[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: WS-Policy?
>You have now referred to WS-Policy, presumably meaning the WS-Policy Framework and WS-Policy Attachment documents on which you are listed as a co-author, a few >itimes in messages to the SSTC as though you think it has some relevance to our work. Can you explain what relevance you think it has? Yes I mean WS-Policy Framework and the set of family specifications. I think that WS-Policy is relevant to all specifications that linger into the Web services area, which the WSS-TC seems to be doing as some of the Liberty Alliance ID-WSF specifications are being talked about. WS-Policy provides a general purpose model and corresponding syntax to describe and communicate the policies of a Web Service. It defines a base set of constructs that can be used and extended by other Web Services specifications to describe a broad range of service requirements, preferences, capabilities, etc. The Web service specifications (WS-*) are designed to be composed with each other to provide a rich set of tools to provide security in the Web Services environment. WS-Policy by itself does not provide a policy negotiation solution for Web services, this is provided by WS-MetadataExchange. WS-Policy and family specifications form the policy framework that is used in conjunction with other Web service and application-specific protocols and specifications to accommodate a wide variety of policy exchange models. WS-Policy provides a framework which other specifications can extend. Extensions may specify assertions that contain scope, preconditions, business value and decision. these can be used to guide the behavior of “decision makers”; “decision makers”, in turn, guide the behavior of “resource managers” by issuing the decisions specified by the assertions. WS-Policy defines how policy is advertised. One example is may be that you define a “decision federator” that is responsible for storing policies and distributing them to various decision makers. In summary, WS-Policy provides a framework into which other policy assertions can be inserted (i.e. XACML). Anthony Nadalin | work 512.436.9568 | cell 512.289.4122 |---------+----------------------------> | | "RL 'Bob' Morgan"| | | <rlmorgan@washing| | | ton.edu> | | | | | | 10/15/2003 11:49 | | | PM | |---------+----------------------------> >----------------------------------------------------------------------------------------------------------------------------------------------| | | | To: Anthony Nadalin/Austin/IBM@IBMUS | | cc: OASIS Security Services TC <security-services@lists.oasis-open.org> | | Subject: WS-Policy? | >----------------------------------------------------------------------------------------------------------------------------------------------| On Wed, 15 Oct 2003, Anthony Nadalin wrote: > This is a prime example of policy (WS-Policy), not authentication > context as it goes beyond authentication Tony: You have now referred to WS-Policy, presumably meaning the WS-Policy Framework and WS-Policy Attachment documents on which you are listed as a co-author, a few times in messages to the SSTC as though you think it has some relevance to our work. Can you explain what relevance you think it has? - RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]