[Bug 3793] Add example about policies in the context of relationships between multiple entities from bugzilla@wiggum.w3.org on 2006-10-04 (public-ws-policy-qa@w3.org from October 2006)

From: <bugzilla@wiggum.w3.org>
Date: Wed, 04 Oct 2006 13:16:18 +0000
To: public-ws-policy-qa@w3.org
CC:
Message-Id: <E1GV6bi-00075k-Os@wiggum.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=3793

           Summary: Add example about policies in the context of
                    relationships between multiple entities
           Product: WS-Policy
           Version: FPWD
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Primer
        AssignedTo: yakov.sverdlov@ca.com
        ReportedBy: yakov.sverdlov@ca.com
         QAContact: public-ws-policy-qa@w3.org


The purpose of the proposal is to provide additional example in the Primer
(probably in the section 2.5 Combining Policy Assertions or 3.3 Policy Data
Model) about dealing with requirements and capabilities of entities as
[optional] behaviors in the most basic use case for requester and provider. I
am suggesting the outline of the use case. I can come up with the actual text
if the WG will agree with the approach. 

The example may describe policy design for the WS-Security token authentication
scheme when only two entities � requester and provider � are involved. Policy
subject for this case may be simplified � let�s say the subject is request URL.
The following four policy assertions with respect to the corresponding entities
and the subject may be considered:
1. �The provider only accepts WS-Security tokens as means of the
authentication�
2. �The provider may accept WS-Security tokens as means of the authentication�
(optional="true")
3. �The requester must attach the WS-Security token to a message�
4. �The requester may attach the WS-Security token to a message�
(optional="true")

I think that briefly describing some combinations of one or more assertions
above will provide policy designers with a good understanding of policy
assertion choices and possible policy enforcement implications. The example
would also show that typically any policy assertion should deal with one entity
at a time, and that combinations of assertions (behaviors) would allow the
designers to cover relationships/dependencies between entities.

Received on Wednesday, 4 October 2006 13:16:34 UTC