Re: [soa-rm] RE: Resolving Various Policy Languages with Ontologies

[Ken Laskey <klaskey@mitre.org>]

Mappings cannot always be complete because, as Frank notes, an ontology exists for a purpose (or variations of a similar purpose) and does not express all possible knowledge on a subject.  This does not mean there isn't value in a partial mapping or mappings among a collection of ontologies.  Ideally, if there was information missing to which one needed to map, this information and corresponding mappings could be formally captured and expand the knowledge base for future uses.

Ken

On Oct 11, 2005, at 1:24 PM, Matt MacKenzie wrote:

I have adapted a proprietary access control language to xacml, and merely mapping concepts was not enough.  It was useful, but didn't fill in all the blanks.

-matt

--

Matt MacKenzie

Development Manager, LiveCycle Registry

Adobe Systems Incorporated

-----Original Message-----

From: Chiusano Joseph <chiusano_joseph@bah.com>

To: soa-rm@lists.oasis-open.org <soa-rm@lists.oasis-open.org>; Danny Thornton <danny_thornton2@yahoo.com>

Sent: Tue Oct 11 13:10:51 2005

Subject: RE: [soa-rm] RE: Resolving Various Policy Languages with Ontologies

<Quote>

For example, if I have a service that uses XACML policy and another

service that uses EPAL policy, I could resolve the differences between

the two policy languages using an ontology for both policy languages at

the policy decision point.

</Quote>

I believe this has already been stated on some form or another by others

who have replied, but this looks to me like the job for a "security

policy reference model" (or similar name) that contains those (minimal)

concepts that are most central to the domain, rather than an ontology. I

see an ontology as a semantic model that may be derived using the

reference model, along with multiple other representations such as

concrete security architectures, UML class diagrams, E-R diagrams, etc.

One single reference model begets all of these and more.

Joe (living in reference model world these days)

Joseph Chiusano

Booz Allen Hamilton

700 13th St. NW

Washington, DC 20005

O: 202-508-6514 <= new office number as of 09/19/05

C: 202-251-0731

Visit us online@ http://www.boozallen.com

-----Original Message-----

From: Duane Nickull [mailto:dnickull@adobe.com] 

Sent: Tuesday, October 11, 2005 11:50 AM

To: Danny Thornton

Cc: soa-rm@lists.oasis-open.org

Subject: [soa-rm] RE: Resolving Various Policy Languages with 

Ontologies

Post from Danny Thornton:

(he mentions the "O" and "S" words)

;-)

-----Original Message-----

From: Danny Thornton [mailto:danny_thornton2@yahoo.com]

Sent: Monday, October 10, 2005 10:26 PM

To: Duane Nickull

Subject: Resolving Various Policy Languages with Ontologies

Hi Duane,

The following is an e-mail dicussion I would like to have 

with soa-rm group:

I have been reading WD-SOA-RM-09 to get an idea of the 

terminology/concepts for resolving various policy languages 

in a service oriented architecture. Section

2.2.3.2 of WD-SOA-RM-09 discusses the limits of description.  

Section 2.3.1.2 states that an ontology can be defined to 

interpret strings and other tokens in the data.  

In the discussions I've had about resolving various policy 

languages in an SOA, I've hijacked the ontology concept and 

applied it as a general concept for resolving differences in 

policy languages.  

For example, if I have a service that uses XACML policy and 

another service that uses EPAL policy, I could resolve the 

differences between the two policy languages using an 

ontology for both policy languages at the policy decision point.

For section 2.3.1.2 of the WD-SOA-RM-09, does anyone have any 

thoughts on expanding the concept of ontologies beyond the 

service description's data model?

Danny  

    

        

__________________________________

Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com

---

Ken Laskey

MITRE Corporation, M/S H305     phone:  703-983-7934

7515 Colshire Drive                        fax:        703-983-1379

McLean VA 22102-7508