Commit 0bb1a3f5 authored by Rieks Joosten's avatar Rieks Joosten Committed by fmerg
Browse files

ongoing work. Includes new file `pattern-list.md` as per issue #21

parent c67e69a7
......@@ -20,13 +20,13 @@ This glossary lists the basic concepts that are needed by the various stakeholde
* eSSIF-Lab
### Terms
<!--Specify the term-files that are to serve as a source for this glossary. If a term is defined in a scope as well as in a %%term-file%%, the latter takes precedence.-->
<!--Specify the term-files that are to serve as a source for this glossary. If a term is defined in a scope as well as in a %%term-file|term-file%%, the latter takes precedence.-->
### Patterns
<!--Specify the pattern-files that are to serve as a source for this glossary. If a term is defined in a scope or as a term as well as in a %%pattern-file%%, the latter takes precedence.-->
<!--Specify the pattern-files that are to serve as a source for this glossary. If a term is defined in a scope or as a term as well as in a %%pattern-file|pattern-file%%, the latter takes precedence.-->
### Concepts
<!--Specify the concept-files that are to serve as a source for this glossary. If a term is defined in a scope, or as a term, or in a pattern as well as in a %%concept-file%%, the latter takes precedence.-->
<!--Specify the concept-files that are to serve as a source for this glossary. If a term is defined in a scope, or as a term, or in a pattern as well as in a %%concept-file|concept-file%%, the latter takes precedence.-->
<!--
---
......
---
id: glossary
title: "Glossary (Concept)"
title: "Glossary"
scopeid: essifLabTerminology
type: concept
typeid: glossary
......
---
id: semantics
title: "Concept: Concept (Scope: essifLabTerminology)"
title: "Concept"
scopeid: essifLabTerminology
type: concept
typeid: semantics
......
......@@ -21,13 +21,13 @@ This glossary lists the basic concepts that are needed by the various stakeholde
* eSSIF-Lab
### Terms
<!--Specify the %%term-files|term-file%% that are to serve as a source for this glossary. If a term is defined in a scope as well as in a %%term-file%%, the latter takes precedence.-->
<!--Specify the %%term-files|term-file%% that are to serve as a source for this glossary. If a term is defined in a scope as well as in a %%term-file|term-file%%, the latter takes precedence.-->
### Patterns
<!--Specify the %%pattern-files|pattern-file%% that are to serve as a source for this glossary. If a term is defined in a scope or as a term as well as in a %%pattern-file%%, the latter takes precedence.-->
<!--Specify the %%pattern-files|pattern-file%% that are to serve as a source for this glossary. If a term is defined in a scope or as a term as well as in a %%pattern-file|pattern-file%%, the latter takes precedence.-->
### Concepts
<!--Specify the %%concept-files|concept-file%% that are to serve as a source for this glossary. If a term is defined in a scope, or as a term, or in a pattern as well as in a %%concept-file%%, the latter takes precedence.-->
<!--Specify the %%concept-files|concept-file%% that are to serve as a source for this glossary. If a term is defined in a scope, or as a term, or in a pattern as well as in a %%concept-file|concept-file%%, the latter takes precedence.-->
<!--
---
......
---
id: pattern-jurisdiction
title: "Pattern: Jurisdictions (Scope: eSSIF-Lab)"
title: "Pattern: Jurisdictions"
scopeid: essifLab
type: pattern
typeid: jurisdictions
......
---
id: pattern-party-actor-action
title: "Pattern: Party-Action (Scope: eSSIF-Lab)"
title: "Pattern: Party-Action"
scopeid: essifLab
type: pattern
typeid: party-action
......
......@@ -18,37 +18,37 @@ In order to contribute, you first need to understand the [ideas/concepts behind
## Scope-files
:::info editors note
:::info Editors Note
Content may be provided by TNO.
:::
## Concept-files
:::info editors note
:::info Editors Note
Content may be provided by TNO.
:::
## Term-files
:::info editors note
:::info Editors Note
Content may be provided by TNO.
:::
## Pattern-files
:::info editors note
:::info Editors Note
Content may be provided by TNO.
:::
## Glossary-files
:::info editors note
:::info Editors Note
Content may be provided by TNO.
:::
## Dictionary-files
:::info editors note
:::info Editors Note
Content may be provided by TNO.
:::
......
---
id: essifLab-pattern-list
title: "eSSIF-Lab List of Patterns"
---
:::note Editor's note
TNO to write the introduction paragraph
:::
......@@ -7,7 +7,6 @@ typeid: conceptID
stage: draft
hoverText: "popuptext for 'conceptID' (tbd)"
---
<!--A concept tries to capture the idea behind a classification of entities, allowing us to reason about everything in the class as if it were one thing. This file specifies the idea(s) that, within the scope of `<existing-scopeID>` will be referred to using `<New Term>`.
Please fill in the placeholders in this file as follows:
- `<existing-scopeID>`: machine readable text that identifies the scope in which this term is defined;
......
......@@ -27,7 +27,7 @@ Entity that comprises at a minimum:
## Examples
<!--Provide a few sentences in which you give examples that obviously qualify as instances of `Concept`, and that do NOT obviously qualify. Also, provide examples that are not (so) obvious, but help users to better understand its intension.-->
- The definition of the term %%definition|definition%% (a) is defined in, and hence valid in the scope `eSSIFLab`, (b) specifies a criterion (see the `Criteria` section above), and (c) is relevant (see the `Purpose` section above), and (d) has a name (i.e. `definition`) associated with it. Since it satisfies the criteria of `definition`, it can be referred to as 'the definition of `definition`'.
- The %%concepts|concept%% defined within the scope eSSIFLab have definitions associated with them, where the criteria, relevance and terms are defined in the %%concept-file%% of that concept.
- The %%concepts|concept%% defined within the scope eSSIFLab have definitions associated with them, where the criteria, relevance and terms are defined in the %%concept-file|concept-file%% of that concept.
## Related Concepts
<!--Link to any %%concepts|concept%% that are similar but distinct, with a note about the relationship.-->
......
......@@ -18,7 +18,7 @@ This term enables us to refer to anything, or to postulate the existence of some
Something, anything, that some %%party|party%% knows to exist
## Related Concepts:
- a %%legal entity|legal-entity%% is an entity that is known by (i.e. registered in the %%knowledge|knowledge%% of) a %%party|party%% that operates the %%legal-system|legal-system%% of a %%jurisdiction%%. (Details are in the %%jurisdiction pattern|pattern-jurisdiction%%)
- a %%legal entity|legal-entity%% is an entity that is known by (i.e. registered in the %%knowledge|knowledge%% of) a %%party|party%% that operates the %%legal-system|legal-system%% of a %%jurisdiction|jurisdiction%%. (Details are in the %%jurisdiction pattern|pattern-jurisdiction%%)
## Background:
The %%terminology pattern|pattern-terminology%% provides an overview of how this concept fits in with related concepts.
---
id: glossary
title: "Glossary (Concept)"
title: "Glossary"
scopeid: essifLabTerminology
type: concept
typeid: glossary
......
......@@ -25,7 +25,7 @@ to be elaborated
<!--Mention and link to the patterns in which this concept plays a (significant) role (possibly explaining the reason/purpose if appropriate), e.g.: -->
The concept we know as 'party' serves a central role, and therefore occurs in various patterns, suc as:
- The %%party-actor-action|pattern-party-actor-action%% provides an overview of how this concept fits in with related concepts.
- the %%jurisdiction pattern|pattern-jurisdiction%%, which shows that a party can operate the %%legal-system%% of a %%jurisdiction%%, enforcing the rules in some scopes to the %%(legal) entities|legal-entity%% that it knows to exist and to which these rules apply.
- the %%jurisdiction pattern|pattern-jurisdiction%%, which shows that a party can operate the %%legal-system|legal-system%% of a %%jurisdiction|jurisdiction%%, enforcing the rules in some scopes to the %%(legal) entities|legal-entity%% that it knows to exist and to which these rules apply.
---
[^1]: Reasoning means: inferring conclusions from data, regardless of the kind of logic that is being used, or whether the reasoning is coherent, or consistent.
......
---
id: pattern-jurisdiction
title: "Pattern: Jurisdiction (Scope: eSSIF-Lab)"
title: "Pattern: Jurisdiction"
scopeid: essifLab
type: pattern
typeid: jurisdiction
......@@ -36,6 +36,6 @@ Here is a visual representation of this pattern, using the following [notations
<img
alt="Conceptual model of the 'Jurisdiction' pattern"
src={useBaseUrl('images/patterns/pattern-jurisdiction.png')}
/>;
/>
The figure shows that a %%jurisdiction|jurisdiction%% comprises a single %%scope|scope%%, a (single) %%legal system|legal-system%% system and a %%party|party%% that operates this Legal System within the Scope (which it controls). The Legal System applies to %%Entities|entity%% that are known in the jurisdiction (e.g. registered with the party as per the rules of the legal system, leading to their being registered/represented in the %%knowledge|knowledge%% of that party). These are what, specifically for %%legal jurisdictions|legal-jurisdiction%% are called %%legal entities|legal-entity%%.
