Boston, MA, USA; 8 November 2004 — The OASIS international standards consortium today announced that its members have approved the Universal Business Language (UBL) version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed through an open process, UBL defines a common XML library of business documents, such as purchase orders and invoices, as well as reusable data components from which an unlimited number of other documents can be constructed. UBL is the first standard implementation of the ebXML Core Components Technical Specification.

"Agreement on a common set of business-to-business document standards is essential for successful electronic commerce," explained Jon Bosak of Sun Microsystems, chair of the OASIS UBL Technical Committee and organizer of the working group that created XML. "UBL provides the world with standard electronic versions of traditional business documents designed to integrate with established commercial and legal practices. Using UBL, businesses of all sizes can enjoy the benefits of electronic commerce."

Joanne Friedman, CEO of business-technology advisory, ConneKted Minds Inc., observed, "The combination of a fixed tag set for electronic business (UBL) together with a transport protocol designed for the same purpose (ebXML messaging) is analogous to the foundations which built the World Wide Web. Where HTML provides consumers with information ubiquity, and HTTP a transfer protocol designed for the same purpose provides universal access, the UBL/ebXML combination will bring industry the boundary-less, barrier-free information needed to catalyze economic growth and foster inter-industry global trade. E-business didn’t die, it just (quietly) got smarter."

"With XML came a proliferation of industry-specific vocabularies for business documents. Unfortunately, no company does business in isolation. The very nature of the supply chain requires meaningful, cross-industry communication," noted Mark Crawford of LMI Government Consulting, vice-chair of the OASIS UBL Technical Committee. "Instead of being optimized for a particular vertical industry or application domain, UBL is designed for real-world businesses that work with partners across multiple industries."

UBL was developed in harmony with ebXML OASIS Standards and in light of recommendations and standards issued by ISO, IEC, ITU, UNECE, W3C, IETF, and other relevant standards bodies and organizations. Industry groups including ACORD (insurance), ARTS (retail sales), CompTIA EIDX Leadership Group (electronics), HL7 (health care), NACS (convenience stores), RosettaNet (supply chain), UIG (utilities), VCA (prescription eyewear), and XBRL (accounting) all provided input on UBL.

"The key to UBL is that it was built on consensus and collaboration," said Patrick Gannon, president and CEO of OASIS. "The new OASIS Standard is an exciting example of the benefit of bringing together users, vendors, industry associations and government agencies. By actively involving all parties affected by cross-industry standards in the requirements and development phases, the usability of UBL across a variety of trading contexts is assured. We congratulate OASIS UBL Technical Committee members on their achievement and encourage other organizations to join them in advancing this work."

To promote global adoption of the new OASIS Standard, members of the OASIS UBL Localization Subcommittees have produced draft translations of UBL 1.0 data definitions into Chinese, Japanese, Korean, and Spanish. Together with the original English definitions, these translations will make UBL usable to approximately two-thirds of the world’s current online population.

UBL contributors include representatives of Accountis plc, ACORD, Asociación Nacional de Fabricantes Autoridad de Certificació, The Boeing Company, Center for Document Engineering, Denmark Ministry of Science, Technology & Innovation, East Asia Electronic Commerce Association, Infocomm Development Authority of Singapore, Korea CALS/EC Association, LMI Government Consulting, NEC, NIST, Oracle, PISCES Ltd, PSLX Consortium, SeeBeyond, Sterling Commerce, Sun Microsystems, University of Hong Kong, US Dept of the Navy, U.S. General Services Administration, and others.

Participation in the OASIS UBL Technical Committee remains open to all organizations and individuals; OASIS hosts an open mail list for public comment and the ubl-dev mailing list for exchanging information on implementing the standard. UBL is provided on a royalty-free basis, available to all without licensing or other fees.

Industry Support for UBL

"The UBL 1.0 release represents a significant advancement in the process of using international open standards to conduct business modeling, data analysis, and XML schema deployment. It provides an "out of the box" solution for document-based transactions as well as a library of reusable business data components," said Marion A. Royal, Senior Policy Advisor with the Office of Governmentwide Policy at U.S. General Services Administration.

"As a proponent of open standards-based integration, SeeBeyond is pleased to have participated in the development of UBL 1.0, and welcomes its approval as an OASIS Standard in the payload domain of XML-based B2B frameworks," said Alex Andrianopoulos, Vice President of Product Management for SeeBeyond. "Working with a broad range of businesses across all major industries, we see such a standard playing a key role to enabling global ecommerce interoperability as it promotes the integration of small-to-mid range businesses into broader electronic data exchange-based supply chains."

"Sun is committed to open standards development and is proud to have organized and led the UBL initiative that defines the standard XML payload format for Electronic Procurement," said Mark Bauhaus, vice president of Java Web Services at Sun Microsystems. "Sun is investing in developing UBL because we believe it will play an important role in providing an entry point into SOAs for small and medium sized businesses, where there is a significant need for standardized vocabularies to truly enable electronic business."

Additional information:

OASIS UBL Technical Committee http://www.oasis-open.org/committees/ubl

UBL FAQ http://www.oasis-open.org/committees/ubl/faq.php

About OASIS: OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces open standards for Web services, security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 3,500 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include AVDL, CAP, DocBook, DSML, ebXML, SAML, SPML, UBL, UDDI, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org

Press contact:

Carol Geyer OASIS Director of Communications carol.geyer@oasis-open.org +1.978.667.5115 x290

Boston, MA, USA; 21 October 2004 — International standards consortium, OASIS, has formed four committees to continue work originated by the DCML Organization, which recently transitioned its development and operations to OASIS. The new OASIS DCML Framework Technical Committee, the OASIS DCML Server Technical Committee, the OASIS DCML Network Technical Committee, and the OASIS DCML Applications and Services Technical Committee will collaborate on a holistic set of standards for the automated management of the data center infrastructure.

"Today’s complex IT environments are managed in silos of information and demand a data model and format to effectively exchange this information," explained Dr. Tim Howes of Opsware, chair of the OASIS DCML Framework Technical Committee. "Our goal is to enable the systems and people managing data centers to exchange crucial configuration, policy, and operating information in a reliable, standardized manner across all products, methods, and topologies."

Members of the OASIS DCML Framework Technical Committee will define the overall approach, concepts, and structures fundamental to DCML’s description and manipulation of data center elements and the policies governing their management. The group’s work will serve as the foundation for other OASIS DCML committees, which will develop sub-specifications to represent specific types of information.

The OASIS DCML Applications and Services Technical Committee will define extensions to represent abstract application and services architectures and specific products. "We will create a uniform, heterogeneous, and comprehensive data model and interchange format to allow applications, application components such as Web services, and IT services of all types to be referenced and managed," said J. Darrel Thomas of EDS, chair of the OASIS DCML Applications and Services Technical Committee.

The OASIS DCML Network Technical Committee will design a data model and XML-based format for the exchange of information about networking elements in the data center. "Our focus will be on the specifics of network equipment and technology, but our scope is large, covering all types of networking components, from simple switching and routing elements to nodes that provide advanced processing at all layers of the protocol stack," explained Dave Roberts of Inkra Networks, chair of the OASIS DCML Network Technical Committee.

The OASIS DCML Server Technical Committee will facilitate the representation and management of information about logical or physical compute resource in the data center. "This committee supports the larger DCML goals of facilitating the interchange of information between tools and devices, improving the data center environment, enabling increased automation, and leading the way for machine processing of descriptive and policy information," stated Moshe Bar of Qlusters, chair of the OASIS DCML Server Technical Committee.

Members of the OASIS DCML Technical Committees include representatives of BEA Systems, BMC Software, Computer Associates, Electronic Data Systems, Inkra Networks, Opsware, Tibco, and others. Participation remains open to all organizations and individuals. The first meeting of the new committees will be held on 15 November 2004.

About OASIS DCML Member Section

The OASIS DCML Member Section (http://www.dcml.org) is an open coalition of vendors and users working to advance utility computing through the development and adoption of the Data Center Markup Language (DCML). DCML is the freely licensed specification that provides a structured model and encoding to describe, construct, replicate, and recover data center environments and elements. The group is part of OASIS (http://www.oasis-open.org), the not-for-profit, international consortium that drives the development, convergence and adoption of e-business standards.

More information

OASIS DCML Applications and Services Technical Committee: http://www.oasis-open.org/committees/dcml-appserv OASIS DCML Framework Technical Committee: http://www.oasis-open.org/committees/dcml-frame OASIS DCML Network Technical Committee: http://www.oasis-open.org/committees/dcml-network OASIS DCML Server Technical Committee: http://www.oasis-open.org/committees/dcml-server Cover Pages Technology Report: http://xml.coverpages.org/computingResourceManagement.html OASIS DCML Member Section http://www.dcml.org

Press contact:

Karli Overmier Barokas PR +1.206.264.8220 karli@barokas.com

Boston, MA and Sunnyvale, CA, USA; 30 August 2004 — Plans were announced today for the Data Center Markup Language (DCML) Organization to advance its specification, technical agenda, membership, and operations as part of the global OASIS standards consortium. Through this transition, DCML stands to benefit from OASIS’ broad membership base–more than 3,000 participants representing over 600 organizations and individual members across 100 countries. The transition will result in the formation of the OASIS DCML Member Section, which will promote the use of utility computing by providing a standard way to represent the IT environment and enabling data center automation and system management solutions to easily exchange information about the environment under management.

"Transitioning the DCML Organization to OASIS marks the next significant milestone in the development of the specification and promises to further accelerate its adoption amongst organizations worldwide," said Louis Blatt of Computer Associates, president of the DCML Organization. Blatt noted that nearly half of OASIS member organizations represent end users, diversity which he considers, "a key factor for ensuring the broad market adoption of the DCML specification. OASIS has an impressive track record and offers DCML access to deep resources across the industry. We expect the new OASIS DCML Member Section will advance the current DCML specification to the status of an internationally accepted OASIS Standard that will allow end users to increase service levels and align their IT infrastructure with business priorities."

"The DCML Organization has demonstrated significant traction over the last nine months and garnered tremendous vendor and end-user participation. Their efforts offer exciting potential for managing the massive complexity that exists in IT environments," commented Patrick Gannon, president and CEO of OASIS. "We welcome the DCML community to OASIS and look forward to advancing its mission of open standardization for utility computing."

By moving its operations and technical committees under OASIS, DCML takes advantage of the international consortium’s respected open technical process, transparent governance, and international reach. Founded in 1993, OASIS produces widely adopted standards for Web services, security, e-business, and standardization efforts in the public sector and for application-specific markets. DCML joins a host of specifications developed at OASIS including the Security Assertion Markup Language (SAML), Web Services Distributed Management (WSDM), Web Services Security (WSS), and Universal Description, Discovery and Integration (UDDI).

Gartner vice president and distinguished analyst, Donna Scott, applauded the transition, saying, "OASIS is a natural fit for DCML and will provide the global participation and momentum to drive the Framework Specification forward. Today’s data centers are struggling under many burdens, and specifications such as DCML could become key to achieving an efficient, automated IT infrastructure that provides the benefits of a real-time infrastructure."

The OASIS DCML Member Section will be managed by a Steering Committee made up of the existing DCML Board of Directors, Louis Blatt of Computer Associates, Darrel Thomas of EDS, and Sharmila Shahani of Opsware, Inc; others may be added in the future.

