Support

Message-Oriented Middleware is a set of products that connects applications running on different systems by sending and receiving application data as messages. Examples are RPC, CPI-C and message queuing.

The process of relating information in one domain to another domain. Used here in the context of relating information from an EDI format to one used within application systems.

In UCCnet Item Sync service, a Market Group is a list of retailers or other trading partners, that the manufacturer communicates the same product, pricing, logistical and other relevant standard or extended item data attributes.

Master data is a data set describing the specifications and structures of each item and party involved in supply chain processes. Each set of data is uniquely identified by a Global Trade Item Number (GTIN) for items and a Global Location Number (GLN) for party details. Master data can be divided into neutral and relationship- dependent data. Master data is the foundation of business information systems.

It is the timely and 'auditable' distribution of certified standardised master data from a data source to a final data recipient of this information. The synchronisation process is well known as 'Master Data Alignment' process. The master data synchronisation process is a prerequisite to the Simple E-Business concept (Simple_EB). Successful master data synchronisation is achieved via the use of EAN/UCC coding specifications throughout the supply chain. The synchronisation process is completed when an acknowledgement is provided to a data source certifying that the data recipient has accepted the data distributed. In the master data synchronisation process, data sources and final data recipients are linked via a network of interoperable data pools and global registry. Such an interoperable network is the GCI-Global Data Synchronisation Network.

A key component of EAI, a message broker is a software intermediary that directs the flow of messages between applications. Message brokers provide a very flexible communications mechanism providing such services as data transformation, message routing and message warehousing, but require application intimacy to function properly. Not suitable for inter-business interactions between independent partners where security concerns may exclude message brokering as a potential solution.

A document, typically digitally signed, acknowledging receipt of data from the sender.

A form of communication between programs. Application data is combined with a header (information about the data) to form a message. Messages are stored in queues, which can be buffered or persistent (see Buffered Queue and Persistent Queue). It is an asynchronous communications style and provides a loosely coupled exchange across multiple operating systems.

A super-application process where messages are routed to applications based on business rules. A particular message may be directed based on its subject or actual content.

Middleware describes a group of software products that facilitate the communications between two applications or two layers of an application. It provides an API through which applications invoke services and it controls the transmission of the data exchange over networks. There are three basic types: communications middleware, database middleware and systems middleware.

It is master data that is generally shared among multiple parties and that is relationship independent (e.g., GTIN, item description, measurements, catalogues prices, standard terms, GLN, addresses) (GDAS definition). Most of the existing data pools facilitate the exchange of neutral master data.

An asynchronous messaging process whereby the requestor of a service does not have to wait until a response is received from another application.

This is an EAI implementation that does not require changes or additions to existing applications.

Provides proof of the origin or delivery of data in order to protect the sender against a false denial by the recipient that the data has been received or to protect the recipient against false denial by the sender that the data has been sent.

The data source, through its home data pool/solution provider, sends an electronic notice to a subscriber when a valid event occurs. This is based on the subscription profile. Events that can trigger notifications are:

• Publication of new data/change of publication (visibility granted, deleted)
• Change of published item/party/partner profile
• Change of owner, rights
• Subscription (generic, detailed)
• Authorisation/non-authorisation/rejection
• Positive search response

Notifications are not sent in the following cases since data are not yet public and validated information:

• Data load (add, change, etc.)
• Data validation
• Registration of new item/party/partner profile The data distribution, which is the movement of data from one entity to another, is handled through a specific notification type.

The Object Processing Language is a simple user-friendly process description language, based on XML that is used to provide processing instructions to a bTrade Business Process Router. Certain aspects of OPL are patent-pending.

The Object Request Broker is a software process that allows objects to dynamically discover each other and interact across machines, operating systems and networks.

A unit of executable software, written in OPL used to provide processing instructions to bTrade Business Process Routers. Oplets provide the logic for business document processing, transformation and routing algorithms. Oplet is a trademark of bTrade Inc.

A data store of oplets retained either in local storage or in remote storage share by multiple process routers.

Pretty Good Privacy is a security system used to encrypt and decrypt e-mail over the Internet. It can also be used to send an encrypted digital signature that lets the receiver verify the sender's identity and know that the message was not changed en route.

Public Key Infrastructure. A system of CAs, RAs, directories, client applications, and servers that model trust. The Internet Engineering Task Force (IETF)'s X.509 standard is the de-facto standard by which public keys can be managed on a secure basis. See CA and RA.

