Re: [soa-rm-ra] reading WS-Policy: first observation

[Duane Nickull <dnickull@adobe.com>]

Frank:

Which is precisely why I am in favor of expanding on it a bit but still
using it as the basis.  It also does not let policies be placed on the data
itself in a persistent manner.  Adobe, IBM, MS and others have offerings in
this area as more and more people are asking for this.  The "secure the
pipe" methodology does not bode well for electronic data since once
something is out it can be re-serialized thousands of time.

BTW - I am on hold.  No call this AM?  Or did the MPID change from 6210?

Duane




On 7/3/07 1:38 PM, "Francis McCabe" <frankmccabe@mac.com> wrote:

> I think that the WS-Policy framework should be interpreted as a
> simplification of what we had in mind.
> 
> In particular, the three aspects:
>> 
>> Note per WS-Policy Framework,
>> - a "policy" is a collections of policy alternatives, where
>> - a "policy alternative" is a collection of policy assertions, where
>> - a "policy assertion" represents a requirement, capability, or
>> other property of a behavior.
> 
> represent a simplified policy language. This has both benefits and
> demerits. It is simple, and easily implemented and (more importantly)
> easy to reason with. On the other hand, you cannot express a policy
> constraint such as price less than $100, or cheapest price.
> 
> Personally, I think that WS-Policy represents a too-strong commitment
> to a particular technology.
> 
>> 
>> Note also,
>> - a "policy attachment" is a mechanism for associating policy with
>> one or more policy scopes. where
>> - a "policy scope" is a collection of policy subjects to which a
>> policy applies, where
>> - a "policy subject" is an entity with which a policy can be
>> associated.
> 
> I think that these concepts could be better explored. I think that we
> would also want to add "policy owner" at the very least. Also, the
> policy subject bears a strong resemblance to the (in)famous WS
> resource (the resource that a WS is 'about'). It works for many cases
> but not all: e.g., managers should earn more than their members. All
> the services in group X should be started simultaneously.
> 
> Frank
> 
> 
>> 
>> Obviously, any part of a service or service description can be a
>> policy subject.  The question, as noted in current RA text, is how
>> do you discover something and decide to use it if critical policies
>> can be embedded anywhere.
>> 
>> I read on :-)
>> 
>> Ken
>> 
>> P.S. I realize the RA does not directly "use" WS-Policy but if we
>> decide not to be consistent, then we need to make our alternatives
>> and our rationale very clear.
>> 
>> ----------------------------------------------------------------------
>> --------------------
>> Ken Laskey
>> MITRE Corporation, M/S H305     phone:  703-983-7934
>> 7515 Colshire Drive                        fax:        703-983-1379
>> McLean VA 22102-7508
>> 
>