{\rtf1\mac\ansicpg10000\uc1\deff0\stshfdbch0\stshfloch0\stshfhich0\stshfbi0\deflang1033\deflangfe1033{\upr{\fonttbl{\f0\fnil\fcharset256\fprq2{\*\panose 00020206030504050203}Times New Roman;}
{\f1\fnil\fcharset256\fprq2{\*\panose 00020b06040202020202}Arial;}}{\*\ud{\fonttbl{\f0\fnil\fcharset256\fprq2{\*\panose 00020206030504050203}Times New Roman;}{\f1\fnil\fcharset256\fprq2{\*\panose 00020b06040202020202}Arial;}}}}
{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;
\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 
\lang2057\langfe1033\cgrid\langnp2057\langfenp1033 \snext0 Normal;}{\s1\ql \li0\ri0\sb240\sa60\keepn\widctlpar\jclisttab\tx360\aspalpha\aspnum\faauto\ls1\outlinelevel0\adjustright\rin0\lin0\itap0 
\b\f1\fs32\lang2057\langfe2057\kerning32\cgrid\langnp2057\langfenp2057 \sbasedon0 \snext0 \sautoupd heading 1;}{\*\cs10 \additive Default Paragraph Font;}{\*
\ts11\tsrowd\trftsWidthB3\trpaddl108\trpaddr108\trpaddfl3\trpaddft3\trpaddfb3\trpaddfr3\tscellwidthfts0\tsvertalt\tsbrdrt\tsbrdrl\tsbrdrb\tsbrdrr\tsbrdrdgl\tsbrdrdgr\tsbrdrh\tsbrdrv 
\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs20\lang1024\langfe1024\cgrid\langnp1024\langfenp1024 \snext11 Normal Table;}{\*\cs15 \additive \ul\cf2 \sbasedon10 Hyperlink;}}{\*\listtable{\list\listtemplateid0{\listlevel
\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'02\'00.;}{\levelnumbers\'01;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-360\li360\jclisttab\tx360\lin360 }{\listlevel\levelnfc0
\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'04\'00.\'01.;}{\levelnumbers\'01\'03;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-432\li792\jclisttab\tx792\lin792 }{\listlevel\levelnfc0
\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'06\'00.\'01.\'02.;}{\levelnumbers\'01\'03\'05;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-504\li1224\jclisttab\tx1440\lin1224 }{\listlevel
\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'08\'00.\'01.\'02.\'03.;}{\levelnumbers\'01\'03\'05\'07;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-648\li1728
\jclisttab\tx1800\lin1728 }{\listlevel\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'0a\'00.\'01.\'02.\'03.\'04.;}{\levelnumbers\'01\'03\'05\'07\'09;}\chbrdr\brdrnone\brdrcf1 
\chshdng0\chcfpat1\chcbpat1 \s0\fi-792\li2232\jclisttab\tx2520\lin2232 }{\listlevel\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'0c\'00.\'01.\'02.\'03.\'04.\'05.;}{\levelnumbers
\'01\'03\'05\'07\'09\'0b;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-936\li2736\jclisttab\tx2880\lin2736 }{\listlevel\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext
\'0e\'00.\'01.\'02.\'03.\'04.\'05.\'06.;}{\levelnumbers\'01\'03\'05\'07\'09\'0b\'0d;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-1080\li3240\jclisttab\tx3600\lin3240 }{\listlevel\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0
\levelstartat1\levelspace0\levelindent0{\leveltext\'10\'00.\'01.\'02.\'03.\'04.\'05.\'06.\'07.;}{\levelnumbers\'01\'03\'05\'07\'09\'0b\'0d\'0f;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 \s0\fi-1224\li3744\jclisttab\tx3960\lin3744 }{\listlevel
\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace0\levelindent0{\leveltext\'12\'00.\'01.\'02.\'03.\'04.\'05.\'06.\'07.\'08.;}{\levelnumbers\'01\'03\'05\'07\'09\'0b\'0d\'0f\'11;}\chbrdr\brdrnone\brdrcf1 
\chshdng0\chcfpat1\chcbpat1 \fi-1440\li4320\jclisttab\tx4680\lin4320 }{\listname ;}\listid1586718224}}{\*\listoverridetable{\listoverride\listid1711764753\listoverridecount0\ls1}}{\*\rsidtbl \rsid7885672\rsid9646723\rsid10828254\rsid15815842}{\info
{\title Draft outline for revised problem statement:}{\author Mark Harrison}{\operator Mark Harrison}{\creatim\yr2008\mo3\dy28\hr15\min17}{\revtim\yr2008\mo3\dy28\hr15\min39}{\version3}{\edmins14}{\nofpages5}{\nofwords1866}{\nofchars10637}
{\nofcharsws13062}{\vern24977}}\paperw11900\paperh16840 \ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\hyphcaps0\formshade\horzdoc\dgmargin\dghspace180\dgvspace180\dghorigin1800\dgvorigin1440\dghshow0\dgvshow0
\jexpand\viewkind1\viewscale100\pgbrdrhead\pgbrdrfoot\splytwnine\ftnlytwnine\htmautsp\nolnhtadjtbl\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule\nobrkwrptbl\rsidroot2105584 \fet0\sectd 
\linex0\headery708\footery708\colsx708\endnhere\sectdefaultcl\sectrsid7885672\sftnbj {\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang
{\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang{\pntxta )}}{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl7
\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl8\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}\pard\plain 
\qc \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid7885672 \lang2057\langfe1033\cgrid\langnp2057\langfenp1033 {\insrsid10828254 Straw man for input into}{\insrsid9646723  revised problem statement for ESDS
\par Mark Harrison
\par 28}{\super\insrsid9646723\charrsid9646723 th}{\insrsid9646723  March 2008}{\insrsid7885672 
\par }\pard \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 {\insrsid7885672 
\par 
\par 
\par }{\b\insrsid7885672\charrsid7885672 What is ESDS?
\par }{\insrsid7885672 ESDS is an enabler for track and trace applications as well as product lifecycle information systems that attempt to gather complete information about an individual physical object.
\par Several organizations may handle an individual object at different stages of its life \endash  and each of these organizations may collect and store some information about each object.
  This may include observations of where the object was seen, details of operations performed on the object, as well as measurements (e.g. temperature) of the object or its environment.
\par Even two objects that are of the same product type and which were created in the same batch or lot may ultimately follow different paths throughout their lives and each might be handled by a completely different set of organizations.
\par 
\par We DO believe that each organization should be able to keep control of the data that they collect and store \endash  and should have the ability to determine how much of this information is made available to others \endash 
 and with whom.  This can be achieved by requiring authentication of clients specifying fine-grained access control policies associated with the roles assigned to those authenticated clients.
\par 
\par We DO NOT propose that ESDS should act as an aggregator of detailed information.
\par Instead, ESDS is intended as a lightweight referral service, whose sole purpose is to help a client to find one or more 
sources of detailed information.  In practice, a query to an ESDS about an object ID should return to an authenticated client a list of URLs of information resources that hold the detailed information about that particular object.  The client will only re
c
eive the URLs to information resources that have authorized (e.g. via access control policies) the client to see their URL address for that specific object ID.  The client can then contact each of those information resources in order to request more detai
led information.  This process is OUTSIDE the scope of ESDS and may be subject to further authentication and authorization checks bilaterally between the client and each individual information resource.
\par 
\par }{\b\insrsid7885672\charrsid7885672 What kind of objects are we tracking and tracing?
\par }{\insrsid7885672 
\par ESDS is intended to support the tracking of all kinds of physical objects, including (but not limited to) aircraft parts, pharmaceutical packages, perishable products such as foods.
\par 
\par We could be tracking something as simple and cheap as a carton of milk or as complex and expensive as aircraft landing gear.
\par 
\par In most situations, the individual object is NOT a device and will NOT necessarily have a network interface or any means of communicating directly with the object.
\par INSTEAD, the object will have an identifier \endash  ideally unique at a given point in time and within a particular context (such as industry sector).
\par Such an identifier can be encoded into a Radio-Frequency Identification (RFID) tag that is attached to the obje
ct or embedded within it.  Alternatively, other data carriers such as barcodes, 2-dimensional barcodes, memory buttons etc. could be used to carry the identifier of the object.
\par 
\par At various locations, reader equipment can be used to detect the presence of s
uch objects, by reading their identifier (ID).  In some situations, it may be possible to exchange additional information with the object, e.g. reading and writing additional data to an RFID tag.  However, in general, the objects can be considered to be n
ormally offline. 
\par 
\par }{\b\insrsid7885672\charrsid7885672 How will those objects be identified?
\par }{\insrsid7885672 
\par Because most of these objects are normally \lquote offline\rquote  and do not provide a network interface in the conventional sense, they probably do not merit allocation of an IP address.
\par 
\par Instead, identifier schemes other than IP addresses will normally be used for identifying an individual object.  RFID tags can either be encoded with an identifier that is qualified by an ISO Application Family identifier \endash 
 or they can be encoded with an Electronic Product Code (EPC), which is a framework for multiple kinds of unique identifiers, which is overseen by EPCglobal, a subsidiary of GS1.  
\par 
\par In many situations, structured identifiers will be used, consisting of a number of structural elements that taken together ensure 
the uniqueness of the identifier.  For example, such structural elements might include a company code, a product class and a serial number. Structured identifiers are a convenient way of delegating the management of uniqueness among various actors within 
a hierarchical tree.}{\insrsid9646723   Structured identifiers also
 enable groups of similar objects to be referred to using a common pattern that may consist of wildcards or ranges in place of fixed literal values for some of the elements of the identifier.  
\par URNs are examples of structured identifiers \endash  and EPCglobal already defines in its Tag Data Standard a number of URN formats for EPC identifiers, as well as URN 
patterns that can refer to collections of individual objects, such as those of the same product type.}{\insrsid7885672 
\par 
\par However, there are some concerns about the use of structured identifiers on the low-cost RFID tags that are available today, since most of these tags do not prevent the unauthorized reading of the identifier from the tag by someone wit
h the appropriate reader equipment that is within range of the tagged object.
\par Unlike barcodes, where a line of sight to the tag is necessary, RFID tags can be read via radio waves, even through optically opaque material.  This has of course raised concerns
 about the privacy of people who carry such tagged objects, as well as the security of the supply chains that distribute the}{\insrsid9646723  objects}{\insrsid7885672 
, since a person or shipment might be targeted or discriminated against on the basis of information that is read about what they are carrying, even without their knowledge or consent.
\par 
\par For this reason, it may be necessary for ESDS to also support unstructured identifiers, to allow for tracking of identifiable objects, even if the organizations that are handling them are unable to determine }{\insrsid9646723 solely }{\insrsid7885672 
from analysis of the ID what kind of object they are handling.
\par 
\par }{\b\insrsid7885672\charrsid7885672 What are the challenges?
\par }{\insrsid7885672 
\par The first challenge is the number of objects that might be individually tracked and traced.  A manufacturer might produce billions of objects of a particular product type per year \endash 
 and this accounts for only one of their many product types.  In some situations, the track and trace information is only needed for a short period of time (e.g. 72 hours for an airline baggage system).  In other situations, trac
eability might be needed throughout the service life of an object (which can be up to 30 years for an aircraft part) \endash 
 or for 2 or 3 decades after the point of sale (in the case of pharmaceuticals records), in case it is ever required for investigations.
\par 
\par The vast quantity of objects is only one dimension to the scalability challenge.
\par Another dimension is the number of organizations who are involved with an individual object \endash  which might be as high as 50 different companies.  
\par 
\par 
\par Protecting confidentiality 
of the information is a further challenge.  This is important because even the link referral information could be analyzed to extract commercially sensitive information, such as the volumes and flows of goods within a supply chain \endash 
 and each organization will want to prevent their competitors from deriving such information.
\par 
\par Therefore, each of these companies might want to specify diff
erent levels of access to other companies.  For N companies within a supply chain or product lifecycle of an individual object, it will be challenging to ensure that the number of access control policies scales at most linearly with N, the number of compa
nies, rather than scaling in proportion to N x (N-1) \endash  the possible number of different policies between N providers and (N-1) clients.
\par 
\par Many of these policies may need to be highly dynamic and semantically rich in order to have the desired effects.  A policy might even need to take into consideration what information a client already has about an individual object \endash 
 and what is the risk of releasing additional information.  For example, it might be appropriate to allow a particular client to know only when an object was shipped \endash  but not when it was received, since this might }{\insrsid9646723 reveal}{
\insrsid7885672  how long it was held in storage.
\par 
\par More conventional challenges include assuring the authenticity and integrity of the link referral information \endash  although this can largely be handled by existing techniques such as digital signatures.
\par 
\par Another challenge is in knowing where to start searching for track and trace information.  In many situations, a company may use a particular ESDS in a \lquote de facto\rquote  manner because it has an appropria
te scope or coverage for their industry sector and/or geographic region.
\par 
\par However, exceptions can arise and unexpected objects can appear, for which no referral information is available on the usual ESDS service a company uses.  It may be that the unexpect
ed object was mis-delivered and in fact belongs to a completely different industry sector or different region.   If there is a federation of ESDS such that they are aware of each other\rquote s existence and scope \endash 
 and have a mechanism to allow for communication between them (even if they do not exchange or mirror each other\rquote s records), it may be possible to develop a \lquote bootstrap protocol\rquote 
 such that any known ESDS can be asked to query the federation of ESDS services it knows about, in an attempt to find another ESDS that recognizes the unexpected object.  This is the goal of the bootstrap protocol.  It is not intended for regular use 
\endash  but rather to handle exception scenarios.  This might be developed using either multi-cast messaging across an overlay network among ESDS instances \endash 
 or through an efficient indexing system (although this might only be possible for structured identifiers).
\par 
\par }{\b\insrsid7885672\charrsid7885672 Potential problem for DNS
\par }{\insrsid7885672 
\par The extremely large volumes of objects that might be tracked and traced exceeds by several orders of magnitude the number of devices that are currently connected to the internet and make use of the public DNS infrastructure.  ( }{\insrsid9646723 
Just think}{\insrsid7885672  about the number of devices an individual uses, versus the number of physical objects they own or encounter each day
).  DNS provides for name-address translation.  It was never intended to be (ab)used as a repository of historical traceability information or for handling objects that are not really devices or have no true network interface.
\par 
\par Furthermore, DNS as it is usually implemented (i.e. without client authentication and authorization) is inappropriate for the query interface to ESDS because of the commercial sensitivity of the records}{\insrsid9646723  \endash 
 records that will not normally be made available to anonymous unauthorized clients}{\insrsid7885672 .
\par 
\par ESDS seeks to develop a technical protocol specifically to enable the tracking and tracing of individual physical objects, so that there is no good reason to abuse the global DNS infrastructure for this purpose.
\par 
\par }{\b\insrsid7885672\charrsid7885672 Outside the scope of ESDS
\par }{\insrsid7885672 
\par The direct point-to-point communication between a client and an information resource that holds
 detailed information from a particular company or organization is outside the scope of ESDS.  ESDS is only concerned with enabling a client to find the URL of one or more information resources. There may be multiple kinds of information resources, such a
s
 web services and dynamic web pages specific to an individual product.  In addition to these generic kinds of resources, there is a specific open standard developed by the EPCglobal community for enabling exchange of information about events and serial-le
vel master data.  This is called \lquote EPC Information Services 1.0\rquote  and is freely available from }{\field{\*\fldinst {\insrsid7885672  HYPERLINK "http://www.epcglobalinc.org/standards/epcis" }{\insrsid9646723 {\*\datafield 
00d0c9ea79f9bace118c8200aa004ba90b02000000170000002c00000068007400740070003a002f002f007700770077002e0065007000630067006c006f00620061006c0069006e0063002e006f00720067002f007300740061006e00640061007200640073002f00650070006300690073000000e0c9ea79f9bace118c82
00aa004ba90b5800000068007400740070003a002f002f007700770077002e0065007000630067006c006f00620061006c0069006e0063002e006f00720067002f007300740061006e00640061007200640073002f0065007000630069007300000000}}}{\fldrslt {
\cs15\ul\cf2\insrsid7885672\charrsid15815842 http://www.epcglobalinc.org/standards/epcis}}}{\insrsid7885672 
\par 
\par ESDS does not seek to replicate work that is already covere
d by EPCIS, nor to provide a data aggregation service or meta-EPCIS across multiple companies.  ESDS is simply a lightweight referral service that points to URLs of other information resources, including EPCIS amongst other kinds of services, such as othe
r web services.  In this way, ESDS (or Discovery Services) are complementary to EPCIS.
\par 
\par Having said that, ESDS will clearly need a well-defined query interface and capture / publish interface for its protocol, as well as supporting both one-off queries and 
subscription queries for receiving relevant new records that are added to an ESDS after the subscription query is established.  Where such methods involve parameters and identical concepts to those that are also found in the EPCIS 1.0 standard, it may be 
beneficial to the EPCglobal community (as a significant potential user of an ESDS protocol) to use terminology that is consistent with the terminology used in EPCIS 1.0, when referring to }{\insrsid9646723 a}{\insrsid7885672  data element or parameter}{
\insrsid9646723  that has the same semantics}{\insrsid7885672 .  
\par 
\par 
\par }}