Title :
Management policy service for distributed systems
Author :
Marriott, Damian ; Sloman, Morris
Author_Institution :
Dept. of Comput., Imperial Coll. of Sci., Technol. & Med., London, UK
Abstract :
Interpreting policy in automated managers facilitates the dynamic change of behaviour of a distributed management system by simply changing policies. This paper describes a management policy notation which can be used to define both authorisation policies (what activities a manager is permitted to do) and obligation policies (the activities a manager must perform). Some example policy specifications are given to demonstrate the notation and the concepts involved. A graphical policy editor is described which permits high level abstract policies to be refined into lower level, implementable policies and maintains derivation and dependency relationships between the different policies. A policy service which stores policies is outlined and its integration within a domain service for grouping policies is explained Outlines are given of implementations of automated managers for interpreting obligation policies and of an access control mechanism for enforcing authorisation policies
Keywords :
authorisation; distributed decision making; management; security of data; access control mechanism; authorisation policies; automated managers; distributed management system; distributed systems; domain service; graphical policy editor; grouping policies; high level abstract policies; management policy notation; management policy service; obligation policies; policy specifications; Access control; Authorization; Automatic control; Computerized monitoring; Control systems; Decision making; Distributed computing; Educational institutions; Humans; Temperature control;
Conference_Titel :
Services in Distributed and Networked Environments, 1996., Proceedings of Third International Workshop on
Print_ISBN :
0-8186-7499-7
DOI :
10.1109/SDNE.1996.502441
