Notes from the Higgins Developers
call on Thursday, July 3
Attendees
=========
Charles
Andres
Paula Austel -
IBM
Jeff Broberg
CA
* Duane Buss -
Novell
Anthony Bussani -
IBM Zurich
* Greg Byrd -
NCSU/IBM
* Brian Carrol -
Serena
* Tom Doman -
Novell
Andy Hodgkinson -
Novell
Valery
Kokhan
- Parity Ukraine
* David Kuehr-Mclaren -
IBM
Mike McIntosh -
IBM
* Tony Nadalin -
IBM
Dale
Olds -
Novell
Ernst Plassmann -
IBM
Uppili Srinivasan -
Oracle
* Drummond
Reed -
Cordance
Bruce Rich -
IBM
* Mary
Ruddy
- Meristic/SocialPhysics
* Markus Sabedello -
Parity
* Jim Sermersheim -
Novell
* George Stanchev -
Serena
Daniel
Sanders
* Paul Trevithick -
Parity/SocialPhysics
* Brian
Walker
- Parity
Jeesmon
Jacob -
Parity
Carl Binding -
IBM
Tom Caroll -
Parity
Ernst
Plassmann - IBM
* Mohamad -
Oracle
* Hank
Malden
* Attendees
Meeting
Notes
. [Brian] 1.1M3 - 25 July
is the target date
[Brian] Quick update. Sent
an email out last night. M3 is the
next milestone. Targeted for July
25. You can go to the project page
and get a link to the bugzilla candidates.
If you know that an item is not getting done, move it off to M4. Monday July 23rd is the lock down
point. If not done by then you or I
will push it off. I will keep the wiki page updated and accurate to reflect what
is planned for inclusion in
M3.
2. [Brian] Nightly
Auto-test
- Continued coordination
with Buckminster project
- Also looking at Dash
project
[Brian] We had a call a few
minutes ago with Thomas H. from Buckminster as well as Valery and Peter in
Ukraine. We discussed how
Buckminster does and how Higgins does scripts. The net is fundamentally 2 choices. We need to decide what the common build
foundation is:
1) Continue to roll our own
and build test on that. Or
2) Collaborate further on
that and extend the Buckminster build process and leverage the test tools used
by some other projects. This would
be more of a community approach.
The next step is to
follow-up with Mike to see if from a build perspective we could do a scoping
exercise on the STS. It would be almost a worse case scenario
given the STS’ complexities. He wants the
STS to be the guinea pig. We
are also forwarding Buckminster build info to Valery and Peter. I’ll send notes to the
list.
3. [Brian &
David] Internationalization
[Mary] We have both Brian
and David on the line for the next topic.
[Brian] David and I met on
Wednesday to see where he is on his specific project deliverable. And about what the next steps (phases) we
should go through. We will start
with David’s IdAS as pilot. Once we
are through with that pilot and have discerned the learnings, then we will go
into phase 2 and identify several other Higgins based components and apply a
similar or revised process to the next round of prioritized Higgins components.
I outlined this in a wiki page update.
[Brian] Need to make sure people review the
notes and speak up during this phase.
The intent is that we clarify what we do for the other components that
will follow. Need to speak now or
hold peace.
[David] Will do this for
one of the IdAS components and post it for review with notes, and see if folks
have any concerns. Then progress from there.
4. [Greg, Markus]
Adding contexts dynamically to the IdASRegistry
[Paul] Sounds good. The next thing I added to the agenda.
So Greg, you have a summary for the
group?
[Greg] There are 2 parts of
this. The first is to have a
configurable component tell you what its parameters are. The next step for that is if you know
what they are you can change them.
So making this writable is the next step.
We had some nice discussions, in the archive. If people, want to reawaken this topic,
we could open it up.
[David] What we are tying
to accomplish is to write a
management interface; to be able to change
it without having to restart a product.
We are very interested in reviving this discussion.
