- Email: [email protected]
The standards process
Computer Standards & Interfaces 22 Ž2000. 1–3 www.elsevier.comrlocatercsi
Editorial
The standards process
There is no chance that you would ever find a standard that stays valid forever without being changed. Even ethical standards underlie alterations. But the velocity and complexity of the changes is significantly different from the dynamics of technical standards. Ethical rules came into being over centuries Žbut their velocity of variation is accelerating!.. Technical standards often show immanent mechanisms of rapidity for change Že.g. version 5.09 issued only four weeks after v. 5.08., or their lifecycle is depending on technological progress or the fancy of designers. Such a standards process, creating, e.g. a 480-page draft standard published after version 5.09, is sometimes initiated before products are on the market, for instance, to create a need for products Žand hopefully find a laboratory able to test the conformity of these products to the new standard.. Another realistic scenario is the creation of a written standard document for a product that dominates the market and has arrived at the status as a ‘‘standard’’ instrument or something like a standard behaviour. Not seldom the process appropriate to this standard is arriving to become obsolete before a final document could be published. Fortunately, it is not in all cases such a kind of confounded mechanism when developing IT standards. But for sure, accepted standards will change, and ‘‘the tools used to track changes in the standards that will influence their use and adoption in organisations’’ are of utmost importance. In the first paper of the first 2000 issue of Computer Standards and Interfaces, Andy Sloane of the Wolverhampton University ‘‘has looked at the way in which standards change and at the tools for tracking those changes and using the information generated to assist deci-
sions before implementation’’. The author outlines a model, describes tools, and gives a set of guidelines for the implementation of these tools in a real situation. By the way, and as mentioned above, this issue is the first of the year 2000, which is the very last year of the last century in the second millennium! Following the accepted standards and counting after the well-known decimal rules, the third millennium will start on 1 January 2001. But nevertheless, I hope for all readers, colleagues, journal producers and friends that the so-called millennium change created pleasure and was the start of a prosperous, hale and hearty year. In any case, this New Year and the near future will, for all of us, be influenced to a large extent by the explosive Internet developments. Developments of all those applications include, e.g. home banking, electronic commerce, interactive multimedia services, distribution and consumption of TV and audio products Že.g. the rapid development and market acceptance of MP3 players.. An authors’ group of the Athens University ŽAngelos Michalas, Voula Zoi, Nikolaos Sotiropoulos, Nikolas Mitrou, Vassili Loumos and Eleftherios Kayafas. describes in the second paper a complete scenario to allow ‘‘a comparison of multimedia application development platforms towards the Object Web’’. The authors start from the statement that ‘‘today the Internet provides new ways of communication with customers, especially the World Wide Web is becoming the basic platform for building commercial transactions’’. To get a unified interface for Internet faxing systems is one aim of a Singapore Nanyang University research group consisting of S.C. Hui, C.K. Yeo
0920-5489r00r$ - see front matter q 2000 Elsevier Science B.V. All rights reserved. PII: S 0 9 2 0 - 5 4 8 9 Ž 0 0 . 0 0 0 3 4 - 9
2
Editorial
and L.S.K. Chong. The authors declare: ‘‘The increasing coverage of the Internet and its prevalence has prompted its use far beyond the original applications of file transfers and electronic mail. In fact, its international connectivity and growing throughput rates have made it a suitable alternative vehicle for cheap and reliable communications’’. And ‘‘The Internet has initiated a new generation of communication tools. Internet mail-to-fax, in particular, allows emails to be sent to fax machines using Simple Mail Transfer Protocol ŽSMTP.’’. The work presented in this paper has provided some important considerations towards the development of a standard for delivering mail-to-fax service over the Internet. Home banking, electronic commerce, information provision, etc., by use of the Internet needs access control, a public-key infrastructure, etc. The goal of access control is to counter the threat of unauthorized operations involving computer or communication systems. The authors from the Taiwanese National Chiao-Tung University ŽJing-Jang Hwang, Kou-Chen Wu, Duen-Ren Liu. have started from these facts to develop a study about Access control with Role Attribute Certificates, and they describe the generation, management, and use of role attribute certificates with Role-Based Access Control ŽRBAC.. Two more papers complete this issue. One is from Monika Kapus-Kolar of the Slovenian Jozef Stefan Institute in Ljubljana, which deals with Restoring the concept of observability in E-LOTOS and proposes a simple semantic enhancement to E-LOTOS. Last, but not the least, is a paper from the Politecnico di Torino by Gianluca Cena and Adriano Valenzano, which provides a contribution for new efficient communication services for ISO 11898 networks. These are fieldbus networks that have also been designed to fulfil the needs connected with real-time applications. A modification of the basic ISO 11898 protocol is described to support some new transmission services. Acronyms used in this issue ACDF ACK ADO AED API
Access Control Decision Function Acknowledge ActiveX Data Objects Address Embedded Destination Application Program Interface
AS ASN.1 ASP CA CAL CAN CFS CGI CiA CNC CORBA CRC CRL CSMArCD DAC DAS DOM DSID DTD EN 50170r2 EN 50170r3 EN 50254 EN EOF FIP FPKI GIF HTML HTTP ICT IDD IDL IEC 61158 IEC 61491
IIOP
Authentication Server Abstract Syntax Notation One ŽISO 8824, ISO 8825. Microsoft’s Active Server Pages Certification Authority CAN Application Layer Controller Area Network Žfieldbus specification. Central Fax Service Common Gateway Interface CAN in Automation, international users and manufacturers group Computer Numeric Control JavarCommon Object Request Broker Architecture Cyclic redundancy check Certificate Revocation List Carrier Sense Multiple Access with Collision Detection Discretionary Access Control Dataset active scheduler Document Object Model ŽW3C. Dataset identifier Document Type Definitions ŽXML. Profibus standard, 1996 FIP standard, 1996 Interbus-S, 1998 European Norm End of file Factory Instrumentation Protocol Federal Public-key Infrastructure Graphics Interchange Format Hypertext Markup Language Hypertext Transfer Protocol Information and Communication Technology International Direct Dialing number Interface Definition Language ŽCORBA. Fieldbus for use in industrial control systems, 1993 Sercos ŽSerial data link for realtime communication between controls and drives., 1995 Internet Interoperable Object Request Broker Protocol
Editorial
IMT
Information Management and Technology IrO InputrOutput IPv6 Internet Protocol version 6 ISAPI Microsoft Internet Information Server API ISO 11898 CANbus standard, 1993 ISOrIEC 8802-3 CSMArCD standard ITU-T International Telecommunication Union — Telecommunication standardisation sector ITU-T T.4 Standardisation of Group 3 Fac simile Terminals for Document Transmission, 1996 ITU-T T.6 Facsimile Coding Schemes and Coding Control Functions for Group 4 Facsimile Apparatus, 1988 JDBC Java Database Connectivity ŽSQL. MAC Mandatory Access Control MAC Medium Access Control MIME Multipurpose Internet Mail Extensions MIP Maximum interruptible priority MRB Maximum remaining bytes NIST National Institute of Standards and Technology NOS Network Operating System NSAPI Netscape Server API ODBC Open Database Connectivity ORB Object Request Broker PA Permission Assignments to Roles PAC Privilege Attribute Certificate PAS Privilege Attribute Server PKI Public-key Infrastructure PLC Programmable Logic Control PS Postscript PSTN Public Switched Telephone Network RACA Role Attribute Certification Authority RBAC Role-Based Access Control RDBMS Relational Database Management System RFC Internet requests for comments RFC 821 Simple Mail Transfer Protocol RFC 822 Standard for the Format of ARPA Internet Text Messages
RFC 974 RFC 1521
RFC 1522 RFC 1883 RFC 1884 SACK SDL SED SESAME SGML SMTP T C P r IP TDMA TIFF UA URL W3C WWW XML X.400 X.509
X.812
3
Mail Routing and the Domain System MIME Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies MIME Part Two: Message Header Extensions for Non-ASCII Text IP version 6 Specification, 1999 IP Version 6 Addressing architecture, 1999 Slot acknowledgement Specification and Description Language Subject Embedded Destination Secure European System in a Multivendor Environment Standard Generalized Markup Language Simple Mail Transfer Protocol T ra n s m is s io n C o n tro l ProtocolrInternet Protocol Time division multiple access Tagged Image File Format User Assignments to Roles Universal Resource Locator World Wide Web Consortium World Wide Web Extensible Markup Language International standard for Message Handling Systems ITU-T Recommendation Information Technology — Open Systems Interconnection — The Directory: Authentication Framework, June 1997 ŽISOrIEC 9594-8. ITU-T Recommendation Information Technology — Open Systems Interconnection — Security Frameworks for Open Systems: Access Control Framework, 1995 ŽISOrIEC 10181-3.
Harald Schumny ŽEditor-in-Chief.
Editorial
The standards process
There is no chance that you would ever find a standard that stays valid forever without being changed. Even ethical standards underlie alterations. But the velocity and complexity of the changes is significantly different from the dynamics of technical standards. Ethical rules came into being over centuries Žbut their velocity of variation is accelerating!.. Technical standards often show immanent mechanisms of rapidity for change Že.g. version 5.09 issued only four weeks after v. 5.08., or their lifecycle is depending on technological progress or the fancy of designers. Such a standards process, creating, e.g. a 480-page draft standard published after version 5.09, is sometimes initiated before products are on the market, for instance, to create a need for products Žand hopefully find a laboratory able to test the conformity of these products to the new standard.. Another realistic scenario is the creation of a written standard document for a product that dominates the market and has arrived at the status as a ‘‘standard’’ instrument or something like a standard behaviour. Not seldom the process appropriate to this standard is arriving to become obsolete before a final document could be published. Fortunately, it is not in all cases such a kind of confounded mechanism when developing IT standards. But for sure, accepted standards will change, and ‘‘the tools used to track changes in the standards that will influence their use and adoption in organisations’’ are of utmost importance. In the first paper of the first 2000 issue of Computer Standards and Interfaces, Andy Sloane of the Wolverhampton University ‘‘has looked at the way in which standards change and at the tools for tracking those changes and using the information generated to assist deci-
sions before implementation’’. The author outlines a model, describes tools, and gives a set of guidelines for the implementation of these tools in a real situation. By the way, and as mentioned above, this issue is the first of the year 2000, which is the very last year of the last century in the second millennium! Following the accepted standards and counting after the well-known decimal rules, the third millennium will start on 1 January 2001. But nevertheless, I hope for all readers, colleagues, journal producers and friends that the so-called millennium change created pleasure and was the start of a prosperous, hale and hearty year. In any case, this New Year and the near future will, for all of us, be influenced to a large extent by the explosive Internet developments. Developments of all those applications include, e.g. home banking, electronic commerce, interactive multimedia services, distribution and consumption of TV and audio products Že.g. the rapid development and market acceptance of MP3 players.. An authors’ group of the Athens University ŽAngelos Michalas, Voula Zoi, Nikolaos Sotiropoulos, Nikolas Mitrou, Vassili Loumos and Eleftherios Kayafas. describes in the second paper a complete scenario to allow ‘‘a comparison of multimedia application development platforms towards the Object Web’’. The authors start from the statement that ‘‘today the Internet provides new ways of communication with customers, especially the World Wide Web is becoming the basic platform for building commercial transactions’’. To get a unified interface for Internet faxing systems is one aim of a Singapore Nanyang University research group consisting of S.C. Hui, C.K. Yeo
0920-5489r00r$ - see front matter q 2000 Elsevier Science B.V. All rights reserved. PII: S 0 9 2 0 - 5 4 8 9 Ž 0 0 . 0 0 0 3 4 - 9
2
Editorial
and L.S.K. Chong. The authors declare: ‘‘The increasing coverage of the Internet and its prevalence has prompted its use far beyond the original applications of file transfers and electronic mail. In fact, its international connectivity and growing throughput rates have made it a suitable alternative vehicle for cheap and reliable communications’’. And ‘‘The Internet has initiated a new generation of communication tools. Internet mail-to-fax, in particular, allows emails to be sent to fax machines using Simple Mail Transfer Protocol ŽSMTP.’’. The work presented in this paper has provided some important considerations towards the development of a standard for delivering mail-to-fax service over the Internet. Home banking, electronic commerce, information provision, etc., by use of the Internet needs access control, a public-key infrastructure, etc. The goal of access control is to counter the threat of unauthorized operations involving computer or communication systems. The authors from the Taiwanese National Chiao-Tung University ŽJing-Jang Hwang, Kou-Chen Wu, Duen-Ren Liu. have started from these facts to develop a study about Access control with Role Attribute Certificates, and they describe the generation, management, and use of role attribute certificates with Role-Based Access Control ŽRBAC.. Two more papers complete this issue. One is from Monika Kapus-Kolar of the Slovenian Jozef Stefan Institute in Ljubljana, which deals with Restoring the concept of observability in E-LOTOS and proposes a simple semantic enhancement to E-LOTOS. Last, but not the least, is a paper from the Politecnico di Torino by Gianluca Cena and Adriano Valenzano, which provides a contribution for new efficient communication services for ISO 11898 networks. These are fieldbus networks that have also been designed to fulfil the needs connected with real-time applications. A modification of the basic ISO 11898 protocol is described to support some new transmission services. Acronyms used in this issue ACDF ACK ADO AED API
Access Control Decision Function Acknowledge ActiveX Data Objects Address Embedded Destination Application Program Interface
AS ASN.1 ASP CA CAL CAN CFS CGI CiA CNC CORBA CRC CRL CSMArCD DAC DAS DOM DSID DTD EN 50170r2 EN 50170r3 EN 50254 EN EOF FIP FPKI GIF HTML HTTP ICT IDD IDL IEC 61158 IEC 61491
IIOP
Authentication Server Abstract Syntax Notation One ŽISO 8824, ISO 8825. Microsoft’s Active Server Pages Certification Authority CAN Application Layer Controller Area Network Žfieldbus specification. Central Fax Service Common Gateway Interface CAN in Automation, international users and manufacturers group Computer Numeric Control JavarCommon Object Request Broker Architecture Cyclic redundancy check Certificate Revocation List Carrier Sense Multiple Access with Collision Detection Discretionary Access Control Dataset active scheduler Document Object Model ŽW3C. Dataset identifier Document Type Definitions ŽXML. Profibus standard, 1996 FIP standard, 1996 Interbus-S, 1998 European Norm End of file Factory Instrumentation Protocol Federal Public-key Infrastructure Graphics Interchange Format Hypertext Markup Language Hypertext Transfer Protocol Information and Communication Technology International Direct Dialing number Interface Definition Language ŽCORBA. Fieldbus for use in industrial control systems, 1993 Sercos ŽSerial data link for realtime communication between controls and drives., 1995 Internet Interoperable Object Request Broker Protocol
Editorial
IMT
Information Management and Technology IrO InputrOutput IPv6 Internet Protocol version 6 ISAPI Microsoft Internet Information Server API ISO 11898 CANbus standard, 1993 ISOrIEC 8802-3 CSMArCD standard ITU-T International Telecommunication Union — Telecommunication standardisation sector ITU-T T.4 Standardisation of Group 3 Fac simile Terminals for Document Transmission, 1996 ITU-T T.6 Facsimile Coding Schemes and Coding Control Functions for Group 4 Facsimile Apparatus, 1988 JDBC Java Database Connectivity ŽSQL. MAC Mandatory Access Control MAC Medium Access Control MIME Multipurpose Internet Mail Extensions MIP Maximum interruptible priority MRB Maximum remaining bytes NIST National Institute of Standards and Technology NOS Network Operating System NSAPI Netscape Server API ODBC Open Database Connectivity ORB Object Request Broker PA Permission Assignments to Roles PAC Privilege Attribute Certificate PAS Privilege Attribute Server PKI Public-key Infrastructure PLC Programmable Logic Control PS Postscript PSTN Public Switched Telephone Network RACA Role Attribute Certification Authority RBAC Role-Based Access Control RDBMS Relational Database Management System RFC Internet requests for comments RFC 821 Simple Mail Transfer Protocol RFC 822 Standard for the Format of ARPA Internet Text Messages
RFC 974 RFC 1521
RFC 1522 RFC 1883 RFC 1884 SACK SDL SED SESAME SGML SMTP T C P r IP TDMA TIFF UA URL W3C WWW XML X.400 X.509
X.812
3
Mail Routing and the Domain System MIME Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies MIME Part Two: Message Header Extensions for Non-ASCII Text IP version 6 Specification, 1999 IP Version 6 Addressing architecture, 1999 Slot acknowledgement Specification and Description Language Subject Embedded Destination Secure European System in a Multivendor Environment Standard Generalized Markup Language Simple Mail Transfer Protocol T ra n s m is s io n C o n tro l ProtocolrInternet Protocol Time division multiple access Tagged Image File Format User Assignments to Roles Universal Resource Locator World Wide Web Consortium World Wide Web Extensible Markup Language International standard for Message Handling Systems ITU-T Recommendation Information Technology — Open Systems Interconnection — The Directory: Authentication Framework, June 1997 ŽISOrIEC 9594-8. ITU-T Recommendation Information Technology — Open Systems Interconnection — Security Frameworks for Open Systems: Access Control Framework, 1995 ŽISOrIEC 10181-3.
Harald Schumny ŽEditor-in-Chief.