© OASIS 2004 Overview of OASIS Process and Technical Work ITU-T SG17 meeting Geneva, 11 March 2004 Karl Best, OASIS.

Slides:



Advertisements
Similar presentations
OASIS and Web Services Standards: Patrick J. Gannon President and CEO
Advertisements

Copyright OASIS, 2001 OASIS Recent Technical Developments John Borras Office of e-Envoy Cabinet Office UK Government June 2003.
Overview of Web Services
Copyright OASIS, 2001 OASIS e-Government Technical Committee John Borras Director Technology Policy Director OASIS Office of e-Envoy Cabinet Office UK.
UDDI v3.0 (Universal Description, Discovery and Integration)
1 April 18 th, 2002 Electronic Commerce Promotion Council of Japan (ECOM) 5 th ebXML Asia Committee Taipei meeting Current Status of OASIS ebXML CPPA TC.
IEEE DREL Workshop 20 June 2002 Brad Gandee XrML Standards Evangelist The Language for Digital Rights The Language for Digital Rights ™ Enabling Interoperability:
Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,
OASIS Service Oriented Architecture Reference Model Technical Committee (SOA-RM) BOOT CAMP April DRAFT: Not approved by the OASIS SOA RM TC.
Prescriptive Guidance for SOA Peter Roden Director of Technology Development OASIS.
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.
Identity Management Standards from OASIS Patrick Gannon President & CEO Patrick Gannon President & CEO Architecting Identity Management The Open Group,
© OASIS 2010 Managing the Maze of SmartGrid standards Jamie Clark, OASIS Dave Wollman, NIST Zahra Makoui, Pacific Gas & Electric Santa Clara, CA May 2010.
A summary of ebXML (the new World Standard for e-Business) Dave Welsh Collaborative Domain Corporation.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Introduction to ebXML Mike Rawlins ebXML Requirements Team Project Leader.
OASIS and Web Services Karl Best OASIS Director of Technical Operations.
Just a collection of WS diagrams… food for thought Dave Hollander.
Mapping OASIS Technical Work: Where’s Reliability? New Orleans, April 2004.
Achieving Sustainable Business Benefits with SOA and Web Services Standards OASIS Open Standards Day Singapore 21 October 2005 Patrick Gannon President.
Copyright OASIS, 2001 OASIS Election & Voter Services Technical Committee John Borras Office of e-Envoy Cabinet Office UK Government May 2002.
Web Service Standards, Security & Management Chris Peiris
EbXML Overview Dick Raman CEO - TIE Holding NV Chairman CEN/ISSS eBES Vice Chair EEMA and HoD in UN/CEFACT Former ebXML Steering Group.
Copyright OASIS, 2002 ebXML: The Foundation for eBusiness Web Services Patrick Gannon President & CEO, OASIS ebXML Day May 23, 2002.
© OASIS 2003 The Critical Role of Web Services Standards in Vertical Industry Next Generations Asia PKI Forum Taipei, 14 November 2003 Karl Best, VP OASIS.
OASIS Open Building Information eXchange Technical Committee Patrick Gannon OASIS President & CEO BuilConn Europe Amsterdam, 9 November
Copyright © 2004 by The Web Services Interoperability Organization (WS-I). All Rights Reserved 1 Interoperability: Ensuring the Success of Web Services.
4/22/20031 Data Interchange Initiative Lower the Barrier of Entry to B2B eBusiness Prepared by Bennet Pang
Copyright OASIS, 2002 OASIS Topic Maps Technical Committees Standards Update Presentation Knowledge Technologies Conference Seattle , March 11 Bernard.
XML Working Group Joan Ugljesa NDIA PMSC April,
1 History What ebXML is Why ebXML Mission, Values Strategies Scope, Relationships ebXML Requirements Deliverables & Core Components.
IECM Briefing: XML Community of Practice Betsy Fanning AIIM.
