发布求助
文献互助 智能选刊 最新文献

2010 IEEE International Symposium on Policies for Distributed Systems and Networks最新文献

筛选
英文 中文
Efficient Policy Checking across Administrative Domains 跨管理域的高效策略检查
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.36
David Evans, D. Eyers
{"title":"Efficient Policy Checking across Administrative Domains","authors":"David Evans, D. Eyers","doi":"10.1109/POLICY.2010.36","DOIUrl":"https://doi.org/10.1109/POLICY.2010.36","url":null,"abstract":"Information flow control provides formal techniques for specifying policies that dictate what data may flow where, and for ensuring compliance with those policies. In event-based systems, this amounts to deciding whether a particular event should be delivered to a recipient and what parts of that event the recipient should be allowed to see. This is usually effected through labels that identify the privileges required for access to, and the integrity of, parts of events. Within an organisation, agreement on the meanings of these labels can be reached by flat. However, when multiple organisations are involved, interpretation of these labels is tied up with the data usage agreements defining how the organisations interact. We provide a means to link inter- and intra-organisation information flow control, using the same mechanism for each when checking policy compliance. Event producers are insulated from concerns about whether event receivers are within their organisation or outside it.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130303548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Usable Policy Template Authoring for Iterative Policy Refinement 可用于迭代策略细化的可用策略模板创建
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.28
Maritza L. Johnson, J. Karat, Clare-Marie Karat, Keith Grueneberg
{"title":"Usable Policy Template Authoring for Iterative Policy Refinement","authors":"Maritza L. Johnson, J. Karat, Clare-Marie Karat, Keith Grueneberg","doi":"10.1109/POLICY.2010.28","DOIUrl":"https://doi.org/10.1109/POLICY.2010.28","url":null,"abstract":"People must have usable tools in order to author and maintain high-quality policies. In this paper we discuss policy templates as a mechanism for policy authoring. We believe that policy templates can be leveraged to make policy authoring more usable and to provide consistent policy authoring interfaces across a wide variety of policy domains. Templates provide users with a structured format for authoring policies; however, a general approach for creating policy templates has not been described in published research to date. Based on research in policy management, we propose an iterative policy refinement process that consists of three user roles and spans policy authoring, template authoring, and policy element definition. We designed a GUI-based prototype that enables users to create policy templates. In this paper we describe our proposed policy refinement process, the necessary user roles, a template authoring prototype, and the results of an empirical study of template authoring","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122075930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
QoP and QoS Policy Cognizant Module Composition QoP和QoS策略认知模块组成
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.16
Paul Seymer, A. Stavrou, D. Wijesekera, S. Jajodia
{"title":"QoP and QoS Policy Cognizant Module Composition","authors":"Paul Seymer, A. Stavrou, D. Wijesekera, S. Jajodia","doi":"10.1109/POLICY.2010.16","DOIUrl":"https://doi.org/10.1109/POLICY.2010.16","url":null,"abstract":"Component-based software engineering is generally recognized as one of the best methods to develop, deploy, and manage increasingly complex software systems. To enable the dynamic composition of software modules, it is often required to expose their functionality dependencies. This results the a well-known requires-provides specifications’ model. In this paper, we introduce a framework that enables individual software components to specify their requires-provides interfaces in a policy dependent way. Our framework specifies policies as combinations of Constraint Logic Programming (CLP) based rules. Moreover, our policies are flexible and expressive, allowing the enforcement of multiple aspects for the requested composition including security and quality of service. We apply our framework to specify Quality of Protection (QoP) and Quality of Service (QoS) policies. We demonstrate the applicability of our policy language using as an example a teleconferencing application with diverse requirements for the specification of security and resource policies.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123089437","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Model for the Governance of Federated Healthcare Information Systems 联邦医疗保健信息系统的治理模型
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.32
N. Minsky
{"title":"A Model for the Governance of Federated Healthcare Information Systems","authors":"N. Minsky","doi":"10.1109/POLICY.2010.32","DOIUrl":"https://doi.org/10.1109/POLICY.2010.32","url":null,"abstract":"Modern healthcare is characterized by the increasing tendency for the health care records of a single patient to be dispersed throughout a complex network of health care providers. And some, or all, of such records, pertaining to a given patient, may have to be transfered to a provider to facilitate the treatment of this patient. Such transfer needs to be done quickly, because delays may adversely impacts the quality and cost of healthcare; and may, in some cases be a matter of life or death. But fast electronic transfer presents serious danger to the privacy and integrity of these records. This raises the need for governance, that is, for the formulation and enforcement of the societal policies and laws pertaining to the exchange of electronic healthcare records between the members of the often large and heterogeneous networks of healthcare providers. This paper introduces a reference model for such governance, which has the following characteristics, among others: (a) decentralized, and thus scalable, enforcement mechanism; (b) seamless and secure interoperation between health care providers operating under different policies, and under different administrative domains; (c) support for the naturally hierarchical organization of the policies that govern the exchange of health care records; (d) the ability to change policies while the system governed by them continues to operate.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128112493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
User Centric Policy Management in Online Social Networks 在线社交网络中以用户为中心的策略管理
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.10
Mohamed Shehab, Gorrell P. Cheek, Hakim Touati, A. Squicciarini, P. Cheng
{"title":"User Centric Policy Management in Online Social Networks","authors":"Mohamed Shehab, Gorrell P. Cheek, Hakim Touati, A. Squicciarini, P. Cheng","doi":"10.1109/POLICY.2010.10","DOIUrl":"https://doi.org/10.1109/POLICY.2010.10","url":null,"abstract":"Online social networking sites are experiencing tremendous user growth with hundreds of millions of active users. As a result, there is a tremendous amount of user profile data online, e.g., name, birth date, etc. Protecting this data is a challenge. The task of access policy composition is a tedious and confusing effort for the average user having hundreds of friends. In this paper, we propose a Policy Manager (PolicyMgr) Framework for social networks. PolicyMgr assists users in composing and managing their access control policies for objects posted to their profiles. Our approach is based on a supervised learning mechanism that leverages user provided example policy settings as training sets to build classifiers that are the basis for auto-generated policies. Furthermore, we provide mechanisms to enable users to fuse policy decisions that are provided by their friends or others in the social network. These policies then regulate access to user profile objects. We implemented our framework and, through experimentation, demonstrate positive emerging results.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127940701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Policy Generation Framework for Large-Scale Storage Infrastructures 大规模存储基础设施策略生成框架
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.30
R. Routray, Rui Zhang, D. Eyers, Douglas Willcocks, P. Pietzuch, P. Sarkar
{"title":"Policy Generation Framework for Large-Scale Storage Infrastructures","authors":"R. Routray, Rui Zhang, D. Eyers, Douglas Willcocks, P. Pietzuch, P. Sarkar","doi":"10.1109/POLICY.2010.30","DOIUrl":"https://doi.org/10.1109/POLICY.2010.30","url":null,"abstract":"Cloud computing is gaining acceptance among mainstream technology users. Storage cloud providers often employ Storage Area Networks (SANs) to provide elasticity, rapid adaptability to changing demands, and policy based automation. As storage capacity grows, the storage environment becomes heterogeneous, increasingly complex, harder to manage, and more expensive to operate. This paper presents PGML (Policy Generation for largescale storage infrastructure configuration using Machine Learning), an automated, supervised machine learning framework for generation of best practices for SAN configuration that can potentially reduce configuration errors by up to 70% in a data center. A best practice or policy is nothing but a technique, guideline or methodology that, through experience and research, has proven to lead reliably to a better storage configuration. Given a standards-based representation of SAN management information, PGML builds on the machine learning constructs of inductive logic programming (ILP) to create a transparent mapping of hierarchical, object-oriented management information into multi-dimensional predicate descriptions. Our initial evaluation of PGML shows that given an input of SAN problem reports, it is able to generate best practices by analyzing these reports. Our simulation results based on extrapolated real-world problem scenarios demonstrate that ILP is an appropriate choice as a machine learning technique for this problem. I","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129198573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A Negotiation Framework for Negotiation of Coalition Policies 联合政策谈判的谈判框架
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.14
Mandis Beigi, Jorge Lobo, Keith Grueneberg, S. Calo, J. Karat
{"title":"A Negotiation Framework for Negotiation of Coalition Policies","authors":"Mandis Beigi, Jorge Lobo, Keith Grueneberg, S. Calo, J. Karat","doi":"10.1109/POLICY.2010.14","DOIUrl":"https://doi.org/10.1109/POLICY.2010.14","url":null,"abstract":"There have been many proposed approaches to performing negotiation in terms of the negotiation procedure, the implementation of agreement, the interactions of software agents representing the different organizations, cooperation among agents, etc. However, one cannot determine a best single approach as it highly depends on the specific application and usage scenario, as well as the needs and goals of the participants. For instance, in some situations, reaching a near pareto-optimal solution is desirable even though it requires that an exhaustive search on all attributes must be performed. In other situations, time might be more valuable and therefore reaching an agreement in a timely manner might have a higher priority. In order to address many different types of negotiation goals and scenarios, there is a need for a flexible negotiation system that can incorporate various alternatives and that is easily extensible and configurable. In this paper, we provide a generic negotiation system that can support many types of negotiation protocols. The proposed system acts as a third party that facilitates the negotiation process between multiple entities and allows them to choose a common negotiation goal and a desired negotiation protocol. We will provide a demonstration of the tool at the conference.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115160604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Policy-Based Management for Resource-Constrained Devices and Systems 资源受限设备和系统的策略管理
