by

DOI: 10.1023/A:1025736009090
Print publication date: 9/1/2003
View article on SpringerLink

by Lymberopoulos, Leonidas; Lupu, Emil; Sloman, Morris

This paper presents a framework for specifying policies for the management of network services. Although policy-based management has been the subject of considerable research, proposed solutions are often restricted to condition-action rules, where conditions are matched against incoming traffic flows. This results in static policy configurations where manual intervention is required to cater for configuration changes and to enable policy deployment. The framework presented in this paper supports automated policy deployment and flexible event triggers to permit dynamic policy configuration. While current research focuses mostly on rules for low-level device configuration, significant challenges remain to be addressed in order to:a) provide policy specification and adaptation across different abstraction layers; and, b) provide tools and services for the engineering of policy-driven systems. In particular, this paper focuses on solutions for dynamic adaptation of policies in response to changes within the managed environment. Policy adaptation includes both dynamically changing policy parameters and reconfiguring the policy objects. Access control for network services is also discussed.

DOI: 10.1023/A:1025719407427
Print publication date: 9/1/2003
View article on SpringerLink

by Lutfiyya, Hanan; Garcia, Francisco; Moffett, Jonathan

DOI: 10.1023/A:1025798425019
Print publication date: 9/1/2003
View article on SpringerLink

by Sacks, Lionel; Prnjat, Ognjen; Liabotis, Ioannis; Olukemi, Temitope; Ching, Adrian; Fisher, Mike; Mckee, Paul; Georgalas, Nektarios; Yoshii, Hideki

We present an implementation of a policy-based management architecture for emerging communications and computing paradigms such as Active Networks and the Grid. To manage such open, highly distributed and decentralized environments, an approach based on policy concepts is adopted, allowing support for active, dynamic adaptability in network elements, services and end-user applications, as well as achieving decentralization and distribution. We present our flexible, extensible policy and event specifications in XML, and describe our management architecture. One key feature of our approach is the distributed infrastructure: the Directory and the Management Information Distribution system. The second feature is the Resource and Security Management elements residing on the multi-node managed systems. These combine to provide a light-weight, self-organizing management architecture. As an applications example, we describe the implementation of our management system applied to the Application Level Active Networking (ALAN) environment, implemented in the European Commission Information Society Technologies (IST) project ANDROID.

DOI: 10.1023/A:1025767323356
Print publication date: 9/1/2003
View article on SpringerLink

by Kohli, Madhur; Lobo, Jorge

The increasing complexity in size and heterogeneity of networks requires the development of network management tools that are less dependent on human intervention. Many tasks in network management consist of the coordination and execution of multiple activities across different network platforms. In the first part of this paper we introduce a language to write Distributed Action Plans (DAPs). A DAP is meant to specify one of these distributed network management tasks. To run these plans we use policy agents. These are agents that can be specified in PDL, an event-driven programming language developed at Bell Labs to perform policy-based network management. The second half of the paper shows how DAPs are translated into PDL and describes the policy agent system that executes these DAPs.

DOI: 10.1023/A:1025715306518
Print publication date: 9/1/2003
View article on SpringerLink

by Kanada, Yasusi; O’Keefe, Brian J.

We developed two rule-based building-block architectures, i.e., pipe-connection and label-connection architectures, for describing complex and structured policies, especially network QoS policies. This study focuses on the latter. The relationships or connections between building blocks are specified by the data flow and control flow between them. The data flow is specified by tags, including virtual flow labels (VFLs), which are data attached to “outside packets.” The control flow can be classified and specified by four control structures: concatenation, parallel application, selection, and repetition. We have designed fine-grained and coarse-grained building blocks and methods for specifying data flow and control flow in differentiated services (Diffserv), and implemented the coarse-grained ones in a policy server. Two cases of building-block use are described, and we concluded that there are five advantages of building-block-based policies, i.e., expressibility, uniform semantics, simplicity, flexibility, and management-task-oriented design. We also developed techniques for transforming building-block policies into executable ones, which are called policy division and fusion.

DOI: 10.1023/A:1025763222448
Print publication date: 9/1/2003
View article on SpringerLink

by Bettini, Claudio; Jajodia, Sushil; Wang, X. Sean; Wijesekera, Duminda

Policies in modern systems and applications play an essential role. We argue that decisions based on policy rules should take into account the possibility for the users to enable specific policy rules, by performing actions at the time when decisions are being rendered, and/or by promising to perform other actions in the future. Decisions should also consider preferences among different sets of actions enabling different rules. We adopt a formalism and mechanism devised for policy rule management in this context, and investigate in detail the notion of obligations, which are those actions users promise to perform in the future upon firing of a specific policy rule. We also investigate how obligations can be monitored and how the policy rules should be affected when obligations are either fulfilled or defaulted.

DOI: 10.1023/A:1025711105609
Print publication date: 9/1/2003
View article on SpringerLink

by Calo, Seraphin; Sloman, Morris

DOI: 10.1023/A:1025728221539
Print publication date: 9/1/2003
View article on SpringerLink