E-Government Development of E-Business Metadata Repository UN/ECE Workshop on E-Government Development in Transition Economies Budapest, Hungary 7 November.
What is Service Oriented Architecture ? CS409 Application Services Even Semester 2007.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,
Sep 30, 2000XML Workshop Talk, IIT Bombay XML Standardization for Business Applications Dr. Vasudev Kamath Persistent Systems.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
Copyright © 2004 by The Web Services Interoperability Organization (WS-I). All Rights Reserved 1 Interoperability: Ensuring the Success of Web Services.
OASIS Week of ebXML Standards Webinars June 4 – June 7, 2007.
Promoting Web Services Interoperability Across Platforms, Applications and Programming Languages Basic Profile 1.0 August 12, 2003 Copyright © 2003 by.
Requirements for Standardization on the Service Registries ISO/IEC JTC1 SC /10/161 A comment to WSSG, JTC1 SC32WG2 N
Security, Transactions and Open Standards David Petraitis European Representative David Petraitis European Representative CISO Executive Summit, Geneva,
© OASIS 2004 Relationship Between Open Standards and Open Source Software Open Source in Government Washington, DC March 2004 Patrick Gannon President.
TDWG Annual Meeting, December 2006The World Conservation Union Biodiversity Conservation Standards Silvio Olivieri IUCN The World Conservation Union.
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
Copyright OASIS, 2001 OASIS e-Government Technical Committee John Borras Office of e-Envoy Cabinet Office UK Government May 2003.
Copyright © OASIS Open, 2003 OASIS Technical Work Status February 2003 Karl Best OASIS Vice President.
Copyright OASIS, 2002 OASIS: Accelerating Adoption Web Services One Conference Boston, MA August 27, 2002 Patrick Gannon President & CEO, OASIS.
SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.
OASIS Organization for the Advancement of Structured Information Standards.
Achieving Sustainable Business Benefits with Open eBusiness Standards Patrick Gannon President & CEO Patrick Gannon President & CEO Best Practices in Standards.
Standards for e-Enabled Elections: The work of the OASIS Election & Voter Services Technical Committee John Borras Chair Technical Committee
Copyright © 2003 OASIS Using Registries to Promote Collaborative Standards Work Open Forum on Metadata Registries Santa Fe, January 2003 Karl Best OASIS.
© OASIS 2003 The future of standards in web services and service oriented architecture OASIS and W3C Town Hall XML 2003 Philadelphia.
Copyright OASIS, 2002 OASIS Technical Work Status XML 2002 Conference Baltimore, December 2002 Karl Best OASIS Vice President.
1 Registry Services Overview J. Steven Hughes (Deputy Chair) Principal Computer Scientist NASA/JPL 17 December 2015.
Using WS-I to Build Secure Applications Anthony Nadalin Web Services Interoperability Organization (WS-I) Copyright 2008, WS-I, Inc. All rights reserved.
Uses for Long-Running Distributed Transactions Object Management Group Web Services Workshop 6 March 2002 William Cox BEA Systems, Inc.
BEA position on W3C ‘Web Services’ Standards Jags Ramnarayan 11th April 2001.
EbXML Semantic Content Management Mark Crawford Logistics Management Institute
National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.
EbXML Registry Technical Committee Defining and managing interoperable registries and repositories Kathryn Breininger (TC Chair)The.
Copyright OASIS, 2002 OASIS - LISA Global e-Business Survey.
Copyright OASIS, 2001 OASIS Election & Voter Services Technical Committee John Borras Office of e-Envoy Cabinet Office UK Government Dec 2002.
Sabri Kızanlık Ural Emekçi
Conceptual Model Refactoring
Presentation transcript:

