Update 2007-11-20: In November 2007, W3C announced the publication of Web Services Policy 1.5 - Primer and Web Services Policy 1.5 - Guidelines for Policy Assertion Authors as key deliverables supporting the W3C Recommendations Web Services Policy 1.5 - Framework and Web Services Policy 1.5 - Attachment. WS-Policy defines a general policy framework for expressing Web service capabilities and requirements, including a policy data model, processing model (for combining/comparing Web service capabilities), and XML Information Set representation for the policy data model.

Update 2006-03-23: In March 2006, revised versions of Web Services Policy Framework (WS-Policy) and Web Services Policy Attachment (WS-PolicyAttachment) were released.

[September 07, 2004] Updated versions of Web Services Policy Framework (WS-Policy) and Web Services Policy Attachment (WS-PolicyAttachment) have been released, incorporating feedback from recent workshops. The September 2004 public draft releases are "provided for review and evaluation only"; the authors "hope to solicit your contributions and suggestions in the near future."

As specifications in the WS-* Composable Architecture, WS-Policy and WS-PolicyAttachment are building blocks "used in conjunction with other Web service and application-specific protocols to accommodate a wide variety of Policy exchange models."

The updated versions of WS-Policy and WS-PolicyAttachment are said to "refine the semantics for how to compare two policies to determine a base level of compatibility and expand on how policy is associated with Web services."

Both WS-Policy and WS-PolicyAttachment are reckoned among the WS-* Metadata Specifications, according to Microsoft's classification scheme, along with WSDL, UDDI, WS-PolicyAssertions, WS-SecurityPolicy, WS-Discovery, and WS-MetadataExchange.

Sonic Software and VeriSign are now listed as joint authors on the two specifications, together with BEA, IBM, Microsoft, SAP AG.

The goal of WS-Policy is "to provide the mechanisms needed to enable Web services applications to specify policy information. Specifically, WS-Policy defines: (1) An XML Infoset called a policy expression that contains domain-specific, Web Service policy information; (2) A core set of constructs to indicate how choices and/or combinations of domain-specific policy assertions apply in a Web services environment. WS-Policy is designed to work with the general Web services framework, including WSDL service descriptions (Web Services Description Language Version 1.1) and UDDI service registrations, including UDDI Version 2.04 API, UDDI Version 2.03 Data Structure Reference, and UDDI Version 3.0.

Where WS-Policy defines an abstract model and an XML-based expression grammar for policies, the Web Services Policy Attachment (WS-PolicyAttachment) defines "two general-purpose mechanisms for associating such policies with the subjects to which they apply. WS-PolicyAttachment also defines how these general-purpose mechanisms may be used to associate WS-Policy with WSDL and UDDI descriptions. Specifically it defines how to reference policies from WSDL definitions, how to associate policies with deployed Web service endpoints, and how to associate policies with UDDI entities."

Bibliographic Information

• Web Services Policy Framework (WS-Policy). September 2004. 22 pages. Copyright (c) 2001-2004 BEA Systems Inc., International Business Machines Corporation, Microsoft Corporation, Inc., SAP AG, Sonic Software, and VeriSign, Inc. Authors: Siddharth Bajaj (VeriSign), Don Box (Microsoft), Dave Chappell (Sonic Software), Francisco Curbera (IBM), Glen Daniels (Sonic Software), Phillip Hallam-Baker (VeriSign), Maryann Hondo (IBM), Chris Kaler (Microsoft), Dave Langworthy (Microsoft), Ashok Malhotra (Microsoft), Anthony Nadalin (IBM), Nataraj Nagaratnam (IBM), Mark Nottingham (BEA), Hemma Prafullchandra (VeriSign), Claus von Riegen (SAP), Jeffrey Schlimmer (Editor, Microsoft), Chris Sharp (IBM), and John Shewchuk (Microsoft).

  Status: "This WS-Policy Specification is a public draft release and is provided for review and evaluation only. The Authors hope to solicit your contributions and suggestions in the near future. The Authors make no warrantees or representations regarding the specifications in any manner whatsoever."

  Acknowledgements: The authors thank the following people for their contributions towards this specification: Dimitar Angelov (SAP), Martijn de Boer (SAP), Erik Christensen (Microsoft), Giovanni Della-Libera (Microsoft), Yigal Hoffner (IBM), Brian Hulse (IBM), Andrew Jones (IBM), Todd Karakashian (BEA), Scott Konersmann (Microsoft), Frank Leymann (IBM), Steve Lucco (Microsoft), Al Lee (Microsoft), David Levin (Microsoft), Hiroshi Maruyama (IBM), Steve Millet (Microsoft), Vick Mukherjee (Microsoft), Henrik Frystyk Nielsen (Microsoft), Paul Nolan (IBM), Keith Stobie (Microsoft), Tony Storey (IBM), Sanjiva Weerawarana (IBM), Volker Wiechers (SAP).

• Web Services Policy Attachment (WS-PolicyAttachment). September 2004. 27 pages. Copyright (c) 2001-2004 BEA Systems Inc., International Business Machines Corporation, Microsoft Corporation, Inc., SAP AG, Sonic Software, and VeriSign, Inc. Authors: Siddharth Bajaj (VeriSign), Don Box (Microsoft), Dave Chappell (Sonic Software), Francisco Curbera (IBM), Glen Daniels (Sonic Software), Phillip Hallam-Baker (VeriSign), Maryann Hondo (IBM), Chris Kaler (Microsoft), Ashok Malhotra (Microsoft), Hiroshi Maruyama (IBM), Anthony Nadalin (IBM), Mark Nottingham (BEA Systems), David Orchard (BEA Systems), Hemma Prafullchandra (VeriSign), Claus von Riegen (SAP), Jeffrey Schlimmer (Microsoft), Chris Sharp (editor, IBM) and John Shewchuk (Microsoft).

  Acknowledgements: The authors thank the following people for their contributions towards this specification: Dimitar Angelov (SAP), Martijn de Boer (SAP), Erik Christensen (Microsoft), Giovanni Della-Libera (Microsoft), Christopher Ferris (IBM), Martin Gudgin (Microsoft), Andrew Hately (IBM), Yigal Hoffner (IBM), Brian Hulse (IBM), Andrew Jones (IBM), Todd Karakashian (BEA Systems), Scott Konersmann (Microsoft), Al Lee (Microsoft), David Levin (Microsoft), Frank Leymann (IBM), Steve Lucco (Microsoft), Steve Millet (Microsoft), Nataraj Nagaratnam (IBM), Henrik Frystyk Nielsen (Microsoft), Paul Nolan (IBM), Keith Stobie (Microsoft), Tony Storey (IBM), Sanjiva Weerawarana (IBM), Volker Wiechers (SAP).

WS-Policy Overview

Supplied from the IBM reference page:

"The Web Services Policy Framework (WS-Policy) provides a general purpose model and corresponding syntax to describe and communicate the policies of a Web service. WS-Policy defines a base set of constructs that can be used and extended by other Web services specifications to describe a broad range of service requirements, preferences, and capabilities.

WS-Policy provides a flexible and extensible grammar for expressing the capabilities, requirements, and general characteristics of entities in an XML Web services-based system. WS-Policy defines a framework and a model for the expression of these properties as policies. Policy expressions allow for both simple declarative assertions as well as more sophisticated conditional assertions.

WS-Policy defines a policy to be a collection of one or more policy assertions. Some assertions specify traditional requirements and capabilities that will ultimately manifest on the wire (for example, authentication scheme, transport protocol selection). Some assertions specify requirements and capabilities that have no wire manifestation yet are critical to proper service selection and usage (for example, privacy policy, QoS characteristics). WS-Policy provides a single policy grammar to allow both kinds of assertions to be reasoned about in a consistent manner.

WS-Policy stops short of specifying how policies are discovered or attached to a Web service. Other specifications are free to define technology-specific mechanisms for associating policy with various entities and resources. Subsequent specifications will provide profiles on WS-Policy usage within other common Web services technologies..."