Re: [soa-rm] Sub Comittee and/or User guide

[Duane Nickull <dnickull@adobe.com>]

Ajay:

It may be better to stay at a higher level and include this subject 
within the RA, however that is for members to determine.  Martin had 
stated several requirements which seemed to allude to a reference SOA 
for the field of government, which seemed to include the notion of 
security.  Since identity management and federation is a large part of 
security, it may be wise to pool resources and work on this as a 
sub-component of a Government Reference SOA??

BTW -the WS-* architecture has a very tightly defined set of standards 
and wire protocols to facilitate identity (WS-Trust, WS-Security, 
WS-SecureConversation, WS-SecurityPolicy and WS-Federation).  All of 
these work together to provide an excellent model for security and 
identity coordination and federation.  Having finished Chris Kurts book, 
I am now a big fan of the work.

Could a generalized reference architecture for SOA include the identity 
coordination components in a still abstract manner?  I believe the 
answer is yes. 

Perhaps we should add this to the agenda for tomorrow's call. 

Ajay Madhok wrote:

>Thanks Duane,
>
>In agreement with your Solution as the way forward.
>
>If we (TC) decide to go down the path of specialist sub-committees, I would
>propose the following sub-committee as well:
>
>Identity Co-ordination in SOA
>
>This is a critical pre-requisite for SOA but taken for granted but it does
>not happen automatically. Whenever appropriate, I can present my views on
>why I believe the subject is worthy of a separate sub-committee. Perhaps we
>can have a brief discussion at the F2F next week?
>
>Cheers,
> 
>=Ajay.Madhok
> 
>
>-----Original Message-----
>From: Duane Nickull [mailto:dnickull@adobe.com] 
>Sent: Tuesday, April 19, 2005 2:53 AM
>To: SOA-RM
>Subject: [soa-rm] Sub Comittee and/or User guide
>
>All:
>
>I have read through the last batch of email.  There are a couple of 
>things I would like to propose for comments. Please read this entire 
>email before replying.
>
>1. I will concede that many members of the public will likely have the 
>same kinds of trouble interpreting a reference model vs. a reference 
>architecture vs a specific architecture as seems to be pervasive on this 
>list.  If we have the problem in our context, it is likely to be present 
>outside of this list.
>
>2. We cannot redefine what a "reference model" is or what it includes.  
>If we tried to change the industry definition of reference model to one 
>that has concrete items in it or things that are not part of SOA (which 
>is tricky since it is still undefined), it will not be a true reference 
>model and hence not accepted by industry. 
>
>3. Service provider and service consumer are not part of a reference 
>model.  They are roles visible only in a runtime or infrastructure views 
>of a specific architecture.  To prove this point, please look once again 
>at the OSI reference model.  It is a communications stack RM yet does 
>not contain notions of a message sender and message receiver. 
>
>4. We cannot mix abstract concepts and "things people can chew on" 
>(implying concrete items) in our work.  Such does run adverse to 
>accepted architectural conventions.
>
>SOLUTION:
>
>One way forward is to probably create a sub committee to work on a 
>reference architecture for SOA.  A Reference Architecture could be 
>developed in parallel to the reference model and is fair game to 
>illustrate things like security, consumers, providers, agents etc.  It 
>is within our charter to do such.
>
>After reading through some older emails, I would assert that such a 
>thing is probably essential along with some  sort of white paper or user 
>guide that explains the relationships between the RM, the RA and other 
>architecture.
>
>Reference Model
>(is a guide for developing a)
>[ Reference Architecture || * Architecture ]
>
>There are several people on this list who also have stated specific 
>needs for what they see in SOA.  Perhaps this may be a good Sub 
>Committee (SC) consideration also. 
>
>Government Service Oriented Reference Architecture???
>etc.
>
>I can already see there are many of you who could lead such an effort as 
>a sub committee. 
>
>Comments?
>
>Duane
>
>  
>

-- 
***********
Senior Standards Strategist - Adobe Systems, Inc. - http://www.adobe.com
Vice Chair - UN/CEFACT Bureau Plenary - http://www.unece.org/cefact/
Adobe Enterprise Developer Resources  - http://www.adobe.com/enterprise/developer/main.html
***********