[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: [wsdm] [UPlat] Policy Scoping and Clarification for UPlat
Forwarding to the list on behalf of Andreas who is temporarily unable to
post to the list directly...
William
-----Original Message-----
From: Andreas Dharmawan [mailto:andreas@westbridgetech.com]
Sent: Tuesday, October 14, 2003 3:01 PM
To: 'Andreas Dharmawan'; 'Sedukhin, Igor S'; zulah_eckert@hp.com;
vbp@hp.com; kreger@us.ibm.com; stokese@us.ibm.com; jdecarlo@mitre.org
Cc: wsdm@lists.oasis-open.org
Subject: [wsdm] [UPlat] Policy Scoping and Clarification for UPlat
Team:
This is my homework for [UPlat] upcoming conference call.
Please provide me with comments and suggestions.
Thanks
Policy (in the context of MUWS and MOWS):
-----------------------------------------
- is a course of action, guiding principle, or procedure
considered expedient, prudent, or advantageous for a given
condition or event.
- describes a broad range of service requirements,
preferences, and capabilities.
- provides a set of requirements to a manageable resources
in a specific context.
There are various policies that can be specified to a manageable
resources (Webservice functional and manageability
endpoints) via MUWS:
- Authentication Policies:
The policies describe authentication requirements for the
manageable resources (Webservice endpoints) and list
actions that should be taken when an unauthenticated user
is detected.
Example:
1. For Partner A, the request should be accompanied by
a digital signature. In case a valid digital signature
with proper service requestor information is not found:
a. do not process the request
b. log the incident to Partner A authentication
failure report
c. after more than 10 authentication failures from
Partner A, send an alert to the security
administration
2. For internal client, process the request if only if
the username / password credential is provided and
authenticated against the company directory. In case
of unauthenticated user is detected:
a. do not process the request
b. log the incident to global internal authentication
failure report
c. after 3 consecutive authentication failures, disable
the user and notify the security administrator
- Access Control Policies:
The policies describe the authorization requirements for
manageable resource (Webservice endpoints) and list the
actions that should be taken when an unauthorized user is
detected.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Privacy Policies:
The policies specify the visibility and readability of
different parts of a webservice message in respect to
the corresponding recipients. The policies also list the
actions that needs to be taken when the privacy requirements
are not met.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Non-repudiation Policies:
The policies specify how the validity of the senders can
be verified and the message has not been altered in transit.
The policies also list the actions to be taken when the
non-repudiation requirements are not met.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Service Level Agreement Policies:
The policies specify the commitment made by the service
providers (which are manageable resources) to the
service requestors (which can also be manageable resources).
The policies specify the service level requirements
defined by a service requestor.
The policies list actions to be taken against the service
requestors or service providers when the Service Level
Agreement is not met.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Quality of Service Policies:
the Policies describe the minimum level the service
performance, reliability, availability of the manageable
resources.
The policies list actions to be taken against the service
providers when the QoS is not met.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Routing Policies:
The policies specify the final or intermediary destinations
of a particular webservice message based on a set of
conditions such as message size, time of the day, specific
content, arithmetic calculation of items in the message, etc.
The policies list actions to be taken if a message could
not be routed as specified.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Content Inspection Policies:
The policies describe the data be found in the webservice
message. The policy list the actions to be taken when
a certain data (or type of data) found in the message.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
- Auditing
The policies specify how to record a set of information for
a manageable resource or messages that go through the
manageable resource.
Example: <to be added as soon as we are all in agreement
with the break down of policy types>
Policy Enforcement Point:
-------------------------
- A program that enforces various set of policies on (associated)
various manageable resources.
Policy Decision Point:
----------------------
- A program or a repository that stores and calculates various
(overlapping) policies that can be applied to various
(associated) manageable resources.
Why they are important to MUWS:
- MUWS needs to specify how a WS resource manager manages the
Webservice resources using many-different-available-WS
standards in the most consistent, efficient, and compatible
ways.
After all MUWS is designed to be the mechanism to deliver
various policies to various manageable resources.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]