[
Lists Home |
Date Index |
Thread Index
]
If I may ask, without I hope sounding too petulant:
What does this cartelization (with a rigidity of rules, permissions, and
hopelessly intertwined processes that even most colluders-in-restraint-of-trade
would be loath to subject themselves to) have to do with distributed computing,
web services, or loosely-coupled processes harnessed in cooperation to implement
custom workflows? AFAIK we were not at work here on the bureaucratic blueprint for
policies and procedures of interdepartmental cooperation in, say, the US federal
government--or at least I didn't think that was what the operating standards of an
open worldwide internetwork were supposed to resemble. In fact, I thought the
point was that the epochal influence would go in the other direction: the success
of lightweight, autonomous processes exploited for unanticipated functionality
precisely because they were openly available should persuade the ossified
hierarchs that adopting the new model was their only alternative to extinction.
Specific to this thread's questions of authentication: in a world of 'web
services' (as opposed to top-down system-wide delegation of function) 'need to
know' is a specious concern because the processing which produces data of a
particular form is divorced from (and likely knows nothing of) downstream
processes which make various uses of that data. Even when handling the 'same' data
at various stages of what might appear to a particular observer as a pipeline,
processes are separated from both the previous and the subsequent forms of that
data and therefore from the particular semantics which might attach to that data
in the execution of prior and of subsequent processes. IMHO this is as close as we
will ever come to the separation of data from process--and it achieves that goal
sufficiently to force us to reconsider what we mean by authentication and what it
is precisely that we are trying to secure. The sort of authentication which
Messrs. Chiusano and Cavnar-Johnson are discussing is predicated on the semantics
of given data being a) inherently deserving of protection or securing from
untrusted eyes and b) remaining substantially identical as the data is passed
from process to process or user to user. I argue that as the (most important, by
far) consequence of a 'web services' design, both of these assumptions are
demonstrably false. The concerns on which they are pontificating are therefore
from a different realm than web services. Unfortunately if such concerns are
seriously discussed as material to the implementation of web services there is the
very real possibility that we may find ourselves thereby designing systems which,
because of this crucial distinction, are not web services but which will be
constrained to the sclerotic (and dare I say paranoid?) notions of security and
authentication which this thread of discussion thus far evidences.
Respectfully,
Walter Perry
Chiusano Joseph wrote:
> The latter. Your approach makes total sense to me - I just needed to stretch my
> thinking on this topic a bit further with respect to the capabilities of
> WS-Trust and the policy-related GXA specifications (you have helped me do that).
>
> So it sounds like the requirements in the original scenario can be satisfied by
> WS-Trust and these policy-related GXA specifications, along with mechanisms such
> as X.509 certs, SAML, Kerberos tickets, etc.
|
