Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prominent Changes To the CPP/A Specification January 28, 2002.

Published byLinette Ray Modified over 9 years ago

Similar presentations

Presentation on theme: "Prominent Changes To the CPP/A Specification January 28, 2002."— Presentation transcript:

1 Prominent Changes To the CPP/A Specification January 28, 2002

2 Change Areas Alignment with Messaging Specification on Reliable Messaging and Per Message Semantics Alignment with Business Process Specification on Service and Action Explicit Identification of Actions Each Party Will Initiate or Respond to Clarification of Synchronous Reply Modes Security Details and Clarification of Certificate Refs

3 Change Areas (cont.) Specializing Delivery Channels for Sending and Receiving Improved BPSS/CPP/CPA Examples Improved Schema Definition Mapping Between Messaging And CPP/A Parameters

4 Messaging Spec Alignment MessagingCharacteristics attributes syncReplyMode ackRequested ackSignatureRequested duplicateElimination Actor ReliableMessaging element provides RM runtime parameters

5 Business Process Spec Alignment Service Use uuid attibute of ProcessSpecification element in BPSS instance Action Add ActionContext to provide hierarchical path information leading from top-level BinaryCollaboration to RequestingBusinessActivity or RespondingBusinessActivity Mapping from ActionContext to simple name Extensions to map to alternate flow language

6 Alignment Of Attribute Names And Values isConfidential persistent, transient, persistent-and- transient isAuthenticated isAuthorizationRequired isNonRepudiationRequired isNonRepudiationReceiptRequired isSecureTransportRequired

7 Action Binding Each party identifies actions it is going to initiate or respond to (may be subset of actions from business process) Explicit ActionBindings for BPSS Signals and exceptions Provide mapping to DeliveryChannel and Packaging CPA matches DeliveryChannels used by sender and receiver for each action See WillInitiate and WillRespond elements in schema

8 Synchronous Reply Modes Only applicable to synchronous transports (e.g., HTTP) mshSignalsOnly => only MSH level signal (e.g. RM Acknowledgment) returned synchronously signalsOnly => MSH signal + response returned asynchronously signalsAndResponse => no NRR for response responseOnly => no NRR for response

9 SecurityDetails Based on ebXML Technical Architecture Risk Assessment recommendations Allows a party to specify trust model(s) and policy related to its use of partners’ certificates Defined under PartyInfo, referenced elsewhere in CPP/CPA via SecurityDetailsRef In general one party identifies cert to use while counter party identifies TrustAnchors for validating cert

10 SecurityDetails TrustAnchors is a collection of CertificateRefs to trust anchor certificates A trust anchor is a root certificate issued by a Certification Authority trusted by the party Security policy is just a placeholder, for now Policy definitions from OASIS XACML TC not quite ready for use Can specify different SecurityDetails for different purposes e.g., SSL authentication vs. digital enveloping

11 Delivery Channel Specialization Sending and receiving parameters now separate and independent Transport DocExchange Allows schema to enforce presence / absence of certain properties In particular, CertificateRef and SecurityDetailsRef

12 Transport Transport can be a sender, receiver, or both Synchronous messaging requires both TransportSender and TransportReceiver within the same Transport may use different protocols Sender specifies client security, receiver specifies server security Initiator’s TransportSender and Responder’s TransportReceiver must mesh

13 TransportSender Properties of sending end of a delivery channel TransportClientSecurity Transport connections always established by sender, so sender specifies client security ClientCertificateRef – used to authenticate to server ServerSecurityDetailsRef – applied to server certs

14 TransportReceiver Properties of receiving end of a delivery channel Endpoints – URIs for services provided to clients TransportServerSecurity Transport connections always accepted by receiver, so receiver specifies server security ServerCertificateRef – used to authenticate to client ClientSecurityDetailsRef – applied to client certs

15 Transport patterns Client establishes connection to server All clients are senders All servers are receivers Some servers are senders e.g., synchronous responder Some clients are receivers e.g., synchronous requestor

