our critical infrastructure is not to be disrupted in a single blow. The goal must be to break the monoculture. Efforts by Microsoft to improve security will fail if their side effect is to increase user-level lock-in. Microsoft must not be allowed to impose new restrictions on its customers -- imposed in the way only a monopoly can do -- and then claim that such exercise of monopoly power is somehow a solution to the security problems inherent in its products. The prevalence of security flaw in Microsoft's products is an effect of monopoly power; it must not be allowed to become a reinforcer. Governments must set an example with their own internal policies and with the regulations they impose on industries critical to their societies. They must confront the security effects of monopoly and acknowledge that competition policy is entangled with security policy from this point forward..."

  • [September 30, 2003] "Java Panel Pondering Web Services, Portal Proposals. J2EE 1.4 Readied for Approval." By Paul Krill. In InfoWorld (September 24, 2003). "Proposals to boost Web services and portal capabilities in Java are up for imminent votes by stewards of the programming language, according to an official at Java inventor Sun Microsystems. Java 2 Platform, Enterprise Edition (J2EE) 1.4, which adds Web services support and backing for the Web Services Interoperability Organization's Basic Profile for Web services, is up for a vote by an executive committee of the Java Community Process (JCP) in the next couple of weeks, said Onno Kluyt, director of the JCP program office at Sun. J2EE 1.4 will be voted on by the JCP Standard Edition Enterprise Edition Executive Committee (SE/EE), with results expected by the end of the year. Up for a vote this week by the SE/EE committee is JSR 168, which is intended to define a standard API allowing developers to write a portlet once and deploy it from any compliant server with little or no recoding. The vote is expected to be finalized in two weeks, according to Sun. JCP in the next two weeks also is conducting elections to its two executive committees. These committees are the ME (Micro Edition) committee, which oversees Java 2 Platform Micro Edition for consumer and embedded systems, and the SE/EC committee, overseeing Java technologies for the server and desktop. Five seats are up on each panel. In place of current member PalmSource, Sun, which nominates 10 members for each panel, is nominating service provider Vodafone to the ME executive committee. JCP members then vote on the nominations..." See also JSR 168 Portlet API. JSR #168 was approved in a final ballot; voting to approve: Apple Computer, Inc., BEA Systems, Borland Software Corporation, Caldera Systems, Cisco Systems, Fujitsu Limited, Hewlett-Packard, IBM, IONA Technologies PLC, Doug Lea Macromedia, Inc., Nokia Networks, Oracle, SAP AG, Sun Microsystems, Inc.

  • [September 30, 2003] "Client Quality Reporting for J2EE Web Services. Use SOAP Attachments to Report Client Response Times for Web Services." By Brian Connoll. In JavaWorld (September 19, 2003). This article documents the implementation of "a general-purpose architecture for recording client response times for J2EE (Java 2 Platform, Enterprise Edition) Web services. The response times recorded are actual client response times, so they accurately reflect a user's perspective of the service quality. The sample implementation was built using the Sun ONE (Open Network Environment) Application Server and IDE, but the general approach can be easily adapted to other J2EE implementations... While Web services ease the building of client-server systems, monitoring service quality is a significant problem. Consider a client application that submits a transaction on a user's behalf. A business transaction usually involves several Web service calls: an initial call to submit a work item, subsequent calls to check for completion, and a final call to get the result. Each call is a distinct HTTP/SOAP (Simple Object Access Protocol) exchange. Put yourself in the position of an IT department responsible for monitoring server load and forecasting future needs. The fundamental question you must answer is, 'How well am I serving my clients now, and what will I need to serve them in the future?' Answering this question is difficult if you have only HTTP logs. Clients care about transactions, but since each transaction consists of several HTTP requests, the best you can do to estimate service quality is to develop custom data-mining software that cursors through HTTP logs and builds a model of user transactions. Even so, the information you have is still limited because it can't reflect network transport or client application overhead. This article's key idea is that transaction service quality is best measured by the client. The approach adopted here allows the client to record actual transaction response times. A client application uploads response time reports to the server by appending them to the next up-bound transaction request. The server strips off these attachments and queues them for storage and offline analysis... This approach can be used to measure accurate response times from the perspective of a client application. The implementation is lightweight. No new network traffic is needed between the client and the server. Metrics payloads are queued for low-priority logging, so server resources can be reserved for application processing..."

  • [September 30, 2003] "Is New Office 2003 Suite Worth the Upgrade?" By Mario Morejon, Vincent A. Randazzese, and Michael Gros. In CRN (September 25, 2003). "Microsoft Office 2003 is slated to launch Oct. 21, and it's already available to volume buyers. But one question looms -- the same question, in fact, that hovers over every Microsoft release. Is the upgrade really worth it? ... One of the most significant developments in Office 2003 is the use of embedded XML throughout, which makes the suite an excellent developer's tool and allows data to be shared easily among applications and users. Developing department-level applications has never been easier now that Microsoft has introduced InfoPath 2003, a client-driven XML form editor that integrates with XML-driven data sources in a variety of ways. InfoPath can query XML-driven databases and has a database wizard that ports Access 2003 tables and converts them into XML forms. The tool also preserves database schemas, so users don't have to reinvent the wheel when integrating their database-driven applications. In the case of SQL Server, database connections are driven via OLE DB... Web services, too, can tie into InfoPath as long as they're discoverable via UDDI, and the UDDI lookup can be done without any coding. But InfoPath isn't perfect yet. SQL joins can't be used because primary keys generated in Access cannot be replicated nor created outside the Access environment. Essentially, a many-to-one relationship violation can occur between tables, and conversion of Access forms into InfoPath forms is not yet always possible. Also, InfoPath chokes up when handling repeating fields in Access forms. As for FrontPage 2003, it's much improved and should no longer be considered an HTML editor for novice users. Test Center engineers predict that the program will now give Macromedia Dreamweaver a run for its money. Users can create XML data-driven Web sites in four easy steps and publish them to Micosoft SharePoint Services sites with little understanding of XML or XSLT. Data inside XML files are kept live because XML files are not copied into the pages but are linked to databases instead. Web services also work well with FrontPage, but they have to be published to a catalog before data can be pulled from them. Users can hook up a Web service to a FrontPage site easily--in just four--steps. Another impressive FrontPage feature is the conditional formatting task pane, which controls what is viewable on a page. Users can determine what's viewable by highlighting content and determining what data can be put on a page based on field values in a conditional query. No coding is required to do this..."

  • [September 30, 2003] "RFID Ripples Through Software Industry. Sun, SAP, Oracle, IBM Integrate RFID Data Into Mainstream Applications." By Ephraim Schwartz. In InfoWorld (September 26, 2003). "Big name vendors including Sun, SAP, Oracle, and IBM have caught the RFID (Radio Frequency Identification) buzz. Spurred in part by a WalMart edict that requires suppliers to tag all shipping cases and palettes with RFID by 2006, the vendors are rewriting their enterprise applications to integrate RFID data.... 'Walmart's marching orders are heard across the industry,' said Joshua Greenbaum, principal, Enterprise Applications Consulting. The changes on queue include RFID extensions to Oracle's database and application server and SAP R3 applications, higher-level integration of RFID with Sun's SunOne integration platform, and integration with IBM's DB2 Information Integrator to facilitate the handoff of data from RFID readers to enterprise applications. Most industry analysts argue that RFID tagging is a transformational development that will ultimately change the way businesses plan, price, distribute, and advertise products. But for the present, enterprise application vendors are extending their products to handle an expected boom in RFID data. Until now, a bar coded item used to sit on a retail shelf and did not generate any data until it was scanned by a bar code reader. And then the data was read only once. RFID, on the other hand, is a passive technology that does not require human interaction to scan. A reader can extract location and product description data from a tagged item every 250 milliseconds. Some readers are capable of reading data from 200 tags per second. The result is a data increase of more than one thousand times above traditional scanning methods. In response, Sun Microsystems is developing a middleware product to manage the influx of RFID data to filter out noise and duplicate data, according to Solutions Product Architect Sean Clark. Currently in its pilot phase and commercially available by first quarter 2004, Sun's middleware will comply with Savant, an industry standard for this aspect of RFID filtering. 'Savant acts as the buffering layer between readers and enterprise applications,' Clark said. In addition, Sun is writing a software component that will implement its version of the RFID industry standard EPC (Electronic Product Code) Information Service..." See "RFID Resources and Readings."