A party (or) location is any legal, functional or physical entity involved at any point in any supply chain and upon which there is a need to retrieve pre-defined information (GDAS definition). A party is uniquely identified by a EAN/UCC Global Location Number (GLN).

In contrast to perishable queues, persistence refers to a message queue that resides on a permanent device, such as a disk, and can be recovered in case of system failure or relatively (from a computer processing cycle perspective) long process or idle duration.

Unencrypted data; intelligible data that can be directly acted upon without decryption.

Place where the purchase is made at the checkstand or scanning terminals in a retail store. The acronym 'POS' frequently is used to describe the sales data generated at checkout scanners. The relief of inventory and computation of sales data at a time and place of sale, generally through the use of bar coding or magnetic media equipment.

The mathematical value of an asymmetric key pair that is not shared with trading partners. The private key works in conjunction with the public key to encrypt and decrypt data. For example, when the private key is used to encrypt data, only the public key can successfully decrypt that data. See secret-key.

A specialized networking device that automates the execution of specific business process(es) and appropriate routing and or transformation algorithm(s), given a business document.

The mathematical value of an asymmetric key pair that is shared with trading partners. The public key works in conjunction with the private key to encrypt and decrypt data. For example, when the public key is used to encrypt data, only the private key can successfully decrypt that data.

Encryption that uses a key pair of mathematically related encryption keys. The public key can be made available to anyone who wishes to use it and can encrypt information or verify a digital signature; the private key is kept secret by its holder and can decrypt information or generate a digital signature. This permits users to verify each other's messages without having to securely exchange secret keys.

The data source grants visibility of item, party and partner profiles, including party capabilities data to a given list of parties (identified by their GLNs) or to all parties in a given market.

Pub-Sub is a style of inter-application communications. Publishers are able to broadcast data to a community of information users or subscribers, which have issued the type of information they wish to receive (normally defining topics or subjects of interest). An application or user can be both a publisher and subscriber. The Process Router to Trading Network Agent interaction can be considered as a pub-sub form of communications where the agent registers the subscriber and the process router is the publisher.

A data source or a final data recipient triggers an inquiry, a subscription and gives a status on a particular event or information element. In this function, all the acknowledgements and audit trails are covered.

Remote Data Access, usually to an RDBMS via SQL.

Relational Database Management System.

Remote Procedure Call is a form of application-to-application communication that is a tightly coupled synchronous process.

Registration is the process that references all items and parties published in all GCI/GDAS-compliant data pools and on which there is a need to synchronise/ retrieve information. This is supported by data storage in accordance with the registry data scope and rules.

Globally, it is master data that concerns all terms bilaterally agreed and communicated between trading partners such as marketing conditions, prices and discounts, logistics agreements, etc. (EAN/UCC GDAS definition).

A storage mechanism for finalised DTDs and other XML components. In this context a repository is the wrapping of potential business library components into information that can be used in an implementation.

The denial or attempted denial by an entity involved in a communication of having participated in all or part of the communication.

RosettaNet is a consortium of major Information Technology, Electronic Components and Semiconductor Manufacturing companies working to create and implement industry-wide, open e-business process standards. These standards form a common e-business language, aligning processes between supply chain partners on a global basis.

Routers are a special-purpose networking device responsible for managing the connection of two or more networks. Today, IP routers check the destination address of the packets and decide the appropriate route to send them. However, 15-years ago, IP routing functionality was provided only by UNIX workstations. Two Stanford professors developed IP routers that abstracted the routing functionality to form Cisco Systems. These specialized devices have enabled the construction of scalable and adaptive IP networks including the Internet, a feat that could not be achieved by general purpose workstations. Similarly, Business Process Routers provide functionality that is in many ways provided by various applications.

Secure/Multipurpose Internet Mail Extensions. An Internet protocol [R2633, June 1999] to provide encryption and digital signatures for Internet mail messages.

Supply Chain Management is that function or set of skills and disciplines which involve the logistics and processes of creating a product from its original constituent elements that may be manufactured by sub-contractors or other divisions to its ultimate delivery to the buyer.

Secure Hash Algorithm is a hash algorithm. HMAC is a keyed hash variant used to authenticate data. See Hash function.

System Network Architecture.

Simple Object Access Protocol. An emerging standard that enables distributed software components to exchange data as XML pages.

Secure Sockets Layer. A program layer created by Netscape for managing the security of message transmissions in a network. Netscape's idea is that the programming for keeping your messages confidential ought to be contained in a program layer between an application (such as your Web browser or HTTP) and the Internet's TCP/IP layers. The SSL upper layer provides asymmetric cryptography for server authentication (verifying the server's identity to the client) and optional client authentication (verifying the client's identity to the server), and enables them to negotiate a symmetric encryption algorithm and secret session key (to use for data confidentiality) before the application protocol transmits or receives data. A keyed hash provides data integrity service for encapsulated data.

Straight Through Processing occurs when a transaction, once entered into a system, passes through its entire life cycle without any manual intervention. STP is an example of a Zero Latency Process, but one specific to the finance industry which has many proprietary networks and messaging formats.

Scalability refers to the ability of a system to support large implementations or to be easily upgradeable as the scale dimension grows. For trading networks, the dimension refers to large number of partners - 1000s. Process routers have high scalability because they can support thousands of partners and protocols, while an integration appliance can only support a few at once.

This provides data visibility according to userÕs permissions and certain criteria such as categories, GTIN, GLN, target market, etc. The home data pool provides this visibility in the framework of the GCI interoperable network.

The value used in a symmetric encryption algorithm to encrypt and decrypt data. Only the trading partners authorized to access the encrypted data must know secret keys.

The EAN-UCC number comprising 18 digits for identifying uniquely a logistic unit (licence plate concept). Standard: A specification for hardware, software or data that is either widely used and accepted (de facto) or is sanctioned by a standards organization (de jure). A "protocol" is an example of a "standard."

Generically, a server is any computer providing services. In client-server systems, the server provides specific capabilities to client software running on other computers. Usually, the server typically interacts with many clients at a time, while the client may interact with only one server.

Sockets describe the software methods invoked to correctly form an IP packet on the processor to physical communications interface. Aka President Clinton's cat.

A program that creates a named collection of SQL or other procedural statements and logic that is compiled, verified and stored in a server database.

A data recipient requests that it receive a 'notification' when a specific event occurs that meets the recipient's criteria (selective on sources, categories, etc.). This is subject to the recipient's access to information as controlled by the data source through its home data pool. There are two kinds of subscriptions:

• Generic subscriptions - to generic types of data (item or party that is part of a specific category).
• Detailed subscriptions - to a specific party (identified by its GLN) or specific item (identified by its GTIN)

With the set-up of a detailed subscription, a data recipient sets a profile to receive ongoing updates of the specific item, party or partner profile. The detailed subscription is also used to indicate an 'Authorisation'.

The supply chain links supplier and user organizations and includes all activities involved in the production and delivery of goods and services, including planning and forecasting, procurement, production/operations, distribution, transportation, order management, and customer service.

An encryption algorithm that uses the same key for encryption and decryption.

Sync is a form of communication that requires both applications to run concurrently during the communications process. A process issues a call and idles, performing no other function, until it receives a response.

Transmission Control Protocol/Internet Protocol is the IETF-defined suite of the network protocols used in the Internet that runs on virtually every operating system. IP is the network layer and TCP is the transport layer.

Transport Layer Security (IETF euphemism for SSL) has been endorsed and included in the Transport Layer Security protocol promoted with the Internet Engineering Task Force (IETF) by several major data communications technology corporations, such as IBM.

Any item (product or service) on which there is a need to retrieve pre-defined information and that may be priced or ordered or invoiced at any point in any supply chain.

A network of business partners who trade, transact, and execute external business processes with each other.

A trigger is a stored procedure that is automatically invoked on the basis of data-related events.

A security enhancement to Digital Encryption Standard (DES) encryption that employs three-successive single- DES block operations. Using two or three unique DES keys, this increases resistance to known cryptographic attacks by increasing the effective key length. See DES.

A mechanism to synchronize updates on different machines or platforms so that they all fail or all succeed together. The decision to commit is centralized, but each participant has the right to veto. This is a key process in real time transaction-based environments.

www.uccnet.org

product or service on which there is a need to retrieve pre-defined information and that may be priced, ordered or invoiced at any point in any supply chain (EAN/UCC GDAS definition). An item is uniquely identified by an EAN/UCC Global Trade Item Number (GTIN).

Universal Description, Discovery and Integration. UDDI is a project to design open standard specifications and implementations for an Internet service architecture capable of registering and discovering information about businesses and their products and servicesÉÉa web based business directory.

The Uniform Code Council (UCC), based in the United States, is a membership organisation that jointly manages the EAN-UCC System with EAN International. The UCC administers the EAN-UCC System in the United States and Canada.

UCC-12 data structure. One-digit number system character with 10-digit EAN-UCC Company prefix and item reference with one check digit. One of four data structures used in the Global Trade Identification Number (GTIN).

Value Added Networks have been serving the EDI user for nearly 30 years. They provide network connections, receipt messages, aggregation services, access control and mailboxing services. EDIINT promises to eliminate

Value Chain Markup Language is a set of XML-based vocabularies (words and meanings) and documents used by some firms, in certain industries for the conduct of business over the Internet. VCML is a marketing initiative of Vitria Technologies.

Virtual Private Networks are logical networks built over a physical network. VPN is used by enterprises to link its customers and business partners via secure Internet connections. The network controls access to the VPN (hence the private aspect) yet shares the core transmission resources with other VPNs or other Internet users. In the Internet world, this is accomplished by using security methods such as packet encryption or packet encapsulation (the VPN packets refer to an addressing scheme for example that are imbedded in the IP packets of the larger, physical network). In long distance VPNs companies had specific dial plans with access control elements. In both cases, however, the company had a network with the security features of a private network and the shared economics of a public network.

Validation is compliance checking of new or changed data versus GCI/GDAS Data Standards, principles and rules. The validation consists of ensuring as a minimum:

• Syntax (e.g., format of fields)
• Mandatory, dependent data (completeness of data)
• Semantic (e.g., can't make a change before add, allocation rules for GTINs and GLNs)
• Check of classification
• Uniqueness of the item/party/partner profile (checked by registry)

A third-party EDI service provider that provides a communication link between companies to enable electronic exchange of business data/documents.

In relation to a given digital signature, message, and public key, to determine accurately that (1) the digital signature was created during the operational period of a valid certificate by the private key corresponding to the public key contained in the certificate and (2) the associated message has not been altered since the digital signature was created.

Web Services Description Language is an XML-based language used to define Web services and describe how to access them.

In automated inter-business processes, such as UCCnet Item Sync service, the work list defines those tasks requiring human intervention to complete one or more process steps.

Workflow refers to the process of routing events or work-items from one person to another. Workflow is synonymous with process flow, although is more often used in the context of person-to-person document flows.

The International Telecommunications Union-T (ITU-T) specification that describes the format for hierarchical maintenance and storage of public keys for public-key systems.

An independent open systems organization with the strategy to combine various standards into a comprehensive integrated systems environment called Common Applications Environment, which contains an evolving portfolio of practical APIs.

An international standard for EDI messages, developed by the Accredited Standards Committee (ASC) for the American National Standards Institute (ANSI).

An ANSI security structures standard that defines data formats required for authentication and encryption to provide integrity, confidentiality, and verification of the security originator to the security recipient for the exchange of Electronic Data Interchange (EDI) data defined by Accredited Standards Committee (ASC) X12. See X12.

Like HTML, eXtensible Markup Language is a subset of Standard Generalized Markup Language. XML is a standard for defining descriptions of content. Where HTML uses tags to define the presentation of information without context, XML uses tags to provide metadata which describes the context of the data thereby giving meaning to data that can be understood by computers. Since its approval by the W3C in 1998, XML has been endorsed by every major software vendor as the standard API, offering great promise to the industry indeed.

An XML schema defines a type of document and the specialized XML tags that will be used with it. The schema may also include rules for exchanges of the document type.

An XML query access method that navigates the hierarchical structure of an XML document. It gets to a particular point in the document by naming a progression of nodes in the tree structure.

An SQL-like query language based on the structure of XML that allows direct access to specific nodes in an XML document. XML documents are hierarchical, starting with a document root and proceeding through a tree structure of parent nodes and related child nodes. A node may be any tagged element in the document, such as its title, table of contents, charts or tables. XQuery can retrieve and store information contained at a particular node without requiring the user to name all elements along the hierarchical path to that node.

The eXtensible Stylesheet Language is a syntax for defining the display of XML information.

An XSL Transform defines how XML data defined in one vocabulary can be translated into another, say between two customers.

Latency is the delay, measured between action and reaction.  Zero latency, therefore, means no delay between an event and its response.

An automated process with no time delays (i.e. no manual re-entry of data) at the interfaces of different information systems. STP is an example.

In contrast to the notification function, the acknowledgement is a response to a command (e.g., add, change) returned to the originator of the command. Every command needs a response and is handled according to the agreement between the parties involved (e.g., source data pool, final recipient exchange). In the interoperable network, acknowledgement messages are standardised and may contain the following information: Confirmation of message receipt, Success/failure of processing (syntax and content) and Reason for failure, with a code assigned to each failure.