Re: [regrep] [Proposed Change] Replace Association confirmation withreference access control

[Farrukh Najmi <Farrukh.Najmi@Sun.COM>]

Duane Nickull wrote:

> My opinion is that "who" makes the assertion is an essential part of 
> the association.  Their views may not necessarily be 100% correct or 
> agreed to by all parties since things like context of use can affect 
> semantics. I would support that someone can make a unilateral 
> assertion and we have a mechanism whereby a reciprocal association can 
> be declared or agreed to.

That is what we have right now (association confirmation). The point is 
that the confirmation / unconfirmation and tracking confirmation state 
is clumsy and very specific to associations. What about other type of 
references other than associations (e.g. ClassificationNode references 
to other ClassificatuionNodes as parents - meaning who can extend my 
scheme etc.)

Also confirming associations is an unsolicited burden on object owners. 
It has also been difficult to implement.

The solution I propose will work in all cases consistently and with more 
expressivity and is simpler all around.

>
> One issue may be manageability.  Imagine UBL puts its schema into a 
> registry and gets 50,000 people each asserting via associations they 
> "use" certain objects.  The owner of UBL in that registry may not want 
> the responsibility of having to respond to each and every case.

That is one of the major issues with the current model. In the 
alternative model I propose  the way things work is that I decide as 
object owner  WHO I allow to reference my object and under what 
circusmtances. Beyond that I never have to worry about  who is making 
references. The old way requires me to give  my blessing on each  
reference on a case by case bases. The new proposed way allows we to  
specify the rules under which I allow refences and  from then on I do 
not have to bother with  it.

>
> My $0.02
>
> Duane
>
>
>
> Farrukh Najmi wrote:
>
>>
>> I am working actively on the 2.9 spec (precursor to 3.0). In version 
>> 2.5 and earlier we have a concept of
>> Association Confirmation as defined in section 8.6 of ebRIM 2.5. The 
>> idea is that in an extramural association
>> (association between objects owned by different parties) if I create 
>> an association with someone else's object
>> they MUST confirm that association in order for it to be fully valid. 
>> There are clumsy ways to confirm and
>> unconfirm an extramural Association described in 8.6.2 and 8.6.3.
>>
>> In version 2.9 we will add clarifications to the XACML feature to 
>> define precisely how fine grained access
>> control can control WHO gets to REFERENCE a RegistryObject and under 
>> what circumstances. The WHO is
>> the Subject, the REFERENCE is the Action and the RegistryObject is 
>> the resource.
>>
>> For example you will be able to define an ACP that say:
>>
>> I allow a reference to my object to be created only if all the 
>> following conditions are met:
>>
>> a) The subject making the reference has role "ProjectLeader"
>>
>> b)  that reference is from an Association instance
>>
>> c) the reference is being made via the sourceObject property of 
>> Association
>>
>> d) the value of the associationType attribute in association 
>> identifies the "Supercedes" associationType
>>
>> Given this powerful and flexible capability it seems very clumsy and 
>> unnecessary to have the
>> existing Association confirmation feature.
>>
>> I would like to propose that we remove Association Confirmation 
>> feature and instead leverage the
>> reference Access Control feature to control who can create an 
>> extramural association to someone else's
>> objects. This simplifies the spec greatly and can also be another 
>> example where our specs use a few
>> good primitive features to support higher level features or 
>> requirements.
>>
>> Thoughts?
>>
>


-- 
Regards,
Farrukh