W3C home > Mailing lists > Public > www-ws-arch@w3.org > March 2002

RE: D-AG006 Security

From: Joseph Hui <jhui@digisle.net>
Date: Mon, 11 Mar 2002 17:14:16 -0800
Message-ID: <C153D39717E5F444B81E7B85018A460B081B273D@ex-sj-5.digisle.com>
To: "Damodaran, Suresh" <Suresh_Damodaran@stercomm.com>, <www-ws-arch@w3.org>
Suresh,

I think we should be careful not to get carried with the
boundary thing.  We're not trying to secure separately
administrated systems, where the notion of boundaries is
more applicable.  We are securing the web services, which
are running instances of various classes of applications
and their associated data, that can be secured by either
channel based or object/message based approaches, or some
combinations of both.  This approaches are fundamentally
boundary agnostic.  The security policies of WS endpoints,
which are to be expressed in some standardized format, are
simply the manifestation of the *six security aspects* (plus
trust model at the current rate of discussion) on individual
scales.

More in-lined comments follow.

> -----Original Message-----
> From: Damodaran, Suresh [mailto:Suresh_Damodaran@stercomm.com]
>[snip]
> <sd>
> Yes, boundaries vary between the different categories of use cases
> (I assume that you mean use cases when you say "applications" 
> in this case).
> Perhaps a good starting point of this effort is to define what are
> 	1. Ws-Endpoints (need the help of the larger team to 
> define these)

A WS endpoint is just a computing process that responds to
requests for the web service it professes to provide.  
(This cover both the push and pull models.  In the pull
model, requests are made explicitly by consumers.  In
the push model, requests come in the form of subscription
or registration such as callbacks, triggers, etc.)
A SOAP node is a WS endpoint, for instance.  BTW, IMV an
intermediary SOAP node can be treated as a special case
of WS endpoints, by thinking of a SOAP pipeline as a sub-model
of SOAP mesh.

Cheers,

Joe Hui
Exodus, a Cable & Wireless service


> 
Received on Monday, 11 March 2002 20:14:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:24:56 GMT