The policy continuum-Policy authoring and conflict analysis
Computer Communications
A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Refinement checking for privacy policies
Science of Computer Programming
Network-level access control policy analysis and transformation
IEEE/ACM Transactions on Networking (TON)
Recognition of authority in virtual organisations
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Designing flexible access control models for the cloud
Proceedings of the 6th International Conference on Security of Information and Networks
Hi-index | 0.07 |
Distributed system management, involves monitoring the activity of a system, making management decisions and performing control actions to modify the behavior of the system. Most of the research on management has concentrated on management mechanisms related to network management or operating systems. However, in order to automate the management of very large distributed systems, it is necessary to be able to represent and manipulate management policy within the system. These objectives are typically set out in the form of general policies which require detailed interpretation by the system managers. The paper explores the refinement of general high-level policies into a number of more specific policies to form a policy hierarchy in which each policy in the hierarchy represents, to its maker, his plans to meet his objectives and, to its subject, the objectives which he must plan to meet. Management action policies are introduced, and the distinction between imperatival and authority policies is made. The relationship of hierarchies of imperatival policies to responsibility, and to authority policies, is discussed. An outline approach to the provision of automated support for the analysis of policy hierarchies is provided, by means of a more formal definition of policy hierarchy refinement relationships in Prolog