OASIS to Define XML Standard for Secure Electronic Business

Consortium Forms XML-Based Security Services Technical Committee

Washington, DC; December 6, 2000 — OASIS, the interoperability consortium, today announced that it has begun development of XML standards for security information and services on the Internet. The newly formed OASIS XML-Based Security Services Technical Committee (TC) will define a common language for sharing security information about transactions and end users between companies engaged in online B2B and B2B2C commerce. “Currently, it is difficult to ensure the absolute security of Internet transactions across companies. Businesses need a universal method to assure only users with proper authorization access and execute transactions,” explained Karl Best, director of technical operations at OASIS. “OASIS has taken on this development effort to produce a standard, open framework that will enable secure interoperability across company boundaries and heterogeneous platforms.” Christian Byrnes, vice president of security strategy at META Group, said, “Almost all e-commerce involves multiple business partners at some level. The lack of security standards has resulted in difficult, complex, and insecure implementations. A successful standard for integrating security across business partners will make e-commerce faster and less expensive to deploy and more secure at the same time.” The OASIS XML-Based Security Services TC initially plans to base its work on the Security Services Markup Language (S2ML), a joint development effort of Art Technology Group, Bowstreet, Commerce One, Jamcracker, Netegrity, Oracle, PricewaterhouseCoopers, Sun Microsystems, VeriSign, TIBCO and webMethods. “We chose to develop XML security specifications within the OASIS, because we wanted to ensure that S2ML became an open industry standard in order to universally solve the problem of securing inter-site business transactions,” said Marc Chanliau of Netegrity, chair of the OASIS XML-Based Security Services TC. “Security is an issue that affects every business engaged in electronic commerce,” noted Norbert Mikula of DataChannel, chair of the technical advisory committee and member of the OASIS Board of Directors. “We encourage all organizations and individuals interested in security issues to participate in this OASIS development.” About OASIS OASIS (http://www.oasis-open.org) is the international, not-for-profit consortium that advances electronic business by promoting open, collaborative development of interoperability specifications. With the United Nations, OASIS sponsors ebXML, a global framework for electronic business data exchange. OASIS operates XML.ORG, the non-commercial portal that delivers information on the use of XML in industry. The XML.ORG Registry provides as an open community clearinghouse for distributing and locating XML application schemas, vocabularies and related documents. OASIS serves as the home for industry groups interested in developing XML specifications. OASIS technical work embraces conformance, repositories and other interoperability issues. OASIS sponsors include Adobe Systems, Aerospatiale, AND Data Solutions, Arbortext, B-Bop Associates, BEA Systems, Bentley Systems, Boeing, Bowstreet, Bridge, Chrystal Software, Cohesia, Commerce One, DataChannel, Dataloom, Defense Information Services Agency, Deutsche Post AG, Documentum, EADS Matra, eCredit.com, empolis, Enigma, Excelergy, eXcelon, Extensibility, Extricity Software, First Call, IBM, Informix, Infoteria, Interwoven, IPNet Solutions, ISOGEN, ITEDO, Jamcracker, JetForm, Keyfile, Logistics Management Institute, Mediaplex, Mercator Software, Micrografx, Microsoft, Netegrity, Netfish, NextPage, NII Enterprise Promotion Association, Nimble Technology, NIST, ObjectSpace, Pick Systems, Pearson Education, Popkin Software, ProNet Technology, Reuters, Sabre, SAP, Sequoia Software, SoftQuad, Software AG, StreamServe, Sun Microsystems, Thomas Technology Solutions, TIBCO, Virtual Access Networks, Visa, Wavo, webMethods, Whitehill Technologies, Xerox, XML Global, XMLSolutions and XyEnterprise. For more information: Carol Geyer Director of Communications OASIS carol.geyer@oasis-open.org Voice: +1 978.667.5115 x209 ###