Page 2

Management Program Group

This Group offers a meeting forum for vendors and customers of management systems aimed at delivering and promoting effective standards in enterprise systems management.

Software Licensing Management (XSLM)

XSLM enables software applications to obtain and return software licenses thereby allowing management systems to control software installation and usage.

Application Response Measurement (ARM)

ARM provides standard APIs for generating application timing information.  This timing data can be collected and correlated across a distributed environment to measure system speed and effectiveness.

Universal Management Installation Agent (UMIA)

UMIA provides an open software mechanism for bootstrapping management functionality.

At the July conference, members focused on the security aspects of the UMIA Specification.  The prime objective is to create a “ZERO-touch management out of the box” solution, but this solution must give the customer an acceptable level of security, and protection of their systems.  The general conclusion from the Security experts present was that a “ONE-touch” approach is likely to be achievable and acceptable to O/S suppliers and the user community.

Application Management Interface (AMI)

The AMI Specification defines a set of programmatic interfaces that can be used by application writers which provide real-time monitoring of business information.  AMI is a Specification issued by Computer Associates and J.P. Morgan.

At the July Conference, there was strong support in the Program Group for using host services and data modeling schema from the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM), which is the DMTF distributed management environment and a core standard in The Open Group  Standards Information Base.  A presentation on Java Management Extensions (JMX) suggested the possibility of extending AMI for use in a Java environment.

The AMI sponsors reacted positively to evolving the AMI Specification to employ WBEM and Java extensions.  To preserve their objective of fast and easy implementation, a compromise solution was developed providing hooks in the first version of the AMI standard.  Actual interfaces to WBEM and CIM, and the addition of Java bindings, would be incorporated in the next version.  The AMI API Fast Track Formal Review commenced on 16 August.

Common Information Model (CIM)

An initiative of the Desktop Management Task Force (DMTF), the Management Program has adopted CIM as one of its core technologies.  The Open Group will use CIM as its information model to facilitate the interchange of management information.

Security and Privacy Program Group

“Information technology managers struggling to consistently apply access permission and other security policies across complex enterprises could find real relief in an upcoming move by [The Open Group].”

Computerworld March, 1999

The Security Group works to produce Specifications in PKI, CDSA, Single Sign-On, Authorization, and Authentication.

Common Data Security Architecture (CDSA)

The Open Group is pleased to announce the first issue of the CDSA Newsletter, published mid-June ‘99.  You can find the first edition at www.opengroup.org/cdsa_newsletter/issue1/

The Programmers Guide to using CDSA is under development and we will work with the main CDSA developers to incorporate their material.

CDSA testing and branding is being planned.  This is likely to include: (a) a brand based on the “core” modules of CDSA, and (b) a test for application source codes that use the CDSA API.

The Open Group looks to announce the brand program for CDSA in the first quarter of 2000.

API to Authorization (AZN)

The DASCOM Fast Track of a Specification for AZN is nearing completion and a final version will be published in the last quarter.  As with CDSA, testing and branding will be considered but no formal action has been agreed so far.

Public Key Infrastructure (PKI)

Presentations during the July Conference by Verisign, Entrust, and XCERT; companies that both sell PKI certificate software and operate as Certificate Authorities (CAs), prompted the concept of attribute certificates (i.e., data that links an individual’s name to a set of permission rights).  A further examination of attribute certificates was given in talks by Intel Corporation, and a paper on automated trust negotiation was presented by Transarc.

The linking of individuals to attributes (and to PKI keys) is now moving towards the use of biometrics.  Intel is driving the standards in this area and is collaborating with the BioAPI group.

A draft Specification for adding a human recognition module to CDSA has now been published.

FinXML

FIX protocols have been proposed for financial information exchange and the security of systems management.  It seems likely that a similar XML-based approach could be used for accessing information in “nostro” accounts.

The Open Group invites Member organizations to take part in PKI interoperability trials scheduled for the October Conference in Washington DC 1999.  The results will be fed into the specification process.