Presentation is loading. Please wait.

Presentation is loading. Please wait.

CPPA3 Overview.

Published byHerman Atmadja Modified over 5 years ago

Similar presentations

Presentation on theme: "CPPA3 Overview."— Presentation transcript:

1 CPPA3 Overview

2 CPPA3 Version 3 of ebXML Collaboration Protocol Profiles (CPP) and Agreements (CPA) Successor to version 2, which is in use since around 2004. In draft: Specification XML schema Schema documentation

3 Overview of the CPPA3 Schema

4 CPP Profile of a Party Cross-references for layering and reuse
Profile Metadata (specific, version, validity intervals) Party Information Service Information Channels, Channel Features and Transports Payload Profiles and Packaging Access Control Information Cross-references for layering and reuse Profile can be signed Optional Extension Elements

5 CPA Agreement between a Party and a CounterParty
Profile Metadata (identifier, validity intervals) Party Information Counter Party Information Messaging configuration as in CPP Signatures Optional Extension elements

6 Profile Metadata <cppa:ProfileInfo> <cppa:ProfileIdentifier>Acpp</cppa:ProfileIdentifier> <cppa:ActivationDate> T00:00:00</cppa:ActivationDate> <cppa:ExpirationDate> T00:00:00</cppa:ExpirationDate> <cppa:PhaseIn>P10D</cppa:PhaseIn> </cppa:ProfileInfo>

7 Agreement Metadata <c<cppa:AgreementInfo> <cppa:AgreementIdentifier>Acpp_Bcpp</cppa:AgreementIdentifier> <cppa:Description xml:lang="en">Agreement formed from Acpp and Bcpp at T17:26: </cppa:Description> <cppa:ProfileIdentifier href=" <cppa:ProfileIdentifier href=" <cppa:ActivationDate> T17:26: </cppa:ActivationDate> <cppa:ExpirationDate> T00:00:00</cppa:ExpirationDate> </cppa:AgreementInfo>

8 Service Specification
Services for a Business Process Area Party Role and Counter Party Role Service Bindings covers sending and receiving actions Actions bound to channels and payload profiles

9 Service Specifications
Service Specifications can link to versioned business process choreography descriptions For example, OASIS ebBP or OMG BPMN Sample Norway e-Health / Social Security profile in CPPA3 format converted from production CPPA2 sample indicates support for multiple versions of some processes:

10 Sample v2.5 of IndividuellRefusjon process and service, two sending and two receiving actions, bindings to an ebMS2 over SMTP channel

11 Sample ENTSOG Service Specification for ZSH/ZSO role pair, services A09 and A06

12 Channels Abstract schema element Channel supporting extensibility using substitutions for specific messaging protocols For example ebMS3Channel for ebMS3/AS4 Channels have attributes : id attribute, so actions can be bound bind to channels transport attribute binds a channel to a transport (e.g. HTTPChannel) Optional cross-references to reused channel feature descriptions Channels can be: Bound to transports and packaging Related to each other (one channel supporting a feature of another channel)

13 Channel definition samples (1 and 2)
Base case, channel is fully defined by referencing a predefined agreed channel profile, referencing a transport and a package Variant channel, based on same channel but overrides the compression feature definition (preferring brotli compression but still accepting gzip)

14 Channel Definition Sample (3)
<cppa:ebMS3Channel id="_BXCX" transport="_65FN" package="_BQR5"> <cppa:Description xml:lang="en">Channel formed from a_ch_send (Channel for outgoing ENTSOG AS4 User Messages) in ENTSOG AS4 Profile for TSO 1 and b_b_ch_receive (Channel for incoming ENTSOG AS4 User Messages) in ENTSOG AS4 Profile for TSO 2</cppa:Description> <cppa:ChannelProfile> <cppa:SOAPVersion>1.2</cppa:SOAPVersion> <cppa:WSSecurityBinding> <cppa:WSSVersion>1.1</cppa:WSSVersion> <cppa:Signature> <cppa:SignatureAlgorithm> <cppa:DigestAlgorithm> <cppa:SigningCertificateRef certId="_OYHRBO"/> </cppa:Signature> <cppa:Encryption> <cppa:KeyEncryption> <cppa:EncryptionAlgorithm> <cppa:MaskGenerationFunction> <cppa:DigestAlgorithm> </cppa:KeyEncryption> <cppa:EncryptionAlgorithm> <cppa:EncryptionCertificateRef certId="_4UP74O"/> </cppa:Encryption> </cppa:WSSecurityBinding> <cppa:AS4ReceptionAwareness> <cppa:DuplicateHandling> <cppa:DuplicateElimination>true</cppa:DuplicateElimination> <cppa:PersistDuration>P10D</cppa:PersistDuration> </cppa:DuplicateHandling> <cppa:RetryHandling> <cppa:Retries>5</cppa:Retries> <cppa:RetryInterval>PT30S</cppa:RetryInterval> </cppa:RetryHandling> </cppa:AS4ReceptionAwareness> <cppa:ErrorHandling> <cppa:DeliveryFailuresNotifyProducer>true</cppa:DeliveryFailuresNotifyProducer> <cppa:ReceiverErrorsReportChannelId>_ODHW</cppa:ReceiverErrorsReportChannelId> </cppa:ErrorHandling> <cppa:ReceiptHandling> <cppa:ReceiptChannelId>_ODHW</cppa:ReceiptChannelId> </cppa:ReceiptHandling> <cppa:Compression> <cppa:CompressionAlgorithm>application/gzip</cppa:CompressionAlgorithm> </cppa:Compression> </cppa:ebMS3Channel> Channel Definition Sample (3) Expands the definition by adding the implied default feature settings (can be automated)

15 Channel Definition Samples (4)
Channel defined using reusable channel feature definitions for security, reliable messaging, error handling, receipt handling and compression Only the SOAP version needs stating

16 Binding Actions to Channels
Sequence of ChannelId elements expresses alternatives, ordered by decreasing preference Could be used for migrations (e.g. AS2 to AS4)

17 Channel Features Configure a feature of a channel, for example use of security Can be linked to a channel by ID reference or as nested subelement

18 Delegation Allows a party to express that an action is delegated to use a channel provided by a third party Delegation is a channel like any other channel Use delegation as one of multiple alternative channels Use alternative delegation channels to associate with more than one service provider Service provider models: Three corner: A delegates sending to C, B delegates receiving to C Four corner: A delegates sending to C, B delegates receiving to D, C and D are known to be interconnected

19 Transports Configure the use of a transport (like HTTP) for a channel
Configure networking (protocols, security)

20 Payload Profiles Configure payload parts used
Optionally specify schema

21 Packaging Specify how payload parts are enveloped
Only useful when packaging is not (fully) defined by the message protocol

22 Certificates and Trust Anchors
Parties can specify certificates they use and where/for which purpose they use them PKI optional Parties can specify trust anchors, lists of CA root certificates, that counterparty certificates must chain to Different services, or different protocols, can have different trust anchor lists

23 Access Control Profile elements can be annotated with “allowed” and “denied” attributed Global settings on CPP root element At other levels for more fine-grained control (e.g. limit a particular service to a subset) Values are identifiers of lists of identifiers of allowed or denied parties Can be used to created “views” for particular audience Can be used to restrict agreements

24 CPPA3 Predefined algorithms

25 Algorithms Pre-defined in CPPA3 specification
Implemented in open source cppa3 toolkit, Formation Create a CPA from a presented pair of CPPs Matching Checks if a presented CPA is consistent with a presented CPP

26 Main Functionality Validity interval
Service Specification with mirroring role pairs Service binding with mirroring send/receive action pairs Compatibility checks on channels, channel features, transport, payload profiles, packaging Intersecting where profile specifies alternatives Check certificates against trust anchors Check authorization (allowed/denied parties) Check delegation Etc.

27 DISCOVERY and registration

28 e-business discovery vision of ebXML (AD 2001)

29 Discovery and Registration
BDX Location DNS-based discovery of metadata service for a known party Returns HTTPS URL for a CPPA3 CPP Metadata Service Retrieve of CPP using (anonymous or authenticated) HTTPS Custom “views” based on client identity and allow/deny authorization annotations CPA creation can be automated using “formation” algorithm Agreement Registration Propose registration of a CPA that matches (extends) retrieved CPP Can be automated using “match” algorithm

30 Sample Flow

31 Implementations and Applications

32 CPPA3 library Python open source cppa3 toolkit
Modules: Formation of a CPA from two CPPs Match a CPA against a CPP Create a “view” on a CPP Macro expansion for “ChannelProfile”, allowing for overrides Upconvert a v2 CPP or CPA to CPPA3 Generate “Pmodes” for ebMS3/AS4 in a JSON format Convert a CPP subset to OASIS BDX SMP 1.0 Used in the following implementations

33 ENTSOG Proof of Concept
Generate CPP, CPA and P-Mode from basic set of party parameters Assumes a fixed AS4 profile (ENTSOG) Supports Domibus and Flame FMS P-Mode XML Available from

34 E-SENS Proof-of-Concept
Unfinished self-service portal for AS4 configuration (developed by IT.NRW) Exported parameters used to generate: CPPs CPAs Domibus P-Mode XML (valid, not tested) On IT.NRW GIT (not public)

35 EASEE-Connect Service under development for the EASEE-gas members
Portal for information sharing of AS4 parameters CPPA3 export option

36 Links to SPECIficationS

37 Specification Links Specification CPPA3 XML Schema Samples
CPPA3 XML Schema Samples Exception schema

Download ppt "CPPA3 Overview."

Similar presentations

Collaboration-Protocol Profile and Agreement Specification Armin Haller Digital Enterprise Research Institute

Collaboration-Protocol Profile and Agreement Specification Armin Haller Digital Enterprise Research Institute
Discovery and Capability Matching in ebXML CPP/CPA.

Discovery and Capability Matching in ebXML CPP/CPA.
Sonnenglanz Consulting BV 28 September 20101 CPA Management Idea’s for large-scale deployments E.J. Van Nigtevecht Sonnenglanz Consulting BV.

Sonnenglanz Consulting BV 28 September CPA Management Idea’s for large-scale deployments E.J. Van Nigtevecht Sonnenglanz Consulting BV.
Implementing and Administering AD FS

Implementing and Administering AD FS
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
PAWN: A Novel Ingestion Workflow Technology for Digital Preservation

PAWN: A Novel Ingestion Workflow Technology for Digital Preservation
B2B e-commerce standards for document exchange In350: week 13: Nov. 19,2001 Judith A. Molka-Danielsen.

B2B e-commerce standards for document exchange In350: week 13: Nov. 19,2001 Judith A. Molka-Danielsen.
PAWN: A Novel Ingestion Workflow Technology for Digital Preservation Mike Smorul, Joseph JaJa, Yang Wang, and Fritz McCall.

PAWN: A Novel Ingestion Workflow Technology for Digital Preservation Mike Smorul, Joseph JaJa, Yang Wang, and Fritz McCall.
GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.

GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.

Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.
Introduction to ebXML Messaging V3 Derived from the OASIS Webinar series on ebXML (June 6, 2007) ‏

Introduction to ebXML Messaging V3 Derived from the OASIS Webinar series on ebXML (June 6, 2007) ‏
1 Explanation of Examples of CPPA V1.05 Process-Specification Document CPP-A/B, CPA (draft-cpp-example-companyA-012.xml) (draft-cpp-example-companyB-012.xml)

1 Explanation of Examples of CPPA V1.05 Process-Specification Document CPP-A/B, CPA (draft-cpp-example-companyA-012.xml) (draft-cpp-example-companyB-012.xml)
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.
Configuration Management Issues in IHE Asuman Dogac, SRDC, METU, Turkey

Configuration Management Issues in IHE Asuman Dogac, SRDC, METU, Turkey
An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.

An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Similar presentations

Ads by Google