[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wsbpel] Issue - 66 - Zero or multiple matches of correlationset
Ron Ten-Hove wrote: > Assaf Arkin wrote: > >> I would also like to see a separation of concern between the process >> definition and the QoS requirements of the service and wouldn't rule >> out using existing mechanisms, e.g, the WSDL 1.2 features & >> properties framework. > > Use of the new WSDL 1.2 features and properties is an excellent > suggestion for addressing this need. My only concern is that the > business analyst functioning as author of the process will have to get > involved in defining such features & properties (which can be very > technical & detailed), or must use "out of band" techniques to > communicate his high-level QoS needs to the technical modeller. I don't see the business analyst writing WSDL 1.2 definitions using NotePad, or for that matter BPEL process definition. I believe a visual modeling tool would be used, and the tool can provide the necessary simplification and abstraction. IMO trying to make the XML syntax 'business analyst friendly' is pointless. arkin > > If we cannot use WSDL 1.2 (and IIRC this is out of scope for the > TC), what approach should we take that would preserve portability? > Recommend (in a normative fashion) the use of CPP/A or other open > standard? > > Just to make my previous suggestions more concrete, and borrowing > from BPSS, what I had in mind was something like: > ><receive partnerLink="ncname" portType="qname" operation="ncname" > variable="ncname"? createInstance="yes|no"? >* isTamperProof="_none_|transient|persistent|transient-and-persistent"? > isConfidential=**"_none_|transient|persistent|transient-and-persistent"? > isAuthenticated=**"_none_|transient|persistent|transient-and-persistent"?* > standard-attributes> > > where isTamperProof indicates the need to detect alterations to the > message, isConfidential indicates the need to encrypt or obscure the > message contents, and isAuthenticated indicates the need to verify the > senders identity. An attribute value of transient means wire-level > protocol protection, while persistent refers to security measures that > are applied to the message before the message is sent to the > communications handler. > > These security properties (isTamperProof, isConfidential, > isAuthenticated) are meant to express the high-level business security > needs only. It is up to implementations to assure that these > requirements are meant. The security properties serve as constraints > on the implementation's configuration / deployment system. How such > constraints are met depends on the security features of the > implementation's messaging infrastructure. > > -Ron >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]