Subject: RE: [soa-rm] Definition of "Service Consumer"
Andrew, From a RM perspective, is it necessary to note these distinctions or just that a black box exists to deal with the overall capability? Ken At 12:09 PM 4/11/2005, Andrew Nash wrote: >The type of authentication required will certainly vary depending on the >type of service and the "domain" in which a service or its requestor reside. >So different "strengths" or other attributes of a particular authentication >credential are important in different contexts. This will also be different >between a credential that may be used to represent a human participant and >the web service or consumer. > >Financial institutions are certainly interested in performing correlation >among a collection of services to detect phishing or other fraudulent >activity. To do this most of the folks I have talked to require an identity >associated with the transaction "originator" to be used in conjunction with >the identity of one or more of the web service, requestor or intermediaries. > >--Andrew > > >-----Original Message----- >From: Frank McCabe [mailto:firstname.lastname@example.org] >Sent: Monday, April 11, 2005 11:58 AM >To: Chiusano Joseph >Cc: email@example.com >Subject: Re: [soa-rm] Definition of "Service Consumer" > >I read this morning in the paper that some banks are guarding against >phishing -- by noting that if a customer normally accesses his or her >bank account from Sunnyvale, CA, it is pretty unlikely that the >customer access it from Chechnya! > >More prosaically, I was thinking of the kinds of >authentication/verification on a given request will vary depending on >whether its internal, external, already part of a conversation, etc. > >Frank > >On Apr 10, 2005, at 11:00 AM, Chiusano Joseph wrote: > > > <Quote> > > Here is an example of why its important: the appropriate business logic > > to apply to a service request will depend on many factors: the means by > > which the request was delivered, > > </Quote> > > > > Could you please expand on what you mean by "the means by which the > > request was delivered,"? I'm thinking MVC violation (using term > > "violation" loosely, for point) here, but perhaps not depending on your > > usage of this phrase. > > > > Joe > > > > Joseph Chiusano > > Booz Allen Hamilton > > Visit us online@ http://www.boozallen.com > > > > > >> -----Original Message----- > >> From: Frank McCabe [mailto:firstname.lastname@example.org] > >> Sent: Thursday, April 07, 2005 12:00 PM > >> To: email@example.com > >> Subject: Re: [soa-rm] Definition of "Service Consumer" > >> > >> There is a distinction between the software *entity* > >> (agent/component/J2EE bean/.../) that interacts with a > >> service in order to achieve some goal, and the person or > >> persons for whom that interaction is taking place. > >> > >> The reason that this distinction is important is similar to > >> the distinction between a service interface and the service itself: > >> accessing your bank account from an ATM or on-line will use > >> different interfaces but ultimately all use the same service. > >> > >> Here is an example of why its important: the appropriate > >> business logic to apply to a service request will depend on > >> many factors: the means by which the request was delivered, > >> the request itself and the person (or > >> persons) for whom the request was made. This last aspect is > >> completely independent of mode of requesting and is purely > >> business/application specific. > >> > >> Incidentally, the above definition: "an agent that interacts > >> with a service in order to achieve a goal" seems to be a > >> reasonable definition of a service requester. > >> > >> > >> On Apr 7, 2005, at 7:23 AM, Gregory A. Kohring wrote: > >> > >>> Matthew, > >>> > >>> OK, here a fewer other choices which might be deemed more > >>> "respectful"... > >>> > >>> Service Consumer: > >>> > >>> 1) End-user of a service. > >>> > >>> 2) An agent which, acting on behalf of its owner, uses a service. > >>> > >>> 3) An entity which utilizes a service > >>> > >>> 4) An entity which consumes the product or information produced by a > >>> service. > >>> > >>> > >>> Note all of these definitions depend upon the definition of > >> the term > >>> "service". Have we agreed on this already? Perhaps we should start > >>> there first... > >>> > >>> > >>> -- Greg > >>> > >>> > >> -- --------------------------------------------------------------------------------- / Ken Laskey \ | MITRE Corporation, M/S H305 phone: 703-883-7934 | | 7515 Colshire Drive fax: 703-883-1379 | \ McLean VA 22102-7508 / ----------------------------------------------------------------------------------