Patent Grant
8209262
This application is related to co-pending patent application Ser. No. 12/167,848, entitled “POLICY APPLICATION RULES FOR AUTOMATED CONFIGURATION OF SOFTWARE COMPONENTS”, filed herewith, the disclosure of which is herein incorporated by reference in its entirety.
The present application relates to policy configuration mechanisms, for example, for Service Component Architecture (SCA) in computer systems, and more particularly to a pattern-based policy application mechanism.
Service Component Architecture (SCA) is a programming model for building applications and solutions based on a Service Oriented Architecture. SCA describes the content and linkage of an application in assemblies called composites.
Security policy intents:
Transaction policy intents:
In SCA policy specification, valid sets of intents are defined. For example, all security intents can be applied to a same element. As for transaction, “propagatesTransaction” and “noManagedTransaction” are defined as “incompatible intents”. Also policy intents, which are applied to a component are inherited to the lower-level composite in case a component includes another composite. Users have to apply policy intents and policySets considering such restrictions and qualifications.
Open SOA proposed SCA policy representation as part of the SCA policy framework. Some domain-specific SCA policies are discussed, such as SCA security policy and SCA transaction policy. SCA policy framework defines security intents and policySets, and how to attach intents and policySets to a SCA composite. The SCA policy attachment mechanism is quite flexible, such that one can attach intents and policySets, e.g., specify abstract policies using intents such as “authentication” or “integrity” to any kinds of elements in a composite. However, there are some. In implementing the policy, users need to conform to those practices. It is also necessary to ensure all intents are consistent. Often, however, it is difficult to properly configure policy because a SCA composite structure can be complex, for example, it may have a recursive structure, intents have domain-specific constraints, etc.
A method and system for pattern-based policy application for service component architecture (SCA) are provided. The method in one aspect may comprise defining a policy pattern for SCA. The policy pattern includes a plurality of roles and one or more constraints between the plurality of roles. Each of the plurality of roles defines a plurality of intents or policy sets or combination thereof. The method may also include identifying one or more roles assigned to said one or more SCA components, and applying automatically one or more intents or policy sets or combination thereof, associated with said one or more roles to said one or more SCA components. The method may further include validating said one or more intents or policy sets or combination thereof applied to said one or more SCA components based on said one or more constraints.
A method for pattern-based policy application for service component architecture (SCA), in another aspect, may comprise defining a policy pattern for SCA. The policy pattern may include a plurality of roles and one or more constraints between the plurality of roles. Each of the plurality of roles defines a plurality of intents or policy sets or combination thereof. The method may also include allowing a user to select a policy pattern to apply for a composite including one or more SCA policies, inferring one or more roles based on the policy pattern applied for said composite, and attaching said one or more roles to said one or more SCA components. The method may further include inferring one or more roles from said one or more constraints and applying automatically said inferred one or more roles, and validating said one or more intents or policy sets or combination thereof applied to said one or more SCA components based on said one or more constraints.
A system for pattern-based policy application for service component architecture (SCA), in one aspect, may comprise a processor; a computer-implemented module operable to define a policy pattern for SCA, the policy pattern including a plurality of roles and one or more constraints between the plurality of roles, each of the plurality of roles defining a plurality of intents or policy sets or combination thereof; a computer-implemented module operable to identify one or more roles assigned to said one or more SCA components; a computer-implemented module operable to apply automatically one or more intents or policy sets or combination thereof, associated with said one or more roles to said one or more SCA components; and a computer-implemented module operable to validate said one or more intents or policy sets or combination thereof applied to said one or more SCA components based on said one or more constraints.
A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform above-described methods may be also provided.
Further features as well as the structure and operation of various embodiments are described in detail below with reference to the accompanying drawings. In the drawings, like reference numbers indicate identical or functionally similar elements.
A mechanism is provided for a SCA policy configuration. The pattern-based policy pattern application mechanism of the present disclosure simplifies the SCA policy configuration and aids in assuring policy validity.
A Policy Pattern for SCA
In one embodiment of the present disclosure, a policy pattern for SCA 304 may specify policies for SCA elements by associating roles with those elements such as “Transaction creator” role. The role assignment is made if that element is required to behave like a transaction creator. Note that ordinarily this would require assignment of multiple intents and/or policy sets to different elements, but the concept of a role simplifies the policy application. A pattern defines multiple roles and constraints between them. For example, when “roleA” and “roleB” are defined in one pattern, the constraint could be that “roleB” element should be wired from “roleA” element. Here, “wired” means that the element applied “roleA” and the other element applied “roleB” should be connected in a SCA composite. For example, in
To make deductions about the composite behavior, composite SCA structures, intents, policy sets and policy patterns may be represented in one embodiment in predicate logic. The pattern described above may be defined by the following predicate, which as an example uses Prolog syntax:
In one embodiment, the following constraints between X and Y are assumed:
The predicate path (X, Y) means that SCA element X and Y are wired directly or indirectly. In the SCA composite, if the source element X can invoke the target element Y, path(X, Y) is true. In the SCA pattern, constraints between X and Y is that there is a path from X to Y. And both X and Y have quantifier ∀, ∃, so we can represent various kind of constraints for the pattern. The policy pattern may be represented in XML, which is described in more detail below.
The following description explains a top-down policy pattern application mechanism for SCA in one embodiment of the present disclosure. We present two scenarios of pattern application as examples. Here we use an atomic transaction pattern as an example. The atomic transaction pattern may include three roles, txCreator, txPropagator, txNonPropagator. A user can specify atomic transactional policy to a composite by applying these roles in the atomic transaction pattern to the composite. Many applications have a requirement that certain sections of the application execute in an atomic transaction, that is, atomically, wherein the execution either completely succeeds or fails in all situations (thus there is no inconsistency in the final state). Examples of such applications are money transfer, ticket booking and so on. Implementing this requirement in SCA involves application of multiple intents/policy sets to multiple SCA elements. We simplify this by defining an atomic transaction pattern, for example, as follows.
The top-down pattern application scenario assumes that user knows a set of roles defined in the pattern.
The following description explains a bottom-up policy pattern application mechanism for SCA in one embodiment of the present disclosure. Another pattern application process, bottom-up pattern application scenario, assumes that user has the pattern to apply.
A policy validation mechanism for SCA in one embodiment is described below. The present disclosure also proposes how to validate a pattern in both a top-down and a bottom-up application.
1. prolog facts 606 which are transformed from a SCA composite representation 604 (SCDL—Service Component Definition Language);
2. prolog rules 608 which are transformed from the pattern XML representation 602.
In the present disclosure, we define patterns that capture nonfunctional behavior at a high level, instead of relying on individual policies. The patterns may be represented in XML, although not limited to that representation. Validation mechanism of the present disclosure uses an inferencing engine. A programming language such as Prolog provides that capability and can be used. If Prolog is not used, other language constructs that provide inferencing mechanism may be used, or an inferencing engine may be built for that functionality.
In one embodiment of the present disclosure, to validate a SCA composite written in XML representation 604, it is transformed into prolog facts 606. We define the transformation from a SCDL into corresponding prolog facts. An example of transformed prolog facts is as follows:
The component(CompA) specifies a component named “CompA”. The componentService(CompAServ) and componentReference(CompARef) specify a service and reference on a component, respectively. If the CompAServ has an integrity intent, its predicate is hasIntent(CompAServ, [integrity]).
The policy pattern also may be XML representation as shown at 602, and the pattern can be transformed into the prolog rules 608. The pattern-applied component should satisfy the following constraints: ∀X∃Y (path(X, Y), roleA(X), roleB(Y)).
In top-down pattern application, one or more roles may be applied to a composite by a user and it can be transformed into corresponding prolog facts. The prolog facts and the prolog rules which is derived from the pattern can be executed automatically as a prolog program. If the facts satisfy the rules, the program returns true and this means that the role-applied composite does not violate the pattern constraints. If the program returns false, the policies should be altered to conform the pattern. A user may be notified to change the policies. In bottom-up pattern application, one or more roles are inferred (i.e., if the proper set of intents are applied to a composite, those intents are transformed into the corresponding roles by the inference) and applied when a user selects the pattern applied to a composite. The validation process may be executed as the case of top-down application.
As described above, a SCA composite comprises of SCA elements such as components, services, and references. A SCA component contains the actual business logic and contributes to the functionality provided by the SCA composite. The component's business logic is coded and exposed for use by other components and clients in the developer's preferred implementation platform (SCA supports the use of multiple such implementation technologies) The component implementation could itself be another SCA composite, creating a recursive structure: the component is implemented by another composite, and the composite has other components.
SCA policy can be applied to any SCA elements, so policies can be added to a top-level composite and also a lower composite, which is used in the top-level composite. If both a top-level and lower composites have policies, they are merged and checked if the set of policies are valid. However, the validation rule gets complex because there may exist domain-specific constraints for policies. As for transaction policy intent, valid set of transaction intents are defined as propagatesTransaction on component service and component reference, and managedTransaction.global on component implementation. However, a set of propagatesTransaction on component service and managedTransaction.local on component implementation is invalid, for instance, because the SCA specification defines that they are invalid. In cases where the composite has recursive structure, it will be hard to ensure all applied intents are valid because intents on a higher component (e.g., composite 1 shown in
The method and system of the present disclosure may define a policy pattern for SCA. Details of a policy pattern for SCA are further described herein. A SCA policy pattern comprises a definition of roles and a definition of constraints for roles. The mechanism of the present disclosure in one embodiment can apply a valid set of policy intents by applying one role to a SCA element. A role is an abstraction of SCA element properties, and it is defined as a valid set of SCA policy and elements. The following is one example of role for transaction policy pattern. A “txCreator” role can be defined as follows:
Here “X” is an SCA element, and componentService(X, Serv) means that “X” is SCA component and “Serv” is a service of the component. The hasSuspendsTx(Serv) means that “Serv” has a transaction policy intent “suspendsTransaction”. Similarly, hasPropagatesTx(Ref) and hasManagedTxGlobal(Impl) means that a component reference and implementation have “propagatesTransaction” and “managedTransaction.global” intents, respectively. In the present disclosure, a user can apply policies to SCA components by assigned the role. A component which is assigned “txCreator” role is assumed to have these three transaction intents on the corresponding elements.
In one embodiment of the present disclosure, we define the role representation in XML. This representation is based on a SCDL representation. We introduced a “role” element, and this element has properties for the role. Table 1 illustrates representation of “txCreator” role and its properties by component structure.
We can specify one or more types of roles in one pattern, and constraints between roles can be specified as a pattern. To represent patterns, we introduce a concept of “path” in a composite.
Definition of Path
In the SCA composite, some elements may be assembled and wired to each other.
As for transaction policy, the mechanisms of the present disclosure defines txCreator and txPropagator roles, and the pattern constraints can be represented as follows:
This predicate means that X is a component applied to a txCreator role and Y is another component applied to a txPropagator role, and all Y should be connected to existing X directly and indirectly. The XML representation of this pattern rule is shown in Table 2 below. Path(X, Y) can be represented as <pat:Path sourceRole=“X” targetRole=“Y”/>. Quantifiers of X and Y such as ∀Y∃X corresponds to <pat:AllTargets><pat:ExistSource> elements. In one example constraint representation, four quantifier elements are introduced as follows:
The policy pattern in one embodiment comprises the role definition and pattern constraints represented in XML. Table 3 shows a part of transaction pattern example. We assume that a pattern is applied to one composite, so the compositePattern element is a template of a composite structure. The pattern specifies a set of policy intents and policySets as component roles. The component element in the compositePattern is assigned a role name by role attribute, and one or more intents are specified as the component and its child elements (service, reference and implementation). This example shows that a component that is assigned a “txCreator” role should have the following intents: “suspendsTranscation” intent on a service element, “managedTranscation.global” intent on an implementation element, and “propagatesTransaction” intent on a reference element.
The constraints element specifies constraints of component roles. We can specify two roles, which are allowed to connect directly and indirectly using path element. For example, the pattern specifies the constraints between two roles. In one embodiment, the constraint exists between what is identified as the ‘sourceRole’ and ‘targetRole’. Using the All/Exists quantifiers allows for specifying how many respective sources are present for the respective targets. The path/nopath allows for specifying whether the source and target should be connected or not. The source and target element means that there is a path from an element with source role to another element with target role. These source and target roles have quantifiers specified by AllTargets and ExistSource elements. The All element is a logical operator for multiple paths.
In one embodiment of the present disclosure, policy intents and policySets can be applied properly by applying roles to components. The role application may be validated according to the constraints.
Top-Down and Bottom-Up Policy Application and Validation
An SCA composite is represented in XML as SCDL, and the policy pattern has also XML representation. Policies may be applied in several ways according to the present disclosure. For example, as discussed above, top-down and bottom-up applications. In the top-down application, a user knows the roles, which are defined in the pattern, and he or she may apply the roles to SCA elements manually, for example, via user input on a user interface tool or program running on a computer or computer system. The applied roles are automatically checked if they are valid based on the pattern constraints, and other required roles are inferred and assigned automatically.
As for the bottom-up application, a user has a composite with one or more policies, and roles are inferred from existing policies. The set of intents are defined as a role in the pattern, and this information is used in the inference. The pattern constraints are validated as the case of a top-down application.
In one embodiment, a policy pattern is designed by predicate logic, therefore we can validate the pattern, for instance, by using a program that uses predicate logic such as a Prolog program. An SCA composite is also represented in XML, and the SCDL is transformed into as Prolog facts. The policy pattern may be regarded as the Prolog rules, so the facts can be validated by the pattern. That is, the pattern XML representation is transformed into the Prolog rules and they are used by the inference automatically.
