A Policy Framework for Management of Distributed Systems
Nicodemos C. Damianou
A thesis submitted in partial fulfilment of the requirements for the degree of Doctor of Philosophy in the Faculty of Engineering of the University of London, and for the Diploma of the Imperial College ofScience, Technology and Medicine London, February 2002
Στους γονείς µου, Κωνσταντίνο και Σοφία
(To my parents Constantinos and Sofia)
Policy-based management is one of the latest developments in network and distributed systems management. Academic and commercial settings, as well as standardisation bodies are concentrating on policy-based management as a very promising solution formanaging large-scale distributed systems. The use of policy-based management in areas such as security is particularly attractive. The introduction of new technologies (e.g. active networks, mobile agents) and the use of the Internet for providing services to customers, increase the security concerns associated with today’s networked environments. Security management involves specification anddeployment of access control policies as well as activities such as registration of users or logging and auditing events for dealing with access to critical resources or security violations. The management actions to be performed when an event occurs depend on the enterprise policy. The need is evident for a policy language to support the specification of access control and other management policies. Inthis thesis we propose a policy framework to support security and management of distributed systems. The framework consists of a policy specification language, an architecture for deploying policies based on the language and a set of tools for specifying and managing policies. In conjunction with the language, the toolkit permits integrated administration of resources, people and policyinformation with automated policy deployment. The toolkit comprises an Integrated Development Environment (IDE) with a policy compiler, as well as tools for managing policies and roles at runtime. The policy language is a declarative, object-oriented language for specifying security and management policies for distributed object systems. The language is flexible, expressive and extensible to cover the widerange of requirements implied by the current distributed systems paradigms. It includes support for access control policies, and delegation to cater for temporary transfer of access rights to agents acting on behalf of a client. The language also supports policies to express management activity, which take the form of event-triggered rules called obligation policies. Domains are used tofacilitate the specification of policies relating to large systems with millions of objects; policies are specified for collections of objects stored in domains instead of individual objects, thus allowing for scalability and flexibility. Composite policies are included to allow the basic security and management policies relating to roles, organisational units and specific applications to be groupedtogether. Composite policies are essential to cater for the complexity of policy administration in large enterprise information systems. Application specific constraints on groups of policies can be specified using meta-policies. The language is easy to use by policy users, and we use a structural operational semantics approach to specify its formal semantics.
My first andforemost thanks go to my supervisor Professor Morris Sloman. This thesis would not have been possible without his inspiration, constructive criticism and experienced guidance. I thank Morris for arranging for financial support during my PhD studies. I am also grateful to Dr. Emil Lupu whose guidance, support and critical analysis were extremely important towards completion of this thesis. Special...