[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [soa-rm] RE: Resolving Various Policy Languages with Ontologies
This was the base theorem for the Core
Components Technical Specification (CCTS) which mandates a set of contexts as a
qualifier for every semantic entity. Even the simplest of data elements
(FirstNameOfPerson) has different semantics if it appears in a This is also why I drew the sinkhole with us
staring down at semantics ;-) Duane From: Ken Laskey
[mailto:klaskey@mitre.org] Mappings cannot always be complete because, as Frank notes, an ontology
exists for a purpose (or variations of a similar purpose) and does not express
all possible knowledge on a subject. This does not mean there isn't value
in a partial mapping or mappings among a collection of ontologies.
Ideally, if there was information missing to which one needed to map, this
information and corresponding mappings could be formally captured and expand
the knowledge base for future uses. Ken On Oct 11, 2005, at 1:24 PM, Matt MacKenzie wrote:
I have adapted a proprietary access control language to xacml, and
merely mapping concepts was not enough.
It was useful, but didn't fill in all the blanks. -matt -- Matt MacKenzie Development Manager, LiveCycle Registry Adobe Systems Incorporated -----Original Message----- From: Chiusano Joseph <chiusano_joseph@bah.com> To: soa-rm@lists.oasis-open.org
<soa-rm@lists.oasis-open.org>;
Danny Thornton <danny_thornton2@yahoo.com> Sent: Tue Oct 11 13:10:51 2005 Subject: RE: [soa-rm] RE: Resolving Various Policy Languages with
Ontologies <Quote> For example, if I have a service that uses XACML policy and another service that uses EPAL policy, I could resolve the differences between the two policy languages using an ontology for both policy languages at the policy decision point. </Quote> I believe this has already been stated on some form or another by
others who have replied, but this looks to me like the job for a
"security policy reference model" (or similar name) that contains those
(minimal) concepts that are most central to the domain, rather than an ontology.
I see an ontology as a semantic model that may be derived using the reference model, along with multiple other representations such as concrete security architectures, UML class diagrams, E-R diagrams, etc. One single reference model begets all of these and more. Joe (living in reference model world these days) Joseph Chiusano Booz Allen Hamilton O: 202-508-6514 <= new office number as of 09/19/05 C: 202-251-0731 Visit us online@ http://www.boozallen.com
-----Original Message----- From: Duane Nickull [mailto:dnickull@adobe.com] Sent: Tuesday, October 11, 2005 11:50 AM To: Danny Thornton Subject: [soa-rm] RE: Resolving Various Policy Languages with Ontologies Post from Danny Thornton: (he mentions the "O" and "S" words) ;-) -----Original Message----- From: Danny Thornton [mailto:danny_thornton2@yahoo.com] Sent: Monday, October 10, 2005 10:26 PM To: Duane Nickull Subject: Resolving Various Policy Languages with Ontologies Hi Duane, The following is an e-mail dicussion I would like to have with soa-rm group: I have been reading WD-SOA-RM-09 to get an idea of the terminology/concepts for resolving various policy languages in a service oriented architecture. Section 2.2.3.2 of WD-SOA-RM-09 discusses the limits of description. Section 2.3.1.2 states that an ontology can be defined to interpret strings and other tokens in the data. In the discussions I've had about resolving various policy languages in an SOA, I've hijacked the ontology concept and applied it as a general concept for resolving differences in policy languages. For example, if I have a service that uses XACML policy and another service that uses EPAL policy, I could resolve the differences between the two policy languages using an ontology for both policy languages at the policy decision point. For section 2.3.1.2 of the WD-SOA-RM-09, does anyone have any thoughts on expanding the concept of ontologies beyond the service description's data model? Danny __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com --- Ken Laskey MITRE Corporation,
M/S H305 phone: 703-983-7934
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]