On #3: Yes, Node
Relations may still be specialized (e.g. to childToParent, employeeToManager,
etc.). No change there.
From: higgins-dev-bounces@xxxxxxxxxxx [mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of Jim Sermersheim
Sent: Friday, February 22, 2008
8:43 AM
To: 'Higgins
(Trust Framework) Project developer discussions'
Subject: RE: [higgins-dev] Data
Model (yet again)
On
#3, I thought we had a way (or maybe we used to and it's gone now) to
"type" a relationship such that one relationship could be a
"childToParent" type, another could be a
"employeeToManager" type, etc. Is this what we're getting at?
>>> "Paul Trevithick"
<paul@xxxxxxxxxxxxxxxxx>
02/21/08 5:13 PM >>>
2. I
was informed today on the call that I missed some emails on the higgins-dev
list in the past week on that topic. From what folks on the call said: (a) they
agree with you (b) apparently there is some rough consensus on what to do about
it. I’ll learn more as I re-read the higgins-dev list.
3. Hmm.
Let me see if I understand your issue…. Given Node (N1) that has two Node
Relations emanating from it, e.g one pointing to N2 and another pointing to N3,
then are you saying that we’re lacking a way to “tag” or otherwise
distinguish between these two Node Relations?
BTW, here are some other things that the data model is
missing off the top of my head…
1. Access
control policy _expression_: We agreed on the call today that we’ll schedule a
dedicated call about this in the next week. I’ll send links to a proposal for a
very rudimentary access control approach along with the meeting invites.
2. As
discussed at the F2F in Provo:
the ability for the model to express policy information at the
IdAS/CP/data-model level that today can only be expressed by an STS. The use
case that we want to support is a “recursive” case where someone
layers IdAS over, say, an LDAP data store on the one hand (that’s easy), and
context provider that is “fronting” an STS on the other hand.
The problem is that the IdAS consumer can’t query for the STS’s policy.
3. Other
things… (e.g. how to declare Node classes as “closed”)…etc.
higgins-dev-bounces@xxxxxxxxxxx
[mailto:higgins-dev-bounces@xxxxxxxxxxx]
Anthony Nadalin
Thursday,
February 21, 2008 4:54 PM
'Higgins (Trust
Framework) Project developer discussions'
[higgins-dev]
Data Model (yet again)
So I
don't feel like we are quite there yet for several reasons:
1. This is a runtime data model, there are not yet any tools that can create
the graphs that I think folks might need
2. There still is no direct way for one node to reference a specific attribute
or specific type of attribute in a different context/node
3. When using relations there is now way to tell what relation we are really
talking about
Anthony Nadalin | Work
512.838.0085 | Cell 512.289.4122
|