Component and service-based application infrastructures provide mechanisms for efficiently composing a system from a diverse collection of components and services.
Infrastructure Support for Predictable Policy Enforcement
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
Component and service-based application infrastructures provide mechanisms for efficiently composing a system from a diverse collection of components and services. However, because of the lack of insight into the components and services within the application, integrating changes can be challenging. One class of change that we perceive as being both common and necessary is in the area of policy adherence (i.e., the constraints on a system's behavior that are imposed across the system). Unless the mechanisms that implement the policy are well isolated from the core application logic, any upgrade to the policy can have a ripple effect through the system. For systems that require robust certification, this ripple effect hampers the ability to rapidly deploy changes in policy. In this paper we highlight some patterns for separating policy adherence from application core logic, and discuss how these patterns can be mapped to commercially available infrastructures. By realizing these patterns as common infrastructure extensions, we allow applications to be developed in a manner consistent with the commercial infrastructure, provide the power of policy enforcement mechanisms to the system developers, and separate the policy enforcement logic from core application functionality.