[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: WS-CoL: another domain-independent policy constraint language
Colleagues, This group may be interested in a recently published paper, "WS-Policy for Service Monitoring" [1], which proposes another domain-independent policy assertion language, WS-CoL (Web Services Constraint Language), for use with WS-Policy. It is specifically designed to be used in monitoring WS-BPEL processes. The authors imply that it is not proprietary, but there is no pointer to a language specification or other background documentation. I think this is interesting work, and bears further study. I will invite the authors to participate in dipal-discuss. A few notes and points of comparison: - The authors do not address the problems of policy and assertion intersection, assuming that the policy they are monitoring is the set of effective assertions for the process instance being monitored. This is the major drawback to this effort for our purposes. - The language and its implementation are integrated with WS-BPEL and with WS-Policy, and the monitoring code is automatically generated. I think it is worth studying how the integration with WS-BPEL is done. - The language binds the variable data retrieval mechanism fairly tightly to the language syntax by using links to WSDL specifications for a service interface that will provide the required data. In XACML, this binding is done indirectly in a separate component called the Context Handler. The XACML Context Handler could be written to associate WSDL links and operations with various XACML "Attributes", and I think this is an interesting approach. - The language so far supports only integer, string, and Boolean data types. They use "XlinkIt" [2] and "CLiX" [3] to implement the language. - The language does not seem to handle problems like multiple nodes satisfying a single XPath expression. It appears to assume there will always be exactly one value retrieved per data reference. CLiX [3], however, may include more complex expressions than those shown as examples in the paper. - In an example, they translate a WS-SecurityPolicy Assertion into WS-CoL. Based on our experience with WS-PolicyConstraints, I think it will not be possible to automatically generate monitors for all WS-SecurityPolicy Assertions as not all can be verified in the message itself. They also do not deal with the problem of multiple Assertions that might affect the construction of the same message; it appears that their approach would end up generating two separate forms of the same message. References: [1] "WS-Policy for Service Monitoring", by L. Baresi, S. Guinea, and P. Plebani of the Dipartimento di Elettronica ed Informazione,Politecnico di Milano, 6th VLDB Workshop on Technologies for E-Services; September 2 - 3, 2005. http://www.elet.polimi.it/upload/baresi/papers/TES2005.pdf [2]"XlinkIt: A Consistency Checking and Smart Link Generation Service", ACM Transactions on Software Engineering and Methodology, pp. 151-185, May 202. [3] "CLiX: Constraint Language in XML". http://www.clixml.org/clix/1.0 Regards, Anne -- Anne H. Anderson Anne.Anderson@sun.com Sun Microsystems Labs 1-781-442-0928 Burlington, MA USA
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]