E. Lupu and M. Sloman. Conflict Analysis for Management Policies. in Fifth IFIP/IEEE International Symposium on Integrated Network Management IM'97. 1997. San-Diego: Chapman & Hall.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....security of the entire system. In addition, authorization policy engineering is not general policy engineering. In [23] Sloman et al. advocate policy driven management for distributed systems, where policies involve both authorization and obligation. There is a series of research on this track [17, 8, 22]. However, we argue that since obligatory policies are usually hard to distinguish from the workflow of a system, we should not separate them from the software. Therefore, our policy set only contains authorization policies, and the conflict that concerns us is the presence of rules that both ....

....logical language to write authorization policies and solve conflicts. In [14] policy conflicts are solved by including conflict solving rules in the policy set and detecting conflicts at the run time, instead of trying to avoid conflicts beforehand. Policy management research at Imperial College [23, 20, 21, 17] is the most similar work we have found. This research analyzed policies for distributed systems from a birds eye view. They analyzed conflicts based on the domain overlapping theory. These studies have resulted in the development of some policy tools for detecting conflicts before policies are ....

E. Lupu and M. Sloman, "Conflict Analysis for Management Policies," Fifth IFIP/IEEE International Symposium on Integrated Network Management IM'97, San-Diego, May 1997

....VPN policies and access control policies are processed together. The needs of separating high level requirements and low level policies were addressed in [15, 16] Our work applied the concepts to a specific policy service by defining IPSec security requirements at a high level. Some recent work [17,18] analyzed two types of conflicts: one is co existence of both positive and negative policies, which can be detected by checking syntax; the other one is application specific conflicts. In this research, we analyzed IPSec specific conflicts caused by topological interaction etc. 3. Security ....

E.C. Lupu and M. Sloman. "Conflict Analysis for Management Policies". Proc. 5 IFIP/IEEE International Symposium on Integrated Network Management, pp. 430-443, 1997

....next section, and follow it with an introduction to PDL and an example. Next, we describe the architecture of the system in Section 4 and a typical configuration in Section 5. Section 6 describes how we handle failures in Netmon. Work in progress and research issues are described in Sections 7 and 8. Concluding remarks are in Section 9. 2 The SARAS softswitch The SARAS Softswitch is a software switch for IP networks that couples the reliability and features of public telephony with cost effectiveness of IP technology. A key bottleneck faced by service providers today in developing ....

....state information that they may need to locate the other components and establish a communication link with them, and also to perform state recovery by conversing with others when say, one component dies and gets restarted. In the current setup, we use the directory coordinator on top of an Oracle8 database, but in general, we can use it with any storage manager, including a default built in object oriented storage system. 4.1 Message Flows Policy execution takes place in the following three main steps: Event Registration: The first block of a policy file includes a set of declarations ....

[Article contains additional citation context not shown here]

E. C. Lupu and M. Sloman. Conflict analysis for management policies. In R. Stadler A. Lazar, R. Saraco, editor, Proc. 5th IFIP/IEEE International Symposium on Integrated Network Management, pages 430--443, 1997.

.... 1995] The problem of process divergence has been analysed by [Cugola et al. 1995] and [Cugola et al. 1996] Our approach to representing policies is strongly influenced by work on Oikos [Montangero and Semini, 1996] and by interesting work on policy modelling in distributed systems management [Lupu and Sloman, 1997]. Other relevant work includes policy driven event monitoring [Fickas and Feather, 1995] 5 Research Agenda Our immediate research agenda is defined by the preceding discussion. We must make good on our statements of intent. There are, however, some broader issues which remain to be tackled. In ....

Lupu, E. and Sloman, M. (1997). Conflict Analysis for Management Policies. In 5 th IFIP/IEEE International Symposium on Integrated Network Management IM'97. Chapman & Hall Publishers. To appear.

....of conflicts was never addressed. Our approach assumes that the user knows in advance the action constraints. However, if policies are developed by independent entities sometimes it might be difficult to obtain the constraints. Work on detecting statically potential conflicts is reported in [16]. This work might be useful to generate action constraints automatically. Conflict resolution among production rules has been studied in AI and databases. For example, OPS5 [2] uses elaborate criteria depending on the form of the rules and the data to resolve such conflicts. Active database ....

....the result they produce does not necessarily correspond to conflictfree executions of the rules. The paper [7] is a followup paper to [8] and contains numerous complexity results. They all involve, however, languages richer that the subset of PDL used in the present paper. Several recent works [8, 16, 19] have postulated a modal, deontic framework for specifying prohibitions and obligations of agents in a distributed environment. Simple obligations and prohibitions can be captured in our framework. First, notice that an ECA rule can be read as an obligation to execute its action part if the events ....

E. C. Lupu and M. Sloman. Conflict analysis for management policies. In R. Stadler A. Lazar, R. Saraco, editor, Proc. 5th IFIP/IEEE International Symposium on Integrated Network Management, pages 430--443, 1997.

....There is an increased interest in enterprise modelling concerns in various specific domains. Sloman and others at Imperial College, London, have developed a notation and tools for specifying, analysing and enforcing obligation and authorisation policies for managing large scale distributed systems [7 9]. This includes a framework for specification of management roles for distributed systems [10] Although aimed at management, the framework can be used for specifying interactions and relationships between any roles in an enterprise. Their concept of role corresponds to organisational positions. ....

