Specifying Policies Using UML Sequence Diagrams--An Evaluation Based on a Case Study

This paper provides a case study based evaluation of UML sequence diagrams as a notation for policy specification. Policy rules are defined on the basis of deontic logic and provided a trace based semantics interpreted over Kripke structures. This gives a semantics comparable to the UML trace semantics for sequence diagrams, which is utilized in the evaluation. The focus is on requirements with respect to expressivity, utility and human readability.

[1]  Emil C. Lupu,et al.  Security and management policy specification , 2002, IEEE Netw..

[2]  Peter F. Linington,et al.  Options for expressing ODP enterprise communities and their policies by using UML , 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366).

[3]  David Harel,et al.  Come, Let’s Play , 2003, Springer Berlin Heidelberg.

[4]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[5]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[6]  Marie-Pierre Gervais,et al.  Using the UML language to express the ODP enterprise concepts , 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366).

[7]  Francesco Parisi-Presicce,et al.  Visual Specifications of Policies and Their Verification , 2003, FASE.

[8]  Øystein Haugen,et al.  Refining UML Interactions with Underspecification and Nondeterminism , 2005, Nord. J. Comput..

[9]  Ketil Stølen,et al.  STAIRS towards formal design with sequence diagrams , 2005, Software & Systems Modeling.

[10]  Morris Sloman,et al.  Policy driven management for distributed systems , 1994, Journal of Network and Systems Management.

[11]  John F. Horty Combining Agency and Obligation (Preliminary Version) , 1996, DEON.

[12]  Rolv Bræk,et al.  A Policy-driven Approach to Dynamic Composition of Authentication and Authorization Patterns and Services , 2006, J. Comput..

[13]  Rolv Bræk,et al.  Dynamic Role Binding in a Service Oriented Architecture , 2005, INTELLCOMM.

[14]  Zoran Milosevic,et al.  Policies in communities: extending the ODP enterprise viewpoint , 1998, Proceedings Second International Enterprise Distributed Object Computing (Cat. No.98EX244).

[15]  Zoran Milosevic,et al.  ODP enterprise language: UML perspective , 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366).

[16]  David Harel,et al.  Come, let's play - scenario-based programming using LSCs and the play-engine , 2003 .

[17]  René Wies,et al.  Policy Definition and Classification: Aspects, Criteria, and Examples , 2007 .

[18]  John Derrick,et al.  Formalising ODP enterprise policies , 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366).