[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Web service and Semantic Web
- From: "Bullard, Claude L (Len)" <firstname.lastname@example.org>
- To: URAMOTO Naohiko <email@example.com>, XML DEV <firstname.lastname@example.org>
- Date: Tue, 02 Jan 2001 15:49:43 -0600
That is the credibility issue. It cannot be decided
apriori. You do as you would in a face to face negotiation
where no trusted provider (eg, a keiretsu member) already
exists (in western terms, a sole source providcer) or for
which no prior record of authority exists that attests to t
the credibility of the provider (eg, a business reference):
1. Discover an entity that claims to provide a service
in a claim language you recognize. This may be in response
to a query that serves the same function as a Request for
Information. Note that this is as far as discovery systems
go. In the next steps, you use a defined business *protocol*
which I will now describe in limited terms as a set of
negotiation processes which can vary from company to
company or business to business but which must be worked
out in advance.
2. Engage in a negotiation for the terms and conditions
of the named service. This may be by evaluation of a
result from a query that serves the same function as a
Request for Proposal.
3. Conduct a process that narrows the applicants to a
select list of finalists. You may at this time use
business references as a means to assess credibility.
4. Conduct a process that negotiates the final terms
and conditions of the offering. These come in the Best
and Final Offer (BAFO) document equivalent.
5. Conduct a process to select the final candidate. This
candidate and your company then engage in the process of
scripting the contract for the service. Note carefully
that it is this contract which authoritatively describes
and limits all quality of service and option conditions
for performance of the service.
Authority is conferred by behavioral fidelity. You must
interogate a system to engage a negotiation, then play
tit for tat. Unless the source is a trusted provider
before engaging the service, you must initiate a means
to confer authority by reference (eg, using the reference
of another entity to which a service was provided) or
by testing and proving the service before conferring
authority as attested to in the record of authority.
Intergraph Public Safety
Ekam sat.h, Vipraah bahudhaa vadanti.
Daamyata. Datta. Dayadhvam.h
From: URAMOTO Naohiko [mailto:email@example.com]
In the Web Service, input and output schema is fixed and can be trusted with
digital signatures, but the result of services (quality of services) might
not be trusted.
Another question is how can we trust the assertions in the global
environment, the Web.
Suppose I want to publish some assertions with digital signature. My digital
certificate is signed by a commercial CA such as VeriSign, but the cert was
very easy to
get. In this case, can anyone who doesn't know me or my orgnizatoin trust my
We can limit acceptable classes of the certificates or root CAs, but it migh
the advantage of the Semantic Web (network effect).