Public:Architecture Projects
From wiki.opentravel.org
|
Architecture » Home • OpenTravel On-Demand Meetings |
Contents |
[edit] Architecture Workgroup Projects
[edit] Session Management
The Session Management study focuses on a “lightweight” session management solution based on WS-Addressing EPRs which is recommended for managing sessions established for point-to-point interactions between a client and a service provider. WS-Addressing is a standard that provides transport-neutral mechanisms to address Web services and messages. It provides a robust mechanism for session management – by using EPR. An EPR conveys the information associated with an endpoint and is extensible with additional information. This additional information can contain service-specific data and EPRs can be used to propagate information between a service and its clients. This ability to associate state data with an EPR provides a useful way for identifying Web services instances. An EPR representing a Web service instance will contain the Web service address (URI) and some unique identifier - the ability that will be exploited for identifying session context. This study includes identifying use cases to address using this “lightweight” session management solution and illustrating processing flows to give OpenTravel implementers a clear understanding of the details necessary to implement the solution.
[edit] OpenTravel Reliable Messaging Guidelines
The Reliable Messaging Guidelines study focuses on the increasing number of partners in the travel and hospitality industries that are using web services to exchange OpenTravel messages and the need for an open and interoperable solution that will guarantee end to end delivery of these critical business messages. Two related projects include specifying guidelines for both WS-RM and TypeX.
[edit] WS-RM
- The WS-RM Reliable Messaging Guidelines project provides an overview of the solution based on WS-Reliable Messaging specification (OASIS Standard 2007), and explains how the solution addresses the reliable messaging concerns for OpenTravel message exchanges between travel systems. The goal is to provide implementers a clear understanding of the reliable message framework and knowledge to enable a reliable messaging solution from selected provider for their travel systems.
[edit] TypeX
- The Type X Reliable Messaging Guidelines project will show how Reliable Messaging capabilities can be used over SOAP. TypeX is a protocol enhancement designed in conjunction with IATA to enable a variety of Reliable Messaging features over a variety of different underlying protocols. These capabilities are potentially useful for systems exchanging OpenTravel messages.
[edit] The OpenTravel 2.0 Initiative
A presentation on the OpenTravel 2.0 was given to IO and the Board at their February meetings in 2008.
The Members:OpenTravel Subversion repository exists for iterative, collaborative development of the artifacts of OpenTravel 2.0.
[edit] Namespace Usage In OpenTravel Schemas
View the Full Proposal
Project Team Page
Namespaces serve a basic function in XML; they allow users to unambiguously determine the meaning of an XML element (or attribute) when more than one with the same name may exist. This is very important when schemas from multiple sources are brought together which would otherwise require that one or other schema change to resolve the conflict. E.g. the SOAP layer has an Address element which would conflict with the equivalent Address element in the OpenTravel specifications.
The outcome of this philosophy is 2 practices.
1) Segregation of Data: between different specifications that use common terminology but with different definitions.
2) Separation of Versions: between different releases of the same specification that may have to co-exist.
The use of namespaces within the OpenTravel Schemas presents significant challenges since neither approach has been adopted.
The study will be limited to identifying the various common practices in the industry, what trends may be emerging or have emerged since the introduction of namespaces in the OpenTravel messages. The opportunity will be taken to review the history of the namespace policy in the OpenTravel Alliance and working through the implications of all the alternative options on the consumers, providers and integrators within the travel industry.
[edit] Data Dictionary
View the Full Proposal
Project Team Page
There are limitless ways implementers could (and have) extended and reused OpenTravel schemas. An OpenTravel Data Dictionary would facilitate greater and easier adoption:
1) By harmonizing the specifications by resolving conflicting definitions.
2) By sanitizing evolutionary dead ends in the design of messages that are either no longer useful or were never developed fully.
3) Creating reusable components that can be consumed by a RESTful framework.
4) Creating reusable components that can be deployed in other OpenTravel messages.
5) Blending specifications across multiple platforms in new (internal) messages.
6) Develop a ‘more’ tool friendly specification.
A Data Dictionary should also make it easier for the work groups:
1) To produce new messages as it should be easier to identify and reuse existing components in new ways.
2) To support the existing messages because they will be much simpler and changes will be applied consistently.
The existing message based content represents a tremendous amount of work that would be foolish for implementers to ignore, the Data Dictionary represents a logical spin off of that work
To create a data dictionary it will be necessary to deconstruct the message set into its component parts, harmonize the definitions of competing components and rebuild the subsequent messages.
[edit] PCI-PII And Remediation Study
View the Full Proposal
Project Team Page
The Payment Card Industry (PCI) is on a mission to force owners of systems that process or store payment card information to tighten their security to prevent the theft and/or misuse of customer payment card information, especially after a major breach such as the TJX incident. The PCI has established a set of very specific and stringent requirements for the data security standards (DSS) which are being used by the major card brands as the basis for the assessment and certification of PCI compliance.
Likewise, governments are beginning to recognize the importance of protecting personal information and are considering legislation that requires the protection of PII.
Lastly, personal information that is not strictly PII, but that does have monetary value and can be exploited, such as loyalty membership information, will also be included within the scope of this study.
Messages based on Open Travel schemas can contain both types of information. The purpose of this study will be to determine the extent of usage of PCI data and PII, and make recommendations regarding protection, remediation, and best practices. Although out of scope of this study, end point storage of sensitive data either by design, as in database storage, or inadvertently, as in server message logs, is an important issue. This study will make note any best practices regarding such storage
[edit] Future Projects
Listing of discussed Architecture project ideas.
[edit] Past Projects
Listing of previous Architecture projects with links to each project's page.
