diff --git a/_posts/web-standards/2020-11-20-GS1.md b/_posts/web-standards/2020-11-20-GS1.md index 82ba7863..b8b02b01 100644 --- a/_posts/web-standards/2020-11-20-GS1.md +++ b/_posts/web-standards/2020-11-20-GS1.md @@ -1,138 +1,21 @@ --- date: 2020-11-21 +name: GS1 +layout: standards +headings: ["Main","Global Standards Mapping Process","Working Groups"] title: "GS1 - The Global Language of Business" +description: We are a global, neutral, non-profit standards organisation that brings efficiency and transparency to the supply chain excerpt: > Gs1 introduced the barcode in 1974. We are a global, neutral, non-profit standards organisation that brings efficiency and transparency to the supply chain. Our standards are proven by industry and can help you achieve your public policy goals. - Designed by consensus, our standards are proven, open and benefit from collaboration with respected global companies as well as local SME's. GS1 tools help organisations exchange critical data - from manufacturing all the way to the consumer - creating a common language that underpins systems and processes all over the world. categories: ["Web Standards","Organizations"] tags: ["GS1","KERI","Digital Link","Enterprise","Barcode","RFID","Global Standards Management Process","Supply Chain","Healthcare","Digital Signatures"] permalink: web-standards/gs1/ redirect_from: - organizations/gs1/ -last_modified_at: 2020-11-21 +last_modified_at: 2023-05-20 header: image: /images/gs1-header.webp teaser: /images/gs1-teaser.webp --- -> Gs1 introduced the barcode in 1974. We are a global, neutral, non-profit standards organisation that brings efficiency and transparency to the supply chain. Our standards are proven by industry and can help you achieve your public policy goals. -> -> Designed by consensus, our standards are proven, open and benefit from collaboration with respected global companies as well as local SME's. GS1 tools help organisations exchange critical data - from manufacturing all the way to the consumer - creating a common language that underpins systems and processes all over the world. - -## ID over HTTPS - -* [GS1's decentralized approach to resolving identifiers over HTTPS](https://iiw.idcommons.net/GS1%27s_decentralized_approach_to_resolving_identifiers_over_HTTPS) (IIW30) - * [Decentralized resolution of identifiers with HTTPS](https://docs.google.com/presentation/d/1fLDETcghxxRfac7mDCTGpqktaVnn9bjl/edit#slide=id.p1) - DNS doesn’t need to be evil (not that evil anyway) - * [11 Transferable Principles from GS1 Digital Link](https://gs1.github.io/DigitalLinkDocs/principles/) Phil Archer, Mark Harrison, Henri Barthel (firstname.secondname@gs1.org) - > The GS1 Digital Link standard [DL] offers a means through which identifiers that exist offline can be resolved to multiple, related online resources. In the simplest example, a barcode is scanned to extract the identifier which is then resolved to a Web page that describes the barcoded item. This superficial example is only scratching the surface of much more powerful underlying mechanism. It was designed to service the needs of the GS1 community (manufacturers, supply chains and retailers), but the principles do not depend on the GS1 system and can readily be transferred to other identification systems. - -## History - -* [GS1 - How we got here](https://www.gs1.org/about/how-we-got-here) - > Since 1973, we have opened offices in over 110 countries and amassed more than 2 million members using supply chain standards that make business easier. Learn about key dates in our history. - > - 1973: The barcode standard is agreed - > - 1974: The first barcode is scanned - > - 1977: The GS1 system is launched - > - 1983: Barcodes are used on wholesale multi-packs - > - 1989: GS1 moves beyond barcodes - > - With wide area networks making an impact on supply chains, we create our first international standard for electronic data interchange. - > - 1990: Responsibilities grow - > - The US and international arms of GS1 come together formally, creating a single organisation with a presence in 45 countries. - > - 1995: First healthcare standards created - > - 1999: The GS1 DataBar arrives - > - 2000: 90th local office opens - > - In just ten years, we double the number of countries in which we have a local presence. - > - 2002: Global standards forum launched - > - Our Global Standards Management Process is launched. This global forum gives GS1 members one place to discuss standards. - > - 2004: The first standard for RFID is created - > - 2007: GS1 enters the business-to-consumer world - > - As ecommerce grows, we begin to create open standards that give consumers direct access to key product information. - > - 2013: A 40-year celebration - > - With a presence in over 100 countries and more than a million members, we celebrate 40 years of the global language of business. - -## [Standards](https://www.gs1.org/standards) - -> In a world of growing data, GS1 standards help you single out what really matters. They give you a common language to identify, capture and share supply chain data– ensuring important information is accessible, accurate and easy to understand. - -### [Standards development](https://www.gs1.org/standards/development) - -> A neutral participant, GS1 facilitates dialogue and the development of standards-based solutions among business and technical people from nearly sixty countries. Industries represented include retail and consumer goods, fresh foods, healthcare, transport and logistics, governments and many more. -> -> The GSMP (Global Standards Management Process) is a community-based forum -for businesses facing similar problems to work together and develop -standards-based solutions. Standards created by industry, for industry. - -* [How we develop standards](https://www.gs1.org/how-we-develop-standards) - > Our standards development team guide the regular upgrading of our standards through a document development life cycle whose rules everyone agrees to. The Global Standards Management Process (GSMP) enables us to reach consensus around the creation and adoption of new standards smoothly and rapidly! -* [GSMP Manual](https://www.gs1.org/docs/gsmp/GSMP_Manual.pdf) - > The GSMP 4-Step Process is designed to ensure that business needs and requirements are understood before standards and guidelines are developed, and that supporting materials are created afterward. Each step culminates in the completion of one or more outputs, created through a consensus-based process within a working group and with larger consensus confirmed through community review and eBallot. -* [Global Data Model (GDM) Governance Manual](https://www.gs1.org/sites/default/files/docs/gsmp/gdm_manual_i1_a_2020-03-19.pdf) - > The retail landscape is changing at an unprecedented rate. In this connected world, consumers increasingly rely on product information for purchasing decisions. The purpose of the Global Data Model (GDM) is to simplify and harmonise the exchange of master data. The GDM will identify and define—in a globally consistent way—the set of foundational attributes needed to list/order, move, store and sell a product, both digitally and physically. By harmonising foundational data across the industry around the globe, it will enable an improved consumer experience and reduce complexity by delivering more reliable and complete product information to consumers. -* [GSMP Value Statement](https://www.gs1.org/sites/default/files/docs/gsmp/gsmp_execsummary.pdf) - > Are business challenges holding back your company’s full potential and growth? You are not alone. Business is easier when you speak the same language as your customers, suppliers and partners. Though we all work in our own way, problems and differences become solutions when we all work together. That’s where GS1 can help. - > - > The GSMP is a community-based forum for businesses facing similar problems to work together and develop standards-based solutions to address them. Standards created by industry, for industry. -* [Work Request System](https://wr.gs1.org/WorkRequestsBytechnology) - > You can shape GS1 global standards by submitting a request to develop a new standard or enhance an existing one. - * [Introduction to GS1 Work Request](https://wr.gs1.org/Templates/GS1_Work_Requestd.pdf) - * [Templates for submitting Work Requests](https://www.gs1.org/standards/wr) - -## [Global Working Groups](https://www.gs1.org/standards/development-work-groups) - -### Standards Maintenance Groups (SMGs) improve existing standards - -* [GSMP Data Accuracy SMG](https://www.gs1.org/standards/development-work-groups#DA) - > This processes all maintenance Work Requests for the **[GS1 Package Measurement Rules Standard](https://www.gs1.org/docs/gdsn/3.1/GS1_Package_Measurement_Rules.pdf)** and the **[Package Measurement Rules Implementation Guideline](https://www.gs1.org/sites/default/files/docs/gdsn/GDSN_Pack_Measure_Rules_Implementation_Guide.pdf)**. This group acts as a pool of experts for all Data Accuracy SMG work requests and coordinate with associated Mission