E. Lupu and M. Sloman, "Conflict Analysis for Management Policies," presented at 5th IFIP/IEEE International Symposium on Integrated Network Management, San Diego, CA, USA, 1997.

....Automation, however, requires a machine readable description of diagnostic knowledge and appropriate procedures, where the selection of a procedure is based on the actual system status. This implies a need for a formal policy definition language. Important work in this area includes [22, 3, 18, 14]. This work presents theories on how to define and manage policies and analyze the policies to find conflicts. The work in [8] describes the characteristics of safety policies in some safety critical application areas and points out the areas which need to be tackled in order to provide tools and ....

....for automation. Our policies would be considered to be at a lower level [25] We are interested in higher levels and then automating as much possible the translation into lower levels. We have begun work that formalises and refines polices. This is based on Sloman s work at Imperial College [20, 14] and policy refinement work in [25] 8.3 Domains Much of the work in policies has also defined domains. We have begun to look at what it means to enforce policies across domains. Our first step is examining how to take the violation locator and have a violation locator in different domains and ....

E. Lupu and M. Sloman. Conflict analysis for management policies. In Integrated Network Management V, pages 430--444. Elsevier Science Publishers B.V. (North-Holland), 1997.

....but then allow the user of the application some freedom in expressing their own preferences. Policies can either be represented as a dynamic script to run, or as a set of rules to fire according to tevents or constraints. Other work in the area of applying policy to distributed object management [5, 17, 27], has found it easier to reason and compose policies if the policies are expressed as rules. For the application developer, this may mean designing a policy interpreter, but hopefully, this would be supplied as part of the component set. Component Mobility Process and object mobility has been a ....

E. Lupu and M. Sloman. Conflict analysis for management policies. In Proc. of Vth International Symposium on Integrated Network Management IM'97, San Diego, Ca, May 1997. Chapman and Hall.

....for a role position: i) the access control and obligation policies related to target objects, ii) the interactions between roles which reflect organisational role relationships, and iii) both intra and inter role concurrency constraints. The complete role model is defined in more detail in (Lupu, 1997b) 4.2 Simultaneous role sessions When a user logs into a system, a process acting as an adapter object between the user and the system e.g. login shell is created within the URD. Note that according to Figure 3 this object inherits the access rights associated with all the roles in which the ....

....more specific ones. For this purpose the conflict detection can be performed with precedence relationships optionally disabled. Figure 6 shows positive authorisation (keys) overriding negative authorisation (crossed out keys) For more details on the conflict detection process please refer to (Lupu 1997a) Figure 6 The conflict detection window. Conflicts such as the one shown in Figure 7 may be detected by the tool. The subjects, actions, targets tuple which are common to the policies an which caused the conflict is shown in the 9 upper part and the conflicting policies to which no precedence ....

Lupu, E. and Sloman, M. (1997a). "Conflict Analysis for Management Policies" To appear in: IFIP International Symposium on Integrated Network Management (IM formerly known as ISINM 97), San Diego, Chapman & Hall Publishing, 1997.

No context found.

Lupu, E. C. and M. S. Sloman (1997a). "Conflict Analysis for Management Policies". IFIP International Symposium on Integrated Network Management (IM formerly known under the acronym ISINM), San Diego, Chapman & Hall publishing.

....conflicts such as a role with a duty to perform an action which is forbidden, or to detect violations of constraints expressed as meta policies. We briefly examine the conflicts which can occur between management policies, but further information on conflict detection and resolution is given in [3]. We also specify concurrency 1 We use the term subject to refer to an object representing a user, human manager or an automated agent which can initiate activities within the system Copyright 1997 IEEE. Published in the Proceedings of EDOC 97, October 24 26, 1997 in the Gold Coast, Queensland, ....

....may be members of several domains. Conflicts may then arise between the various policies. We distinguish between modality conflicts which arise from inconsistent modes of the policies, e.g. O and O , and application specific conflicts such as separation of duties or conflicts for resources [12] [3]. It is necessary to specify constraints pertaining to the attributes of policies in order to avoid application specific conflicts. We term these constraints meta policies (policies about permitted policies) They can be expressed as logical predicates applying to sets of policy objects within a ....

[Article contains additional citation context not shown here]

E. C. Lupu and M. S. Sloman, "Conflict Analysis for Management Policies", IFIP/IEEE International Symposium on Integrated Network Management (IM formerly known as ISINM 97), San Diego, Chapman & Hall, 1997.

No context found.

E. Lupu and M. Sloman. Conflict Analysis for Management Policies. in Fifth IFIP/IEEE International Symposium on Integrated Network Management IM'97. 1997. San-Diego: Chapman & Hall.

No context found.

Lupu, E.C. and Sloman M.S., "Conflict Analysis for Management Policies", To appear in: Proceedings of the 5th IFIP/IEEE International Symposium on Integrated Network Management IM'97, San-Diego, May 1997 ftp://dse.doc.ic.ac.uk/dse-papers/management/IM97.ps.Z

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC