iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty!
ISO

ISO/IEC DIS 30754

(Main)

Information technology -- Software trustworthiness -- Governance and management -- Specification

Information technology -- Software trustworthiness -- Governance and management -- Specification

Technologies de l'information -- Fiabilité des logiciels -- Gouvernance et gestion -- Spécification

General Information

Status
Published
ICS
35.080 - Software
Technical Committee
ISO/IEC JTC 1 - Information technology
Drafting Committee
ISO/IEC JTC 1 - Information technology
Current Stage
4098 - Project deleted
Start Date
09-Jan-2017
Ref Project

Buy Standard

ISO/IEC DIS 30754ISO/IEC DIS 30754
PreviousNext
Draft
ISO/IEC DIS 30754 - Information technology -- Software trustworthiness -- Governance and management -- Specification
English language
37 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

DRAFT INTERNATIONAL STANDARD ISO/IEC 30754
Attributed to ISO/IEC JTC 1 by the Central Secretariat
Voting begins on Voting terminates on
2016-04-06 2016-07-06

INTERNATIONAL ORGANIZATION FOR STANDARDIZATION • МЕЖДУНАРОДНАЯ ОРГАНИЗАЦИЯ ПО СТАНДАРТИЗАЦИИ • ORGANISATION INTERNATIONALE DE NORMALISATION

INTERNATIONAL ELECTROTECHNICAL COMMISSION • МЕЖДУНАРОДНАЯ ЭЛЕКТРОТЕХНИЧЕСКАЯ КОММИСИЯ • COMMISSION ÉLECTROTECHNIQUE INTERNATIONALE

FAST-TRACK PROCEDURE
Information technology — Software trustworthiness —
Governance and management — Specification
Titre manque
ICS 35.080

This draft International Standard is subm itted for JTC 1 national body vote under the “fast-track”

procedure.

In accordance with Resolution 30 of the JTC 1 Berlin Plenary 1993, the proposer of this docum ent

recommends assignment of JTC1 to JTC 1.

The procedures used to develop this document are described in the ISO/IEC Directives, Part 1 -

Consolidated JTC 1 Supplement.

THIS DOCUMENT IS A DRAFT CIRCULATED FOR COMMENT AND APPROVAL. IT IS THEREFORE SUBJECT TO CHANGE AND MAY NOT BE

REFERRED TO AS AN INTERNATIONAL STANDARD UNTIL PUBLISHED AS SUCH.

IN ADDITION TO THEIR EVALUATION AS BEING ACCEPTABLE FOR INDUSTRIAL, TECHNOLOGICAL, COMMERCIAL AND USER PURPOSES,

DRAFT INTERNATIONAL STANDARDS MAY ON OCCASION HAVE TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL TO BECOME

STANDARDS TO WHICH REFERENCE MAY BE MADE IN NATIONAL REGULATIONS.

RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT, WITH THEIR COMMENTS, NOTIFICATION OF ANY RELEVANT PATENT RIGHTS OF WHICH

THEY ARE AWARE AND TO PROVIDE SUPPORTING DOCUMENTATION.
International Organization for Standardization, 2016
International Electrotechnical Commission, 2016
---------------------- Page: 1 ----------------------
ISO/IEC DIS 30754:2016(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2016

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any

means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission.

Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester.

ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 — All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC DIS 30754:2016(E)
NOTE FROM ITTF

This draft International Standard is submitted for JTC 1 national body vote under the “fast-track” Procedure.

In accordance with Resolution 30 of the JTC 1 Berlin Plenary 1993, the proposer of this document recommends

assignment of ISO/IEC 30754 to JTC 1.
“FAST-TRACK” PROCEDURE

1 Any P-member and any Category A liaison organization of ISO/IEC JTC 1 may propose that an existing

standard from any source be submitted directly for vote as an enquiry draft (DIS). The criteria for proposing an

existing standard for the fast-track procedure are a matter for each proposer to decide.

2 The proposal shall be received by the ITTF, which will take the following actions.

2.1 Settle the copyright and/or trademark situation with the organization having originated the proposed

document, so that it can be freely copied and distributed to national bodies without restriction.

2.2 Assess in consultation with the JTC 1 secretariat which subcommittee (SC) is competent for the subject

covered by the proposed document and ascertain that there is no evident contradiction with other International

Standards.
2.3 Distribute the proposed document as an enquiry draft (DIS).

3 The period for combined enquiry voting (DIS) and the conditions for approval shall be as specified in Annex

F.2.3 of the JTC 1 Supplement

4 At the end of the voting period, the comments received, whether editorial only or technical, will be dealt

with by a working group (WG) appointed by the secretariat of the relevant SC.

5 If, after the deliberations of this WG, the conditions of approval are met, the draft standard shall progress to

the approval stage (FDIS). If not, the proposal has failed and any further action shall be decided upon by the

subcommittee to which the document was attributed.

In either case the WG shall prepare a full report which will be circulated by the ITTF.

6 If the proposed standard is accepted and published, its maintenance will be handled by JTC 1.

© ISO/IEC 2016 — All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC DIS 30754:2016(E)
Contents

Contents........................................................................................................................................................................................... iii

Foreword...........................................................................................................................................................................................v

0 Introduction to Software Trustworthiness ...................................................................................................... vii

0.1 Aims..................................................................................................................................................................................... vii

0.2 Objectives .......................................................................................................................................................................... vii

0.3 Claims of Conformance.................................................................................................................................................. vii

0.3.1 General ....................................................................................................................................................................... vii

0.3.2 Form of Claims ......................................................................................................................................................... vii

0.3.3 Basis of Claim ........................................................................................................................................................... vii

0.4 Context...............................................................................................................................................................................viii

0.4.1 Approach .................................................................................................................................................................. viii

0.4.2 Organizational Controls..........................................................................................................................................ix

0.4.3 Challenges .................................................................................................................................................................... x

0.4.4 Tailoring ......................................................................................................................................................................xi

0.4.5 Categorization ......................................................................................................................................................... xii

0.4.6 Continuous Improvement .................................................................................................................................... xiii

1 Scope .................................................................................................................................................................................... 1

2 Normative References .................................................................................................................................................. 1

3 Terms and Definitions.................................................................................................................................................. 1

3.1 adversity .............................................................................................................................................................................. 1

3.2 cyber security ..................................................................................................................................................................... 2

3.3 defect..................................................................................................................................................................................... 2

3.4 deferral ................................................................................................................................................................................. 2

3.5 deviation .............................................................................................................................................................................. 2

3.6 organization ........................................................................................................................................................................ 2

3.7 risk management............................................................................................................................................................... 2

3.8 susceptibility ...................................................................................................................................................................... 2

3.9 system................................................................................................................................................................................... 2

3.10 tailoring .......................................................................................................................................................................... 3

3.11 through-life management......................................................................................................................................... 3

3.12 trustworthy software constraint and dependency model (TSCDM) .......................................................... 3

3.13 trustworthy software defect and deviation list (TSDDL)............................................................................... 3

3.14 trustworthy software framework (TSF).............................................................................................................. 3

3.15 trustworthy software management system (TSMS)........................................................................................ 3

3.16 trustworthy software release authority (TSRA) ............................................................................................... 3

3.17 trustworthy software release note (TSRN) ........................................................................................................ 3

3.18 top management.......................................................................................................................................................... 3

3.19 trustworthy ................................................................................................................................................................... 3

3.20 vulnerability ................................................................................................................................................................. 4

3.21 weakness........................................................................................................................................................................ 4

4 Abbreviated Terms ........................................................................................................................................................ 4

© ISO/IEC 2016 – All rights reserved iii
---------------------- Page: 4 ----------------------
ISO/IEC DIS 30754:2016(E)

5 Approach.............................................................................................................................................................................4

5.1 Applicability ........................................................................................................................................................................4

5.2 Categorization.....................................................................................................................................................................5

5.3 Facets of Trustworthiness ..............................................................................................................................................5

