Establishing enterprise communities

One of the most important challenges facing the builders of enterprise software is the reliable implementation of the policies that are supposed to govern the various communities operating within an enterprise. Such policies are widely considered fundamental to enterprise modeling, and their specification were the subject of several recent investigations. But specification of the policy that is to govern a given community is only the first step towards its implementation; the second, and more critical step is to ensure that all members of the community actually conform to the specified policy. The conventional approach to the implementation of a policy is to build it into all members of the community subject to it. But if the community in question is large and heterogeneous, and if its members are dispersed throughout a distributed enterprise, then such "manual" implementation of its policy would be too laborious and error-prone to be practical. Moreover, a policy implemented in this manual manner would be very unstable with respect to the evolution of the system, because it can be violated by a change in the code of any member of community subject to it. It is our thesis that the only reliable way for ensuring that an heterogeneous distributed community of software modules and people conforms to a given policy is for this policy to be strictly enforced. A mechanism for establishing enterprise communities by formally specifying their policies, and by having these policies enforced is the subject of the paper.

[1]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[2]  Zoran Milosevic,et al.  Policies in communities: extending the ODP enterprise viewpoint , 1998, Proceedings Second International Enterprise Distributed Object Computing (Cat. No.98EX244).

[3]  Marie-Pierre Gervais,et al.  Using the UML language to express the ODP enterprise concepts , 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366).

[4]  Victoria Ungureanu,et al.  Formal treatment of certificate revocation under communal access control , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[5]  Victoria Ungureanu,et al.  Establishing Business Rules for Inter-Enterprise Electronic Commerce , 2000, DISC.

[6]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[7]  Victoria Ungureanu,et al.  Law-Governed Internet Communities , 2000, COORDINATION.

[8]  Naftaly H. Minsky,et al.  The Imposition of Protocols Over Open Distributed Systems , 1991, IEEE Trans. Software Eng..

[9]  Victoria Ungureanu,et al.  Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems , 2000, TSEM.

[10]  John Derrick,et al.  Formalising ODP enterprise policies , 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366).