Back to newsletter list
XML Daily Newslink. Friday, 09 May 2008
A Cover Pages Publication http://xml.coverpages.org/
Provided by OASIS http://www.oasis-open.org
Edited by Robin Cover
====================================================
This issue of XML Daily Newslink is sponsored by
IBM Corporation http://www.ibm.com
====================================================
HEADLINES:
* Open Source SOA with Service Component Architecture and Apache Tuscany
* Jericho Report: Collaboration Oriented Architectures
* Metadata for Learning Resources: An Update on Standards Activity 2008
* SCA and JBI: Best of Both Worlds?
* Under the Hood: Oracle Berkeley DB XML
* Internationalize Your Applications with XSLT
* Power to the Patients: Microsoft and Google Revolutionize Medical Records
* Reference Architecture for Service Oriented Architecture Version 1.0
* Sun: Java Ubiquity An Advantage in RIA Battle
----------------------------------------------------------------------
Open Source SOA with Service Component Architecture and Apache Tuscany
Doug Tidwell, Tutorial Presentation
The material in this tutorial was presented at the OASIS Open Standards
2008 Symposium, where the program Theme was: "Composability within
Service Oriented Architectures." Abstract: Service Component Architecture
(SCA) provides a simple programming model to address the challenges of
building composite applications. SCA provides a consistent assembly
model of distributed applications and of the components from which they
are constructed. This model explicitly separates business logic
(Component/Services/References) from the details of how a running
application is assembled (Composite/Wire) and deployed. This promotes
a common terminology and supports a common understanding of the
capability of applications and the way those applications work together.
This common model also provides the hooks for tooling, governance,
monitoring, and management in the service-oriented world. The Apache
Tuscany incubator project provides an open source services infrastructure
for building, deploying and running SOA solutions based on Service
Component Architecture (SCA) specifications. Apache Tuscany extends
SCA beyond the specifications including support for OSGi and Web 2.0.
With Tuscany, application developers can easily create components
that provide and use services using a variety of programming languages
(Java, BPEL, scripting languages, XQuery, etc), assemble these
components into composite applications and deploy them in a distributed
environment. Tuscany supports many bindings to facilitate service
communication, including Web Services, EJB, JMS, RMI, JSON-RPC, Atom,
etc. This tutorial explores how to use SCA and Tuscany to build
composite service applications, showing coding examples for how to
implement and assemble SCA components. Tuscany is used to build, deploy
and run an SCA application on top of Apache Geronimo, communicate with
Web Services via Tuscany Axis2 integration, and integrate Web 2.0
clients using JSON-RPC. We use a real world scenario to demonstrate
how to build and evolve an online store application using Tuscany SCA
as the business grows over time, developed in the following stages:
(1) Create an online store, implement services, and integrate a Web
2.0 client; (2) Rewire the composite application after a merger; (3)
Integrate a database; (4) Add new services and bindings; (5) Integrate
with online services; (6) Reconfigure and rewire the composition as
the online business expands.
http://events.oasis-open.org/home/sites/events.oasis-open.org.home/files/SCA-Tuscany-0428.pdf
See also the Apache Tuscany Project: http://incubator.apache.org/tuscany/home.html
----------------------------------------------------------------------
Jericho Report: Collaboration Oriented Architectures
Staff, Jericho Forum Position Paper
Collaboration Oriented Architectures (COAs) enable enterprises that
use them to operate in a secure and reliable manner in an environment
of increasing information threat, and where it is the growing norm to
interact without boundaries, irrespective of the location of the data
or the number of collaborating parties. While many organizations are
trying to respond to the de-perimeterization issue, they often lack a
framework and set of guiding principles to organize and implement
specific solutions; this paper aims to fill the gap.... COA framework
generalizes conventional architectures through: (1) increased emphasis
on the core requirements; (2) a user repository (keyed on people
identifiers), generalized into a contract repository (keyed on
relationship, or obligation identifiers); a contract repository
records agreements, and the obligations and capabilities that ensue
from them; (3) an accounting log (keyed on system events), generalized
into a reputation repository (keyed on business events). A reputation
repository records user actions and compares them to applicable
contracts, and, depending on whether or not the actions are in
accordance with the contract, upgrades or downgrades a reputation.
The architecture formed by combining SOA (Service Oriented Architecture)
with available security protocols (SAML or other XML) is [of itself]
insufficient to support COA. [Other elements may include:] Standard
Security Management System ISO/IEC 27001; Business processes that
manage the collaborations founded on practises found in COBIT; Service
Management capabilities detailed in ITIL; The architecture capabilities
defined in TOGAF; A powerful language for describing access policies
and delegations, where XACML version 3.0 is a promising candidate;
Access managers that will enforce an externally-required or end-to-end
policy; Attribute brokers that will establish a requester's identity,
credentials and attributes to an appropriate degree of confidence,
based on information from multiple authoritative sources, e.g.,
attribute authorities; Performance managers that will record what a
user or system does at the level of business events, judge whether the
user or system has acted in accordance with a contract or other agreed
obligation, and report on their compliance profile; Contract brokers
that will negotiate and agree new collaborative understandings between
collaborating individuals in ways which do not violate their 'owning'
organization's and jurisdiction's existing policies and contracts.
These new contracts must be expressed in an open-standard language which
can be interpreted by performance managers and access managers -- where
eBXML is a strong candidate.
http://www.opengroup.org/jericho/COA_v1.0.pdf
See also Dan Blum's Burton Group Blog: http://srmsblog.burtongroup.com/2008/05/jericho-forum-a.html
----------------------------------------------------------------------
Metadata for Learning Resources: An Update on Standards Activity 2008
Sarah Currier, Ariadne
In this article the author provides an overview of current initiatives
in standards for educational metadata. In 2002 the Institute of Electrical
and Electronics Engineers (IEEE) published the IEEE Learning Object
Metadata standard (IEEE LOM), superseding the IMS Learning Resource
Meta-data specification, which had been developed and used through
several versions since the mid-1990s. Over the same general period,
the Dublin Core Metadata Initiative (DCMI) had established the Dublin
Core (DC) as a standard for describing all kinds of web-based resources.
The Dublin Core Education Working Group emerged as one of several
special interest groups developing specific metadata elements for the
use of their communities. Both of these standards have seen wide uptake
since their establishment, together with a growing body of both
practical implementation experience and applied research into their
application. National and international standards bodies involved in
educational technology have maintained interest in supporting them,
and various communities of interest and organisations have attempted
to achieve some measure of interoperability through development of a
number of application profiles. The IEEE LOM is a multi-part standard,
currently consisting of a data model and an XML schema, but with
further parts currently under development as noted below. In addition,
the IMS Global Learning Consortium maintains a set of best practice
guidelines that accompany the LOM. The LOM's history is intimately
bound up with the history and development of the IMS e-learning
interoperability specifications (e.g. IMS Content Packaging), and
with the history of the ADL SCORM reference model, which profiles
the LOM alongside other specifications. It is worth noting, however,
that the most recent development in the content interoperability
domain within IMS, the IMS Common Cartridge specification, profiles
Dublin Core metadata within its packages, albeit using a LOM mapping
of Simple Dublin Core... On 27-March-2008 the IEEE approved two
Project Authorization Requests (PARs), one for the recommended
practice for expressing LOM using DCAM, and one for the RDF translation
of the LOM. Both the DCMI and IEEE recommendation documents will
provide expressions of LOM elements and vocabularies that are reusable
within DC metadata, which is good news for the DC Education Application
Profile... A separate group interested in improving on the LOM began
work under the aegis of the International Standards Organisation (ISO).
The major concerns being addressed were providing support for
multilingual capability and alternate resources, e.g. for accessibility
purposes. The standard will be in two parts: a framework, and a set of
core elements. While clearly borne out of similar frustrations as have
been felt in the LOM communities around the world, this has occasioned
some consternation in the rest of the e-learning standards domain, as
it seems a third standard, which is not immediately interoperable with
the other two, may be on the horizon...
http://www.ariadne.ac.uk/issue55/currier/
----------------------------------------------------------------------
SCA and JBI: Best of Both Worlds?
Srini Penchikala, InfoQueue
At JavaOne 2008 conference, Jos Dirksen and Tijs Rademakers gave a
presentation on using Service Component Architecture (SCA) and Java
Business Integration (JBI) frameworks together to get the best of both
worlds. SCA defines a service-based model for construction, assembly
and deployment of network of services to distributed runtime
environments. JBI specification provides a standard for integrating
the application components and orchestrating the services. Using a
sample "JavaOne Event Session SCA service" application, Jos and Tijs
demonstrated on how to deploy an SCA application as a Service Unit
(SU) on a JBI container. The sample application used SCA components
written in Java, Spring configuration, and JavaScript and expose the
service components to an Apache Tuscany server. In another SCA related
session, Mike Edwards gave an overview of SCA architecture model. He
talked about key benefits of SCA, four elements of SCA design and
implementation (Assembly, Client and Implementation Specification,
Binding and Policy Framework), and SCA composition scenarios (Top-down
and Bottom-up composition). He also talked about the abstract policy
declaration option for defining the security policies in the enterprise
and associate the policies with SCA components using annotations
like @Confidentiality and @Integrity. SCA model promotes separation of
concerns so the developers can focus on the business logic when writing
the components and use SCA bindings to implement the infrastructure
concerns like transactions, security etc. These SCA bindings can be
managed at a fine-grained level (method, protocol or transport level).
http://www.infoq.com/news/2008/05/sca-jbi-together
----------------------------------------------------------------------
Under the Hood: Oracle Berkeley DB XML
Deepak Vohra, XML.com
Storing an XML document in a relational database has its limitations.
XML's hierarchical structures of elements and element attributes do not
necessarily map well to relational database structures, which is where
an embeddable (non-relational) XML database has its advantages over a
relational database. Oracle databases (since Oracle 9i database R2)
provide the Oracle XML DB feature to store and query XML documents in
an XMLType data-type column, but you still need a DBA to manage the
Oracle database. On the other hand, Oracle Berkley DB XML is an
embeddable XML database for storing and retrieving XML documents, one
which provides efficient querying of XML documents using XQuery. Oracle
Berkley DB XML is built on the embeddable Oracle Berkley DB database
and inherits all the features of the database... Oracle Berkeley DB XML
database stores XML data in a container. A container is managed with a
'XmlManager' object. XML documents may be stored in a Oracle Berkeley
DB XML database as whole documents or a set of nodes. It's recommended
to store whole documents if the documents are relatively small and
loading performance is more important than query performance. Storing
in nodes is recommended if query performance is more important than
loading performance and documents are relatively large. BDB XML supports
XQuery 1.0 and XPath 2.0 specifications to query an XML document in
the database. XML documents in a BDB XML database may be modified,
updated and deleted... The Berkeley DB XML database stores complete XML
documents and provides the provision to query, modify and update
documents without having to retrieve the documents from the database.
Note: Oracle acquired Berkeley DB from Sleepycat Software in February
2006 and overhauled the database. Oracle Berkeley DB XML Release 2.4
supports the Candiadate Recommendation of W3C's "XQuery Update 1.0".
http://www.xml.com/pub/a/2008/05/07/under-the-hood-oracle-berkeley-db-xml.html
----------------------------------------------------------------------
Internationalize Your Applications with XSLT
L. Gianfagna, S. Borghetti, A. Perrone; IBM developerWorks
Today's reporting applications use XML extensively to format data,
regardless of the different data sources. More specifically, Web-based
reporting applications usually use XSL transformations to present this
XML data to different clients. The standard flow for current reporting
systems is more or less represented by this chain: 'legacy data source
to XML to XSL transformation to Web browser'. Note that you can perform
the XSL transformation step either on the server side or the client
side, viz., the browser. The choice generally depends on nonfunctional
requirements; for example, in a system with a high request rate, moving
the XSL transformation to the client could result in performance and
scalability benefits. The Web page coming from the XSL transformation
must be internationalized. However, when the XSL transformation is
performed on the client, the internationalization should be handled
during the transformation itself. This means that the XSL transformation
should manage the translation of the messages dynamically. In this
article, we propose a general solution to address this issue. The
article provides a client-side solution based on XSL transformations
for internationalizing XML content. No work is required on the server;
you only need to store in the XML the language to be used for
internationalization. The client completes the job by using the XSLT
document function to retrieve the correct dictionary in the XSL
transformation. The proposed solution consists of these building blocks:
(1) An XSLT client-side transformation; (2) Language ID availability
during the transformation -- such as the it_IT language code; (3) An
XML dictionary in UTF-8 format, where the file-naming convention must
contain the language ID; (4) The XSLT document function to access
the XML dictionary.
http://www.ibm.com/developerworks/xml/library/x-clientxslti18n/
See also Menke's 'XML dictionary approach': http://www.ibm.com/developerworks/xml/library/wa-xslt/
----------------------------------------------------------------------
Power to the Patients: Microsoft and Google Revolutionize Medical Records
Greg Goth, IEEE Distributed Systems Online
Network-enabled communication has revolutionized financial services,
retail sales, auctions, and business-to-business transactions. But one
of the largest global economy's sectors -- healthcare -- remains locked
in a technological netherworld, part paper, part digital, and almost
entirely user-unfriendly. It might take Google and Microsoft --
technology giants, but health-records neophytes -- to give networked and
interoperable electronic health records just the kick start they need
to escape the siloed and proprietary model now prevalent. The new
technologies, Google Health and Microsoft HealthVault, are classified
as personal health records (PHRs), which are a subset of
industry-recognized electronic health records (EHRs). Both companies
are now engaged in pilot programs with healthcare organizations regarded
as e-health pioneers. Google and Cleveland Clinic are piloting the
Google Health technology, while Microsoft is piloting the HealthVault
architecture with the Mayo Clinic. Eventually, the two technologies
will allow patients to synchronize their records between their various
healthcare providers, including dynamic uploading of new data that will
then be available to any authorized doctor, nurse, or pharmacist,
regardless of their institutional affiliation. The approaches are
different: Google Health is a front-end application, while HealthVault
is a database that users will augment with via third-party applications.
However, the goal is the same in both cases: patients will have ultimate
control of their medical records. The Google Health platform is a
direct-to-consumer play, putting them in control. That key word "control"
could be an amorphously defined but viciously contested battleground
between antagonists in several camps: entrenched EHR vendors, which
have done well in the current proprietary landscape, versus Microsoft,
Google, and new low-cost EHR vendors; and large medical groups and
hospitals, which currently store and own patient data, versus consumers,
who want to be the ones to distribute data as they see fit... Even for
physicians, hospitals, and patients that can agree on the principles of
patient-controlled records, significant financial, technical, and
regulatory hurdles remain before the mass deployment of PHR-based
records systems. Dr. John Halamka [CIO of Beth Israel Deaconess Medical
Center in Boston and also CIO of Harvard Medical School] says only 18
percent of US-based physicians currently employ EHRs... He says much of
the standardization work has progressed well. Transport will be conducted
via Web Services standards such as SOAP, XML, and WSDL; the industry has
agreed upon a document format called the Continuity of Care Document
(CCD). The XML-based CCD contains both structured and unstructured
data elements and has been accepted by the major medical records vendors
and the US government.
http://dsonline.computer.org/portal/pages/dsonline/2008/05/o5001news.html
See also the Continuity of Care Document (CCD): http://xml.coverpages.org/healthcare.html#ccr
----------------------------------------------------------------------
Reference Architecture for Service Oriented Architecture Version 1.0
J. Estefan, K. Laskey, F. McCabe, D. Thornton (eds.), OASIS PR Draft
The OASIS Service Oriented Architecture Reference Model (SOA-RM)
Technical Committee recently approved a Committee Draft specification
public review, ending 8-July-2008. "Reference Architecture for Service
Oriented Architecture Version 1.0" specifies the OASIS Reference
Architecture for Service Oriented Architecture. It follows from the
concepts and relationships defined in the OASIS Reference Model for
Service Oriented Architecture. While it remains abstract in nature,
the document describes one possible template upon which a SOA concrete
architecture can be built. Our focus in this architecture is on an
approach to integrating business with the information technology needed
to support it. The issues involved with integration are always present,
but, we find, are thrown into clear focus when business integration
involves crossing ownership boundaries. This architecture follows the
recommended practice of describing architecture in terms of models,
views, and viewpoints, as prescribed in ANSI/IEEE 1471 Std. This
Reference Architecture is principally targeted at Enterprise Architects;
however, Business and IT Architects as well as CIOs and other senior
executives involved in strategic business and IT planning should also
find the architectural views and models described herein to be of value.
The Reference Architecture has three main views: the Business via
Service view which lays the foundation for conducting business in the
context of Service Oriented Architecture; the Realizing Services view
which addresses the requirements for constructing a Service Oriented
Architecture; and the Owning Service Oriented Architecture view which
focuses on the governance and management of SOA-based systems... It
is fully recognized that other SOA reference architectures have emerged
in the industry, both from the analyst community and the vendor/solution
provider community. Some of these reference architectures are at a
sufficient level of abstraction away from specific implementation
technologies while others are based on a solution or technology stack.
Still others use emerging middleware technologies such as the Enterprise
Service Bus (ESB) as the architectural foundation. As with the Reference
Model for SOA, the Reference Architecture for SOA is primarily focused
on large-scale distributed IT systems where the participants may be
legally separate entities. While it is quite possible for many aspects
of the Reference Architecture to be realized on quite different
platforms, we do not dwell on such opportunities.
http://docs.oasis-open.org/soa-rm/soa-ra/v1.0/soa-ra-pr-01.html
See also the announcement: http://lists.oasis-open.org/archives/tc-announce/200805/msg00003.html
----------------------------------------------------------------------
Sun: Java Ubiquity An Advantage in RIA Battle
Paul Krill, InfoWorld
Sun Microsystems is counting on the ubiquitous nature of Java to help
its JavaFX technology compete in the rich Internet application (RIA)
space against rivals Adobe Systems and Microsoft. A browser plug-in
for JavaFX will be featured in the Java SE (Standard Edition) 6 Update
10 release due this fall. Both Adobe, with its Flash platform, and
Microsoft, with Silverlight, are offering plug-in platforms for rich
Internet applications. But Sun plans to provide the industry-leading
rich client with JavaFX, said Param Singh, Sun senior director of Java
marketing. The Java runtime helps make this possible, he stressed during
an interview at the JavaOne conference on Thursday afternoon. Sun's
JavaFX plug-in will enable deployment of applications that can work
either in or outside of the browser, Singh said. This ability to run
applications inside or outside of a browser is similar to what Adobe
is offering with its AIR (Adobe Integrated Runtime) software. "In our
product design, we have looked at all competing environments. But our
focus remains to provide the best RIA," said Singh. JavaFX, which was
first revealed a year ago, features a client runtime for building rich
Internet applications as well as the JavaFX Script scripting language.
Runtimes for platforms such as the desktop, mobile device, and even
televisions are planned... In other discussions at JavaOne, Sun
officials detailed potential changes to the Java Community Process
(JCP) for amending the Java platform, as well as plans to enhance the
Sun SOA Platform. Sun offered Java up to open source in November 2006.
The open-sourcing, however, does not eliminate the need for the JCP
to oversee development of the Java platform, said Curran. Open source
guarantees openness and transparency, but it does not provide for the
development of formal specifications, conformance tests, or the
likelihood of competing implementations, he said. Meanwhile, in June
Sun plans to upgrade to its SOA package, Java Composite Application
Platform Suite (CAPS). Version 6 of the suite will have capabilities
to show unified subject views. These capabilities are derived from
Sun's open source Project Mural, which focuses on master data management,
Sun officials said. Project Mural unifies information about a customer,
or perhaps a citizen or medical patient, to present a single view of
the subject in question. CAPS also features the GlassFish application
server, the Open ESB enterprise service bus, business process
capabilities, and legacy adapters. The upgrade will be called CAPS 6.
http://www.infoworld.com/article/08/05/09/Java-ubiquity-an-advantage-in-RIA-battle_1.html
----------------------------------------------------------------------
XML Daily Newslink and Cover Pages are sponsored by:
BEA Systems, Inc. http://www.bea.com
EDS http://www.eds.com
IBM Corporation http://www.ibm.com
Primeton http://www.primeton.com
SAP AG http://www.sap.com
Sun Microsystems, Inc. http://sun.com
----------------------------------------------------------------------
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: newsletter-subscribe@xml.coverpages.org
Newsletter ***: newsletter-***@xml.coverpages.org
Newsletter help: newsletter-help@xml.coverpages.org
Cover Pages: http://xml.coverpages.org/
----------------------------------------------------------------------
