Abstract
There is a need to be able to program network components to adapt to application requirements for quality of service, specialised application dependent routing, to increase efficiency, to support mobility and sophisticated management functionality. There are a number of different approaches to providing programmability all of which are extremely powerful and can potentially damage the network, so there is a need for clear specification of authorisation policies i.e., who is permitted to access programmable network resources or services. Obligation policies are event triggered rules which can perform actions on network components and so provide a high-level means of ‘programming’ these components. Both authorisation and obligation policies are interpreted so can be enabled, disabled or modified dynamically without shutting down components. This paper describes a notation and framework for specifying policies related to programmable networks and grouping them into roles. We show how abstract, high-level policies can be refined into a set of implementable ones and discuss the types of conflicts which can occur between policies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Wetherall, D., Legedza, U., Guttag, J.: Introducing New Internet Services: Why and How. IEEE Network, Special Issue on Active and Programmable Networks (July 1998)
Tennenhouse, D., Smith, J., Sincoskie, D., Wetherall, D., Minden, G.: A survey of Active Network Research. IEEE Communications Magazine 35(1), 80–86 (1997)
Bieszczad, A., Pagurek, B., White, T.: Mobile Agents for Network Management. IEEE Communications Surveys 1(1) (1998), www.comsoc.org/pubs/surveys
de Meer, H., et al.: Agents for Enhanced Internet QoS. IEEE Concurrency 6(2), 30–39 (1998)
Lazar, A.: Programming Telecommunication Networks. IEEE Network, 8–18 (September/October 1997)
Goldszmidt, G., Yemini, Y.: Evaluating Management Decisions via Delegation. In: Hegering, H., Yemini, Y. (eds.) Integrated Network Management III, pp. 247–257. Elsevier Science Publisher, Amsterdam (1993)
3COM: Directory Enabled Networking and 3COM’s Framework for Policy Powered Networking (1998), http://www.3com.com/
Sloman, M.: Policy Driven Management for Distributed Systems. Journal of Network and Systems Management 2(4), 333–360 (1994)
Magee, J., Moffett, J. (eds.): Special Issue of IEE/BCS/IOP Distributed Systems Engineering Journal on Services for Managing Distributed Systems 3(2) (1996)
Sloman, M., Twidle, K.: A Framework for Structuring Management Policy. In: Sloman, M. (ed.) Network & Distributed Systems Management, pp. 433–453. Addison-Wesley, Reading (1994)
Whal, M., Howes, T., Kille, S.: Lightweight Directory Access Protocol (v3), IETF RFC 2251 (December 1997), Available from http://www.ietf.org
Marriott, D., Sloman, M.: Management Policy Service for Distributed Systems. In: 3rd IEEE Int. Workshop on Services in Distributed and Networked Environments, Macau, pp. 2–9 (1996)
Marriott, D., Sloman, M.: Implementation of a Management Agent for Interpreting Obligation Policy. In: IEEE/IFIP Distributed Systems Operations and Management Workshop (DSOM 1996), L’Aquila, Italy (October 1996)
Marriott, D.: Management Policy for Distributed Systems. Ph.D. Dissertation, Imperial College, Department of Computing, London, UK (July 1997)
Lupu, E., Sloman, M.: Conflicts in Policy-Based Distributed Systems Management. IEEE Trans. on Soft. Eng., Special Issue on Inconsistency Management (1999) (to appear)
Mansouri-Samani, M., Sloman, M.: GEM: A Generalised Event Monitoring Language for Distributed Systems. IEE/BCS/IOP Distributed Systems Engineering 4(2), 96–108 (1997)
Lupu, E., Sloman, M.: Towards a Role-based Framework for Distributed Systems Management. Journal of Network and Systems Management 5(1), 5–30 (1997)
Lupu, E., Sloman, M.: A Policy-based Role Object Model. In: 1st IEEE Enterprise Distributed Object Computing Workshop (EDOC 1997), Gold Coast, Australia, pp. 36–47 (October 1997)
Lupu, E.: A Role-Based Framework for Distributed Systems Management. Ph.D. Dissertation, Imperial College, Dept. of Computing, London, U.K (July 1998)
Koch, T., et al.: Policy Definition Language for Automated Management of Distributed System. In: 2nd IEEE Int. Workshop on Systems Management, Toronto, pp. 55–64 (June 1996)
Wies, R.: Policies in Integrated Network and Systems Management: Methodologies for the Definition, Transformation and Application of Management Policies. Ph.D. Dissertation, Fakultat fur Mathematik der Ludwig-Maximilians-Universitat, Munchen, Germany (1995)
Bos, H.: Application Specific Policies: Beyond the Domain Boundaries. In: IFIP/IEEE Integrated Management Symposium (IM 1999), Boston (May 1999)
Strassner, J., Elleson, E.: Terminology for Describing Network Policy and Services, IETF draft work in progress (February 1999), Available from http://www.ietf.org
Strassner, J., Elleson, E., Moore, B.: Policy Framework Core Information Model, IETF draft work in progress (February 1999), Available from http://www.ietf.org
Strassner, J., Schleimer, S.: Policy Framework Definition Language, IETF draft work in progress (November 1998), Available from http://www.ietf.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sloman, M., Lupu, E. (1999). Policy Specification for Programmable Networks. In: Covaci, S. (eds) Active Networks. IWAN 1999. Lecture Notes in Computer Science, vol 1653. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-48507-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-48507-0_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66238-9
Online ISBN: 978-3-540-48507-0
eBook Packages: Springer Book Archive