Presentation is loading. Please wait.

Presentation is loading. Please wait.

© OASIS 2004 Overview of OASIS Process and Technical Work ITU-T SG17 meeting Geneva, 11 March 2004 Karl Best, OASIS.

Published byConrad Carter Modified over 9 years ago

Similar presentations

Presentation on theme: "© OASIS 2004 Overview of OASIS Process and Technical Work ITU-T SG17 meeting Geneva, 11 March 2004 Karl Best, OASIS."— Presentation transcript:

1 © OASIS 2004 Overview of OASIS Process and Technical Work ITU-T SG17 meeting Geneva, 11 March 2004 Karl Best, OASIS

2 oasis-open.org © OASIS 2004 zWho is OASIS zThe OASIS Conceptual Model zWhy Standards zOASIS work in Security Agenda

3 © OASIS 2004 Who is OASIS?

4 oasis-open.org © OASIS 2004 Overview zOASIS is an international consortium dedicated to developing and promoting the adoption of e-business specifications zMember-elected Board of Directors and Technical Advisory Board; member-driven standards process zMembers of OASIS are providers, users and specialists of standards-based technologies and include organizations, individuals, industry groups, and government agencies. zInternational, not-for-profit, open, independent zSuccessful through industry-wide collaboration

5 oasis-open.org © OASIS 2004 OASIS technical work zThe OASIS technical agenda is set by our members; bottom-up approach zTechnical committees formed by the proposal of our members zEach Technical Committee sets its own scope, schedule, and deliverables zMore than 60 Technical Committees in a variety of topic areas yE-business ySecurity yWeb services yPublic sector

6 oasis-open.org © OASIS 2004 OASIS standards process zSpecifications are created under an open, democratic, vendor-neutral process yAny interested parties may either participate or comment yNo one organization can dictate the specification yEnsures that specifications meet everyone’s needs, not just largest players’ zAll discussion open to public inspection and comment zBi-level approval process yTC approves Committee Draft yOASIS members approve OASIS Standard zResulting work is representative broad range of industry, not just any one vendor’s view

7 oasis-open.org © OASIS 2004 Progression/Approval of OASIS technical work 1.Any three or more OASIS members propose creation of a technical committee (TC) 2.Existing technical work submitted to TC; or TC starts work at the beginning. TC conducts and completes technical work; open and publicly viewable 3.TC votes to approve work as an OASIS Committee Draft 4.TC conducts public review, and three or more OASIS members must implement the specification 5.TC revises and re-approves the specification 6.TC votes to submit the Committee Draft to OASIS membership for consideration 7.OASIS membership reviews, approves the Committee Draft as an OASIS Standard

8 oasis-open.org © OASIS 2004 What sets OASIS apart zEstablished, legitimate, and neutral zPublished and consistent rules and process zHigh degree of open access, publicly visible, accountable zHigh degree of responsible coordination with other SDOs

9 © OASIS 2004 The OASIS Conceptual Model

10 oasis-open.org © OASIS 2004 zA model to describe the technical activities of industry organizations yDescriptive, not Prescriptive zIdentify overlaps for the purpose of increasing collaboration zIdentify gaps for the purpose of starting new work Purpose of a Conceptual Model

11 oasis-open.org © OASIS 2004 Previous Work: ISO Open EDI Model Source: ISO/IEC 14662, “Information Technology – Open-EDI Reference Model”, First Edition, December 15, 1997

12 oasis-open.org © OASIS 2004 Previous Work: BIC B2B Model Source: Business Internet Consortium (BIC) Whitepaper, “High-Level Conceptual Model for B2B Integration ”, March 02, 2002

13 oasis-open.org © OASIS 2004 OASIS Conceptual Model for eBusiness standards Quality of ServicesManagement S e c u r i t y XML Syntax Network Transport Generalized Processes Specialized Processes Generalized Content Specialized Content Messaging Service Description Language Presentation Description Transaction Patterns Transaction Instance Repository Registry / Directory Process Description Language Content Definition Language Conformance and Interoperability

