Microsoft have written in the NAC context about how the behavior of applications should depend on "policy, not topology".
This is even more relevant for Web Services. "Policy" for Web Services incorporates not only Access Control (i.e. who can use which Web Service), but also reliability (where to raise an alert if a Web Service is not responding), and archival (where to log messages).
In the past, the access to an application depended on where you put it on the network. "If you put it here, then these people can access it. If you put it over on this subnet, then these other people can access it, and these other people are notified if it is unavailable". Policy Director changes this: it virtualizes the policy framework, so that when you deploy a Web Service anywhere on the network, Policy Director directs the policy down to the XML Gateway which controls that Web Service, wherever that may be. If an organization has a registry, we leverage that as part of this policy deployment. For this to work, policies have to be truly reusable across the enterprise, not bound up with resources (i.e. with the Services). This is something we enable in our framework.
There is a lot of talk about virtualization for this, and that. Virtualization of a policy framework is the logical step.
Monday, August 25, 2008
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment