1 / 16

Policy Management of Enterprise Systems: A Requirements Study

Policy Management of Enterprise Systems: A Requirements Study. Pranam Kolari. Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut. 2006 IEEE Workshop on Policies for Distributed Systems and Networks 7 June 2006. http://ebiquity.umbc.edu/paper/html/id/279/.

manon
Download Presentation

Policy Management of Enterprise Systems: A Requirements Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Policy Management of Enterprise Systems: A Requirements Study Pranam Kolari Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut 2006 IEEE Workshop on Policies for Distributed Systems and Networks 7 June 2006 http://ebiquity.umbc.edu/paper/html/id/279/

  2. State of the Art, Motivation • Policy 2005 • Security, Trust, Privacy, Policy-based Management • Network management, Pervasive Computing, Multi-agent coordination • Policy 2006 • Similar themes this year • Scope of policy management • Panel on Singleton Policies

  3. The Problem • Policy Management of an Enterprise Web Application • Identify Policy Decision/Influence Points • Domain specific requirement characteristics • Applicability of existing research/tools • An application case-study • Elicit requirements from users • GOAL: Abstract out policy management requirements for a new class of applications

  4. CASSIS • Used by IBM Centers for Advanced Studies (CAS), a university facing department • Artifact, The Project Proposal • Actors and their Roles • CAS Research Staff Members (CRSM) initiate proposal from Professors • Professors/Researchers submit proposal/s • CRSM assigns Reviewers and Evaluators to proposal • CAS Head approves proposal • CRSM and CAS Head monitor project • Workflow - Actors interact with the Artifact

  5. Management Requirements • Tuning and adaptability • Address rotational management • Accountability • To Proposal submitters • To higher level management • Comply to organizational and regional statutory requirements • Along two axes • Privacy • Business

  6. CASSIS Privacy Policies (1) (i) Java Server Page (JSP) templates common to all roles (ii) Field specific decisions hidden in implementation

  7. CASSIS Privacy Policies (2) • Role Based Access Control • E.g. Evaluators have access to all reviews, but not to other evaluations • Adaptability • Policy Management Autonomic Computing (PMAC) toolkit • Autonomic Computing Policy Language (ACPL) • Rules hidden in “java” code were now made explicit • Accountability • To users, translation to P3P vocabulary • To the enterprise, organization specific vocabulary

  8. CASSIS Business Policies (1) • Directly influences actions in current state • E.g. CAS RSM – When choosing reviewers, reviewer location and their IBM department are important • Influences future actions incrementally • E.g. CAS Head – Past collaboration with IBM could potentially improve proposal merit

  9. Business Policies (2) • Event triggering for policy guidance • Screens used by the role players to work on the artifact • Conditions based on Knowledge Base (KB) • IBM Intranet, e.g. Employee databases available within IBM, access APIs available (SOA vision), trustworthy • Web KB, e.g. publication databases available on the Web, XML data dumps, not trustworthy • (Intranet+Web) KB , not trustworthy • Result of Policies • Act as guidelines (recommendations) to role-players

  10. Business Policies (3) • Traditional Business Policies • Actions directly executed by machines • Typically ECA, Event Condition Action • Trustworthy underlying knowledge base (KB) • Application area -- resource management • Policies are actionable • How are CASSIS Policies different? • Actions filtered by humans • Policy results influence actions, guidelines • Underlying KB not necessarily trustworthy • Potentially large KB

  11. In the Workflow Context 2 Policy Decision Point 1 Management 4 3 Justification Auditability 4 SPARQL Users WWW Justification/Accountability Knowledge Base

  12. Workflow Context - Example • Policy: CAS Head – Past collaboration with IBM could potentially improve proposal merit • SPARQL on KB used by Policy Rule Policy Rule • SPARQL

  13. Workflow Context - Example PREFIX ibm <http://ibm.com/> PREFIX citeseer <http://citeseer.pst.edu/> PREFIX cas <http://ibm.com/cas> CONSTRUCT { ?x ibm:email ?email . ?y citeseer:coauthor ?x . ?y cas:author <cas:Proposal-1> } WHERE { ?x ibm:email ?email . ?y citeseer:coauthor ?x . ?y cas:author <cas:Proposal-1> } PREFIX ibm <http://ibm.com/> PREFIX citeseer <http://citeseer.pst.edu/> PREFIX cas <http://ibm.com/cas> ASK { “x@ca.ibm.com” ibm:email ?email . ?y citeseer:coauthor ?x . ?y cas:author <cas:Proposal-1> } ASK – Queries as Conditions CONSTRUCT – Query returns graph patterns, used to display to the user during on a policy recommendation and for later auditing

  14. Continuing Work • ECR[J] - Event Condition Recommendation [Justification] • The exact nature of modeling “Recommendation” • Policy Language Overlaying SPARQL • Details of Justification Repository • Elicit explicit policy rules from enterprise management

  15. Conclusions • Enterprise Web Applications amenable to privacy policy enablement • Interoperability across policy vocabularies continues to be a bottleneck • Business Policy Enablement raises interesting future challenges • Underlying Knowledge Base • Policies or Guidance? • Auditing/Accountability • Iterative Refinement of Business Policies

  16. Questions?

More Related