The term “policy” can mean many things. When some people talk about policy, they are referring to governance rules that mandate steps and procedures that must be followed in order to develop, deploy, or modify an application. This is not what is meant by “policy” in SCA.
In SCA, a policy is a statement that controls or constrains some capability that is provided by the infrastructure.
Examples of infrastructure capabilities that can be managed using SCA’s policy framework include the following:
• Confidentiality (encryption)
• Integrity (signing)
• One-way message reliability
• Transaction ...