CEN Workshop Agreement - tud.ttu.ee

jockeyropeInternet και Εφαρμογές Web

2 Φεβ 2013 (πριν από 4 χρόνια και 9 μήνες)

587 εμφανίσεις


ISSS/WS
-
EC
-

Architectures/01/01

ISSS/WS
-
EC/01/01








CEN/ISSS Electronic Commerce Workshop


Frameworks, Architectures and Models for
Electronic Commerce Group



CEN Workshop Agreement




Summaries of some Frameworks, Architec
tures
and Models for Electronic Commerce

Date:
February 2001

Draft 0.i





By CEN/ISSS Electronic Commerce Workshop






For Discussion/Comment

Page
2

CWA NNN: 200
1


Contents


FOREWORD

................................
................................
................................
................................
..........................

8

PART 1

................................
................................
................................
................................
................................
....

9

INTRODUCTION

................................
................................
................................
................................
..................

9

1

SCOPE (BRIEF DESCRIP
TION OF WHAT THE CWA

CONTAINS)

................................
.........

9

2

NORMATIVE REFERENCES

................................
................................
................................
..........

11

3

ABBREVIATIONS

................................
................................
................................
.............................

13

4

HOW PEOPLE CAN USE T
HE PROJECT MATERIAL,

WHY IT IS IMPORTANT

..............

15

5

ISSUES AND RECOMMEND
ATIONS LIST

................................
................................
..................

15

5.1

C
OVERAGE

................................
................................
................................
................................
.............

15

5.2

I
MPLEMENT
ATION

................................
................................
................................
................................
..

15

5.3

C
OMPLEMENTALITY AND C
OMMONALITY

................................
................................
..............................

16

5.4

S
EMANTIC MODELLING

................................
................................
................................
..........................

16

6

A FRAMEWORK FOR COMP
ARISON

................................
................................
.........................

16

6.1

F
RAMEWORK SPECIFICATI
ON

................................
................................
................................
.................

16

6.2

A
PPLICATION OF THIS
F
RAMEWORK
................................
................................
................................
.......

18

General Frameworks

................................
................................
................................
................................
......

18

6.2.1

Biztalk Framework

................................
................................
................................
..........................

18

6.2.2

'Building Blocks' (CEN/ISSS Electronic Comm
erce Workshop)

................................
....................

18

6.2.3

ebXML Technical Architecture

................................
................................
................................
.......

18

6.2.4

The eCo Framework Specification

................................
................................
................................
..

18

6.2.5

IMPRIMATUR Business Model

................................
................................
................................
.....

18

6.2.
6

Industrial Data Framework (STEP)

................................
................................
................................
.

18

6.2.7

Java EC Framework

................................
................................
................................
.........................

18

6.2.8

OMG Electronic Commerce Domain Specifications

................................
................................
.......

18

6.2.9

Open
-
edi Reference Model (ISO 14662)

................................
................................
.........................

18

6.2.10

SPIRIT

................................
................................
................................
................................
.............

18

Trading Models

................................
................................
................................
................................
..............

18

6.2.11

Ad Hoc Functional and Process Models

................................
................................
..........................

18

6.2.12

Internet Open Trading Protocol (IOTP)

................................
................................
...........................

18

6.2.13

Open Applications Group

XML Framework

................................
................................
...................

19

6.2.14

Open Buying on the Internet (OBI)

................................
................................
................................
.

19

6.2.15

RosettaNet

................................
................................
................................
................................
.......

19

6.2.16

Secure Electronic Mark
et Place for Europe (SEMPER)

................................
................................
..

19

Payment Models

................................
................................
................................
................................
.............

19

6.2.17

Electronic Payment Technologies

................................
................................
................................
....

19

6.2.18

Secure Electronic Transaction (SET)

................................
................................
...............................

19

6.2.19

TC

224 Report on 'Card
-
related secure commercial and financial transactions on open networks'

19

Security Models

................................
................................
................................
................................
.............

19

6.2.20

PKI

................................
................................
................................
................................
...................

19

Mobile commerce models

................................
................................
................................
..............................

19

6.2.21

MeT

................................
................................
................................
................................
.................

19

7

SUMMARIES OF THE SUM
MARIES

................................
................................
............................

19

G
ENERAL
F
RAMEWORKS

................................
................................
................................
................................
........

19

7.1

B
IZTALK
F
RAMEWORK

................................
................................
................................
..........................

19

7.2

'B
UILDING
B
LOCKS
'

(CEN/ISSS

E
LECTRONIC
C
OMMERCE
W
ORKSHOP
)

................................
...............

20

Page
3

CWA NNNN: 2000


7.3

EB
XML

T
ECHNICAL
A
RCHITECTURE

................................
................................
................................
.....

20

7.4

T
HE E
C
O
F
RAMEWORK
S
PECIFICATION

................................
................................
................................
..

21

7.5

IMPRIMATUR

B
USINESS
M
ODEL

................................
................................
................................
........

21

7.6

I
NDUSTRIAL
D
ATA
F
RAMEWORK
(STEP)

................................
................................
..............................

21

7.7

J
AVA
EC

F
RAMEWORK

................................
................................
................................
..........................

21

7.8

OMG

E
LECTRONIC
C
OMMERCE
D
OMAIN
S
PECIFICATIONS

................................
................................
....

22

7.9

O
PEN
-
EDI
R
EFERENCE
M
O
DEL
(ISO

14662)

................................
................................
..........................

22

7.10

SPIRIT

................................
................................
................................
................................
..................

22

T
RADING
M
ODELS

................................
................................
................................
................................
..................

23

7.11

A
D
H
OC
F
UNCTIONAL AND
P
ROCESS
M
ODELS
................................
................................
.......................

23

7.12

I
NTERNET
O
PEN
T
RADING
P
ROTOCOL
(IO
TP)

................................
................................
.......................

23

7.13

O
PEN
A
PPLICATIONS
G
ROUP

XML

F
RAMEWORK

................................
................................
..................

23

7.14

O
PEN
B
UYING ON THE
I
NTERNET
(OBI)

................................
................................
................................
.

24

7.15

R
OSETTA
N
ET

................................
................................
................................
................................
.........

24

7.16

S
ECURE
E
LECTRONIC

M
ARKET
P
LACE FOR
E
UROPE
(SEMPER)

................................
...........................

24

P
AYMENT
M
ODELS

................................
................................
................................
................................
.................

25

7.17

E
LECTRONIC
P
AYMENT
T
ECHNOLOGIES

................................
................................
................................

25

7.18

S
ECURE
E
LECTRONIC
T
RANSACTION
(SET)

................................
................................
...........................

25

7.19

TC

224

R
EPORT ON
'C
ARD
-
RELATED SECURE COMME
RCIAL AND FINANCIAL
TRANSACTIONS ON OPEN

NETWORKS
'

................................
................................
................................
................................
............

25

S
ECURITY
M
ODELS

................................
................................
................................
................................
.................

26

7.20

PKIX

................................
................................
................................
................................
.....................

26

7.21

S
ECURITY MODEL IN
TC

224

R
EPORT ON
'C
ARD
-
RELATED SECURE COMME
RCIAL AND FINANCIAL
TRANSACTIONS ON OPEN

NETWORKS
'

................................
................................
................................
.....

26

M
OBILE COMMERCE MODEL
S

................................
................................
................................
................................
..

26

7.22

M
E
T

................................
................................
................................
................................
.......................

26

PART 2

................................
................................
................................
................................
................................
..

27

8

GENERAL FRAMEWORKS

................................
................................
................................
............

27

8.1

B
IZTALK
F
RAMEWORK

................................
................................
................................
..........................

27

8.1.1

Introduction

................................
................................
................................
................................
.....

27

8.1.2

Architecture/layering

................................
................................
................................
.......................

27

8.1.3

Biztalk Concepts

................................
................................
................................
..............................

28

8.1.4

Reliable delivery of Biztalk documents

................................
................................
...........................

29

8.1.5

Biztalk documents with attachments

................................
................................
...............................

30

8.1.6

Securing Biztalk documents and messages

................................
................................
......................

30

8.1.7

Further details

................................
................................
................................
................................
..

30

8.2

'B
UILDING
B
LOCKS FOR
E
LECTRONIC
C
OMMERCE
'

(CEN/ISSS

E
LECTRONIC
C
OMMERCE
W
ORKSHOP
)

30

8.2.1

Introduction

................................
................................
................................
................................
.....

30

8.2.2

Characteristics/descript
ion

................................
................................
................................
...............

31

8.2.3

Usage

................................
................................
................................
................................
...............

31

8.2.4

Further details

................................
................................
................................
................................
..

31

8.3

EB
XML

T
ECHNICAL
A
RCHITECTURE

................................
................................
................................
.....

32

8.3.1

Introduction

................................
................................
................................
................................
.....

32

8
.3.2

Characteristics/description

................................
................................
................................
...............

32

8.3.2.1

The ebXML Business Operational View (BOV)

................................
................................
......

32

8.3.2.2

The ebXML Functional Service View (FSV)
................................
................................
............

33

8.3.3

Usage

................................
................................
................................
................................
...............

34

8.3.3.1

The audience for the ebXML Technical Specifications

................................
............................

34

8.3.3.2

Example of an applied ebXML scenario

................................
................................
...................

34

8.3.4

Further details

................................
................................
................................
................................
..

36

8.4

T
HE E
C
O

F
RAMEWORK
(C
OMMERCE
N
ET
)

................................
................................
.............................

36

8.4.1

What is eCo Framework?

................................
................................
................................
................

36

8.4.2

Problem it solves
................................
................................
................................
..............................

36

8.4.3

How it solves the problem

................................
................................
................................
...............

36

8.4.3.1

Archit
ectural Model

The eCo Framework 7 Layers

................................
................................

37

8.4.3.2

Networks Layer

................................
................................
................................
.........................

38

8.4.3.3

Markets Layer

................................
................................
................................
...........................

38

8.4.3.4

Business Layer

................................
................................
................................
..........................

38

Page
4

CWA NNN: 200
1


8.4.3.5

Servic
es Layer

................................
................................
................................
...........................

38

8.4.3.6

Interactions Layer

................................
................................
................................
......................

38

8.4.3.7

Documents Layer

................................
................................
................................
......................

38

8.4.3.8

Information Items Layer

................................
................................
................................
............

38

8.4.3.9

The basic Component of t
he Architectural Model: Documents

................................
................

39

8.4.4

Method to Query eCo Layers: Type Registries

................................
................................
...............

39

8.4.5

Definition of Queries and Responses: Published Interfaces

................................
...........................

39

8.4.6

In
dustry Adoption

................................
................................
................................
............................

39

8.4.7

References

................................
................................
................................
................................
.......

39

8.4.8

Further details

................................
................................
................................
................................
..

40

8.5

IMPRIMATUR

B
USINESS
M
ODEL

................................
................................
................................
........

40

8.5.1

Introduction

................................
................................
................................
................................
.....

40

8.5.2

Characteristics/description

................................
................................
................................
...............

40

8.5.3

Usage

................................
................................
................................
................................
...............

41

8.5.4

Further details

................................
................................
................................
................................
..

41

8.6

I
NDUSTRIAL
D
ATA
F
RAMEWORK
(STEP)

................................
................................
..............................

41

8.6.1

Introduction

................................
................................
................................
................................
.....

41

8.6.2

Characteristics/description

................................
................................
................................
...............

41

8.6.3

Further details

................................
................................
................................
................................
..

42

8.7

J
AVA
E
LECTRONIC
C
OMMERCE
F
RAMEWORK

................................
................................
........................

43

8.7.1

Introducti
on

................................
................................
................................
................................
.....

43

8.7.2

Characteristics/description

................................
................................
................................
...............

43

8.7.3

Usage

................................
................................
................................
................................
...............

44

8.7.4

Further details

................................
................................
................................
................................
..

44

8.8

OMG

E
LECTRONIC
C
OMMERCE
D
OMAIN
S
PECIFICATIONS

................................
................................
....

44

8.8.1

What is CORBA E
-
Commerce?

................................
................................
................................
......

44

8.8.2

Document Framework

................................
................................
................................
.....................

45

8.8.3

Community Framework

................................
................................
................................
...................

45

8.8.4

Collaboration Framework

................................
................................
................................
................

45

8.8.5

DOM Framework

................................
................................
................................
.............................

45

8.8.6

Common Business Object Specifications

................................
................................
........................

45

8.8.7

People and Place Objects

................................
................................
................................
.................

46

8.8.8

Resource and Process Objects

................................
................................
................................
.........

46

8.8.9

About the Object Management Group

................................
................................
.............................

46

8.9

O
PEN
-
EDI
R
EFERENCE
M
ODEL
(ISO

14662)

................................
................................
..........................

46

8.9.1

Introduction

................................
................................
................................
................................
.....

46

8.9.2

Characteristics/descriptio
n

................................
................................
................................
...............

47

8.9.3

Open
-
edi environment

................................
................................
................................
.....................

47

8.9.4

BOV and related standards

................................
................................
................................
..............

48

8.9.5

FSV and related standards

................................
................................
................................
...............

48

8.9.6

Usage

................................
................................
................................
................................
...............

49

8.10

SPIRIT

................................
................................
................................
................................
..................

49

8.10.1

Rationale for SPIRIT

................................
................................
................................
.......................

49

8.10.2

Origins of SPIRIT

................................
................................
................................
............................

50

8.10.3

SPIRIT Participants

................................
................................
................................
.........................

50

8.10.4

Value of SP
IRIT

................................
................................
................................
..............................

50

8.10.5

Significance of SPIRIT

................................
................................
................................
....................

50

8.10.6

Working Procedures

................................
................................
................................
........................

50

8.10.7

Major Standards

................................
................................
................................
...............................

50

8.10.8

SPIRIT Issue 1.0

................................
................................
................................
..............................

50

8.10.9

SPIRIT Issue 2.0

................................
................................
................................
..............................

51

8.10.10

SPIRIT Issue 3.0

................................
................................
................................
..............................

51

8.10.11

The Final Phase
................................
................................
................................
................................

52

8.10.12

Acknowledgements

................................
................................
................................
..........................

52

9

TRADING

MODELS
................................
................................
................................
..........................

52

9.1

A
D HOC
T
RADING
M
ODELS

................................
................................
................................
....................

52

9.1.1

Functional models of electronic commerce

................................
................................
.....................

52

9.1.2

Process models of electronic commerce

................................
................................
..........................

54

9.2

I
NTERNET
O
PEN
T
RADING
P
ROTOCOL
(IOTP)

................................
................................
.......................

54

Page
5

CWA NNNN: 2000


9.2.1

Introduction

................................
................................
................................
................................
.....

54

9.2.2

Characteristics/description

................................
................................
................................
...............

54

9.2.3

Usage

................................
................................
................................
................................
...............

55

9.2.4

Further de
tails

................................
................................
................................
................................
..

55

9.3

O
PEN
A
PPLICATIONS
G
ROUP

XML

F
RAMEWORK

................................
................................
..................

55

9.3.1

Introduction

................................
................................
................................
................................
.....

55

9.3.2

Characteristics/description

................................
................................
................................
...............

56

9.3.3

Achievement of th
e objective

................................
................................
................................
..........

56

9.3.4

Further details

................................
................................
................................
................................
..

57

9.4

O
PEN
B
UYING ON THE
I
NTERNET
(OBI)

................................
................................
................................
.

57

9.4.1

Introduction

................................
................................
................................
................................
.....

57

9.4.2

Characteristics/description

................................
................................
................................
...............

58

9.4.3

Usage

................................
................................
................................
................................
...............

58

9.4.4

Further details

................................
................................
................................
................................
..

58

9.5

R
OSETTA
N
ET

................................
................................
................................
................................
.........

58

9.5.1

Introduction

................................
................................
................................
................................
.....

58

9.5.2

The general conc
ept

................................
................................
................................
.........................

59

9.5.3

PIPs and the Implementation Framework

................................
................................
........................

59

9.5.4

RosettaNet Business Message Overview

................................
................................
.........................

61

9.5.4.1

Parts of a RosettaNet Business Message

................................
................................
...................

61

9.5.5

Network Application Model

................................
................................
................................
............

62

9.5.6

Further details

................................
................................
................................
................................
..

62

9.6

S
ECURE
E
LECTRONIC
M
ARKET
P
LACE FOR
E
UROPE
(SEMPER)

................................
...........................

63

9.6.1

Introduction

................................
................................
................................
................................
.....

63

9.6.2

Characteristics/description

................................
................................
................................
...............

63

9.6.3

Usage

................................
................................
................................
................................
...............

64

9.6.4

Further details

................................
................................
................................
................................
..

64

10

ELECTRONIC PAYMENT M
ODELS

................................
................................
.............................

64

10.1

E
LEC
TRONIC
P
AYMENT
T
ECHNOLOGIES

................................
................................
................................

64

10.1.1

Smart Cards

................................
................................
................................
................................
.....

64

10.1.1.1

Standards and Specifications

................................
................................
................................
.

65

10.1.2

Tokens

................................
................................
................................
................................
.............

65

10.1.2.1

Standards and Sp
ecifications

................................
................................
................................
.

66

10.1.3

Micropayment

................................
................................
................................
................................
..

66

10.1.3.1

Standards and Specifications

................................
................................
................................
.

66

10.1.4

Home Banking

................................
................................
................................
................................
.

66

10.1.4.1

Standards and Specificat
ions

................................
................................
................................
.

67

10.1.5

Payment Method Negotiation

................................
................................
................................
..........

67

10.1.5.1

Standards and Specifications

................................
................................
................................
.

67

10.1.6

Electronic Fund Transfer

................................
................................
................................
.................

68

10.1.6.1

Standa
rds and Specifications

................................
................................
................................
.

68

10.2

S
ECURE
E
LECTRONIC
T
RANSACTION
(SET)

................................
................................
...........................

68

10.2.1

Introduction

................................
................................
................................
................................
.....

68

10.2.2

Characteristics/description

................................
................................
................................
...............

68

10.2.
3

Usage

................................
................................
................................
................................
...............

69

10.2.4

Further details

................................
................................
................................
................................
..

69

10.3

TC

224

R
EPORT ON CARD
-
RELATED SECURE COMME
RCIAL AND FINANCIAL
TRANSACTIONS ON OPEN

NETWORKS

................................
................................
................................
................................
.............

69

10.3.1

Introduction

................................
................................
................................
................................
.....

69

10.3.2

Characteristics/description

................................
................................
................................
...............

69

10.3.2.1

Basics

................................
................................
................................
................................
....

69

10.3.2.2

Transaction stages

................................
................................
................................
.................

70

10.3.2.3

Trading and Payment Framework

................................
................................
.........................

70

10.3.2.4

Ordering

................................
................................
................................
................................

71

10.3.2.5

Delivery

................................
................................
................................
................................
.

71

10.3.2.6

Payment

................................
................................
................................
................................
.

71

10.3.2.7

Payment scenarios

................................
................................
................................
.................

71

10.3.3

Further details

................................
................................
................................
................................
..

71

11

SECURITY MODELS

................................
................................
................................
........................

72

Page
6

CWA NNN: 200
1


11.1

PKIX

................................
................................
................................
................................
.....................

72

11.1.1

Introduction

................................
................................
................................
................................
.....

72

11.1.2

Definitions

................................
................................
................................
................................
.......

72

11.1.3

PKI Theory

................................
................................
................................
................................
......

72

11.1.4

PKI Architectural model

................................
................................
................................
..................

73

11.1.5

Privilege Management Infrastructure (PMI) Theory

................................
................................
.......

74

11.1.6

PMI Architectural model

................................
................................
................................
.................

74

11.1.7

Documen
tation

................................
................................
................................
................................
.

75

11.2

S
ECURITY MODEL IN
TC

224

R
EPORT ON
'C
ARD
-
RELATED SECURE COMME
RCIAL AND FINANCIAL
TRANSACTIONS ON OPEN

NETWORKS
'

................................
................................
................................
.....

75

11.2.1

Introduction

................................
................................
................................
................................
.....

75

11.2.2

Securi
ty policy

................................
................................
................................
................................
.

76

11.2.3

Security mechanisms

................................
................................
................................
.......................

76

11.2.4

Security services and related interaction model

................................
................................
...............

77

11.2.5

Security management

................................
................................
................................
.......................

77

11.2.
6

Security supporting components

................................
................................
................................
......

77

11.2.7

Security evaluation

................................
................................
................................
..........................

77

11.2.8

Further details

................................
................................
................................
................................
..

77

12

MOBILE COMMERCE MODE
LS

................................
................................
................................
..

77

12.1

M
E
T

................................
................................
................................
................................
.......................

77

12.1.1

Introduction

................................
................................
................................
................................
.....

77

12.1.2

Stakeholders

................................
................................
................................
................................
.....

78

12.1.3

Environments

................................
................................
................................
................................
...

78

12.1.4

Interfaces

................................
................................
................................
................................
.........

78

12.1.5

Core service
s and functions

................................
................................
................................
.............

78

12.1.6

Usage scenarios

................................
................................
................................
...............................

78

12.1.7

Further details

................................
................................
................................
................................
..

79

13

CONTRIBUTORS

................................
................................
................................
..............................

79

BIBLIOGRAPHY

................................
................................
................................
................................
................

79

ANNEX A (INFORMATIVE
): BUILDING ON PAST

EXPERIENCE

................................
........................

80

A.1

EDI

VS
XML

................................
................................
................................
................................
.........

80


FIGURES

F
IGURE
1


G
ENERAL E
C
OMMERCE
F
RAMEWORK

................................
................................
................................
...

17

F
IGURE
2


B
IZ
T
ALK
L
AYER
A
RCHITE
CTURE

................................
................................
................................
..........

28

F
IGURE
3


T
HE EB
XML

B
USINESS
O
PERATIONAL
V
IEW

................................
................................
........................

32

F
IGURE
4


T
HE EB
XML

F
UNCTIONAL
S
ERVICE
V
IEW

................................
................................
............................

33

F
IGURE
5


T
HE AUDIENCE FOR THE
EB
XML

T
ECHNICAL
S
PECIFICATIONS

................................
.............................

34

F
IGURE
6


E
XAMPLE OF AN APPLIED

EB
XML

SCENARIO

................................
................................
........................

35

F
IGURE
7


E
C
O
A
RCHITECTURE FOR
E
LECTRONIC
C
OMMERCE
I
NTEROPERABILITY
................................
...............

37

F
IGURE
8


T
HE
STEP

A
RCHITECTURE

................................
................................
................................
...................

42

F
IGURE
9


OMG

E
LECTRONIC
C
OMMERCE
D
OMAIN
S
PECIFICATIONS

................................
................................
...

45

F
IGURE
10


O
PEN
-
EDI ENVIRONMENT

................................
................................
................................
......................

47

F
IGURE
11


S
IMPLE FUNCTIONAL BLO
CK MODEL FOR
E
LECTRONIC
C
OMMERCE

................................
......................

53

F
IGURE
12


B
UYER
-

SUPPLIER TRADING ENV
IRONMENT
(
SOURCING
)

MODEL

................................
..........................

53

F
IGURE
13


E
XAMPLE INTERFACE MES
SAGE SEQUENCE CHART

................................
................................
...............

53

F
IGURE
14


E
XAMPLE PROCESS MODEL

................................
................................
................................
....................

54

F
IGURE
15


O
PEN
A
PPLICATION
G
ROUP
'
S INTEREST AREAS

................................
................................
.....................

56

F
IGURE
16


O
PEN
A
PPLICATION
G
ROUP
'
S INTEGRATION BACKBO
NE MODEL

................................
...........................

57

F
IGURE
17


O
PEN
A
PPLICATION
G
ROUP
'
S
B
USINESS
O
BJECT DOCUMENT MO
DEL

................................
....................

57

F
IGURE
18


G
ENERAL PRINCIPLES OF

THE
R
OSETTA
N
ET
I
MPLEMENTATION
F
RAMEWORK
(RNIF



)

....................

59

F
IGURE
19


O
PERATIONAL
V
IEW
(
PROCESS
F
LOW
)

U
SING

................................
................................
.......................

60

F
IGURE
20


F
UNCTIONAL
V
IEW
(C
HOREOGRAPHY
)

................................
................................
................................
.

