Colleagues, I just finished reading WS-Agreement: this is a nice piece of work. I noticed that the language for constraints or condition expressions in WS-Agreement is not specified, although XQuery is mentioned as possibly being suitable. A group of us in OASIS are discussing a constraint/condition language based on the functions used in the OASIS XACML access control language. This language would work very well as a constraint language in WS-Agreement. The advantage of this language over XQuery is that the intersection of two constraints or conditions can be determined automatically and efficiently (formally based on narrowing algorithm work, although that is not mentioned in the draft spec). This makes it easy for one party to determine automatically and with a standard engine whether the actual conditions and constraints in a proposed agreement fall within another party's parameters. The discussion is going on at dipal-discuss@lists.oasis-open.org ("dipal" stands for "domain-independent policy assertion language"). You do not have to be a member of OASIS to participate. The archives are at http://lists.oasis-open.org/archives/dipal-discuss/. DIPAL is designed to work within any "Boolean combinations of predicates" framework, such as WS-Policy or the WS-Agreement "All", "OneOrMore", and "ExactlyOne" compositors. The draft spec Sun has offered to contribute on RF terms is called "WS-PolicyConstraints", and is available at http://research.sun.com/projects/xacml. This spec is based on a Working Draft developed in the XACML TC by Tim Moses of Entrust; the working draft is not moving forward in the XACML TC because it goes beyond the "authorization and access control" charter. Frank Siebenlist of GGF has been a strong supporter of both these specs, and is one of the co-sponsors of the discussion list. I invite you to participate in our conversation. I would be happy to answer any questions. We have 60 more days to gather interest in standardizing this work, and we need companies to openly support it in order to move forward. Regards, Anne -- Anne H. Anderson Anne.Anderson@sun.com Sun Microsystems Labs 1-781-442-0928 Burlington, MA USA
Dear graap'ers, I'd like to chip in here and make the observation that ws-agreement and ws-policyconstraints seem indeed very much complementary, and that ws-agreement could leverage a language like ws-policyconstraints for the higher level agreement detail matching. (I'm a little embarrassed to admit that I didn't make that connection before and only after Anne asked about me ws-agreement...) Please take a closer look at the WS-PolicyConstraints doc, and share your thoughts. Regards, Frank. Anne Anderson wrote:
Colleagues,
I just finished reading WS-Agreement: this is a nice piece of work.
I noticed that the language for constraints or condition expressions in WS-Agreement is not specified, although XQuery is mentioned as possibly being suitable.
A group of us in OASIS are discussing a constraint/condition language based on the functions used in the OASIS XACML access control language. This language would work very well as a constraint language in WS-Agreement. The advantage of this language over XQuery is that the intersection of two constraints or conditions can be determined automatically and efficiently (formally based on narrowing algorithm work, although that is not mentioned in the draft spec). This makes it easy for one party to determine automatically and with a standard engine whether the actual conditions and constraints in a proposed agreement fall within another party's parameters.
The discussion is going on at dipal-discuss@lists.oasis-open.org ("dipal" stands for "domain-independent policy assertion language"). You do not have to be a member of OASIS to participate. The archives are at http://lists.oasis-open.org/archives/dipal-discuss/. DIPAL is designed to work within any "Boolean combinations of predicates" framework, such as WS-Policy or the WS-Agreement "All", "OneOrMore", and "ExactlyOne" compositors.
The draft spec Sun has offered to contribute on RF terms is called "WS-PolicyConstraints", and is available at http://research.sun.com/projects/xacml. This spec is based on a Working Draft developed in the XACML TC by Tim Moses of Entrust; the working draft is not moving forward in the XACML TC because it goes beyond the "authorization and access control" charter. Frank Siebenlist of GGF has been a strong supporter of both these specs, and is one of the co-sponsors of the discussion list.
I invite you to participate in our conversation. I would be happy to answer any questions. We have 60 more days to gather interest in standardizing this work, and we need companies to openly support it in order to move forward.
Regards, Anne
-- Frank Siebenlist franks@mcs.anl.gov The Globus Alliance - Argonne National Laboratory
participants (2)
-
Anne Anderson -
Frank Siebenlist