Abstract
Presently, there is no satisfactory model for dealing with political autonomy of agents in policy based management. A theory of atomic policy units called ‘promises’ is therefore discussed. Using promises, a global authority is not required to build conventional management abstractions, but work is needed to bind peers into a traditional authoritative structure. The construction of promises is precise, if tedious, but can be simplified graphically to reason about the distributed effect of autonomous policy. Immediate applications include resolving the problem of policy conflicts in autonomous networks.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Sloman, M.S., Moffet, J.: Policy hierarchies for distributed systems management. Journal of Network and System Management 11(9), 1404 (1993)
Lupu, E.C., Sloman, M.: Towards a role based framework for distributed systems management. Journal of Network and Systems Management 5 (1996)
Parrow, J.: An Introduction to the π-Calculus. In: The Handbook of Process Algebra, p. 479. Elsevier, Amsterdam (2001)
Fu, Z., Wu, S.F.: Automatic generation of ipsec/vpn security policies in an intra-domain environment. In: Proceedings of the 12th internation workshop on Distributed System Operation and Management (IFIP/IEEE), p. 279. INRIA Press (2001)
Sailer, R., Acharya, A., Beigi, M., Jennings, R., Verma, D.: Ipsecvalidate - a tool to validate ipsec configurations. In: Proceedings of the Fifteenth Systems Administration Conference (LISA XV) (USENIX Association: Berkeley, CA), p. 19 (2001)
Damianou, N., Dulay, N., Lupu, E.C., Sloman, M.: Ponder: a language for specifying security and management policies for distributed systems. Imperial College Research Report DoC 2000/1 (2000)
Burgess, M.: On the theory of system administration. Science of Computer Programming 49, 1 (2003)
Couch, A., Daniels, N.: The maelstrom: Network service debugging via ”ineffective procedures”. In: Proceedings of the Fifteenth Systems Administration Conference (LISA XV) (USENIX Association: Berkeley, CA), p. 63 (2001)
Burgess, M.: Cfengine’s immunity model of evolving configuration management. Science of Computer Programming 51, 197 (2004)
Burgess, M.: A site configuration engine. Computing systems, vol. 8, p. 309. MIT Press, Cambridge (1995)
Axelrod, R.: The Complexity of Cooperation: Agent-based Models of Competition and Collaboration. Princeton Studies in Complexity, Princeton (1997)
Axelrod, R.: The Evolution of Co-operation. Penguin Books 1990 (1984)
Carrillo, J.D., Dewatripont, M.: Promises, promises. Technical Report 172782000000000058, UCLA Department of Economics, Levines’s Bibliography
Snyder, L.: Formal models of capability-based protection systems. IEEE Transactions on Computers 30, 172 (1981)
Burgess, M.: Analytical Network and System Administration — Managing Human-Computer Systems. J. Wiley & Sons, Chichester (2004)
Stang, T.H., Pourbayat, F., Burgess, M., Canright, G., Engø, K., Weltzien, Å.: Archipelago: A network security analysis tool. In: Proceedings of The 17th Annual Large Installation Systems Administration Conference (LISA 2003), San Diego, California, USA (October 2003)
Canright, G., Engø-Monsen, K.: A natural definition of clusters and roles in undirected graphs. Science of Computer Programming 53, 195 (2004)
Burgess, M., Canright, G., Engø, K.: A graph theoretical model of computer security: from file access to social engineering. International Journal of Information Security 3, 70–85 (2004)
Ortalo, R.: A flexible method for information system security policy specifications. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 67–85. Springer, Heidelberg (1998)
Glasgow, J., MacEwan, G., Panagaden, P.: A logic for reasoning about security. ACM Transactions on Computer Systems 10, 226–264 (1992)
Lupu, E., Sloman, M.: Conflict analysis for management policies. In: Proceedings of the Vth International Symposium on Integrated Network Management IM 1997, pp. 1–14. Chapman & Hall, Boca Raton (1997)
Chellas, B.F.: Modal Logic: An Introduction. Cambridge University Press, Cambridge (1980)
Prakken, H., Sergot, M.: Dyadic deontic logic and contrary-to-duty obligations. In: Defeasible Deontic logic: Essays in Nonmonotonic Normative Reasoning. Synthese library, vol. 263. Kluwer Academic Publishers, Dordrecht (1997)
Kripke, S.A.: Semantical considerations in modal logic. Acta Philosophica Fenica 16, 83–94 (1963)
Fagernes, S., Burgess, M.: The effects of ‘tit for tat’ policy for rejecting ‘spam’ or denial of service floods. In: Proceedings of the 4th System Administration and Network Engineering Conference (SANE 2004) (2004)
Burgess, M., Fagernes, S.: Pervasive computing management ii: Voluntary cooperation. IEEE eTransactions on Network and Service Management (submitted)
Bandara, A.K., Lupu, E.C., Moffett, J., Russo, A.: A goal-based approach to policy refinement. In: Proceedings of the 5th IEEE Workshop on Policies for Distributed Systems and Networks (2004)
Bandara, A.K., Lupu, E.C., Moffett, J., Russo, A.: Using event calculus to formalise policy specification and analysis. In: Proceedings of the 4th IEEE Workshop on Policies for Distributed Systems and Networks (2003)
Lafuente, A.L., Montanari, U.: Quantitative mu-calculus and ctl defined over constraint semirings. Electronic Notes on Theoretical Computing Systems QAPL, 1–30 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 IFIP International Federation for Information Processing
About this paper
Cite this paper
Burgess, M. (2005). An Approach to Understanding Policy Based on Autonomy and Voluntary Cooperation. In: Schönwälder, J., Serrat, J. (eds) Ambient Networks. DSOM 2005. Lecture Notes in Computer Science, vol 3775. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11568285_9
Download citation
DOI: https://doi.org/10.1007/11568285_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29388-0
Online ISBN: 978-3-540-32244-3
eBook Packages: Computer ScienceComputer Science (R0)