AuthXML Working Group Submits AuthXML Specification to OASIS XML Security Services Technical Committee.Business Editors SAN FRANCISCO--(BUSINESS WIRE)--Feb. 12, 2001 Major Initiative Aims To Merge Related XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. Security Standards Within OASIS The AuthXML Working Group today announced that it has submitted the AuthXML specification to the OASIS XML Security Services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the Technical Committee to advance the creation of a unified security interoperability standard based on XML. AuthXML will be considered along with other initiatives, including S2ML S2ML Security Services Markup Language , to establish a standardized XML framework XML framework is a Software framework. Basically the framework implement several features to aid the programmer create your own application, but a XML framework differs from another framework because all data produced is XML. for exchanging authentication and authorization information across disparate Web technologies, applications and platforms. "A standardized approach According to International Convergence of Capital Measurement and Capital Standards, known as Basel II, the standardized approach is a set of risk measurement techniques for banking institutions. The term may be used in the context of credit risk or operational risk. for communicating Web session security data across multi-vendor systems is required to enable seamless e-commerce transactions," said Tony Bailey, Director of industry analyst firm Enterprise Management Associates (www.enterprisemanagement.com). "By submitting an advanced stage and well defined specification like AuthXML to the OASIS XML Security Services Technical Committee, the AuthXML Working Group is making a significant development contribution toward the creation of an industry standard solution to the multi-site Web security problem." AuthXML addresses critical security interoperability issues that are limiting the ability of the Internet to support secure electronic transactions that span multiple Web sites and organizations. With each organization conducting business on the Web using separate systems for performing user authentication See authentication. and authorization, exchanging security data between trading partners, affiliated organizations, and between businesses and consumers, is impossible. AuthXML defines a standard method for presenting and maintaining security details as a user or session traverses linked Web sites that are based on proprietary technologies. "OASIS is pleased to see the submission of AuthXML to the OASIS XML Security Services Technical Committee and the active participation of its developers in the committee work," said Karl Best Karl Best was born on Friday, March 6, 1959, in Aberdeen, Washington. Best was 24 years old when he broke into the big leagues on August 19, 1983, with the Seattle Mariners. Best played for the Mariners from 1983 until 1986 wearing uniform # 39. , director of technical operations for OASIS. "Developing this work under the auspices of OASIS brings diverse organizations together to pursue a common goal." The AuthXML Working Group is comprised of over 45 active contributors, and its AuthXML specification has been reviewed by more than 225 organizations. Through a broad collaborative effort, the AuthXML specification has evolved rapidly. This advanced level of development will allow AuthXML to make a significant contribution and become even more refined within the auspices of the OASIS XML Security Services Technical Committee. "The goal all along with AuthXML has been an open standard for multi-vendor interoperability," said Eric Olden old·en adj. Of, relating to, or belonging to time long past; old or ancient: olden days. [Middle English : old, old; see old + -en, adj. , Chief Technology Officer of Securant Technologies and a co-author of the original AuthXML specification. "By bringing AuthXML into OASIS, the AuthXML Working Group hopes to achieve a unified standard that moves the market forward and enables seamless single sign-on An identification system that lets users log into multiple Web sites on the Internet with one username and password. Single sign-on systems are also used within an enterprise, enabling users to access all authorized resources in the local network using the same username and password. and secure distributed transactions across multiple Web sites." The XML Security Services Technical Committee plans to publish draft specifications by June 2001, and to submit a formal specification to the OASIS membership by September 2001. About the AuthXML Working Group AuthXML is a vendor-neutral specification that enables the integration of proprietary Web security, network security, B2B (Business to Business) Refers to one business communicating with or selling to another. See B2B e-commerce, B2C and B2G. B2B - business to business infrastructures and applications with individual Internet-based user sessions A count of how many times all users access a Web site regardless whether the same person came back several times during the measurement period. If a user leaves and returns within a short time, some systems count those sessions as one. Contrast with unique visitors. See also user session. and transactions. The specification derives its name from the fact that it uses XML and links the two primary components of Web transaction security: Authentication and Authorization. AuthXML is designed to enable the seamless flow of Web-based transactions between trading partner sites that may be using different security systems, and within a given site that may be deploying multiple applications that require integrated security. The goal of the AuthXML Working Group is to achieve a universally accepted standard that uses XML technology to enable authentication and authorization functions to be performed across and interoperate with multi-vendor Web security systems, packaged and custom Web applications, and network level security systems. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion