[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Initial Submission] A friendly reminder

To: barkley@sdct-sunsrv1.ncsl.nist.gov (John Barkley)
Subject: Re: [Initial Submission] A friendly reminder
From: Carol Burt <cburt@2ab.com>
Date: Wed, 30 Sep 1998 10:08:38 -0500
Cc: hrac-rfp@cs.fiu.edu
In-Reply-To: <199809301418.KAA21366@sdct-sunsrv1.ncsl.nist.gov>
Sender: owner-hrac-rfp@cs.fiu.edu

Hi John,

I'm copying the list with my reply to your question about the changes as
others may have similar questions...

Please do send me any questions you have...below is how I see the morph
from the previous to the current IDL... it actually isn't as different as
one might think at first glance.

What *was* ResourceAccessPolicy was declared "out of scope", however the
functionality would obviously be provided either by CORBASec, or whatever
access policy admin the product provides.  I put pictures of the "out of
scope" stuff at teh end of draft2.  The picture I put for this is labeled
ResourceAccessPolicy and has two interfaces (AccessPolicy,
AccessPolicyAdmin) that might be provided by an implementation.  These
replace what was in draft1 and essentially do the same thing with the
[different] method names suggested by Bob Blakley and the partitioning
suggested by others in Seattle.

What *was* ResourceRepository was separated into distinct administrative
features.  You will find the methods associated with access/admin of
decision rules in the DecisionRulesAccess and DecisionRulesAdmin
interfaces.  Rules are now structured, the "rights" are part of the rules
so the methods are "get_effective_rule()", get_effective_rules()  not
get_rights().   The methods associated with actually accessing and
administering the resource definitions themselves were declared "out of
scope", but again I included a picture of how I think an implementation
might provide resource administration.  See the picture at the end of my
draft2 paper labeled Resource Administration which includes the following
interfaces:  RepositoryAccess, RepositoryAdmin, ResourceContext,
ResourceGroup.  

DynamicAttributeEval is now DynamicEvaluator and works on the Rights, not
the SecAttribute.  This was to address a need expessed in Seattle to have
more generic evaluators.  There are a couple of missing parameters here
that I discovered yesterday - I could explain why, but it would take too
long :-)... I'll try and fix that today.

The model is very much the same... just the scope of the spec is narrowed
and the interfaces have been re-factored based on input from Seattle.  BTW,
I'm not tied to my "out of scope" declarations... if submitters want *any*
of this back "in scope", I'm happy to pull my IDL out and add the
interfaces back in.  It seemed the consensus of the group in Seattle was on
a minimal specification of administrative interfaces.  What I've provided
is, imo, the minimal set to meet the mandatory requirements of the rfp.  If
I misread this, then we'll put the stuff back :-)   I just need to know
*real* soon how people feel about this as Oct 18th is breathing down our
throats.  We need to resolve scope and the IDL in Austin to have an initial
submission on time.  

Carol


_________________________________________________________
Carol Burt                                             2AB, Inc.
cburt@2ab.com                                     Integration Architects
205-621-7455                                        www.2ab.com
Member, OMG Architecture Board          OMG Domain Member

   --  integrating yesterday's systems with today's technology --
----------------
Broadcast message to hrac-rfp from Carol Burt <cburt@2ab.com>.
Go to http://cadse.cs.fiu.edu/omg/hrac-rfp to browse the mail list archive.

Prev by Date: Meeting attendance
Next by Date: [Rights Family] CORBASec question
Prev by thread: Meeting attendance
Next by thread: [Rights Family] CORBASec question
Index(es):
- Date
- Thread