[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: point of action
The following are from my notes at the ftf
Point of Action (poa)
- Frank: anchoring mechanism for numerous things, e.g. policy enforcement, evaluating needs & capabilities
- Ken: how does poa relate to service interface? Frank: service interface includes actions you can perform; each instance of use consists of performing action; actual action is poa; interface vs. poa is class vs. instance relationship; the physical action is the point of action
- [Ken] Given a policy is a desire of one participant and an agreement as part of the execution context for participants to abide by that policy (i.e. the other participant(s) agree to make that policy theirs), the policy enforcement point becomes the point of action for enforcing the agreed-upon policy.
- [Frank alternative] A policy is a constraint that represents the desire of a participant. A contract is a constraint that represents the agreed desires of two or more participants. A [policy] enforcement point is the point of action for enforcing constraints that represent either policies or contracts.
I've reread this and am still having problems differentiating between service interface and point of action. It appears that poa is more general because it is the location to which a user would send a command for action. If the receiver is a service, then the poa would seem to be the service interface. In the policy example, if the enforcement mechanism is accessed through a service, the PEP could be said to have a service interface.
I still seem to be missing something.