OASIS to Define XML Standard for Secure Electronic Business

[Carol Geyer <carol.geyer@oasis-open.org>]

OASIS to Define XML Standard for Secure Electronic Business

Consortium Forms XML-Based Security Services Technical Committee

Washington, DC; December 6, 2000 — OASIS, the interoperability consortium,
today announced that it has begun development of XML standards for security
information and services on the Internet. The newly formed OASIS XML-Based
Security Services Technical Committee (TC) will define a common language for
sharing security information about transactions and end users between
companies engaged in online B2B and B2B2C commerce.

“Currently, it is difficult to ensure the absolute security of Internet
transactions across companies. Businesses need a universal method to assure
only users with proper authorization access and execute transactions,”
explained Karl Best, director of technical operations at OASIS. “OASIS has
taken on this development effort to produce a standard, open framework that
will enable secure interoperability across company boundaries and
heterogeneous platforms.”

Christian Byrnes, vice president of security strategy at META Group, said,
"Almost all
e-commerce involves multiple business partners at some level. The lack of
security standards has resulted in difficult, complex, and insecure
implementations. A successful standard for integrating security across
business partners will make e-commerce faster and less expensive to deploy
and more secure at the same time."

The OASIS XML-Based Security Services TC initially plans to base its work on
the Security Services Markup Language (S2ML), a joint development effort of
Art Technology Group, Bowstreet, Commerce One, Jamcracker, Netegrity,
Oracle, PricewaterhouseCoopers, Sun Microsystems, VeriSign, TIBCO and
webMethods.

“We chose to develop XML security specifications within the OASIS, because
we wanted to ensure that S2ML became an open industry standard in order to
universally solve the problem of securing inter-site business transactions,”
said Marc Chanliau of Netegrity, chair of the OASIS XML-Based Security
Services TC.

“Security is an issue that affects every business engaged in electronic
commerce,” noted Norbert Mikula of DataChannel, chair of the technical
advisory committee and member of the OASIS Board of Directors. “We encourage
all organizations and individuals interested in security issues to
participate in this OASIS development.”

About OASIS
OASIS (http://www.oasis-open.org) is the international, not-for-profit
consortium that advances electronic business by promoting open,
collaborative development of interoperability specifications. With the
United Nations, OASIS sponsors ebXML, a global framework for electronic
business data exchange. OASIS operates XML.ORG, the non-commercial portal
that delivers information on the use of XML in industry. The XML.ORG
Registry provides as an open community clearinghouse for distributing and
locating XML application schemas, vocabularies and related documents. OASIS
serves as the home for industry groups and organizations interested in
developing XML specifications. OASIS technical work embraces conformance,
repositories and other interoperability issues.

OASIS sponsors include Adobe Systems, Aerospatiale, AND Data Solutions,
Arbortext, B-Bop Associates, BEA Systems, Bentley Systems, Boeing,
Bowstreet, Bridge, Chrystal Software, Cohesia, Commerce One, DataChannel,
Dataloom, Defense Information Services Agency, Deutsche Post AG, Documentum,
EADS Matra, eCredit.com, empolis, Enigma, Excelergy, eXcelon, Extensibility,
Extricity Software, First Call, IBM, Informix, Infoteria, Interwoven, IPNet
Solutions, ISOGEN, ITEDO, Jamcracker, JetForm, Keyfile, Logistics Management
Institute, Mediaplex, Mercator Software, Micrografx, Microsoft, Netegrity,
Netfish, NextPage, NII Enterprise Promotion Association, Nimble Technology,
NIST, ObjectSpace, Pick Systems, Pearson Education, Popkin Software, ProNet
Technology, Reuters, Sabre, SAP, Sequoia Software, SoftQuad, Software AG,
StreamServe, Sun Microsystems, Thomas Technology Solutions, TIBCO, Virtual
Access Networks, Visa, Wavo, webMethods, Whitehill Technologies, Xerox, XML
Global, XMLSolutions and XyEnterprise.

For more information:
Carol Geyer
Director of Communications
OASIS
carol.geyer@oasis-open.org
Voice: +1.412.963.1479