A mechanism for supporting communication policies in distributed systems

We contend that the potential diversity of policies creates a need for reliable mechanisms allowing to define, deploy and enforce regulations in heterogeneous, distributed environments. Though a number of mechanisms have been developed, they usually implement a single policy, which is, in fact, built into the system. This situation poses several problems. First, whenever one needs to enforce a policy which does not fall into the patterns currently supported, there is no other way but to build an interface for it. Besides the strenuous, usually duplicating effort required to build such interfaces, burying the policy into the code makes changing harder, and error-prone. Second, having a set of disparate mechanisms poses interoperability problems. We argue that the following principles have to be satisfied to provide for safe and efficient policy support on the scale required by today's Internet: The principle of explicitness, which calls for policies to be formulated explicitly, rather than being implicit in the code. The principle of enforcement, which requires that every agent be compelled to observe the policy in question. And the principle of decentralization, which calls for a policy to be enforced in a non-centralized manner. In this thesis we present the concept of communication policy, a framework for regulating message transmission, and a software architecture, called Law-Governed Interaction (LGI), which supports this concept. The LGI mechanism, which we implemented by a toolkit named Moses, satisfies the principles mentioned above, and can be used to support a wide variety of access control and e-commerce policies. We have performed a number of experiments aimed to measure the toolkit performance and we have analyzed the efficiency of the mechanism in a variety of scenarios. The general picture that emerges is that even in its present, experimental state, LGI is quite affordable for a large class of applications.