  • [September 30, 2003] "What's Next for SQL Server?" By Lisa Vaas. In eWEEK (September 26, 2003). "Users demanded SQL Server bond tighter with Visual Studio .Net, and Microsoft Corp. has since heeded the call, putting into beta testers' hands a version that opens the database up to .Net-compliant languages. The next version of SQL Server, code-named 'Yukon,' was originally slated for a spring 2004 release. That deadline was pushed out to the second half of next year after customers said they expected Yukon to fit hand-in-glove with the next version of .Net, code-named Whidbey. The Yukon beta was released in July to some 2,000 customers and partners. eWEEK recently talked with Microsoft Group Product Manager Tom Rizzo to find out how the .Net integration that customers demanded, along with upcoming features such as native XML and Web Services support, will benefit enterprises." [Rizzo:] "From the data level, we have things like native XML support. You take data from SQL Server, put it into XML format and ship it to anything that understands XML, such as Oracle has some XML support, and [IBM's DB2 database]. XML is ultimate interoperability -- it's an industry-standard format, and it's self-describing. You know both the schema of the data as well as the data itself. You don't lose the context when you pass your data around. We upped the level of XML support in Yukon through a number of things. In 2000 we had XML support but -- it was shredding. (Shredding is the parsing of XML tag components into corresponding relational table columns.) In Yukon the key thing is we have an XML type. Like you have STRING and NUMBERS and all that inside the database, now you can declare with the native data type XML. Although we had XML support in 2000, and many leveraged it and were happy with it, now we have native support... One reason we [moved to a native data type for XML] it is to support XQuery. Also to support XQuery we had to build code so as to combine XML with relational query language. You can take the relational sorts of queries you're used to in the database world, where people select things from tables with filters on that data. You can combine XQuery statements with such relational queries..." See also "XML and Databases."

  • [September 30, 2003] "Web services Players Push Management Barrow. Actional, AmberPoint, Empirix Separately Unveil Wares." By Paul Krill. In InfoWorld (September 29, 2003). "Web services vendors Actional, AmberPoint, and Empirix this week will attempt to improve Web services management capabilities with a host of product releases... AmberPoint is unveiling Exception Manager for resolving operational and business exceptions in Web services systems, while Empirix is bolstering testing and monitoring with its e-Test suite 6.8 and OneSight 4.8. For its part, Actional will announce its SOAPstation Edge XML firewall software and MyServicesPortal dashboard for monitoring Web services activity and service-level agreement compliance. Actional's SOAPstation Edge enables Web services management to be conducted outside a firewall by extending the brokering capabilities of the company's SOAPstation product. An add-on product to SOAPstation, SOAPstation Edge, reduces redundant processing in SOAP messages, providing XML firewall capabilities and processing of messages and management policy in a single message passage, said Dan Foody, CTO at Actional. MyServicesPortal provides a portal for both technical and non-technical persons to examine factors such as how a service network affects a particular customer, said Foody. Users can customize their views of the management system. Service Stabilizer identifies and corrects undesirable operating conditions in Web services and services-based applications before they become problems, according to Actional. For example, Service Stabilizer can detect if a network is overloaded, Foody said... AmberPoint Exception Manager is intended to detect and resolve distributed business exceptions in Web services systems, ranging from simple data entry errors to complex faults, the company said. It enables businesses to react more quickly to operational and business contingencies and minimize inefficiencies... Empirix will announce new Web services monitoring capabilities for its e-Test suite and OneSight products. The products feature a script wizard to simplify scripting needed to test and monitor Web services, the company said. This capability is added in Version 6.8 of the e-Test suite and Version 4.8 of OneSight. The e-Test product is used prior to launching applications while OneSight is used to manage and monitor applications in production, according to Joe Alwen, vice president of marketing at Empirix..."

  • [September 30, 2003] "AmberPoint Introduces Distributed Web Services Exception Management Solution." From CBDi Newswire (September 30, 2003). "Using AmberPoint Exception Manager, enterprises can react to operational and business contingencies, minimize inefficiencies and reduce the costs of maintaining their Web services environments. Due to its distributed, agent-based architecture, AmberPoint Exception Manager is able to detect and resolve distributed exceptions, where the clues to the condition reside in multiple messages. AmberPoint Exception Manager provides capabilities for managing exceptions in distributed Web services environments. In addition to providing visibility into hard-to-resolve operational errors, the solution also handles exceptions that have business impact. For example, if a customer were to place a large order that could not be fulfilled, AmberPoint Exception Manager can alert the appropriate business manager to resolve the situation before the customer encounters the problem... Where Amberpoint is moving the goalposts with it's Exception Manager is in recognizing the potential complexity inherent in Web Services. Amberpoint is providing what you might regard as in-flight diagnostic capabilities that allow intelligent response to both business and technical problems. The starting point for the Exception Manager is that in distributed (and particularly federated) systems, it is likely to be commonplace that whilst the symptom of a problem may be obvious, the root cause may not... Amberpoint provides quite sophisticated exception management capabilities including: in-flight message comparison (prior to current, incorrect to working); filtering of messages dependent on a variety of conditions; filtering and identification of specific message combinations; pattern recognition; creation of data for drill down; allowing real time data correction and value update... The Exception Manager tool is interesting because it will be of particular value in the final stages of testing as well as in production and it demonstrates that Amberpoint is getting real world feedback that they are feeding into the product..."

  • [September 30, 2003] "Object-Oriented Database Field Shrinks Again." By Lisa Vaas. In eWEEK (September 29, 2003). "In a deal worth $26 million, object-oriented database companies Versant Corp. and Poet Holdings Inc. are merging, Versant officials have announced... Versant will swap 1.4 shares of Versant Common Stock for each Poet share. The Versant stock that will be given to Poet shareholders represents about 45 percent of outstanding shares. The move was unanimously approved by both companies' boards of directors but is subject to approval from the Securities and Exchange Commission and from shareholders. Such a merger is unsurprising in what International Data Corp. analyst Carl Olofson has deemed a saturated market for object-oriented databases. The market consists of consumers of very complex data, such as media content and scientific and technical applications... In a statement, Versant officials said the two companies will work on software that delivers storage, integration, analysis and the ability to act on real-time data. Poet's object database, Fast Objects, is used in embedded applications. Versant's object database, VDS, in used in high-performance, large-scale, real-time applications. The merged technologies will be designed to manage real-time, XML, and other hierarchical and navigational data, according to officials... The acquisition is important to Versant as it pursues the emerging technology of JDO (Java Data Objects), Chandra said. The JDO API is used to directly store Java domain model instances into databases. JDO allows developers to create a universal way of accessing data and thus the ability to choose databases from major or minor database vendors such as Oracle Corp, Sybase Inc., Versant or Poet, without the need to make code changes..." General references in "XML and Databases."