Specific groups as defined in the GSMP Manual. The work the Data Accuracy SMG allows our community to increase savings throughout the supply chain by synchronising accurate dimensions and weight data which enables better transportation, logistics and retail shelf planning. -* [GSMP Electronic Data Interchange (EDI) SMG](https://www.gs1.org/standards/development-work-groups#EDI) - > This group maintains and improves [GS1 EDI (Electronic Data Interchange) standards](https://www.gs1.org/standards/edi). Examples of standards maintained in this group (but not limited to) are: - > - EANCOM® - > - GS1 XML - > - GS1 UN/CEFACT XML -* [GSMP Global Master Data (GMD) SMG](https://www.gs1.org/standards/development-work-groups#GMD) - > The group maintains and improves the GS1 Master Data standards. Examples of standards maintained in this group (but not limited to) are: - > - [Master Data Standards](https://www.gs1.org/standards/gs1-global-data-model) - > - GS1 Attributes, definitions, code lists, and guidance definitions - > - [GDSN solutions and GDSN Validation Rules](https://www.gs1.org/standards/gdsn) - > - GS1 Web Vocabulary - > - Global Data Model Standards and Attribute Definitions for Business -* [GSMP Global Product Classification (GPC) SMG](https://www.gs1.org/standards/development-work-groups#GPC) - > The GPC Standards Maintenance Group maintains and improves the GS1 Global Product Classification (GPC) standard. - > - > The [GS1 Global Product Classification (GPC) standard](https://www.gs1.org/standards/gpc) helps global trading partners to group products in the same way, everywhere in the world. The resulting common business language is clear and instantly understandable. -* [GSMP Identification SMG](https://www.gs1.org/standards/development-work-groups#ID) - > The ID Standards Maintenance Group maintains and improves the GS1 Automatic Identification and Data Capture (AIDC) standards including Identification Keys, Barcodes, Electronic Product Code, and Radio-Frequency Identification (RFID) standards. - > - > - The GS1 General Specification is the core foundational GS1 standard that defines how identification keys, data attributes and barcodes must be used in business applications - > - GS1 Identification Keys provides companies efficient ways to access and share information about items in their supply chains. - > - Barcodes are symbols that can be scanned electronically using laser or camera-based systems. - > - The Electronic Product Code™ (EPC) is syntax for unique identifiers assigned to physical objects, unit loads, locations, or other identifiable entity playing a role in business operations. - > - GS1's EPC Tag Data Standard (TDS) defines the Electronic Product Code (EPC), including its correspondence to GS1 keys and other existing codes. TDS also specifies data that is carried on Gen 2 RFID tags, including the EPC, User Memory data, control information, and tag manufacture information. -* [GSMP Images, Digital & Electronic Assets (IDEAs) SMG](https://www.gs1.org/standards/development-work-groups#IDEAs) - > This group will maintain and improve the GS1 Digital Assets Standards. Examples of standards maintained in this group (but not limited to) are: - > - [GS1 Product Image Specification Standard](https://www.gs1.org/standards/gs1-product-image-specification-standard/current-standard) - > - [GS1 Pharmaceutical Image Implementation Guideline](https://www.gs1.org/standards/gs1-pharmaceutical-image-implementation-guideline) - > - [GS1 Mobile Ready Hero Images Guideline](https://www.gs1.org/standards/Mobile-Ready-Hero-Image/1-0) -* [GSMP Traceability and Event Sharing Standards Maintenance Group SMG](https://www.gs1.org/standards/development-work-groups#TRACE_EVENT) - > The SMG maintains updates to the GS1 EPCglobal standards that support physical event capture and sharing and the [Global Traceability Standard that supports tracking and tracing of goods](https://www.gs1.org/sites/default/files/docs/gsmp/call_to_action_gtc_h.pdf) and information about the goods. This includes all simple work requests indicated as impacting the event data sharing and traceability standards. - > - > In addition, the group acts as a pool of experts for all Mission Specific Work Groups that are related to the SMG, as defined in the GSMP Manual in section 3.4. Work Groups. - -### Mission-specific Working Groups (MSWGs) develop new standards - -* [GSMP Digital Signature MSWG](https://www.gs1.org/standards/development-work-groups#DigitalSignature) - > Provide a GS1 standard solution approach to digital signatures. Otherwise, there will be no open, brand owner determined digital signatures to set as an alternative to proprietary digital signature use in barcodes with GS1 standards. -* [GSMP EPCIS & CBV 2.0 MSWG](https://www.gs1.org/standards/development-work-groups#EPCISCBV) - > Since its initial ratification as an EPCglobal standard in 2007 and its subsequent integration into the GS1 “Share” portfolio, EPCIS and its companion standard the Core Business Vocabulary (CBV) have been updated twice (2014 and 2016) and published by ISO (as ISO/IEC 19987 and 19988, respectively). In the meantime, EPCIS and the CBV have gained importance as visibility enablers in various industries. Updates are needed to ensure the relevance of these standards into the coming decades. -* [GSMP GS1 Digital Link MSWG](https://www.gs1.org/standards/development-work-groups#DigitalLink) - > This group will define a standard structure for URIs that enables reliable encoding of GS1 identifiers and sub-identifiers, regardless of the domain name, such that those keys can be extracted without looking up information on (or even being connected to) the web. -* [GSMP GLN Modernisation MSWG](https://www.gs1.org/standards/development-work-groups#GLNM) - > This work group will update the GLN Standards to be more clear and concise and provide guidance to enable industry partners to create, manage, share, and use the GLN to meet their party and location use cases needs in a scalable, standardised manner. -* [GSMP Pharmaceutical Clinical Trial Processes MSWG](https://www.gs1.org/standards/development-work-groups#CLINICAL) - > Develop a GS1 standard and/or guideline that would detail the best practice approach to the implementation of GS1 standards in the pharmaceutical clinical trials supply chain. This would include identification of products, locations, patients and caregivers. -* [GSMP RFID Low-Level Reader Protocol (LLRP) MSWG](https://www.gs1.org/standards/development-work-groups#LLRP) - > This group will define and develop a revised version of the Low Level Reader Protocol (LLRP) Standard to clarify its use within the RFID community, identify and add new features needed to align with the Gen2V2 Air Interface standard while ensuring new features do not cause any disruption—and that the revised version of LLRP is backwards-compatible with existing deployments. Any additional functionality not currently included in the Gen2V2 standard is considered out of scope of this project. -* [GSMP Scan4Transport MSWG](https://www.gs1.org/standards/development-work-groups#S4T) - > This Work Group will review the business requirements identified by industry and develop a GS1 standard to enable the industry to encode the minimum required transport data in a 2D barcode on a logistics label.The group will consider emerging standards such as uniform resource identifier (URI) for addressing the business needs. - - diff --git a/_posts/web-standards/2021-04-18-object-capabilities.md b/_posts/web-standards/2021-04-18-object-capabilities.md index 925fc86e..672437c3 100644 --- a/_posts/web-standards/2021-04-18-object-capabilities.md +++ b/_posts/web-standards/2021-04-18-object-capabilities.md @@ -1,5 +1,8 @@ --- date: 2021-04-18 +name: Object Capabilities +layout: standards +headings: ["Main","Literature"] title: "Object Capability Model" description: in which a capability describes a transferable right to perform one (or more) operations on a given object. excerpt: > @@ -7,67 +10,6 @@ excerpt: > categories: ["Web Standards"] tags: ["oCap","JSON-LD","zCap","Cosmos"] permalink: web-standards/object-capabilities/ -last_modified_at: 2021-04-19 +last_modified_at: 2023-05-22 --- -* [Awesome Object Capabilities and Capability-based Security](https://github.com/dckc/awesome-ocap) - > Capability-based security enables the concise composition of powerful [patterns](https://github.com/dckc/awesome-ocap/wiki) of cooperation without vulnerability. [What Are Capabilities?](http://habitatchronicles.com/2017/05/what-are-capabilities/) explains in detail. -* [Object Capabilities - SourceCrypto](https://sourcecrypto.pub/#object-capabilities) -* [Object Capability Model](https://en.wikipedia.org/wiki/Object-capability_model) • [wiki.c2](https://wiki.c2.com/?ObjectCapabilityModel) - > Computer scientist E. Dean Tribble stated that in smart contracts, identity-based access control did not support well dynamically changing permissions, compared to the object-capability model. He analogized the ocap model with giving a valet the key to one's car, without handing over the right to car ownership. - > - > The structural properties of object capability systems favor modularity in code design and ensure reliable encapsulation in code implementation. - > - > These structural properties facilitate the analysis of some security properties of an object-capability program or operating system. Some of these – in particular, information flow properties – can be analyzed at the level of object references and connectivity, independent of any knowledge or analysis of the code that determines the behavior of the objects. As a consequence, these security properties can be established and maintained in the presence of new objects that contain unknown and possibly malicious code. -* [Object Capabilities](http://erights.org/elib/capability/ode/ode-capabilities.html) eRights - > The capability model is, in a sense, the object model taken to its logical extreme. Where object programmers seek modularity -- a decrease in the dependencies between separately thought-out units -- capability programmers seek security, recognizing that required trust is a form of dependency. Object programmers wish to guard against bugs: a bug in module A should not propagate to module B. Capability programmers wish to guard against malice. However, if B is designed to be invulnerable to A's malice, it is likely also invulnerable to A's bugs. - -## Literature - -* [Authorization Capabilities for Linked Data v0.3](https://w3c-ccg.github.io/zcap-ld/) - An object capability framework for linked data systems CCG - > Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. "Caveats" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked. -* [DIDAuth_%2B_Obj._Cap.](https://iiw.idcommons.net/DIDAuth_%2B_Obj._Cap.) - > What is DIDAuth and how is it compatible with Object Capabilities?\ - > We started by defining and describing object capabilities: - > - A Capability is a Transferable Unforgeable Permission. It can be implemented with unguessable URLS or signed objects. - > - A Java Program object reference is a capability, it allows for actions on the subject (the object instance). - > - A stronger implementation of object capabilities involves a digital certificate issued by a public key, for a resource with a set of supported methods:\ - > `Issuer: AlicePubKey`\ - > `Resource: did:dad:0x123`\ - > `Actions: Read,Write`\ - > `Signature: 0x456` -* [Applying the Principle of Least Authority to User Interaction](https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/topics-and-advance-readings/Applying_POLA_to_User_Interaction.md) by Bill Tulloh - RWoT 8 - > Object capabilities (ocaps) are increasingly recognized as an important tool for achieving the goals of self-sovereign identity. Many of the principles of self-sovereign identity, such as minimization and protection, can best be achieved through the disciplined pursuit of the principle of least authority that ocaps enable. This paper examines how POLA can be extended to better protect users when exercising their self-sovereign identity. -* [Introductory Capability DHT](https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/topics-and-advance-readings/introductory-capability-dht-concept.md) James Foley - RWoT 8 - > The Object Capability software design paradigm is a powerful philosophy for the programming of decentralized applications particularly in the realms of security and rights management. -* [Models of Identity](https://github.com/WebOfTrustInfo/rwot7-toronto/blob/master/final-documents/mental-models.md) by, Joe Andrieu, Nathan George, Christophe Macintosh, Ouri Poupko, Antoine Rondelet, Andrew Hughes – RWoT 7 -**Security** • **Liberty** • **Data** • **Relationship** • **Capability** - > Considering different models for handling identity information allows reconciliation, and creates opportunities to address primary use cases across paradigms, increasing overall strength and security of a solution.\ - > [...]