Invitation to comment on Classification of Everyday Living V1.0 from the #COEL TC – ends May 23rd

We are pleased to announce that Classification of Everyday Living Version 1.0 from the OASIS Classification of Everyday Living (COEL) TC [1] is now available for public review and comment. This is the third public review for COEL V1.0 and incorporates updates to Committee Specification 01.

The OASIS COEL specification provides a privacy-by-design framework for the collection and processing of behavioural data. It is uniquely suited to the transparent use of dynamic data for personalised digital services, IoT applications where devices are collecting information about identifiable individuals and the coding of behavioural data in identity solutions. The specification pseudonymises personal data at source and maintains a separation of different data types with clearly defined roles & responsibilities for all actors. All behavioural data are defined as event-based packets. Every packet is connected directly to an individual and can contain a summary of the consent they provided for the processing of the data. A combination of a taxonomy of all human behaviours and the event-based protocol provide a universal template for data portability. Simple interface specifications enforce the separation of roles and provide system-level interoperability.

The documents and related files are available here:

Classification of Everyday Living Version 1.0
Committee Specification Draft 04 / Public Review Draft 03
04 May 2018

Specification URIs

Editable source (Authoritative):
http://docs.oasis-open.org/coel/COEL/v1.0/csprd03/COEL-v1.0-csprd03.docx

HTML:
http://docs.oasis-open.org/coel/COEL/v1.0/csprd03/COEL-v1.0-csprd03.html

PDF:
http://docs.oasis-open.org/coel/COEL/v1.0/csprd03/COEL-v1.0-csprd03.pdf

COEL model v1.0:
http://docs.oasis-open.org/coel/COEL/v1.0/csprd03/model/coel.json

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:

http://docs.oasis-open.org/coel/COEL/v1.0/csprd03/COEL-v1.0-csprd03.zip

How to Provide Feedback

OASIS and the COEL TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

This public review starts 09 May 2018 at 00:00 UTC and ends 23 May 2018 at 11:59 UTC.

This 15-day review is limited in scope to changes made to Committee Specification 01. Changes are highlighted in red-lined file included in the package [3].

Comments on the work may be submitted to the TC by following the instructions located at:

http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=coel

Feedback submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:

http://lists.oasis-open.org/archives/coel-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with the public review of these works, we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the COEL TC may be found on the TC’s public home page.

========== Additional references:

[1] OASIS Classification of Everyday Living (COEL) TC
http://www.oasis-open.org/committees/coel/

[2] Previous public reviews:

– 30-day public review, 10 November 2016:
https://lists.oasis-open.org/archives/members/201611/msg00000.html
– Comment resolution log:
http://docs.oasis-open.org/coel/COEL/v1.0/csprd01/COEL-v1.0-csprd01-comment-resolution-log.xlsx

– 15-day public review, 11 December 2017:
https://lists.oasis-open.org/archives/members/201712/msg00002.html
– Comment resolution log:
http://docs.oasis-open.org/coel/COEL/v1.0/csprd02/COEL-v1.0-csprd02-comment-resolution-log.xlsx

[3] Red-lined version:
http://docs.oasis-open.org/coel/COEL/v1.0/csprd03/COEL-v1.0-csprd03-DIFF.pdf

[4] http://www.oasis-open.org/policies-guidelines/ipr

[5] http://www.oasis-open.org/committees/coel/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode
RF on RAND Mode

Invitation to comment on Exchange Header Envelope (XHE) V1.0 – ends May 29th

OASIS members and other interested parties,

OASIS and the OASIS Business Document Exchange (BDXR) TC [1] are pleased to announce that Exchange Header Envelope (XHE) Version 1.0 is now available for public review and comment.

The Exchange Header Envelope (XHE) defines a business-oriented artefact either referencing (as a header) or containing (as an envelope) a payload of one or more business documents or other artefacts with supplemental semantic information about the collection of payloads as a whole. An exchange header envelope describes contextual information important to the sender and receiver about the payloads, without having to modify the payloads in any fashion.

This vocabulary is modeled using the UN/CEFACT Core Component Technical Specification Version 2.01.

