Lists Home |
Date Index |
- To: "Bullard, Claude L \(Len\)" <firstname.lastname@example.org>, "Michael Champion" <email@example.com>, "XML Developers List" <firstname.lastname@example.org>
- Subject: RE: [xml-dev] Are people really using Identity constraints specified in XML schema?
- From: "Cox, Bruce" <Bruce.Cox@USPTO.GOV>
- Date: Tue, 24 Aug 2004 12:05:10 -0400
- Thread-index: AcSJ9Bbng5VkrUR3TiSq1c0nxrDTzg==
- Thread-topic: [xml-dev] Are people really using Identity constraints specified in XML schema?
I have not been making the same distinction between
syntactical/structural and semantic/business rules in this thread that
Michael has below. To me, a business rule is one that came from the
lawyers, not from IT, which can be syntactical/structural; and from IT,
the rules are sometimes semantic (which I take to mean not so readily
amenable to automatic checking). It seems more likely that there is a
continuum of rules from the one extreme to the other, which might be
sorted into layers where convenient for understanding or implementation.
I think I prefer the declarative approach to specifying rules, on the
assumption that these can be more reliably exchanged and implemented by
different systems. A fortuitous choice of layers would be those that
are supported by standardized vocabularies for declaring the rules. In
that regard, have any of you looked at the RuleML stuff?
(http://policy.ruleml.org/ and http://www.ruleml.org/) Is any of that
useful in this context?
Bruce B. Cox
From: Bullard, Claude L (Len) [mailto:email@example.com]
Sent: Monday, August 23, 2004 10:03 AM
To: 'Michael Champion'; XML Developers List
Subject: RE: [xml-dev] Are people really using Identity constraints
specified in XML schema?
In a one way flow to a source, the business rules can be concentrated in
the back end fairly successfully. In a blind exchange between
potentially hundreds, thousands, or millions of actors/services, this
Without the application design properly scoped, one can't
make the rules of thumb work. That is what scaling
is all about. As the number of service peers goes up, one might want to
actually increase the work done by the schema, but at some point, one
will hit a boundary, eg, cultural, legislative, etc., and it will throw
exception. Exceptions are not errors. They are feedback.
One does not measure to manage; one measures to improve.
From: Michael Champion [mailto:firstname.lastname@example.org]
On Aug 23, 2004, at 9:05 AM, Roger L. Costello wrote:
> Would you mind elaborating more upon what you see as the role of
> validation? Should there be levels of validation as I suggested last
> week? Or perhaps you are suggesting that there should be no
I'm not the Michael you asked to respond, but here's the way I see it.
"Syntactical" or "structural" validation of the sort that Schemas,
number of mechanical data entry errors, such as leaving out required
items or not putting numbers in fields that require numbers
(e.g. phone numbers, dates, etc.) XML schemas (of one sort or
another) are potentially useful ways to define such constraints,
although as Michael Kay's anecdotes remind us, this is hard to do in a
culture-neutral way, e.g, US postal codes are all numeric, most other
countries' are not. But this is at best a rough check on "validity" in
some business sense.
"Semantic" or "business rule" validation, on the other hand, essentially
cannot be done without accessing a database / knowledge base to make
sure that the request being made can be fufilled. An obvious example is
credit card validation, and for a variety of technological and security
reasons it is going to be done towards the back end of a dataflow.
Trying to force-fit this into schema validation seems more or less
One question I've always had is whether it makes sense to bother with
the structural validation if you are going to have to do the business
rule validation anyway. It comes down to a design decision -- since
it's generally cheaper to recover from errors detected earlier in the
process than later, if you can catch them early with schema validation,
go ahead. But if that is going to be harder to do than it is worth,
e.g. making the data entry screen understand the co-occurrence
constraints between a country code and the format of a postal code, I'm
not at all sure why one would bother.