Tools for domain-based policy management of distributed systems
- 25 June 2003
- proceedings article
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
The management of policies in large-scale systems is complex because of the potentially large number of policies and administrators, as well as the diverse types of information that need to be managed. Appropriate tool support is essential to make management practical and feasible. In this paper we present the implementation of an integrated toolkit for the specification, deployment and management of policies specified in the PONDER language. PONDER policies provide a powerful framework for managing distributed systems which includes explicit domain-based subject and target specifications as well as a flexible life-cycle and deployment model. Domains, implemented using LDAP directories, are used for storing policies and grouping resources, people, and the entities which implement policy, thus facilitating the automated dissemination of policy information. The toolkit presented in this paper comprises: a policy compiler, used to generate implementation code for heterogeneous management and security platforms, a hyperbolic tree viewer for efficient manipulation of the domain structure and effective navigation across the domains, and various tools for deploying and managing the policy life-cycle.Keywords
This publication has 9 references indexed in Scilit:
- Role based access control framework for network enterprisesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Interactive configuration management for distributed object systemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- A policy deployment model for the Ponder languagePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Netmon: network management for the SARAS softswitchPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Network policy languages: a survey and a new approachIEEE Network, 2001
- Conflicts in policy-based distributed systems managementIEEE Transactions on Software Engineering, 1999
- Role-based access control modelsComputer, 1996
- A focus+context technique based on hyperbolic geometry for visualizing large hierarchiesPublished by Association for Computing Machinery (ACM) ,1995
- Policy driven management for distributed systemsJournal of Network and Systems Management, 1994