14 oasis-open.org © OASIS 2004 OASIS Conceptual Model: populated Q u a l I t y o f S e r v I c e sM a n a g e m e n t S e c u r i t y Network Transport Generalized Processes Specialized Processes Generalized Content Specialized Content Transaction Patterns Transaction Instance XML Syntax Messaging Service Description Language Presentation Description Repository Registry / Directory Process Description Language Content Definition Language Conformance and Interoperabilit y Auto-Repair, C-Trade, Education, eGovernment, ElectionML, eProcurement, Emergency, LegalXML(8), MaterialsML, PLCS, ProdPS, TaxXML 19 ASAP, BCM, BTP, CAM, ebXML-BP, FWSI, TransWS, WSBPEL 8 XACML, AVDL, XCBF, DSS, DSML, XRI, PKI, RLTC, SAML, SPML, WAS, WSDM, WSS 13 Entity-Resolution, RELAX-NG, Topic Maps (3) 5 UIML, WSRP, HumanML 3 DSS, ebXML- RegRep, UDDI 3 ebXML- CPPA 1 ebXML-MSG, WSRM 2 Conformance, ebXML-IIC, XSLT- Conformance 3 CIQ, UBL, Doc- Book, XLIFF, OpenOffice 5

15 oasis-open.org © OASIS 2004 OASIS Conceptual Model: populated Q u a l I t y o f S e r v I c e sM a n a g e m e n t S e c u r i t y Network Transport Generalized Processes Specialized Processes Generalized Content Specialized Content Transaction Patterns Transaction Instance XML Syntax Messaging Service Description Language Presentation Description Repository Registry / Directory Process Description Language Content Definition Language Conformance and Interoperabilit y Auto-Repair, C-Trade, Education, eGovernment, ElectionML, eProcurement, Emergency, LegalXML(8), MaterialsML, PLCS, ProdPS, TaxXML 19 ASAP, BCM, BTP, CAM, ebXML-BP, FWSI, TransWS, WSBPEL 8 XACML, AVDL, XCBF, DSS, DSML, XRI, PKI, RLTC, SAML, SPML, WAS, WSDM, WSS 13 UIML, WSRP, HumanML 3 DSS, ebXML- RegRep, UDDI 3 ebXML- CPPA 1 ebXML-MSG, WSRM 2 CIQ, UBL, Doc- Book, XLIFF, OpenOffice 5 Entity-Resolution, RELAX-NG, Topic Maps (3) 5 Conformance, ebXML-IIC, XSLT- Conformance 3 Final approval (as of Dec 2003) Preliminary approval

16 oasis-open.org © OASIS 2004 Common transport (HTTP, etc.) Common language (XML) Viewing web services as a related set of functions Service Discovery Service Description Orchestration & Management Security & Access Messaging Data Content

17 oasis-open.org © OASIS 2004 Common transport (HTTP, etc.) Common language (XML) Chords: Implementations usually combine functions Service Discovery Service Description Orchestration & Management Security & Access Messaging Data Content Example: The OASIS Disease Control Interoperability Demo at XML 2003 UBL XForms ebXML BP ebXML Registry ebXML MSG ebXML CPP/A XACML

18 © OASIS 2004 Why Standards

19 oasis-open.org © OASIS 2004 What is a Standard? zJust anything a single vendor declares is a standard? Or anything on which two or more vendors agree? yThese may be “specifications”, but not “standards” from the OASIS point of view zStandards are specifications developed and/or approved under a yPublished, consistent process yFair environment, open participation yTransparent, accountable, open operations yTransparent output

20 oasis-open.org © OASIS 2004 What is a standard? A standard is: zpublicly available in stable, persistent versions zdeveloped and approved under a published process zopen to public input: public comments, public archives, no NDAs zsubject to explicit, disclosed IPR terms zSee the US, EU, WTO governmental & treaty definitions of “standards” Anything else is proprietary: zThis is a policy distinction, not a pejorative

21 oasis-open.org © OASIS 2004 Coordination of standards at OASIS zOASIS recognizes the many dependencies across standards organizations yPromote interoperability yReduce duplication zOASIS participates in and coordinates with many other standards and industry coordination efforts, e.g., yW3C and OASIS management meetings yISO/IEC/ITU/ECE e-business coordination MoU yRosettaNet, OMA, AIAG, WS-I, GGF, etc. yCat A liaisons with TC154, various JTC1 SCs yA.4 and A.5 recognition from ITU-T

22 oasis-open.org © OASIS 2004 Coordination of standards at OASIS zOASIS TCs encouraged to establish liaison with applicable working groups at other organizations zCompleted OASIS standards can be submitted to other SDOs; promote adoption of completed and approved work yebXML specifications submitted to ISO TC154 ySAML, XACML submitted to ITU-T SG17

23 oasis-open.org © OASIS 2004 Formula for Sustainable Standards Market Adoption Open Standardization Traction Sanction Proprietary JCVConsortiaSDO SGML ISO XML W3C SOAP v1.1 SOAP v1.2 W3C UDDI v2,3 UDDI.org WSDL v1.2 W3C ebMSG v2 OASIS WSDL v1.1 eb Reg v2 OASIS WS-S v1.0 BPEL4WS WS-BPEL OASIS WS-S OASIS WS-- * ? UDDI v2,3 OASIS

24 © OASIS 2004 OASIS Work in Security

25 oasis-open.org © OASIS 2004 OASIS Security TCs zApplication Vulnerability Description Language (AVDL) zDigital Signature Services (DSS) zeXtensible Access Control Markup Language (XACML) zProvisioning Services zPublic Key Infrastructure (PKI) zRights Language

26 oasis-open.org © OASIS 2004 OASIS Security TCs (cont.) zSecurity Services (SAML) zWeb Application Security (WAS) zWeb Services Security (WSS) zXML Common Biometric Format (XCBF)

27 oasis-open.org © OASIS 2004 Application Vulnerability Description Language (AVDL) TC zStarted: May 2003 zPurpose: create a uniform way of describing application security vulnerabilities; create an XML definition for exchange of information relating to security vulnerabilities of applications exposed to networks. zStatus: ongoing work

28 oasis-open.org © OASIS 2004 Digital Signature Services (DSS) TC zStarted: December 2002 zPurpose: develop techniques to support the processing of digital signatures, including defining an interface for requesting that a web service produce and/or verify a digital signature. zStatus: ongoing work

29 oasis-open.org © OASIS 2004 eXtensible Access Control Markup Language (XACML) TC zStarted: May 2001 zPurpose: define a core schema and corresponding namespace for the expression of authorization policies in XML against objects that are themselves identified in XML. zStatus:XACML v1.0 approved as an OASIS Standard, February 2003; continuing work

30 oasis-open.org © OASIS 2004 Provisioning Services TC zStarted: November 2001 zPurpose: define an XML- based framework for exchanging information between Provisioning Service Points. zStatus: ongoing work

31 oasis-open.org © OASIS 2004 Public Key Infrastructure (PKI) TC zStarted: January 2003 zPurpose: address issues related to the successful deployment of digital certificates to meet business and security requirements as well as technical and integration/interoperability issues, and increase the awareness of digital certificates as an important component when managing access to network resources. zStatus: ongoing work

32 oasis-open.org © OASIS 2004 Rights Language TC zStarted: May 2002 zPurpose: define an industry standard for a digital rights language that supports a wide variety of business models and has an architecture that provides the flexibility to address the needs of the diverse communities that have recognized the need for a rights language. zStatus: ongoing work

33 oasis-open.org © OASIS 2004 Security Services (SAML) TC zStarted: January 2001 zPurpose: develop an XML framework for exchanging authentication and authorization information. zStatus: SAML v1.1 approved as an OASIS Standard, August 2003; continuing work

34 oasis-open.org © OASIS 2004 Web Application Security (WAS) TC zStarted: July 2003 zPurpose: produce a classification scheme for web security vulnerabilities, a model to provide guidance for initial threat, impact and therefore risk ratings, and an XML schema to describe web security conditions that can be used by both assessment and protection tools. zStatus: ongoing work

35 oasis-open.org © OASIS 2004 Web Services Security (WSS) TC zStarted: September 2002 zPurpose: define Web Services security foundations for higher-level security services which are to be defined in other specifications. zStatus: Committee Draft approved and submitted to OASIS membership; approval as OASIS Standard expected end of March 2004

36 oasis-open.org © OASIS 2004 XML Common Biometric Format (XCBF) TC zStarted: March 2002 zPurpose: define a common set of secure XML encodings for the patron formats specified in CBEFF, the Common Biometric Exchange File Format (NISTIR 6529). These XML encodings are based on the ASN.1 schema defined in ANSI X9.84:2003 Biometrics Information Management and Security. zStatus: XCBF v1.0 approved as an OASIS Standard, August 2003; continuing work

37 zwww.xml.orgzwww.xml.coverpages.org zwww.oasis-open.org

Download ppt "© OASIS 2004 Overview of OASIS Process and Technical Work ITU-T SG17 meeting Geneva, 11 March 2004 Karl Best, OASIS."

