[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Policy Types
As defined in Fig 46 pp 74 - Policy is either a permission or an obligation I believe that certain business policies do not fit within either policy class. There are machine readable policies that mandate that a computer follow a specific course of action depending on the state of the ecosystem. While there may be an obligation on the policy writer to write a policy to follow certain criteria, the policy writen for the machine has no such abiguity. An obligation is the act of binding oneself (in the service case, itself) to follow a particular course of action, which the service may or may not do. Given a particular state of the ecosystem the machine MUST follow the course of action dictated by the policy. For example: A company has a policy that states; if the order flow is greater than some number, orders MUST go to warehouse B else they MUST go to warehouse A. This is not a permission and I have a hard time conceiving this as an obligation. In my example the service has no choice but to use the given address / endpoint depending on the state of the ecosystem. So it seems to me that the positive & negative policy constraints are aggregates of permissions, obligations and what I'll tentively call - instructions. One of the purposes of SOA is to facilitate the replacement of humans by machines. In order to do this, the machines must be made more "intelligent", i.e. they must be able to autonomously handle variations in the ecosystem, as far as possible. Properly written business policies support this. I believe that the number of business policies giving direction and instructions to the machines to cope with varying circumstances will be in the majority. Don -- Don Flinn President Mansurus LLC e-mail: flinn@alum.mit.edu Tel: 781-856-7230 http://mansurus.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]