61

F
IGURE
21


P
ARTS OF A
R
OSETTA
N
ET
B
USINESS
M
ESSAGE

................................
................................
....................

62

Page
7

CWA NNNN: 2000


F
IGURE
22


R
OSETTA
N
ET
N
ETWORK
A
PPLICATION
M
ODEL

................................
................................
....................

62

F
IGURE
23


TC

224

C
ARD RELATED SECURE C
OMMERCIAL AND FINANC
IAL TRANSACTIONS MOD
EL

......................

70

F
IGURE
24


PKIX

A
RCHITECTURAL
M
ODEL FOR
P
UBLIC
K
EY
I
NFRASTRUCTURE

................................
...................

73

F
IGURE
25


PKIX

A
RCHITECTURAL
M
ODEL FOR
P
RIVILEGE
M
ANAGEMENT
I
NFRASTRUCTURE

..............................

74

F
IGURE
26


TC

224

C
ARD RELATED SECURE C
OMMERCIAL AND FINANC
IAL TRANSACTIONS MOD
EL

......................

76

F
IGURE
27


EDI

VS
XML

POSITIONING

................................
................................
................................
....................

80

F
IGURE
28


U
SE OF TECHNOLOGIES I
N
EDI

VS
XML

................................
................................
...............................

80


Page
8

CWA NNN: 200
1


Foreword

Th
e October 99 meeting of the CEN/ISSS Workshop on Electronic Commerce approved a project to study
existing Frameworks, Architectures and Models that are applicable to electronic commerce. This CWA is the
first deliverable from the group that was formed as
a result. Several issues arose during the study of this
voluntary group. One concerned the scope of the work, what should be included and what not. In other words,
what is electronic commerce?


Like so many "buzz words" in use today, Electronic Commerce

tends to mean different things to different
people. However, one thing is clear: Electronic commerce is a mix of business vision and enabling technologies,
which can realise business opportunities. It covers the exchange of information between and among

businesses,
consumers/private individuals, and administrations.


Some example definitions:


Establishing agreements for the use of networks and computers to execute transactions).


The Automotive Industry Action Group in North America (much quoted):

"The
application of advanced information technology to increase the effectiveness of the business relationships
between Trading Partners."


The United Nations CEFACT organisations uses:

"e
-
commerce is doing business electronically. This includes the sharing of

unstructured or structured business
information by any electronic means ( such as electronic mail or messaging, World Wide Web technology,
electronic bulletin boards, smart cards, electronic funds transfer, and electronic data interchange) among
suppliers
, customers, governmental bodies and other partners in order to conduct and execute transactions in
business, administrative and consumer activities."


The EC Innovation Centre (University of Wales) uses:

"The enablement of a business vision supported by a
dvanced information technology to improve efficiency and
effectiveness within the trading process".


Yet another definition contributed by Louis Moussy, (Electronic Commerce Europe General Secretary,
LanceXport,
www.e
c
-
europe.org
):


“The application of advanced information and communication technologies (ICTs) to increase the effectiveness
of the business relationships between Trading Partners."


In practice the coverage of this document has been determined as much by

the material people were willing and
able to contribute as by a precise definition of electronic commerce followed by an exhaustive study of all
frameworks, architectures and models that conform. In spite of this limitation, we hope you will find the
doc
ument interesting and useful in understanding, categorising and implementing electronic commerce systems.
We intend to evolve this document to keep it up to date with current thinking and practice, so please submit any
comments or contributions to the add
ress on the cover.


Page
9

CWA NNNN: 2000


Part 1

Introduction

The group of people that have produced this CWA felt that the common reasons for pursuing this work on
summarising frameworks, architectures, and models applicable to Electronic Commerce, i.e. the value of the
resul
ts to each of our companies, and us were as follows:

1.

As an educational document. It should be possible to hand this document to a new comer to electronic
commerce and for them to gain a good understanding of all the many facets of electronic commerce. It

should also be useful as a ‘quick’ reference guide (or aide memoir) for even the more experienced
practitioner.

2.

It should act as a handy ‘quick’ reference guide for assessing the significance of vendor claims that a
particular product / service conforms t
o a particular framework / architecture / model.

3.

It should act as a handy ‘quick’ reference guide when specifying which framework / architecture / model a
particular product / service is required to conform to (i.e. as a help in drafting ITTs).

4.

As readily
accessible reference material to help in assessing the significance of a new proposed framework /
architecture / model. It should help to identify what is new / different, what overlaps, what conflicts, or
what is complementary.

5.

As a standards organisatio
n agreement, it should help CEN/ISSS, and particularly its Electronic Commerce
Workshop to identify which frameworks, architectures and models it should recommend for any particular
purpose. It should also enable interoperable interfaces to be highlighted

and steps taken to ensure that
specifications available to the general public exist at an appropriate level of detail for each such interface.


The real "value" of such an approach is to focus on something which is clear and acceptable for the whole
commu
nity of users (participants to the workshop) with the same understanding or maybe the same kind of
expectations.


A recent article [
1
] has also taken a look at some current frameworks aimed at business to business electronic
commerce.
This article defines the authors understanding of what a framework is and their roles, which include
the enabling of interoperability, the use of common security mechanisms, communications protocols, message
formats and ontologies. It considers Open Buyin
g on the Internet (sections
7.14

&
9.4
), the eCo Framework
(sections
7.4

&
8.4
), RosettaNet (sections
7.15

&
9.5
), CommerceXML (not included in this document yet) and
BizTalk (sections
7.1

&
8.1
). This article affirms the importance of a better and deeper understanding of
framew
orks and the need for a systematic analysis, which the present document seeks to achieve.

1

Scope (brief description of what the CWA contains)

This CEN Workshop Agreement (CWA) provides summaries of various frameworks, architectures and models
that are in cu
rrent use within the sphere of activity known as electronic commerce. The Foreword provides some
working definitions of 'electronic commerce' which were used to provide approximate bounds on what to include
and what to exclude. For each framework, archit
ecture, or model covered, Section
0

gives a brief overview
summary and the subsequent 3 sections include fuller summaries. In each case the reader is referred to the
source material for the full detail.


