Reconciling role based management and role based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Role delegation in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A Model for Static Conflict Analysis of Management Policies
BT Technology Journal
Towards A Role-Based Framework for DistributedSystems Management
Journal of Network and Systems Management
Security Considerations for a Distributed LocationService
Journal of Network and Systems Management
A Policy Based Role Object Model
EDOC '97 Proceedings of the 1st International Conference on Enterprise Distributed Object Computing
Policy Definition Language for Automated Management of Distributed Systems
SMW '96 Proceedings of the 2nd IEEE International Workshop on Systems Management (SMW'96)
Role-based security for distributed object systems
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
| Hi-index | 0.00 |
Interpreting policy in automated managers facilitates the dynamic change of behavior of a distributed management system by simply changing policies. This paper describes a management policy notation which can be used to define both authorization policies (what activities a manager is permitted to do) and obligation policies (the activities a manager must perform). Some example policy specifications are given to demonstrate the notation and the concepts involved. A graphical policy editor is described which permits high level abstract policies to be refined into lower level, implementable policies and maintains derivation and dependency relationships between the different policies. A policy service which stores policies is outlined and its integration within a domain service for grouping policies is explained. Outlines are given of implementations of automated managers for interpreting obligation policies and of an access control mechanism for enforcing authorization policies.