政策与机制分开:这是什么意思? [英] Separate policy from mechanism: What does it mean?

问题描述

我经常听到将策略与机制分离"的口头禅，尤其是在Unix哲学的背景下.这是什么意思，有哪些具体示例?什么时候/为什么/不是一件好事?

I've often heard the mantra of "separating policy from mechanism", especially in the context of the Unix philosopy. What does this mean and what are some concrete examples of it? When/why is/isn't it a good thing?

推荐答案

从本质上讲，这是需求或业务功能与技术实施的分离.机制是技术上的实现.该实施允许并支持企业实施其业务策略的能力.

It is basically the separation of requirements or business function from technical implementation. The mechanism is the technical implementation. The implementation allows and supports the ability for the business to implement its business policy.

示例:可以建立一种安全机制，允许将用户附加到组，并将用户和组附加到允许的操作.该策略指定组中的人员以及允许哪些组和用户执行哪些操作.它可以指定允许谁分配用户和操作.

Example: A security mechanism may be set up allow for users to be attached to groups and for users and groups to be attached to permissible actions. The policy specifies who is in the groups and which groups and users will be allowed to perform which actions. It may specify who is allowed to assign users and actions.

这篇关于政策与机制分开:这是什么意思?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！