One aim of this docume
nt is to provide the reader with a single source of summary information on the various
approaches to various aspects of electronic commerce. Another was to try to identify the relationships, gaps and
possible conflicts in these various approaches. For th
is reason section
6

provides a general framework for the
comparison of other frameworks, models and architectures together with a view on how each other framework,
model or architecture fits in.


The ultimate hope is that it wi
ll be possible to recommend a set of architectures and models that are coherent and
cover the Electronic Commerce Workshop’s scope adequately. These should then be used by the Workshop to
identify the realisable interfaces that are meaningful for electron
ic commerce systems and services that are
amenable to standardise, and that it would be beneficial to standardise. The Workshop can then make
agreements on these interfaces. Some of these agreements may reference existing interface models, protocols,
and

information structure ‘standards’. Others may have to be generated by the Workshop or other appropriate
groups. We would expect the use of XML [
2
] to feature in at least some of this work. Thus the aim was to be
essentially practica
l, even though starting from an analytical approach.


Page
10

CWA NNN: 200
1


It may also be possible to facilitate the bringing together of some the entities that are producing these
frameworks with a view to increasing the commonality of the methodologies used and increasing sy
stem
interoperability. This hope is articulated in Recommendations
1

and
2

found in section
5
.


It was not an objective of this project to craft brand new architectures or models. The
existing frameworks,
models and architectures covered are:



General Frameworks



the BizTalk framework,



CEN/ISSS Electronic Commerce Workshop 'Building Blocks',



ebXML Technical Architecture



the CommercNet eCo framework,



IMPRIMATUR Business Model,



Industrial D
ata Framework (STEP)



Java EC Framework



OMG Electronic Commerce Domain Specifications



Open
-
edi Reference Model (ISO

14662)



SPIRIT



Trading Models



Ad Hoc Functional and Process Models



IOTP
-

Internet Open Trading Protocol (IETF),



Open Applications Group

XML F
ramework



OBI (The Open Buying on the Internet (OBI) Consortium),



RosettaNet,



Secure Electronic Market Place for Europe (SEMPER)



Payment Models



Electronic Payment Technologies



SET
-

Secure Electronic Transaction



Trading and Payment model in TC

224 Report on

'Card
-
related secure commercial and financial
transactions on open networks'.



Security Models



PKIX



Security model in TC

224 Report on 'Card
-
related secure commercial and financial transactions on
open networks'.



Mobile Models



MeT

Page
11

CWA NNNN: 2000


2

Normative references




Document References

[
1
]

'Business
-
to
-
Business E
-
Commerce Frameworks', Simon S Y Shim, Vishnu S
Pendyala, Meera Sundaram & Jerry Z Gao, IEE Computer, Vol No, October 2000

[
2
]

Extensible Markup Language (XML) 1.0:
http://www.w3.org/TR/1998/REC
-
xml
-
19980210
.

[
3
]

Biztalk initiative : http://www.biztalk.org/BizTalk/default.asp

[
4
]

Biztalk Framework version 2.0 :
http://www.microsoft.com/biztalk/techinfo
/BizTalkFramework20.doc

[
5
]

ebXML Technical Architecture Specification (refer to
www.ebxml.org

for latest
version)

[
6
]

Basic Semantic Register see
http://www.ubsr
.org

(Key document is ISO/TS16668
‘BSR rules and guidelines’)

[
7
]

Hypertext Transfer Protocol

HTTP/1.1:
http://www.ietf.org/rfc/rfc2616.txt

[
8
]

The MIME Multipart/Related Conte
nt
-
type:
http://www.ietf.org/rfc/rfc2387.txt

[
9
]

Simple Object Access Protocol (SOAP) Version 1.1:
http://www.w3.org/TR/SOAP
.

[
10
]

Final
Report on Building Blocks for Electronic Commerce,
http://www.cenorm.be/isss/Workshop/ec/Prb.zip

[
11
]

“eCo Architecture for Electronic Commerce Interoperability”, CommerceNet eCo
Fram
ework group, 1999 (
http://eco.commerce.net/
)

[
12
]

IMPRIMATUR Business Model, Version 2.0, November 1997,
http://domino.mcps.co.uk/imprim.nsf

(
info@imprimatur.co.uk
)

[
13
]

Synthesis of the IMPRIMATUR Business Model, October 1998,
http://domino.mcps.co.uk/imprim.nsf

(
info@imprimatur.co.uk
)

[
14
]

ISO

10303

Industrial automation systems and integration
--

Product data
representation and exchange (many parts
-

STEP is derived from
ST
andard for the
E
xchange of
P
roduct Model Data
)

[
15
]

Java W
allet User Interface Components: Design Methodology,
http://java.sun.com/products/commerce/docs/whitepapers/uidesign/uidesign.html

[
16
]

White Paper on
The Gateway Security Model in the Java Commerce Client,
http://java.sun.com/products/commerce/docs/whitepapers/security/gateway.pdf

[
17
]

Java Wallet Secu
rity API Usage,
http://java.sun.com/products/commerce/docs/security/security_api.html

[
18
]

Java Wallet User Interface Functionality,
http://java.sun.com/products/commerce/docs/user_interface/new_JWUI_Func_1.1.h
tml

[
19
]

The Commerce JavaBeans Specification,
http://java.sun.com/products/commerce/docs/specifications/commerce_javabeans/b
eans.pdf

[
20
]

White Paper on The Java Wallet Architecture,
http://java.sun.com/products/commerce/docs/whitepapers/arch/architecture.pdf

[
21
]

White Paper on Java Commerce Messages,
http://java.sun.com/products/commerce/docs/whitepapers/jcm_whitepaper/jcm.pdf

[
22
]

Java Commerce Business Perspective,
http://java.sun.com/products/commerce/
docs/business/business.html

[
23
]

Java Wallet documentation,
[
http://java.sun.com/products/commerce/docs/api/API_users_guide.html

[
24
]

Java Smart Car
d API,
http://java.sun.com/products/commerce/docs/smartcard_api/api_users_guide.html

Page
12

CWA NNN: 200
1



Document References

[
25
]

OMG Electronic Commerce Domain Specifications, version 1.1, 1
4 February 2000,
http://cgi.omg.org/pub/docs/dtc/00
-
02
-
06.pdf

[
26
]

OMG Business Object Domain Specifications, Version 2, 2 August 1999,
http://cgi.omg.org/pub/docs/dtc/99
-
08
-
03.pdf

[
27
]

Open
-
edi reference model, ISO 14662

[
28
]

SPIRIT Issue 1.0, September 1993

[
29
]

SPIRIT Issue 2.0, August 1994

[
30
]

SPIRIT Issue 3.0, October 1995

[
31
]

SPIRIT Issue 4.0, August 1996

[
32
]

An introduction to eCommerce, S G E Garrett and P J Skevington, BTTJ vol. 17
No. 3, July 1999, p11

[
33
]

Trading environments, I D E Videlo and A M Fletcher, BTTJ vol. 17 No. 3, Jul
y
1999, p24

[
34
]

Implementing electronic commerce in SMEs
-

three case studies, A J Davies and A
J Garcia
-
Sierra, BTTJ vol. 17 No. 3, July 1999, p97

[
35
]

Internet Open Trading Protocol
-

IOTP Version 1.0 (RFC 2801), April 2000
http://www.ietf.org/rfc/rfc2801.txt


[
36
]

Digital Signatures for the 1.0 Internet Open Trading Protocol (IOTP) (RFC 2802),
April 2000
http://www.iet
f.org/rfc/rfc2802.txt

[
37
]

Digest Values for DOM (DOMHASH) (RFC 2803), April 2000
http://www.ietf.org/rfc/rfc2803.txt

[
38
]

Internet Open Trading Protocol (IOTP) HTTP Supplement (RF
C 2935), September
2000
http://www.ietf.org/rfc/rfc2935.txt


[
39
]

HTTP MIME Type Handler Detection (RFC 2936), September 2000
http://www.ietf.
org/rfc/rfc2936.txt

[
40
]

Requirements for Digital
-
Right Trading, December 2000 (Expires: June 2001)
http://www.ietf.org/internet
-
drafts/draft
-
ietf
-
trade
-
drt
-
requirements
-
01.txt

[
41
]

SET Supplement for the v1.0 Internet Open Trading Protocol (IOTP), November
2000 (Expires: May 2001)
http://www.ietf.org/inte
rnet
-
drafts/draft
-
ietf
-
trade
-
iotp
-
v1.0
-
set
-
02.txt

[
42
]

Electronic Commerce Modelling Language (ECML) Version 2 Requirements,
November 2000 (Expires: May 2001)
http://www.ietf.org/internet
-
drafts/draft
-
ietf
-
trade
-
ecmlv2
-
req
-
00.txt

[
43
]

White Paper
-

Plug and Play Business Software Integration
-

The Compelling Value
of the Open Applications Group, 1999 (
h
ttp://www.openapplications.org
)

[
44
]

Open Applications Group Integration Specification (OAGIS), Release 7.0.2
Document Number 20001124, 2000 (
http://www.openapplications.org
)

[
45
]

OBI
specification, Version 1.0, May 1997, [
http://www.openbuy.org/obi/specs/obi
-
v1.rtf
]

[
46
]

OBI specification, Version 2.0, June 1999,
[
http://www.openbuy.org/obi/specs/obiv2.doc
].

[
47
]

RosettaNet Implementation Framework: Core Specification, Version: Release
2.00.00, 3 January 2001 (
http://www.rosettanet.org
)

[
48
]

SEMP
ER: Basic Services: Architecture and Design’
(
http://www.semper.org/deliver/d03/D03.ps
)

[
49
]

SEMPER: Architecture of Payment Gateway (1996
-

http://www.semper.org/deliver/d14/D14final.ps
)

[
50
]

SEMPER: New Payment Instruments Prototype (1997
-

http://www.semper.org/deliver/d15/D15.ps
)

[
51
]

SEMPER: Advan
ced Services, Architecture and Design (1999
-

http://www.semper.org/deliver/d10/d10.pdf
)

[
52
]

SEMPER: APIs (1999
-

http:
//www.semper.org/deliver/d10/javadoc/index.html
)

Page
13

CWA NNNN: 2000



Document References

[
53
]

Secure Electronic Transaction (SET) specifications. ‘The Business Description’
-

gives a general overview of the process; ‘The Programmer's Guide’
-

describes
fields and messages and outli
nes appropriate processing; and ‘The Formal Protocol
Definition’ provides the most rigorous description of SET messages and fields
(
http://www.setco.org/set_specifications.html
)

[
54
]

A
n overview of the role of SET, The Information Interchange Report, January 1997,
(
http://www.diffuse.org/oii/en/Set.html
)

[
55
]

Extensions to SET,
http://www.setco.org/extensions.html

[
56
]

SET Vendor Matrix, (
http://www.setco.org/cgi
-
bin/vsm.cgi
)

[
57
]

TC

224 Report on card
-
related secure commercial and financial trans
actions on
open networks (1999),
http://forum.afnor.fr/afnor/WORK/AFNOR/GPN2/Z15Y/PUBLIC/WEB/ENGLISH
/commerce.htm

[
58
]

Internet X.509 Public Key Inf
rastructure, November 2000 (expires May 2001),
http://www.ietf.org/internet
-
drafts/draft
-
ietf
-
pkix
-
roadmap
-
06.txt

[
59
]

Met Overview White Paper, Version 1, 2 Octo
ber 2000
(
www.mobiletransaction.org
)

[
60
]

Namespaces in XML:
http://www.w3.org/TR/1999/REC
-
xml
-
names
-
19990114

[
61
]

Uni
form Resource Identifiers (URI): Generic Syntax:
http://www.ietf.org/rfc/rfc2396.txt

[
62
]

S/MIME Version 3 Message Specification:
http://www.
ietf.org/rfc/rfc2633.txt

[
63
]

Library of Biztalk Schemas : http://www.biztalk.org/library/schema_search.asp

[
64
]

BizTalk Schema Guidelines (
http://www.biztalk.org/resources/schemasguide.asp)

[
65
]

ISO

13584 Industrial au
tomation systems and integration
--

Parts library (Draft
-

Multiple parts)

[
66
]

ISO

15531 Industrial automation systems and integration
--

Industrial
manufacturing management data (Draft
-

Multiple parts)

[
67
]

ISO

18629

Industrial a
utomation systems and integration


Process Specification
Language (Draft
-

Multiple parts)

[
68
]

ISO

18876 Integration of industrial data for exchange, access, and sharing

(Draft
-

Multiple parts)

[
69
]

BizTalk and the Open Applicati
ons Group
-

Implementing OAGIS within the
Microsoft BizTalk Framework, 14 June 2000, Christopher Kurt
(ckurt@microsoft.com) (
http://www.openapplications.org
)





3

Abbreviations



Abbreviation

Definition



A
A

Attribute Authority

AC

Attribute Certificate

API

Application programmatic interface.

