OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-editors message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: New Domain Model

I have updated the domain model as best I can as a result of my perusal of
the minutes of the F2F TC.  I assume that Jeff will forward the contents of
this note to the TC once the doc repository has been updated.

I have done the following:
- Converted diagram from Together to Visio.  This should make it more
readable.  I don't think powerpoint is an effective engineering diagram tool
for the details that we want to represent, imho.
- Removed Sessions
- Changed authorization assertion to Attribute assertion
- Added indicator (grey area) to show SAML.
- removed reference to life cycle management
- made sure terminology between prod/cons model matches
- set principal/entity cardinalities to 1 to represent that a principal
represents 1 entity
- set credential/principal cardinality to 1 to represent that a credential
represents 1 principal
- set resource/PEP cardinality to 1 to represent that a given resource is
policed by 1 PEP
- cardinalities all represented, most currently at *.   I need specific
feedback on each of the links hence...
- I added a number of ISSUES on cardinality and relationships to the static
model.  Feedback would be great.
- Updated definition of User in static model glossary
- Removed Authorization Assertion from glossary  
- Removed log-off from glossary
- Removed Session from the pubcon model.

I did not understand the following or wasn't sure exactly what to do from
the various minutes:
- what to do about authorization attributes.  I noted some tendency to want
to remove, but it seems to me that the association between attributes and
the authorization authority seems relevent.  Need resolution on keep or
- The mention of a life-cycle model or diagram.  I wasn't sure if this was
meant to be a UML state transition diagram (assertion created, revoked,
etc), a UML sequence diagram, a yourdon data flow diagram.  
- The mention that the domain model has containment and "other"
relationships.  There are no containment/aggregation relationships listed,
only a single inheritance (isa) relationship.  So this confused me and I did
- I wasn't sure what to do about the domain glossary.  I recall discussion
about nuking it, but I didn't see any particular action to that regard.
- I didn't see a decision to change security policies.

Dave Orchard
XML Architect
Jamcracker Inc.,    19000 Homestead Dr., Cupertino, CA 95014
p: 408.864.5118     m: 604.908.8425    f: 408.725.4310

www.jamcracker.com - Sounds like a job for Jamcracker.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC