[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ebxml-cppa-negot] 1/22/2004: CPPA-Negot Draft Comments
Monica J. Martin wrote: > >> mm1: In addition, in the 'meeting' on Wednesday, I also indicated >> that our small team should work with BPSS and WSPL (XACML) if >> possible on any cross-specification items, even if informally. I've >> identified some of the opportunity areas for simplication that >> references WSPL, and there are some areas that touch on ebBP work >> items (like role reversal and validation scope). > > > mm2: References to WSPL: One note attached and link: > http://www.oasis-open.org/apps/org/workgroup/xacml/download.php/3661/draft-xacml-wspl-04-1.pdf. > I am checking if this is the latest version. Thanks. > mm3: Three is a charm....Here is the note. I shouldn't try to type and listen to a telecon at the same time.
Subject: Re: [xacml] question about splitting WSPL document From: Frank Siebenlist <franks@mcs.anl.gov> Date: Sun, 05 Oct 2003 11:59:30 -0700 To: Anne.Anderson@sun.com CC: XACML TC <xacml@lists.oasis-open.org>, Tim Moses <Tim.Moses@Entrust.com> Hi Anne, Anne Anderson wrote: > Frank, > > I have a question about your proposal to split the "merge > algorithm" part of WSPL from the "bindings" part. > > The merge algorithm makes use of the binding information: > > top-level <PolicySet/Target/Resources> element identifies > the WSDL 1.1 port > 2nd-level <PolicySet/Target/Actions> element identifies the > WSDL 1.1 operation > 2nd-level <PolicySet/Target/Resources> element identifies the > WSDL 1.1 message > <Policy/Target/Resources> element identifies the aspect of > policy > > Policies are merged only where these are all coincident. > > With the scope change, we will have only one "aspect" value > (authorization/access control/entitlement). > > We could define the merge algorithm such that it assumes the > Target elements in the PolicySets and Policies are all > coincident. Is that what you mean? My split proposal was based on the high level observation that there may be many more policies that have the property that they can be expressed in a similar hierarchical-like matter as the port/operation/message. (corba and EJBs come to mind). Maybe by discussing different classes of these policies, one could deal first with the case where there is only a single resource-level objective, similar to only having policies apply to the port. After that deal maybe with two resource-level objectives, one resource and an action-level objective, etc. To be honest, I still have to get used to Tim's "xacml-combiner speak" and I'm having a hard time to understand all the consequences and applicability. By bringing it up one level in abstraction, it may also be easier to understand how we map it to specific application bindings, like wsdl/port/operation-message. My hope is that the upcoming F2F will allow us to drill down on some of these ideas. Regards, Frank. -- Frank Siebenlist franks@mcs.anl.gov The Globus Alliance - Argonne National Laboratory To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/xacml/members/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]