BOV

Business Operational View

BSR

Basic Semantics Register

BSU

Basic Semantic Units

CA

Certification Authority

Page
14

CWA NNN: 200
1


Abbreviation

Definition

CEN

Committee European de Normalisation (European
Committee for
Standardisation)

CORBA

Common Object Request Broker Architecture

CRL

Certificate Revocation List

DMA

Decision Making Application

DNS

Domain Name Service (Internet facility that provides translation
between domain names (and full URLs) and

IP addresses (and port
numbers))

DTD

Document Type Definition (used in XML)

EC

Electronic Commerce

EDI

Electronic Data Interchange

EDIFACT

Electronic data interchange for Administration, Commerce, and
Transport.

FSV

Functional Service View

FTP

File
Transfer Protocol (an Internet protocol for managing and
transferring files)

GPRS

General Packet Radio Service

HTML

Hypertext Markup Language

HTTP

Hypertext Transfer Protocol

HTTPS

Hypertext Transfer Protocol run over the Secure Sockets Layer (SSL)
pro
tocol

ICC

Integrated Circuit Card

IEC

International Electrotechnical Commission

IETF

Internet Engineering Task Force

IOTP

Internet Open Trading Protocol

IP

Internet Protocol

IP

Internet Protocol (currently the main Network layer protocol of the
Inter
net)

IPR

Intellectual Property Rights

IPSec

IP Security

ISO

International Organisation for Standardisation

ISP

Internet Service Provider

ISSS

Information Society Standardisation System

JTC

Joint Technical Committee

LANs

Local Area Networks

OBI

Open

Buying on the Internet

OeSE

Open
-
edi Support Entities

OMA

Object Management Architecture

ORA

Organisational Registration Authorities

OSI

Open System Interconnection

OSS

Operational Support System

PIP

Partner Interface Process

PKC

Public Key Certifi
cate

PKI

Public Key Infrastructure

PKIX

The PKI working group of the IETF

PMI

Privilege Management Infrastructure

PTD

Personal Trusted Device (e.g. a security enhanced mobile phone)

RA

Registration Authority

RFC

Request for Comment (effectively an I
nternet recommendation)

RFP

Request for Proposal

SET

Secure Electronic Transaction

Page
15

CWA NNNN: 2000


Abbreviation

Definition

SLA

Service Level Agreement

SMTP

Simple Mail Transfer Protocol (an Internet protocol for sending e
-
mail)

SSL

Secure Sockets Layer

STEP

ISO

10303

Industrial automation
systems and integration
--

Product
data representation and exchange (many parts
-

STEP is derived from
ST
andard for the
E
xchange of
P
roduct Model Data
)

TCP

Transport Control Protocol

UML

Unified Modelling Language

UN

United Nations

URL

Uniform Resource

Locator

UTC

Universal Co
-
ordinated Time

WAP

Wireless Application Protocol

WIM

Wireless Identity Module

WPKI

Wireless Public Key Infrastructure

WTLS

Wireless Transport layer security

X.509

An ITU
-
T Recommendation that includes data structure specific
ations
for certificates

XML

Extensible Markup Language



4

How people can use the project material, why it is important

Part

1 of this document provides the general introductory material. Section
7

'
Summaries of the Summaries
'
provides a brief summary of each of the Frameworks, Architectures, and Models covered in this document. It is
recommended that the reader consult this section first for any Frameworks, Architectures, or Models that they
might be

interested in. These 'mini' summaries are very brief and quickly assimilated. They are intended as a
first stage filter. They should tell you basically what that particular Framework, Architecture, or Model is about
-

its purpose and how it achieves th
at purpose. Part 2, which starts at section

8

and continues through to
section

11
, provides a more detailed summary of each Framework, Architecture, and Model. These should
provide sufficient info
rmation for the reader to gain a good idea of the scope and objectives and how these are
achieved. If a particular one proves to be of interest, then the next stage is to refer to the referenced
documentation for that Framework, Architecture, or Model, wh
ich will provide the detailed specifications.


Returning to Part

1, section

6

provides a framework that we have used for illustrating the scope of each
Framework, Architecture, and Model and hence comparing them at a superficia
l level.


It is hoped that this document will help people to choose a Framework, Architecture, or Model to apply to real
implementations of electronic commerce systems.

5

Issues and recommendations list

5.1

Coverage

A significant issue identified particularly in

section
6

is that there are some areas of electronic commerce for
which we have not been able to identify a documented Framework, Architecture, or Model at all. If you are able
to identify other Frameworks, Architectures, or
Models not presently covered in this document please to contact
the CEN/ISSS Secretariat with this information and a summary and hopefully we will be able to add it in to
improve the comprehensiveness of this document (CEN/ISSS Secretariat, Rue de Stassart

36, B
-
1050 Brussels,
Belgium, Tel: + 32 2 550 0813 Fax: + 32 2 5500966, Email:
isss@cenorm.be
). Any such contributions will be
greatly welcomed.


5.2

Implementation

It seems to be the case that there are few products th
at actually implement any of these Frameworks,
Architectures, and Models. On the other hand there are many electronic commerce systems in operation today
Page
16

CWA NNN: 200
1


that are not covered by one of these formally documented Frameworks, Architectures, or Models. Thus
it seems
that there are de facto, undocumented models emerging.


Microsoft and its partners are implementing the BizTalk Framework [
3

&
4
]. The technical architecture for
ebXML project [
5
] may
also break this trend (refer to sections
7.3

and
8.3
). There are high hopes that ebXML