5.4 Trustworthiness Level Assessment .............................................................................................................................6

5.5 Deployment .........................................................................................................................................................................7

5.6 Fundamental Control Measures ....................................................................................................................................8

5.7 Realization Control Measures ........................................................................................................................................8

6 Concepts ..............................................................................................................................................................................8

6.1 Governance ..........................................................................................................................................................................8

6.2 Risk .........................................................................................................................................................................................9

6.3 Controls.................................................................................................................................................................................9

6.4 Compliance ..........................................................................................................................................................................9

7 Principles ............................................................................................................................................................................9

7.1 Applicability ........................................................................................................................................................................9

7.2 Governance (GV) ............................................................................................................................................................. 10

7.3 Risk (RI) ............................................................................................................................................................................. 10

7.4 Control (CO)...................................................................................................................................................................... 11

7.5 Compliance (CM)............................................................................................................................................................. 15

Annex A (informative) ISO/IEC 30754 in the System Lifecycle ..............................................................................1

Annex B (informative) Delivery of ISO/IEC 30754 requirements: techniques ...............................................2

Annex C (informative) Bibliography ................................................................................................................................ 13

iv © ISO/IEC 2016 – All rights reserved
---------------------- Page: 5 ----------------------
ISO/IEC DIS 30754:2016(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical activity.

ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,

governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of

information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.

International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.

The main task of the joint technical committee is to prepare International Standards. Draft International

Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication

as an International Standard requires approval by at least 75 % of the national bodies casting a vote.

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.

ISO/IEC DIS 30754 was prepared by British Standards Institution (BSI) for Joint Technical Committee

ISO/IEC JTC 1, Information technology.
Relationships with other publications

This Standard is intended to be used as a stand alone specification, or it can be used as a companion and

complement to other relevant standards, by any organization that is looking for trustworthiness and

confidence in its software.

This Standard contains requirements that define the principles required to achieve software

trustworthiness but does not specify how to implement those principles. Annex A includes an example of

the principles that can deliver the requirements of this Standard mapped again the lifecycle.

Use of this document

It has been assumed in the preparation of this Standard that the execution of its provisions will be

entrusted to appropriately qualified and experienced people, for whose use it has been produced.

Presentational conventions

The provisions of this standard are presented in roman (i.e. upright) type. Its requirements are expressed

in sentences in which the principal auxiliary verb is “shall”.
© ISO/IEC 2016 – All rights reserved v
---------------------- Page: 6 ----------------------
ISO/IEC DIS 30754:2016(E)

Commentary, explanation and general informative material is presented in smaller italic type and does not

constitute a normative element.

The word “should” is used to express recommendations, the word “may” is used to express permissibility

and the word “can” is used to express possibility, e.g. a consequence of an action or event.

Spelling conforms to The Shorter Oxford English Dictionary.
Contractual and legal considerations

This publication does not purport to include all the necessary provisions of a contract. Users are

responsible for its correct application.
Compliance with this Standard cannot confer immunity from legal obligations.
vi © ISO/IEC 2016 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC DIS 30754:2016(E)
0 Introduction to Software Trustworthiness
0.1 Aims

The aim of ISO/IEC 30754 is to provide a specification for software trustworthiness.

0.2 Objectives

This specification is intended to be widely applicable to software in its many guises from embedded

equipment through consumer devices to industrial control systems. It aims to provide a consensus

specification for software trustworthiness, either as a stand-alone document, or as a companion and

complement to other relevant standards, by collating good practice from the five main facets of

trustworthiness that currently typically operate in isolation (safety, reliability, availability, resilience and

security).

By helping to improve software trustworthiness within organizations, this specification could result in

significant savings for the economy and reduce the risk major disruptions to a range sectors.

[1]
NOTE See Risk and Responsibility in a Hyperconnected World, WEF
The requirements of ISO/IEC xx754 can enable an organization to, for example:
• improve controls;
• improve operational effectiveness and efficiency;
• improve organizational learning.
These in turn can result in:
• improved stakeholder confidence and trust;
• increased likelihood of achieving objectives;
• reduced risk;
• enhanced business reputation.
0.3 Claims of Conformance
0.3.1 General
An organization may claim conformance with ISO/IEC 30754.
0.3.2 Form of Claims
All claims are required to include a reference to ISO/IEC 30754.
0.3.3 Basis of Claim
A claim of conformance can be made on the basis of:

a) a first-party conformity assessment performed by the organization (self assessment);

© ISO/IEC 2016 – All rights reserved vii
---------------------- Page: 8 ----------------------
ISO/IEC DIS 30754:2016(E)

b) a second-party conformity assessment performed by, for example, a trade association; or

c) a third-party conformity assessment performed by an organization, such as a certification body, that is

independent of both the organization and any linked trade association.
0.4 Context
0.4.1 Approach

ISO/IEC 30754 is intended for any organization that seeks to establish or improve confidence in its

software trustworthiness. It is applicable to all organizations regardless of their size, type and the nature of

their business.

For this specification, software trustworthiness is identified as consisting of five Facets, as described in

Figure 1.
Figure 1 – Facets of trustworthiness
Trustworthiness
Resilience Security
Safety
Reliability Availability
The ability of the The ability of the
The ability of the
software to
software to
The ability of the The ability of the
software to
transform, remain protected
software to
software to
operate without
renew, and against
deliver services deliver services
harmful states accidental or
recover in timely
as required
when requested
response to deliberate
attacks
events

It is important that organizations review every software implementation to see which aspects apply and

derive a set of principles and techniques to suit the context and intended use.

For each of these Facets of Trustworthiness there will be objectives, of varying complexity.

A common set of implied objectives apply to most software implementations, not least because of legal and

regulatory requirements.
‘Safety’ aims to provide assurance that:
• the stated requirements are accurate and appropriate;
• safety issues are considered via safety requirements;

• the architecture and design are consistent with and reflect the stated requirements;

• technical defects are absent;
• application defects are absent;
viii © ISO/IEC 2016 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC DIS 30754:2016(E)

• the stated requirements are identifiable in the low-level code and that all low-level code

implements at least one stated requirement;
• the test data sets reflect the stated requirements;
• the test data sets cover the low-level code to a specified degree.
‘Reliability’ aims to provide assurance that:
• all the patterns of use are reflected in the stated requirements;
• there are no technical defects;
• the test data sets reflect patterns of use;
• there are no application defects.
‘Availability’ aims to provide assurance that:
• the stated requirements are accurate and appropriate;

• the architecture and design are consistent with and reflect the stated requirements;

• technical defects are absent;
• application defects are absent;
• the test data sets reflect the stated requirements.
‘Resilience’ aims to provide assurance that:
• the stated requirements are accurate and appropriate;

• the architecture and design are consistent with and reflect the stated requirements;

• technical defects are absent;
• application defects are absent;
• the test data sets reflect the stated requirements.
‘Security’ aims to provide assurance that:
• the security requirements consider all security issues;
• the architecture and design satisfy the security requirements;
• there are no security defects in the code;
• the test data reflects the security requirements.
0.4.2 Organizational Controls

In order to deliver trustworthy software, an organization requires a set of underpinning controls that apply

to all activities.
The software management system aims to provide assurance that:
• all personnel are appropriately qualified;
© ISO/IEC 2016 – All rights reserved ix
---------------------- Page: 10 ----------------------
ISO/IEC DIS 30754:2016(E)
• adequate resources are allocated;
• all necessary communication takes place;
• activity proceeds in a series of measured steps;
• specific steps are performed independently;
• activity proceeds in a timely manner;
• all verification processes are completed within the specified criteria.
The software technical infrastructure aims to provide assurance that:

• all information, designs, algorithms and other such artefacts are retained for future use and

analysis;
• the design and coding artefacts are adequately documented;

• all past and present versions of the software are available at any time and that future versions will

similarly be available;

• all appropriate test data sets can be applied to the corresponding version and any future versions of

the software;

• regression testing can be applied in order to ensure that the software changes only in the required

manner.
0.4.3 Challenges
Software problems are generally characterised as a one of three types:

• Weaknesses, which are generic classes of potential deficiency in software, such as buffer

overflows.
• Vulnerabilities, which can be:

- the existence of a generic weakness in a particular platform, such as a buffer overflow

occurring in a specific operating system or application;
- interactions between multiple software elements that bypass intended controls;
- accidental actions of software developers that result in defects and errors;

- deliberate actions of software developers that bypass intended controls, such as trap doors

that permit unauthorised access to the system.

• Susceptibilities, which are the confirmed presence of one or more vulnerability within an

implemented system, such as the presence of an operating system with a buffer overflow

defect.
Susceptibilities in systems stem from:
• initial implementation;

• changes to software, such as from adding new facilities or the correction of detected errors

(‘patching’);
x © ISO/IEC 2016 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/IEC DIS 30754:2016(E)

• use of utility programs, which may be capable of circumventing security measures in the

controlling or application software.
For the application of these terms specifically to software, see Clause 3.
0.4.4 Tailoring

ISO/IEC 30754 is scoped to include all aspects that contribute to trustworthiness of software, as illustrated

in Figure 2.
Figure 2 – Aspects of trustworthiness
Specification Scope
People
Components
Documents
Packages
Processes & Records
Security
Reliability Availability Resilience
Safety
Needs Needs
Needs Needs Needs

This is achieved by using the appropriate elements of the framework of decomposed as shown in Figure 3

and detailed in Clauses 5 and 6 and the Annexes.
Figure 3 – Trustworthy Software Framework
© ISO/IEC 2016 – All rights reserved xi
---------------------- Page: 12 ----------------------
ISO/IEC DIS 30754:2016(E)
Level 1
Generic Concepts
Level 2
Generic Principles
Level 3
Generic Techniques
Level 4
Amplifying Repository(s)
Methods Data Sharing
Citations

This comprehensive Trustworthy Software Framework (TSF) provides a domain- and implementation-

agnostic way to reference the large existing body of knowledge, including functional safety, information

security, and systems and software engineering and therefore acts as a collation of good practice for

software trustworthiness.

When used as a stand-alone document for organizations with no current approach to software

trustworthiness, this specification will facilitate the deployment of the TSF for software in its many guises

from embedded equipment through consumer devices to industrial control systems.

For organizations that already address software trustworthiness though the lens of one or more of the five

main facets of trustworthiness that typically operate in isolation (safety, reliability, availability, resilience

and security), this specification provides a companion and complement to other relevant standards, and

reviewing the concepts, principles and techniques in this specification alongside practices and Management

Systems derived from individual facets allows the identification of gaps and enhancements.

This document does not specify how any technique should be applied to a specific domain of application.

This information is available in other standards, such as ISO/IEC 15408 and ISO/IEC 27001 for information

security, and IEC61508 for functional safety.
0.4.5 Categorization

For the purposes of this standard, the software audience can be divided into three groups:

xii © ISO/IEC 2016 – All rights reserved
---------------------- Page: 13
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 19515:2019(Main)
Information technology -- Object Management Group Automated Function Points (AFP), 1.0

1.1 Purpose This International Standard defines a method for automating the counting of Function Points that is generally consistent with the Function Point Counting Practices Manual, Release 4.3.1 (IFPUG CPM) produced by the International Function Point Users Group (IFPUG). Guidelines in this International Standard may differ from those in the IFPUG CPM at points where subjective judgments have to be replaced by the rules needed for automation. The IFPUG CPM was selected as the anchor for this ...view more

    • sale 15% off
    • Standard
      28 pages
      English language
ISO
ISO/IEC 24570:2018(Main)
Software engineering -- NESMA functional size measurement method -- Definitions and counting guidelines for the application of function point analysis

ISO/IEC 24570:2018 specifies the set of definitions, rules and guidelines for applying the Nesma Function Point Analysis (FPA) method.

