Role-Based Access Control Models
Computer
People and Policies: Transforming the Human-Computer Partnership
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Policity: An Experimental Evaluation of Policy-Based Administration in a City Simulation
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
On the Need for Negotiation in Policy-based Interaction with Autonomic Computing Systems
ICAC '05 Proceedings of the Second International Conference on Automatic Computing
Managing policies for dynamic spectrum access
AN'06 Proceedings of the First IFIP TC6 international conference on Autonomic Networking
| Hi-index | 0.02 |
Policy Engineeing is the process of authoring policies, detecting and resolving policy conflicts and revising existing policies to accommodate changing resources, business goals and business processes. In operations of any scale, policy engineeing is a collaborative task undertaken jointly by multiple stakeholders with different concerns across an organization. Moreover, the operation of an organization is increasingly likely to be part of a broade value-chain involving other organizations. Therefore operational policies in one organization must be engineered with some understanding of the interaction of the behavior those policies engender and the desired behavior across the value chain. Furthermore, operations of many organizations are increasingly subject to external regulation which may be enacted as business policies with a necessarily teransparent and traceable impact on operational behavior. It is therefore clear that any form of policy engineering not only involves multiple groups and individuals within a single organization, but also groups in other organizations. This view of policy engineering as a collaborative activity results in complex interdependencies that need to be analyzed and understood whenever making changes to an organization's policy set. In this paper we propose representing policies as signals between authors as a means to performing this analysis and thereby enabling the equired understanding and applying it in a practical way to policy engineering tasks. The approach is based on semiotic theory. We apply this to an existing policy-based application managing dynamic spectrum access, a rich example of multi-stakeholde policy engineering. We outline how a semiotic analysis of policy authoring can assist in designing the semantics and structuring of policies in an organization, and also how it can inform the design of PBM application interfaces. This is performed within a business modeling framework known as the viable system model, which captures ecursive layers of management and thus assists in addressing meta-management policy analysis.