[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [soa-rm-ra] point of action
So how does Point of Action differ from Point of Enforcement or Point of Decision? Michael At 12:31 PM 8/22/2006, Francis McCabe wrote: >Action is one of the hardest concepts to model. >But, we need something because we have to have something to hang RWE >off of, policy decisions and enforcement, auditing, logging, >composition, etc. etc. etc. > >This is an issue because, in the context of intermediaries, it may be >non-obvious what actions are actually specified. > >On Aug 21, 2006, at 11:15 AM, Michael Stiefel wrote: > >>After reading this discussion the meaning of POA is not clear to me >>at all. Perhaps future discussions will make its meaning and >>usefulness clearer. >> >>Michael >> >>At 12:06 PM 8/17/2006, Ken Laskey wrote: >>>OK for now. Hopefully the use of poa in the RA will clarify >>>things or this is going to be a bear to write up for our audience. >>> >>>Ken >>> >>>At 11:37 AM 8/17/2006, Francis McCabe wrote: >>>>The POA concept is a general concept that is not limited to >>>>services. >>>>So, perhaps, that is what was going though Danny's mind -) >>>>As to private vs public, we are going to get similar issues with the >>>>Point of Decision and Point of Enforcement of policies. >>>> >>>>One important place for the POA in the RA is as the start of the >>>>chain of events that lead to the real world effect. Another is that >>>>the POA acts as one place were policies must be applied. (I cannot >>>>make up my mind exactly how POA relates POD and POE.) Of course, >>>>this >>>>is but one place where policies are applied in the RA. >>>> >>>>Frank >>>>On Aug 17, 2006, at 8:15 AM, Ken Laskey wrote: >>>> >>>>>Where it fits in the RA is still my question. In the example in >>>>>his earlier email, Danny says >>>>> >>>>>To draw another analogy for the point of action, I >>>>>know your mind will be the point of action for >>>>>processing this e-mail as you read the e-mail. The >>>>>e-mail address and the english language is like a >>>>>service interface. >>>>> >>>>>If this example aligns with your meaning, then isn't my mind part >>>>>of the opaque implementation? [The jokes are altogether too >>>>>obvious so first answer the question and later we can collect the >>>>>best Ken-related responses in a follow-on thread. :-) ] >>>>> >>>>>Ken >>>>> >>>>>On Aug 17, 2006, at 11:01 AM, Francis McCabe wrote: >>>>> >>>>>>The action being referred to in a service interaction is not >>>>>>really any private action. As you use a service to do something >>>>>>then you are performing an action. (There may be consequential >>>>>>events that follow that are internal.) That action has a point of >>>>>>action. >>>>>> >>>>>>Note that with the action-at-a-distance analogy getting clarity on >>>>>>when and where the action is performed may be quite important. For >>>>>>example, if you send a message declaring that you have agreed to a >>>>>>contract, from the service provider's PoV, it is not until it >>>>>>'groks' the message that it considers that you have actually >>>>>>agreed. >>>>>> >>>>>>Frank >>>>>> >>>>>> >>>>>>On Aug 17, 2006, at 7:24 AM, Ken Laskey wrote: >>>>>> >>>>>>>see below >>>>>>> >>>>>>>At 09:18 AM 8/17/2006, Rex Brooks wrote: >>>>>>>>I hope no one is surprised if I quibble with this particular >>>>>>>>definition, which comes close, in my opinion, but fall just >>>>>>>>short of the mark. I take exception with the choice of using the >>>>>>>>concept of force per se, though I do understand and agree with >>>>>>>>the requirement of making "action" transitive. I would apply a >>>>>>>>small bit of mental jiu jitsu on this definition, thus: >>>>>>>> >>>>>>>>Action: the application of 'intent' to achieve an effect by an >>>>>>>>agent on an object. >>>>>>>> >>>>>>>>Thus, the application of "intent" applies equally well to >>>>>>>>choosing to do "nothing" and allow inertia/momentum to achieve >>>>>>>>an effect, >>>>>>> >>>>>>>but the application of nothing does not require an agent as the >>>>>>>transferral entity if there is nothing to transfer, unless >>>>>>>however you identify the agent as a way of establishing context >>>>>>>for your intended nothing. >>>>>>> >>>>>>>>or to require action by some other agent to achieve, prevent or >>>>>>>>allow an effect. In the study of heuristics, one of the least >>>>>>>>well explored results is exactly this, the intentional refusal >>>>>>>>to act per se, which, I contend, constitutes a decision, which >>>>>>>>is, in and of itself, an action at a choice-point branching of a >>>>>>>>decision-tree. >>>>>>>> >>>>>>>>BTW, this answers the last question below: Yes! and full >>>>>>>>responsibility or culpability applies. Needless to say, this is >>>>>>>>utterly critical to security. Choose not to apply a patch in >>>>>>>>time, and you are caught holding the hot potato if bad things >>>>>>>>happen to good systems. >>>>>>> >>>>>>>So the follow-up question is: what can be identified as the poa >>>>>>>while still maintaining the SOA principle of opacity of the >>>>>>>implementation of services and their underlying capabilities? >>>>>>> >>>>>>>>Cheers, >>>>>>>>Rex >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>At 7:55 AM -0400 8/17/06, Ken Laskey wrote: >>>>>>>>>Some comments from Frank that didn't get back to the list: >>>>>>>>> >>>>>>>>>Ken: >>>>>>>>> The POA *is* the action as it is applied. >>>>>>>>> If the service is the glove, the POA is the iron fist:) >>>>>>>>> >>>>>>>>> Different people have different definitions of action, (try >>>>>>>>>define:action in google). None of these definitions is all that >>>>>>>>>satisfactory to me. >>>>>>>>> My definition is adapted from John Sowa: >>>>>>>>> >>>>>>>>>Action: the application of force by an agent on an object with >>>>>>>>>the intention of achieving an effect. >>>>>>>>> >>>>>>>>> I.e., its a kind of event. The POA is a characterization of >>>>>>>>>that event. (One reason I like this definition is that is >>>>>>>>>includes all human actions but excludes rocks rolling down the >>>>>>>>>hill hitting other rocks.) >>>>>>>>> >>>>>>>>> The service interface is the characterization of what it means >>>>>>>>>to perform an action. It is not the action itself though. >>>>>>>>> >>>>>>>>> Hope that this throws a little light on the matter. >>>>>>>>>Frank >>>>>>>>> >>>>>>>>>Per Danny's response, I think he caught my question well with >>>>>>>>>the final line of his response below: >>>>>>>>> >>>>>>>>>>One question >>>>>>>>>>we can ask is can we identify a point of action >>>>>>>>>>meaningful to the reference architecture that would >>>>>>>>>>not have a service interface? >>>>>>>>> >>>>>>>>>Ken >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>On Aug 17, 2006, at 1:55 AM, Danny Thornton wrote: >>>>>>>>> >>>>>>>>>>To draw another analogy for the point of action, I >>>>>>>>>>know your mind will be the point of action for >>>>>>>>>>processing this e-mail as you read the e-mail. The >>>>>>>>>>e-mail address and the english language is like a >>>>>>>>>>service interface. >>>>>>>>>> >>>>>>>>>>The SOA has many points of action, each point of >>>>>>>>>>action potentially affecting many other points of >>>>>>>>>>action. We can identify points of action in a SOA >>>>>>>>>>relevant to the reference architecture. One question >>>>>>>>>>we can ask is can we identify a point of action >>>>>>>>>>meaningful to the reference architecture that would >>>>>>>>>>not have a service interface? >>>>>>>>>> >>>>>>>>>>Danny >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>--- Ken Laskey <<mailto:klaskey@mitre.org>klaskey@mitre.org> >>>>>>>>>>wrote: >>>>>>>>>> >>>>>>>>>>>The following are from my notes at the ftf >>>>>>>>>>> >>>>>>>>>>>Point of Action (poa) >>>>>>>>>>> >>>>>>>>>>>- Frank: anchoring mechanism for numerous >>>>>>>>>>>things, e.g. policy >>>>>>>>>>>enforcement, evaluating needs & capabilities >>>>>>>>>>> >>>>>>>>>>>- Ken: how does poa relate to service >>>>>>>>>>>interface? Frank: >>>>>>>>>>>service interface includes actions you can perform; >>>>>>>>>>>each instance of >>>>>>>>>>>use consists of performing action; actual action is >>>>>>>>>>>poa; interface >>>>>>>>>>>vs. poa is class vs. instance relationship; the >>>>>>>>>>>physical action is >>>>>>>>>>>the point of action >>>>>>>>>>> >>>>>>>>>>>- [Ken] Given a policy is a desire of one >>>>>>>>>>>participant and an >>>>>>>>>>>agreement as part of the execution context for >>>>>>>>>>>participants to abide >>>>>>>>>>>by that policy (i.e. the other participant(s) agree >>>>>>>>>>>to make that >>>>>>>>>>>policy theirs), the policy enforcement point becomes >>>>>>>>>>>the point of >>>>>>>>>>>action for enforcing the agreed-upon policy. >>>>>>>>>>> >>>>>>>>>>>- [Frank alternative] A policy is a constraint >>>>>>>>>>>that represents >>>>>>>>>>>the desire of a participant. A contract is a >>>>>>>>>>>constraint that >>>>>>>>>>>represents the agreed desires of two or more >>>>>>>>>>>participants. A [policy] >>>>>>>>>>>enforcement point is the point of action for >>>>>>>>>>>enforcing constraints >>>>>>>>>>>that represent either policies or contracts. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>I've reread this and am still having problems >>>>>>>>>>>differentiating between >>>>>>>>>>>service interface and point of action. It appears >>>>>>>>>>>that poa is more >>>>>>>>>>>general because it is the location to which a user >>>>>>>>>>>would send a >>>>>>>>>>>command for action. If the receiver is a service, >>>>>>>>>>>then the poa would >>>>>>>>>>>seem to be the service interface. In the policy >>>>>>>>>>>example, if the >>>>>>>>>>>enforcement mechanism is accessed through a service, >>>>>>>>>>>the PEP could be >>>>>>>>>>>said to have a service interface. >>>>>>>>>>> >>>>>>>>>>>I still seem to be missing something. >>>>>>>>>>> >>>>>>>>>>>Ken >>>>>>>>>>> >>>>>>>>>>>--- >>>>>>>>>>>Ken Laskey >>>>>>>>>>>MITRE Corporation, M/S H305 phone: 703-983-7934 >>>>>>>>>>>7515 Colshire Drive fax: >>>>>>>>>>> 703-983-1379 >>>>>>>>>>>McLean VA 22102-7508 >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>__________________________________________________ >>>>>>>>>>Do You Yahoo!? >>>>>>>>>>Tired of spam? Yahoo! Mail has the best spam protection >>>>>>>>>>around >>>>>>>>>><http://mail.yahoo.com>http://mail.yahoo.com >>>>>>>>> >>>>>>>>>--- >>>>>>>>>Ken Laskey >>>>>>>>>MITRE Corporation, M/S H305 phone: 703-983-7934 >>>>>>>>>7515 Colshire Drive fax: >>>>>>>>>703-983-1379 >>>>>>>>>McLean VA 22102-7508 >>>>>>>> >>>>>>>> >>>>>>>>-- >>>>>>>>Rex Brooks >>>>>>>>President, CEO >>>>>>>>Starbourne Communications Design >>>>>>>>GeoAddress: 1361-A Addison >>>>>>>>Berkeley, CA 94702 >>>>>>>>Tel: 510-849-2309 >>>>>>> >>>>>>>-- >>>>>>> >>>>>>>----------------------------------------------------------------- >>>>>>>--- ------------- >>>>>>> / Ken >>>>>>>Laskey >>>>>>> \ >>>>>>> | MITRE Corporation, M/S H305 phone: 703-983-7934 | >>>>>>> | 7515 Colshire Drive fax: >>>>>>>703-983-1379 | >>>>>>> \ McLean VA >>>>>>>22102-7508 / >>>>>>> >>>>>>>----------------------------------------------------------------- >>>>>>>--- -------------- >>>>> >>>>> >>>>>------------------------------------------------------------------- >>>>>--- -------------------- >>>>>Ken Laskey >>>>>MITRE Corporation, M/S H305 phone: 703-983-7934 >>>>>7515 Colshire Drive fax: 703-983-1379 >>>>>McLean VA 22102-7508 >>> >>>-- >>>--------------------------------------------------------------------- >>>------------ >>> / Ken >>>Laskey >>> \ >>> | MITRE Corporation, M/S H305 phone: 703-983-7934 | >>> | 7515 Colshire Drive fax: >>>703-983-1379 | >>> \ McLean VA >>>22102-7508 / >>>--------------------------------------------------------------------- >>>------------- >> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]