[David] What is the best
way to do that?
[Greg] Through the dev
list. To restart by saying what the
requirements are. I will try to
resuscitate what I had said about the settings before.
We just need to kick start this.
There is the description, making dynamic changes, and writing out a
configuration to some sort of persistent, human readable form. Those are the three pieces of the
process.
[Paul] Greg it might be
helpful to put that on the list to get people headed in the right
direction.
[Greg] I will find the
stuff and get this moving again.
[David] I may send you notes off line to get this
together…….
5. [Paul] Versioned
solution pages
[Paul] A polite reminder, to update your Solution
wiki pages. As we get an increasing
number of users, having good wiki doc will keep them off your back while you are
trying to work. Want to thank Paula for updating her Solution. It is now
versioned. That is the format that we are using. Just a gentle reminder to those
named to update their solutions…so they re versioned accurately
6. [Paul] Revised
representation of access control policy
[Paul] I created a wiki
page to talk about a proposal. Lets take a look at the wiki page together… I
hope everyone can see the pictures.
The two at the top are examples of what we are proposing to do. E1 is granting E3 permission to do an
operation. The idea is you can add
more subjects and more resources to the operation but that all need to
apply. From a simplicity point of
view you can express the same thing with just 2 arcs (rather than 3) by
sub-classing the operation – see bottom picture.. This was motivated by the simple
example, and is simpler. So it
seemed to have merit. I want to
open this up [for discussion]. Is
this a good direction? Or does this
just look good because the examples are simple…
[David] Can the E3 subject be a group?
[Paul] Yes, it can be any kind of agent. It allows RBAC by letting E3 be a group.
[David] The E1 can it also be a group?
[David] Jim was asking that same
question.
[Paul] My quick reaction, is would need to qualify
the arcs that come out of E1. I
think what David was talking about is a natural aggregation relationship. In the
case of E3 being a group, there would be a specific arc over which the policy
would be transitive. If we desire to do what David says allow aggregation on the
E1 side, we need to be explicit about the arcs that it is transitive
over…
[David] There are hierarchies on both sides. Organization and resource hierarchies
and groups…Those are both scaling mechanisms.
[Paul]Great. I will take an action item to explore
this, and what kinds of attribute arcs this would apply to.
[David] My last question then: is there a way to
create a policy with multiple operations?
[Paul] Just put this up as a possible framework,
We can define sub-attributes like subclasses.. We could define combinations. You
could define an attribute that is for an example: read and modify. Then with one
attribute, you have chosen a fixed combination. Maybe you had something more elaborate
in mind?
[David] Need to think about that, i.e. having a set of permissions
[?] Paul is talking about the need to have
negative assertion. Lack of an arc
is lack of permission..
[Paul] Normally to do CRUD, you would have 4 arcs.
Create, Read, Update and Delete.
[?] That would also allow us to have new
permissions.
[David] If I wanted to have an editor’s policy, it
would have two arcs. Read and Update.
[Paul] We reserve the right to revert if it turns
out that this doesn’t scale.
[Jim] I never saw the first approach as having 3
arcs. I saw it as two arcs, and
operation listed as attribute values.
[Paul] That is the upper picture
approach.
[Jim] I never though of the attribute value being
an arc.
[Greg/David]
It is.
[Hank] In the second picture, what do you loose by
not referring to the resource specifically?
[Paul]…..
[Hank] You obviously need to in some way define
resources. Do you look…
[Paul] I believe them to be semantically
equivalent.
[Drummond] So are triples both ways. Top has 3 triples. Bottom has 2 triples. My feedback is the two triple approach is
more efficient to process
[Hank] Thank you.
[Jim] When I look at this, I have an assumption.
On the top picture one policy would govern one subject and one resource and
allow N statements. So for example I can see very easy how to say Bob has read
access to Mary’s attribute. Now I’m supposed to create two policies?
[Paul] One policy. Multiple subjects, operations and
resources,
[Jim] So I could have one policy that covers
everything.
[Drummond]
Could have multiple arcs with different permissions on the same or
different resources. I like that having established a policy that covers a lot
of resources, you can add more subjects.
[Jim] Bob and Frank have Read access to Mary’s hat size and write access
to Joe’s phone number. When you
think about allow and deny arcs, all these are operation arcs are either
granting or denying to a subject.
[Drummond] The assumption was that this was all
“allow”, but it could also be “deny”.
[Paul] I thought we would have “not
read”.
[Drummond] That is deny.
[Jim] There are two ways to do that. Not sure which is more
natural.
[Paul] Semantically the pictures are the same. But
it gets more complicated, when the example gets more complicated. Maybe I need
to provide more examples for people to give feedback on the
differences.
[Jim] We should have a list of natural language
policies. I wonder if we had a list
of those to use as list to be applied…
[Paul] Are there any volunteers for next
week? This could be 10 minutes of
work.
[Jim] I can try to stub this out using the access
control wiki.
[David] I have some use cases I can put
up.
[Paul]Send your use case to Jim. We should stop
now. We should continue this after we have the use cases. Question: how do you know who has management
rights to which policy object? I
roughed out a managed by property.
Jim, I think you have thoughts on that too.
[Jim] It looks so easy, why can I not just have a
“readable by x”?
[Paul] We actually started there, but when I
read up on XCAML, it is really nice to separate policy form data. It frees the implementers from
needing to express the policy
stuff.
[Jim] Why are we not just reusing policy on
policy?
[Paul]
Ah, recursion. Just wanted
to surface…. Not using policy to
manage policy.
[Paul] I will try to work on that for next
week.
[Jim] The email I sent out was a walk through from
time zero.
[Jim] I can commit to participating, but not to
writing this up.
[Paul] I will try to draw more pictures for next
week.
7. [Mary] Home page
design update
- See http://www.eclipse.org/higgins
- Changed banner to revised
tagline. Added text at top.
- We’re continuing to make
format tweaks, etc. as they are identified.
- Next need to work on
additional content for the Iceberg section.
- We are also thinking
through the logic for upgrading the download pages.
- New MediaWiki skins still
on hold following Ganymede.
[Mary] Based on last week’s
discussion, we published the revised banner. Then we had a discussion on the dev list
about adding new text at the top, and
published this new text. We have
also continued to make fixes to formatting and address browser
specific issues as they are
identified. Please keep providing
feedback when you find things.
[Mary] We are also working
on 3 longer term areas: Developing additional content for the
Iceberg section, coming up with a plan for upgrading the download pages, and
supporting a wiki skin that looks like our new web look and feel.
[Mary] Paul, Brian: do you
have an update on the download pages?
[Brian] We are taking an
iterative approach. There is more
work to be done before bringing the next iteration
forward.
[Mary] The new wiki skin is
on hold until the Eclipse wiki/web master resurfaces following
Ganymede.
8. [Paul] Higgins
and FC2 Consortium
[Paul] I finally wrote up
my notes from the meeting. They are
published. It was a whirl wind
tour. It was a lot of ground to
cover. Everything was discussed at
a very high level and [therefore] imprecisely. Their use cases are fairly complex. They
want to use Higgins as the integration framework for French citizens for
anything from registering to vote, to changing a bank balance. There are three constituencies:
Governments, Banks and Telco’s. Some use SAML. Some are more attracted to using
WS-trust. The consortium is funded,
and up and running. They are
evaluating Higgins as a potential technology to make a consistent user experience under
the hood. I’m hoping they reengage
with us to figure out how to go forward.
[Paul] We’re at the end of
the agenda. Any other
items?
[Silence]
[Paul] Have a good holiday
for those in the US. We will have another call next
week.
[Paul] Mary, thanks for
taking the notes.
-End 12:52
PM
EDT.