The following example transforms the SCDL into the Prolog facts.
The composite 1 in
To apply a transaction pattern to the composite A by top-down application, a user applies roles, and they are transformed into Prolog facts (e.g., txPropagator(compB)). Other required roles are inferred based on the pattern constraints by the predicate:
In case bottom-up application, a user applies patterns, and roles are inferred and assigned from existing intents. Assigned roles are transformed into prolog facts (e.g., txNonPropagagtor(compC)). Other required roles are inferred based on the pattern constraints specified in atomicTransaction(X, Y). The second and third steps may be the same as the top-down application.
Support for Recursive Composite
SCA elements are connected by wire, so they can be transformed into the Prolog facts. Here we have three types of wires, which are defined in the SCA specification:
The promotionWire(X, Y) is a wire to connect a composite and an inner component. The connectionWire(X, Y) connects components in the composite. Additionally, we introduced the projectionWire(X, Y) which connects a higher component and a lower composite in a recursive case. We assume that these wires are equal in the composite. So by using projectionWire, we can transform the recursive composite into prolog facts or like as same as a flat composite. The policy pattern application and validation mechanism can be also applied to the recursive composite.
Various aspects of the present disclosure may be embodied as a program, software, or computer instructions embodied in a computer or machine usable or readable medium, which causes the computer or machine to perform the steps of the method when executed on the computer, processor, and/or machine.
The system and method of the present disclosure may be implemented and run on a general-purpose computer or special-purpose computer system. The computer system may be any type of known or will be known systems and may typically include a processor, memory device, a storage device, input/output devices, internal buses, and/or a communications interface for communicating with other computer systems in conjunction with communication hardware and software, etc.
The terms “computer system” and “computer network” as may be used in the present application may include a variety of combinations of fixed and/or portable computer hardware, software, peripherals, and storage devices. The computer system may include a plurality of individual components that are networked or otherwise linked to perform collaboratively, or may include one or more stand-alone components. The hardware and software components of the computer system of the present application may include and may be included within fixed and portable devices such as desktop, laptop, server. A module may be a component of a device, software, program, or system that implements some “functionality”, which can be embodied as software, hardware, firmware, electronic circuitry, or etc.
The embodiments described above are illustrative examples and it should not be construed that the present invention is limited to these particular embodiments. Thus, various changes and modifications may be effected by one skilled in the art without departing from the spirit or scope of the invention as defined in the appended claims.
| Number | Name | Date | Kind |
|---|---|---|---|
| 6721777 | Sharma | Apr 2004 | B1 |
| 7080092 | Upton | Jul 2006 | B2 |
| 20030074217 | Beisiegel et al. | Apr 2003 | A1 |
| 20030200357 | Yanosy | Oct 2003 | A1 |
| 20040049509 | Keller et al. | Mar 2004 | A1 |
| 20040177335 | Beisiegel et al. | Sep 2004 | A1 |
| 20050033796 | Gilbert et al. | Feb 2005 | A1 |
| 20050160434 | Tan et al. | Jul 2005 | A1 |
| 20050198050 | Bivens et al. | Sep 2005 | A1 |
| 20050240422 | Doyle et al. | Oct 2005 | A1 |
| 20060095552 | Dini et al. | May 2006 | A1 |
| 20060130038 | Claussen et al. | Jun 2006 | A1 |
| 20060143144 | Speeter et al. | Jun 2006 | A1 |
| 20060224424 | Khusial et al. | Oct 2006 | A1 |
| 20060265719 | Astl et al. | Nov 2006 | A1 |
| 20060288039 | Acevedo-Aviles et al. | Dec 2006 | A1 |
| 20070006278 | Ioan Avram et al. | Jan 2007 | A1 |
| 20070033640 | Herness et al. | Feb 2007 | A1 |
| 20070156618 | Meurs | Jul 2007 | A1 |
| 20070192706 | Bruce et al. | Aug 2007 | A1 |
| 20070255769 | Agrawal et al. | Nov 2007 | A1 |
| 20080046582 | Beisiegel et al. | Feb 2008 | A1 |
| 20080052503 | Beisiegel et al. | Feb 2008 | A1 |
| 20080059633 | Hu | Mar 2008 | A1 |
| 20080091679 | Herness et al. | Apr 2008 | A1 |
| 20080301641 | Bojjireddy et al. | Dec 2008 | A1 |
| 20080312986 | Braun et al. | Dec 2008 | A1 |
| 20090077615 | Chung et al. | Mar 2009 | A1 |
| 20100318966 | Oh et al. | Dec 2010 | A1 |
| Number | Date | Country | |
|---|---|---|---|
| 20100004968 A1 | Jan 2010 | US |
