[graap-wg] WS-Agreement and WS-PolicyConstraints
franks at mcs.anl.gov
Wed Jan 18 15:58:38 CST 2006
I'd like to chip in here and make the observation that ws-agreement and
ws-policyconstraints seem indeed very much complementary, and that
ws-agreement could leverage a language like ws-policyconstraints for the
higher level agreement detail matching.
(I'm a little embarrassed to admit that I didn't make that connection
before and only after Anne asked about me ws-agreement...)
Please take a closer look at the WS-PolicyConstraints doc, and share
Anne Anderson wrote:
> I just finished reading WS-Agreement: this is a nice piece of work.
> I noticed that the language for constraints or condition expressions in
> WS-Agreement is not specified, although XQuery is mentioned as possibly
> being suitable.
> A group of us in OASIS are discussing a constraint/condition language
> based on the functions used in the OASIS XACML access control language.
> This language would work very well as a constraint language in
> WS-Agreement. The advantage of this language over XQuery is that the
> intersection of two constraints or conditions can be determined
> automatically and efficiently (formally based on narrowing algorithm
> work, although that is not mentioned in the draft spec). This makes it
> easy for one party to determine automatically and with a standard engine
> whether the actual conditions and constraints in a proposed agreement
> fall within another party's parameters.
> The discussion is going on at dipal-discuss at lists.oasis-open.org
> ("dipal" stands for "domain-independent policy assertion language").
> You do not have to be a member of OASIS to participate. The archives
> are at http://lists.oasis-open.org/archives/dipal-discuss/. DIPAL is
> designed to work within any "Boolean combinations of predicates"
> framework, such as WS-Policy or the WS-Agreement "All", "OneOrMore", and
> "ExactlyOne" compositors.
> The draft spec Sun has offered to contribute on RF terms is called
> "WS-PolicyConstraints", and is available at
> http://research.sun.com/projects/xacml. This spec is based on a Working
> Draft developed in the XACML TC by Tim Moses of Entrust; the working
> draft is not moving forward in the XACML TC because it goes beyond the
> "authorization and access control" charter. Frank Siebenlist of GGF has
> been a strong supporter of both these specs, and is one of the
> co-sponsors of the discussion list.
> I invite you to participate in our conversation. I would be happy to
> answer any questions. We have 60 more days to gather interest in
> standardizing this work, and we need companies to openly support it in
> order to move forward.
Frank Siebenlist franks at mcs.anl.gov
The Globus Alliance - Argonne National Laboratory
More information about the graap-wg