XML and Web Services In The News - 10 October 2006

Provided by OASIS | Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by Sun Microsystems


HEADLINES:

 Web Services Profile of XACML (WS-XACML) Version 1.0
 Take It to the Bank
 Sun, Laszlo Take Java into Orbit for Devices
 SimpleXML: A Markup-Specific Library for XML Processing in PHP
 DIAL Part 0: Primer. Device Independent Authoring Language
 Three Ways of Writing XML Transformation Programs
 Iona Upgrades ESB with SOA Management, Orchestration
 Newsmaker: For Opera, Smaller Really is Better

Web Services Profile of XACML (WS-XACML) Version 1.0
Anne Anderson (ed), OASIS TC Working Draft
This document constitutes a major revision of "XACML profile for Web-services (WSPL)", designed to address the current Web Services policy environment. It contains some core functionality from WSPL, but confines its use to authorization, access control, and privacy Assertions for use with WS-Policy. The document specifies ways to use XACML in the context of Web Services for authorization, access control, and privacy policies. It specifies three types of information. 1) An authorization token or credential based on XACML to be used in a Web Services context for conveying an authorization decision from a trusted third party to a Web Service. (2) An Assertion based on XACML for use with WS-Policy; this Assertion may be used to convey both requirements and capabilities related to authorization, access control, and privacy for Web Service clients and for the Services themselves. The profile specifies standard formats, matching semantics, and usage guidelines for this Assertion. (3) Some ways in which authenticated Attributes for a client MAY be passed to a Web Service as part of a SOAP message. These Attributes may be used by the Web Service in evaluating internal XACML policies... WS-Policy provides a framework for expressing alternative sets of policy Assertions from various domains, such as security, and reliable messaging, that are supported by a service. But there are no WS-Policy Assertions defined for authorization, access control, or privacy policies. This profile defines a format for such Assertions and describes their use in Web Services policies... The profile specifies how to use existing XACML SAML Assertions in the context of Web Services.
See also: OASIS XACML TC web site

Take It to the Bank
Wilson P. Dizard III, Government Computer News
Late last year, the federal bank regulatory agencies launched the first large-scale instance in the country, and the largest worldwide, of a cross-industry standard for representing and reporting financial data. The agencies are using extensible business reporting language, or XBRL, to speed access to information about banks' financial health and help eliminate errors in data. The oversight agencies collect financial data on some 8,000 banks across the country. Some very large banks with balance sheets running to a trillion dollars have permanent cadres of bank regulators on site. Smaller banks, with deposits in the $10 million to $20 million range, submit simpler reports to the regulators. The data is intended to ensure that banks maintain adequate capital and that they control their ratios of nonperforming loans. The three agencies prepared their project plan for two years and decided to use XBRL in 2003. After releasing a proposal request and receiving nine responses, they awarded Unisys a $39 million, 10-year contract. The agencies launched the Central Data Repository on Oct. 1, 2005, in a 'big bang' switch from two legacy mainframe systems. Before the switch to the new system, the agencies checked out the CDR in three separate and progressively expanded tests. The three agencies required the banks to submit their third quarter 2005 Call Report data to the new CDR using XBRL as the reporting language. In addition to using XBRL tags to help validate the bank data, the CDR uses other Extensible Markup Language (XML) specifications, such as XML Schema and Xlink, that work together to check relationships among data elements and verify the data's semantics. The agencies work together each quarter to tweak the taxonomy of terms and definitions that frame the CDR data elements. Every year, they issue a major revision of the taxonomy that reflects new accounting rules and financial procedures. The final result of the CDR is not only better service to the bank examiners, banks and members of the public who use the information, but lower costs of regulation.

Sun, Laszlo Take Java into Orbit for Devices
Paul Krill, InfoWorld
Sun Microsystems and Laszlo Systems are collaborating to enable applications based on the OpenLaszlo rich Internet development platform to run on devices running Java Platform ME (Micro Edition). The collaboration is featured as part of an effort code-named Project Orbit. From the Orbit description: "Java Platform, Micro Edition (Java ME) is the most ubiquitous application platform for embedded devices in the world, with more than 3.8 billion Java devices including 1.2 billion Java technology-powered phones. It provides a robust, flexible environment for applications running on a broad range of devices, such as mobile phones, PDAs, TV set-top boxes, and printers. Applications based on Java ME specifications are written once for a wide range of devices, yet exploit each device's native capabilities. OpenLaszlo is a widely adopted open source application development platform that uses Ajax-style programming techniques, integrating XML and JavaScript, to create rich and robust online experiences. With Orbit, Sun and Laszlo will work together to connect OpenLaszlo's expressive markup language, LZX, with the ubiquity and power of the Java ME platform."
See also: the announcement

SimpleXML: A Markup-Specific Library for XML Processing in PHP
Elliotte Rusty Harold, IBM developerWorks
This article describes the SimpleXML extension which is bundled with PHP version 5 and enables PHP pages to query, search, modify, and republish XML in a PHP-friendly syntax. As long as you have a good idea of your document's structure, SimpleXML expressions are easy to write. However, if you don't know exactly where the elements of interest appear (as might be the case in Docbook, HTML, and similar narrative documents), SimpleXML can use XPath expressions to find the elements. SimpleXML is a useful addition to the PHP programmer's toolkit provided you don't need to handle mixed content. That covers a lot of use cases. In particular, it works well with simple, record- like data. As long as the document isn't too deep, too complex, and doesn't have mixed content, SimpleXML is much easier than the DOM alternative. It also helps if you know your document structure in advance, although XPath can go a long way toward relaxing that requirement. The omission of validation and the lack of any support for mixed content is troubling but not always crippling. Many simple formats don't have mixed content, and many use cases involve only very predictable data formats. If that describes your work, you owe it to yourself to try SimpleXML. With a little attention to error handling and some effort on the caching end to alleviate performance problems, SimpleXML can be a reliable and robust means of processing XML from within PHP.