Similar presentations

OASIS and Web Services Standards: Patrick J. Gannon President and CEO www.oasis-open.org.

OASIS and Web Services Standards: Patrick J. Gannon President and CEO
Copyright OASIS, 2001 OASIS Recent Technical Developments John Borras Office of e-Envoy Cabinet Office UK Government June 2003.

Copyright OASIS, 2001 OASIS Recent Technical Developments John Borras Office of e-Envoy Cabinet Office UK Government June 2003.
Overview of Web Services

Overview of Web Services
Copyright OASIS, 2001 OASIS e-Government Technical Committee John Borras Director Technology Policy Director OASIS Office of e-Envoy Cabinet Office UK.

Copyright OASIS, 2001 OASIS e-Government Technical Committee John Borras Director Technology Policy Director OASIS Office of e-Envoy Cabinet Office UK.
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
1 April 18 th, 2002 Electronic Commerce Promotion Council of Japan (ECOM) 5 th ebXML Asia Committee Taipei meeting Current Status of OASIS ebXML CPPA TC.

1 April 18 th, 2002 Electronic Commerce Promotion Council of Japan (ECOM) 5 th ebXML Asia Committee Taipei meeting Current Status of OASIS ebXML CPPA TC.
IEEE DREL Workshop 20 June 2002 Brad Gandee XrML Standards Evangelist The Language for Digital Rights The Language for Digital Rights ™ Enabling Interoperability:

IEEE DREL Workshop 20 June 2002 Brad Gandee XrML Standards Evangelist The Language for Digital Rights The Language for Digital Rights ™ Enabling Interoperability:
Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,

Developments in cooperation between research and standardization related to security and secure communications Presentation at eMayor clustering event,
OASIS Service Oriented Architecture Reference Model Technical Committee (SOA-RM) BOOT CAMP April 13 2005 DRAFT: Not approved by the OASIS SOA RM TC.

OASIS Service Oriented Architecture Reference Model Technical Committee (SOA-RM) BOOT CAMP April DRAFT: Not approved by the OASIS SOA RM TC.
Prescriptive Guidance for SOA Peter Roden Director of Technology Development OASIS.

Prescriptive Guidance for SOA Peter Roden Director of Technology Development OASIS.
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that Web services are likely.

A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.

CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.
Identity Management Standards from OASIS Patrick Gannon President & CEO Patrick Gannon President & CEO Architecting Identity Management The Open Group,

Identity Management Standards from OASIS Patrick Gannon President & CEO Patrick Gannon President & CEO Architecting Identity Management The Open Group,
© OASIS 2010 Managing the Maze of SmartGrid standards Jamie Clark, OASIS Dave Wollman, NIST Zahra Makoui, Pacific Gas & Electric Santa Clara, CA May 2010.

© OASIS 2010 Managing the Maze of SmartGrid standards Jamie Clark, OASIS Dave Wollman, NIST Zahra Makoui, Pacific Gas & Electric Santa Clara, CA May 2010.
A summary of ebXML (the new World Standard for e-Business) Dave Welsh Collaborative Domain Corporation.

A summary of ebXML (the new World Standard for e-Business) Dave Welsh Collaborative Domain Corporation.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Introduction to ebXML Mike Rawlins ebXML Requirements Team Project Leader.

Introduction to ebXML Mike Rawlins ebXML Requirements Team Project Leader.
OASIS and Web Services Karl Best OASIS Director of Technical Operations.

OASIS and Web Services Karl Best OASIS Director of Technical Operations.
Just a collection of WS diagrams… food for thought Dave Hollander.

Just a collection of WS diagrams… food for thought Dave Hollander.
Mapping OASIS Technical Work: Where’s Reliability? New Orleans, April 2004.

Mapping OASIS Technical Work: Where’s Reliability? New Orleans, April 2004.

Similar presentations

Ads by Google