- Home
- Abstracts
- Toacy Oliveira
- Dietrich Birngruber
- Md Abdul Muqsit khan
- Rainer Ruggaber
- Elke Pulvermueller
- Zoltán Porkoláb
- Asmus Pandikow
- Steven Fonseca
- Abdlulrahman Al-Khudair
- Ousmane Sy
- Dan Suciu
- JOSE LUIS HERRERO
- Fernanda Baiao
- Alexandre Sztajnberg
- li yawei
- RAMARAJU MANAVALAN
- stuart marshall
- Widayashanti Sardjono
- yuming zhou
- Guido Roessling
- Guray YILMAZ
- Rajini Kanth Naidu
- Hermes Senger
- Johan Larsson
- Alexander Fronk
- Harald Stöttner
- Gilles Ardourel
- Hung LEDANG
- Attila Ulbert
- Roland Neumann
- Panitiq Netinant
- Michael Haupt
- Ezzeddin HATTAB
- priti bala
- Elzbieta Pustulka-Hunt
- Cyril Ray
- Yann-Gaël Guéhéneuc
- Péter Csontos
- Pierre Crescenzo
- Adeline Capouillez
- Mats Skoglund
- Dipankar Chakrabarti
- Pascal Costanza
- Krzysztof Kaczmarski
- Hardeep Singh
- Johannes Martin
- Arockiam L arockiam
- Raees Khan
- Baumann Bernard
- Serge Kovalev
- Arnulf Braatz
- Jun Pang
- Beum-Seuk Lee
- Sérgio Soares
- Eric Tanter
- Xinyu Dai
- Nicodemos Damianou
- Hans Reiser
- Olivier Nano
- Tracy Lewis
- Fei Cao
- Sergio Luján-Mora
- Francisco Silva
- Manuel Roman
- Brian Shand
- Pedro José ClementeMartín
- Peter Pietzuch
- Charles Suscheck
- Omar Sallabi
- Eli Tilevich
- wei zhao
- KOTRAPPA SIRBI
- Qin Ma
- Hector G. Perez-Gonzalez
- Phung Nguyen
- Ulrich Lang
- jiangixong Pang
- N.Sambasivarao Nandam
- Philippe Chevalley
- waralak vongdoiwang
- Wasif Gilani
- Atul Kumar
- Abdelsalam Shanneb
- Raees Khan
- Han Zhongming
- Mohamed El Wakil
- Amine Med ROUANE-HACENE
- Olabode Samuel Akinsola
- Robert Cloutier
- Yunming WANG
- Hoang Truong
- MIHIR MIHIR
- Romain Rouvoy
- Aine Mitchell
- suresh babu kare
- Mohammed Jaber
- Krishnan Gowthaman
- Greg Turner
- Naouel Moha
- Angela Lozano Rodriguez
- Joining
- Links
- Subscription
- Workshops
Supported by AITO.
These pages are currently maintained by Alex Potanin
Policy Specification and Implementation for Security Management of Distributed Systems
Nicodemos Damianou
( Cypriot )
Huxley Building 180 Queen's Gate London, SW7 2BZ England
tel: 0171 5948239
fax:
ncd@doc.ic.ac.uk
Keywords:
distribution frameworks language concepts language implementation Management Security Policy Policy-based
Abstract:
My research is in the area of Policy-based management of Distributed Systems. An aspect of the management of distributed systems that is particularly sensitive is security management. The applicability of policy-based management to security management is still under a lot of research. I am investigating a way to specify policies for security and management of distributed systems. This takes the form of a policy language used for expressing access control and obligation in a policy-based management framework. In the future I will also look more closely at the design of an architecture for enforcing those policies in a distributed fashion within the System.
Ponder
The policy language is called Ponder (Damianou, Dulay et al. 2000). Ponder is a declarative, object-oriented language for specifying policies for the security and management of distributed systems. Ponder does not assume a particular implementation platform; rather Ponder can map to, and co-exist with, one or more existing underlying platforms. We envisage a variety of ‘back-ends’ will be available. For example, we plan to provide back-ends that generate filters and access control lists for implementing security policy on various security aware platforms, e.g. operating systems such as Windows NT and Linux, distributed programming environments such as CORBA and JAVA, and technologies such as firewalls. Ponder can be used to manage one or more of these platforms simultaneously.
In Ponder, a policy is a rule that can be used to change the behaviour of a system. Separating policies from the managers that interpret them allows the behaviour and strategy of the management system to be changed without re-coding the managers. The management system can then adapt to changing requirements by disabling policies or replacing old policies with new ones without shutting down the system. Ponder supports an extensible range of policy types. The language includes constructs for specifying the following basic policy types: authorisation policies that define permitted actions used to specify access control policies; event-triggered obligation policies that define actions to be performed by manager agents; refrain policies that define actions that subjects must refrain from performing; and delegation policies that define what authorisations can be delegated and to whom. Filtered actions extend authorisations and allow the transformation of input or output parameters to be defined. Constraints specify limitations on the applicability of policies while meta-policies define semantic constraints on permitted policies.
There is a need to group a set of related policy specifications within a syntactic scope with shared declarations in order to simplify the policy specification task for large distributed systems. This is a common concept in many programming environments and is the main motivation behind composite policy types in Ponder. Composite policies in Ponder are: Groups, Roles, Relationships and Management Structures. Policy groups define a scope for related policies to which a common set of constraints can apply. Roles define a group of policies relating to positions within an organisation. Relationships define a group of policies pertaining to the interactions between a set of roles. Management structures define the configuration of roles and relationships in organisational units in terms of the required instances of the roles. For example it would be used to define a management structure (type) for creating branches in a bank or departments in a university. Management structures can include any nested composite-policy.
As an object-oriented language, Ponder supports Types (the corresponding of classes in Java), Instances and Inheritance features. Each of the policies briefly described above can be specified as a type. A type definition introduces a new user-defined policy type, from which one or more policy instances of that type can be created. Ponder allows inheritance by specialisation for types; types can extend other types. When a type extends another type, it inherits all the attributes (policy elements) of the base type, and can add new ones.----------------- Damianou, N., N. Dulay, et al. (2000). Ponder: A Language for Specifying Security and Management Policies for Distributed Systems. The Language Specification - Version 1.11. London, Imperial College of Science Technology and Medicine, Department of Computing. Accessible from http://www-dse.doc.ic.ac.uk/policies/ponder.html
The participant will apply for the
upcoming ECOOP PhD Workshop.
HTML3
JAVA
Last modified on Mon Aug 15 14:59:24 2005