© OASIS 2004 Overview of OASIS Process and Technical Work ITU-T SG17 meeting Geneva, 11 March 2004 Karl Best, OASIS

oasis-open.org © OASIS 2004 zWho is OASIS zThe OASIS Conceptual Model zWhy Standards zOASIS work in Security Agenda

© OASIS 2004 Who is OASIS?

oasis-open.org © OASIS 2004 Overview zOASIS is an international consortium dedicated to developing and promoting the adoption of e-business specifications zMember-elected Board of Directors and Technical Advisory Board; member-driven standards process zMembers of OASIS are providers, users and specialists of standards-based technologies and include organizations, individuals, industry groups, and government agencies. zInternational, not-for-profit, open, independent zSuccessful through industry-wide collaboration

oasis-open.org © OASIS 2004 OASIS technical work zThe OASIS technical agenda is set by our members; bottom-up approach zTechnical committees formed by the proposal of our members zEach Technical Committee sets its own scope, schedule, and deliverables zMore than 60 Technical Committees in a variety of topic areas yE-business ySecurity yWeb services yPublic sector

oasis-open.org © OASIS 2004 OASIS standards process zSpecifications are created under an open, democratic, vendor-neutral process yAny interested parties may either participate or comment yNo one organization can dictate the specification yEnsures that specifications meet everyone’s needs, not just largest players’ zAll discussion open to public inspection and comment zBi-level approval process yTC approves Committee Draft yOASIS members approve OASIS Standard zResulting work is representative broad range of industry, not just any one vendor’s view

oasis-open.org © OASIS 2004 Progression/Approval of OASIS technical work 1.Any three or more OASIS members propose creation of a technical committee (TC) 2.Existing technical work submitted to TC; or TC starts work at the beginning. TC conducts and completes technical work; open and publicly viewable 3.TC votes to approve work as an OASIS Committee Draft 4.TC conducts public review, and three or more OASIS members must implement the specification 5.TC revises and re-approves the specification 6.TC votes to submit the Committee Draft to OASIS membership for consideration 7.OASIS membership reviews, approves the Committee Draft as an OASIS Standard

oasis-open.org © OASIS 2004 What sets OASIS apart zEstablished, legitimate, and neutral zPublished and consistent rules and process zHigh degree of open access, publicly visible, accountable zHigh degree of responsible coordination with other SDOs

© OASIS 2004 The OASIS Conceptual Model

oasis-open.org © OASIS 2004 zA model to describe the technical activities of industry organizations yDescriptive, not Prescriptive zIdentify overlaps for the purpose of increasing collaboration zIdentify gaps for the purpose of starting new work Purpose of a Conceptual Model

oasis-open.org © OASIS 2004 Previous Work: ISO Open EDI Model Source: ISO/IEC 14662, “Information Technology – Open-EDI Reference Model”, First Edition, December 15, 1997

oasis-open.org © OASIS 2004 Previous Work: BIC B2B Model Source: Business Internet Consortium (BIC) Whitepaper, “High-Level Conceptual Model for B2B Integration ”, March 02, 2002

oasis-open.org © OASIS 2004 OASIS Conceptual Model for eBusiness standards Quality of ServicesManagement S e c u r i t y XML Syntax Network Transport Generalized Processes Specialized Processes Generalized Content Specialized Content Messaging Service Description Language Presentation Description Transaction Patterns Transaction Instance Repository Registry / Directory Process Description Language Content Definition Language Conformance and Interoperability

oasis-open.org © OASIS 2004 OASIS Conceptual Model: populated Q u a l I t y o f S e r v I c e sM a n a g e m e n t S e c u r i t y Network Transport Generalized Processes Specialized Processes Generalized Content Specialized Content Transaction Patterns Transaction Instance XML Syntax Messaging Service Description Language Presentation Description Repository Registry / Directory Process Description Language Content Definition Language Conformance and Interoperabilit y Auto-Repair, C-Trade, Education, eGovernment, ElectionML, eProcurement, Emergency, LegalXML(8), MaterialsML, PLCS, ProdPS, TaxXML 19 ASAP, BCM, BTP, CAM, ebXML-BP, FWSI, TransWS, WSBPEL 8 XACML, AVDL, XCBF, DSS, DSML, XRI, PKI, RLTC, SAML, SPML, WAS, WSDM, WSS 13 Entity-Resolution, RELAX-NG, Topic Maps (3) 5 UIML, WSRP, HumanML 3 DSS, ebXML- RegRep, UDDI 3 ebXML- CPPA 1 ebXML-MSG, WSRM 2 Conformance, ebXML-IIC, XSLT- Conformance 3 CIQ, UBL, Doc- Book, XLIFF, OpenOffice 5