\ - > In the Object Capabilities model, authorization is managed by creating, sharing, attenuating, and using “capabilities” instead of, for example, access control lists. If you have a valid “capability”, you have the authorization. Like a car key, Object Capabilities may be used no matter who you are. This model shifts the burden of identification from error-prone correlations to directly work with individuals’ actual capabilities. -* [Cryptographic and Data Modeling Requirements from RWoT](https://github.com/WebOfTrustInfo/rwot7-toronto/blob/master/topics-and-advance-readings/crypto-data-model-requirements.md) by Manu Sporny, Dave Longley, and Chris Webber - RWoT 7 - > This paper introduces the uninitiated to the requirements that have been identified over the years that are driving the community toward certain technological solutions. - > - > Rebooting the Web of Trust is a community that is attempting to create a decentralized ecosystem that enables people to be in control of various aspects of their data and identity information. The group often talks about Decentralized Identifiers, Verifiable Credentials, Object Capabilities, ed25519 keys, cryptographic identifiers, and other technologies but rarely spends time documenting how we got here. -* [Recent happenings with Linked Data Capabilities](https://github.com/WebOfTrustInfo/rwot6-santabarbara/blob/master/topics-and-advance-readings/ld-ocap-recent-happenings.md) By Christopher Lemmer Webber – RWoT 6 - > One of the outputs from Rebooting Web of Trust Fall 2017 was a writeup on Linked Data Capabilities based on discussions from the workshop (and particularly thanks to the guide of Mark S. Miller's longstanding work on object capabilities). While the writeup speaks for itself, in short Linked Data Capabilities provide a way to encode object capability security to linked data systems. Much has happened since then. - > - > After the workshop ideas from the paper were reified into specification form and the W3C Credentials Community Group has taken on the specification as an official work item of the group. Some changes have happened in the design of Linked Data Capabilities from the initial Rebooting Web of Trust paper -* [Credentials CG Telecon Minutes for 2017-11-14](https://w3c-ccg.github.io/meetings/2017-11-14/) The W3C Credentials Community Group - > Topics - > - Introduction to Mark Miller (Google) - > - DID Spec Review - > - Capabilities in Verifiable Credentials - > - W3C TPAC 2017 Update -* [Smarm: Requirements for a smart-signatures Scheme](https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/draft-documents/smarm.md) By Christopher Lemmer Webber and Christopher Allen - RWoT 5 - > [Smart signatures](https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/draft-documents/smarm.md) are desirable, but how to implement them? We need a language that is powerful and flexible enough to meet our needs while safe and bounded to run while remaining simple enough to feasibly implement. - > - > [Scheme](https://en.wikipedia.org/wiki/Scheme_programming_language) is a turing-complete language with a (at least stated) fondness for minimalism. Unfortunately Scheme on its own is neither "safe" nor (necessarily) deterministic. Thankfully we can get the properties we want through: - > - > - Making object capabilities a core part of the language. Specifically, [Jonathan Rees' "W7 security kernel"](http://mumble.net/~jar/pubs/secureos/secureos.html) demonstrates that a pure lexically scoped environment is itself an appropritate substrate for object capabilities. - > - Restricting space and time precisely in a way that is deterministic and reproducible. - > - Removing sources of external side effects. -* [Identity Hubs Capabilities Perspective](https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/final-documents/identity-hubs-capabilities-perspective.md) by Adrian Gropper, Drummond Reed, Mark S. Miller – RWoT 5 - > Identity Hubs as currently proposed in the Decentralized Identity Foundation (DIF) are a subset of a general Decentralized Identifier (DID) based user-controlled agent, based on ACLs rather than an object-capabilities (ocap) architecture. The current approach has both security and scalability issues. Transitioning the Hubs design to an ocap model can be achieved by introducing an UMA authorization server as the control endpoint. This avoids creating confused-deputy security issues and expands scale by enabling the hub to delegate access to resources not stored in the hub itself. -* [Linked Data Capabilities](https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/final-documents/lds-ocap.md) By Christopher Lemmer Webber and Mark S. Miller - > Linked Data Signatures enable a method of asserting the integrity of linked data documents that are passed throughout the web. The object capability model is a powerful system for ensuring the security of computing systems. In this paper, we explore layering an object capability model on top of Linked Data Signatures via chains of signed proclamations. fn:1 We call this system "Linked Data Capabilities", or "ld-ocap" for short.