US: UBL - Secure Internet (ITS)
This solution is used within the U.S.. It combines standards associated with US: UBL with those for I–I: Secure Internet (ITS). The US: UBL standards include upper–layer standards required to implement shipment related information flows. The I–I: Secure Internet (ITS) standards include lower–layer standards that support secure communications between ITS equipment using X.509 or IEEE 1609.2 security certificates.
|Security||OASIS UBL||OASIS Universal Business Language||This standard defines data and messaging rules for exchanging information about purchases, including shipping information.|
|ITS Application Entity||OASIS UBL||OASIS Universal Business Language||This standard defines data and messaging rules for exchanging information about purchases, including shipping information.|
|Facilities||W3C XML||Extensible Markup Language (XML) 1.0 (Fifth Edition)||This standard defines a generic markup language that can be used to share customizable information by using start and stop tags within the text.|
|Facilities||OASIS UBL||OASIS Universal Business Language||This standard defines data and messaging rules for exchanging information about purchases, including shipping information.|
|Access|| ||Internet Subnet Alternatives||A set of alternative standards that includes any Subnet Layer method of connecting to the Internet.|
One significant or possibly a couple minor issues. For existing deployments, the chosen solution likely has identified security or management issues not addressed by the communications solution. Deployers should consider additional security measures, such as communications link and physical security as part of these solutions. They should also review the management issues to see if they are relevant to their deployment and would require mitigation. For new deployments, the deployment efforts should consider a path to addressing these issues as a part of their design activities. The solution does not by itself provide a fully secure implementation without additional work.
|Issue||Severity||Description||Associated Standard||Associated Triple|
|Secure data access not provided||Medium||The solution does not define rules on how the application entity authenticates requests to accept or provide data.||(None)||(All)|
|Unvetted by community||Medium||The proposed solution uses a suite of standards that is accepted within some communities, but has not necessarily been accepted for use within the context of this information triple.||(None)||(All)|
|Fleet and Freight Management Systems||Riverfront Terminals and Operations Centers||freight transportation status|
|Riverfront Terminals and Operations Centers||Fleet and Freight Management Systems||freight transportation status|