oasis-open.org © OASIS 2004 OASIS Conceptual Model: populated Q u a l I t y o f S e r v I c e sM a n a g e m e n t S e c u r i t y Network Transport Generalized Processes Specialized Processes Generalized Content Specialized Content Transaction Patterns Transaction Instance XML Syntax Messaging Service Description Language Presentation Description Repository Registry / Directory Process Description Language Content Definition Language Conformance and Interoperabilit y Auto-Repair, C-Trade, Education, eGovernment, ElectionML, eProcurement, Emergency, LegalXML(8), MaterialsML, PLCS, ProdPS, TaxXML 19 ASAP, BCM, BTP, CAM, ebXML-BP, FWSI, TransWS, WSBPEL 8 XACML, AVDL, XCBF, DSS, DSML, XRI, PKI, RLTC, SAML, SPML, WAS, WSDM, WSS 13 UIML, WSRP, HumanML 3 DSS, ebXML- RegRep, UDDI 3 ebXML- CPPA 1 ebXML-MSG, WSRM 2 CIQ, UBL, Doc- Book, XLIFF, OpenOffice 5 Entity-Resolution, RELAX-NG, Topic Maps (3) 5 Conformance, ebXML-IIC, XSLT- Conformance 3 Final approval (as of Dec 2003) Preliminary approval

oasis-open.org © OASIS 2004 Common transport (HTTP, etc.) Common language (XML) Viewing web services as a related set of functions Service Discovery Service Description Orchestration & Management Security & Access Messaging Data Content

oasis-open.org © OASIS 2004 Common transport (HTTP, etc.) Common language (XML) Chords: Implementations usually combine functions Service Discovery Service Description Orchestration & Management Security & Access Messaging Data Content Example: The OASIS Disease Control Interoperability Demo at XML 2003 UBL XForms ebXML BP ebXML Registry ebXML MSG ebXML CPP/A XACML

© OASIS 2004 Why Standards

oasis-open.org © OASIS 2004 What is a Standard? zJust anything a single vendor declares is a standard? Or anything on which two or more vendors agree? yThese may be “specifications”, but not “standards” from the OASIS point of view zStandards are specifications developed and/or approved under a yPublished, consistent process yFair environment, open participation yTransparent, accountable, open operations yTransparent output

oasis-open.org © OASIS 2004 What is a standard? A standard is: zpublicly available in stable, persistent versions zdeveloped and approved under a published process zopen to public input: public comments, public archives, no NDAs zsubject to explicit, disclosed IPR terms zSee the US, EU, WTO governmental & treaty definitions of “standards” Anything else is proprietary: zThis is a policy distinction, not a pejorative

oasis-open.org © OASIS 2004 Coordination of standards at OASIS zOASIS recognizes the many dependencies across standards organizations yPromote interoperability yReduce duplication zOASIS participates in and coordinates with many other standards and industry coordination efforts, e.g., yW3C and OASIS management meetings yISO/IEC/ITU/ECE e-business coordination MoU yRosettaNet, OMA, AIAG, WS-I, GGF, etc. yCat A liaisons with TC154, various JTC1 SCs yA.4 and A.5 recognition from ITU-T

oasis-open.org © OASIS 2004 Coordination of standards at OASIS zOASIS TCs encouraged to establish liaison with applicable working groups at other organizations zCompleted OASIS standards can be submitted to other SDOs; promote adoption of completed and approved work yebXML specifications submitted to ISO TC154 ySAML, XACML submitted to ITU-T SG17

oasis-open.org © OASIS 2004 Formula for Sustainable Standards Market Adoption Open Standardization Traction Sanction Proprietary JCVConsortiaSDO SGML ISO XML W3C SOAP v1.1 SOAP v1.2 W3C UDDI v2,3 UDDI.org WSDL v1.2 W3C ebMSG v2 OASIS WSDL v1.1 eb Reg v2 OASIS WS-S v1.0 BPEL4WS WS-BPEL OASIS WS-S OASIS WS-- * ? UDDI v2,3 OASIS

