OSLC Configuration Management v1.0 and OSLC Tracked Resource Set v3.0 OASIS Standards published

OASIS is pleased to announce the publication of its two newest OASIS Standards, approved by the members on 23 July 2023:

OSLC Configuration Management Version 1.0
OASIS Standard
23 July 2023

OSLC Configuration Management defines an RDF vocabulary and a set of REST APIs for managing versions and configurations of linked data resources from multiple domains.

OSLC Tracked Resource Set Version 3.0
OASIS Standard
23 July 2023

The Tracked Resource Set protocol allows a server to expose a set of resources in a way that allows clients to discover that set of resources, to track additions to and removals from the set, and to track state changes to the resources in the set. The protocol does not assume that clients will dereference the resources, but they could do so. The protocol is suitable for dealing with sets containing a large number of resources, as well as highly active resource sets that undergo continual change. The protocol is HTTP-based and follows RESTful principles.

These two specifications are part of a broader set of OSLC specifications that are part of the OSLC-OP project. In particular, OSLC-Core (https://docs.oasis-open-projects.org/oslc-op/core/v3.0/oslc-core.html) provides the core services upon which the Configuration Management and Tracked Resource Set specifications are built.

About the Open Services for Lifecycle Collaboration Open Project:
Managing change and configuration in a complex systems development lifecycle is very difficult, especially in heterogeneous environments that include homegrown tools, open source projects, and commercial tools from different vendors. The OSLC initiative applies World Wide Web and Linked Data principles to enable interoperation of change, configuration, and asset management processes across a product’s entire application and product lifecycle.

Configuration Management received three Statements of Use – from MID, SodiusWillert, and IBM.
Tracked Resource Set received three Statements of Use – from IBM, KTH Royal Institute of Technology, and SodiusWillert.

The OASIS Standards and all related files are available here:

OSLC Tracked Resource Set Version 3.0
OASIS Standard

– Part 1: Specification
HTML:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set.html
PDF:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set.pdf

– Part 2: Vocabulary
HTML:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set-vocab.html
PDF:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set-vocab.pdf

– Part 3: Constraints
HTML:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set-shapes.html
PDF:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set-shapes.pdf

– Vocabulary Terms definition file:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set-vocab.ttl

– Constraints definition file:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/tracked-resource-set-shapes.ttl

Distribution ZIP file:
For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/os/trs-v3.0-os.zip

———-

OSLC Configuration Management Version 1.0
OASIS Standard

– Part 1: Overview
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/oslc-config-mgt.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/oslc-config-mgt.pdf

– Part 2: Versioned Resources
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/versioned-resources.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/versioned-resources.pdf

– Part 3: Configuration Specification
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-resources.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-resources.pdf

– Part 4: RDF Vocabulary
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-vocab.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-vocab.pdf

– Vocabulary Terms definition file:
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-vocab.ttl

– Constraints definition file:
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-shapes.ttl

ZIP file:
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/os/config-v1.0-os.zip

Our congratulations to the members of the OSLC Open Project on achieving these milestones. For information on getting involved in OSLC, see the project’s website at https://open-services.net/.

Mobile Alerting Practices v1.0 published by Emergency Management TC

OASIS is pleased to announce publication of “Mobile Alerting Practices Version 1.0,” a Committee Note from the members of the OASIS Emergency Management TC [1].

One method of reaching people with emergency alert messages is via their personal mobile devices, such as mobile phones and tablets. Access to these devices is via the Mobile Network to which they are currently attached. However, the need to make a large-scale distribution in a specific geographic area without crashing the control channel, and the need to reach roamers, whose devices may retain their default behavior from their home network, needs consideration by those mobile networks. This document discusses how practitioners have considered this matter.

The Committee Note is available here:

Mobile Alerting Practices Version 1.0
Committee Note 01
18 July 2023

Editable source (Authoritative):
https://docs.oasis-open.org/emergency/mapcn/v1.0/cn01/mapcn-v1.0-cn01.docx
HTML:
https://docs.oasis-open.org/emergency/mapcn/v1.0/cn01/mapcn-v1.0-cn01.html
PDF:
https://docs.oasis-open.org/emergency/mapcn/v1.0/cn01/mapcn-v1.0-cn01.pdf

For your convenience, OASIS provides a complete ZIP package of the Committee Note that you can download here:
https://docs.oasis-open.org/emergency/mapcn/v1.0/cn01/mapcn-v1.0-cn01.zip

Members of the Emergency Management TC approved this Committee Note by a Full Majority Vote [2].

Our congratulations to all the members of the TC.

Additional references:

[1] OASIS Emergency Management TC
https://www.oasis-open.org/committees/emergency/

[2] Approval
https://www.oasis-open.org/committees/download.php/71239/Draft%20Meeting%20Notes%2018%20July%202023.docx

Invitation to comment on Universal Business Language v2.4 from the UBL TC

OASIS and the OASIS Universal Business Language TC are pleased to announce that Universal Business Language Version 2.4 is now available for public review and comment. This is the second public review for Universal Business Language Version 2.4.

About the specification draft:

UBL is the leading interchange format for business documents. It is designed to operate within a standard business framework such as ISO/IEC 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes. The European Commission has declared UBL officially eligible for referencing in tenders from public administrations, and in 2015 UBL was approved as ISO/IEC 19845:2015.

Specifically, UBL provides:
– A suite of structured business objects and their associated semantics expressed as reusable data components and common business documents.
– A library of schemas for reusable data components such as Address, Item, and Payment, the common data elements of everyday business documents.
– A set of schemas for common business documents such as Order, Despatch Advice, and Invoice that are constructed from the UBL library components and can be used in generic procurement and transportation contexts.

UBL v2.4 is a minor revision to v2.3 that preserves backwards compatibility with previous v2.# versions. It adds new document types, bringing the total number of UBL business documents to 93. As with previous UBL releases, the UBL 2.4 library is designed to support the construction of a wide variety of document types beyond those provided in the 2.4 package.

The specification documents and related files are available here:

Universal Business Language Version 2.4
Committee Specification Draft 02
26 July 2023

Editable source (Authoritative):
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4.xml
HTML:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4.html
PDF:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4.pdf
Code lists for constraint validation:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/cl/
Context/value Association files for constraint validation:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/cva/
Document models of information bundles:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/mod/
Default validation test environment:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/val/
XML examples:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/xml/
Annotated XSD schemas:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/xsd/
Runtime XSD schemas:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/xsdrt/
PDF file displaying red-lined text changes between csd01 and csd02:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4-csd02-DIFF.pdf

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4.zip

How to Provide Feedback

OASIS and the UBL TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

This public review starts 17 August 2023 at 00:00 UTC and ends 15 September 2023 at 11:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=ubl).

Comments submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/ubl-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with the public review of this work, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the UBL TC may be found on the TC’s public home page:
https://www.oasis-open.org/committees/ubl/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/ubl/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

[3] Public review metadata document:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4-csd02-public-review-metadata.html

Two PKCS #11 OASIS Standards published

OASIS is pleased to announce the publication of two PKCS #11 specifications as OASIS Standards, approved by the members on July 23, 2023.

The OASIS Standards announced today are:
– PKCS #11 Specification Version 3.1
– PKCS #11 Profiles Version 3.1

These PKCS #11 specifications define a platform-independent API to cryptographic tokens, such as hardware security modules and smart cards. The API itself is named “Cryptoki” (from “cryptographic token interface” and pronounced as “crypto-key”).
– PKCS #11 Specification defines data types, functions and other basic components of the PKCS #11 Cryptoki interface.
– PKCS #11 Profiles is intended for developers and architects who wish to design systems and applications that conform to the PKCS #11 Cryptoki standard.

The prose specifications and related files are available here:

PKCS #11 Specification Version 3.1
OASIS Standard
23 July 2023

PDF (Authoritative):
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/os/pkcs11-spec-v3.1-os.pdf
HTML:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/os/pkcs11-spec-v3.1-os.html
Editable source:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/os/pkcs11-spec-v3.1-os.docx
PKCS #11 header files:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/os/include/pkcs11-v3.1/

For your convenience, OASIS provides a complete package of the specification documents and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/os/pkcs11-spec-v3.1-os.zip


PKCS #11 Profiles Version 3.1
OASIS Standard
23 July 2023

PDF (Authoritative):
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/os/pkcs11-profiles-v3.1-os.pdf
HTML:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/os/pkcs11-profiles-v3.1-os.html
Editable source:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/os/pkcs11-profiles-v3.1-os.docx
PKCS #11 test cases:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/os/test-cases/
ZIP file:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/os/pkcs11-profiles-v3.1-os.zip

Our congratulations to the PKCS 11 TC on achieving this milestone.