XHE, a specification developed jointly by UN/CEFACT and OASIS, is the successor to the UN/CEFACT Standard Business Document Header (SBDH) version 1.3 [SBDH] and the OASIS Business Document Envelope (BDE) version 1.1 [BDE].

The documents and related files are available here:

Exchange Header Envelope (XHE) Version 1.0
Committee Specification Public Review Draft 01
23 April 2018

Editable source (Authoritative):
http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/xhe-v1.0-csprd01.xml

HTML:
http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/xhe-v1.0-csprd01-oasis.html

PDF:
http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/xhe-v1.0-csprd01-oasis.pdf

Document models of information bundles:
http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/mod

Annotated XSD schemas:
http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/xsd

Runtime XSD schemas:
http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/xsdrt/XHE-1.0.xsd

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:

http://docs.oasis-open.org/bdxr/xhe/v1.0/csprd01/xhe-v1.0-csprd01.zip

How to Provide Feedback

OASIS and the BDXR TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 30 April 2018 at 00:00 UTC and ends 29 May 2018 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=bdxr).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/bdxr-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the TC can be found at the TC’s public home page:

https://www.oasis-open.org/committees/bdxr/

========== Additional references:

[1] OASIS Business Document Exchange (BDXR) TC
https://www.oasis-open.org/committees/bdxr/

[2] http://www.oasis-open.org/who/intellectualproperty.php

[3] http://www.oasis-open.org/committees/bdxr/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#Non-Assertion-Mode
Non-Assertion Mode

60-day Public Review for Universal Business Language (#UBL) V2.2 COS01 – ends June 23rd

Members of the OASIS Universal Business Language TC [1] have recently approved a Special Majority Ballot [2] to advance Universal Business Language Version 2.2 as a Candidate OASIS Standard (COS). The COS now enters a 60-day public review period in preparation for the member call to consider its approval as an OASIS Standard.

The Universal Business Language (UBL) is an open library of standard electronic XML business documents for procurement and transportation such as purchase orders, invoices, transport logistics and waybills. It is designed to operate within a standard business framework such as ISO/IEC 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes.

Version 2.2 is completely backward-compatible with UBL 2.0. UBL is freely available to everyone without legal encumbrance or licensing fees.

The TC has received 3 Statements of Use from JAVEST, the eSENS eTendering pilot, and the Norwegian Agency for Public Management and eGovernment (Difi) [3].

The prose specifications and related files are available at:

Universal Business Language Version 2.2
Candidate OASIS Standard 01
22 April 2018

Editable source (Authoritative):
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/UBL-2.2.xml

HTML:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/UBL-2.2.html

PDF:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/UBL-2.2.pdf

Code lists for constraint validation:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/cl/

Context/value Association files for constraint validation:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/cva/

Document models of information bundles:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/mod/

Default validation test environment:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/val/

XML examples:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/xml/

Annotated XSD schemas:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/xsd/

Runtime XSD schemas:
http://docs.oasis-open.org/ubl/cos01-UBL-2.2/xsdrt/

ZIP distribution file (complete):

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:

http://docs.oasis-open.org/ubl/cos01-UBL-2.2/UBL-2.2.zip

Public Review Period:

The 60-day public review begins 25 April 2018 at 00:00 UTC and ends 23 June 2018 at 23:59 UTC.

This is an open invitation to comment. OASIS solicits feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility as explained in the instructions located via the button labeled “Send A Comment” at the top of the TC public home page, or directly at:

https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=ubl

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

http://lists.oasis-open.org/archives/ubl-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review of “Universal Business Language Version 2.2,” we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

==============

[1] OASIS Universal Business Language TC
http://www.oasis-open.org/committees/ubl/

[2] https://www.oasis-open.org/committees/ballot.php?id=3200

[3] Statements of Use:

JAVEST: https://lists.oasis-open.org/archives/ubl/201803/msg00025.html

eSENS eTendering pilot: https://lists.oasis-open.org/archives/ubl-comment/201804/msg00000.html

Norwegian Agency for Public Management and eGovernment (Difi): https://lists.oasis-open.org/archives/ubl/201804/msg00003.html

[4] http://www.oasis-open.org/policies-guidelines/ipr

[5] http://www.oasis-open.org/committees/ubl/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-Limited-Mode
RF on Limited Terms Mode

OASIS Launches New DITA XML.org Technical Publishing Community Portal

23 April 2018–The OASIS international standards consortium today introduced the new DITA XML.org portal (http://dita.xml.org). This newly re-engineered website serves as the official online community gathering place and information resource for the Darwin Information Typing Architecture (DITA), an international openstandard that builds content reuse into the authoring process.