DIAL Part 0: Primer. Device Independent Authoring Language
Kevin Smith (ed)., W3C Technical Report
Members of W3C's Device Independence Working Group have published an initial working draft for "DIAL Part 0: Primer" as part of the W3C Device Independence Activity. The document provides an introduction to, and the benefits of, DIAL (the Device Independent Authoring Language). It summarizes the concept of device independence, the scenarios in which it could be used, and the considerations in order to achieve that goal. It then describes the role of DIAL in ensuring the delivery of content suitable for the user, device and inherent circumstances in which it was requested. The goal of DIAL is to overcome the authoring challenges inherent in creating a web page which delivers a harmonized user experience across multiple delivery contexts. As such, DIAL forms a key part of the Device Independence activity "'to assist authors in creating sites and applications that can support device independence in ways that allow it to be widely employed'". In other words, DIAL facilitates writing a Web page that can be presented by a range of devices, with differing capabilities and states; and consumed by users with differing preferences and entitlements (such varying conditions are illustrated in 'Delivery context characteristics'). This is achieved by allowing authors to declare authorial intent as to the conditions under which content should be chosen or filtered. In this simple example, the author intends that users subscribing to a service receive a premium representation of a content item, and other users receive just a regular representation.
See also: W3C Device Independence

Three Ways of Writing XML Transformation Programs
Rick Jelliffe, O'Reilly Blog
I made three prototype implementations of the Topologi XSD to RELAX NG Compact Syntax translator, before adopting a particular one. First, I used Topologi's high-level inhouse Java library for XSD, which we use on other products. I looked at converting that into the Java API of one of the versions of RELAX NG in James Clarks' Trang translation software. Second, I tried using XSLT to generate RELAX NG Compact Syntax directly. Third, I looked at using XSLT 2 (Saxon) to generate RELAX NG as XML, then use Trang to convert from this XML to RELAX NG Compact Syntax... All in all, I think the draft RELAX NG compact syntax schemas for draft Ecma OOX at least show that ISO RELAX NG is a viable technical option even for large complex documents that use XSD schemas: the choice of a particular document type should not force your hand to adopt one stream of schema technology — especially for grammar-based schema languages. I'm also working recently on another project where the independent schema consultant developers in RELAX NG and then distributes as XSD: a nice approach, and I expect over the few years that schema- language neutrality will become a more widely adopted stance by buyers/developer/overseers.
See also: XML schema languages

Iona Upgrades ESB with SOA Management, Orchestration
Paul Krill, InfoWorld
Iona is introducing Version 4.1 of its Artix ESB, featuring integration with the AmberPoint SOA management platform, as well as orchestration capabilities. Through this integration, users can manage Aritx runtimes in the areas of performance and logging. AmberPoint must be purchased separately. Version 4.1's enhanced orchestration capabilities provide the ability to pass security authentication credentials as services are orchestrated. Quality of service capabilities are featured as well for service orchestration. Iona describes orchestration as the ability to manage a workflow that strings together individual applications into a composite application or service. Version 4.1 supports the SOAP 1.2 specification and adds WS-ReliableMessaging and persistence capabilities for SOAP 1.2. By supporting these enhancements in relation to SOAP 1.2, messages can be sent reliably even if there is an interruption in sending of messages. WS-ReliableMessaging and persistence are not included in SOAP 1.2, but Artix is adding these capabilities. "[WS-ReliableMessaging and persistence are] not literal to the spec, but we believe it should be there," said Pat Walsh, director of product marketing and management at Iona.
See also: reliable messaging references

Newsmaker: For Opera, Smaller Really is Better
Charles Cooper, CNET News.com
CTO Hakon Wium Lie says the company's moving faster on the tech front than much larger rival Microsoft. "We few, we happy few, we band of brothers," the king proclaims before his men head into battle. With all of Microsoft's riches and power behind it, Internet Explorer has dominated the Web browser market since Netscape's defeat in the late 1990s. But as CTO of Opera Software, Wium Lie's job is to figure out how to incorporate the best technology possible in his company's software — and in this, he's stolen a beat on Opera's much bigger rival. For much of the last year, Microsoft has banged the drum for the arrival of Internet Explorer 7. In the meantime, Wium Lie says Opera has been able to move faster than Microsoft on sundry browser issues such as tabbed browsing, speed, privacy and security. At last count, Opera had only about 1 percent of the Web browser market, so Microsoft's not exactly quaking in its boots. Lie: "10 years ago, I took a bet with somebody about whether HTML would be around 50 years from then. Now there are only 40 years left, but the computers we buy years in the future are going to be able to read the HTML created as of 1996. Formats are going to be with us. There's so much content there, and there's really no reason to change them: HTML is here to stay; CSS, I hope; XML — all these acronyms that we're dealing with are here. They're going to evolve, but they're basically going to remain part of the same functionality. The user interface — that's the other part. I think the user interface is going to change a whole lot. We're going to see browsers in all sorts of units, not just mobile phones or game consoles or laptops. There's going to be a range of products. As people get addicted to these Web sites like CNET or Slashdot, they're going to want access to those all over. They're not going to be tied to a stationary PC or a laptop. They want ubiquitous access. So we're going to see browsers enter into places that we never thought about before."


XML.org is an OASIS Information Channel sponsored by BEA Systems, Inc., IBM Corporation, Innodata Isogen, SAP AG and Sun Microsystems, Inc.

Use http://www.oasis-open.org/mlmanage to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml for the list archives.


Bottom Gear Image