NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Policy Discovery Functional Profile

Policy discovery allows application developers to find and retrieve policies on services.

This Functional Profile includes, but is not limited to, the following capability elaborations:

Derived From Requirements

  • Semantic Infrastructure Requirements::Service Discovery and Governance::Administer Services The use of well defined service metadata promotes better discovery and reuse of services during design and run time. Service metadata includes information about service interactions and dependencies. It also includes a classification scheme for organizing services based on business objectives, domain, and usage. It also links services to all the supporting artifacts in the specification and provides a placeholder for conformance statements. This enables better reuse across the enterprise and eliminates redundancy.
  • Semantic Infrastructure Requirements::caGRID 2.0 Platform and Terminology Integration::Policy and Rules Management Policy and Rules Management allow non-developer secondary users to create policies and rules and apply them to services. The scope of policies includes, but is not limited to, definition and configuration of business processing policy and related rules, compliance policies, quality of service policies, and security policies. Some key functional requirements for managing policies include capabilities to author policies and store policies, and to approve and validate policies and execute policies at runtime. The Semantic Infrastructure will provide a mechanism to specify policies, including business processing policies and related rules, compliance policies, and quality of service policies. Tools and services for creating security specific policies will be provided by the caGRID 2.0 platform and will be used by the semantic infrastructure. All other policies specified in the Semantic Infrastructure will be enforced by the platform at runtime. Link to use case satisfied from caGRID 2.0 Roadmap: Each institution has different data sharing needs, access control needs, and business rules for processing that are defined and customized. For example, policy at the pathologist's institution may state that the patient is scheduled for a visit when the review is complete.
  • Semantic Infrastructure Requirements::caGRID 2.0 Platform and Terminology Integration::Service Discovery and Utilization This group of requirements focuses on enabling developers of composite services and applications to discover, compose, and invoke services. This includes the discovery of published services based on service metadata and the generation of client APIs in multiple languages to provide cross-platform access to existing services. The platform will use the semantic infrastructure service metadata to address all the service discovery requirements. The semantic infrastructure relies on metadata about services and artifacts. Link to use case satisfied from caGRID 2.0 Roadmap: As institutions share de-identified glioblastoma data sets, they are available to others via data discovery. The treatment recommendation service used by the oncologist is able to discover these new data sets and their corresponding information models, and include that data for subsequent use in recommendation of treatment. Link to use case satisfied from caGRID 2.0 Roadmap: all of the data management and access services in the use case are utilized by application developers to build the user interfaces that the clinicians use during the course of patient care.
  • Semantic Infrastructure Requirements::Artifact Management::Specification Content to be done

policiesAndContractsModel

Service Policy Model create, destroy, edit, maintain.

The use of well defined service metadata promotes better discovery and reuse of services during design and run time. Service metadata includes information about service interactions and dependencies. It also includes a classification scheme for organizing services based on business objectives, domain, and usage. It also links services to all the supporting artifacts in the specification and provides a placeholder for conformance statements. This enables better reuse across the enterprise and eliminates redundancy.

Service policies help establish constraints on the service specifications and mandate an approach. Policies can be specified around governance, access control and other design and runtime constraints.

In the realization of policies and contracts for a SOA, there are common policy principles that will be encountered in many of the standards and/or technology choices used for the realization.

While policy and contract descriptions have much of the same architectural implications as described in Service Description, languages and mechanisms supporting policies and contracts also have the following architectural implications:

  • Policy and Contract language specifications will typically provide support for the following capabilities:
  • expression of assertion and commitment policy constraints;
  • expression of positive and negative policy constraints;
  • expression of permission and obligation policy constraints;
  • nesting of policy constraints allowing for abstractions and refinements of a policy constraint;
  • definition of alternative policy constraints to allow for the selection of compatible policy constraints for a consumer and provider;
  • composition of policies to combine one or more policies.
  • Policy and contract mechanisms in a SOA ecosystem will require the following capabilities:
  • decision procedures which must be able to measure and render decisions on constraints;
  • enforcement of decisions;
  • measurement and notification of obligation constraints;
  • auditability of decisions, enforcement, and obligation measurements;
  • administration of policy and contract language artifacts;
  • storage of policies and contracts;
  • distribution of policies/contracts;
  • conflict resolution or elevation of conflicts in policy rules;
  • delegation of policy authority to agents acting on behalf of a client;
  • decision procedures capable of incorporating roles and/or attributes for rendered decisions.
  • No labels