The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The following topics are dealt with: policy-based distributed system and networks; Internet and database policies; access control policies; policy management; policy tools; policy rules; coordination mechanism
The tremendous development of Internet infrastructures as well as communication technologies has led to an increase in network management complexity. Autonomic control is one way to manage complexity. Policy based management systems (PBMS) provide a consistent model for decision making using a set of abstractions (i.e., to manage the system in a manner that is independent from the complexities of...
The continued movement towards converged networks changes the focus to building application services that enable customers to move between different types of service providers based on their needs. Policy management becomes paramount for the rapid deployment and management of these application services. This paper presents the concept of a policy continuum and discusses the importance of modeling...
Ambient networks aim at providing new networking solutions to highly mobile users considering a mix of current and future wireless technologies. In the last years, policy-based approaches have been proposed as an effective way of managing large networks, e.g. the IETF policy framework. In this paper, we present the design and implementation of PBMAN, a Policy-based Management Framework for Ambient...
The ongoing work presented in this paper is aimed at bringing self-configuration capabilities into next generation radio access networks. We present the main concepts and architecture of our prototype. We also introduce briefly a novel strategy for foreseeing the outcome of enforcing policies integrating behaviour discovery techniques and finite state calculus into the conflict detection and resolution...
On demand and autonomic computing will benefit from policy-based management systems which are responsive to new and ambiguous situations and learn from them. In a typical data center, there are thousands of different events reporting system faults, status, and performance information. Their occurrences are unpredictable. In addition, new events and conditions can occur as operating environment changes...
It is possible to impose the will of the user or administrator through the specification of policies. These policies reflect the users or administrators goals; however the context in which these goals operate can vary greatly. This paper builds on our previous work where we demonstrated the creation and use of policies that had trust conditions embedded. The work reported on here exposes these trust...
The current model for the predicates, or "Assertions", used in a WS-Policy instance is for each policy domain to design new schema elements for that domain's Assertions. Their semantics are defined in an associated specification and are domain-specific. This model leads to interoperability and maintenance problems and hinders dynamic service composition. WS-Policy constraints is a domain-independent...
This paper presents a new framework based on a meta-policy linked to a new intrusion detection approach. It deploys a MAC kernel within a distributed system while guaranteeing the consistency of the security policy, preventing any accidental or malicious update of the local policies of each host. Access control decisions are resolved locally in accordance with a meta-policy. At the same time, the...
When consumers build value-added services on top of data resources they do not control, they need to manage their information supply chains to ensure that their data suppliers produce and supply required data as needed. Producers also need to manage their information supply chains to ensure that their data is disseminated and protected appropriately. In this paper, we present a novel model for data...
Laws, regulations, policies and standards are increasing the requirements complexity of software systems that ensure information resources are both available and protected. To motivate discussions as to how current policy models can address this problem, we surveyed several regulations, standards and organizational security policies to identify how elements in these documents affect both personnel...
Policy enabled applications are being increasingly employed to support responsive information technology services. In competitive business environments, such services increase adaptability of both software and the processes they implement through externalized business and security logic. Over the last decade this has driven both industry and academia to contribute to policy research and engineering,...
To ease the burden of implementing and maintaining access-control aspects in a system, a growing trend among developers is to write access-control policies in a specification language such as XACML and integrate the policies with applications through the use of a policy decision point (PDP). To assure that the specified polices reflect the expected ones, recent research has developed policy verification...
Any sharing of information using a distributed platform carries the risk of disconnection because of loss of network access. This is particularly the case when considering mobile communication, either using base stations or by forming ad-hoc networks. Replication of shared data is one way to increase data availability in such an environment, but leads to the problem of inconsistency between copies...
A large scale network simultaneously experiences multiple and varied events that degrade its ability to serve its customers. Network management of large networks that span multiple networks, network technologies, network events (faults, performance, security, other disruptions) is a multidimensional problem. While, policy based network management frameworks have been proposed to help manage the complexity,...
This paper describes an access control model, called BARAC, that is based on balancing risks of information disclosure with benefits of information sharing. The model configuration associates risk and benefit vectors with every read and update transaction. An allowed transactions graph captures allowed transactions and flow paths that can be used to carry out the transactions. The total system is...
This paper proposes using financial loss functions to estimate the impact that IT service level agreements (SLAs) have on business process performance. For that, an organizing framework based on balanced scorecard concepts is first presented to tie those functions to strategic business processes; and then, the impact of service levels on business performance is estimated using quantitative techniques...
Certificate-based delegation (CBD) is a prominent element of distributed access control, providing it with flexibility and scalability. But despite its elegance and effectiveness, CBD has inherent limitations that restrict its applicability. These limitations include, among others: lack of support for non-monotonic policies, such as separation of duties; the inability to support the transfer of privileges,...
A key advantage of autonomic computing systems will be their ability to manage according to business policies. A key challenge to realizing this ability is the problem of automatically translating high-level business policies into low-level system tuning policies, which is the result of the different semantics used at the two levels. Economic models, which are expressed using business level concepts,...
Mobile ad hoc networks (MANETs) are an emerging paradigm in wireless communications that has recently attracted a lot of attention. Their inherent benefits such as unrestrained computing, lack of centralization and ease of deployment at low costs are tightly bound with relevant deficiencies such as limited resources and management difficulty. There is a need for new management approaches to handle...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.