- From: Reza B'Far <reza.bfar@oracle.com>
- Date: Tue, 28 Jun 2011 23:52:08 -0700
- To: public-prov-wg@w3.org
- Message-ID: <4E0ACB98.10209@oracle.com>
Folks -
At Sandro's suggestion (as in the case of Ryan), I'm in charge of the technical
aspects of Governance, Risk, and Compliance products at Oracle and run
engineering. Ryan has provided a good description of the products. We have
been coming up to speed for the past 2 weeks, communicating with Paul only. The
following are some comments I exchanged with Paul that I'm now sharing with the
broader team at his suggestion -
1. Comments on For what it's worth, "Recipe" seems to be over-abstraction
from a new-comer's perspective (I agree with Satya here -
http://www.w3.org/2011/prov/wiki/ConceptRecipeLink#Definition_by_Satya)
2. I suggest that there is a distinction made between "System Agent" and
"Human Agent" in http://www.w3.org/2011/prov/wiki/ConceptAgent since this
may be a prevalent case. I'm aware of UML extensions, for example, that
this distinction was made and was very useful. In the case of provenance,
there may be automated programs that are linked to processes per
description of the model insofar without direct human interaction. This
can be quite crucial as the trust models for system agent versus human
agents can be quite different and provenance applications need strong
trust models (to our experience from a vendor's perspective) Reference
examples -
* http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBkQFjAA&url=http%3A%2F%2Fwww.azouk.com%2F179447%2Fno-title%2Fopen&rct=j&q=UML%20Nunes%20extension%20%22System%20Actor%22&ei=UyoJTofGL-ja0QGqtKx0&usg=AFQjCNEf0TNStqdsjtdrnM7DYEV-V4qbIg&cad=rja
* http://books.google.com/books?id=Vl1H266pOVEC&pg=PA385&lpg=PA385&dq=UML+Nunes+extension&source=bl&ots=RDQgUOQ5VV&sig=2Ac8UbIhexB3a80DR8QN0DW2slY&hl=en&ei=PioJTvzEFKnt0gGX9oiiAQ&sa=X&oi=book_result&ct=result&resnum=1&ved=0CBYQ6AEwAA
3. I suggest that Role is defined as a link to RBAC
(http://csrc.nist.gov/groups/SNS/rbac/) or perhaps some other security
standard by an independent body similar to NIST?
4. As we intend to be an active implementer (pending the proceedings of
course) with the products that I manage (GRC, in particular the Controls
Suite), what is the process to become involved in the implementation task
force?
Regards.
*Reza B'Far, EE, PE*
Phone: 1.949.623.0452
Senior Development Director
*Oracle USA*
17901 Von Karman Avenue, Suite 700
Irvine, CA 92614
On 6/27/11 3:17 PM, Ryan Golden wrote:
> All,
>
> At Sandro's suggestion, I'd like to introduce myself as a new participant in
> the Provenance WG. I'm Ryan Golden, a senior technical lead at Oracle
> Corporation, and also a graduate student in software engineering at The
> University of Texas at Austin. I love living in Austin. :)
>
> At Oracle, I work in the same group as Reza B'Far--also a new participant--on
> the family of Governance, Risk and Compliance (GRC) products, which includes
> products for SOX compliance, internal and external audit, fraud detection,
> risk management, change control, and other related business areas. Our
> products touch many areas of the enterprise, so semantic representation is a
> core requirement for us. As data provenance is also of key concern to many of
> the aforementioned business processes, we are very interested to participate
> in and see the results of this working group.
>
> I'm working on catching up with the current conceptualizations and threads of
> discussion, and I look forward to participating in various aspects of the
> working group in the weeks and months to come. I will be attending F2F1 in
> Boston next week, and look forward to meeting some of you then.
>
> Sincerely,
> Ryan
>
> Oracle - GRC
> Phone: +1 512 671 5734
> ryan.golden@oracle.com
>
>
Received on Friday, 1 July 2011 05:33:00 UTC