[June 30, 2003] "Sun Drives New Security Offering." By Dennis Fisher. In eWEEK (June 30, 2003). "Sun Microsystems Inc. and PeopleSoft Inc. are set to announce a new identity management solution that will tie human resources and other back-office systems into the IT security infrastructure. The goal: to help enterprises cut costs and maintain tighter control over who accesses their networks. The joint offering will be a standards-based solution built on Sun ONE Identity Server and use PeopleSoft's broad portfolio of products in the HR and human capital management categories. The goal is to automate and streamline the process of establishing accounts for new employees and deleting them for people leaving the company -- all the while ensuring that each person has access only to the resources to which he or she is entitled. Sun and PeopleSoft are not alone in spotting this opportunity. A smaller security vendor, M-Tech Information Technologies Inc., this week will introduce a new version of its ID-Synch software, which performs many of the same functions and includes support for a broad range of platforms and authentication methods. Version 2.0 of ID-Synch has many new features, which should enable it to compete head-on with the Sun-PeopleSoft offering, which will be announced July 9, 2003. Sun and PeopleSoft are also bringing Waveset Technologies Inc. into the fold as part of their solution. Waveset, based in Austin, Texas, will provide the core provisioning and identity management technologies that will be under the covers of the solution... M-Tech, based in Calgary, Alberta, has added a number of new capabilities to ID-Synch. The biggest addition is the automated access management feature. This enables the software to monitor a system of record, such as PeopleSoft, and look for changes in the database. For example, if an employee in the accounts payable department transfers to accounts receivable, ID-Synch will see that change in the system and automatically revoke or grant access to various applications and systems based on the user's new role. These changes are handled by an authorization workflow that then passes the requests to the system's proprietary fulfillment engine. The engine supports both SOAP (Simple Object Access Protocol) and XML and is set up as a Web service to execute the changes and adjustments that have been authorized. ID-Synch 2.0 also includes a delegated management mode -- in addition to support for centralized management -- that enables departmental or regional administrators to manage local users..." See also the M-Tech announcement: "M-Tech Announces Availability of ID-Synch v2.0. Industry's Most Flexible Access Management Solution Delivers Broadest Functionality."
[June 17, 2003] "Automating Interoperability Testing." By Demir Barlas. In Line56 E-Business News (June 17, 2003). "The Drummond Group, a company that specializes in offering interoperability testing for various integration and document exchange software vendors, has debuted a testing product called InSitu designed to make that testing easier. [Drummond is] making life easier for e-business software vendors who want to conform to AS2 testing... The problem the Drummond Group addresses is simple: When a supplier involved in the supply chain of a large, important partner (say, Wal-Mart's suppliers) is directed to use EDI-INT AS2 (a current standard for Internet-based electronic data interchange) or ebXML, they have to make certain that they chose a vendor whose product is interoperable with the partner's technology stack and perhaps with other products in the supply chain. However, suppliers don't have to bother with the testing, as their partners, software vendors, and standards bodies conduct interoperability tests. InSitu is designed for the use of vendors -- so far including bTrade, Inc., Cleo Communications, Cyclone Commerce, Hewlett-Packard and IPNet Solutions, Inc -- who want to be ready for the next round of AS2 interoperability testing as sponsored by the Uniform Code Council and the HIPAA Conformance Certification Organization... Versions of InSitu for AS2 have been beta tested while tests for ebXML Messaging are in the works..." Note: according to the company announcement, Drummond Group Inc. "expects the InSitu interoperability system will reduce the software testing companies' internal costs to approximately one-tenth of what it was before automation. 'As a major endeavor for DGI, InSitu will have a positive impact on industries supporting B2B commerce,' said Rik Drummond, DGI's chief executive officer and chief scientist. 'A remarkable number of software products and services are asking for certification, and this cutting-edge technology will allow numerous products, services and time zones to be interoperable. InSitu revolutionizes the process as it accelerates further adoption of new technical standards to support an interoperable global marketplace.' InSitu technology introduces a new level of flexibility in interoperability testing. With less time and staffing needed for testing, InSitu technology automatically reacts to test commands defined for each scenario..." See details in "Drummond Group Unveils InSitu, the First Automated Interoperability System for Global Testing Support. InSitu Designed to Decrease Testing Hours, Related Costs for Software Testing."
[June 04, 2003] "Microsoft Schedules Project Update." By David Becker. In CNET News.com (June 04, 2003). "Microsoft hopes to make project management a substantial part of office routines with a new version of software that it announced Wednesday. Microsoft Office Project 2003 can be used with other applications in the upcoming version of the company's market-leading Office productivity package, making it easier for office workers and managers to keep track of large-scale projects, said Giovanni Mezgec, group product manager at Microsoft. The new application is Microsoft's entry into the developing market for project management software, which managers use to herd assignments involving multiple stages and co-workers. Typical tasks for such software include reminding workers when a certain piece is due and compiling time-line and budget estimates based on the complexity of the effort. Microsoft Project started out as a desktop-only application, but the company expanded its reach last year with a server version that gives workers more options for communicating with each other... Project 2003, like the main Office 2003 applications it will link with, will allow workers to output data in Extensible Markup Language (XML), the rapidly spreading standard for exchanging data between disparate computing systems. Outputting in XML means data in a Project database can be shared by other applications, such as software for tracking corporate expenses, Mezgec said. 'The idea is to make it easier for a broader number of people in an enterprise to work with Project-related information,' he said..." See the Project Standard 2003 Overview and the Project 2003 Frequently Asked Questions.
[June 03, 2003] "E-services: Fulfilling the Web Services Promise." By Heather Kreger (Web Services Lead Architect, IBM Emerging Technologies, IBM Software Solutions Division, Research Triangle Park, NC, USA). In Communications of the ACM (CACM) Volume 46, Number 6 (June 2003), pages 29-34. With 12 references and sidebar "What Are Web Services," by Christopher Ferris and Joel Farrell. "This article reviews the set of technologies necessary for Web services, looks at where they are being specified and standardized, and identifies the current technical challenges the Web services community is attacking. It concludes with recommendations for the use of Web services today and suggestions that prepare for Web services tomorrow. We can represent the technologies that must be standardized in order to implement the Web services-oriented architecture in the conceptual Web services stack... the three sections of the stack are corollaries to the roles in the Web services-oriented architecture: interact, description, and discovery agency. At the base is the wire section that captures the technologies required to transport messages from a service requester over the network to the service provider. The transport layer addresses network connectivity via the ubiquitous TCP-IP base. The packaging layer defines how the payload is encoded in the message to be transported. The extensions layer defines the extensible set of features expressed as headers on the message. These layers must support the XML information set (infoset). SOAP and HTTP are the most widely supported standards for these layers, but other bindings are possible. The technology choice for this section will determine the potential client base for a service. The next layer to be standardized is the description layer. All type descriptions are specified and expressed using the XML Schema language. The interface and implementation description define the mechanics of interacting with a Web service, which includes the operations and messages supported, how to serialize those messages onto the wire, and where to send the messages. A policy description layer will be used to describe service-specific information beyond mechanics, such as owning business, taxonomy, security requirements, timeouts, costs, and quality of service parameters. The presentation layer describes how a user interface is generated for this service. These four layers fully describe a service. The next two layers describe relationships and interactions between services. Related services may be expressed in the composition layer. This layer includes groupings, containment, dependencies, and parent-child relationships. The orchestration layer encompasses ordering of operations, choreography, workflows, and business processes. The final two layers describe agreements between the service requestor and provider. The service-level agreement layer defines the specific performance, usage, costs, metrics, and thresholds to which a service is expected to adhere. The business-level agreement layer describes a contractual agreement between the two business partners who will be transacting business using Web services. Discovery agencies, the next section of the stack, encompass the technologies that enable service descriptions to be published, support the discovery of service descriptions, and provide inspection of sites for the descriptions of hosted services. Publish is very loosely defined as any means to make a service description available to a requester -- from email to registries. Discovery is defined just as loosely, ranging from accessing a description in a file system to sophisticated searches of service registries at either development or runtime... The vision of fully dynamic, ad hoc business partnerships is not yet viable for a number of reasons. First, the infrastructure standards outlined here must be finished, productized, and widely deployed. Second, industry standard Web services interfaces, or portTypes, must be defined for the various aspects of business-to-business relationships. Finally, XML languages that can describe legally binding business and service-level agreements must be defined and standardized. This is more than a technical challenge; it may be a cultural challenge as well because business relationships often span legal, cultural, language, and national boundaries. Of the infrastructure standards that must be completed, the most important set is security. Currently four of the six specifications in the Web Services Security Roadmap are available along with sample implementations... current products and implementations may need to evolve as the industry comes to agreement on the final standards. Even so, it is now safe to use Web services for integration projects, since most development and middleware products will shield customer implementations from specification changes..." [sub URL] 2b1af7f3a8