About DCML The DCML Organization (http://www.dcml.org) is an open coalition of vendors and users working to advance utility computing through the development and adoption of the Data Center Markup Language (DCML). DCML is the first, freely licensed specification that provides a structured model and encoding to describe, construct, replicate, and recover data center environments and elements. Founded in October 2003, the mission of the organization also extends to DCML certification, compliance programs, and education.

About OASIS OASIS (http://www.oasis-open.org) is a not-for-profit, global consortium that drives the development, convergence and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, XML conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces.

Press contact: Carol Geyer Director of Communications, OASIS carol.geyer@oasis-open.org Tel: +1 978.667.5115 x209

BOSTON, MA, USA; 5 AUGUST 2004 — OASIS, the international standards consortium, today announced the results of the 2004 elections for their Board of Directors and Technical Advisory Board. Mike DeNicola of Fujitsu was elected and Edward Cobb of BEA Systems, Colin Evans of Intel, Frederick Hirsch of Nokia, and Jeff Mischkinsky of Oracle were re-elected by the OASIS membership to provide business leadership to advance OASIS as a major standards-setting body for Web services, e-business, security, and other applications. Each director serves two-year terms.

DeNicola, Cobb, Evans, Hirsch, and Mischkinsky join existing directors whose seats expire in 2005, John Borras of the UK Cabinet Office’s e-Government Unit, Eduardo Gutentag of Sun Microsystems, Jim Hughes of Hewlett-Packard, Christopher Kurt of Microsoft, and Michael Weiner of IBM, as well as Patrick Gannon, who has an appointed seat on the Board as president and CEO of OASIS.

The Consortium also announced the nomination and subsequent appointment of three new members to the OASIS Technical Advisory Board (TAB), a group of industry experts who provide guidance on issues related to strategy, process, interoperability, and scope of OASIS technical work. New OASIS TAB representatives include Jacques Durand of Fujitsu, Michael Mahan of Nokia, Jishnu Mukerji of Hewlett Packard, and Timothy Stevens of LexisNexis.

"As business over the World Wide Web becomes a reality, it is important for the organizations that set the standards for this expansion to have representation from industry leaders around the globe. Recently, OASIS has seen significant growth in its membership from outside of North America, and as a representative of Fujitsu, I am honored to take a seat on the Board of Directors of this truly international standards body," said Mike DeNicola, Director of Industry Relations for Fujitsu.

"I am pleased to have been returned to the OASIS Board of Directors for a second term and look forward to working with the other directors, staff, and the OASIS membership to make OASIS even stronger," said Edward Cobb, VP, Architecture & Standards at BEA Systems.

"Open standards, convergence and interoperability are essential for global business adoption and deployment of e-business standards, especially across diverse industries," said Frederick Hirsch, Senior Architect at Nokia Corporation. "I am pleased to be re-elected to the OASIS Board to serve the membership of OASIS in supporting the mission of the consortium."

"OASIS has played an important role in the development of Web services standards and hosts a number of technical committees working on a broad range of specifications for e-business," said Jeff Mischkinsky, Director of Web Services Standards for Oracle Corporation. "Oracle has always been committed to promoting interoperability based on open industry standards, and I am pleased to continue serving on the OASIS Board of Directors toward that end."

On behalf of the OASIS membership, Patrick Gannon expressed appreciation to departing Board member, Laura Walker, and departing TAB members, Derek Coleman of Hewlett Packard, Chet Ensign of LexisNexis, Jackson He of Intel, and Krishna Sankar of Cisco Systems, for their service and guidance over the past two years.

About OASIS:

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces open standards for Web services, security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include AVDL, CAP, DocBook, DSML, ebXML, SAML, SPML, UDDI, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org

Press contact:

Carol Geyer OASIS Director of Communications carol.geyer@oasis-open.org +1.978.667.5115 x290

BOSTON, MA, USA; 4 AUGUST 2004— After more than five years of successful cooperation with OASIS as an affiliate, CGM Open has transitioned to become a Member Section of the OASIS global standards consortium. With the inaugural meeting of its OASIS CGM Open WebCGM Technical Committee, CGM Open has taken the next step, launching an aggressive agenda built around advanced development and interoperability of the well-established WebCGM standard.

WebCGM version 1.0, a vector graphics standard used in online technical documents such as parts catalogs and electronic manuals, was produced by a collaborative effort of CGM Open and the World Wide Web Consortium (W3C) in 1999 and revised in 2001. Requirements from the user community, especially for a Document Object Model (DOM) and an XML companion file architecture, have elevated production of a WebCGM version 2.0 as the first priority for the OASIS CGM Open WebCGM Technical Committee. A WebCGM DOM will allow dynamic access to information stored in the graphics file. An XML companion file architecture will allow objects in the file to be associated with metadata – from simple hotspot links to complex multi-language screentips or context-sensitive data. These enhancements will improve both the vendor neutrality of WebCGM, and the application neutrality as well – industry consortia will be able to easily derive their individual standards from the WebCGM base.

"WebCGM 2.0 will incorporate critical new features needed in the marketplace," said Dave Cruikshank of the Boeing Company, chair of the OASIS CGM Open WebCGM Technical Committee. "We expect WebCGM 2.0 to become the core profile for all industry sectors, ensuring vendor-neutral interoperability between CGM-enabled products."

"WebCGM is an exciting example of productive, cross-consortia cooperation at work," noted Patrick Gannon, president and CEO of OASIS. "CGM was first published by the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC). CGM Open and W3C expanded on that work by developing WebCGM. Now, the OASIS CGM Open Member Section looks forward to continuing that productive collaboration with WebCGM version 2.0."