\ No newline at end of file
---
id: pattern-mandates-delegation-hiring
title: "Pattern: Mandates, Delegation and Hiring"
scopeid: essifLab
type: pattern
typeid: mandates-delegation-hiring
stage: draft
hoverText: "This pattern (which remains to be documented) captures the ideas behind mandating, delegating, hiring and their relations. This is a work-in-progress"
---
import useBaseUrl from '@docusaurus/useBaseUrl';
:::info Editors Note
TNO is expected to produce the first draft of this document
:::
---
id: pattern-party-actor-action
title: "Pattern: Party-Action (Scope: eSSIF-Lab)"
title: "Pattern: Party-Actor-Action"
scopeid: essifLab
type: pattern
typeid: party-action
typeid: party-actor-action
stage: draft
hoverText: "This pattern captures the foundational concepts and relations that we need for thinking about how things get done. It answers questions such as: 'Who/what does things?', 'How are their actions being guided/controlled?', 'Who controls whom/what?', 'Who/what may be held accountable?'"
---
......@@ -15,37 +15,32 @@ This pattern captures the foundational concepts and relations that we need for t
## Purpose
<!--Concisely describe what can you do with the pattern that is (at least) harder if you didn't have it.-->
In order for people or organizations to decide what to do (themselves), what to ask others to do (for which these others generally require some form of compensation, how to know that the associated risks are worth taking, this pattern provides a simple mental model that provides the basis for thinking/reasoning about such questions.
In order for people or organizations to decide what to do (themselves), what to ask others to do (for which these others generally require some form of compensation, how to know that the associated risks are worth taking, this pattern provides a simple mental model that provides the basis for thinking/reasoning about such questions.
## Introduction
<!--Gently introduce the pattern, by referring to real-world situations and using colloquial terms, so that when someone has read the text, (s)he knows what it is about, and is ready to delve into the specifics of the pattern-->
One may readily observe that in some way, people (humans) and %%organizations|organization%% are similar. This is indicated e.g. by the notion of 'personality' that many %%legal jurisdictions%% assign to (specific kinds of) organizations. It allows rights and duties to be assigned to people and organizations alike. It also means that people and organizations can be held accountable, and be subjected to prosecution.
One may readily observe that in some way, people (humans) and %%organizations|organization%% are similar. This is indicated e.g. by the notion of 'personality' that many %%legal jurisdictions|legal-jurisdiction%% assign to (specific kinds of) organizations. It allows rights and duties to be assigned to people and organizations alike. It also means that people and organizations can be held accountable, and be subjected to prosecution.
One may also readily observe that in other ways, people and organizations differ. For example, people eat and drink, whereas organizations do not. People can sit behind a computer keyboard, type texts, hit the `Enter` button, e.g. to send an email. Organizations cannot do that. In short: people can act (do things), whereas organizations cannot.
The main characteristic that people and organizations share, is everyone of them maintains (a body of) %%knowledge|knowledge%%. They acquire knowledge by observing the world around them, processing such observations, storing all that (using specific (tangible) representations of these (intangible) things, and sharing/disseminating it with others (here again, (tangible) representations must be used). We introduce the term %%party|party%% to refer to %%entities|entity%% that share this characteristic of maintaining (a body of) knowledge. Both people and organizations qualify as such.
Our language allows us to say things that are untrue if taken literally, yet can become true when interpreted figuratively - but in a specific sense. If ACME is an organization and someone says: "I just received an email from ACME", this cannot be literally true as organizations cannot send emails. It is either a person or a computer system that has actually sent it. There is a broad consensus that the appropriate (figurative) way to interpret the sentence is to assume that there is a person or something else that can send mails, that has sent it while 'working for ACME'.
One may also readily observe that in other ways, people and organizations differ. For example, people eat and drink, whereas organizations do not. People can sit behind a computer keyboard, type texts, hit the `Enter` button, e.g. to send an email. Organizations cannot do that. In short: people can act (do things), whereas organizations cannot. The characteristic that sets people and organizations apart is the ability to act.
We will use the term %%actor|actor%% to refer to %%entities|entity%% that are capable of acting (doing things). People will qualify, whereas organizations do not.
Notwithstanding that organizations cannot act, it is quite common to hear statements that seem to imply that they can. If ACME is an organization and someone says: "I just received mail from ACME", this cannot be literally true as organizations cannot send messages. It is either a person or a computer system that has actually sent it. Statements such as these must therefor be interpreted in a figurative way, as a 'shorthand' for 'I just received mail that was sent by some %%actor|actor%% that was `working for` ACME', where `working for` may have various meanings:
This pattern models that %%Parties|party%% (humans, organizations) perform %%Actions|action%% for the purpose of realizing their %%Objectives|objective%%. %%Parties|party%% are not considered to actually execute such %%Actions|action%%; they have (human and non-human) %%Actors|actor%% that work for them, execute such %%Actions|action%%, using the %%Party|party%%’s %%Knowledge|knowledge%% as the (authoritative) guidance for executing the %%Actions|action%% (as well as any other relevant %%Knowledge|knowledge%% they can access).
<img
alt="Conceptual model of the 'Party-Actor-Action' pattern"
src={useBaseUrl('images/patterns/pattern-party-actor-action.png')}
/>;
1. ACME may be the %%owner|owner% of that actor. This would be the case if the mail was sent by one of ACME's running business applications.
2. ACME may employ, or otherwise hire that actor. This would be the case if one of its employees sent the mail, or a business application that is owned by another party sent the mail on behalf of ACME. How this works is the subject of the pattern %%Mandates, Delegation and Hiring|pattern-mandates-delegation-hiring%%.
Note that owning, employing (or hiring) an actor is a condition that usually exists for a considerable time, at least in the order of days (weeks, months). However, some actors (e.g. humans) are capable of multi-tasking, i.e. they can do several actions (pretty much) simultaneously. For example, a person that is working for some organization may make a personal phone call, or send a personal email during working hours. This shows that the 'working for` (some party) condition can mean two things: either it is the status/condition
- that allows/enables the actor to act on behalf of some party. We refer to that as `working for`, e.g. `actor A works for party P`.
- the status/condition that an actor is executing a specific %%action|action%% on behalf of that party at some given point in time. We refer to that condition as `is acting on behalf of` or `is executing an action on behalf of`. We expect that whenever an actor is acting on behalf of some party, it must also work for that party.
The essential characteristic of %%Parties|party%% is their 1-1 link with %%Knowledge|knowledge%%, which they continually update and use e.g. for reasoning, decision making, and determining e.g. what to do, when, and with whom. %%Knowledge|knowledge%% not only includes (observable) facts, but also opinions, e.g. regarding the %%Entities|entity%% it knows to exist, relations between them, and rules (constraints, [logic](https://en.wikipedia.org/wiki/Logic)[^1]) that can be used to classify and reasoning about them, and for making decisions.
%%Actions|action%% can usually be executed in different ways. For example, sending a mail on behalf of some organization may require that the mail template and logo of that organization be used. Or accepting an order usually requires a check to see the order is 'clean', i.e. can be processed by others in the organization. What a 'clean-order check' comprises is to be determined by the organization.
Perhaps the most important idea in this pattern is that our %%Party|party%% concept is not considered to (be able to) act, and they need %%Actors|actor%% (i.e. %%Entities|entity%% that _can_ act) to act on their behalf and thus make them perform. This does, however, not preclude having %%Entities|entity%% that are both %%Party|party%% and %%Actor|actor%% - e.g. humans - and that such %%Entities|entity%% can act on their ‘own’ behalf. And we can continue to use the commonly used form of speech in which a %%Party|party%% performs some Action by realizing that this means that there is (at least) one %%Actor|actor%% that is actually executing that %%Action|action%%.
So in general, the execution of an action is (primarily) guided by the policies, working instructions etc. (i.e.: the %%knowledge|knowledge%%) of the party on whose behalf that action is executed. The actor can still use other, additional knowledge (of other parties) that it has access to, but the primary guidance that it *must* use originates from the party on whose behalf it executes the action. In the previous example, a person that would send mail on behalf of the organization would use its official paper, format the mail according to the organization's templates, comply with any other applicable requirements, and then use the knowledge of itself (as a person is a party) to provide the content, phrase sentences, etc.
In this pattern, %%Knowledge|knowledge%% takes center stage. %%Knowledge|knowledge%% contains %%Objectives|objective%% to be realized and managed. This not only triggers all sorts of %%Actions|action%% to be performed, but also guides their execution in terms of when an Action should start, when it terminates, which %%Actors|actor%% qualify for executing it, etc. Everything that is specific for a %%Party|party%% is reflected in its %%Knowledge|knowledge%%.
This works well for human beings, which are both a %%Party|party%% and an %%Actor|actor%%. So a human being can act, implying itself as an %%Actor|actor%%, and using its personal %%Knowledge|knowledge%% as guidance. The model also works when a human being (as a %%Party|party%%) may hire someone else (as an %%Actor|actor%%), e.g. to fill in his tax return form. This other is guided by the %%Knowledge|knowledge%% of the human being that hired him, and uses its own %%Knowledge|knowledge%% for the details of filling in the tax form.
It also works well for organizations, which are typically companies, enterprises, governments or parts thereof, i.e. groups of human beings and possibly other %%Actors|actor%% that, as a group, fit the criteria for being a %%Party|party%%. This group of %%Actors|actor%% would typically work to realize the organization’s %%Objectives|objective%%, being guided by the organization’s %%Knowledge|knowledge%% (registrations, policies, etc.). Like human beings, an organization may (have an appropriate %%Actor|actor%%) decide to hire or fire %%Actors|actor%% for longer or shorter periods.
%%Parties|party%% set %%Objectives|objective%% that they seek to achieve, the most basic of which perhaps is its mission, or its ‘raison d'être’, to the realization of which all of its %%Actions|action%% are (ultimately) aimed. Every Objective is owned by a single %%Party|party%% (we do not consider ‘shared objectives’[^2]).
Finally, we note that a party `owns` %%objectives|objective%% that it seeks to fulfill or realize, and these are part of its knowledge. The relevance of this is that a large number of the decisions that parties make have to do with their managing their %%risks|risk%% (which [ISO 27000](https://www.iso.org/obp/ui#iso:std:iso-iec:27000:ed-4:v1:en)) defines as 'effect of uncertainty on objectives'), each of which is related to one or more of its objectives.
## Formalized model
Here is a visual representation of this pattern, using the following [notations and conventions](/docs/notations-and-conventions#pattern-diagram-notations):
......@@ -53,9 +48,11 @@ Here is a visual representation of this pattern, using the following [notations
<img
alt="Conceptual model of the 'Party-Actor-Action' pattern"
src={useBaseUrl('images/patterns/pattern-party-actor-action.png')}
/>;
/>
It shows that %%Parties|party%% (humans, organizations) perform %%Actions|action%% for the purpose of realizing their %%Objectives|objective%%. %%Parties|party%% are not considered to actually execute such %%Actions|action%%; they have (human and non-human) %%Actors|actor%% that work for them, execute such %%Actions|action%%, using the %%Party|party%%’s %%Knowledge|knowledge%% as the (authoritative) guidance for executing the %%Actions|action%% (as well as any other relevant %%Knowledge|knowledge%% they can access).
The essential characteristic of %%Parties|party%% is their 1-1 link with %%Knowledge|knowledge%%, which they continually update and use e.g. for reasoning, decision making, and determining e.g. what to do, when, and with whom. %%Knowledge|knowledge%% not only includes (observable) facts, but also opinions, e.g. regarding the %%Entities|entity%% it knows to exist, relations between them, and rules (constraints, [logic](https://en.wikipedia.org/wiki/Logic)[^1]) that can be used to classify and reasoning about them, and for making decisions.
The essential characteristic of %%Parties|party%% is their 1-1 link with %%Knowledge|knowledge%%, which they continually update and use e.g. for reasoning, decision making, and determining e.g. what to do, when, and with whom. %%Knowledge|knowledge%% not only includes (observable) facts, but also opinions, e.g. regarding the %%Entities|entity%% it knows to exist, relations between them, and rules (constraints, [logic](https://en.wikipedia.org/wiki/Logic)[^1]) that can be used to classify and reasoning about them, and for making decisions.
Perhaps the most important idea in this pattern is that our %%Party|party%% concept is not considered to (be able to) act, and they need %%Actors|actor%% (i.e. %%Entities|entity%% that _can_ act) to act on their behalf and thus make them perform. This does, however, not preclude having %%Entities|entity%% that are both %%Party|party%% and %%Actor|actor%% - e.g. humans - and that such %%Entities|entity%% can act on their ‘own’ behalf. And we can continue to use the commonly used form of speech in which a %%Party|party%% performs some Action by realizing that this means that there is (at least) one %%Actor|actor%% that is actually executing that %%Action|action%%.
......
---
id: risk
title: "Risk"
scopeid: essifLab
type: concept
typeid: risk
stage: draft
hoverText: "the deviation of the expected realization (e.g. results) of an objective of a party"
---
:::info Editors Note
TNO is expected to produce the first draft of this document
:::
## Short Description
## Purpose
## Criterion:
## References
[1]: NRM, [ISO 27000:2016](https://www.iso.org/obp/ui#iso:std:iso-iec:27000:ed-4:v1:en)
\ No newline at end of file
---
id: scope
title: "Scope (as a concept)"
title: "Scope"
scopeid: eSSIFLab
type: concept
typeid: scope
......
---
id: semantics
title: "Concept: Concept (Scope: essifLabTerminology)"
title: "Concept"
scopeid: essifLabTerminology
type: concept
typeid: semantics
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment