OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm-ra message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [soa-rm-ra] Policy Discussion

If you can call in during the ftf, that might be most efficient.

Ken

On Apr 14, 2007, at 11:02 PM, Duane Nickull wrote:

I can do a demo during one of our next calls to make it clearer.

Duane


On 4/14/07 11:02 AM, "Ken Laskey" <klaskey@mitre.org> wrote:

Additional questions/comments (also additional to Danny's):

- I agree that policies can apply to anything.? In a SOA, the only things within our scope are things that can be affected by service interactions.? So, in general, I like the figure on page 2 because the policy that applies to some resource must also be associated with the service that accesses that resource, e.g. if accessing the resource without regard to SOA requires a license then using a service to access the resource should require the same (or an equivalent) license.

-?Policy Identifier – a unique identifier to act as a pointer to a?specific instance of a policy.?
This implies Policy is a class and I usually want to be talking about the policy instances?

-?Policy Assertion – A policy assertion represents an individual?
requirement, capability, or other visible property or action of an?
actor, resource or ?
The blank at the end of this sentence is probably appropriate but you should finish it anyway :-)

-?Policy Assertion Type – represents a specialized policy instance?with assertion-specific semantics.
I like the idea of this because it's more than just "well, of course I have different types of policies" and connects it to something that really differentiates types.? Now this implies we can have a general policy framework but a required declaring of semantics, i.e. the policy vocabulary.

-?Policy Service – a specialized type of service ... has?been complied with in a manner acceptable to grant further access. ?
I would generalize to say "a manner acceptable to continue the interaction" because the requested interaction might be other than access.

All this said, I'm still struggling over what aspects of a service MAY but SHOULD NOT have policy attached and how this is reflected in a service description.

Ken

On Apr 14, 2007, at 9:00 AM, Duane Nickull wrote:


Did anyone have any comments on the policy contribution?

D

<Policies ­ general concepts.pdf>

 
------------------------------------------------------------------------------------------
Ken Laskey
MITRE Corporation, M/S H305?? ??phone:??703-983-7934
7515 Colshire Drive? ? ? ? ? ? ? ? ? ? ? ??fax:? ? ? ??703-983-1379
McLean VA 22102-7508



 

------------------------------------------------------------------------------------------
Ken Laskey
MITRE Corporation, M/S H305     phone:  703-983-7934
7515 Colshire Drive                        fax:        703-983-1379
McLean VA 22102-7508

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]