Observations on WS-Policy Ashok Malhotra Oracle Corporation.

Slides:

Advertisements

Similar presentations

Pi4soa Implementation Issues WS-CDL Candidate Recommendation December 2005 Pi4 Technologies Ltd.

Advertisements

® IBM Software Group © IBM Corporation WS-Policy Attachment- spec overview Maryann Hondo IBM.

CS 542: Topics in Distributed Systems Diganta Goswami.

Global MP3 Geoffrey Beers Deborah Ford Mike Quinn Mark Ridao.

Python Programming Chapter 1: The way of the program Saad Bani Mohammad Department of Computer Science Al al-Bayt University 1 st 2011/2012.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Jan 2005 Ron McFadyen1 Contracts Used to help understand requirements more completely (and so may not always be necessary) based on assertions;

© 2006 Pearson Addison-Wesley. All rights reserved4-1 Chapter 4 Data Abstraction: The Walls.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Lesson 4: Configuring File and Share Access

Distributed Commit. Example Consider a chain of stores and suppose a manager – wants to query all the stores, – find the inventory of toothbrushes at.

Department of Computer Science & Engineering College of Engineering Dr. Betty H.C. Cheng, Laura A. Campbell, Sascha Konrad The demand for distributed real-time.

COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.

Introduction to XML This material is based heavily on the tutorial by the same name at

(code name: Data Dude) Josh Robinson Aculix.

Constraints and Capabilities Workshop Oracle Position Ashok Malhotra Greg Pavlik.

Relationships. In the Interaction diagrams, we began to look at how classes communicate with one another. Now, we'll focus on the relationships between.

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

Advances in Language Design

SAML Conformance Sub-Group Report Face-to-face meeting August 29, 2001 Bob Griffin.

Lecture Note 3: ASP Syntax.  ASP Syntax  ASP Syntax ASP Code is Browser-Independent. You cannot view the ASP source code by selecting "View source"

©Ian Sommerville 1995 Software Engineering, 5th edition. Chapter 13Slide 1 Architectural Design u Establishing the overall structure of a software system.

Technical Team WITSML SIG Paris 16 May Technical Team Representatives mainly from service companies Energistics (Gary) keep a global issue list.

THE GITB TESTING FRAMEWORK Jacques Durand, Fujitsu America | December 1, 2011 GITB |

Architectural Design portions ©Ian Sommerville 1995 Establishing the overall structure of a software system.

Chapter 7 Advanced SQL Database Systems: Design, Implementation, and Management, Sixth Edition, Rob and Coronel.

©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Architectural Design l Establishing the overall structure of a software system.

Java Applets. 2 Introduction to Java Applet Programs  Applications are stand alone programs executed with Java interpreter executed with Java interpreter.

(Business) Process Centric Exchanges

Exceptions Handling Exceptionally Sticky Problems.

Audit Sampling: An Overview and Application to Tests of Controls

Java Applets. 2 Introduction to Java Applet Programs Applications are ___________________ programs –executed with Java interpreter Applet is a small program.

1 CS 502: Computing Methods for Digital Libraries Lecture 19 Interoperability Z39.50.

8 1 Chapter 8 Advanced SQL Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

Database Systems Design, Implementation, and Management Coronel | Morris 11e ©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or.

The TAOS Authentication System: Reasoning Formally About Security Brad Karp UCL Computer Science CS GZ03 / M th November, 2008.

Java server pages. A JSP file basically contains HTML, but with embedded JSP tags with snippets of Java code inside them. A JSP file basically contains.

© The McGraw-Hill Companies, 2006 Chapter 2 Selection.

14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,

Copyright © Curt Hill Joins Revisited What is there beyond Natural Joins?

MuSL Builder Handcrafting custom Mu Scenarios. MuSL in the Mu Scenario Editor.

1 Policy-Enabling the SCA-based SOA

Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.

OOPSLA 2001 Choosing Transaction Models for Enterprise Applications Jim Tyhurst, Ph.D. Tyhurst Technology Group LLC.

Connecting with Computer Science2 Objectives Learn how software engineering is used to create applications Learn some of the different software engineering.

16/11/ Web Services Choreography Requirements Presenter: Emilia Cimpian, NUIG-DERI, 07April W3C Working Draft.

XSLT. XSLT stands for Extensible Stylesheet Language Transformations XSLT is used to transform XML documents into other kinds of documents. XSLT can produce.

1 Web Services Policy Management Greg Pavlik Web Services Architect Oracle Corporation May 11, 2005.

Node Type Implementations How does Required Container Feature interact with Artifact Type? It seems that any given implementation will be based on artifacts.

1 Ontolog OOR-BioPortal Comparative Analysis Todd Schneider 15 October 2009.

Service Component Architecture Policy TC Issue 33 Capabilities.

The single most important skill for a computer programmer is problem solving Problem solving means the ability to formulate problems, think creatively.

© 2004 IBM Corporation WS-ResourceFramework Service Groups Tom Maguire.

Service Component Architecture (SCA) Policy FrameWork V1.0 Ashok Malhotra – Oracle Anish Karmarkar – Oracle David Booz - IBM …

Study & Conclusions. Perspectives on Face-to-face Interaction Success at anticipating the actions of the other – Implies need for Model of user that supports.

Slide 1 Systems Analysis and Design with UML Version 2.0, Second Edition Alan Dennis, Barbara Wixom, and David Tegarden Chapter 8: Behavioral Modeling.

Slide 1 Chapter 8 Architectural Design. Slide 2 Topics covered l System structuring l Control models l Modular decomposition l Domain-specific architectures.

This was written with the assumption that workbooks would be added. Even if these are not introduced until later, the same basic ideas apply Hopefully.

UML (Unified Modeling Language)

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Suggested remedy for SB Comments 598/599/610/611 Date Submitted:

1 #AXUGFocus. Shaun McMikle, RSM US THE UPGRADE PATH AND YOU - GOING FROM R3 TO THE NEW AX.

Systems Analysis and Design with UML Version 2.0, Second Edition

Handling Exceptionally Sticky Problems

Workflow automation concepts and building blocks

Chapter 8 Advanced SQL.

Chapter 17 - Component-based software engineering

Handling Exceptionally Sticky Problems

Presentation transcript:

Observations on WS-Policy Ashok Malhotra Oracle Corporation

Based on Developer Experience and Interactions with Customers

Operators allow assertions from disparate domains WS-Policy allows operations to combine assertions from disparate domains Like saying -- add (5, hello.world) -- > type error Problems not detected early at policy syntax checking time but later at policy execution time Suggestion: operators can only combine assertions from a single domain e.g. messageProtection

Embedded policies too general WS-SecurityPolicy allows embedded policies to further qualify an assertion Idea of qualifying assertions is good But embedded too general as anything can go in a policy Again, the problem is that nonsense policies can be authored and will not be caught until policy deployment time. Suggestion: allow only specific qualifying child elements for each assertion

What Policy Does a Message Follow? How do we figure out what policies a message adheres to? There is an assumption that the message header indicates the policies being followed. Not always possible because some policies are not reflected in message content such as auditing, logging, privacy. Suggestion: allow messages to point to the policy the adhere to

Allow messages to refer to policy expressions Useful if policy intent not reflected in message content For example, informational policies such as privacy, logging, auditing For long-running conversations, assert policy has not changed

Allow messages to refer to policy expressions Policy usage model -- client and server intersect policies and decide on what policy alternative to follow Assumes all messages in sequence follow the same policies If some messages, e.g. first message deviate from agreed-upon policy they should be able to say so Extension: allow messages to indicate the policy they follow as well as the policy they want the response to follow

Matching Policy Assertions WS-Policy says that the semantics of matching policy assertions depends on the specific assertion type No guidance from the specification If each implementation can define matching semantics for an assertion type independently then clients and servers may have trouble coordinating policies if they define different assertion semantics for the same assertion type

Matching Policy Assertions Assertion without embedded policy does not match same assertion with embedded policy Thus: does not match Should assertion without embedded policies match same assertion with all embedded policies? Issue before WS-SX

Policy Versioning Some customers wants to store policies in a repository and manage them actively – Policies will change over time – Some global policies will override local policies What we need: – Carefully spelt out overriding semantics – Some sort of versioning attribute – perhaps start-dateTime, end-dateTime – Ability to refer to policy artifacts by QName