  • [September 30, 2003] "Opinion: Shakeout Looms in Web Services Management." By James Kobielus. In Computerworld (September 25, 2003). "Web services management (WSM) is one of the most innovative sectors in today's IT industry. Despite the general economic slump, dozens of start-ups have ventured into the WSM market over the past few years. Consequently, enterprise customers can choose from many sophisticated tools for managing their complex Web services middleware environments. WSM is no passing fad. WSM tools address a growing need in today's Web-oriented e-business environment. They help companies ensure that the performance, reliability, availability and security of Web services environments continue to comply with service-level agreements and quality-of-service requirements. By contrast, traditional IT management tools can't monitor the end-to-end performance, availability, reliability and security of Web services environments. Typically, organizations deploy management tools associated with particular application, server and network environments. This explains why companies turn to WSM for a holistic view of service performance, as well as invest in enterprise management frameworks from Computer Associates International (CA), Hewlett-Packard (HP), IBM Tivoli and other strategic vendors... But today's WSM market is overcrowded and due for a serious shakeout. Start-ups are having a tough time establishing WSM as a separate market from IT management tools. WSM tools don't eliminate the need for traditional management tools that focus on particular applications, systems and network environments. You can't optimize Web services if you don't have the tools for viewing and fixing problems that originate in the underlying infrastructure. Sensing an opportunity to strengthen their competitive positions, management vendors are adding WSM features to their offerings. Others are bootstrapping themselves into the WSM market through strategic acquisitions. We see evidence for the latter trend in CA's recent acquisition of Adjoin and HP's announcement of its intention to buy Talking Blocks. Over the next several years, traditional IT management vendors will dominate the WSM market as they leverage their established customer bases and product families. Likewise, vendors of application servers, integration brokers, operating environments and other Web services platforms will embed WSM features in their offerings..." See OASIS Web Services Distributed Management TC.

  • [September 30, 2003] "Integrating Services with XSLT." By Will Provost. From O'Reilly WebServices.XML.com (September 30, 2003). "For all the magic that XML, SOAP, and WSDL seem to offer in allowing businesses to interoperate, they do not solve the more traditional problems of integrating data models and message formats. Analysts and developers must still plod through the traditional process of resolving differences between models before the promise of XML-based interoperability is even relevant. Happily, there's more magic out there: having committed to XML, companies can take great advantage of XSLT to address integration problems. With XSLT one can adapt one model to another, which is a tried-and-true integration strategy, implemented in a language optimized for this precise purpose. In this article I'll discuss issues and techniques involved in bringing XSLT into web service scenarios and show how to combine it with application code to build SOAP intermediaries that reduce or eliminate the stress between cooperating data structures... XSLT can make many annoying integration problems go away and with relatively low effort at that. We remember that almost all integration issues will require bidirectional transformation. That is, data that's transformed on its way in, and perhaps stored somewhere, will eventually be requested and sent back out, and it will have to look right to the requester. Form is not the only problem here. It is important to avoid the trap of inbound transformations that produce redundant results for different inputs. In other words, there must be a one-to-one mapping between the external and internal value spaces. Precisely preserving information is key to service adaptation, and this is not always so simple.. As wonderful as XSLT is, it's not designed to solve all possible transformation problems. Generally, it's strong on structural work using node sets and progressively weaker working with single values and their components. String arithmetic, algorithms, and math are notable weak points..." See related resources in "Extensible Stylesheet Language (XSL/XSLT)."

  • [September 30, 2003] "Data Visualization Tools Emerge. Antarctica Systems, Others Help Relay Complex Information." By Cathleen Moore. In InfoWorld (September 29, 2003). "Data visualization is back on the map as a host of emerging vendors unveil products designed to help enterprises analyze reams of information. Antarctica Systems is unwrapping Version 4.0 of its Visual Net software designed to present map-based visual representations of complex data from sources such as databases, BI tools, and ERP applications. The real pain point in applications and data stores is at the UI level, said Tim Bray, founder and CTO of Antarctica Systems. In fact, tools such as BI typically suffer low adoption rates because of their complexity. 'What got everyone using computers is the advent of the GUI,' Bray said. 'We are a GUI for information spaces.' Visual Net 4.0 adds a visual configuration wizard that allows users to point and click to hook up back-end data records to the display front end. In addition, added support for DHTML brings a cleaner, more compelling user interface, Bray said. TheBrain Technologies recently released a Lotus Notes Connector Version 1.0 for its BrainEKP (Enterprise Knowledge Platform), which provides a relational, visual interface for multiple data repositories. The connector allows users to see a graphical representation of Lotus Notes information in the context of company projects, customer accounts, and business processes. Next month Mindjet will add XML support to its MindManager X5 Pro mapping and collaboration software. MindManager creates visual representations of the thinking and planning stages of the collaborative process..." See also the Visual Net 4.0 announcement: "Antarctica Systems Announces Visual Net 4.0. Maximizing Information Display to Reveal Clarity, Truth in Data."

  • [September 30, 2003] "Developers Show Their Independent Streak, Favoring Web-Based Apps." By Eric Knorr. In InfoWorld (September 26, 2003). "Software behemoths are trying to sell programmers on elaborate new paradigms; but as our survey results show, many programmers aren't buying. Web applications rule the enterprise. That's the indisputable conclusion to be drawn from this year's InfoWorld Programming Survey. Despite imperitives from Microsoft and others that developers abandon server-based HTML apps for fat desktop clients, the ease of 'zero deployment' through the browser continues to win the day. To build those Web apps, significant numbers of programmers favor such humble scripting languages as VBScript and Perl. Contrary to the hype that says Microsoft .Net and the Java elite have a lock on the programming world, many developers have settled on cheaper (and often faster) ways to build the Web applications they need to build. Click for larger view. Responses gathered in August come from a group of 804 programmers and their managers. Our survey mirrors trends identified by such research companies as IDC, Gartner, and Forrester... Our respondents aren't afraid of new technology, either. A robust 51 percent say that Web services are part of their server development and 52 percent are employing XML or object-oriented databases. At a solid 40 percent, the uptake on .Net should warm Microsoft's heart, considering that the .Net Framework officially launched only 18 months ago. Adoption of Microsoft's Java-like C# was somewhat less impressive at 22 percent, though still respectable for a new programming language... The war between guerilla and IT-sanctioned technology has persisted since the first PC slipped in the back door of a big corporation. But there's one thing nearly everyone can agree on: Nobody wants to write it twice if they don't have to. In our survey, when asked what the biggest obstacle to reusing software is, only 10 percent say programmer disinclination... No matter what languages or tools they use, developers of all stripes are feeling the heat from the business side to respond quickly to business needs. At the high end of application development, Web services and the movement toward SOA (service-oriented architecture) promise to deliver application components that can be recombined ad infinitum with minimal development time. But analysts agree that enterprise adoption of SOA will take many years. Meanwhile, programmers are finding their own way, often using simple scripting tools, to develop the Web applications they need fast..."

  • [September 30, 2003] "Sun Expands Push For Auto-ID." By Matt Villano. In InternetNews.com (September 19, 2003). "Already a major player in the Auto-ID market, Sun Microsystems this week announced an initiative for delivering the hardware, software and services that enable enterprises to link into the Elecronic Product Code (EPN) Network. The announcement coincided with news that the Santa Clara, Calif.-based services firm is creating a new Auto-ID business unit to work to develop and deliver a standards-based Auto-ID/EPC solution down the road. Sun's announcement came just weeks after retail giant Wal-Mart aired a mandate for its suppliers to become EPC compliant by Jan. 1, 2005. According to Jonathan Schwartz, executive vice president for Sun Software, the Sun initiative will help Wal-Mart suppliers and other enterprises integrate real-time supply chain data seamlessly into their existing business processes and enterprise assets, enabling companies to not only meet these new requirements but exceed them... As Schwartz explained it, the technology behind Sun's Auto-ID effort will be similar to the technology behind Radio Frequency Identification (RFID) tags, the microscopic chips that some companies and retailers have considered for security and tracking purposes of clothes and electronics. This kind of EPC technology helps make the supply chain more efficient, safe, and secure by tracking goods every step along the way, reducing threats of counterfeiting, tampering, and terrorism, while increasing compliance with industry and shipping regulations. More specifically, Sun said its software will deliver a dynamic federated service architecture that emphasizes reliability, availability and scalability (RAS) for Auto-ID pilots and deployments. The proposed solutions also will include lifecycle services to maximize the value of Auto-ID deployments, helping customers proactively architect, implement, and manage IT operations in heterogeneous environments. According to Julie Sarbacker, who will head the new Auto-ID business at Sun, most of the company's EPC offerings will be delivered through the Solaris OE and Linux-based hardware platforms, setting the stage for transparent integration into the EPC Network..." The datasheet says that Sun's EPC initiative highlights an architecture "designed around Auto-ID standards such as EPC, Savant System Interface, Object Name Service (ONS), and Physical Markup Language (PML) supply chains with applications that address counterfeiting, tampering, terrorism, and regulatory compliance..." See: (1) Sun Auto-ID home; (2) the announcement, "Sun Microsystems Announces Vision and Initiative for Enterprise Auto-ID/EPC Deployments. Newly Formed Sun Business Leads Auto-ID/EPC Product and Market Development Efforts." General references in "Radio Frequency Identification (RFID) Resources and Readings."

  • [September 29, 2003] "OAI-Rights White Paper." By Carl Lagoze (Cornell University Information Science), Herbert Van de Sompel (Los Alamos National Laboratory), Michael Nelson (Old Dominion University Computer Science), and Simeon Warner (Cornell University Information Science). From the Open Archives Initiative. September 26, 2003. "The Open Archives Initiative Protocol for Metadata Harvesting (OAI-PMH) has become an important foundation for interoperability among networked information systems. It is widely used in a variety of domains including libraries, museums, government, and research. Like any vehicle for exchanging information, the OAI-PMH exists in a context where information holders have concerns about rights to the use of their information. Although the OAI-PMH is nominally about the exchange of metadata, this does not lessen the complexities of rights-related issues: The distinction between content (data) and metadata is fuzzy at best, especially vis-à-vis intellectual property, and many providers are justifiably wary about uncontrolled reuse of rich metadata that represents a significant intellectual effort. Since the only technical restriction on data exchanged via OAI-PMH is that it must use XML encoding, it is entirely feasible to use the protocol for transmission of content itself. Since the primary reason for making metadata available via OAI-PMH is usually eventual access to the resource described by the metadata, guidelines and frameworks for expressing rights to that resource are in the scope of the protocol. As a result of these issues, discussion of rights and their relationship to the OAI-PMH have been frequent throughout work on the protocol. This paper is intended as a foundation for work aimed at incorporating structured rights expressions into the OAI-PMH. This work will be undertaken by a technical group called OAI-rights, and will result in a set of OAI-PMH guidelines scheduled for release in second quarter 2004... This paper examines issues and suggests alternatives for the incorporation of rights expressions in the OAI-PMH along three dimensions: (1) Entity association, which covers the association of rights expression with metadata and data (resources). (2) Aggregation association, which covers whether rights expressions can be associated with entities in the OAI-PMH that group other entities. (3) Binding, which covers where rights expressions are placed in protocol responses..." See details in the 2003-09-26 news story: "RoMEO and OAI-PMH Teams Develop Rights Solution Using ODRL and Creative Common Licenses."

  • [September 25, 2003] "Patent Politics." By Paul Festa. In CNET News.com (September 25, 2003). "During a recent meeting held at Macromedia's San Francisco headquarters, Silicon Valley companies asked a familiar question: What to do about Microsoft? But the strategy event, sponsored by the World Wide Web Consortium, differed significantly from so many others, at which participants have typically gathered to oppose the software giant's power. This time, Microsoft was the guest of honor. 'There's no doubt that there are some people who are happy to see Microsoft get nailed for anything,' said Dale Dougherty, a vice president at computer media company O'Reilly & Associates. 'But for those of us who are part of the Web, we wanted the browser to be on every desktop. And if it has to be a Microsoft browser, OK.' What a difference a patent suit makes. With one staggering loss at the hands of a federal court jury in Chicago, Microsoft has won the support -- if not the sympathy -- of nearly the entire software industry, from standards organizations to corporate rivals that are rushing to defend the company's Internet Explorer browser... the [court] verdict is increasingly interpreted as a potentially crushing burden on the Web, threatening to force significant changes to its fundamental language, HTML. Microsoft's competitors fear that Eolas' lawyers will target them next, and its partners -- such as Macromedia and Sun Microsystems -- worry that an enjoined IE browser would be prohibited from running their software plug-ins without awkward technology alternatives. The result has been a complex shift of industry dynamics that has turned many traditional alliances and rivalries upside down, prompting long-suffering competitors in the browser market to side with archrival Microsoft. At the same time, as the Eolas case has progressed, critics have portrayed company founder and sole employee Mike Doyle as an opportunist, despite his claims to be acting on behalf of the Web against a rapacious captor... Microsoft might still pull out a victory at the appellate level. Moreover, even if Eolas' patent is upheld, the rest of the software industry may very well go with Microsoft's workarounds rather than face the prospect of abandoning development for the universally distributed IE... Given the daunting odds in any challenge to Microsoft, Doyle believes that his struggle exceeds biblical proportions. He said the often-cited comparisons to David and Goliath don't go far enough in conveying the ambition and travails of his quest, which he believes could reverse Microsoft's victory in the so-called browser war and break its control over much of the digital world... 'We're no big fan of Microsoft, but I'm a big fan of the Web,' said Dougherty, who is in charge of online publishing at O'Reilly and testified on behalf of Microsoft in its recent patent trial. 'What worries people is that this is the first successful patent offense on the Web, and lots of other things could be coming.' The prospect of having such a basic necessity as running plug-ins subject to the whim of Eolas has the industry in a near panic -- not least among those organizations whose rules restrict or ban the use of patented technologies, such as open-source browser makers and the W3C. Groups that advocate software that has open-source code say their licenses prohibit them from including patented technologies. The W3C in March reaffirmed its opposition to the use of royalty-encumbered technologies, after a lengthy public battle that ended in a near-ban. 'We have experience and proof that the specter of a fee stops standards development cold,' W3C representative Janet Daly said. 'It doesn't even have to be a firm guarantee. All you need is a little bit of fear, uncertainty and doubt that a developer is going to be slapped with a licensing fee, and the developer will leave that technology alone'..." See: (1) the W3C news item from 2003-09-23, "W3C Launches HTML Patent Advisory Group" with the PAG FAQ, Home Page, and Charter; (2) the news story of August 28, 2003: "W3C Opens Public Discussion Forum on US Patent 5,838,906 and Eolas v. Microsoft"; (3) general references in "Patents and Open Standards."

  • [September 24, 2003] "Grab Headlines From a Remote RSS File. Retrieve Syndicated Content, Transform It, and Display the Result." By Nicholas Chase (President, Chase & Chase, Inc). From IBM developerWorks, XML zone. September 23, 2003. ['In this article, Nick shows you how to retrieve syndicated content and convert it into headlines for your site. Since no official format for such feeds exists, aggregators are often faced with the difficulty of supporting multiple formats, so Nick also explains how to use XSL transformations to more easily deal with multiple syndication file formats.'] "With the popularization of weblogging, information overload is worse than ever. Readers now have more sites than ever to keep up with, and visiting all of them on a regular basis is next to impossible. Part of the problem can be solved through the syndication of content, in which a site makes its headlines and basic information available in a separate feed. Today, most of these feeds use an XML format called RSS, though there are variations in its use and even a potential competing format. This article explains how to use Java technology to retrieve the content of a syndicated feed, determine its type, and then transform it into HTML and display it on a Web site. This process involves five steps: (1) Retrieve the XML feed; (2) Analyze the feed; (3) Determine the proper transformation; (4) Perform the transformation; (5) Display the result. This article chronicles the creation of a Java Server Page (JSP) that retrieves a remote feed and transforms it using a Java bean and XSLT, and then incorporates the newly transformed information into a JSP page. The concepts, however, apply to virtually any Web environment... The application uses a DOM Document to analyze the feed and determine the appropriate stylesheet, but you can further extend it by moving some of that logic into an external stylesheet. You can also adapt the system so that it can pull more than one feed, perhaps based on a user selection, with each one creating its own cached file. Similarly, you can enable the user to determine the interval between feed retrievals..." See general references in "RDF Site Summary (RSS)."

  • [September 24, 2003] "ISO to Require Royalties?" By Kendall Clark. From XML.com (September 24, 2003). ['Kendall Clark on the ISO's proposal to charge for using their country codes.'] "It has come to the attention of the W3C, as well as various other communities, that the ISO is thinking about imposing licensing fees for the commercial use of several of its standards, including 3166, the one which establishes country codes, as well as ISO 639 and ISO 4217, which establish language and currency codes, respectively. [In this] article I provide some background to the present controversy as well as sample the reaction of web and other internet developers and development communities... ISO, rather than taking a step forward to make possible wider access to its standards, is taking the opposite tack. It's considering requiring license fees be paid for the commercial use of the information contained in ISO 639, 4217, and 3166... It's not clear how far reaching this requirement might be. Would it require my Linux distribution maker to pay a fee for selling a CD that contains software, like the Python language and libraries, which uses ISO identifiers? What about all of the Web software, both client and server, which uses language and country codes extensively? The W3C's XML Recommendation makes reference to ISO 639 and 3166. Does that mean any product which uses an XML parser owes the ISO a fee? At least three important institutions have responded to perceived change in the ISO's licensing policy: the W3C, the Unicode Technical Committee, and INCITS... Does the ISO need a reliable means of funding? Absolutely. But it needs, at least in my view, a way which is independent of selling, at least at such exorbitant rates, its standards themselves. If it's a truly global standards body, it should be able to find funding from the UN (which might be able or more inclined to fund ISO if the US would pay its delinquet UN dues), from wealthy western nations (why not, since the G7 benefits the most from the ISO's work?), and even from philanthropically-minded individuals and corporations. However, some things which the ISO has standardized -- and language, currency, country identifiers, as well as date-time representations, are among those things -- should be put immediately into the public domain. Some of its standards are simply too crucial and too much in the public trust to be tied in any way to the ISO's revenue model..." See other details in "Standards Organizations Express Concern About Royalty Fees for ISO Codes."

  • [September 24, 2003] "Secure, Reliable, Transacted Web Services: Architecture and Composition." By Donald F. Ferguson (IBM Fellow and Chairman; IBM Software Group Architecture Board) Tony Storey (IBM Fellow), Brad Lovering (Microsoft Corporation Distinguished Engineer), and John Shewchuk (Microsoft Web Services Architect). With credits to 66 contributors. In Microsoft MSDN Library (September 2003). "The basic set of Web service specifications enables customers and software vendors to solve important problems. Building on their success, many developers and companies are ready to tackle more difficult problems with Web service technology. The very success of Web services has led developers to desire even more capabilities from Web services. Since meaningful tool and communication interoperability has been successful, developers now expect the enhanced functions to interoperate. In addition to basic message interoperability and interface exchange, developers increasingly require that higher-level application services interoperate. Many commercial applications execute in an environment ('middleware' or 'operating systems') that provide support for functions like security and transactions. IBM, Microsoft, and others in the industry are often asked to make Web services more secure, more reliable, and better able to support transactions. In addition we are asked to provide these capabilities while retaining the essential simplicity and interoperability found in Web services today. This paper provides a succinct overview for the set of Web service specifications that address these needs. For the details of the specifications we provide references to the actual documents. The main purpose of this paper is to briefly define the value these specifications provide to our customers. We also describe how these specifications complement each other to compose robust environments for distributed applications. We face a key engineering challenge: How do we give Web services new security, reliability, and transaction capabilities without adding more complexity than needed? ... IBM, Microsoft, and our partners are developing Web service specifications that can be used as the building blocks for a new generation of powerful, secure, reliable, transacted Web services. These specifications are designed in a modular and composable fashion such that developers can utilize just the capabilities they require. This 'component-like' composability will allow developers to create powerful Web services in a simple and flexible manner, while only introducing just the level of complexity dictated by the specific application. This technology will enable organizations to easily create applications using a Service-Oriented Architecture (SOA). Furthermore, IBM and Microsoft have demonstrated secure, reliable, transacted SOA applications that illustrate the richness of the business processes that can be created using this approach. Moreover, these demonstrations have been operating in a federated security environment on a heterogeneous environment consisting of IBM WebSphere and Microsoft .NET software. We anticipate that these Web Service technologies will be available in operating systems, middleware, with tools that will make it even easier for developers to use these technologies..." General references in "Web Services Implementation."

  • [September 23, 2003] "Experiences with the Enforcement of Access Rights Extracted from ODRL-Based Digital Contracts." By Susanne Guth [susanne.guth@wu-wien.ac.at], Gustaf Neumann, and Mark Strembeck (Department of Information Systems, New Media Lab, Vienna University of Economics and BA, Austria). Prepared for presentation at DRM 2003, October 27, 2003, Washington, DC, USA. 13 pages (with 38 references). "In this paper, we present our experiences concerning the enforcement of access rights extracted from ODRL-based digital contracts. We introduce the generalized Contract Schema (CoSa) which is an approach to provide a generic representation of contract information on top of rights expression languages. We give an overview of the design and implementation of the xoRELInterpreter software component. In particular, the xoRELInterpreter interprets digital contracts that are based on rights expression languages (e.g. ODRL or XrML) and builds a runtime CoSa object model. We describe how the xoRBAC access control component and the xoRELInterpreter component are used to enforce access rights that we extract from ODRL-based digital contracts. Thus, our approach describes how ODRL-based contracts can be used as a means to disseminate certain types of access control information in distributed systems... A contract typically represents an agreement of two or more parties. The contract specifies rights and obligations of the involved stakeholders with respect to the subject matter of the respective contract. Contracts in the paper world can be tailored to meet the needs of a specific business situation or to fit the requirements of individual contract partners. In principle, the same is true for digital contracts as they can be used in the area of digital rights management for example. Most often digital contracts are defined using special purpose rights expression languages (REL) as ODRL, XrML, or MPEG 21 REL for instance. In this connection one can differentiate between the 'management of digital rights' and the 'digital management of (arbitrary) rights'. We especially focus on contracts that contain information on digital rights, i.e., rights which are intended to be controlled and enforced in an information system via a suitable access control service -- in contrast to rights which are enforced by legislation or other 'social protocols'... In Section 2 we give an overview of the abstract structure of digital contracts. We especially describe how information within a digital contract is encapsulated in different contract objects. Section 3 then summarizes the contract processing procedures performed by a contract engine. Subsequently, Section 4 introduces the generalized contract schema CoSa and the software components we used to implement our system, before Section 5 shows how ODRL-based digital contracts are mapped to a runtime CoSa object model. Next, Section 6 describes the initialization of the xoRBAC access control service via a mediator component and the subsequent enforcement of the corresponding access rights. Section 7 gives an overview of related work, before we conclude the paper in Section 8..." See also: (1) Open Digital Rights Language (ODRL) Initiative website; (2) ODRL International Workshop 2004; (3) local references in "Open Digital Rights Language (ODRL)"; (4) general references in "XML and Digital Rights Management (DRM)."

  • [September 23, 2003] "Update: European Parliament Votes to Limit Scope of Software Patents. Issue Still Must be Debated by European Union Member States." By Paul Meller. In InfoWorld (September 24, 2003). "The European Parliament voted in favor of a law that goes some way toward limiting the scope for patents on software programs Wednesday. With 364 voting in favor, 153 against, and 33 abstentions, members of the European Parliament (MEPs) appear to have ignored heavy lobbying from both extremes in the debate by opting for a compromise solution. The Parliament was considering changes to the original text published by the European Commission (EC), the executive branch of the EU. Most of the changes were designed to tighten up the wording of the law to make it harder for people to obtain patents. For example, the MEPs agreed to an amendment which outlaws the patenting of algorithms. Another accepted amendment explicitly outlaws the patenting of business methods, such as the 'one-click' online shopping technique patented in the U.S. by Amazon.com. 'Inventions involving computer programs which implement business, mathematical or other methods and do not produce any technical effect beyond the normal physical interactions between a program and the computer, network or other programmable apparatus in which it is run, shall not be patentable,' the amendment read. This is the first of two votes on the software patent directive in the European Parliament. Before casting their ballots again, the directive, including the amendments agreed on by the MEPs Wednesday, will be debated by ministers from the 15 EU state governments... MEP Arlene McCarthy, a U.K. member of the Socialist Party, said the Parliament has sent a clear message: 'We do want strict limits on patentability of software. All the amendments that were adopted were in this direction,' she said. 'We have effectively rewritten the directive.' McCarthy led the debate when the bill was being discussed at committee stage in the Parliament and also drew up the amendments to be considered at this week's plenary session of the body. She said, however, that she expects the text supported by the Parliament today to be rejected by the 15 member state governments and by the directive's original author, the European Commission..." See: "Patents and Open Standards."

  • [September 23, 2003] "W3C Investigation Begins on HTML Standard." By Matt Hicks. In eWEEK (September 23, 2003). "The ramifications of the recent Web browser patent verdict against Microsoft Corp. could strike at the heart of the Web's common language -- HTML. The World Wide Web Consortium (W3C) is investigating whether the claims in the patent infringement lawsuit brought by Eolas Technologies Inc. and the University of California could require changes to both the current and future HyperText Markup Language specifications, W3C officials said on Tuesday. Eolas in its lawsuit has claimed that Microsoft infringed on its patent of technology which allows for the embedded applications within Web pages such as applets and plug-ins. Microsoft has disputed the claims and has promised to appeal a $521 million jury verdict handed down in August. Eolas' attorney also has said that the patent could apply to a broad range of Web technology. The W3C is forming a patent advisory group that will decide whether to recommend changes to HTML and could also call on the full standards body to conduct a formal legal analysis of the patent. 'This is a serious issue,' said Philipp Hoschka, W3C deputy director for Europe who also oversees HTML activities. 'As you know, we have tried for our specifications to be royalty free.' Hoschka wouldn't specify what portions of HTML the patent might affect. Determining whether any tags or HTML specifications fall within the patent's claims would be the HTML patent advisory group's role, he said. W3C patent advisory groups typically are formed to avoid royalties as the standards body develops technical specifications and usually involve the W3C member making patent claims, W3C spokeswoman Janet Daly said. In this case, the group will be working without the participation of the patent holder... Beyond suggesting changes to HTML, the advisory group also could become involved in the ongoing debate concerning 'prior art' -- a legal term in patent law referring to whether an invention existed prior to the filing of a patent. Hoschka declined to say whether any investigation into the existence of prior art could also lead to the W3C becoming more directly involved in the patent lawsuit. The W3C has sought legal opinions concerning prior art before. In 1999, it concluded after a yearlong examination that the then-proposed Platform for Privacy Preferences (P3P) standard for Web privacy did not infringe on an existing patent. Earlier this month, Lotus Notes creator Ray Ozzie had claimed in Microsoft had made prior art arguments during the trial and is expected to use that argument in an appeal..." See: (1) the W3C news item from 2003-09-23, "W3C Launches HTML Patent Advisory Group" with the PAG FAQ, Home Page, and Charter; (2) the news story of August 28, 2003: "W3C Opens Public Discussion Forum on US Patent 5,838,906 and Eolas v. Microsoft"; (3) general references in "Patents and Open Standards."

  • [September 23, 2003] "Eolas Suit May Spark HTML Changes." By Paul Festa. In CNET News.com (September 19, 2003). ['The World Wide Web Consortium is on the verge of forming a patent advisory group in response to the Eolas patent suit. Fallout from Eolas' patent victory over Microsoft threatens to hit Web developers and HTML itself.'] "As anxiety builds throughout the Web over the patent threatening Microsoft's Internet Explorer browser, the Web's leading standards group is considering modifying the medium's lingua franca itself, HTML, to address the same threat. The World Wide Web Consortium (W3C) is on the verge of forming a patent advisory group, or PAG, in response to the Eolas patent suit, according to sources close to the consortium. That group would conduct a public investigation into the legal ramifications of the patent on Hypertext Markup Language, the signature W3C standard that governs how most of the Web is written, and other specifications related to it... the W3C is said to be contemplating changes to HTML, considered one of the consortium's more mature and settled specifications. The potential problem for HTML is that it describes a way of summoning content located on a server other than the one serving the page in question. The 'object' and 'embed' tags in HTML, consortium members worry, may fall under the wording of the Eolas patent. Options the PAG could recommend include a technical workaround or new wording in HTML and related specifications warning that authors who implement the tags in question should contact the patent holders and take out a license, if necessary. The HTML PAG could also, as have previous PAGs in other working groups, launch a drive to discover 'prior art,' or technologies older than the Eolas patent that could potentially invalidate it in court. The W3C established the PAG system after its P3P privacy preferences recommendation was threatened by patents. The groups have since been formed to respond to patent disputes among VoiceXML working group members. The PAG policy was codified with the rest of the W3C's patent-averse policy, which was ratified in March after a rancorous debate..." See: (1) the W3C news item from 2003-09-23, "W3C Launches HTML Patent Advisory Group" with the PAG FAQ, Home Page, and Charter; (2) the news story of August 28, 2003: "W3C Opens Public Discussion Forum on US Patent 5,838,906 and Eolas v. Microsoft"; (3) "Patents and Open Standards."

  • [September 23, 2003] "OASIS Ratifies SAML 1.1. RSA Supports Latest Version in Products." By Paul Roberts. In InfoWorld (September 19, 2003). "The OASIS Internet standards consortium said Monday that its members ratified SAML (Security Assertion Markup Language) Version 1.1 as an official standard, approving changes to the specification will improve interoperability with other Web services security standards. The vote assigns the highest level of OASIS (The Organization for the Advancement of Structured Information Standards) ratification to SAML 1.1 and could open the door for wider adoption of the XML (Extensible Markup Language) framework for companies using Web services to conduct high value transactions, according to Prateek Mishra of Netegrity Inc., co-chair of the OASIS Security Services Technical Committee. SAML is a standard that supports so-called 'federated identity' systems in which user authentication and authorization information is securely exchanged between Web sites within an organization or between organizations. SAML enables a user to sign on once to Web-enabled services, instead of having to repeatedly log in when they move from one Web site or Web-enabled application to another... The new version of SAML includes a number of updates and fixes for problems identified in the 1.0 standard, he said. In particular, SAML 1.1 revised guidelines for the use of digital certificates to sign SAML user authentication exchanges, known as SAML assertions. SAML 1.0 standards were vague about how to digitally sign SAML assertions, creating interoperability problems between different companies implementing Web services using the 1.0 standard, Mishra said. Only a 'small group' of companies are currently interested in using digital certificates to sign SAML assertions. However, that group is growing, as companies look for ways to exchange sensitive data with employees and business partners while also verifying that digital transactions took place -- a capability known as nonrepudiation... Having handed off the SAML 1.1 standards, OASIS's Security Services Technical Committee is now at work on the SAML 2.0 specification, Mishra said. That version will come with major additions to the standard based on feedback from large companies. Among other things, the group is looking at ways to implement distributed log out, in which three or more Web sites that share a single login session will synchronize when a user terminates that session. OASIS also wants to harmonize SAML 2.0 with the Liberty Alliance's ID-FF layer, another federated identity, single-sign on standard..." See: (1) the announcement, "Security Assertion Markup Language (SAML) Version 1.1 Ratified as OASIS Standard. Baltimore Technologies, BEA Systems, Computer Associates, Entrust, Hewlett-Packard, Netegrity, Oblix, OpenNetwork, Reactivity, RSA Security, SAP, Sun Microsystems, Verisign, and Others Collaborate on Authentication and Authorization."; (2) "Security Assertion Markup Language (SAML)"; (3) "Liberty Alliance Specifications for Federated Network Identification and Authorization."

  • [September 23, 2003] "New ISO Fees on the Horizon?" By Evan Hansen. In CNET News.com (September 19, 2003). ['IT standards groups are rallying opposition to an ISO proposal to introduce usage royalties for widely adopted standards, including country codes.'] "Information technology standards groups are raising warning flags over a proposal that could raise fees for commonly used industry codes, including two-letter country abbreviations, used in many commercial software products. At stake is a tentative proposal from the International Organization for Standardization (ISO) to add usage royalties for several code standards, a move that opponents say could weaken standards adherence by forcing software providers to pay a fee for each ISO-compliant product they sell. The standards -- ISO 3166, ISO 4217, ISO 639 -- cover country, currency and language codes, respectively. Critics say the proposal could weaken standards adherence by forcing software providers to pay a fee for each ISO-compliant product they sell. The backlash illustrates growing sensitivity in software circles over belated intellectual property claims... The proposal is still in the early stages, and may yet be significantly altered or shelved. Still, technology standards groups -- including the International Committee for Information Technology Standards (INCITS), the World Wide Web Consortium (W3C) and the Unicode Technical Committee -- are rallying opposition. 'Charging (usage fees) for these codes would have a big impact on almost every commercial software product, including operating systems,' said Mark Davis, president of software consortium Unicode, which is seeking to set standard character sets for disparate computing systems. 'They're used in Windows, Java, Unix and XML. They're very pervasive.' ... The ISO's claims on the codes stem from copyrights it owns on documents that describe the standards. ISO generally does not make its standards freely available, but sells them to fund its operations. Whether those copyrights apply to the codes themselves has not yet been tested, according to opponents of the proposal. 'There has not been a detailed discussion of how they own that copyright for the codes themselves,' said Martin Duerst, W3C Internationalization Activity Lead. 'The copyrights may not apply to individual codes, but only to the whole collection of codes--like a dictionary, where each word is not copyrighted, but the entire collection of words and definitions is copyrighted.' Duerst said the ISO's proposal is troubling because so many other standards groups have adopted the ISO codes. For example, he said, the Internet Engineering Task Force (IETF) has largely adopted the ISO's country codes..." See details and references in the news story "Standards Organizations Express Concern About Royalty Fees for ISO Codes." General references (for language codes) in "Language Identifiers in the Markup Context."

  • [September 23, 2003] "When Good Institutions Go Bad." By Simon St. Laurent (Editor, O'Reilly & Associates). From O'Reilly Developer Weblogs (September 23, 2003). "The last few weeks have seen a dismaying upturn in the number of semi-public institutions which seem to out to make a buck rather than a contribution, risking the contributions they've already made. ISO has the potential to cause the largest trainwreck, with plans to require licensing fees from those who use their language codes (ISO 639), country codes (ISO 3166), and currency codes (ISO 4127). The W3C has posted a letter to ISO... It appears that ANSI (the US member body for ISO is already at work collecting these royalties, as this exchange suggests. Warnings have gone up on the ISO 3166 site as well... I've been a critic of the W3C's structure for a long time now, having doubts about the nature of vendor consortia. On these kinds of issues, however, the W3C seems to be well ahead of its peers. While the process of creating many W3C specifications may remain veiled in mystery, the specifications themselves are open for anyone to implement, free of charge -- and the W3C seems intent on keeping it that way, even in the face of recent patent lunacy. The larger problem this illustrates isn't the greedy nature of everyone, but rather the difficulties of trust in a world where organizations are underfunded and expected to scramble for dollars. Building organizations which are intended to promote the sharing of resources requires an independent source of funds. Otherwise, organizations will end up placing tolls on their results, impeding the very sharing they were set up to create..." See details and references in the news story "Standards Organizations Express Concern About Royalty Fees for ISO Codes." General references (for language codes) in "Language Identifiers in the Markup Context."

  • [September 22, 2003] "Add XML Parsing to Your J2ME Applications. Combine Mobile Data and Mobile Code on Your Mobile Device." By Soma Ghosh (Application developer, Entigo). From IBM developerWorks, Wireless. September 16, 2003. ['More and more enterprise and Java technology projects are making use of XML as a medium to store data in a portable fashion. But due to the increased processing power demanded by XML parsers, J2ME applications have largely been left out of this trend. Now, however, small-footprint XML parsers for the Java language are emerging that will allow MIDP programmers to take advantage of the power of XML.'] "The fusion of Java and XML technologies creates the powerful combination of portable code and portable data. But where does the Java 2 Platform, Micro Edition (J2ME) fit in? In this article, I'll show some of the progress that has been made in cutting XML parsers down to a size suited to J2ME applications and limited-resource platforms. I'll use the kXML package to write an application for the MIDP profile that can parse an XML document... In this article, you'll see how you can use J2ME to fuse Java technology and XML -- in other words, to fuse portable code with portable data. Designing J2ME applications with embedded parsers can be a challenge because of the resource constraints inherent in J2ME devices. However, with the gradual availability of compact parsers suited to the MIDP platform, XML parsing will soon will be a widely used feature of the Java platform on mobile devices... Both push and model parsers require an amount of memory and processing power that is beyond the capabilities of many J2ME devices. To get around those device limitations, a third type of parser, called a pull parser, can be used. A pull parser reads a small amount of a document at once. The application drives the parser through the document by repeatedly requesting the next piece. The kXML parser that I'll use in my sample application is an example of a pull parser... You can use XML parsers in J2ME applications to interface with an existing XML service. For example, you could get a customized view of news on your phone from an aggregator site that summarizes headlines and story descriptions for a news site in XML format. XML parsers tend to be bulky, with heavy run time memory requirements. In order to adapt to the MIDP environment, XML parsers must be small to meet the resource constraints of MIDP-based devices. They should also be easily portable, with minimum effort required to port them to MIDP. Two frequently used XML parsers for resource-constrained devices are kXML and NanoXML. kXML is written exclusively for the J2ME platform (CLDC and MIDP). As of version 1.6.8 for MIDP, NanoXML supports DOM parsing..."

  • [September 22, 2003] "Microsoft Seeks Stronger XML Ties. ERP Vendors Pour Cold Water on Office as Window to Enterprise Applications." By Joris Evers. In InfoWorld (September 19, 2003). "Microsoft's forthcoming Office 2003 suite offers enterprises a promise few vendors or analysts are willing to support. The software giant argues that organizations will realize significant business process improvements by using the Office 2003 suite as a window into back-end enterprise systems. Office 2003's support for XML, Microsoft contends, is the key to bridging this front-end to back-end gap. But enterprise application vendors such as SAP, PeopleSoft, and Siebel Systems are far more interested in using XML for back-end integration, not to support a new front end. SAP, a longtime Microsoft partner, hopes Microsoft's support for XML will improve integration between Office and SAP back-end systems -- as SAP users can already tie Excel to their enterprise applications. But SAP does not expect users to switch from using portals to access data in enterprise systems to using Office... A Microsoft showcase for using the new made-for-XML InfoPath Office application instead of Word, Excel, Outlook, or PowerPoint, Cooper Tire and Rubber is one of those pioneers. With the help of Microsoft, Cooper Tire is building an XML front end to its customized tire-mold management system. Using XML forms and InfoPath, the company will be able to track the movements of molds between its various locations, said Ron Sawyer, manufacturing IT manager at Cooper Tire. 'Right now, we do not have visibility of the molds as they are in transit, and we make estimates of how long it will take for a mold to get shipped out of one plant and arrive at the other,' Sawyer said. 'We are very new to using XML and wanted to stick with Office and the Microsoft tools because that is our standard.' About 40 employees at Cooper Tire will use XML forms. The forms are opened in InfoPath and interact with a Windows Server 2000 system that sends the data on to an Oracle database..." See also: "Microsoft Office 11 and InfoPath [XDocs]" and "XML File Formats."

  • [September 22, 2003] "Sun Touts Liberty for Digital Rights Management." By Gavin Clarke. In Computer Business Review Online (September 19, 2003). "Sun Microsystems hopes to replicate an industry initiative for federated identity in the field of Digital Rights Management (DRM), to stymie Microsoft Corp's own controversial plans to control distribution of electronic content. The company has thrown its weight behind the OMA wireless group's effort to define a DRM specification on mobile devices. Ultimately, though, Sun hopes to build a coalition of vendors and end-users similar to the Liberty Alliance Project to drive uptake of DRM. Sun CTO John Fowler said a Liberty-style group would have the advantage of including input into specifications from end-users. Sun has helped work on a DRM specification at the Open Mobile Alliance, whose list of 200 members includes hardware vendors, ISVs, mobile specialists and content providers such as AOL Time Warner and Sony Inc. Liberty's members include end-users such as Amex and General Motors... 'Liberty was less about vendors who have technology and about the user,' Fowler said. Sun additionally believes mobile DRM for mobile systems to be important, given the expected growth rates in use of cell phones and other devices. Mobile platforms are also dominated by Sun's Java 2 Micro Edition (J2ME), meaning any DRM specification could ultimately be built into the platform. Ironically, Microsoft is also an OMA member, meaning the company could end-up putting its name to DRM work that ultimately competes against its own. OMA is an amalgamation of formerly disparate wireless and mobile vendor groups, formed in June 2002..." General references in "XML and Digital Rights Management (DRM)."

  • [September 22, 2003] "SOAP Gains Traction: Q&A with Rebecca Dias." By Jack Vaughan. In Application Development Trends (September 19, 2003). Microsoft's Rebecca Dias discusses the status of interoperability between Microsoft's .NET and IBM Java, binary communications, the goals of Web Services Enhancements (WSE) V2, and related topics. Dias: "There's a great deal of traction in terms of just general SOAP message processing and interop, and that goes across the board. Actually, it's more than just IBM and Microsoft, it's the Java world as well as other worlds that exist out there. There are Lisp implementations, for instance, that are finding interop, as well as WSDL and the WS-I basic profile they've defined. There are about a 100 partners, if not more, collectively collaborating on profiling how you do interoperability of SOAP, WSDL and the basic Web services protocol. There are also numerous implementations deployed based on that interoperability... The key to [SOA] is the meta data provided to you in the different SOAP headers, so SOAP is very quintessential to that. If a standards specification comes out that defines a different way to do the encoding that is highly and widely adopted, there's no reason why that can't happen. But today, the spec is still SOAP and XML meta data. If you have two intermediaries that are intelligent, that understand and know that the next intermediary hop happens to be in the same technology domain, and knows that we can actually do some kind of binary format from here to there, there's no reason why that can't happen and why your corresponding infrastructure can't support that. And if it ends up going to the next hop, which happens to not be potentially aware or know how to deal with that binary format, those systems had better know how to translate that back to SOAP, otherwise you're losing the whole value of a highly heterogeneous, interoperable system..."

  • [September 22, 2003] "Sun Touts Fast Web Services Plan. Binary Encodings Key to Proposal." By Paul Krill. In InfoWorld (September 19, 2003). "Researchers at Sun Microsystems are working on an initiative called Fast Web Services, intended to identify and solve performance problems in existing Web services standards implementations. Key to Sun's approach is boosting performance through use of binary encodings as an alternative to textual XML representations. 'Our technology improves both transmission speed, [with] less data transmitted, and processing performance on sender and receivers. The format requires less processor time than XML,' said Marc Hadley, Sun's senior staff engineer for Web technologies, products, and standards, in an e-mail response to questions. Sun plans to have a prototype of Fast Web Services in its Java Web Services Developer Pack early in 2004. Sun Distinguished Engineer Eduardo Pelegri-Llopart gave a presentation on Fast Web Services at the SunNetwork conference in San Franciscothis week. Sun believes Web services is going to become the new paradigm for distributed systems going forward, he said. But Web services need to be tuned for performance while enabling interoperability, according to Pelegri-Llopart. 'We're trying to provide better performance. We don't want a solution that is specific to our implementation,' he said. Sun's plan requires changes from developers. 'We believe that developers are to a large degree lazy. They find a concept that they're comfortable with, they take that concept, and push it to the limit,' said Pelegri-Llopart. In Sun's view, the XML-based messaging that lies at the heart of current Web services technology carries with it a performance price. XML-based messages require more processing than protocols such as RMI (Remote Method Invocation), RMI/IIOP (RMI Over Internet Inter-ORB Protocol), or CORBA/IIOP; data is represented inefficiently and binding requires computation, according to Sun in a paper published in August. 'The main point here is there is almost an order of magnitude between straightforward Web services using XML encoding and an implementation that takes care of binary encoding,' Pelegri-Llopart said. Fast Web Services attempts to solve bandwidth problems, including on wireless networks, by defining binary-based messages, albeit while losing the self-descriptive nature of XML. Although not an attempt to replace XML messaging, Fast Web Services is intended for use when performance is an issue..." See: (1) "JavaOne: Fast Web Services," presentation by Santiago Pericas-Geertsen and Paul Sandoz (Sun Microsystems); (2) "Fast Web Services," by Paul Sandoz, Santiago Pericas-Geertsen, Kohuske Kawaguchi, Marc Hadley, and Eduardo Pelegri-Llopart (Sun Microsystems Web Services library; appendices include a WSDL Example and an ASN.1 Schema for SOAP).

  • [September 22, 2003] "Adobe E-Doc Format Under Siege." By David Becker. In CNET News.com (September 18, 2003). ['Adobe's popular PDF document-sharing format faces challenges from Autodesk and Macromedia, each looking to take a bite out of the market with their own new technology. Analysts say the rivals could be a real threat to Adobe, which attributed a major earnings boost last week to a new line of PDF products.'] "Adobe Systems' portable document format, long a de facto Internet standard, is under fire from competitors looking to muscle in on the electronic document market. Autodesk, the leading maker of drafting software for architectural and engineering documents, recently began an aggressive advertising campaign urging customers to share documents in Autodesk's own Design Web Format (DWF) rather than in Adobe's PDF. In addition, Macromedia introduced FlashPaper, a new component based on the company's widespread Flash animation format that allows documents to easily be incorporated into Web pages and printed... One of the most influential Web design writers, Jakob Nielsen, recently attacked the widespread use of PDF for displaying documents over the Web, declaring the format 'unfit for human consumption.' The challenges come at a key time for San Jose, Calif.-based Adobe, which attributed a major earnings boost last week to a new line of PDF-related products released earlier this year. While PDF is firmly established in the PC world, 'I think there's always the possibility of a real threat,' said Rob Lancaster, an analyst for research firm The Yankee Group. 'Adobe is attempting to entrench itself within business applications, extending the capabilities of PDF beyond its typical role as viewing software, and a big part of that appeal rests on the ubiquity of the viewing capability.' Chuck Meyers, a technology strategist for Adobe's ePaper division, characterized recent swipes at PDF as acknowledgement of the company's success in popularizing the format. 'The key thing that's happening is that as we get bigger and better...the area we're in is a little bit more interesting a target than it used to be,' he said. 'We're going to take heat from a variety of different directions.' The most pointed business attack has come from Autodesk, whose new advertising and marketing campaign focuses on the supposed faults of PDF for exchanging engineering documents. The campaign comes as a surprise turnaround, after Adobe highlighted compatibility with AutoCAD -- Autodesk's main application for architectural drafting--as a key selling point for Acrobat Professional, the new high-end version of its PDF authoring tool. Tony Peach, the director of DWF corporate strategy for Autodesk, says the campaign stems from customer inquiries about the best way to exchange engineering documents..."

  • [September 18, 2003] "No Standard for Standards." By Jim Ericson. In Line56 (September 18, 2003). "History shows the value of uniformity, but portal standards are not yet a path to better workplace advantage... We have wr