0 Federal XML Community of Practice (xmlCoP) Meeting Washington, DC March 16, 2005 ebXML Registry Version 3.0 Overview Joseph M. Chiusano Booz Allen Hamilton.

Slides:



Advertisements
Similar presentations
0 McLean, VA August 8, 2006 SOA, Semantics and Security.
Advertisements

Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
UDDI v3.0 (Universal Description, Discovery and Integration)
WEB SERVICES DAVIDE ZERBINO.
Page 1© Crown copyright 2006 Registry technology & case study implementation J. Tandy, D. Thomas - November 2006.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
Interactive Systems Technical Design Seminar work: Web Services Janne Ojanaho.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
UDDI Overview Web Services Registry SOA Enabler. What Is UDDI? Universal Description, Discovery, and Integration Protocols for web services registry Public.
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
Web Services Seppo Heikkinen MITA seminar/TUT
ebXML Registry Technical Committee Defining and managing interoperable registries and repositories Kathryn Breininger (TC Chair)The.
EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.
ebXML Registry Technical Committee Defining and managing interoperable registries and repositories Kathryn Breininger (TC Chair)The.
Web Content Management Using the OASIS ebXML Registry Standard Farrukh Najmi XML Standards Architect Sun Microsystems
Web services A Web service is an interface that describes a collection of operations that are network-accessible through standardized XML messaging. A.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.
Introduction to UDDI From: OASIS, Introduction to UDDI: Important Features and Functional Concepts.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Requirements for Epidemic Information Management Farrukh Najmi XML Standards Architect Sun Microsystems
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Web Services (Part 1) Service-Oriented Architecture Overview ITEC 625 Web Development Fall 2006 Reference: Web Services and Service-Oriented Architectures.
9 th Open Forum on Metadata Registries Harmonization of Terminology, Ontology and Metadata 20th – 22nd March, 2006, Kobe Japan. An Implementation Architecture.
T Network Application Frameworks and XML Web Services and WSDL Sasu Tarkoma Based on slides by Pekka Nikander.
© 2009 IBM Corporation Integrating WSRR and DataPower Andrew White – Software Developer 18 March 2010.
1 Core Web Services Standards. 2 (Simplified) Web Service Architecture Registry 1. Service Registers PUBLISH 3. Client calls Service BIND 2. Client Request.
OASIS ebXML Registry Standard Open Forum 2003 on Metadata Registries 10:30 – 11:15 January 20, 2003 Kathryn Breininger The Boeing Company Chair, OASIS.
1.View Description 2.Primary Presentation 3.Element Catalog Elements and Their Properties Relations and Their Properties Element Interfaces Element Behavior.
UDDI ebXML(?) and such Essential Web Services Directory and Discovery.
SAML Right Here, Right Now Hal Lockhart September 25, 2012.
ebXML Registry Technical Committee Defining and managing interoperable registries and repositories Voting members Kathryn Breininger.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
Interfacing Registry Systems December 2000.
XML Registries Source: Java TM API for XML Registries Specification.
1 Schema Registries Steven Hughes, Lou Reich, Dan Crichton NASA 21 October 2015.
SAML 2.0: Federation Models, Use-Cases and Standards Roadmap
XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.
An XML based Security Assertion Markup Language
SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.
0 Federal XML Community of Practice (xmlCoP) Meeting Washington, DC December 17, 2004 Registration of Fine-Grained XML Artifacts in ebXML Registry Joseph.
Grid Services I - Concepts
Proposal for RBAC Features for SDD James Falkner Sun Microsystems October 11, 2006.
Registries, ebXML and Web Services in short. Registry A mechanism for allowing users to announce, or discover, the availability and state of a resource:
WEB SERVICE DESCRIPTION LANGUAGE (WSDL). Introduction  WSDL is an XML language that contains information about the interface semantics and ‘administrivia’
1 G52IWS: Web Services Chris Greenhalgh. 2 Contents The World Wide Web Web Services example scenario Motivations Basic Operational Model Supporting standards.
Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.
ebXML Registry Technical Committee Defining and managing interoperable registries and repositories Voting members Kathryn Breininger.
EbXML Registry and Repository Dept of Computer Engineering Khon Kaen University.
EbXML Semantic Content Management Mark Crawford Logistics Management Institute
OASIS ebXML Registry Standard Open Forum 2003 on Metadata Registries 10:30 – 11:15 January 20, 2003 Kathryn Breininger The Boeing Company Chair, OASIS.
Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.
EbXML Registry Technical Committee Defining and managing interoperable registries and repositories Kathryn Breininger (TC Chair)The.
Publish, Management and Discovery of WSRP artifacts in an ebXML Registry Ross Fubini: Plumtree Farrukh Najmi: Sun Microsystems
International Planetary Data Alliance Registry Project Update September 16, 2011.
A Semi-Automated Digital Preservation System based on Semantic Web Services Jane Hunter Sharmin Choudhury DSTC PTY LTD, Brisbane, Australia Slides by Ananta.
IPDA Registry Definitions Project Dan Crichton Pedro Osuna Alain Sarkissian.
04/11/08 Copyright (C) Wellfleet Software Corporation, All Rights Reserved 1 ebXML RegRep 4.0 Overview Farrukh Najmi, Wellfleet Software September 17,
SAML New Features and Standardization Status
Sabri Kızanlık Ural Emekçi
OASIS Symposium Lightning Round
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
Wsdl.
WEB SERVICES DAVIDE ZERBINO.
Publish, Management and Discovery of
Presentation transcript:

0 Federal XML Community of Practice (xmlCoP) Meeting Washington, DC March 16, 2005 ebXML Registry Version 3.0 Overview Joseph M. Chiusano Booz Allen Hamilton

1 What We’ll Cover  ebXML Registry Version 3.0: What’s New  ebXML Registry Brief Overview  Version 3.0: New Features –HTTP Protocol Binding –Content Management Services –Cooperating Registries –Event Notification –Security Enhancements  Questions

2 ebXML Registry Version 3.0: What’s New

3 FeatureDescription HTTP Protocol Binding  Web Browser client to access to registry using HTTP 1.1 protocol  Simple content retrieval Registry Managed Version Control  Robust version control mechanisms based on the DeltaV/WebDAV protocol Query Enhancements  Iterative query support  Parameterized stored queries  Improved Filter Query syntax Content Management Services  Content validation  Content cataloging  Content-based discovery Cooperating Registries Support  Distributed content/metadata  Federated queries  Replicated content/metadata  Object relocation Event Notification  Publish/subscribe capabilities NOTE: A star to the left of a feature indicates that it will be covered during this presentation.

4 ebXML Registry Version 3.0: What’s New (cont’d) FeatureDescription Security Enhancements  XACML-Based Access Control Model  SAML-Based Federated Identity Management  Compliance with WS-I Basic Security Profile 1.0  OASIS Web Services Security (WSS) Support Improved Extensibility  Easier to define new types of requests and responses Improved Identifiers  Human-Friendly URN-based Identifiers

5 ebXML Registry Brief Overview

6 The ebXML Registry standard is a metadata registry standard that supports the registration, maintenance and discovery of both XML- and non-XML artifacts  An ebXML Registry is an information system that securely manages any content type and the standardized metadata that describes it  The ebXML Registry version 1.0 standards were developed during the OASIS/UNCEFACT Electronic Business XML (ebXML) initiative and approved in May 2001  The OASIS/ebXML Registry Technical Committee Technical Committee continues to develop the ebXML Registry standards –The ebXML Registry version 2.0 standards are OASIS approved and ISO approved standards (ISO and ISO )  Work on ebXML Registry Version 3.0 began in January 2002 –Version 2.5 (OASIS Committee Draft, June 2003) included some Version 3.0 features in their early forms  The ebXML Registry version 3.0 specifications are OASIS Committee Drafts as of 10 February 2005 –They are in OASIS Public Review until 14 March 2005

7 Major ebXML Registry Features at a Glance Source: “The UN/CEFACT Registry/Repository Architecture” presentation Federated Architectur e Standard Metadata Event Bus Secure Architecture ebXML Registry Manage information artifacts, enforce conformity rules, cataloguing, custom queries, WCM Interoperability between autonomous ebXML registries DSIG, Role-Based Access Control, Audit Trail Identifiers, Description, Classification, Association, Version Info, etc. Enable workflow using Content-Based Event Notification Information Artifacts Registry Publish/maintain/discover information artifacts Content Management

8 ebXML Registry Version 3.0: Simplified View of Architecture Source: ebXML Registry Services and Protocols Committee Draft, 10 February 2005

9 The following class diagram represents the ebXML Registry Information Model (ebRIM) = highlighted during discussion Source: ebXML Registry Information Model Committee Draft, 10 February 2005

10 Version 3.0: New Features

11 HTTP Protocol Binding

12 The HTTP Binding protocol provides multiple options for accessing RegistryObjects and RepositoryItems via the HTTP 1.1 protocol  Sample “getRegistryObject” request: GET /http?interface=QueryManager&method=getRegistryObject&paramid= “{URN_OF_REGISTRY_OBJECT}” HTTP/1.1  Can also retrieve RepositoryItem using “getRepositoryItem” method “QueryManager” interface “getRegistryObject” method Parameter

13 The HTTP Binding protocol has been presented as a foundational mechanism for interoperability between ebXML Registry and UDDI UDDI Registry ebXML Registry Trading Partner #1 Trading Partner #2 (Actual) (Effective) WSDL Document  The ebXML Registry and UDDI HTTP bindings can enable “reach-through” capabilities from one registry type to another: Source: “UDDI and ebXML Registries: A Three- Tier Vision”, ebXML Forum, September 2003

14 Content Management Services

15 Content Management Services enable improved quality, integrity and discovery of content and metadata within ebXML Registry  Content Validation: Provides the ability to enforce domain-specific validation rules upon submitted content and metadata, in a content-specific manner –Improves the quality and integrity of registry content and metadata –Submission requests that contain invalid data are rejected in their entirety by the registry, with a “ValidationException” returned  Content Cataloging: Provides the ability to selectively convert submitted RegistryObjects and RepositoryItems into ebRIM-defined metadata, in a content-specific manner –Enables content-based discovery within the registry –Cataloging automatically creates and/or updates RegistryObject metadata such as ExtrinsicObject or Classification instances –The cataloged metadata enables clients to discover the registry content and metadata using standard query capabilities of the registry

16 Content Validation utilizes one or more Content Validation Services to automatically validate RegistryObjects and RepositoryItems when they are submitted to the registry  This process is shown in the following figure:  Potential use cases include: –Validation of XML instance documents against their schema upon submission to the registry (e.g. Compliance with DOJ GJXDM or NIEM) –Enforcement of consistency rules and semantic checks when a business process definition is submitted to the registry (e.g. HL7 business process definition)

17 Content Cataloging utilizes one or more Content Cataloging Services to automatically catalog RegistryObjects and RepositoryItems when they are submitted to the registry  This process is shown in the following figure:  Potential use cases include: –Find all XML schemas that have a targetNamespace containing “ –Find all WSDL documents that have a SOAP binding defined –Find all Basic Core Components (BCCs) that are part of an Aggregate Core Component (ACC), that is the basis for an Aggregate Business Information Entity (ABIE) whose Geopolitical context equals “European Union”

18 The following is an example of cataloging a WSDL document according to the fact that it has a SOAP binding <definitions name="StockQuote" xmlns=" ….> [details removed for example] [details removed for example] ClassificationSchemes used: ExtrinsicObject – XML Schema – User Manual – WSDL WSDL 1.1 Bindings – HTTP – MIME – SOAP over SMTP – SOAP over HTTP

19 Cooperating Registries

20 The Cooperating Registries feature enables multiple ebXML registries to cooperate with each other as part of a “federation”  A registry federation is a group of registries that have voluntarily agreed to form a loosely coupled union  This enables operations such as: –Cross-registry associations –Federated queries –Local caching of data from another registry –Object relocation Registry D Registry E Registry B Registry A Registry C NOTE: Arrows are conceptual, and are not meant to depict physical connections.

21 Registry federations are based on a peer-to-peer (P2P) model where all participating registries are equal  A federation may be based on common business/domain interests and specialties that the registries might share –Examples:  Federation of registries for the criminal justice domain  Federation of registries among universities  Replication of RegistryObjects in other registries within a federation can improve access time and fault tolerance through local caching of remote objects –Involves creation of a “local replica”  Replicas may be kept current using the event notification feature, or through periodic polling

22 A federated query operates on data that belongs to all members of the federation  Example: “FIND ALL SCHEMAS FOR STANDARD X” ebXML Registry #2 ebXML Registry #1 ebXML Registry #n.. ebXML Registry #3 Schema #1Schema #2Schema #3Schema #n

23 Event Notification

24 The Event Notification feature enables an ebXML registry to notify its users and/or other registries about “events of interest”  Also known as “publish/subscribe”  Examples of “events of interest” are: –A RegistryObject that the user submitted has been subscribed to by a registry user –An XML schema that a registry user has subscribed to has been updated –A new Web Service has been submitted that relates to a topic in which a registry user has interest  The Event Notification feature uses “content-based” notification, in which interests are expressed in the form of a query over registry content –This differs from “topic-based” notification, in which interests are tied to topics by which information is categorized  Notifications are triggered in response to “AuditableEvents” that are created within the registry in response to client-initiated requests and changes in the life cycle of a RegistryObject –Example: Creation or deletion of a RegistryObject

25 Subscription to events is done through preconfigured AdHocQuery “selectors” that denote the subscription criteria SELECT * FROM Service s, AuditableEvent e, AffectectedObject ao, Classification c1, Classification c2 ClassificationNode cn1, ClassificationNode cn2 WHERE e.eventType = 'Created' AND ao.id = s.id AND ao.parent=e.id AND c1.classifiedObject = s.id AND c1.classificationNode = cn1.id AND cn1.path = 'Security' AND c2.classifiedObject = s.id AND c2.classificationNode = cn2.id AND cn2.path LIKE '%Liberty Alliance%'  Example: Request notification if a security service is submitted to the registry, and it implements the Liberty Alliance specifications: “Find all services that are Created and classified by ClassificationNode where ClassificationNode’s Path equals “Security”, and classified by ClassificationNode where ClassificationNode’s Code contains string “Liberty Alliance”  Notification of events can be done through two mechanisms: –Web Service-Based Notification: Delivery of event notifications through invocation of a specified listener Web Service – -Based Notification: Delivery of event notifications via to a human user or an endpoint for a software component or agent SQL Query

26 Security Enhancements

27 ebXML Registry Version 3.0 supports OASIS XACML 1.0 for its Access Control Information Model  XACML (eXtensible Access Control Markup Language) defines a standard mechanism for expressing access control policies  XACML is based on three main concepts: –Subject: An entity (human or system) that requests access to a resource (interaction with SAML) –Resource: A data, service, or system component to which access is requested –Action: An operation on a resource (such as “read”)  ebXML Registry can function as both an XACML Policy Enforcement Point (PEP) and a Policy Decision Point (PDP)  Access control is on both RegistryObjects and RepositoryItems  Every RegistryObject is associated with exactly one Access Control Policy that governs “who” is authorized to perform “what” action on that RegistryObject  ebXML Registry can also function as an XACML Policy Store –Manage policies for protecting resources outside the registry

28 ebXML Registry Version 3.0 also supports Federated Identity Management based on OASIS SAML 2.0  SAML (Security Assertion Markup Language) defines a framework for communicating security and identity information between IT systems in a standard manner –Provides Single Sign-On (SSO) capabilities for user-to-system, system-to-system, and service-to-service communications  SAML expresses security information in the form of assertions about subjects –An assertion is a declaration of certain facts, such as “John Smith was granted update privileges to database X at time Y” –A subject is an entity (either human or computer) that has an identity in some security domain  The SAML Protocol defines 2 primary entities: –Service Provider: An entity that provides services to Principals –Identity Provider: A type of service provider that creates, maintains, and manages identity information for Principals  An ebXML Registry can function as a SAML Service Provider –Allows the registry to utilize an Identity Provider to perform client authentication on its behalf –Avoids duplication of Identity Provider user database within registry

29 Questions?

30 Contact Information Joseph M. Chiusano Booz Allen Hamilton McLean, VA (703)

31 OASIS ebXML Registry Information OASIS ebXML Registry TC Home Page: