OASIS ebXML RegRep v4.0 Approved as International Standard

Boston, MA, 23 February 2023 — OASIS Open, the international open source and standards consortium, announced that the OASIS Electronic Business eXtensible Markup Language (ebXML) Registry and Repository (RegRep) v4.0 has been published as a global standard by the International Organization for Standardization (ISO) as ISO 15000-3, Electronic business eXtensible Markup Language (ebXML) – Part 3: Registry and repository. ISO 15000-3 is one of many data and documents standards approved by ISO Technical Committee (TC) 154.

Originally produced by the OASIS ebXML Registry Technical Committee (TC), ebXML RegRep v4.0 is a standard that defines the service interfaces, protocols, and information model for an integrated registry and repository. The repository stores digital content while the registry stores metadata that describes the content in the repository. The ebXML registry standard has been deployed in diverse applications by organizations worldwide. 

The ebXML RegRep standard allows for greater interoperability and cooperation between public and private authorities. Versions of ebXML RegRep are used in domains such as healthcare and geospatial information. The current version of the standard is adopted by one of the European Commission’s initiatives, the Once-Only Technical System (OOTS) for exchange of official documents and data for EU citizens and businesses. It is also used in OpenPeppol in pre-award electronic tendering specifications: “Search Notices” and “Publish Notice”.

The OASIS ebXML Core (ebCore) TC provides continued maintenance and related work on ebXML RegRep and other OASIS ebXML specifications. Its newest specification added an ebXML Messaging binding for RegRep.

“It is great to see ISO and OASIS working together in order to advance the ratification of ebXML specifications, in this case ebXML RegRep,” said Nikola Stojanovic, an author of the ebXML RegRep standard. “Congratulations to the EU teams on implementing such major initiatives while leveraging the ebXML RegRep standard.” 

“The Single Market is one of the EU’s greatest achievements. Online procedures mean that ever more citizens and businesses can make use of their rights and live, work, and do business in different EU countries. Through the Single Digital Gateway Regulation, the Commission and the EU Member States are implementing a large-scale distributed system called the Once-Only Technical System supporting the exchange of evidence in administrative procedures,” said Joao Rodrigues Frade, Head of Sector at the Directorate-General for Informatics of the European Commission. “The Once-Only Technical System will use OASIS RegRep version 4.0 as a key specification for the common services and secure exchange of evidence i.e. official documents exchanged by public administrations on the explicit request of the citizen. In this context, we welcome the adoption of this specification as use of open standards is a core principle of the Once-Only Technical System architecture.”

“OASIS ebXML RegRep is a robust specification for the definition of queries and realization of data requests to public registries,” said Andriana Prentza, Professor at University of Piraeus. “It has been proven very valuable in the realization of the once-only principle and implementation of data services that enable the service discovery and exchange of information between data consumers and data providers.”

Media Inquiries:
communications@oasis-open.org

GS1, Intel, MonetaGo, and Pinary Join OriginBX Sponsors to Define Product Data Standards for Global Tax, Trade and ESG Compliance

10 May 2022 — OASIS Open, the international open source and standards consortium, announced today that GS1, Intel, MonetaGo, and Pinary are the newest sponsors of OriginBX, an international movement to advance open source detail product component level data standards for facilitating digital tax, trade, and ESG attestations.

Launched in June 2021, the OriginBX community has a shared vision to reduce the inefficiency and cost incurred by manufacturers needing to comply with a growing list of complex tax, trade and ESG disclosure requirements.  Such claims range from forced labor and conflict minerals, to country of origin and preferential trade programs.  Among other costs of compliance benefits to producers and supply chain partners, the OriginBX standards aim to increase the utilization of free trade agreements to boost GDP of developing countries.  The new sponsors join Accenture, Amazon, CompTIA, IBM, the International Chamber of Commerce, Inveniam, KYG.Trade, Origin Experts Group, Skuchain, Thomson Reuters, and UPS in providing strategic vision, governance, technical guidance, and financial support for OriginBX’s work.

“We’re pleased that GS1, Intel, MonetaGo, and Pinary have joined the OriginBX community, alongside a growing list of leaders supporting this international alliance,” said Todd R. Smith of KYG.Trade, co-chair of the OriginBX Project Governing Board (PGB). “The more private enterprises and global policy setting organizations join OriginBX, the more collaboration and momentum there will be towards adopting digital ‘component-level’ product attribute standards.”

“It is inspirational to see OASIS enlisting the global community to create open source interoperable standards  for international product tax, trade and ESG compliance. It is a worthwhile initiative for which I am grateful to be appointed co-chair,” said Oswald Kuyler of MonetaGo, co-chair of the OriginBX PGB. “At MonetaGo, we advocate standards-based enablement for trade solutions – our Secure Financing system for trade finance deduplication exemplifies the power of standards to achieve scale and interoperability worldwide.”


Support for OriginBX

GS1

“GS1 is a neutral and not-for-profit standards organization developing open and interoperable global data standards. The objectives of GS1 and OASIS are well aligned, and we are proud to be involved as a project governing board member of OriginBX. We look forward to working with the participants of OriginBX on improving the ecosystem for identification, attestation and data sharing that will support cross-border trade facilitation going into the future.”

– Robert Beideman, Chief Product Officer, GS1

Intel  

“Reducing the digital divide between countries remains a top priority, previously thought beyond our reach. The standardization of trade data in digital global tax and trade attestations (“GTTAs”) innovations provides the backbone to strategies related to private/public data centrism within a trade context for an innovative, connected, and data-centric world. Partnering with OriginBX members, a like-minded coalition of tax and trade compliance experts and visionaries, is an honor as we collectively work to advance the potential of digital GTTA and blockchain technologies to achieve each trading partner’s economic and competitive goals.”

–Michelle Stout, Senior Director, Intel


About OriginBX

OriginBX supports trade specific digital product data open standards, SDKs, and APIs. In particular, by reducing complexity and the cost of complying with global tax, trade and ESG regulations. We work closely with global non-profit initiatives and alliances to promote the WTO trade facilitation agreement and the UN’s sustainable development goals. OriginBX is governed and supported as an OASIS Open Project.

www.originbx-oasis.org


Media inquiries:
communications@oasis-open.org

OASIS Approves OSLC PROMCODE Standard for Exchanging Project Management Information Across Organizational Boundaries

11 April 2022 — OASIS Open, the global open source and standards consortium, announced that its members have approved OSLC PROMCODE Version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed by the OSLC Lifecycle Integration for Project Management of Contracted Delivery Technical Committee, OSLC PROMCODE is designed to address the need for systematic sharing of project management information within and between organizations.

Global software delivery is commonplace today. With ever increasing pressure, such as faster delivery, competitive cost, and skill availability, it is becoming common for software delivery to be done by collaboration of multiple organizations forming a chain of carriers and suppliers. Resembling the traditional manufacturing industry supply chain, this trend of software delivery is often called a Software Supply Chain (SSC). The SSC is a new paradigm of software delivery, where carriers and suppliers work together.

“Effective collaboration between a Software Supply Chain acquirer and supplier requires activities to be managed and information to be shared across organizational boundaries. As the number of organizations involved in software delivery increases, the need for more systematic and standards-based information sharing and coordination becomes critical,” said Tsutomu Kamimura, chair of the OSLC PROMCODE Technical Committee. “OSLC PROMCODE enables customers and vendors to manage project-management data via a standard interface across organizations and lowers the risk of project delays and cost overruns.”

Participation in the OASIS OSLC PROMCODE Technical Committee is open to all companies, nonprofit groups, governments, academic institutions, and individuals through membership in OASIS. As with all OASIS projects, archives of the Committee’s work are accessible to both members and non-members alike. OASIS also hosts an open mailing list for public comment.

Support for OSLC PROMCODE V1.0

IBM

“IBM is pleased to be a key contributor in the OSLC PROMCODE TC. The specification expands the existing OSLC standard so that we can realize more seamless communication between systems among organizations. Congratulations to all the contributors of the release.”

– Masaki Wakao, Senior Technical Staff Member, IBM

NEC

“NEC is pleased to have contributed to the release of the OSLC PROMCODE specification. Cooperation between software vendors is essential for large scale projects. We hope that PROMCODE, which realizes the alignment among software vendors via exchange of management data, will be the basis of smooth communication.”

– Shigenori Kobayashi, Director, Software and System Engineering Department, NEC

Additional Information

OASIS OSLC PROMCODE TC:   https://www.oasis-open.org/committees/oslc-promcode

Media inquiries:

communications@oasis-open.org

SAM Threshold Sharing Schemes V1.0 Approved as OASIS Standard

23 March 2022 — OASIS Open, the global open source and standards consortium, announced that its members have approved SAM Threshold Sharing Schemes Version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed by the Security Algorithms & Methods (SAM) Technical Committee, SAM Threshold Sharing Scheme V1.0 is intended for developers and architects designing systems and applications that utilize threshold sharing schemes in an interoperable manner.

“SAM Threshold Sharing Schemes V1.0 aids in the interoperability of applications implementing cryptographic capabilities in support of OASIS and other standards and specifications,” said Tim Chevalier of NetApp, co-chair of the OASIS SAM Technical Committee. “Many organizations are unable to conform with a range of specifications that deal with cryptographic algorithms or methods because those algorithms and methods are not documented in a manner that is able to be referenced.” 

“The primary goal of OASIS SAM Threshold Sharing Scheme is to provide a standardized set of algorithms, mechanisms, and methods that can be used in an interoperable way to recover secret data in a secure way, this should be immediately available to other OASIS Technical Committees and recognized standards bodies,” said OASIS SAM co-chair, Greg Scott of Cryptsoft. 

Participation in the OASIS SAM Technical Committee is open to all companies, nonprofit groups, governments, academic institutions, and individuals through membership in OASIS. As with all OASIS projects, archives of the Committee’s work are accessible to both members and non-members alike. OASIS also hosts an open mailing list for public comment.

Support for SAM Threshold Sharing Schemes V1.0

Cryptsoft

“Cryptsoft is pleased to be a key participant in the SAM TC. Threshold Sharing Schemes (TSS) are widely used but have typically been non-interoperable between vendors and usage domains. Interoperable TSS allows for disaster recovery and cryptographic multi-party authorization systems to be cross-vendor. This advance will allow for greater security and recoverability of secure data for a wide range of systems used in today’s modern organizations.”

 – Tim Hudson, CTO, Cryptsoft

Additional Information:

OASIS Security Algorithms and Methods (SAM) TC: 
https://www.oasis-open.org/committees/sam

Media inquiries: 
communications@oasis-open.org

EMQ Becomes OASIS Open’s Newest Foundational Sponsor

18 February 2022 — OASIS Open, the international open source and standards consortium, announced today that EMQ, an open-source Internet of Things data infrastructure software provider, is its newest Foundational Sponsor. EMQ joins IBM at the Foundational Sponsor level supporting the mission of OASIS at the highest level.

A leading provider of open source software for IoT, EMQ, joined OASIS in 2020 to help advance the OASIS standard for the Message Queuing Telemetry Transport (MQTT) Protocol, the most commonly used messaging protocol for IoT. EMQ’s support is critical in advancing the development and adoption of open standards and helps enable OASIS to fulfill its mission. To learn more about EMQ’s work, please read this blog post on EMQ’s website.

“We are very pleased to welcome EMQ as a Foundational Sponsor,” said OASIS Open Executive Director Guy Martin. “Since EMQ joined OASIS, they have been leading the cutting edge research using MQTT over QUIC and aiming to standardize it with the MQTT Technical Committee. We appreciate EMQ’s generous support which demonstrates their commitment to MQTT and advancing open standards, and we admire their contributions to open source and the IoT industry.”

As a pioneering and leading IoT data infrastructure software provider, EMQ has been working on the open source distributed MQTT broker compatible with MQTT 3.1 and 3.1.1 specifications since 2013. When MQTT became an OASIS open standard in 2016, EMQ actively engaged in the development and discussion of the MQTT 5.0 specification. In 2020, EMQ released the world’s first MQTT 5.0 server fully implementing the latest specification.

“We are excited to be a Foundational Sponsor of OASIS and to participate in the MQTT TC. We hope that the innovations EMQ has made to the MQTT server, including MQTT over QUIC, and MQTT Streaming, will become part of the MQTT open standards in the future. We look forward to working closely with OASIS to further drive the application of MQTT in the IoT industry and scenarios, to power the future-proof IoT solutions and enterprise digital transformation,” said Feng Lee, CEO at EMQ.

About EMQ

EMQ is an open-source IoT data infrastructure software provider, delivering the world’s leading cloud-native MQTT-based IoT messaging platform and streaming database, providing a one-stop cloud-native solution for real-time IoT data connection, movement, processing and analytics, from edge to cloud to multicloud.

The flagship product EMQX is adopted by more than 10,000 enterprise users from over 50 countries, connecting more than 100 million IoT devices worldwide. Trusted by over 300 customers in a business-critical production environment, EMQ powers the future-proof IoT solutions and enterprise digital transformation.

Media inquiries:
communications@oasis-open.org
+1.941.284.0403

OriginBX Alliance for Digital Trade and STIX/TAXII Cybersecurity Standards Win Open Cup Awards

19 January 2022 — OASIS Open, the international open source and standards consortium, announced the winners of the 2021 Open Cup, which recognizes exceptional advancements within the OASIS technical community. The Cup for Outstanding New Initiative was awarded to OriginBX, an international alliance of organizations that are defining global standards for digital trade. The Open Cup for Outstanding Approved Standard was awarded to STIX v2.1 & TAXII v2.1, two widely used cybersecurity standards that enable the automated exchange of cyber threat intelligence. In addition, the consortium named Martin Chapman, Frederick Hirsch, and Duncan Sparrell as OASIS Distinguished Contributors.

Open Cup Recipients

The 2021 Outstanding New Initiative, the OriginBX OASIS Open Project, is a global alliance to advance open source product and trade data standards for facilitating digital tax and trade attestations. By reducing complexity and the cost of complying with preferential and non-preferential country of origin determinations, OriginBX OASIS seeks to increase the utilization of free trade agreements to achieve desired public policy outcomes.

“Launched in June, OriginBX has attracted organizations representing diverse stakeholders in the technology, ecommerce, and customs brokerage sectors. The OriginBX community’s vision is to help build common standards to allow for greater automation in identifying countries of origin for manufactured goods and their components,” said OASIS Executive Director Guy Martin. “We’re proud to support this innovative new project as it aims to streamline global trade.”

OriginBX was chosen as the winner in the New Initiative category that includes finalist Electronic Secure Authentication (ESAT) Technical Committee

Named the Outstanding Approved Standard was STIX v2.1 & TAXII v2.1. STIX defines a JSON-based language for sharing structured threat intelligence in a consistent, machine-readable manner, allowing organizations to better protect against, detect, and respond to cyber threats. STIX v2.1 adds new objects and capabilities, enabling it to better describe the cyber threats we confront today, as well as future-proofing STIX via STIX Extensions. As a result, STIX v2.1 creates a solid and stable foundation for vendors and consumers alike to exchange actionable CTI.

TAXII defines a transport protocol which supports the exchange of STIX data over Hyper Text Transfer Protocol Secure (HTTPS). TAXII enables machine-to-machine sharing of CTI by defining an API that supports common sharing models used by industry and Information Sharing and Analysis Organizations (ISAOs).

“The revamped version 2.1 of STIX and TAXII are fast becoming the foundation for automating information sharing to provide cybersecurity professionals with situational awareness, sophisticated threat analysis, and real-time network defense,” said Chet Ensign, OASIS Chief Technical Community Steward.

STIX v2.1 & TAXII v2.1 were chosen from a group of finalists that included:

  • OSLC (Core v3.0, Change Mgmt v3.0, Requirements Mgmt v2.1, & Query v3.0)
  • LegalRuleML Core Specification v1.0
  • BDXR (Service Metadata Publishing (SMP) v2.0 & Exchange Header Envelope (XHE) v1.0

Distinguished Contributors

Each year, the Distinguished Contributor designation is awarded to a select group of OASIS members who have made significant contributions to the advancement of open standards and/or open source projects.

Martin Chapman, Ph.D., served on the OASIS Board of Directors from 2013-2021, and his roles included Vice Chair and Board Process Committee Chair. Martin promoted open standards and interoperability across Europe, focusing on standardization activities in the areas of Web Services, SOA, Business Process, and Cloud, and became involved in many activities in organizations such as OASIS, W3C, OMG, WS-I, ISO, and ITU-T. Martin served as the OASIS Technical Advisory Board (TAB) Chair and member; the CAMP Technical Committee Chair; the Program Advisor for the OASIS Symposium series; the OASIS representative on the EU Stakeholder Cybersecurity Certification Group (SCCG); and Chair of the OASIS Open Europe Foundation.

Duncan Sparrell of sFractal Consulting serves as Chair of the OASIS Open Command and Control (OpenC2) Technical Committee and is a deeply engaged member of the Cyber Threat Intelligence (CTI) TC, the Collaborative Automated Course of Action Operations (CACAO) TC, and the Common Security Advisory Framework (CSAF) TC. Duncan is actively involved in the Open Cybersecurity Alliance (OCA), an OASIS Open Project, as a member of the Project Governing Board and the Technical Steering Committee. In addition, Duncan volunteers as the official OASIS liaison to ITU-T and is Editor of the ITU recommendation X.1144rev, which is XACML 3.0. He also served as Program Advisor to the OASIS Borderless Cyber Conference series. A seasoned network security evangelist with 40+ years of expertise in conceiving, developing and delivering state-of-the art software platforms, Duncan has published numerous articles and holds 7 patents.

Frederick Hirsch served on the OASIS Board of Directors for 18 years, from 2003-2021, and his roles included Board Chair, Treasurer and Chair of the Board Finance and Audit Committee, Chair of the OASIS Board Governance and IPR advisory committee, Vice-Chair, Board Secretary, and Technical Advisory Board Liaison. Frederick is an independent consultant focused on establishing trust in systems based on the trustworthiness characteristics of security, safety, reliability, resilience and privacy. Frederick was a member of the Privacy By Design Documentation for Software Engineers (PbD-SE) Technical Committee and previously served as an editor in the SAML, WSS and DSS Technical Committees.

Media inquiries:
communications@oasis-open.org
+1.941.284.0403

Open Cybersecurity Alliance Adds PACE Posture Assessment Project

9 December 2021 — The Open Cybersecurity Alliance (OCA), a global, ​standards-based initiative to simplify ​​integration across the threat lifecycle, announced today that it has accepted the Posture Attribute Collection and Evaluation (PACE) project contributed by the Center for Internet Security (CIS), the National Security Agency (NSA) and McAfee. PACE will focus on creating production-ready code that evaluates the posture assessment of computing resources using a communication fabric which will allow organizations to use this information in zero-trust architecture decisioning.

Based on an implementation effort from the IETF Security Automation and Continuous Monitoring (SACM) architecture, PACE will deliver community-maintained code that will arm operators with an interoperable out-of-the-box solution that monitors risk and threat exposure, reducing integration costs and redundancy while increasing resiliency. Providing comprehensive views into the endpoint, PACE will take advantage of existing standards such as SCAPv2 and leverage ongoing work in SBOM, to allow cybersecurity practitioners to fully utilize threat-informed defenses in their environment in an open and interoperable fashion.

The PACE project aligns with the OCA’s mission of integrating tools and solutions across security teams and will directly enable vendors and end users, advancing the OCA’s mission of building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. 

“NSA Cybersecurity is proud to have supported the development of the OASIS standard OpenC2 language for command and control, which has been included in PACE. Additionally, PACE will leverage several of the cybersecurity standardization efforts NSA has been working on with industry partners to improve the cybersecurity of National Security Systems, the Department of Defense and the Defense Industrial Base.”
— Neal Ziring, Cybersecurity Technical Director, National Security Agency

PACE joins other OCA projects that include Kestrel, the threat hunting tool, the STIX Shifter patterning library, and the OCA Ontology.

The OCA is hosted by OASIS Open, one of the most respected, international bodies in the world for open source and standards. To learn more about the OCA, or other OCA technologies that are available to help security teams connect their security tools and data, please visit: https://github.com/opencybersecurityalliance.

SPONSOR QUOTES

Center for Internet Security
“Managing risk and addressing threat exposure are important facets of any security program. CIS is pleased to have introduced PACE as a new OCA project, we look forward to evaluating and integrating new posture assessment solutions as the cooperative ecosystem increases in participation and interest.”
– Adam Montville, Chief Product Architect, Center for Internet Security

CyberNB | CIPnet
“We applaud the work of OASIS and believe in the mission to create open, global standards that help strengthen digital resiliency. The new PACE project will help define standardized process to measure cybersecurity posture across computing resources. The team here at CyberNB and our Critical Infrastructure Protection Network (CIPnet) will benefit from the PACE project and its outcomes.”
– Tyson Johnson, CEO, CyberNB | CIPnet

Cydarm Technologies
“PACE is an important addition to the OCA project portfolio, as it enables faster gathering of context around intrusion alerts, enabling responders to more quickly triage possible incidents and reduce time wasted on repetitive queries across disconnected systems. Cydarm looks forward to integrating PACE, to further our goal of enabling better and faster security operations.”
– Dr. Vaughan Shanks, CEO, Cydarm Technologies

Cyware Labs
“Cybersecurity threats are rapidly evolving, making it essential for organizations to have complete visibility over their current security posture and the environment they are striving to protect. At Cyware, we facilitate the goal of collective defense for all organizations and communities through collaborative threat response and threat intelligence sharing. PACE, an OCA project will steer the community towards a collaborative framework, enabling them to have the right visibility over the security posture of any organization.”
– Avkash Kathiriya, VP – Research and Innovation, Cyware Labs

F5 Inc.
“Effectively sketching the cybersecurity posture of organizations to practically combat cyber threats requires the power of both enterprise and open-source tools to build a coherent and vigorous cyber defense platform. Fusion and integration of security products including information exchange with the PACE project in the OCA ecosystem not only helps the organizations to subvert cyber threats at scale by generating efficient threat intelligence but also helps to build a proactive and robust cybersecurity stance. In fact, that’s the need of the hour for organizations to provide a secure and safe digital transformation environment to customers.”
– Renuka Nadkarni, CTO Security, F5 Inc.

IBM Security
“Posture assessment is foundational for any zero-trust based approach to security. Having open and interoperable implementation of existing posture standards is critical to ensuring that innovations in this space can be effectively implemented by the broader community, and bringing the PACE project into the OCA will help the industry realize that goal.”
– Jason Keirstead, Senior Technical Staff Member and the Chief Architect of Threat Management, IBM Security

McAfee
“The state of a system at the time of an event is of utmost importance in an event driven system, perhaps as important as the event itself. Without this context, we cannot determine if an event is of high or low critical importance or what the resulting action should be to a given event. Posture attributes that we can broadly agree on as well as open tooling for the collection and evaluation of those attributes is a great move forward in making open, interoperable and event-driven cybersecurity a reality.”
– Mark Mastrangeli, Lead Technology Architect, McAfee

Rapid7
“Visibility is the cornerstone of cybersecurity. Being able to measure and effectively communicate the posture/state of business process assets fosters better (and faster) decision making and can significantly improve enterprise safety and resilience. By creating and relying on open standards for data storage and interchange and removing the need for vendors to reinvent the wheel on commodity architecture components, PACE will help bring security automation and continuous monitoring (SACM) to the widest possible audience, arming organizations of any size with the core components necessary to maintain the health of their IT ecosystems.”
– Bob Rudis, Chief Security Data Scientist, Rapid7

SAIC
“As a leading systems integrator for the federal government, SAIC assesses cyber security postures of large customers with complex cyber environments. We have made significant progress in creating a holistic picture with a repeatable process, and the PACE project will enhance our solutions by allowing us to generate the posture and compliance picture in a more rapid and standardized fashion.”
– Forrest Hare, Solution Developer, Cyberspace Operations, SAIC

sFractal Consulting
“PACE is a great fit for OCA’s mission of standards-based, vendor-agnostic, interoperable cybersecurity. One timely PACE example is the Software Bill of Materials (SBOM) – collecting the SBOM of a device or cloud-service and comparing it with vulnerabilities found in the National Vulnerability Database, and using the results to inform your threat-hunting.”
– Duncan Sparrell, Chief Cyber Curmudgeon, sFractal Consulting

ThreatQuotient
“ThreatQuotient believes in a data-driven approach to security that improves efficiency, has an open architecture, and enables balanced automation. We are proud to be a part of the OCA and to support protocols and standards such as PACE that simplify the exchange of information between different teams and technologies, and enable threat-informed defenses. We are encouraged by continued efforts across the industry to meet the needs of security teams and ultimately help them improve the resiliency of their organizations.”
– Haig Colter, Director, Alliances, ThreatQuotient

VISUA
“VISUA recently joined the OCA specifically because we saw the valuable work the member companies were doing to not only find new and innovative ways to detect compromises and behaviours, but also to communicate threat intelligence in a more cohesive and open way. This kind of work is very exciting to us as we bring new technology discussions to the world of cyber security and begin to integrate the wonderful innovations developed and ratified by OASIS members. PACE is yet another example of this great work.”
Alessandro Prest, CTO and Co-Founder, VISUA


About the Open Cybersecurity Alliance

The Open Cybersecurity Alliance brings together vendors and end-users to create an open cybersecurity ecosystem where products can freely exchange information, insights, analytics, and orchestrated response. OCA supports commonly developed code and tooling and the use of mutually agreed upon technologies, data standards, and procedures. The OCA is governed under the auspices of OASIS Open, which offers projects a path to standardization and de jure approval for reference in international policy and procurement.

The OCA is led by these organizations committed to solving the costly problem of siloed cyber tools and products: Center for Internet Security (CIS), Copado, Cybereason, CyberNB, Cydarm, Cyware, EclecticIQ, F5 Inc., IBM Security, McAfee, Prophecy International, Rapid7, sFractal Consulting, SafeBreach, SAIC, Tenable, ThreatQuotient, TruSTAR, VISUA and VMware.  

Contact information:
Dee Schur, Senior Manager, Development & Advocacy
OASIS Open
dee.schur@oasis-open.org
+1 941-321-6733

OASIS Open Approves LegalRuleML Core V1.0 Standard for Legislation, Contract, and Case Law

28 September 2021 — OASIS Open, the global open source and standards consortium, announced that its members have approved LegalRuleML Core V1.0 as an OASIS Standard, a status that signifies the highest level of ratification. The LegalRuleML Core is designed to capture the logical structure of legal rules and includes formal features specific to legal norms, guidelines, policies and reasoning.

Legal texts, e.g. legislation, regulations, contracts, and case law, are the source of norms, guidelines, and rules that govern societies. As text, it is difficult to label, exchange, and process content except by hand. In our current web-enabled world, where innovative e-government and e-commerce are increasingly the norm, providing machine-processable forms of legal content is crucial. The objective of LegalRuleML Core V1.0 is to define a standard (expressed with XML-schema and Relax NG and on the basis of Consumer RuleML 1.02) that is able to represent the particularities of the legal normative rules with a rich, articulated, and meaningful mark-up language.

LegalRuleML extends Rule Markup Language (RuleML) with a range of elements specifically designed for the legal domain. In particular, LegalRuleML offers specific operators appropriate to the requirements of legal theory e.g., override rules, temporal parameters for modeling the validity of rules, sub-order list of deontic expressions, jurisdiction metadata, official legal source URI, deontic modalities, and linking ontologies.

“Such a combination of features allows LegalRuleML to offer a conceptual modelling of legal notions and to achieve a close correspondence between textual provisions and the corresponding LegalRuleML encoding,” said OASIS LegalRuleML Technical Committee co-chair, Monica Palmirani. “This correspondence, called legal isomorphism, facilitates the maintenance of LegalRuleML rulesets, enables tracing and transparency of application of the code, and eases the understanding of the encodings.”

LegalRuleML enables the modeling of alternative representations of a textual provision in order to support multiple interpretations that can account for different times of applicability of the norms, the relevant jurisdictions, and other parameters. LegalRuleML has mechanisms to link external ontologies for specific domains, including IPR, privacy, geospatial, etc.

“LegalRuleML provides a common standard for modeling legal rules so as to model interoperable, annotated corpora of legal norms,” said Dr. Guido Governatori, OASIS LegalRuleML TC co-chair. “The LegalRuleML TC intends to develop use-cases to support the implementation of the standard in the market and the development of tools/editors to promote the representation of legal documents in LegalRuleML.”

Additional Information
OASIS LegalRuleML Technical Committee

Media inquiries:
communications@oasis-open.org
+1.941.284.0403

Accenture, Microsoft, and Oracle Executives Elected to OASIS Board of Directors

20 July 2021 — OASIS Open, the international open source and open standards consortium, today announced the election of three new members to its Board of Directors: Nima Dokoohaki of Accenture Strategy & Consulting; Ross Gardler of Microsoft Azure; and Anish Karmarkar of Oracle. Their collective experience in the standards and open source communities expands the Board’s reach and strengthens OASIS’ position as the home for worldwide standards in cybersecurity, blockchain, privacy, cryptography, cloud computing, IoT, emergency management, and other content technologies.

The newly elected members join the continuing members of the Board: Jeremy Allison of Google; Rich Bowen of Red Hat; Gershon Janssen, Independent Consultant; Wende Peters of Bank of America; and Richard Struse of MITRE. Jason Keirstead of IBM Security and Daniel Riedel of Copado were re-elected to the Board. Each director will serve a two-year term.

“At OASIS, it’s our mission to re-energize the collaboration between open source and open standards communities in order to fuel innovation. I’m confident that our Board will continue to provide valuable strategic guidance on the evolving needs of our organization,” said Guy Martin, Executive Director of OASIS Open. “I’m excited to welcome our new Board members Nima, Ross, and Anish, and I’m happy to welcome back our returning Board members, Jason and Daniel; thank you for your continued service to the OASIS community.”

Nima Dokoohaki, PhD, is a data science and engineering expert working with the Swedish Accenture Strategy and Consulting Applied Intelligence (S&C AI) team, a group focusing on delivering business value to clients using data analytics. Nima has several years of practical knowledge of the adoption of many enterprise data-centric products from both enterprise architecture as well as enterprise analytics perspectives across several European industries.

“It’s great to be among a select few members being elected by the community to serve on the directorial board. I’m personally humbled and pleased to get to act as a trustee of the organization,” said Nima Dokoohaki. “I hope we can inspire more organizations and members to make a conscious effort to join and contribute to open standards and technologies development that impact the way we do modern business, especially across geographical borders.”

Ross Gardler joined Microsoft in 2013 and works in the Linux Solutions Team on Azure, which owns the full end-to-end experience for customers running Linux workloads on Azure. His team is actively engaged with many open projects for standards, software, and hardware. Ross has more than 20 years of experience in open source, most notably within the Apache Software Foundation, and has been a long-time proponent of the collaboration between open source and open standards.

“A robust and diverse standards system is critical to the technology ecosystem. OASIS has a long-standing tradition of excellence in standards setting, and is among the leaders in defining the future of standardization. Openness is key to innovation and I look forward to working with OASIS as it leverages the intersection of open source and open standards,” said Ross Gardler, Principal Programme Manager, at Microsoft.

Anish Karmarkar, PhD, is a Senior Director at Oracle and member of its Standards Strategy & Architecture team. He is the chair of INCITS/Cloud38, the U.S. Technical Advisory Group to ISO/IEC JTC 1/SC 38 (Cloud Computing & Distributed Platforms) and the editor of ISO/IEC 5140 (Multi-cloud). In addition to his new duties on the OASIS Board, he also represents Oracle on the W3C Advisory Committee, Java Community Process (JCP) Executive Committee, and INCITS Executive Board. With 20+ years of experience in the software industry, Anish has a history of participation and leadership in standards setting organizations, serving on the Board of Directors of the Object Management Group (OMG) and OSGi Alliance, and as a longtime contributor to various OASIS Technical Committees.

“OASIS is a world class open, transparent, global collaboration environment for both standards and open source and Oracle is proud to continue its involvement in shaping it,” said Anish Karmarkar. “I’m honored and humbled to be elected by the membership to serve on the Board of Directors of OASIS. I’m excited to be given this opportunity to serve the needs of the community and use my experience in advancing the mission and vision of OASIS.”

“I want to give special recognition to our outgoing Board members: Dr. Martin Chapman of Oracle; Frederick Hirsch; Beth Pumo of Kaiser Permanente; and Bruce Rich of Cryptsoft,” said Guy Martin. “Thank you for your service; we’re very grateful for your commitment and contributions to OASIS over the years.”

Media inquiries:
communications@oasis-open.org
+1.941.284.0403

STIX and TAXII Approved as OASIS Standards to Enable Automated Exchange of Cyber Threat Intelligence

14 July 2021 – OASIS Open and the members of the Cyber Threat Intelligence (CTI) Technical Committee (TC) are pleased to announce that Structured Threat Information Expression (STIX) v2.1 and Trusted Automated Exchange of Intelligence Information (TAXII) v2.1 have been approved as OASIS Standards. STIX and TAXII are widely used to prevent and defend against cyberattacks by enabling threat intelligence to be analyzed and shared among trusted partners and communities. As full OASIS Standards, STIX and TAXII can now be recognized by other International Standards bodies and referenced in official government procurements and rules.

The STIX standard defines a JSON-based language for sharing structured threat intelligence in a consistent, machine-readable manner, allowing organizations to better protect against, detect, and respond to cyber threats. STIX v2.1 adds new objects and capabilities, enabling it to better describe the cyber threats we confront today, as well as future-proofing STIX via STIX Extensions. As a result, STIX v2.1 creates a solid and stable foundation for vendors and consumers alike to exchange actionable CTI.

The TAXII standard defines a transport protocol which supports the exchange of STIX data over Hyper Text Transfer Protocol Secure (HTTPS). TAXII enables machine-to-machine sharing of CTI by defining an API that supports common sharing models used by industry and Information Sharing and Analysis Organizations (ISAOs).

“When I launched the STIX and TAXII initiatives at the US Department of Homeland Security over nine years ago, I always hoped that one day we would reach this milestone of full international standard status,” said OASIS CTI TC Co-chair Richard Struse of MITRE. “Since transitioning this work to OASIS six years ago, the members of the CTI TC have done a tremendous amount of work to give the global community practical standards that empower defenders to maximize their use of threat intelligence to protect their organizations. The community now should focus on using these standards to solve actual cybersecurity problems and to help thwart future cyber attacks.”

“OASIS has given us the ability to create a scalable and sustainable community where like-minded, passionate people come together to solve problems,” said Trey Darley of the Belgian National CERT, who co-chairs the OASIS CTI TC with Richard. “STIX v2.1 and TAXII v2.1 have reached full OASIS Standard status at a critical inflection point, when there’s such a need for more flexible and faster information sharing to enable defense against global cybersecurity threats. We have laid the foundation for cross-implementation interoperability, future-proofed STIX with the new extensions mechanism…I believe that these standards will enable the creation of new classes of security countermeasures…we’ve barely begun to scratch the surface.”

OASIS CTI Technical Committee: https://www.oasis-open.org/committees/cti

Watch Open Matters: Cybersecurity & The Evolution of STIX & TAXII:

Support for STIX AND TAXII v2.1

Accenture

“Publishing STIX and TAXII as full OASIS cyber threat intelligence sharing standards represents a huge milestone for the cybersecurity community. It is our mission to help businesses achieve cyber resilience through the standardized sharing of threat data to help companies more easily consume threat intelligence at speed with action. We are proud to be an OASIS sponsor and member of the CTI Technical Committee dedicated to developing better standards to secure the world.”

— Josh Ray, Managing Director – Cyber Defense Lead, Accenture Security

Anomali

“We recognized early on the importance of a standardized method for exchanging cyber threat intelligence within our platform and our customers’ security ecosystem. We are excited to further the adoption and support of the latest STIX and TAXII versions for our customers and integration partners, which will help them to conduct more precise threat detection, optimize their response, and establish greater cyber resiliency.”

— Mark Alba, Chief Product Officer, Anomali

Copado

“Copado congratulates the OASIS CyberThreat Intelligence Committee in STIX 2.1 and TAXII 2.1 reaching Full OASIS Standard. The continuing effort to build automated defense methods through the open sharing of intelligence in machine-readable format is critical to ongoing efforts in cybersecurity. As a leader in DevOps, Copado will continue to support these efforts to bring humans and machines together to help build a safer, more secure internet.”

– Daniel Riedel, SVP, Copado

Cyware

“We are proud to support the continued refinement of this standard language. It further builds confidence with the threat intelligence community and enables a true collective defense. As a part of the community, Cyware understands how valuable the standard is, which is just one of the reasons we use it as a backbone for intel sharing and automation.”

Avkash Kathiriya, Vice President of Research and Innovation, Cyware

EclecticIQ

“The rapidly evolving threat landscape makes it more important than ever to exchange and operationalise threat intelligence. We believe the new STIX & TAXII 2.1 standards bring great advancements that will help our customers detect threats earlier, remediate faster and run their cyber defense operations more efficiently. We applaud OASIS and everyone in the threat intelligence community that has contributed to this tremendous milestone.”

Ciaran Bradley, CTO, EclecticIQ

IBM

“IBM has a long history of supporting industry standards to solve the world’s most pressing challenges. As cyberattacks have become one of the greatest threats facing modern society, defenders require a coordinated approach to succeed. To make this a reality, IBM has embraced an open, integrated approach to cybersecurity and is proud to support open standards such as STIX and TAXII to facilitate wide-ranging use cases across the entire threat management lifecycle – including intelligence, hunting, detection, and response.”

— Jason Keirstead, CTO, IBM Security Threat Management

SEKOIA

“SEKOIA.IO is a XDR platform leveraging threat intel at the highest level. This CTI is used for detection, context enrichment and reaction strategies. To do so, we aligned our solution with STIX2.1/TAXII2.1 since the beginning. Every day, we produce our exclusive technical and strategic CTI but we also ingest the worldwide cybersecurity news. This is a cornerstone for our XDR and this is done using STIX. Customers can also access this CTI using TAXII, TIPs, API or Web.”

— David Bizeul, CTO, SEKOIA

Sopra Steria

“We are pleased to welcome the new STIX standard release. It’s a step further into operational interaction between Cyber Threat Intelligence and Cyber Defense for detection and analysis. Straight relation between Indicators and Observed Data is a good example of the progress made. Sighting is a key to make global knowledge growth. Therefore, we set STIX 2 as the core standard of our services.”

— Alexandre Cabrol Perales, Head of Managed Detection and Response, Sopra Steria Group 

ThreatQuotient

“We believe that supporting open standards is essential to help organizations leverage the tools they are using and facilitates the exchange of information across those tools regardless of vendor. We are proud to support the approval of STIX v2.1 and TAXII v2.1 as OASIS Standards.”

— Haig Colter, Director of Alliances, ThreatQuotient

Media inquiries: 
Carol Geyer
communications@oasis-open.org
+1.941.284.0403

IBM Contributes Kestrel Threat Hunting Tool to OASIS Open Cybersecurity Alliance (OCA)

BOSTON, MA, USA, June 29, 2021Open Cybersecurity Alliance (OCA), an OASIS Open Project, today announced it has accepted IBM’s contribution of Kestrel, an open-source programming language for threat hunting that is used by Security Operations Center (SOC) analysts and other cybersecurity professionals. Kestrel streamlines cyber reasoning and threat discovery, which can help analysts complete this process more quickly and effectively.

Threat hunting is a proactive way to find hidden threats in an organization before an attack is executed. This methodology follows the scientific process of establishing a hypothesis for threats likely to be found and then creates detection procedures to confirm or deny the threat’s existence – helping security professionals respond to indicators of compromise with increased speed.

While threat hunting has been successful as a technique, its success unfortunately has been limited due to the high human bandwidth required. Existing threat hunting approaches are primarily manually driven and require deep technical skills that are in short supply. Instead of benefiting from the threat hunting community’s collective knowledge and sharing code, threat hunters often end up working in isolation rewriting the same programs following each attack. IBM Research and IBM Security jointly developed Kestrel to enable threat hunters to express hunts in an open, composable threat hunting language. Kestrel leverages automation to execute tedious hunting tasks, allowing threat hunters to focus on higher priority tasks. Its combination of human ingenuity coupled with machine-based automation helps accelerate threat hunting. The composable hunting flows enable the reuse of best practices and helps reduce the time to create new hunts. Because IBM Security has open-sourced this project, threat hunters across the globe are now able to collaborate, share and use the knowledge curated continuously by threat hunters using Kestrel.

This contribution from IBM marks a major milestone in OCA’s mission to drive greater interoperability across the security industry. The work of the OCA connects the fragmented cybersecurity landscape and enables disparate security products to freely exchange information, out of the box, using mutually agreed upon technologies, standards, and procedures that make it possible for companies to “integrate once, reuse everywhere.”

“Kestrel is designed to take advantage of the collective learned experience of the threat hunting community – and enable that to be combined with the power of machine learning and automation to speed response to threats,” said Jason Keirstead, CTO of Threat Management for IBM Security and Co-Chair – Open Cybersecurity Alliance. “By sharing new threat hunting patterns as they emerge via code that can be easily customized, Kestrel lets threat hunters devote more time to figuring out what to hunt, as opposed to how to hunt.”

“This is a really exciting contribution from IBM, a founding member of the Open Cybersecurity Alliance. Kestrel is a fully open-source threat hunting language that leverages the federated data service capabilities of STIX Shifter which were previously contributed to the OCA by IBM. I cannot wait to see how OCA member organizations and the community of like-minded people, pursuing open interoperability of security solutions, leverage these tools to further enhance their security operations across heterogeneous solutions.”
— Mark Mastrangeli, Lead Architect, McAfee, and Co-Chair – Open Cybersecurity Alliance

“The future of cybersecurity automation is in analyst augmentation and platform interoperability. Kestrel embodies both of these traits, enabling SOC analysts to hunt threats at scale using a standardized language. Cydarm is pleased to see this project included as an OCA capability.”
— Dr. Vaughan Shanks, CEO, Cydarm Technologies

“We are proud to support the continued refinement of this standard language. It further builds confidence with the threat intelligence community and enables a true collective defense,” said Avkash Kathiriya, Vice President of Research and Innovation at Cyware. “As a part of the community, Cyware understands how valuable the standard is, which is just one of the reasons we use it as a backbone for intel sharing and automation.”

“It’s good to see additional capabilities being built upon STIX. The Kestrel project is a great example of how the community can develop normalised methods, in this case, a threat hunting language, to easily interact with the growing security technology landscape.“
— Tyler Oliver, XDR Product Manager at EclecticIQ

“Robust threat hunting is a function of data correlation and contextual analysis. For transforming threat discoveries into actionable threat intelligence at-scale, the organizations need a powerful language to communicate the threat hunting tasks and operations, and we believe that Kestrel is an answer to that.”
— Renuka Nadkarni, VP and CTO Security, F5 Inc.

“To meet today’s increasing threats requires tools to help defenders share both between people/organizations and between products. OCA helps with vendor-agnostic, machine-speed cyber-defense automation. The new Kestrel project is a welcome addition to that toolset to assist with sharing in threat hunting.”
Duncan Sparrell, Chief Cyber Curmudgeon, sFractal Consulting

“ThreatQuotient is pleased to continue its partnership with the Open Cybersecurity Alliance to help drive standards to encourage interoperability between security vendors to benefit network defenders,” said Haig Colter, Director of Alliances. “Our continued participation in the OCA demonstrates our commitment to follow established standards that encourage the communication of security information in ways that benefit a broader audience.”

The OCA is led by organizations committed to solving the costly problem of siloed cyber tools and products that create integration nightmares for cybersecurity professionals in every environment. CyberNB, Rapid7, SafeBreach, and Tenable have recently joined the governing board working alongside Center for Internet Security (CIS), Cybereason, Cydarm, Cyware, EclecticIQ, EPRI, F5, IBM Security, McAfee, NewContext, S-Fractal Consulting, SAIC, ThreatQuotient, Tripwire, and TruSTAR.

OCA technologies work together to deliver more value and improve product interoperability across security tools and teams – for example, Kestrel utilizes STIX-Shifter to unify threat hunting experience across different security tools. To learn more about the other OCA technologies that are available to help security teams connect their security tools and data, please visit: https://github.com/opencybersecurityalliance.

More Support for OCA

“Kestrel is about to change the way we approach threat hunting, instead of continuously rebuilding our analysis Kestrel allows us to ask what patterns or what behaviours are present during an investigation. Instead of dissecting indicators of compromise, we will be dissecting playbooks of entire hunt logic and across data sources. As adoption of the language continues to roll out, our collective hunt teams will be able to collaborate and approach cyber investigations differently – as a leader in bringing cyber collectives together to solve problems CyberNB welcomes the innovative thinking of IBM Security.”
Sheldon Shaw, Vice President, Innovation & Infrastructure, CyberNB

“For threat hunting, Kestrel fills a critical need of a common language to express data and share insights. Combining Kestrel with predictive data sources will make threat hunting far more powerful and empower security teams to drive down the risks that matter. SafeBreach is excited to be the first predictive data source that will enable querying future threats”.
— Valeriy Leykin, Director Product Management at SafeBreach

The OCA is actively seeking additional contributors from across the security industry to help guide and drive innovative new use cases for these open-source projects.

About the Open Cybersecurity Alliance

The Open Cybersecurity Alliance brings together vendors and end-users to create an open cybersecurity ecosystem where products can freely exchange information, insights, analytics, and orchestrated response. OCA supports commonly developed code and tooling and the use of mutually agreed upon technologies, data standards, and procedures. The OCA is governed under the auspices of OASIS, which offers projects a path to standardization and de jure approval for reference in international policy and procurement.

Contact information:
Dee Schur,
Senior Manager, Development & Advocacy, OASIS Open
dee.schur@oasis-open.org
+1 941-321-6733

EEA and OASIS Join Forces to Provide Nexus for Open Source Development of Ethereum Standards

Wakefield, Mass. and Woburn, Mass., – June 29, 2021 – ​The Enterprise Ethereum Alliance (EEA) and OASIS Open today announced that the Ethereum OASIS Open Project, home of the Baseline Protocol, will now operate under the banner of EEA Community Projects. The move leverages the strengths of both standards bodies, building on EEA’s leadership role in Ethereum standards for business while continuing to rely on OASIS’ expertise in supporting open source and open standards development. The formation of EEA Community Projects signals to the world that there is now a central location where Ethereum-related business standards are developed and new projects are advanced.

“The Ethereum OASIS Open Project has become the go-to community for open source-based standards development in Ethereum, such as the Baseline Protocol initiative. Transitioning Ethereum OASIS to the new EEA Community Projects will enable the Ethereum business ecosystem to leverage a wider network of resources and further accelerate innovation,” said Dan Burnett, EEA Executive Director and EEA Community Projects Governing Board Chair. “We look forward to working together to chart the future of Ethereum innovation and collaboration.”

  • Learn more about the partnership from the EEA’s Dan Burnett and OASIS Open’s Guy Martin at the free EEA Ethereum Anniversary Special event on July 29. Sign up to register here.
  • Get a deeper dive on EEA Community Projects at the free EEA Monthly Education Series session on August 11, 2021. Sign up to register here.

Creating EEA Community Projects will extend the pool of partners, talented developers and engineers dedicated to solving similar problems, and will help the community innovate even faster around initiatives like the Baseline Protocol. The existing Project Governing Board and Technical Steering Committees will continue in their roles. 

​”​OASIS has tremendous respect for EEA’s leadership in the Ethereum​ ecosystem​ and its commitment to advancing adoption across industries,” said Guy Martin, Executive Director of OASIS Open. “EEA was pivotal in the formation, growth, and success of this project. We’re excited to bring the community together now under the EEA banner with continued support from the OASIS standards process. It marks a milestone for distributed technology and a giant step forward in the harmonization of the open source and open standards communities.”

By transitioning to the EEA Community Projects, the Ethereum OASIS Open Project will continue sponsoring projects and will continue to permit frictionless engagement between developers who are actively contributing to developing clear, open standards, first-rate documentation, and shared test suites that facilitate new features and enhancements for the Ethereum ecosystem. 

“As a founding sponsor of the Ethereum OASIS Open Project, the EEA has been involved from the program’s inception, including the Baseline Protocol initiative for driving Mainnet business use cases. We are thrilled to bring both communities together under the EEA Community Projects banner to collaborate on how tools like Baseline can deliver value to consumer-facing industries through peer-to-peer transactions and services,” said John Whelan, Chairman of the EEA Board of Directors and Managing Director of Digital Assets at Banco Santander.

EEA Community Projects Sponsors, which provide strategic vision, governance, and technical guidance for the work, include Accenture, Chainlink, ConsenSys, the EEA, EY, Morpheus Network, Nethermind, Provide, Splunk and Unibright. Sponsors have the option to serve on the Projects Governing Board, where they approve work produced by the community as well as proposals for new open source projects. To learn more about becoming a Sponsor or joining the Projects Governing Board, visit here or contact the EEA Community Projects administrator. 

Supporting Quotes

“As a founding member of both OASIS Open and EEA, we’ve been proud to participate in the incredible growth of both Baseline Protocol and the EEA communities. The EEA Community Projects is a logical next step that will strengthen the Ethereum development as a whole. The EEA Community Projects aims to raise the level of business collaboration needed to benefit Ethereum as a whole. We welcome all interested to the EEA Community Projects,” John Wolpert, ConsenSys Group Executive for Enterprise Mainnet, Baseline Protocol Technical Steering Committee Chair, and EEA Mainnet Working Group Vice Chair.

“We are thrilled to see the evolution of the EEA with the Ethereum OASIS Open Project becoming the EEA Community Projects. Standards are critical to the enterprise adoption of blockchain, and so we applaud any effort to streamline their development and advancement. We expect developers building Ethereum business-related technologies to be motivated to accelerate the pace of Ethereum innovation,” Brian Behlendorf, Executive Director, Hyperledger.

About the EEA

The Enterprise Ethereum Alliance (EEA) enables organizations to adopt and use Ethereum technology in their daily business operations. The EEA empowers the Ethereum ecosystem to develop new business opportunities, drive industry adoption, and learn and collaborate. The EEA Community Projects will help businesses innovate even faster around standards and project initiatives that benefit Ethereum as a whole. To learn more about joining the EEA, reach out to membership@entethalliance.org or visit https://entethalliance.org/become-a-member/

About OASIS Open

One of the most respected, nonprofit open source and open standards bodies in the world, OASIS advances the fair, transparent development of open source software and standards through the power of global collaboration and community. Many OASIS standards go on to be ratified by de jure bodies and referenced in international policies and government procurement. www.oasis-open.org

For additional information: 

OASIS Open
Carol Geyer
communications@oasis-open.org
+1.941.284.0403

EEA
Jessie Hennion
jhennion@virtualinc.com
+1 781.876.6280

No results with the selected filters