8 Technical Reference Model

• [320101] Public Key Technology
• [320102] Supporting Security Services

• [320201] Static Display
• [320202] Dynamic / Server-Side Display
• [320203] Content Rendering
• [320204] Wireless / Mobile / Voice

• [320301] Platform Independent
• [320302] Platform Dependent

• [320501] Database Connectivity
• [320502] Reporting and Analysis

Examples of public key technologies include:

• Digital certificates generated under ITU-T X.509 standard

Agencies requiring encryption technologies should seek evaluated products listed on DSD's Evaluated Products List (EPL).

Examples of supporting security services technologies include:

• Secure Sockets Layer (SSL): an open, non-proprietary protocol for securing data communications across computer networks. SSL sits between the application protocol (such as HTTP, Telnet, FTP and NNTP) and the connection protocol (such as TCP/IP, UDP). SSL provides server authentication, message integrity, data encryption and optional client authentication for TCP/IP connections.
• Transport Layer Security (TLS): a standard for the next generation SSL. TLS provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering or message forgery
• Secure Shell (SSH): a strong method of performing client authentication. Because it supports authentication, compression, confidentiality and integrity, SSH is used frequently on the Internet. SSH has two important components: RSA certificate exchange for authentication and Triple DES for session encryption.
• Secure Multipurpose Internet Mail Extensions (S/MIME): provide a consistent way to send and receive secure MIME data. Based on the Internet MIME standard, S/MIME provides cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and data confidentiality (using encryption). S/MIME is not restricted to mail: it can be used with any transport mechanism that transports MIME data, such as HTTP
• OpenPGP Message Format: Open-PGP software uses a combination of strong public key and symmetric cryptography to provide security services for electronic communications and data storage. These services include confidentiality, key management, authentication, and digital signatures.
• PSec: a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. Also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
• Web Services Security (WS Security): describes enhancements to SOAP (Simple Object Access Protocol) messaging to provide message integrity, message confidentiality and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies, including X.509, Kerberos and SAML
• Security Assertion Markup Language (SAML): an XML-based framework for exchanging security information expressed in the form of assertions about subjects, where a subject is an entity (either human or computer) that has an identity in some security domain. SAML is supported by both the Liberty Alliance and WS Security

An example of static display technology includes:

• Hypertext Markup Language (HTML): the language used to create web documents and a subset of Standard Generalised Markup Language (SGML)
• Portable Document Framework (PDF/A/X): an open standard file format for representing two-dimensional documents in a device independent and resolution independent format.

Examples of dynamic/server side display technologies include:

• Java Server Pages (JSP): part of Sun's J2EE architecture and provide template capabilities for presenting dynamically generated web content. JSPs are text files written in a combination of standard HTML tags, JSP tags and Java code
• Active Server Pages (ASP): a web server technology from Microsoft that allows for the creation of dynamic, interactive sessions with the user
• Active Server Pages .Net (ASP.Net): a set of technologies in the Microsoft.NET Framework for building web applications and XML web services. ASP.NET pages execute on the server and generate markup such as HTML, WML or XML that is sent to a desktop or mobile browser.

Examples of content rendering technologies include:

• Dynamic HTML (DHTML): a collective term for a combination of new Hypertext Markup Language (HTML) tags and options, style sheets and programming that will allow web pages that are more animated and more responsive to user interaction than previous versions of HTML
• Extensible HTML (XHTML): a family of document types and modules that reproduce, subset, and extend HTML, reformulated in XML
• Cascading Style Sheets (CSS): a style sheet format for HTML documents endorsed by the World Wide Web Consortium. CSS1 (Version 1.0) provides hundreds of layout settings that can be applied to all the subsequent HTML pages that are downloaded
• Extensible 3D Graphics (X3D): the ISO standard for real-time 3D computer graphics which features the ability to scene in an XML syntax.

Examples of wireless/mobile/voice technologies include:

• Wireless Markup Language (WML): an XMLbased protocol designed for Wireless devices
• XHTML Mobile Profile (XHTMLMP): designed for resource-constrained web clients that do not support the full set of XHTML features, such as mobile phones, PDAs, pagers and set top boxes. It extends XHTML Basic with modules, elements and attributes to provide a richer authoring language. XHTML replaces the Wireless Markup Language (WML)
• Voice XML (VXML): an XML vocabulary for specifying IVR (Integrated Voice Response) Systems.

Examples of platform independent technologies include:

• Enterprise Java Beans (EJB): a software component in Sun's J2EE platform which provides a pure Java environment for developing and running distributed applications
• C, C++: a procedure programming language. C++ is an object-oriented version of C that has been widely used to develop enterprise and commercial applications
• JavaScript: a scripting language that runs within a web browser

Examples of platform dependent technologies include:

• Visual Basic: a version of the BASIC programming language from Microsoft specialised for developing Windows applications
• Visual Basic.Net (VB.Net): a version of the BASIC programming language from Microsoft specialised for developing Windows applications that is used within Microsoft's .NET environment
• C-Sharp (C#): an object-oriented programming language from Microsoft that is based on C++ with elements from Visual Basic and Java
• VB Script: a scripting language from Microsoft. A subset of Visual Basic, VBScript is widely used on the web for both client processing within a web page and server side processing in Active Server Pages (ASPs).

Examples of data exchange technologies include:

• XML Metadata Intercharge (XMI): enables easy interchange of metadata between modelling tools (based on the OMG UML) and metadata repositories (OMG MOF based) in distributed heterogeneous environments. XMI integrates three key industry standards: XML, UML and MOF. The integration of these three standards into XMI marries the best of OMG and W3C metadata and modelling technologies, allowing developers of distributed systems to share object models and other metadata over the Internet
• XQuery: a language used for processing and evaluating XML data. The XQuery language provides results of expressions allowing the use of evaluations to the implementation of XQuery
• Simple Object Access Protocol (SOAP): provides HTTP/XML based remote procedure call capabilities for XML Web Services
• Electronic Business using XML (be-XML): a modular suite of specifications that enables enterprises to conduct business over the Internet: exchanging business messages, conducting trading relationships, communicating data in common terms and defining and registering business processes
• Resource Description Framework (RDF): provides a lightweight ontology system to support the exchange of knowledge on the web. It integrates a variety of web-based metadata activities including sitemaps, content ratings, stream channel definitions, search engine data collection (web crawling), digital library collections and distributed authoring, using XML as interchange syntax. RDF is the foundation for the Semantic Web envisioned by Tim Berners-Lee: an extension of the current web in which information is given well-defined meaning, to better enable computers and people to work in cooperation
• Web Services User Interface (WSUI): uses a simple schema for describing a WSUI 'component' that can be used in a portal to call back-end SOAP and XML services. WSUI uses XSLT style sheets to construct user facing views to enable users to interact with the services.

Examples of database connectivity technologies include:

• Java Database Connectivity (JDBC): provides access to virtually any tabular data source from the Java programming language. It provides cross-DBMS connectivity to a wide range of SQL databases and other tabular data sources, such as spreadsheets or flat files
• Open Database Connectivity (ODBC): a database programming interface from Microsoft that provides a common language for Windows applications to access databases on a network. ODBC is made up of the function calls programmers write into their applications and the ODBC drivers themselves
• Active Data Objects (ADO): a programming interface from Microsoft that is designed as 'the' Microsoft standard for data access. First used with Internet Information Server, ADO is a set of COM objects that provides an interface to OLE DB. The three primary objects are Connection, Command and Record set
• Active Data Objects .Net (ADO.Net): the data access component of Microsoft's .NET Framework. It provides an extensive set of classes that facilitate efficient access to data from a large variety of sources, enabling sophisticated manipulation and sorting of data
• Object Linking and Embedding/Database (OLE/DB): a Microsoft low-level API designed to provide connections to different data sources. OLE/DB allows connectivity to ODBC-based SQL providers/sources as well as other formats such as text and comma delimited
• Data Access Objects (DAO): the Microsoft library for accessing Microsoft Jet engine data sources such as Microsoft Office based applications. DAO is replaced by ADO and ADO. Net
• DB2 Connector: an IBM connectivity API to access DB2 sources

Examples of reporting and analysis technologies include:

• Extensible Business Reporting Language (XBRL): an open specification which uses XML-based data tags to describe financial statements for both public and private companies
• Java Online Analytical Processing (JOLAP): a Java API for the J2EE environment that supports the creation and maintenance of OLAP data and metadata, in a vendor independent manner
• Online Analytical Processing (OLAP): decision support software that allows the user to quickly analyse information that has been summarised into multidimensional views and hierarchies
• XML for Analysis: uses the Simple Object Access Protocol (SOAP) to let web browser based programs access backend data sources for data analysis. The specification allows companies to build online analytical processing (OLAP) and data mining applications that work over the web.