The DocBook Schema v5.2 from the DocBook TC approved as a Committee Specification

OASIS is pleased to announce that The DocBook Schema Version 5.2 from the OASIS DocBook TC [1] has been approved as an OASIS Committee Specification.

Almost all computer hardware and software developed around the world needs some documentation. For the most part, this documentation has a similar structure and a large core of common idioms. The community benefits from having a standard, open, interchangeable vocabulary in which to write this documentation. DocBook has been, and will continue to be, designed to satisfy this requirement. For more than 25 years, DocBook has provided a structured markup vocabulary for just this purpose. DocBook Version 5.2 continues the evolution of the DocBook XML schema.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The DocBook Schema Version 5.2
Committee Specification 01
19 July 2023

Editable source (Authoritative):
https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/docbook-v5.2-cs01.docx
HTML:
https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/docbook-v5.2-cs01.html
PDF:
https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/docbook-v5.2-cs01.pdf

Relax NG schemas: https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/rng/
Schematron schemas: https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/sch/
XML catalog: https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/catalog.xml
NVDL schemas: https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/docbook/docbook/v5.2/cs01/docbook-v5.2-cs01.zip

Members of the DocBook TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references

[1] OASIS DocBook TC
https://www.oasis-open.org/committees/docbook/

[2] Public review history:
https://docs.oasis-open.org/docbook/docbook/v5.2/csd01/docbook-v5.2-csd01-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3786

Invitation to comment on Static Analysis Results Interchange Format (SARIF) v2.1.0 Errata 01

OASIS and the OASIS Static Analysis Results Interchange Format (SARIF) TC are pleased to announce that Static Analysis Results Interchange Format (SARIF) Version 2.1.0 Errata 01 is now available for public review and comment.

Software developers use a variety of tools to assess the quality of their programs. These tools can report results on qualities such as validity, security, performance, compliance with legal requirements, etc. To form an overall picture of program quality, developers often need to aggregate the results produced by all of these tools, a task made difficult when each tool produces output in a different format.

SARIF defines a standard format for the output of static analysis tools in order to:
– Comprehensively capture the range of data produced by commonly used static analysis tools.
– Reduce the cost and complexity of aggregating the results of various analysis tools into common workflows.
– Represent analysis results for all kinds of programming artifacts, including source code and object code.

This publication includes:
– The errata, in the form of a list of changes. (sarif-v2.1.0-errata01-csd01)
– The OASIS Standard with the errata changes applied and highlighted. (sarif-v2.1.0-errata01-csd01-redlined)
– The OASIS Standard with the errata changes applied, and not redlined. (sarif-v2.1.0-errata01-csd01-complete)
– The SARIF v2.1.0 JSON schemas.

Static Analysis Results Interchange Format (SARIF) Version 2.1.0 Errata 01
Committee Specification Draft 01
12 July 2023

Editable source (Authoritative):
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01.docx
HTML:
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01.html
PDF:
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01.pdf
JSON schemas:
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/schemas/

OASIS Standard incorporating Draft 01 of Errata 01 (redlined)
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01-redlined.docx
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01-redlined.html
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01-redlined.pdf

OASIS Standard incorporating Draft 01 of Errata 01 (complete)
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01-complete.docx
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01-complete.html
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01-complete.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/csd01/sarif-v2.1.0-errata01-csd01.zip

How to Provide Feedback

OASIS and the SARIF TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 04 August 2023 at 00:00 UTC and ends 18 August 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=sarif).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/sarif-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the SARIF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/sarif/

Additional references
[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/sarif/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-RAND-Mode
RF on RAND Mode

Invitation to comment on OData Extension for Data Aggregation v4.0

OASIS and the OASIS Open Data Protocol (OData) TC are pleased to announce that OData Extension for Data Aggregation Version 4.0 is now available for public review and comment. This specification draft has been extensively revised since its previous publication in 2015.

This specification adds basic grouping and aggregation functionality (e.g. sum, min, and max) to the Open Data Protocol (OData) without changing any of the base principles of OData.

The documents and related files are available here:

OData Extension for Data Aggregation Version 4.0
Committee Specification Draft 04
05 July 2023

Editable source (Authoritative):
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/odata-data-aggregation-ext-v4.0-csd04.md
HTML:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/odata-data-aggregation-ext-v4.0-csd04.html
PDF:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/odata-data-aggregation-ext-v4.0-csd04.pdf
PDF marked with changes since previous publication:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/odata-data-aggregation-ext-v4.0-csd04-DIFF.pdf

OData Aggregation ABNF Construction Rules and Test Cases:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/abnf/
OData Aggregation JSON and XML Vocabularies:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/vocabularies/

For your convenience, OASIS provides a complete package of the specification document and any related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/odata-data-aggregation-ext-v4.0-csd04.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/odata/odata-data-aggregation-ext/v4.0/csd04/odata-data-aggregation-ext-v4.0-csd04-public-review-metadata.html.

How to Provide Feedback

OASIS and the OASIS Open Data Protocol (OData) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

This 30-day public review starts 19 July 2023 at 00:00 UTC and ends 17 August 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=odata).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/odata-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the OData TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/odata/

Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/odata/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-RAND-Mode
RF on RAND Terms Mode

Invitation to comment on OSLC Change Management v3.0 Errata 01

OASIS and the OSLC Open Project are pleased to announce that OSLC Change Management Version 3.0 Errata 01 is now available for public review and comment.

This document incorporates proposed errata for the OASIS Standard “OSLC Change Management Version 3.0.” The specific changes are listed in Appendix C of Part 1, at https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-spec.html#errata.

The Open Services for Lifecycle Collaboration (OSLC) specifications collectively define a core set of services and domain vocabularies for lifecycle management including requirement, change and quality management.

This specification defines the OSLC Change Management domain, a RESTful web services interface for the management of product change requests, activities, tasks and relationships between those and related resources such as requirements, test cases, or architectural resources. To support these scenarios, this specification defines a set of HTTP-based RESTful interfaces in terms of HTTP methods: GET, POST, PUT and DELETE, HTTP response codes, content type handling and resource formats.

The documents and related files are available here:

OSLC Change Management Version 3.0
OASIS Standard incorporating Draft 01 of Errata 01

Project Specification Draft 01
23 March 2023

OSLC Change Management Version 3.0. Part 1: Specification
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-spec.html (Authoritative)
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-spec.pdf

OSLC Change Management Version 3.0. Part 2: Vocabulary
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-vocab.html (Authoritative)
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-vocab.pdf

OSLC Change Management Version 3.0. Part 3: Constraints
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-shapes.html (Authoritative)
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-shapes.pdf

Change Management Vocabulary definitions file: https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-vocab.ttl
Change Management Resource Shape Constraints definitions file: https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/change-mgt-shapes.ttl

For your convenience, OASIS provides a complete package of the specification documents and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open-projects.org/oslc-op/cm/v3.0/errata01/psd01/cm-v3.0-psd01.zip

How to Provide Feedback

OASIS and the OSLC OP value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 01 June 2023 at 00:00 UTC and ends 15 June 2023 at 23:59 UTC.

Comments may be submitted to the OP by any person via the project mailing list at oslc-op@lists.oasis-open-projects.org. To subscribe, send an empty email to oslc-op+subscribe@lists.oasis-open-projects.org and reply to the confirmation email. Please append the hashtag #publicreview to the end of the subject line of your message.

Comments submitted for this work and for other work of this OP are publicly archived and can be viewed at:
https://lists.oasis-open-projects.org/g/oslc-op/search?q=%23publicreview or https://lists.oasis-open-projects.org/g/oslc-op/topics.

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the OP members. In connection with this public review, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the applicable open source license. All members of the OP should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this OP’s work.

Additional references:
[1] OASIS Open Services for Lifecycle Collaboration (OSLC) OP
https://open-services.net/about/

[2] https://www.oasis-open.org/policies-guidelines/ipr/

[3] https://github.com/oslc-op/oasis-open-project/blob/master/LICENSE.md

Invitation to comment on CACAO Security Playbooks v2.0

OASIS and the OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security TC are pleased to announce that CACAO Security Playbooks v2.0 is now available for public review and comment. This 15-day review is the second public review for Version 2.0 of this specification.

About the specification draft

To defend against threat actors and their tactics, techniques, and procedures, organizations need to identify, create, document, and test detection, investigation, prevention, mitigation, and remediation steps. These steps, when grouped together, form a cyber security playbook that can be used to protect organizational systems, networks, data, and users.

This specification defines the schema and taxonomy for cybersecurity playbooks and how cybersecurity playbooks can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions.

The documents and related files are available here:

CACAO Security Playbooks Version 2.0
Committee Specification Draft 02
26 May 2023

Editable source (Authoritative):
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd02/security-playbooks-v2.0-csd02.docx
HTML:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd02/security-playbooks-v2.0-csd02.html
PDF:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd02/security-playbooks-v2.0-csd02.pdf
PDF marked with changes since previous public review:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd02/security-playbooks-v2.0-csd02-DIFF.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd02/security-playbooks-v2.0-csd02.zip

How to Provide Feedback

OASIS and the CACAO TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 01 June 2023 at 00:00 UTC and ends 15 June 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cacao).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/cacao-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CACAO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/cacao/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/cacao/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

[3] Public review metadata document:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd02/security-playbooks-v2.0-csd02-public-review-metadata.html

NIEMOpen Publication Process v1.0 released by NIEMOpen OP

OASIS is pleased to announce publication of “NIEMOpen Publication Process Version 1.0,” a Project Note from the members of the OASIS NIEMOpen Open Project (OP) [1].

NIEM, formerly known as the “National Information Exchange Model,” is a framework for exchanging information between public and private sector organizations. The framework includes a reference data model for objects, properties, and relationships as well as a set of technical specifications for using and extending the data model in information exchanges. NIEM promotes scalability and reusability of messages between information systems which allows organizations to share data and information more efficiently.

This document describes the terminology, deliverables, versioning, stages and processes involved in publishing a NIEMOpen version, including the model, specifications and tools.

This Project Note is available here:

NIEMOpen Publication Process Version 1.0
Project Note 01
02 May 2023

Editable source:
https://docs.oasis-open.org/niemopen/niem-pubs/v1.0/pn01/niem-pubs-v1.0-pn01.md (Authoritative)
HTML:
https://docs.oasis-open.org/niemopen/niem-pubs/v1.0/pn01/niem-pubs-v1.0-pn01.html
PDF:
https://docs.oasis-open.org/niemopen/niem-pubs/v1.0/pn01/niem-pubs-v1.0-pn01.pdf

Distribution ZIP file

For your convenience, OASIS provides a complete package of the Project Note in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/niemopen/niem-pubs/v1.0/pn01/niem-pubs-v1.0-pn01.zip

Members of the NIEM Technical Architecture Committee (NTAC) of the OASIS NIEMOpen OP [1] approved this Project Note on 02 May 2023 as documented in the NTAC meeting minutes [2], and it is now available online in the OASIS Library as referenced above.

Our congratulations to all the members of the OP.

Additional references

[1] OASIS NIEMOpen OP
http://www.niemopen.org/

[2] Approval (NIEM Technical Architecture Committee (NTAC) of the OASIS NIEMOpen OP meeting minutes):
https://github.com/niemopen/ntac-admin/blob/main/meetings/docs/2023-05-02-minutes.md

Information Modeling with JADN v1.0 published by OpenC2 TC

OASIS is pleased to announce publication of “Information Modeling with JADN Version 1.0,” a Committee Note from the members of the OASIS Open Command and Control (OpenC2) TC [1].

Early in its work, the OASIS OpenC2 Technical Committee recognized that the OpenC2 Language needed to be defined in an implementation-independent manner in order to achieve the goals of being “agnostic of underlying products, technologies, transport mechanisms or other aspects of the implementation”. In response, the TC created an information modeling language, JSON Abstract Data Notation (JADN), to support the information modeling needed to define OpenC2 in that manner.

This Committee Note describes the use of IMs, explains how to construct IMs using JADN, and contrasts IMs with other modeling approaches, such as Entity-Relationship models for databases, and knowledge models / ontologies. Information models (IMs) are used to define and generate physical data models, validate information instances, and enable lossless translation across data formats.

JSON Abstract Data Notation (JADN) is a UML-based information modeling language that defines data structure independently of data format. While JADN was created to facilitate the development of OpenC2, it is an independent specification, and can be used for any information modeling application.

This Committee Note is available here:

Information Modeling with JADN Version 1.0
Committee Note 01
19 April 2023

Editable source:
https://docs.oasis-open.org/openc2/imjadn/v1.0/cn01/imjadn-v1.0-cn01.md (Authoritative)
HTML:
https://docs.oasis-open.org/openc2/imjadn/v1.0/cn01/imjadn-v1.0-cn01.html
PDF:
https://docs.oasis-open.org/openc2/imjadn/v1.0/cn01/imjadn-v1.0-cn01.pdf

Distribution ZIP file
For your convenience, OASIS provides a complete package of the Committee Note in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/openc2/imjadn/v1.0/cn01/imjadn-v1.0-cn01.zip

Members of the OpenC2 TC [1] approved this Committee Note by a Full Majority vote on 19 April 2023 as documented in the TC minutes [2], and it is now available online in the OASIS Library as referenced above.

Our congratulations to all the members of the TC.

========== Additional references:
[1] OASIS Open Command and Control (OpenC2) TC
https://www.oasis-open.org/committees/openc2/

[2] Approval (TC meeting minutes):
https://www.oasis-open.org/committees/document.php?document_id=70942&wg_abbrev=openc2

Conformance Targets Attribute Specification (CTAS) v3.0 Project Specification 01 approved by the NIEMOpen OP

OASIS is pleased to announce that Conformance Targets Attribute Specification (CTAS) Version 3.0 from the NIEMOpen Open Project [1] has been approved as an OASIS Project Specification.

NIEM is a framework for exchanging information between public and private sector organizations. The framework includes a reference data model for objects, properties, and relationships as well as a set of technical specifications for using and extending the data model in information exchanges. NIEM promotes scalability and reusability of messages between information systems which allows organizations to share data and information more efficiently.

This document specifies an XML attribute that may occur within XML documents to establish a claim that the document conforms to a set of conformance targets. Each conformance target is identified by an internationalized resource identifier, which is defined by its relevant specification.

This Project Specification is an OASIS deliverable, completed and approved by the OP’s Project Governing Board and fully ready for testing and implementation. The applicable open source licenses can be found in the project’s administrative repository at https://github.com/niemopen/oasis-open-project/blob/main/LICENSE.md.

The specification and related files are available at:

Conformance Targets Attribute Specification (CTAS) Version 3.0
Project Specification 01
22 February 2023

HTML (Authoritative):
https://docs.oasis-open.org/niemopen/ctas/v3.0/ps01/ctas-v3.0-ps01.html
PDF:
https://docs.oasis-open.org/niemopen/ctas/v3.0/ps01/ctas-v3.0-ps01.pdf
XML schema: https://docs.oasis-open.org/niemopen/ctas/v3.0/ps01/schemas/conformanceTargets.xsd

Distribution ZIP file

For your convenience, OASIS provides a complete package of the specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/niemopen/ctas/v3.0/ps01/ctas-v3.0-ps01.zip

Members of the NIEMOpen OP Project Governing Board approved this specification by Special Majority Vote [2] as required by the Open Project rules [3].

Our congratulations to the participants and contributors in the NIEMOpen Open Project on their achieving this milestone.

Additional references

[1] NIEMOpen Open Project
https://www.niemopen.org/

[2] Approval ballot:
https://lists.oasis-open-projects.org/g/niemopen-pgb/message/69

[3] https://www.oasis-open.org/policies-guidelines/open-projects-process

No results with the selected filters