OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [soa-rm] Security (Re: [soa-rm] Definition of "ServiceConsumer")

Sorry I haven't had the time to follow these threads more closely, 
but it seems to me that Duane addressed this earlier, to the effect 
that this level of specificity is too concrete, although I don't 
think that disqualifies Security writ large from consideration. My 
opinion is that the RM needs to include a stipulation that if both 
parties in an atomic transaction require some level of trust, then 
that need for x level of Security needs to be expressible in whatever 
form(s) of discovery we decide are sufficiently abstract to fit our 

It strikes me that the core nature of a Service-Oriented Architecture 
lies in a transactional model in which a Service Provider or Service 
Producer publishes a named set or container of a service or services, 
the description of which is searchable by a Service Consumer 
according to some set of features or criteria which our RM provides.

Even at a high level of abstraction, this will prove a test for us.


At 7:11 PM -0400 4/12/05, Ken Laskey wrote:
>Is there a difference between a contract requiring security and the 
>RM including (abstract) mechanisms needed to enforce security?  I 
>think so.  I certainly do not want us to get into the details of 
>security policies or implementations but we need to consider what 
>are the abstract concepts related to security.  From past efforts, I 
>can remember four:
>- authentication (the service provider can unambiguously identify 
>the service requester)
>- authorization (the service provider can unambiguously determine 
>that the service requester has the right to use the service)
>- integrity (the service provider, possibly through the 
>communication mechanism, can be unambiguously assured that the 
>request has not been modified from what was sent by the service 
>requester (except possibly as otherwise authorized))
>- nonrepudiation (neither the service requester nor the service 
>provider can later claim they were not part of the request and 
>Note, I described this in the context of request/response but I 
>believe it can be generalized to other MEPs.
>Is this abstract enough to at least consider?
>On Apr 12, 2005, at 1:44 PM, Duane Nickull wrote:
>>Would this inference be accurate:
>>A security policy, in addition to other service policies, is part 
>>of a service contract.  A security policy is a declaration of a set 
>>of requirements that must be met in order to consume a service.  A 
>>declaration that indicates no requirements must be met is still 
>>conceptually considered a security policy.
>>Francis McCabe wrote:
>>>This is how I see it also. The contract represents the syntactic,  
>>>semantic and pragmatic constraints on the use of a service. That 
>>>covers  security, and I hope QoS management, etc.
>>>On Apr 12, 2005, at 8:08 AM, Matthew MacKenzie wrote:
>>>>Security could be fit into the RM indirectly via "Contract" (or a 
>>>>less  controversial word, such as "Agreement").  You talking 
>>>>about refusing  service tweaked this in my brain...
>>>>"Service use agreement may mandate security requirements to be met,  
>>>>and if they are not, service may be refused."
>>>>Anders W. Tell wrote:
>>>>>This is getting interesting so Ill just join in
>>>>>There seem to be good reasons why security or maybe more 
>>>>>appropriate  security related functions could be part of a 
>>>>>(abstract) RM.  Functions such as (add,verify)integrity, 
>>>>>(add,verify)confidentiality,  (add,verify)authentication etc.
>>>>>If one wants to later relate a RM to economical and legel aspects  
>>>>>such as those found in service level agreements then such abstract  
>>>>>function seems relevant.
>>>>>The rigth to refuce service access may be a function of  
>>>>>authenticationverification of issuer, sender ,indended receive,  
>>>>>So Ill think Ken is right that it maybe a good point keeping it on  
>>>>>the agenda and removed later if deemed to concrete.
>>>>>Ken Laskey wrote:
>>>>>>Moreover, the question is whether all SOAs SHOULD have security 
>>>>>>and  whether that needs to be captured in the RM.  As noted, 
>>>>>>secuirty is  often just tacked on and that may not be 
>>>>>>sufficient for *any* SOA to  be successful.
>>>>>>At 02:27 PM 4/11/2005, Duane Nickull wrote:
>>>>>>>The RM does not support security models.  A reference model is 
>>>>>>>used  to guide the design of architecture that may include 
>>>>>>>specific  security protocols or models. Our requirement must 
>>>>>>>be to ensure  that nothing we place in the RM makes any 
>>>>>>>specific security model a  requirement (since not all SOA's 
>>>>>>>have security) and to ensure that  we do not preclude a 
>>>>>>>specific type of security model from being  used.
>>>>>>>Vikas Deolaliker wrote:
>>>>>>>>I think the question should be how many different types of  
>>>>>>>>security models
>>>>>>>>will this RM support?
>>>>>>>-- ***********
>>>>>>>Senior Standards Strategist - Adobe Systems, Inc. -  
>>>>>>>Vice Chair - UN/CEFACT Bureau Plenary - http://www.unece.org/cefact/
>>>>>>>Adobe Enterprise Developer Resources  -  
>>>>>>   /   Ken Laskey                                                   
>>>>>>               \
>>>>>>  |    MITRE Corporation, M/S H305    phone:  703-883-7934   |
>>>>>>  |    7515 Colshire Drive                    fax:      
>>>>>>703-883-1379    |
>>>>>>   \   McLean VA 22102-7508                                         
>>>>>>       /
>>Senior Standards Strategist - Adobe Systems, Inc. - http://www.adobe.com
>>Vice Chair - UN/CEFACT Bureau Plenary - http://www.unece.org/cefact/
>>Adobe Enterprise Developer Resources  - 
>Ken Laskey
>MITRE Corporation, M/S H305     phone:  703-883-7934
>7515 Colshire Drive                        fax:        703-883-1379
>McLean VA 22102-7508

Rex Brooks
President, CEO
Starbourne Communications Design
GeoAddress: 1361-A Addison
Berkeley, CA 94702
Tel: 510-849-2309

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]