16 DocExchange Initiator’s ebXMLSenderBinding and Responder’s ebXMLReceiverBinding must mesh

17 SenderNonRepudiation Sender’s non-repudiation properties SigningCertificateRef – the party will use this cert for signing messages

18 ReceiverNonRepudiation Receiver’s non-repudiation properties SigningSecurityDetailsRef – trust anchors and policy applied to sender’s signing certificate

19 SenderDigitalEnvelope Sender’s encryption properties EncryptionSecurityDetailsRef – trust anchors and policy applied to receiver’s encryption certificate

20 ReceiverDigitalEnvelope Receiver’s encryption properties EncryptionCertificateRef – certificate to be used in digital envelope key exchange

21 Improved Examples One BPSS instance Two complementary CPP instances One merged CPA instance Matching of Action Bindings between initiator and responder Synchronous and asynchronous Service Bindings Illustration of Service and Action values obtained from business process IDREFs validated by XML aware editor

22 Improved Schema Definition Based on W3C Recommended version of XML Schema, DTD no longer provided Improved data type specification Cardinality constraints Wildcard elements for extensibility Annotations for documentation Validated by conforming schema editor

23 Messaging And CPA Mapping New normative appendix on how to use Messaging and CPP/A specs together Correspondence between message header and CPA elements/attributes Correspondence between implicit messaging parameters and CPA elements/attributes

Download ppt "Prominent Changes To the CPP/A Specification January 28, 2002."

Similar presentations

Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
IETF Trade Working Group January 2000 XML Messaging Overview January 2000.

IETF Trade Working Group January 2000 XML Messaging Overview January 2000.
Collaboration-Protocol Profile and Agreement Specification Armin Haller Digital Enterprise Research Institute

Collaboration-Protocol Profile and Agreement Specification Armin Haller Digital Enterprise Research Institute
1 April 18 th, 2002 Electronic Commerce Promotion Council of Japan (ECOM) 5 th ebXML Asia Committee Taipei meeting Current Status of OASIS ebXML CPPA TC.

1 April 18 th, 2002 Electronic Commerce Promotion Council of Japan (ECOM) 5 th ebXML Asia Committee Taipei meeting Current Status of OASIS ebXML CPPA TC.
SOAP Quang Vinh Pham Simon De Baets Université Libre de Bruxelles1.

SOAP Quang Vinh Pham Simon De Baets Université Libre de Bruxelles1.
Discovery and Capability Matching in ebXML CPP/CPA.

Discovery and Capability Matching in ebXML CPP/CPA.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
B2B e-commerce standards for document exchange In350: week 13: Nov. 19,2001 Judith A. Molka-Danielsen.

B2B e-commerce standards for document exchange In350: week 13: Nov. 19,2001 Judith A. Molka-Danielsen.
Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.

Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
Web services security I

Web services security I
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
1 Simple Object Access Protocol (SOAP) by Kazi Huque.

1 Simple Object Access Protocol (SOAP) by Kazi Huque.
Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.

Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.
Introduction to ebXML Messaging V3 Derived from the OASIS Webinar series on ebXML (June 6, 2007) ‏

Introduction to ebXML Messaging V3 Derived from the OASIS Webinar series on ebXML (June 6, 2007) ‏
1 Explanation of Examples of CPPA V1.05 Process-Specification Document CPP-A/B, CPA (draft-cpp-example-companyA-012.xml) (draft-cpp-example-companyB-012.xml)

1 Explanation of Examples of CPPA V1.05 Process-Specification Document CPP-A/B, CPA (draft-cpp-example-companyA-012.xml) (draft-cpp-example-companyB-012.xml)
T-110.5140 Network Application Frameworks and XML Web Services and WSDL 02.04.2007 Sasu Tarkoma Based on slides by Pekka Nikander.

T Network Application Frameworks and XML Web Services and WSDL Sasu Tarkoma Based on slides by Pekka Nikander.
Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.
SOAP Tutorial Ching-Long Yeh 葉慶隆 Department of Computer Science and Engineering Tatung University

SOAP Tutorial Ching-Long Yeh 葉慶隆 Department of Computer Science and Engineering Tatung University

Similar presentations

Ads by Google