    • sale 15% off
    • Standard
      70 pages
      English language
ISO
ISO/IEC 19513:2017(Main)
Information technology -- Object Management Group Unified Profile for DoDAF and MODAF (UPDM), 2.1.1

This International Standard provides a specification language, UPDM, that is readily understandable not only by the community of architects of information technology systems but also by a wide range of end users including executives and enterprise management that sponsor such systems, program managers that oversee their development, developers of supporting hardware and software (design, implementation, and testing), subject matter experts, and end users. UPDM bridges the gap from setting of req...view more

    • sale 15% off
    • Standard
      415 pages
      English language
ISO
ISO/IEC 19678:2015(Main)
Information Technology -- BIOS Protection Guidelines

ISO 19678:2015 provides requirements and guidelines for preventing the unauthorized modification of Basic Input/Output System (BIOS) firmware on PC client systems. Unauthorized modification of BIOS firmware by malicious software constitutes a significant threat because of the BIOS's unique and privileged position within the PC architecture. A malicious BIOS modification could be part of a sophisticated, targeted attack on an organization ?either a permanent denial of service (if the BIOS is corr...view more

    • sale 15% off
    • Standard
      15 pages
      English language
ISO
ISO/IEC 40500:2012(Main)
Information technology -- W3C Web Content Accessibility Guidelines (WCAG) 2.0

ISO/IEC 40500:2012 [Web Content Accessibility Guidelines (WCAG) 2.0] covers a wide range of recommendations for making Web content more accessible. Following these guidelines will make content accessible to a wider range of people with disabilities, including blindness and low vision, deafness and hearing loss, learning disabilities, cognitive limitations, limited movement, speech disabilities, photo-sensitivity and combinations of these. Following these guidelines will also often make your Web ...view more

    • sale 15% off
    • Standard
      2 pages
      English language
ISO
ISO/IEC 17998:2012(Main)
Information technology -- SOA Governance Framework

ISO/IEC 17998:2012 describes a framework that provides context and definitions to enable organizations to understand and deploy service-oriented architecture (SOA) governance. ISO/IEC 17998:2012 defines: SOA Governance, including its relationship between Business, IT, and EA governance; this assists organizations in understanding the impact that the introduction of SOA into an organization has on governance; an SOA Governance Reference Model (SGRM) and its constituent parts, which assists organi...view more

    • sale 15% off
    • Standard
      87 pages
      English language
ISO
ISO/IEC 40280:2011(Main)
Information technology -- W3C Web Services Policy 1.5 -- Attachment

ISO/IEC 40280:2011 defines two general-purpose mechanisms for associating policies, as defined in ISO/IEC 40270, with the subjects to which they apply. It also defines how these general-purpose mechanisms can be used to associate policies with Web Services Description Language (WSDL) and Universal Description, Discovery and Integration (UDDI) descriptions.

    • sale 15% off
    • Standard
      2 pages
      English language
ISO
ISO/IEC 40270:2011(Main)
Information technology -- W3C Web Services Policy 1.5 -- Framework

ISO/IEC 40270:2011 defines a framework and a model for expressing policies that refer to domain-specific capabilities, requirements, and general characteristics of entities in a Web services-based system.

    • sale 15% off
    • Standard
      1 page
      English language
ISO
ISO/IEC 40230:2011(Main)
Information technology -- W3C SOAP Message Transmission Optimization Mechanism

ISO/IEC 40230:2011 specifies an abstract feature for optimizing the transmission and/or wire format of a SOAP message by selectively encoding portions of the message, while still presenting an XML Infoset to the SOAP application.

    • sale 15% off
    • Standard
      1 page
      English language
ISO
ISO/IEC 40220:2011(Main)
Information technology -- W3C SOAP Version 1.2 Part 2: Adjuncts (Second Edition)

SOAP Version 1.2 is a lightweight protocol intended for exchanging structured information in a decentralized, distributed environment. ISO/IEC 42020:2011 defines a set of adjuncts for use with the SOAP Version 1.2 messaging framework specified in ISO/IEC 42010:2011. ISO/IEC 42020:2011 depends on ISO/IEC 42010:2011.

    • sale 15% off
    • Standard
      2 pages
      English language
ISO
ISO/IEC 40260:2011(Main)
Information technology -- W3C Web Services Addressing 1.0 -- Metadata

Web Services Addressing provides transport-neutral mechanisms to address Web services and messages. ISO/IEC 40260:2011 defines how the abstract properties defined in ISO/IEC 40240 are described using Web Services Description Language (WSDL), how to include WSDL metadata in endpoint references, and how WS-Policy can be used to indicate the support of WS-Addressing by a Web service.

    • sale 15% off
    • Standard
      1 page
      English language
ISO
ISO/IEC 40250:2011(Main)
Information technology -- W3C Web Services Addressing 1.0 -- SOAP Binding

Web Services Addressing provides transport-neutral mechanisms to address Web services and messages. ISO/IEC 42050:2011 defines the binding of the abstract properties defined in ISO/IEC 42040 to SOAP Messages.

    • sale 15% off
    • Standard
      1 page
      English language
ISO
ISO/IEC 40240:2011(Main)
Information technology -- W3C Web Services Addressing 1.0 -- Core

Web Services Addressing provides transport-neutral mechanisms to address Web services and messages. ISO/IEC 42040:2011 defines a set of abstract properties and an XML Infoset representation thereof to reference Web services and to facilitate end-to-end addressing of endpoints in messages. It enables messaging systems to support message transmission through networks that include processing nodes such as endpoint managers, firewalls, and gateways in a transport-neutral manner.

    • sale 15% off
    • Standard
      1 page
      English language
ISO
ISO/IEC 40210:2011(Main)
Information technology -- W3C SOAP Version 1.2 Part 1: Messaging Framework (Second Edition)

SOAP Version 1.2 (SOAP) is a lightweight protocol intended for exchanging structured information in a decentralized, distributed environment. It uses XML technologies to define an extensible messaging framework providing a message construct that can be exchanged over a variety of underlying protocols. The framework has been designed to be independent of any particular programming model and other implementation specific semantics. ISO/IEC 40210:2011 defines the SOAP messaging framework consisting...view more

    • sale 15% off
    • Standard
      2 pages
      English language
ISO
ISO/IEC 13244:1998/Amd 1:1999(Amendment)
Support using Common Object Request Broker Architecture (CORBA)
    • sale 15% off
    • Standard
      8 pages
      English language
    • sale 15% off
    • Standard
      8 pages
      French language
ISO
ISO/IEC 13244:1998(Main)
Information technology -- Open Distributed Management Architecture
    • sale 15% off
    • Standard
      52 pages
      English language
    • sale 15% off
    • Standard
      52 pages
      French language
ISO
ISO/IEC 14834:1996(Main)
Information technology -- Distributed Transaction Processing -- The XA Specification

Specifies the bidirectional interface between a transaction manager and a resource manager (the XA interface) in an X/Open Distributed Transaction Processing (DTP) environment. Technically identical to X/Open CAE Specification. Contains also the text of the X/Open DTP Reference Model Version 3.

    • sale 15% off
    • Standard
      111 pages
      English language
ISO
ISO/IEC 13800:1996(Main)
Information technology -- Procedure for the registration of identifiers and attributes for volume and file structure
    • sale 15% off
    • Standard
      7 pages
      English language
ISO
ISO/IEC 14863:1996(Main)
Information technology -- System-Independent Data Format (SIDF)
    • sale 15% off
    • Standard
      89 pages
      English language
ISO
ISO/IEC 8211:1994(Main)
Information technology -- Specification for a data descriptive file for information interchange

Cancels and replaces the first edition (1985). Specifies an interchange format to facilitate the moving of files or parts of files containing data records between computer systems. Specifies: media-independent file and data record descriptions for information interchange; the description of data elements, vectors, arrays and hierarchies containing character strings, bit strings and numeric forms; a data descriptive file; a data descriptive record; three levels of complexity of file and record st...view more

    • sale 15% off
    • Standard
      69 pages
      English language