© OASIS 2004 OASIS Work in Security

oasis-open.org © OASIS 2004 OASIS Security TCs zApplication Vulnerability Description Language (AVDL) zDigital Signature Services (DSS) zeXtensible Access Control Markup Language (XACML) zProvisioning Services zPublic Key Infrastructure (PKI) zRights Language

oasis-open.org © OASIS 2004 OASIS Security TCs (cont.) zSecurity Services (SAML) zWeb Application Security (WAS) zWeb Services Security (WSS) zXML Common Biometric Format (XCBF)

oasis-open.org © OASIS 2004 Application Vulnerability Description Language (AVDL) TC zStarted: May 2003 zPurpose: create a uniform way of describing application security vulnerabilities; create an XML definition for exchange of information relating to security vulnerabilities of applications exposed to networks. zStatus: ongoing work

oasis-open.org © OASIS 2004 Digital Signature Services (DSS) TC zStarted: December 2002 zPurpose: develop techniques to support the processing of digital signatures, including defining an interface for requesting that a web service produce and/or verify a digital signature. zStatus: ongoing work

oasis-open.org © OASIS 2004 eXtensible Access Control Markup Language (XACML) TC zStarted: May 2001 zPurpose: define a core schema and corresponding namespace for the expression of authorization policies in XML against objects that are themselves identified in XML. zStatus:XACML v1.0 approved as an OASIS Standard, February 2003; continuing work

oasis-open.org © OASIS 2004 Provisioning Services TC zStarted: November 2001 zPurpose: define an XML- based framework for exchanging information between Provisioning Service Points. zStatus: ongoing work

oasis-open.org © OASIS 2004 Public Key Infrastructure (PKI) TC zStarted: January 2003 zPurpose: address issues related to the successful deployment of digital certificates to meet business and security requirements as well as technical and integration/interoperability issues, and increase the awareness of digital certificates as an important component when managing access to network resources. zStatus: ongoing work

oasis-open.org © OASIS 2004 Rights Language TC zStarted: May 2002 zPurpose: define an industry standard for a digital rights language that supports a wide variety of business models and has an architecture that provides the flexibility to address the needs of the diverse communities that have recognized the need for a rights language. zStatus: ongoing work

oasis-open.org © OASIS 2004 Security Services (SAML) TC zStarted: January 2001 zPurpose: develop an XML framework for exchanging authentication and authorization information. zStatus: SAML v1.1 approved as an OASIS Standard, August 2003; continuing work

oasis-open.org © OASIS 2004 Web Application Security (WAS) TC zStarted: July 2003 zPurpose: produce a classification scheme for web security vulnerabilities, a model to provide guidance for initial threat, impact and therefore risk ratings, and an XML schema to describe web security conditions that can be used by both assessment and protection tools. zStatus: ongoing work

oasis-open.org © OASIS 2004 Web Services Security (WSS) TC zStarted: September 2002 zPurpose: define Web Services security foundations for higher-level security services which are to be defined in other specifications. zStatus: Committee Draft approved and submitted to OASIS membership; approval as OASIS Standard expected end of March 2004

oasis-open.org © OASIS 2004 XML Common Biometric Format (XCBF) TC zStarted: March 2002 zPurpose: define a common set of secure XML encodings for the patron formats specified in CBEFF, the Common Biometric Exchange File Format (NISTIR 6529). These XML encodings are based on the ASN.1 schema defined in ANSI X9.84:2003 Biometrics Information Management and Security. zStatus: XCBF v1.0 approved as an OASIS Standard, August 2003; continuing work

zwww.xml.orgzwww.xml.coverpages.org zwww.oasis-open.org