@online{vdmeer:skb:rn:ina,
author = "van der Meer, Sven",
title = "Research Notes - Policy-based Management",
url = "https://vdmeer.github.io/research-notes.html",
date = "2019-05-28",
urldate = "2019-05-28"
}
Understanding the role of policies and the policy-based approach requires some historical context. The separation of strategy from system (design and process) was first described in (Hansen 1970).
Policy was first used in the 1970’s for security (Bell, 1973) where a relation W provides access control rules to govern system security. These rules help to govern state transitions on receiving requests. (Dobson, 1989) states that a system specification describes what a system does while a policy describes how. Here, the dynamic features are policy, role, and control.
In the mid 1970’s operating systems began using the term policy as an artifact of control (Levin, 1975), where users could influence kernel-space decisions without requiring an expensive kernel to user space switch. In (Jomier, 1981) the authors separate static and dynamic policies for memory allocation, for static memory allocated at scheduling time with dynamic memory changing with the process. The policy/mechanism principle for operating system resource allocation is introduced in (Levin, 1975), while (Day, PNA, 2007) explains how this principle can be applied to networks and their management.
Policies are first used in communication systems in (Rouse, 1979) to control sharing resources as rules for control. In (Kamoun, 1981) rules are used to detect and later prevent network congestion.
Event Condition Action (ECA) rules appear first in active databases (Dayal, 1988). A defined event triggers the evaluation of a defined set of queries (condition) and a defined action is executed if the condition is satisfied. The processing of rules is strongly associated to database transactions. Event types for ECA are defined as database operation, temporal, and external notification. An architecture for an active database management system with CA and ECA policies is described in (McCarthy, 1989).
Policy as a paradigm for network management was defined by Sloman’s Imperial College research team. This work was, at least partially, based on ODP and OSI’s network management (Sloman, 1990), also introducing domains. One of the main focus points was access control (Moffet, 1990). Policy for network management then is originally defined in (Sloman, 1994), based on earlier work (Robinson, 1988) (Twidle, 1988), as well as the PhD thesis' of Robinson (1988), Moffet (1990), and Twidle (1993). Originally focusing on access control, the work introduced domains, subject, and target, plus policy categories (and models) and a policy system (with language and tooling) called Ponder. This is then followed by policy standards, such as the IETF policy framework, DMTF CIM, TMF SID, to name a just view. A detailed historic perspective on policy can be found in (Boutaba, 2007).
A deep understanding of policy requires study of policy frameworks (Triantafyllopoulou, 2013), approaches (Phan, 2008), and concepts for specifications (Damianou, 2002). Policies from different domains were also analyzed, such as cognitive radio (Mitola, 2009), security (Han, 2012), network traffic and QoS (Stone, 2001), and XML and open environments (Yagüe, 2006).
Approaches for models that allow multiple PMs in a single PDM have been developed in (Strassner, 2004) and more recently in (Strassner, 2017). Here, each PM is bound to its specific definitions, for instance an ECA policy is bound to its inherent rule structure, so while being extensible, it is not easy to add new policy models.
A better approach is to specify a formal taxonomy that informs a formal PDM, independent of any specific PM, for instance in (Davy, 2008).
Tool support for syntactic and semantic translation between models can be achieved (Barrett, 2007/GIIS) and (Barrett, 2007/MACE). However, it is important to note that semantic translation cannot be fully automated. In (Brennan, 2010) we study inter-domain relationships and policy translation, both important aspects. We have summarized today’s challenges for policy-based management in [39] and [40].
D. Elliott Bell et al.: Secure Computer Systems: Mathematical Foundations, 1973
|
R. Levin et al.: Policy/Mechanism Separation in Hydra, 1975
|
William B. Rouse: A Model-Based Approach to Policy Analysis in Library Networks, 1979 |
Geneviève Jomier: A Mathematical Model for the Comparison of Static and Dynamic Memory Allocation in a Paged System, 1981 |
Umeshwar Dayal et al.: The HiPAC project: combining active databases and timing constraints, 1988
|
Dennis R. McCarthy et al.: The Architecture Of An Active Data Base Management System, 1989
|
D.C. Robinson et al.: Domains: a new Approach to Distributed System Management, 1988 |
Kevin Twidle et al.: Domain based Configuration and Name Management for Distributed Systems, 19888 |
J. E. Dobson et al.: A Framework for expressing Models of Security Policy, 1989 |
Jonathan Moffett et al.: Specifying Discretionary Access Control Policy for Distributed Systems, 1990 |
Morris J. Sloman: Policy driven Management for Distributed Systems, 1994 |
Nicodemos C. Damianou et al.: A Survey of Policy Specification Approaches, 2002
|
John C. Strassner: Policy-based Network Management - Solutions for the Next Generation, 2004
|
Mariemma I. Yagüe: Survey on XML-Based Policy Languages for Open Environments, 2006
|
Keara Barrett et al.: A Model Based Approach for Policy Tool Generation and Policy Analysis, 2007
|
Keara Barrett et al.: Determining the Feasibility of Policy Translation, 2007
|
Raouf Boutaba et al.: Policy-based Management: A Historical Perspective, 2007 |
Steven Davy et al.: The Policy Continuum – Policy Authoring and Conflict Analysis, 2008 |
Tan Phan et al.: A Survey of Policy-Based Management Approaches for Service Oriented Systems, 2008
|
Rob Brennan et al.: Multidomain IT Architectures for Next-Generation Communications Service Providers, 2010
|
Dionysia Triantafyllopoulou et al.: Existing Policy Frameworks: An Overview, 2013
|
John Keeney et al.: Towards Real-time Management of Virtualized Telecommunication Networks, 2014
|
Sven van der Meer et al.: Dynamically Adaptive Policies for Dynamically Adaptive Telecommunications Networks, 2015
|
Liam Fallon et al.: APEX: An Engine for Dynamic Adaptive Policy Execution, 2016
|
Liam Fallon et al.: Distributed Management Information Models, 2017
|
Liam Fallon et al.: Using the COMPA Autonomous Architecture for Mobile Network Security, 2017
|
Joseph McNamara et al.: A Testbed For Policy Driven Closed Loop Network Management, 2018
|
Sven van der Meer et al.: Taming Policy Complexity: Model to Execution, 2018
|
Sven van der Meer et al.: 5G Networks Must Be Autonomic!, 2018
|
Sven van der Meer et al.: Demo: Adaptive Policy Execution (APEX), 2018
|
Copyright © 2018-2019 Sven van der Meer. All rights reserved.
This work is licensed under a Creative Commons Attribution-ShareAlike International License.
If you use this work, you can attribute it as follows:
Reference |
Sven van der Meer:
Research Notes - Policy-based Management, May 28, 2019-05-28 |
Biblatex |
|
BiBTeX |
|