Distributing the Development of Policies
Because run-time policies involve several different aspects of operational behavior, there are often several different types of architects or experts involved in their creation. For example,
Security-related policies might be defined and managed by a security architect, who is responsible for ensuring that the policies adhere to corporate security standards.
Performance-monitoring policies might be defined and managed by an administrator or analyst from the Operations organization.
Application-related policies (that is, policies that involve logging or validating the data associated with the service itself) might be defined and managed by an SOA Application Architect.
Because CentraSite combines applicable run-time policies at deployment time, it is possible to distribute the policy-development responsibilities to the appropriate experts in your organization as described above. Each expert defines and manages the policies for his or her area of expertise. Then, at deployment time, CentraSite combines the applicable policies produced by each of these experts into one effective policy for the virtual service.