Developed by members of the OASIS DITA Adoption Committee, the DITA XML.org portal provides one-stop shopping for DITA news, industry announcements, whitepaper postings, resource listings, and technical articles. The site features an integrated discussion forum to support conversations within the DITA user community.

“It’s all things DITA,” said Keith Schengili-Roberts of IXIASOFT, chair of the OASIS DITA Adoption Committee. “Not only is the content all about DITA, the website has been completely reimplemented as a DITA-portal management system.”

The site is based on DITAweb from Congility, whose CEO, Richard Murfitt, said, “This new DITA.XML.org website promises to be a great resource for both new and experienced DITA users. All of us at Congility are very pleased to support the new site which now utilizes the Congility DITAweb content server designed specifically to maximize the benefits of DITA.”

Funding for DITA.XML.org is provided by Adobe and IBM.

We are delighted to see the launch of the new DITA XML.org portal which can now provide more personalized content to its huge online community by leveraging the power of structured content,” said Rohit Bansal, Senior Product Marketing Manager for Adobe Technical Communication Products. “We continue our support to the DITA standard with the development of an enterprise-class DITA CCMS – XML Documentation Add-on for Adobe Experience Manager, which helps organizations create, manage and deliver immersive content experiences.”

Members of the OASIS DITA Adoption Committee include representatives of Adobe Systems, Alfresco Software, Cisco, Huawei, IBM, IXIASOFT, Oracle, PTC, SAP, SDL, and others.

IXIASOFT Vice President, Product & Marketing, Thibault de la Grange, said, “IXIASOFT is known for furthering the goals of the DITA community by lending the support of our industry experts. Ultimately, we all benefit from the work that Keith and the other volunteers from the DITA Adoption Technical Committee have done.”

About OASIS

OASIS is a global nonprofit organization that drives the development, convergence, and adoption of open standards. OASIS promotes industry consensus and produces worldwide standards for content technologies, cybersecurity, cloud computing, IoT, privacy, and other areas. OASIS standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. http://www.oasis-open.org

Press contact: communications@oasis-open.org

Invitation to comment on #SAML V2.0 Subject Identifier Attributes Profile V1.0 from the SAML TC – ends May 7th

We are pleased to announce that SAML V2.0 Subject Identifier Attributes Profile Version 1.0 from the OASIS Security Services (SAML) TC [1] is now available for public review and comment. This is the document’s second public review.

The specification standardizes two new SAML Attributes to identify security subjects, as a replacement for long-standing inconsistent practice with the and constructs, and to address recognized deficiencies with the SAML V2.0 urn:oasis:names:tc:SAML:2.0:nameid-format:persistent Name Identifier format.

The documents and related files are available here:

SAML V2.0 Subject Identifier Attributes Profile Version 1.0
Committee Specification Draft 02/Public Review Draft 02
10 April 2018

Editable source (Authoritative):
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd02/saml-subject-id-attr-v1.0-csprd02.odt

HTML:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd02/saml-subject-id-attr-v1.0-csprd02.html

PDF:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd02/saml-subject-id-attr-v1.0-csprd02.pdf

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:

http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd02/saml-subject-id-attr-v1.0-csprd02.zip

How to Provide Feedback

OASIS and the SAML TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

This public review starts 23 April 2018 at 00:00 UTC and ends 07 May 2018 at 11:59 UTC.

This specification was previously submitted for public review [2]. This 15-day review is limited in scope to changes made from the previous review. Changes are highlighted in red-lined file included in the package [3].

Comments on the work may be submitted to the TC by following the instructions located at:

http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=security

Feedback submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/security-services-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with the public review of these works, we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the SAML TC may be found on the TC’s public home page.

========== Additional references:

[1] OASIS Security Services (SAML) TC
http://www.oasis-open.org/committees/security/

[2] Previous public reviews:

– 30-day public review, 14 November 2017:
https://lists.oasis-open.org/archives/members/201711/msg00004.html
– Comment resolution log:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd01/saml-subject-id-attr-v1.0-csprd01-comment-resolution-log.txt

[3] Red-lined version:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd02/saml-subject-id-attr-v1.0-csprd02-DIFF.pdf

[4] http://www.oasis-open.org/policies-guidelines/ipr

[5] http://www.oasis-open.org/committees/security/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode
RF on RAND Mode

Lightweight DITA: An Introduction published by #DITA TC

OASIS is pleased to announce the publication of “Lightweight DITA: An Introduction,” a Committee Note from the members of the OASIS Darwin Information Typing Architecture (DITA) TC [1].

Lightweight DITA (LwDITA) is a simplified version of the Darwin Information Typing Architecture (DITA). In comparison to DITA 1.3, it has a smaller element type and attribute set, stricter content models, and a reduced feature set. It also defines mappings between XML, HTML5, and Markdown so that authors can collaborate and publish across different markup languages.

LwDITA is a work in progress. The Committee Note outlines the current plans in order to gain design clarity and receive feedback from potential users. Details may well change between the publication of this CN and release of Lightweight DITA as an OASIS specification.

The files and associated components can be accessed at:

Lightweight DITA: An Introduction Version 1.0
Committee Note 01
10 April 2018

HTML:
http://docs.oasis-open.org/dita/LwDITA/v1.0/cn01/LwDITA-v1.0-cn01.html

PDF:
http://docs.oasis-open.org/dita/LwDITA/v1.0/cn01/LwDITA-v1.0-cn01.pdf

DITA source:
http://docs.oasis-open.org/dita/LwDITA/v1.0/cn01/LwDITA-v1.0-cn01-DITA-source.zip

Grammar files:
http://docs.oasis-open.org/dita/LwDITA/v1.0/cn01/LwDITA-v1.0-cn01-grammars.zip

Sample LwDITA document:
http://docs.oasis-open.org/dita/LwDITA/v1.0/cn01/LwDITA-v1.0-cn01-samples.zip

Distribution ZIP files

For your convenience, OASIS provides a complete package of the Committee Note that you can download here:

http://docs.oasis-open.org/dita/LwDITA/v1.0/cn01/LwDITA-v1.0-cn01.zip

Members of the DITA TC approved this Committee Note by a Full Majority vote on 10 April 2018 as documented in the TC minutes [2].

Our congratulations to all the members of the TC.

========== Additional references:

[1] OASIS Darwin Information Typing Architecture (DITA) TC
https://www.oasis-open.org/committees/dita/

[2] Approval
https://www.oasis-open.org/committees/document.php?document_id=62840&wg_abbrev=dita

Call for Presentations

for Borderless Cyber USA
Submit a proposal by 30 April

Cybersecurity Companies Demo Support for STIX and TAXII Standards for Automated Threat Intelligence Sharing at RSA 2018

16 April 2018 — Nine companies from around the world come together at the RSA 2018 conference this week to demonstrate automated cyber threat intelligence sharing in action. Members of the nonprofit OASIS standards consortium will showcase an array of products that support the STIX™ and TAXII™ standards. The demos are being held from 16-19 April, in Booth 1701.

The STIX standard enables organizations to share cyber threat intelligence in a consistent, machine-readable manner, allowing companies to anticipate and respond to attacks faster and more effectively. TAXII is the transportation protocol specifically designed to support the exchange of STIX data.

Products from Anomali, EclecticIQ, Fujitsu, Hitachi, IBM Security, New Context, NC4, ThreatQuotient, and TruSTAR are demonstrating how STIX and TAXII are being used to prevent and defend against cyberattack by enabling threat intelligence to be analyzed and shared among trusted partners and communities. In addition to seeing the demos, RSA attendees are learning more about how the major new version of STIX and TAXII making it much easier to automate cyber threat intelligence sharing.

Support for STIX and TAXII

Anomali CTO, Wei Huang, said, “Anomali is the first company to provide Limo—a free TAXII service, compliant with both STIX/TAXII 2.0 and 1.0—to enable interoperability testing, validation, and adoption for vendors and customers. This service includes threat intelligence and threat bulletins from Anomali Labs, Modern Honey Net, and open source feeds. Anomali’s free STIX/TAXII client—Anomali STAXX, can be used with Limo or any other STIX/TAXII threat intelligence source.”

EclecticIQ CEO & Founder, Joep Gommers, said, “STIX is the foundation of the data model of EclecticIQ Platform. Its analyst-centricity has helped to enable and transform the threat intelligence community in a relatively short time span. At the OASIS booth, we will demonstrate how our Threat Intelligence Platform utilizes STIX & TAXII to meet the full spectrum of intelligence needs.”

Fujitsu Director of Marketing & Sales (Cyber Systems) Defense Systems Unit, Hitoshi Habe, said, “Fujitsu will demonstrate S-TIP (Seamless – Threat Intelligence Platform) prototype. This platform merges human (SNS, email) and system (STIX/TAXII) CTI sharing seamlessly to help reveal 5Ws1H of cyber-attacks (such as threat actors, time periods, objectives, attack targets, intrusion paths, methods) with its capabilities like CTI graph analytics engine. Fujitsu has been an OASIS CTI Technical Committee member since the TC’s establishment.”

Hitachi, Ltd. Director of Security Innovation Promotion Department, Akihito Sawada, said, “Hitachi will demonstrate the prototype of information sharing service. This will be a part of security service of Hitachi Systems that gathers threat-related information in cyberspace and provides discussion place among analysts, operators. The information is provided to its users after it has been converted to STIX and TAXII format, ranked, classified and grouped. We are honored to introduce STIX and TAXII as prototype.”

NC4 Vice President, Andrew Blumberg, said, “As an early leader in bringing sharing of CTI to scale, NC4 is maturing the model for collective cyber defense by integrating person-to-person collaboration with machine-to-machine sharing. Unifying teams across industries and government, NC4 brings scale to the human factor of collaboration. Leveraging the STIX/TAXII standards to increase the immediacy of awareness and action also enables more effective use of core standard constructs like TTPs and COAs.”

New Context CEO, Daniel Riedel, said, “We’re proud to continue collaborating with OASIS as both a sponsor and contributor to the OASIS CTI Technical Committee. New Context is committed to the advancement of threat intel because we’re convinced that an open, vendor-neutral standard for driving interoperable machine-driven mitigation and incident response protects our data. Standards are an important part of the New Context Design Principles and to answering future challenges of the cyber threat landscape.”

ThreatQuotient Co-Founder and CTO, Ryan Trost, said, “ThreatQuotient is committed to advancing the state of security operations by enabling greater collaboration across an organization, and by upholding the standards and integrations that are key elements of a strong security program. We look forward to this opportunity to demo the ThreatQ threat intelligence platform with partners of OASIS at RSA, and continuing to play a role in helping organizations get more out of cyber threat intelligence.”

TruSTAR Co-Founder & CEO, Paul Kurtz, said: “Too often security and risk teams silo event data into multiple categories like fraud, phishing, malware, DDoS, insider threats, and physical breaches. At TruSTAR we believe companies must take a unified approach to security operations. Interoperable ingest tools championed by OASIS help TruSTAR customers leverage multiple intelligence sources and enrich them with their own event data.”

About OASIS

OASIS is a nonprofit, international consortium that drives the development, convergence, and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for key management, cryptography, cybersecurity, privacy, cloud computing, IoT, and other areas. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 65+ countries.

Press contact:

communications @oasis-open.org

Latest Advances in OASIS KMIP and PKCS #11 Encryption and Cryptographic Standards Demonstrated by 10 Companies at RSA Conference 2018

16 April 2018 — At the RSA Conference 2018, members of the OASIS international consortium collaborate to demonstrate their support for new features in two of the industry’s most widely-adopted security standards, the Key Management Interoperability Protocol (KMIP) Standard and the Public-Key Cryptography (PKCS) #11 Standard. The demos are being held from 16-19 April, in Booth 1601.

“As the need to encrypt data within the enterprise continues to grow, especially in the face of GDPR and mandatory data breach notice compliance, so too does the need to manage the keys, certificates, and security-relevant information. It is this need that drives the continual evolution of the standards that enable secure and seamless integration of critical cybersecurity tools into the enterprise,” said Tony Cox of Cryptsoft, co-chair of the OASIS KMIP and PKCS#11 Technical Committees and Lead for both the KMIP and PKCS11 Interop events. “The demonstration of both the KMIP and PKCS#11standards provides booth attendees with a clear view of how mainstream products are implementing conformant solutions and showing live interaction between vendor solutions.”

KMIP Demonstration

Nine companies are demonstrating the KMIP v2.0 working draft and/or v1.4 current standard. The demo includes interchange of security objects as well as provision of encryption keys and cryptographic services across a common interface. OASIS KMIP Technical Committee members, Cryptsoft, Fornetix, IBM Security, Kryptus, Micro Focus, P6R, Quintessence Labs, Thales eSecurity, and Unbound Tech, are participating. Their implementations demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between vendor systems. RSA booth visitors witness live demonstrations of interoperable encryption key and security object management inter-change between every member.

PKCS#11 Showcase

The PKCS#11 3.0 working draft and the PKCS#11 v2.40-errata-01 current standard are being demonstrated by Cryptsoft, Fornetix, Quintessence Labs, and Utimaco. Each company showcases their implementation or use of the specification including generating, finding and using cryptographic objects with combinations of one or more symmetric keys, asymmetric keys, or certificates. RSA booth visitors view standalone demonstrations of key and certificate usage within each of the implementations on display.

Support for KMIP and PKCS #11

Cryptsoft CTO, Tim Hudson, said, “Interoperability between key management, hardware security, and encryption systems is no longer ‘nice-to-have’ but essential. The OASIS KMIP and PKCS #11 standards provide mechanisms to address the fundamental interoperability requirement enabling migration from single point ad-hoc products to full enterprise security solutions. As a major OEM technology supplier, supplying OASIS conformant solutions ensures interoperability is a reality for our customers.”

Fornetix CTO, Chuck White, said, “The Fornetix Team is both proud and thankful for the opportunity to participate in OASIS and this year’s KMIP Interop and PKCS11 Showcase. With KMIP, PKCS11 and now OpenC2, OASIS continues to provide a path forward; supporting standards that bring order to the chaos of evolving technology and markets. Our customers need technology that is interoperable – our support and participation in OASIS demonstrate our commitment to deliver standards-based security to those who need it.”

IBM Security WW Offering Manager, Encryption and Key Management, Rick Robinson, said, “IBM is pleased to participate again with other OASIS members at RSA for KMIP-interoperability. Each year we work together as an industry to provide better and more secure key management with greater interoperability amongst all of our products and services. This is not only good for the standard, but it great for our customers who deserve secure, dynamic, and flexible solutions to meet their growing encryption and key management needs.”

KRYPTUS CEO, Roberto Gallo, Ph.D., said, “KRYPTUS has been offering Cryptographic Hardware solutions and Cyber Security services since 2003, enabling causes and missions that seek the greater good. Our mission is to provide our customers a secure environment for their operations, keeping them always one step ahead of opponents and threats. For us, security is more than protecting, it is also enabling the new.”

P6R CEO, Jim Susoy, said, “As encryption and key management have become commonplace in technology, the importance of interoperable vendor neutral APIs and protocols becomes critical. As a major technology provider, P6R provides conformant KMIP client and server SDKs, KMIP to PKC#11 gateways and PKCS#11 client toolkits. Participating in the OASIS Interop is a great way to help ensure that our solutions are interoperable.”

QuintessenceLabs CTO, John Leiseboer, said, “QuintessenceLabs has been involved with OASIS and the KMIP Technical Committee since the beginning, and we pride ourselves on making sure each of our products is compliant via rigorous testing. Interoperability greatly benefits our customers and empowers them in controlling their organization’s security.”

Thales eSecurity CTO, Jon Geater, said, “From cloud computing to mobile devices, digital payments, and emerging IoT applications, cryptography is playing an increasingly large role, not only in ensuring data is secure, but also available when needed. As a provider of encryption and key management systems and an originating author of the KMIP specification, Thales is a strong supporter of KMIP to enable enterprises to join the digital world in safety.”

