[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: [wsdm] [UPlat] Policy Scoping and Clarification for UPlat
Forwarding to the list on behalf of Andreas who is temporarily unable to post to the list directly... William -----Original Message----- From: Andreas Dharmawan [mailto:andreas@westbridgetech.com] Sent: Tuesday, October 14, 2003 3:01 PM To: 'Andreas Dharmawan'; 'Sedukhin, Igor S'; zulah_eckert@hp.com; vbp@hp.com; kreger@us.ibm.com; stokese@us.ibm.com; jdecarlo@mitre.org Cc: wsdm@lists.oasis-open.org Subject: [wsdm] [UPlat] Policy Scoping and Clarification for UPlat Team: This is my homework for [UPlat] upcoming conference call. Please provide me with comments and suggestions. Thanks Policy (in the context of MUWS and MOWS): ----------------------------------------- - is a course of action, guiding principle, or procedure considered expedient, prudent, or advantageous for a given condition or event. - describes a broad range of service requirements, preferences, and capabilities. - provides a set of requirements to a manageable resources in a specific context. There are various policies that can be specified to a manageable resources (Webservice functional and manageability endpoints) via MUWS: - Authentication Policies: The policies describe authentication requirements for the manageable resources (Webservice endpoints) and list actions that should be taken when an unauthenticated user is detected. Example: 1. For Partner A, the request should be accompanied by a digital signature. In case a valid digital signature with proper service requestor information is not found: a. do not process the request b. log the incident to Partner A authentication failure report c. after more than 10 authentication failures from Partner A, send an alert to the security administration 2. For internal client, process the request if only if the username / password credential is provided and authenticated against the company directory. In case of unauthenticated user is detected: a. do not process the request b. log the incident to global internal authentication failure report c. after 3 consecutive authentication failures, disable the user and notify the security administrator - Access Control Policies: The policies describe the authorization requirements for manageable resource (Webservice endpoints) and list the actions that should be taken when an unauthorized user is detected. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Privacy Policies: The policies specify the visibility and readability of different parts of a webservice message in respect to the corresponding recipients. The policies also list the actions that needs to be taken when the privacy requirements are not met. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Non-repudiation Policies: The policies specify how the validity of the senders can be verified and the message has not been altered in transit. The policies also list the actions to be taken when the non-repudiation requirements are not met. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Service Level Agreement Policies: The policies specify the commitment made by the service providers (which are manageable resources) to the service requestors (which can also be manageable resources). The policies specify the service level requirements defined by a service requestor. The policies list actions to be taken against the service requestors or service providers when the Service Level Agreement is not met. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Quality of Service Policies: the Policies describe the minimum level the service performance, reliability, availability of the manageable resources. The policies list actions to be taken against the service providers when the QoS is not met. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Routing Policies: The policies specify the final or intermediary destinations of a particular webservice message based on a set of conditions such as message size, time of the day, specific content, arithmetic calculation of items in the message, etc. The policies list actions to be taken if a message could not be routed as specified. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Content Inspection Policies: The policies describe the data be found in the webservice message. The policy list the actions to be taken when a certain data (or type of data) found in the message. Example: <to be added as soon as we are all in agreement with the break down of policy types> - Auditing The policies specify how to record a set of information for a manageable resource or messages that go through the manageable resource. Example: <to be added as soon as we are all in agreement with the break down of policy types> Policy Enforcement Point: ------------------------- - A program that enforces various set of policies on (associated) various manageable resources. Policy Decision Point: ---------------------- - A program or a repository that stores and calculates various (overlapping) policies that can be applied to various (associated) manageable resources. Why they are important to MUWS: - MUWS needs to specify how a WS resource manager manages the Webservice resources using many-different-available-WS standards in the most consistent, efficient, and compatible ways. After all MUWS is designed to be the mechanism to deliver various policies to various manageable resources.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]