In Vivo Evolution of Policies that Govern a Distributed System

This paper addresses an important open problem confronting any decentralized and stateful access control (AC) mechanism for networked systems, particularly when the system at hand is large, heterogeneous and open. The problem, in a nutshell, is how to enable safe evolution of the policy that governs a given system, while that system continues to operate. This problem, and its solution, are addressed here in terms of the Law-Governed Interaction (LGI) mechanism, but the ideas underlying this paper should be broadly relevant to other decentralized and stateful control mechanisms, such as the use of distributed firewalls for the protection of distributed enterprise systems.

[1]  Liuba Shrira,et al.  Modular Software Upgrades for Distributed Systems , 2006, ECOOP.

[2]  Liuba Shrira,et al.  Scheduling and Simulation: How to Upgrade Distributed Systems , 2003, HotOS.

[3]  Naftaly H. Minsky,et al.  The Imposition of Protocols Over Open Distributed Systems , 1991, IEEE Trans. Software Eng..

[4]  Naftaly H. Minsky,et al.  Flexible Regulation of Distributed Coalitions , 2003, ESORICS.

[5]  UngureanuVictoria,et al.  Law-governed interaction , 2000 .

[6]  Emil C. Lupu,et al.  A Policy Language for the Management of Distributed Agents , 2001, AOSE.

[7]  Emil C. Lupu,et al.  A policy deployment model for the Ponder language , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[8]  Hong Cheng,et al.  Policy-based mobile ad hoc network management , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..