Unbound Tech VP of Products, Oz Mishli, said, “KMIP has made impressive strides in encrypted key management and with the accelerating use of cloud-based systems, it’s critical to protect data at every stage. At RSA Conference, as an active partner of the OASIS KMIP Technical Committee, we’re eager to demonstrate the gravity of KMIP’s contributions to cryptographic key management environments such as cost reduction and improved interoperability. We look forward to continuing to help shape the standards that will facilitate interoperation between vendors.”

About OASIS:
OASIS is a nonprofit, international consortium that drives the development, convergence, and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for key management, cryptography, cybersecurity, privacy, cloud computing, IoT, and other areas. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 65+ countries.

Press contact:

communications@oasis-open.org

The #DocBook Schema Version 5.0 Errata 01 approved and published

OASIS is pleased to announce that The DocBook Schema Version 5.0 Errata 01 from the OASIS DocBook TC [1] has been approved as an OASIS Approved Errata.

The Errata documents an update to the Schematron syntax that had caused the DocBook 5.0 RelaxNG schema to fail to parse properly with updated Schematron validators.

The prose specifications and related files are available here:

The DocBook Schema Version 5.0 Errata 01
OASIS Approved Errata
29 March 2018

Editable source (Authoritative):
http://docs.oasis-open.org/docbook/specs/docbook-5.0-spec-errata01-os.docx

HTML:
http://docs.oasis-open.org/docbook/specs/docbook-5.0-spec-errata01-os.html

PDF:
http://docs.oasis-open.org/docbook/specs/docbook-5.0-spec-errata01-os.pdf

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open.org/docbook/specs/docbook-5.0-spec-errata01-os.zip

Members of the DocBook TC [1] approved this specification by Full Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS DocBook TC
https://www.oasis-open.org/committees/docbook/

[2] Public reviews:

* 15-day public review, 21 February 2018:
https://lists.oasis-open.org/archives/members/201802/msg00006.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3187

Universal Business Language V2.2 from the #UBL TC is now an OASIS Committee Specification

OASIS is pleased to announce that Universal Business Language Version 2.2 from the OASIS Universal Business Language TC [1] has been approved as an OASIS Committee Specification.

The Universal Business Language (UBL) is an open library of standard electronic XML business documents for procurement and transportation such as purchase orders, invoices, transport logistics and waybills. It is designed to operate within a standard business framework such as ISO/IEC 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes.

Version 2.2 is completely backward-compatible with UBL 2.0. UBL is freely available to everyone without legal encumbrance or licensing fees.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The prose specifications and related files are available here:

Universal Business Language Version 2.2
Committee Specification 01
22 March 2018

Editable source (Authoritative):
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/UBL-2.2.xml

HTML:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/UBL-2.2.html

PDF:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/UBL-2.2.pdf

Code lists for constraint validation:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/cl/

Context/value Association files for constraint validation:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/cva/

Document models of information bundles:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/mod/

Default validation test environment:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/val/

XML examples:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/xml/

Annotated XSD schemas:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/xsd/

Runtime XSD schemas:
http://docs.oasis-open.org/ubl/cs01-UBL-2.2/xsdrt/

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open.org/ubl/cs01-UBL-2.2/UBL-2.2.zip

Members of the UBL TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Universal Business Language TC
https://www.oasis-open.org/committees/ubl/

[2] Public reviews:

– 45-day public review, 01 February 2017:
https://lists.oasis-open.org/archives/members/201701/msg00002.html
– Comment resolution log:
http://docs.oasis-open.org/ubl/csprd01-UBL-2.2/csprd01-UBL-2.2-comment-resolution-log.ods

– 30-day public review, 08 November 2017:
https://lists.oasis-open.org/archives/members/201711/msg00000.html
– Comment resolution log:
http://docs.oasis-open.org/ubl/csprd02-UBL-2.2/UBL-2.2-csprd02-comment-resolution-log.ods

– 15-day public review, 28 February 2018:
https://lists.oasis-open.org/archives/members/201802/msg00008.html
– Comment resolution log:
http://docs.oasis-open.org/ubl/csprd03-UBL-2.2/UBL-2.2-csprd03-comment-resolution-log.txt

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3183

CyberNB Special Operating Agency of ONB

No results with the selected filters