An Approach to Understanding Policy Based on Autonomy and Voluntary Cooperation

Mark Burgess

doi:10.1007/11568285_9

International Workshop on Distributed Systems: Operations and Management

DSOM 2005: Ambient Networks pp 97-108

An Approach to Understanding Policy Based on Autonomy and Voluntary Cooperation

Authors
Authors and affiliations

Mark Burgess

Conference paper

DOI: 10.1007/11568285_9

Part of the Lecture Notes in Computer Science book series (LNCS, volume 3775)

Cite this paper as:: Burgess M. (2005) An Approach to Understanding Policy Based on Autonomy and Voluntary Cooperation. In: Schönwälder J., Serrat J. (eds) Ambient Networks. DSOM 2005. Lecture Notes in Computer Science, vol 3775. Springer, Berlin, Heidelberg

Abstract

Presently, there is no satisfactory model for dealing with political autonomy of agents in policy based management. A theory of atomic policy units called ‘promises’ is therefore discussed. Using promises, a global authority is not required to build conventional management abstractions, but work is needed to bind peers into a traditional authoritative structure. The construction of promises is precise, if tedious, but can be simplified graphically to reason about the distributed effect of autonomous policy. Immediate applications include resolving the problem of policy conflicts in autonomous networks.

Download to read the full conference paper text

References

1.
Sloman, M.S., Moffet, J.: Policy hierarchies for distributed systems management. Journal of Network and System Management 11(9), 1404 (1993)Google Scholar
2.
Lupu, E.C., Sloman, M.: Towards a role based framework for distributed systems management. Journal of Network and Systems Management 5 (1996)
3.
Parrow, J.: An Introduction to the π-Calculus. In: The Handbook of Process Algebra, p. 479. Elsevier, Amsterdam (2001)CrossRefGoogle Scholar
4.
Fu, Z., Wu, S.F.: Automatic generation of ipsec/vpn security policies in an intra-domain environment. In: Proceedings of the 12th internation workshop on Distributed System Operation and Management (IFIP/IEEE), p. 279. INRIA Press (2001)
5.
Sailer, R., Acharya, A., Beigi, M., Jennings, R., Verma, D.: Ipsecvalidate - a tool to validate ipsec configurations. In: Proceedings of the Fifteenth Systems Administration Conference (LISA XV) (USENIX Association: Berkeley, CA), p. 19 (2001)
6.
Damianou, N., Dulay, N., Lupu, E.C., Sloman, M.: Ponder: a language for specifying security and management policies for distributed systems. Imperial College Research Report DoC 2000/1 (2000)
7.
Burgess, M.: On the theory of system administration. Science of Computer Programming 49, 1 (2003)MathSciNetCrossRefMATHGoogle Scholar
8.
Couch, A., Daniels, N.: The maelstrom: Network service debugging via ”ineffective procedures”. In: Proceedings of the Fifteenth Systems Administration Conference (LISA XV) (USENIX Association: Berkeley, CA), p. 63 (2001)
9.
Burgess, M.: Cfengine’s immunity model of evolving configuration management. Science of Computer Programming 51, 197 (2004)MathSciNetCrossRefGoogle Scholar
10.
Burgess, M.: A site configuration engine. Computing systems, vol. 8, p. 309. MIT Press, Cambridge (1995)Google Scholar
11.
Axelrod, R.: The Complexity of Cooperation: Agent-based Models of Competition and Collaboration. Princeton Studies in Complexity, Princeton (1997)Google Scholar
12.
Axelrod, R.: The Evolution of Co-operation. Penguin Books 1990 (1984)
13.
Carrillo, J.D., Dewatripont, M.: Promises, promises. Technical Report 172782000000000058, UCLA Department of Economics, Levines’s Bibliography
14.
Snyder, L.: Formal models of capability-based protection systems. IEEE Transactions on Computers 30, 172 (1981)CrossRefMATHGoogle Scholar
15.
Burgess, M.: Analytical Network and System Administration — Managing Human-Computer Systems. J. Wiley & Sons, Chichester (2004)CrossRefGoogle Scholar
16.
Stang, T.H., Pourbayat, F., Burgess, M., Canright, G., Engø, K., Weltzien, Å.: Archipelago: A network security analysis tool. In: Proceedings of The 17th Annual Large Installation Systems Administration Conference (LISA 2003), San Diego, California, USA (October 2003)
17.
Canright, G., Engø-Monsen, K.: A natural definition of clusters and roles in undirected graphs. Science of Computer Programming 53, 195 (2004)MathSciNetCrossRefMATHGoogle Scholar
18.
Burgess, M., Canright, G., Engø, K.: A graph theoretical model of computer security: from file access to social engineering. International Journal of Information Security 3, 70–85 (2004)CrossRefGoogle Scholar
19.
Ortalo, R.: A flexible method for information system security policy specifications. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 67–85. Springer, Heidelberg (1998)CrossRefGoogle Scholar
20.
Glasgow, J., MacEwan, G., Panagaden, P.: A logic for reasoning about security. ACM Transactions on Computer Systems 10, 226–264 (1992)CrossRefGoogle Scholar
21.
Lupu, E., Sloman, M.: Conflict analysis for management policies. In: Proceedings of the Vth International Symposium on Integrated Network Management IM 1997, pp. 1–14. Chapman & Hall, Boca Raton (1997)Google Scholar
22.
Chellas, B.F.: Modal Logic: An Introduction. Cambridge University Press, Cambridge (1980)CrossRefMATHGoogle Scholar
23.
Prakken, H., Sergot, M.: Dyadic deontic logic and contrary-to-duty obligations. In: Defeasible Deontic logic: Essays in Nonmonotonic Normative Reasoning. Synthese library, vol. 263. Kluwer Academic Publishers, Dordrecht (1997)
24.
Kripke, S.A.: Semantical considerations in modal logic. Acta Philosophica Fenica 16, 83–94 (1963)MATHGoogle Scholar
25.
Fagernes, S., Burgess, M.: The effects of ‘tit for tat’ policy for rejecting ‘spam’ or denial of service floods. In: Proceedings of the 4th System Administration and Network Engineering Conference (SANE 2004) (2004)
26.
Burgess, M., Fagernes, S.: Pervasive computing management ii: Voluntary cooperation. IEEE eTransactions on Network and Service Management (submitted)
27.
Bandara, A.K., Lupu, E.C., Moffett, J., Russo, A.: A goal-based approach to policy refinement. In: Proceedings of the 5th IEEE Workshop on Policies for Distributed Systems and Networks (2004)
28.
Bandara, A.K., Lupu, E.C., Moffett, J., Russo, A.: Using event calculus to formalise policy specification and analysis. In: Proceedings of the 4th IEEE Workshop on Policies for Distributed Systems and Networks (2003)
29.
Lafuente, A.L., Montanari, U.: Quantitative mu-calculus and ctl defined over constraint semirings. Electronic Notes on Theoretical Computing Systems QAPL, 1–30 (2005)

An Approach to Understanding Policy Based on Autonomy and Voluntary Cooperation

Abstract

Copyright information

Authors and Affiliations

Personalised recommendations

Cookies