Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[higgins-dev] Notes From July 17 Higgins Developers Call

Notes from the Higgins Developers call on Thursday, July 17

 

 

 Attendees

=========

 Charles Andres

 Paula Austel - IBM

 Jeff Broberg CA

* Duane Buss - Novell

 Anthony Bussani - IBM Zurich

* Greg Byrd - NCSU/IBM

* Brian Carrol - Serena

 Tom Doman - Novell

 Andy Hodgkinson - Novell

Valery Kokhan - Parity Ukraine

* David Kuehr-Mclaren - IBM

 Mike McIntosh - IBM 

 Tony Nadalin - IBM 

Dale Olds - Novell

Ernst Plassmann - IBM

 Uppili Srinivasan - Oracle

*Drummond Reed - Cordance

 Bruce Rich - IBM

Mary Ruddy - Meristic/SocialPhysics

* Markus Sabedello - Parity

* Jim Sermersheim - Novell

 George Stanchev - Serena

* Daniel Sanders

Paul Trevithick - Parity/SocialPhysics

Brian Walker - Parity

 Jeesmon Jacob  - Parity 

 Carl Binding  - IBM 

 Tom Caroll - Parity 

 Ernst Plassmann  - IBM 

 Mohamad - Oracle

* Hank Malden  - Cicco

He Yuan Huang (York) - IBM

 

* Attendees

Meeting Notes

Agenda

1. [Brian] 1.1M3 (25 July Target Date, July 23 Lock Down Point)

[Brian]  The M3 milestone: went through and did some scrubbing and updated the wiki pages.  Sent out a note to remind folks to clean up their full list of candidate items.  Keep that list as fresh as possible.  71 items, 11-12 are committed and fixed.


2. [Brian] Nightly Auto-Test

  • Next step was getting Mike together with Thomas H. of  Buckminster
[Brian] Next step is to get Mike and Thomas H. together.  Haven’t been able to schedule yet, hopefully Friday or Monday.  The point is to see what specific Buckminster build extensions would be needed to [use Buckminster to] do this for auto test for STS {as beta test.]


3. [Brian & David] Internationalization

[Brian]  David do you want update us?

[David]  Stuck on how to package [the required OSGi dependency] so least amount of impact.  Prakash posted two options. One fits with [Apache] Commons Logging better. Not sure how to pursue.  Not sure what has been done in the past. So we need to accept advice.

[Mary]  We need to get approval to reuse any EPL code that is not already part of our project.  It would be great if we could just use the subset of the jar that we actually need. We would need to get approval from the project to make changes to the code.

[David] One option is to fork their code.  The other is to extract their class file….

[Mary] I will get a contact in the project.  Then they can supply the details.

[David]  Need to figure out how to work with community to get changes. And how make work for the rest of the [Higgins] components.

 


4. [David, Greg, Markus, Rajalakshmi] Adding contexts dynamically to the IdASRegistry

[Paul] Next topic: can you summarize where we are on that one.

[David] Rajalakshmi has been consulting with Greg and going down the path of the first option and being able to use the map to change the values and update the XML file. There is a configuration handle for doing the update.  Greg was providing questions and advice…  I responded to the notes today.  Greg how does it look?

[Greg] Option1 is the one I prefer. 

[David} We can post to the configuration management page the latest state of that prototype.

[Paul] OK. Sounds good, if no other comments…

[Jim] I don’t want to throw a wrench in, [but] Daniel and I were talking about how the configuration of at least the XML files look.  How come every element is a setting element, and they have a name and type? Maybe [we should] have a setting section and then name and type dictates what kind of element it is. Then we could have an XML schema that could be used by tools. Then there may be existing tools that allow people to build UI’s.  Some of the past discussions are how could we build a generic mgt tool to update the configuration values.  I don’t know if that is something that we want to start thinking about?  Or we could defer, and maybe refactor later.

[David] That idea, there is some concern that that would lock us into an XML schema.  So Greg proposed a more simplified way.  I’m used to XML schema.  But there was some thought that that would be too complex.

[Jim] I wanted to make sure it had been considered. Can you explain?

[Greg] I don’t know that there is an explicit objection. I would need to ask Mike. I don’t particularly object to it.  I don’t know XML schema.

[David] I can try to follow up with Mike and Greg and get back.

[Jim] Great. Sounds good.


5. [Paul] IdAS Access Control

[Paul] Next item:  I was going to take another pass on this.  I’ve provided two links.  I’ve switched the style of the picture: more packed in.  In terms of material changes: We added the word group to qualify subject.  That now says group subject. This is in response to Jim’s question [last week].  The big thing I fixed: I can edit my own full name and email attribute values. What we did to implement that, is see the stack in the middle - the top gives read access to everything, the next one gives read and modify access to members of the managers group.  Notice that employee 3 is a member of the everyone group and the HR mangers group.  There is an assumption of additive access. Employee 3 is simultaneously a member of 2 groups.  Where things get more complicated are the bottom two Myself policies.  These apply to any instance of the class employee that happens to match the consumer making the request.  At the left there is a new kind of attribute: self interest subject.  The subjects that apply to that Myself policy are, see insert below, only the instance that is currently logged in.

[Jim] So the semantics are any instance of that class, whose entityID matches the consumer identity.

[Paul] So this is a mouth full.  I also added a completely new dimension.

[Paul] So the first three policy objects they all don’t have the attribute I’m about to talk about. They only have group subject or self interest group and modify/read.  That points to a class of objects that we are talking about.  It doesn’t point to an instance of an entity but to a class of identity -  i.e. every instance of employee.  A manager can modify any instance of employee.

[Paul] The next one down has a read.  That is redundant with the read arc (Myself is a member of the group.) For the Myself 2 one, actually, I have to restrict along the attribute dimension. The Myself can only modify two of the attributes.   It is a further restriction of the scope of the resource.  I can modify any instance of the call employee as long as I am the subject and specify the two attributes full name and email. But not the employee ID.

[Jim] That makes sense to me.  But I think we said you could do multiple of these there

[Paul]…..

[Jim] On attribution and modify, not paired.

[Paul] You put your finger on the limitation. You can’t now have….. The semantic is the cross product of all the entity scoping and attribute restrictions

[Jim] If you allow a complex attribute that would be cool.

[Paul] There is another alternative way: to use an attribute UDI.  A structured identifier with two parts: One points to an entity and from there can point to an attribute. What I have in figure 2 is two pointers.  Then have a second for attributes.

[Markus] In that case…

[Paul] I thought of that. The problem is full name could be used.  Specifying an attribute doesn’t fully qualify the attribute.  An attribute UDI simultaneously points to two things:  (two pointers in one) entity and attribute. It is a structured identifier with two separate parts. Because now it is hard to point to lots of resources.

[Drummond] You can only point to all attributes.

[Paul] In practice that is a limitation. I’d be very interested in feedback.  It is using a powerful new thing, attribute UDI, that is a more complex thing. So I tried to see what would happen with just two attributes.  It is an arc that is hard to draw visually.  One of the reasons I switched [picture] style is that I can generate the new type of picture with a program.

[Jim] I have this proposal, on representing all of the models /classes and attributes as entities within the context and I just pasted something in the IRC to show, if there was some way to address all the way down to a value, the identifiers of the three steps you would have to point to, if my proposal were working today, the first URI is the entity idea, person class, on this is attribute type. That describes the attributes of person. One of the values of that attribute would be the full name attribute.. that is how we tie the employee to the full name attribute.. …..

[David?] That is the basic idea of UDI identifier.

[Paul] Unpacking that, there is a natural assumption in Jim’s proposal that classes can map to what attribute types are in the class. There is a forward link to the class.  Today in the data model, that is an inference, but it is not specific. I’m following the RDF convention that the pointer is another way. Attributes imply classes.  In your proposal, the semantic is there, the issue is the way it is expressed.

……

[Paul] David said last time sometimes want to have dynamic definition. In the model we have today, just need to make a policy and have the subject or class point to it.  It is natural to have dynamic and inferred class definitions, which you don’t get in normal Object Oriented programming.

[Paul]On this call we have two interrelated issue on the table.  I drew up a low tech way to scope this out. Or that could be done with an attribute UDI. Or Jim you are proposing another way.

[Jim] What would the attribute look like unless we had a way to point at…

[Paul] The attribute UDI would be a double, rather than a triple. The UDI of the employee class and of the name. 

[Jim] That presumes that on the employee class all we see are the potential attributes allowed for that class. But, I was thinking there would be more - an extra layer: what are the allowed attributes, what its super type is. One of the biggest reasons I started down this class is someone could subclass this notion - entity model is what says what could be on any of these classes. So people can dynamically extend these models.  I was imagining there needed to be three pieces: class, and before jumping to full name, there would be the name of the container of allowed attributes…

[Paul] What is on this picture is the same thing in the inverse direction. Also I realize I made another mistake, that modify pointer is wrong.  It needs to be scoped to be self instance modify. Just because you are logged in, you don’t [necessarily] have update access. Allow ID modify only if the entity is me.

[Jim] Modify is the data type.  If what you are saying is you would add a new attribute type: self interest modify.

 

[Jim] If we used my proposal, we would need a value UDI.  I need to draw pictures also. 

[Paul] I agree the way you modeled it, it is three hops, or two with an attribute UDI.

[Paul] This one simple use case turned out to be more interesting than I thought.  I will fix the bugs and we can continue discussing this on the list.  I want to move on to other use cases so we don’t over curve fit to this one.

[Jim] How did you draw this?

[Paul] I was following the style of Topcomposer.  If use attribute UDI’s, can’t use the tool.

[Paul] … The book is life changing: Semantic web for the working ontologist.   I will put the link on the list.

[David] Just confirmed the book title via the web. 

 

 


6 [Paul] Next F2F?

[Paul] The next topic is should we have a Face-to-Face meeting.  We haven’t had one in a while.  If we think it is a good idea.

[Drummond] Good idea.

[Mary] It has been too long. We have a lot of stuff to talk about.

[Jim] I think it is great idea.  My boss doesn’t think so.   

[Paul] We were thinking of having it right after DIDW (Which is September 8-10)

[Jim] Where is it? San Francisco?

[Mary] Anaheim, CA.

[Paul] There are other options, I bet Novell would play host.

[Paul] The current suggestion is just after DIDW: midday on Wednesday through Friday.

[Paul] Maybe we can make a doodle.


7. [Mary] Home page design update

  • New MediaWiki skins still on hold following Ganymede - will  be a couple more  weeks before Eclipse can get back to  this.

[Mary] So we are still waiting to hear back from Eclipse on enabling the wiki skins.

[Mary] We have been thinking about the next steps for the home page.  Paul suggested that after we introduce information Card, we talk about Higgins software for issuing cards, and for accepting cards and managing cards.  Then we can drill further down into the IdAS layer that underpins everything. That way the home page starts with a high level user experience and then drills down all the way to developer tools.

[Paul]  That is all for today.

-end

Back to the top