"WebCGM 2.0 forms a significant portion of our vision of where CGM is going," commented Dieter Weidenbrück of ITEDO Software, chair of the OASIS CGM Open Member Section Steering Committee. "We see our main goal in providing users with a reliable and powerful format that meets their requirements."

Members of the OASIS CGM Open Member Section include representatives of Airbus, Arbortext, Auto-trol Technology, The Boeing Company, US National Institute of Standards and Technology (NIST), and others. WebCGM 2.0 technical definition, plus several parallel implementations, are expected to be substantially finished in late 2004.

About CGM Open

CGM Open, an OASIS Member Section, works to accelerate the adoption, application, and implementation of the Computer Graphics Metafile (CGM), the ISO/IEC 8632:1999 standard for open interchange of structured graphical objects and their associated attributes. In collaboration with the World Wide Web Consortium (W3C), CGM Open developed WebCGM, a profile that provides a reliable method of publishing two-dimensional technical graphics on the Web.

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces more Web services standards than any other organization along with standards for security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include AVDL, CAP, DocBook, DSML, ebXML, SAML, SPML, UDDI, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org

Additional information

OASIS CGM Open WebCGM Technical Committee http://www.oasis-open.org/committees/cgmo-webcgm

Press contact

Carol Geyer OASIS Director of Communications carol.geyer@oasis-open.org +1.978.667.5115 x290

Boston, MA, USA; 23 June 2004 — The OASIS international standards consortium today announced that its members have approved the Application Vulnerability Description Language (AVDL) version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. AVDL provides a standard method for exchanging information concerning security vulnerabilities within Web services and Web applications.

"AVDL addresses the challenge of how businesses manage ongoing application security risk on a day-to-day basis," explained Gartner VP and analyst John Pescatore. "When you consider that upwards of 80 application vulnerabilities are announced each week, it’s clear how significant this work is. By employing solutions based on the AVDL OASIS Standard, companies can reduce the threat they face from the moment a vulnerability is discovered to the time it takes them to first shield, then patch their systems."

AVDL is already being implemented by companies and government agencies including the central security incident response organization for the United States Department of Energy (DOE) and National Nuclear Security Administration (NNSA), which plans to AVDL-enable its new Security Incident Response Portal.

"Prior to AVDL, network managers had to manually compare reports from application vulnerability assessments with their application firewall rules, patch management systems, and other information from event correlation engines. Then, they needed to take appropriate remediation steps and create firewall rules to secure their applications," said Kevin Heineman of SPI Dynamics, co-chair of the OASIS AVDL Technical Committee. "Now network managers can save valuable time by importing vulnerability assessment data from AVDL-compliant application scanners. Firewalls can configure appropriate rules, patch management software can provide automatic remediation, and event correlation products can include application-level vulnerability data in the organization’s overall risk assessment picture. AVDL offers a welcome alternative to the labor-intensive job of eyeballing and rewriting scores of text alerts, freeing security administrators to focus on higher-level policy analysis."

Jan Bialkowski of NetContinuum, co-chair of the OASIS AVDL Technical Committee, agreed, "Organizations are drowning in the flood of security bulletins and alerts while application vulnerability exploits are wreaking havoc on networks around the globe. AVDL offers an automated way to break this cycle by dramatically reducing the time between the discovery of a new vulnerability and the response time to block attacks at the security gateway. Since AVDL is an easy schema to implement, we hope to see rapid adoption, advancing the industry to an era where all security products can share and effectively utilize vulnerability data via AVDL."

Participation in the OASIS AVDL Technical Committee remains open to all organizations and individuals, and OASIS hosts an open mail list for public comment.

Industry Support for AVDL OASIS Standard

"With the ratification of AVDL, we will now have the capability to provide interoperability between industry-leading network and application security technologies and our vulnerability management solutions. Large enterprise and government customers will benefit enormously from the greater flexibility and consistency for implementing security policies with a standard approach to managing vulnerability data," said Carl Banzhof, CTO, Citadel Security Software.

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces more Web services standards than any other organization along with standards for security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include CAP, DocBook, DSML, ebXML, SAML, SPML, UDDI, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org

Additional information:

OASIS AVDL Technical Committee http://www.oasis-open.org/committees/avdl

Cover Pages: Application Security http://xml.coverpages.org/appSecurity.html

Press contact:

Carol Geyer OASIS Director of Communications carol.geyer@oasis-open.org +1.978.667.5115 x290

Boston, MA, USA; 21 June 2004 — International standards consortium, OASIS, announced plans to advance oBIX (Open Building Information Xchange), a Web services implementation for the building management and controls industry. The new OASIS oBIX Technical Committee will define a standard method to enable mechanical and electrical systems in facilities and buildings to communicate with enterprise applications. oBIX is an example of the growing trend of vertical industries organizing within OASIS to develop standards that leverage Web services methods for their specific industry needs.

oBIX will be applicable to a wide variety of smart systems embedded in facilities, such as heating, ventilation and air conditioning (HVAC), elevators, laboratory equipment, life/safety systems, access control, intruder detection, audio visual event management, closed circuit television monitoring, and many others. oBIX will also provide access to information from sensing devices that are not typically part of control systems, delivering real-time access to sensors that measure or monitor the physical space in a facility, including environmental sensing, electrical panels, and power meters.

"Currently, there is no easy way for IT departments to integrate their enterprise systems with those that run their buildings. Yet facilities represent the largest physical asset most companies have. Using Web services to enhance the effectiveness of building control systems promises to have an enormous impact on an organization’s bottom line," said Ron Zimmer, President & CEO of the Continental Automated Buildings Association (CABA). oBIX was originally established as a working group within CABA, which will continue its involvement through participation in OASIS.

"oBIX is an exciting example of applying Web services to solve a specific market requirement," added Patrick Gannon, president and CEO of OASIS. "The building controls industry recognized the need for a standard optimized for Internet technology. By choosing to advance this work within OASIS, CABA’s domain experts join together with developers of more than 14 Web services initiatives currently underway at our consortium. We believe that proximity to other OASIS Web services standards efforts will help foster interoperability and encourage reuse of related work."

"oBIX will improve operational effectiveness, giving facility managers and building owners increased knowledge and control of their properties. It will be a major step forward in fulfilling the vision of truly intelligent buildings," said Toby Considine of the University of North Carolina, proposed chair of the OASIS oBIX Technical Committee.

The OASIS oBIX Technical Committee is made up of users and vendors from all sectors of the building controls market, including the security, HVAC, building automation, open protocol, and IT disciplines. Current members are listed at http://www.oasis-open.org/committees/membership.php?wg_abbrev=obix, however, participation remains open to all organizations and individuals. OASIS also offers a mechanism for public comment on the work. The Technical Committee plans to prioritize oBIX development based on input from the community and particularly seeks use scenarios from those managing systems for large office buildings, universities, hospitals, etc.

"We intend to work with control protocols such as LonTalk (now known as ANSI/EIA/CEA709.1) and BACnet (ASHRAE/ANSI 135-2001, ISO 16484-5) so that oBIX can become the vehicle to take building systems to the TCP/IP layer in a consistent manner for the benefit of the enterprise. oBIX will also make it possible to integrate the many legacy proprietary control and monitoring systems in use today as well as future, native TCP/IP control systems," noted Paul Ehrlich of Trane, convener of the OASIS oBIX Technical Committee.

Anders Axelsson, senior vice-president of sales and marketing at Echelon, added, "We have been strong advocates of XML and Web services for enterprise-level interfaces and as a mechanism for data exchange amongst otherwise disconnected systems for some time. The combination of open control networks within buildings and oBIX open information exchange at the enterprise and gateway levels will, we believe, eliminate many of the complexities, confusion, and redundancies that can keep building owners and facility managers from reaping the many benefits of open systems."

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces more Web services standards than any other organization along with standards for security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include CAP, DocBook, DSML, ebXML, SAML, SPML, UDDI, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org

More information:

OASIS oBIX Technical Committee http://www.oasis-open.org/committees/obix Cover Pages Technology Report: http://xml.coverpages.org/facilitiesXML.html oBIX Initiative: http://www.obix.org

Press contact:

Carol Geyer Director of Communications OASIS carol.geyer@oasis-open.org +1.978.667.5115 x209

Boston, MA, USA; 5 May 2004 — The OASIS standards consortium today announced that its members have approved the Common Alerting Protocol (CAP) version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. CAP enables the exchange of emergency alert and public warning information over data networks and computer-controlled warning systems. By limiting transport-specific nomenclature, CAP remains remains fully compatible with existing public warning systems, including those designed for multilingual and special-needs populations, as well as with XML applications such as Web services.

"The CAP OASIS Standard has been designed to allow a consistent warning message to be communicated simultaneously over different systems," explained Allen Wyke, chair of the OASIS Emergency Management Technical Committee. "By standardizing on a format, technology developers and vendors in the emergency, incident, and business continuity fields will be able to take a huge step forward in sharing this critical, and potentially life saving, information."

CAP is also expected to reduce costs and operational complexity by helping simplify the software interfaces needed to interact with the many sources and dissemination systems involved in all-hazard warnings.

The new OASIS Standard addresses emergencies and incidents that apply to both the private and public sectors. CAP has been implemented by U.S. national and local agencies including the Department of Homeland Security, the National Weather Service, the United States Geological Survey, California Office of Emergency Services, and the Virginia Department of Transportation as well as companies such as Blue292. CAP data elements have been incorporated in the U.S. Department of Justice’s "Global Justice XML Data Model."

"DHS/FEMA is extremely proud of the role we have played in the establishment of the CAP standard through our participation with OASIS," said Chip Hines, program manager for Homeland Security’s Disaster Management eGov Initiative. "We are pleased that our initiative has been able to demonstrate that the standard works across a variety of vendor products. We strongly support the development of standards that will increase the efficiency and effectiveness of our nation to prepare for and respond to all emergencies. We intend to continue to use the OASIS process to further these goals."

"The implementation of CAP goes a long way toward making alert and warning more accessible to local governments via a plug-and-play environment," commented Elizabeth F. Klute, Community Warning System Manager for the Contra Costa County Office of the Sheriff Emergency Services in California.

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces more Web services standards than any other organization along with standards for security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include CAP, DocBook, DSML, ebXML, SAML, SPML, UDDI, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org

More information:

OASIS Emergency Management Technical Committee http://www.oasis-open.org/committees/emergency

Cover Pages: "XML and Emergency Management" http://xml.coverpages.org/emergencyManagement.html#oasis

Press contact:

Carol Geyer Director of Communications OASIS carol.geyer@oasis-open.org +1.978.667.5115 x209

Boston, MA, USA; 19 April 2004 — The OASIS international standards consortium today announced that its members have approved the Web Services Security (WSS) version 1.0 (WS-Security 2004) as an OASIS Standard, a status that signifies the highest level of ratification. WSS offers a trusted means for applying security to Web services by providing the necessary technical foundation for higher-level services.

Gartner analyst, Ray Wagner, advised, "Enterprises should adopt WSS formatting for all across-the-firewall Web service deployments, even in cases where no security needs have been identified. Gartner believes that WSS will be the standard for the majority of Web services, and committing to it now will allow enterprises to easily modify the security profile of deployed Web services in the future."

WSS builds upon existing security technologies such as XML Digital Signature, XML Encryption and X.509 Certificates to deliver an industry standard way of securing Web Services message exchanges. Providing a framework within which authentication and authorization take place, WSS lets user apply existing security technology and infrastructure in a Web Services environment.

"By enabling applications to share information regarding network access regardless of the underlying platform, Web Services Security paves the way for broader adoption of Web services," said Chris Kaler of Microsoft, co-chair of the OASIS WSS Technical Committee. "The OASIS WSS TC is pleased by the support and commitment of the Web services community leading to the ratification of Web Services Security as an industry standard."

WSS handles complex confidentiality and integrity for SOAP (Simple Object Access Protocol) messages, providing a general-purpose mechanism for associating security tokens with message content. Designed to be extensible, WSS supports multiple security token formats.

"A client might provide one format for proof of identity and another format to verify their business certification," explained Kelvin Lawrence of IBM, co-chair of the OASIS WSS Technical Committee. "Using WSS, a system can authenticate the identity of a person connecting to several networks at once or pass data between two applications securely."

"The Web Services Security OASIS Standard represents a truly impressive collaboration from across the industry," noted Patrick Gannon, president and CEO of OASIS. "It is testament to the value of the open standards process where users and vendors, large and small, come together to advance a common good. WSS delivers a much-needed foundational technology that will enable Web services to be deployed with confidence."

Industry Support for WSS

Booz Allen Hamilton "The approval of Web Services Security is a large step forward in enabling increasingly secure interoperability between Web Services-based systems both inside and outside enterprise boundaries," said Steven Lewis, Senior Consultant at Booz Allen Hamilton. "This will enable our clients to achieve even greater benefits from using Web Services, and we look forward to applying OASIS Web Services Security in our client solutions."

Commerce One "Securing messages sent using Web services is critical to the widespread deployment of Web services for integrating systems at the ‘edge-of-the-enterprise.’ We have been very active in the development of this important standard and have implemented it as part of a comprehensive security solution in our Conductor Platform," said David Burdett, Director of Standards Strategy at Commerce One.

Computer Associates "OASIS Web Services Security will help ensure and streamline the implementation of security policies across complex environments and multiple business relationships. CA will continue to work closely with other industry leaders and with OASIS to develop practical standards that enable our customers to create trusted relationships, resulting in improved business performance and new revenue opportunities." said Dmitri Tcherevik, director of Web services at Computer Associates.

Cordance "WSS 1.0 is a key building block of the trust infrastructure required by many other Web Services. The OASIS XDI (XRI Data Interchange) Technical Committee intends to use WSS 1.0 as a primary means of ensuring the security of trusted data sharing relationships using XDI. This is another example of how modular Web Services specifications developed by OASIS and other standards bodies can work together to build the next layer of the Web," said Drummond Reed, CTO, Cordance Corporation, Co-Chair of the OASIS XRI and XDI Technical Committees.

Fujitsu "Fujitsu is very pleased to learn that Web Services Security (WS-Security 2004) has been ratified as an OASIS Standard with wide industry support. Fujitsu believes that this open and interoperable security standard will accelerate the adoption and deployment of Web services suitable for real business applications," said Seigo Hirosue, General Manager of Strategy and Technology Division, Software Group of Fujitsu Limited.

HP "Standards-based, secure Web services technologies are the foundation of open, flexible, business-centered computing systems. Approval of the OASIS Web Services Security specifications is an important step in building a complete suite of open Web services standards. Implementations of these specifications will help HP and our customers to adapt IT resources to enterprise needs rapidly and securely," said David Shoaf, director, Software Standards Marketing, HP.

IBM "IBM is pleased to see Web Services Security become an OASIS Standard. Customers have been asking for an industry standard way of signing and securing Web services message exchanges, and the industry has clearly been looking to the OASIS Web Services Security Technical Committee to deliver a quality specification. IBM already offers support for earlier drafts of WS-Security in many of our WebSphere and Tivoli products and this new OASIS Standard will be fully supported across the IBM software portfolio," said Arvind Krishna, vice president of provisioning and security development, Tivoli Software, IBM.

Microsoft "The ratification of Web Services Security as a standard is a significant milestone for Web services and the industry overall. Web Services Security is supported broadly across the industry, with numerous implementations from vendors available today as evident by our customers leveraging Web Services Security capabilities. We will continue our support for the standard with plans to implement the technology in our Web Services Enhancements (WSE) offering. We look forward to continued progress, adoption and implementation of Web services, and continuing our commitment to work with the industry to provide a common set of industry standards for secure, reliable and transacted Web services," said Dave Mendlen, director of Web services technical marketing for Microsoft.

Nokia "Nokia is pleased to see the timely release of these open security standards. This will enable interoperable web services security, driving meaningful web services adoption. Nokia is pleased to have contributed to these standards and looks forward to their adoption by vendors, customers and other standards organizations, increasing the momentum toward practical service oriented architectures," said Frederick Hirsch, Senior Architect at Nokia, an active contributor in the OASIS WSS Technical Committee and member of the OASIS Board of Directors.

Reactivity "Over the past 18 months, Reactivity has been an active member of the OASIS WSS Technical Committee, providing thought leadership in XML security technology to help drive the convergence of interoperability standards. We appreciate the opportunity to contribute to Web Services Security Version 1.0 and are pleased to have been the first among XML security gateways to actually demonstrate broad interoperability. We will continue to actively support the final specification in our current and next-generation secure connectivity solutions for Web services," said John Lilly, CTO, Reactivity.

SAP "SAP considers message-level Web service security a key component for deploying Web services in enterprise-critical business applications. We are pleased to see Web Services Security accepted as an OASIS Open Standard and to announce its support in SAP NetWeaver, SAP’s application and integration platform. Web Services Security provides our customers with message integrity and confidentiality in their Web services-based application integration projects," said Michael Bechauf, Vice President NetWeaver Standards at SAP.

Sarvega "As the deployment of Web services, especially in mission-critical applications, becomes more widespread, the ability to provide interoperable, comprehensive and reliable security becomes all the more important. The industry has recognized for some time that standardization of security is key to successful Web services deployments. OASIS and its members have made significant contributions toward crafting a common standard and assuring real life applicability through interoperability testing. We, as well as our customers, are extremely pleased about this announcement and Sarvega is proud to be part of the process," said Girish Juneja, co-founder and senior vice president of product management for Sarvega.

SeeBeyond "Approval of Web Services Security as an OASIS Standard is an important step toward maturing the set of basic technologies necessary to support the deployment of secure Web Services. As an OASIS sponsor represented on the OASIS WSS Technical Committee, SeeBeyond supports this advancement in providing enhanced message-based integrity, confidentiality, and authentication. This security standard coupled with our open platform for composite application development and integration, further supports our role in enabling standards-based interoperability built on a Service Oriented Architecture (SOA) for our global customer base," said Alex Andrianopoulos, vice president of Product Management & Standards for SeeBeyond.

About OASIS (http://www.oasis-open.org):

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. Founded in 1993, OASIS has more than 2,500 participants representing over 600 organizations and individual members in 100 countries.

More information:

OASIS WSS Technical Committee http://www.oasis-open.org/committees/wss

Cover Pages Technology Report: Web Services Security http://xml.coverpages.org/ws-security.html

Press contact:

Carol Geyer Director of Communications OASIS (www.oasis-open.org) carol.geyer@oasis-open.org +1.978.667.5115 x209

Boston, MA, USA; 13 April 2004 — Standards consortium, OASIS, has brought together government defense agencies, major manufacturers, and software vendors to collaborate on the deployment of an international data exchange standard to support complex engineered assets throughout their entire life cycle. The new OASIS Product Life Cycle Support (PLCS) Technical Committee will develop Data Exchange Sets (DEXs) that provide a mechanism to maintain information on complex systems such as ships, aircraft, engines, or oil platforms, supporting product changes from concept to disposal.

OASIS PLCS Technical Committee members will base their work on the International Organisation for Standardization (ISO) 10303 Standard for Exchange of Product Model Data (STEP) Application Protocol 239 PLCS. OASIS will build on the ISO STEP XML binding to generate standardized XML schemas for PLCS DEXs.

Defense agencies across Europe and North America are actively participating in the OASIS development. Air Chief Marshal Sir Malcolm Pledger, UK Chief of Defence Logistics emphasized that the initiative had his personal support. Commodore Morten Jacobsen, Norwegian Head of Defence Investment, expressed his belief that PLCS will be the leading standard for product data and Life Cycle Management.

"PLCS will enable UK Ministry of Defence (MOD) to contract against an open, neutral and commercial ISO support data standard. We see PLCS as a keystone in the development of the MOD support transformation policy driving down equipment support costs," said Major-General Malcolm Wood, Director General Defence Supply Chain, United Kingdom Ministry of Defence (MOD).

Jerry Smith of the US Defense Information Systems Agency, co-chair of the OASIS PLCS Technical Committee explained, "One of the biggest challenges for owners and maintainers of complex, high value assets is keeping all of the information that describes the product and its associated support environment aligned with the actual product configuration as it changes throughout its operating life. The OASIS PLCS work answers the growing need for open standards that facilitate the next generation of integrated customer support solutions."

"The exciting thing about advancing this work within OASIS is the participation we have from customers and users as well as vendors," added Howard Mason of BAE Systems, co-chair of the OASIS PLCS Technical Committee. "This shared approach to a shared problem is fundamental to the common solutions that are needed to transform the logistics chain across both commercial and military domains."

OASIS PLCS Technical Committee members include The Boeing Company, LSC Group, Norwegian Defence Logistics Organisation, Swedish Defence Materiel Administration, UK Ministry of Defence, US Defense Information Systems Agency, and others. To ensure the entire community is represented in the OASIS development, liaisons have been established with ISO’s TC 184/SC4 on Industrial Data, the European Association of Aerospace Industries (AECMA), POSC Caesar, and Government Electronics & Information Technology Association (G-EIA). Participation remains open to all organizations and individuals, and OASIS hosts a mail list for public comment.

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. http://www.oasis-open.org

Additional information:

OASIS PLCS Technical Committee http://www.oasis-open.org/committees/plcs

Press contact:

Carol Geyer Director of Communications OASIS carol.geyer@oasis-open.org +1.978.667.5115 x209

Boston, MA, USA; 12 April 2004 — International standards consortium, OASIS, announced plans to advance the Darwin Information Typing Architecture (DITA), a document creation and management specification that builds content reuse into the authoring process. The XML architecture defined by the new OASIS DITA Technical Committee will be used to design, write, manage, and publish technical documentation in print and on the Web.

"DITA embodies several interesting information architecture concepts related to XML-based authoring and content management, including a clever transclusion mechanism that supports document component reuse," said Robin Cover, editor of the Cover Pages, a reference site for markup languages. Cover has tracked the progress of DITA through several revisions and views the decision to bring the specification into an open collaborative forum as a very positive development. "Given the elusive Holy Grail of semantically constrained content reuse, DITA represents a unique contribution; the architecture deserves the attention of a wider group of reviewers and developers."

Focusing on the ‘topic’ as a conceptual unit of authoring, DITA will extend existing content markup to represent domains of specialized markup common across sets of topics, e.g., hardware vs. software. Larger documents can be created by aggregating topic units. Content referencing combines several topics into a single document or allows content to be shared among topics.

"With DITA, the distinction between reusable content and reusing content disappears," said Dave Schell, convener of the OASIS DITA Techncial Committee. "That’s because DITA’s strength lies in a unified content reuse mechanism that enables an element to replace itself with the content of a like element elsewhere, either in the current topic or in a separate topic that shares the same content models."

Don Day of IBM, proposed chair of the OASIS DITA Technical Committee, added, "DITA goes beyond standard entity reuse to allow reused content to exist in a valid XML file with a DTD. The net result is that reused content gets validated at authoring time, rather than at reuse time, catching problems at their source."

By enabling definitive semantics, DITA will allow more automatable processes, consistent authoring and better retrievability and applicability to specific industries. Through the use of a common specification, DITA content owners will benefit from industry support, interoperability, and reuse of community contributions. At the same time, through specialization, content owners will be able to address the specific requirements of their business or industry.

OASIS DITA Technical Committee members include representatives of Arbortext, Innodata Isogen, IBM, and others. The group brings together XML tools vendors, consultants on Information Architectures and Content Management Systems (CMS), and users of the DITA Document Type Definitions (DTD) and Schemas. Participation remains open to all organizations and individuals; OASIS will host a mail list for public comment.

Industry Support for DITA

Arbortext "DITA presents an innovative solution to several thorny problems of developing XML applications, especially in the publishing arena, and we at Arbortext enthusiastically support the new OASIS DITA Technical Committee," said Paul Grosso, VP Research for Arbortext.

IBM "DITA establishes a platform for information development that lays the foundation for content collaboration. DITA is an XML-based architecture with a modular design and built-in extension mechanisms that usher in a new era of collaboration for the design, reuse, and processing of content," said Dave A. Schell, chief strategist for IBM’s information development community, commenting on IBM’s recent donation of DITA to OASIS and the formation of an OASIS Technical Committee for DITA.

Innodata Isogen "Innodata Isogen finds that the DITA architecture fits very well with the technical approaches we’ve used for many years in addressing our clients’ requirements for managing complex systems of modular information. We see DITA-based solutions as a key component of robust, large-scale XML-based information management systems – especially in global enterprises or vertical industries where interoperability and re-use among different groups is a requirement," said Eliot Kimber, Senior Systems Analyst, Innodata Isogen.

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. Founded in 1993, OASIS has more than 2,500 participants representing over 600 organizations and individual members in 100 countries. http://www.oasis-open.org

Additional information:

OASIS DITA Technical Committee http://www.oasis-open.org/committees/dita

Cover Pages Technology Report: http://xml.coverpages.org/ni2004-03-29-b.html

Press contact: Carol Geyer Director of Communications OASIS carol.geyer@oasis-open.org +1.978.667.5115 x209

Boston, MA, USA; 8 April 2004 — OASIS, the international standards consortium, announced plans to host the Symposium on Reliable Infrastructures for XML, 26-27 April 2004, in New Orleans. The event, which will be open to the public, will offer a forum for the international community to exchange ideas and present results of standards work-in-progress. Attendees will identify unaddressed topics in need of standards development and areas where coordination between efforts would promote interoperability.

"Today, many different (and partially interchangeable) technologies are available that propose to increase the reliability of XML-based messaging and networking infrastructure. We define ‘reliable’ to mean that implementing one or more of these technologies in an infrastructure removes some of the burden of ensuring application integrity from software programmers and architects," explained Chet Ensign of LexisNexis, chair of the Program Committee of the OASIS Technical Advisory Board. "The OASIS Symposium will focus on exploring the current state of these technologies and identifying gaps where open standards are needed."

User requirements will drive the discussions. Keynotes will be provided by William Stangel, Sr. VP and Enterprise Architect for Fidelity Investments Systems Company, and Thomas Koulopoulos, president and co-founder of the Delphi Group.

Other program highlights include a user panel on "Implementing Standards to Achieve Reliable Transacting," featuring Fred Falten of General Motors representing the Automotive Industry Action Group (AIAG), Kenneth R. Hutcheson, director of the Chemical Industry Data Exchange (CIDX), Patrick Gannon, president and CEO of OASIS, and Paul Tearnen, Vice President, Standards Management of RosettaNet. Moderated by Michael Bechauf, Vice President of NetWeaver Standards for SAP, the panel will explore the importance of open standards to users and the ways industry groups are implementing standard-oriented architectures into their own work.

Building on foundational information presented in the main Symposium, the healthcare community will gather on Wednesday, 28 April for a workshop, "Reliable Infrastructures for eHealth." Implementers from Health Level Seven (HL7), The Mayo Clinic, Medical Banking Project, US Centre for Disease Control, US National Institute of Health, and others will investigate the relationships between the standards that exist today and paths for future development.

Seventeen OASIS Technical Committees will meet following the Symposium to advance standard data exchange for e-business, Web services, security, and legal applications. First meetings of the new OASIS Electronic Business Service Oriented Architecture (ebSOA) Technical Committee, the OASIS Web Services Notification (WSN) Technical Committee, and the OASIS Web Services Resource Framework (WSRF) Technical Committee will be held at the event.

The OASIS Symposium is sponsored by Adobe, Booz Allen Hamilton, IBM, SAP, and Sun Microsystems. Registration is open to all. For more information: http://www.oasis-open.org/events/symposium/

About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. Founded in 1993, OASIS has more than 3,000 participants representing over 600 organizations and individual members in 100 countries. http://www.oasis-open.org

Press contact:

Carol Geyer Director of Communications OASIS carol.geyer@oasis-open.org +1.978.667.5115 x209