[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [soa-rm] RE: Definition of Reference Model (Was RE: [soa-rm] Definition of "Service Consumer")
<Quote> I am still not 100% convinced that security is part of service orientation other than the touch point recognized by Anders, Rebekah and Matt. </Quote> Duane, What I think some of us may be grappling with is what you mean by "100% convinced", and the bearing of "percentage convinced" on our RM. Several folks are taking the approach of "the concept must be a vital part of an SOA to be included in the RM, and if it's not vital, it is not included", while other folks are taking the approach of "the concept must apply to SOA - i.e. there must be some association - for it to be included in the RM". I would characterize (roughly) the former approach as an "highly conservative" approach, and the former as a "more middle-of-the-road" approach (sorry Democrats;). I get the strong sense that our TC is now polarized on this - and it is going to be very difficult to move forward in a coherent fashion until we get broad consensus on which approach we should take moving forward. I also believe that we should still consider the approach of beginning with more concrete architectural concepts rather than abstract ones, and determining from there what are those concepts that are really vital, what are nice-to-have, etc. From that we can perhaps derive our abstract architecture. Several of us have voiced support for this approach so far, but I know that we have not had an opportunity to consider it further amongst all of the wonderful traffic. Perhaps we can give this approach some thought at this point? Thanks, Joe Joseph Chiusano Booz Allen Hamilton Visit us online@ http://www.boozallen.com > -----Original Message----- > From: Duane Nickull [mailto:dnickull@adobe.com] > Sent: Tuesday, April 12, 2005 6:12 PM > Cc: soa-rm@lists.oasis-open.org > Subject: Re: [soa-rm] RE: Definition of Reference Model (Was > RE: [soa-rm] Definition of "Service Consumer") > > > > Smith, Martin wrote: > > > <>I also think security should be a core element: it may not be > > necessary to have security on trivial, free services, but all the > > interesting cases will have it, and the RM should inform how that > > element will interact with others. > > Martin: > > Assuming we have something that represents the notion of > security within the RM (which it sounds like it might be > building consensus), instead of saying "security" which > implies some form of actual security should therefor be > present in all SOA's, would you consider that we describe it > as a "Security Policy". This would help cover instances > where there is a null security policy in effect. > > I am still not 100% convinced that security is part of > service orientation other than the touch point recognized by > Anders, Rebekah and Matt. > > Duane > > -- > *********** > Senior Standards Strategist - Adobe Systems, Inc. - > http://www.adobe.com Vice Chair - UN/CEFACT Bureau Plenary - > http://www.unece.org/cefact/ Adobe Enterprise Developer > Resources - http://www.adobe.com/enterprise/developer/main.html > *********** > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]