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.19
Oliver Dohndorf, Jan Krüger, H. Krumm, Christoph Fiehe, Anna F. Litvina, Ingo Lück, F. Stewing
{"title":"Policy-Based Management for Resource-Constrained Devices and Systems","authors":"Oliver Dohndorf, Jan Krüger, H. Krumm, Christoph Fiehe, Anna F. Litvina, Ingo Lück, F. Stewing","doi":"10.1109/POLICY.2010.19","DOIUrl":"https://doi.org/10.1109/POLICY.2010.19","url":null,"abstract":"The presented policy-based management system supports autonomous control and adaptation of a distributed system according to changing conditions and requirements by means of event-condition-action (ECA) rules. Furthermore, it supports policy-aware application programming. Application components can request evaluations of policy expressions and decisions in order to govern their behavior depending on global system state and environment conditions. That rich functionality has to be provided very efficiently since the distributed system consists of resource-constrained devices. The model-based management (MBM) approach is applied separating comfortable tool-assisted policy definition and refinement at design time from lightweight runtime policy enforcement. New enhancements of MBM extend the policy refinement to the derivation of ECA rules. The new backend functions generate executable Java byte code for policy expressions and decisions as well as for policy rules. The code is appropriately partitioned and allocated to the devices. A simplified healthcare scenario demonstrates the approach and its application.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127636017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Mobile PAES: Demonstrating Authority Devolution for Policy Evaluation in Crisis Management Scenarios 移动PAES:危机管理情境下政策评估的权力下放示范
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.21
E. Scalavino, V. Gowadia, Rudi Ball, Emil C. Lupu, G. Russello
{"title":"Mobile PAES: Demonstrating Authority Devolution for Policy Evaluation in Crisis Management Scenarios","authors":"E. Scalavino, V. Gowadia, Rudi Ball, Emil C. Lupu, G. Russello","doi":"10.1109/POLICY.2010.21","DOIUrl":"https://doi.org/10.1109/POLICY.2010.21","url":null,"abstract":"Traditional data protection schemes deployed in Enterprise Rights Management systems rely on centralised infrastructures where recipients must request authorisation for data access from remote evaluation authorities, trusted by the data originator to keep the data decryption keys and evaluate authorisation policies. During emergency situations when network connection is intermittent these solutions are no longer viable. This demonstration presents a implementation of the hierarchical Policy-based Authority Evaluation Protocol (PAES) that allows the devolution of authority over policy evaluations in a disconnected crisis area. The demonstration simulates the movements of rescuers in the area and the creation of opportunistic connections when they meet. These connections are then used for cross-evaluation of authority and distribution of cryptographic keys in addition to transmitting the data. PAES guarantees a correct policy evaluation at each encounter, so only authorised rescuers finally obtain the authority to access the disseminated data.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124884807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Toward Self-Contained Authorization Policies 走向自包含授权策略
2010 IEEE International Symposium on Policies for Distributed Systems and Networks Pub Date : 2010-07-21 DOI: 10.1109/POLICY.2010.18
R. Laborde, Marwan Cheaito, F. Barrère, A. Benzekri
{"title":"Toward Self-Contained Authorization Policies","authors":"R. Laborde, Marwan Cheaito, F. Barrère, A. Benzekri","doi":"10.1109/POLICY.2010.18","DOIUrl":"https://doi.org/10.1109/POLICY.2010.18","url":null,"abstract":"One of the key motivations of policy-based management is flexibility and adaptability to existing infrastructure and change management. In the context of security, modern policy languages such as XACML are extensible and support natively the expression of new information and manipulation operations. However, policy engines, which evaluate users’ requests according to policies, may not support this new policy information. As a consequence, policy writers have to verify whether the target policy engine can execute his/her policy or not when (s)he writes it. In this article, we introduce the concept of self-contained policy to solve this deployment issue. A self-contained policy includes all the necessary information required by a policy engine to execute a policy. We propose a service component based architecture to support self-contained policies.","PeriodicalId":143330,"journal":{"name":"2010 IEEE International Symposium on Policies for Distributed Systems and Networks","volume":"2612 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130402405","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信