|
Entitlement
Entitlement is a powerful natural relational quality type, that essentially defines
how “subject” resources can and do influence “object” resources.
Typically defined through access, capability, and behavior specifications (e.g. rules),
influence types vary infinitely, depending on requirements and corresponding resource
abilities.
Abilities
From their specific definitions, types, classes, and associated meta-data, resources
have abilities. A common example could be a taxi driver that also has a PhD in astrophysics,
and plays Jazz trumpet on week-ends. As a human, male, driver, with a scientific PhD
and musical training and experience, this resource has many abilities.
Capabilities
In any given context, the “taxi business”, compound relation between owners/providers
and users/public, for example, the relationship entitlement, according to specific
application requirements (e.g. strategy, policies), and through context-aware rules
that define constraint, condition, requirement, operation, and behavior specifications,
specifies what influence “subject” resources can have over “object” resources, as
well as how this influence can be exercised. As such, entitlement determines resource
capabilities, including their potential behavior. Accordingly, through the taxi driver's
relation with the taxi business, the driver is assigned (e.g. constrained) capabilities
that are a (clear) subset of his abilities, and that determine his potential behavior.
Capabilities typically also include access control constraints.
Behaviors
Subset of capabilities, effective resource behavior is determined by events that trigger
conditions and actions (e.g. execution) defined by entitlement. Entitlement enables
behavior and resource “executability”, which is required, for example, in IT assisted
governance, model execution and instantiation, distributed content sharing security,
granular access control, etc. (See below).
|
