Embed Size (px)
Citation preview
Copyright © 2002 by LexisNexis Inc.
Web Services, Security & the Publishing Industry
Forum on Security Standards for Web Services
XML Web Services One Conference
Monday, August 26th, 2002
Chet Ensign
Sr. Director, Architecture & Development Services
LexisNexis Inc.
Copyright © 2002 by LexisNexis Inc.
Publishing Industry is Split
A few big players (Reed-Elsevier, Thompson) vs. many smaller Reference publishers vs. retail publishersBig players:
Large IT staffs; current technologiesExperience with e-business; mature systems
Smaller playersModest IT staffs Modest web infrastructure or experienceReliance on OTS software & contractors
Copyright © 2002 by LexisNexis Inc.
Goals/Objectives Differ
Large/reference players Shift from ‘e-publishers’ to ‘service providers’
Move towards global products & services
Focus on integrating services w/ customers
Smaller players Searching online business model
Grappling with basics (e-bookstores, e-content)
Building basic infrastructure (e.g. billing)
Copyright © 2002 by LexisNexis Inc.
What Capabilities are Needed?
Fundamentals of exchangeSecure transmission
Authentication
Messaging
Encryption
Signature (to ensure work was not changed during transmission)
Copyright protection
Copyright © 2002 by LexisNexis Inc.
What Capabilities are Needed?
Object & ownership identification Means to identify works (e.g. books, pictures) or other intellectual property
Means to identify ownership of entire works or components of works (e.g. recipes, pictures, charts)
Copyright © 2002 by LexisNexis Inc.
What Capabilities are Needed?
Usage rights expressionMeans to express reproduction/reuse rights
For individual works, groups of works or rights owner
In different media (e.g. rights for print vs. electronic)
In different contexts (e.g. “You are licensing for one-time use” or “You can reprint, but Lexis can not”)
Copyright © 2002 by LexisNexis Inc.
What Capabilities are Needed?
Access rights identificationMeans to express & associate access rights/restrictions/conditions with works or components…E.g. “NY Times staff can see all article plus this other stuff; public sees article only”E.g. “You can not search & display my content & my competitor’s at the same time”E.g. “Well, since you’re from the FBI…”
Copyright © 2002 by LexisNexis Inc.
What Capabilities are Needed?
Information maintenanceMeans to maintain this information and its interrelationshipsE.g. “The owner of this content is now Reed Business Information” E.g. “Per the Supreme Court Tasini decision, electronic rights for certain articles revert to the author” E.g. “Hey – Mickey Mouse just went public domain!”
Copyright © 2002 by LexisNexis Inc.
And Last but not Least…
We need standards implemented in interoperable products & services that can be used by smaller publishers & our customers cost-effectively
Copyright © 2002 by LexisNexis Inc.
Where Do Things Stand Today?
Implementation at preliminary stateCustomer level of sophistication still low Needs relatively simple; things like digital signature or federated authentication still a ways off
Standards have broad areas identified, but still pretty generic Still not clear how all the pieces will fit together
How will SOAP, WSDL, etc. incorporate security standards
