Policy Management of Enterprise Systems: A Requirements Study Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut Pranam Kolari 2006 IEEE.

Slides:



Advertisements
Similar presentations
How Will it Help Me Do My Job?
Advertisements

Exploiting the WWW: Lessons from a UK Research Project on a Health Record BrokerExploiting the WWW: Lessons from a UK Research Project on a Health Record.
DELOS Highlights COSTANTINO THANOS ITALIAN NATIONAL RESEARCH COUNCIL.
Impact of the evaluations and follow-up activities M. Assunção, 13 October 2008 EUA Institutional Evaluation Programme, Workshop for Universities: round.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
On the Structure, Properties and Utility of Internal Corporate Blogs Pranam Kolari Tim Finin, Yelena Yesha, Yaacov Yesha Kelly Lyons, Stephen Perelgut,
E-business Infrastructure
Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.
L4-1-S1 UML Overview © M.E. Fayad SJSU -- CmpE Software Architectures Dr. M.E. Fayad, Professor Computer Engineering Department, Room #283I.
Pervasive Enablement of Business Process 徐天送 2004/11/2.
project management office(PMO)
Understanding and Managing WebSphere V5
Ravi Sankar Technology Evangelist | Microsoft Corporation
SOA, BPM, BPEL, jBPM.
Initial slides for Layered Service Architecture
A Research Agenda for Accelerating Adoption of Emerging Technologies in Complex Edge-to-Enterprise Systems Jay Ramanathan Rajiv Ramnath Co-Directors,
INFO425: Systems Design INFORMATION X Finalizing Scope (functions/level of automation)  Finalizing scope in terms of functions and level of.
ICP Architecture: Execution and Control Bostjan Kaluza, Damjan Kuznar, Erik Dovgan, Jernej Zupancic, and Matjaz Gams Jozef Stefan Institute, Slovenia.
Chapter Intranet Agents. Chapter Background Intranet: an internal corporate network based on Internet technology. Typically, an intranet can.
Active Monitoring in GRID environments using Mobile Agent technology Orazio Tomarchio Andrea Calvagna Dipartimento di Ingegneria Informatica e delle Telecomunicazioni.
Digital Enterprise Research Institute HADA – An Access Controlled Application for Publishing and Discovering Linked Government Data Owen Sacco.
Rule-Based Data Management Systems Reagan W. Moore Wayne Schroeder Mike Wan Arcot Rajasekar {moore, schroede, mwan, {moore, schroede, mwan,
End User Controlled Web Interaction Flow Using Service Oriented Architecture Model The 2nd IEEE Workshop on Enabling the Future Service-Oriented Internet.
2/6/01D-1 © 2001 T. Horton CS 494 Object-Oriented Analysis & Design Using PARTS to Illustrate Requirements Concepts.
San Diego Supercomputer Center SDSC Storage Resource Broker Data Grid Automation Arun Jagatheesan et al., San Diego Supercomputer Center University of.
Mini-Project on Web Data Analysis DANIEL DEUTCH. Data Management “Data management is the development, execution and supervision of plans, policies, programs.
Košice, 10 February Experience Management based on Text Notes The EMBET System Michal Laclavik.
1-1 System Development Process System development process – a set of activities, methods, best practices, deliverables, and automated tools that stakeholders.
Page 1 WWRF Briefing WG2-br2 · Kellerer/Arbanowski · · 03/2005 · WWRF13, Korea Stefan Arbanowski, Olaf Droegehorn, Wolfgang.
Enterprise Architecture, Enterprise Data Management, and Data Standardization Efforts at the U.S. Department of Education May 2006 Joe Rose, Chief Architect.
A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.
Workshop on Future Learning Landscapes: Towards the Convergence of Pervasive and Contextual computing, Global Social Media and Semantic Web in Technology.
Combining Theory and Systems Building Experiences and Challenges Sotirios Terzis University of Strathclyde.
NETWORKED EUROPEAN SOFTWARE & SERVICES INITIATIVE Future research challenges in dependability - an industrial perspective from NESSI Aljosa Pasic Atos.
Unified Modeling Language* Keng Siau University of Nebraska-Lincoln *Adapted from “Software Architecture and the UML” by Grady Booch.
Potential standardization items for the cloud computing in SC32 1 WG2 N1665 ISO/IEC JTC 1/SC 32 Plenary Meeting, Berlin, Germany, June 2012 Sungjoon Lim,
L6-S1 UML Overview 2003 SJSU -- CmpE Advanced Object-Oriented Analysis & Design Dr. M.E. Fayad, Professor Computer Engineering Department, Room #283I College.
Using SaaS and Cloud computing For “On Demand” E Learning Services Application to Navigation and Fishing Simulator Author Maha KHEMAJA, Nouha AMMARI, Fayssal.
G:\99Q3\9220\PD\AJD2.PPT 1 Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 IBM.
The world of autonomous reconfigurable systems Intelligent Interactive Distributed Systems Group Vrije Universiteit Amsterdam /
MODERN OFFICE ENVIRONMENT Session 4 12: :45 Dr Deepak B Phatak, IIT Bombay.
Requirement engineering Good Practices for Requirements Engineering
A Comparative Study of Specification Models for Autonomic Access Control of Digital Rights K. Bhoopalam,K. Maly, R. MukkamalaM. Zubair Old Dominion University.
NGCWE Expert Group EU-ESA Experts Group's vision Prof. Juan Quemada NGCWE Expert Group IST Call 5 Preparatory Workshop on CWEs 13th.
CSIIR Workshop March 14-15, Privilege and Policy Management for Cyber Infrastructures Dennis Kafura Markus Lorch Support provided by: Commonwealth.
Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Vision for Semantic Web.
1 Object Oriented Logic Programming as an Agent Building Infrastructure Oct 12, 2002 Copyright © 2002, Paul Tarau Paul Tarau University of North Texas.
ICOM TC Charter TC’s Scope –Specify the normative standards for collaboration objects, along with their attributes, relationships, constraints, and behavior,
Yazd University, Electrical and Computer Engineering Department Course Title: Advanced Software Engineering By: Mohammad Ali Zare Chahooki The Rational.
B. Trousse, R. Kanawati - JTE : Advanced Services on the Web, Paris 7 may 1999 Broadway: a recommendation computation approach based on user behaviour.
June 13-15, 2007Policy 2007 Infrastructure-aware Autonomic Manager for Change Management H. Abdel SalamK. Maly R. MukkamalaM. Zubair Department of Computer.
Knowledge Modeling and Discovery. About Thetus Thetus develops knowledge modeling and discovery infrastructure software for customers who: Have high-value.
SSE3 Knowledge mangement concepts 1. Agenda What is knowledge management Classification of knowledge Knowledge management process Common/shared information.
SAGE Nick Beard Vice President, IDX Systems Corp..
XML and Distributed Applications By Quddus Chong Presentation for CS551 – Fall 2001.
Web-based Software Development - An introduction
Global Coordination Platform
Priorities for International Development of e-Infrastructure and Data Management in Global Change Research Presentation by Robert Gurney, University of.
SuperComputing 2003 “The Great Academia / Industry Grid Debate” ?
Unit 36: Internet Server Management
Part 3 Design What does design mean in different fields?
MANAGING KNOWLEDGE FOR THE DIGITAL FIRM
Signet & Privilege Management
Making Privacy Possible: Research on Organizational Privacy Technology
ESS.VIP Validation Item 5.1
Chaitali Gupta, Madhusudhan Govindaraju
ICOM TC Charter TC’s Scope Out of TC’s Scope Call for Participation
Presentation transcript:

Policy Management of Enterprise Systems: A Requirements Study Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut Pranam Kolari 2006 IEEE Workshop on Policies for Distributed Systems and Networks 7 June

State of the Art, Motivation Policy 2005 –Security, Trust, Privacy, Policy-based Management –Network management, Pervasive Computing, Multi-agent coordination Policy 2006 –Similar themes this year –Scope of policy management –Panel on Singleton Policies

The Problem Policy Management of an Enterprise Web Application –Identify Policy Decision/Influence Points –Domain specific requirement characteristics –Applicability of existing research/tools An application case-study –Elicit requirements from users GOAL: Abstract out policy management requirements for a new class of applications

CASSIS Used by IBM Centers for Advanced Studies (CAS), a university facing department Artifact, The Project Proposal Actors and their Roles –CAS Research Staff Members (CRSM) initiate proposal from Professors –Professors/Researchers submit proposal/s –CRSM assigns Reviewers and Evaluators to proposal –CAS Head approves proposal –CRSM and CAS Head monitor project Workflow - Actors interact with the Artifact

Management Requirements Tuning and adaptability –Address rotational management Accountability –To Proposal submitters –To higher level management –Comply to organizational and regional statutory requirements Along two axes –Privacy –Business

CASSIS Privacy Policies (1) (i) Java Server Page (JSP) templates common to all roles (ii) Field specific decisions hidden in implementation

CASSIS Privacy Policies (2) Role Based Access Control –E.g. Evaluators have access to all reviews, but not to other evaluations Adaptability –Policy Management Autonomic Computing (PMAC) toolkit –Autonomic Computing Policy Language (ACPL) –Rules hidden in “java” code were now made explicit Accountability –To users, translation to P3P vocabulary –To the enterprise, organization specific vocabulary

CASSIS Business Policies (1) Directly influences actions in current state –E.g. CAS RSM – When choosing reviewers, reviewer location and their IBM department are important Influences future actions incrementally –E.g. CAS Head – Past collaboration with IBM could potentially improve proposal merit

Business Policies (2) Event triggering for policy guidance –Screens used by the role players to work on the artifact Conditions based on Knowledge Base (KB) –IBM Intranet, e.g. Employee databases available within IBM, access APIs available (SOA vision), trustworthy –Web KB, e.g. publication databases available on the Web, XML data dumps, not trustworthy –(Intranet+Web) KB, not trustworthy Result of Policies –Act as guidelines (recommendations) to role-players

Business Policies (3) Traditional Business Policies –Actions directly executed by machines –Typically ECA, Event Condition Action –Trustworthy underlying knowledge base (KB) –Application area -- resource management –Policies are actionable How are CASSIS Policies different? –Actions filtered by humans –Policy results influence actions, guidelines –Underlying KB not necessarily trustworthy –Potentially large KB

In the Workflow Context WWW Justification/Accountability 4 4 Policy Decision Point 1 1 SPARQL Knowledge Base Auditability Justification Users Management 3 3

Workflow Context - Example Policy: CAS Head – Past collaboration with IBM could potentially improve proposal merit SPARQL on KB used by Policy Rule SPARQL Policy Rule

Workflow Context - Example PREFIX ibm PREFIX citeseer PREFIX cas ASK { ibm: ? . ?y citeseer:coauthor ?x. ?y cas:author } PREFIX ibm PREFIX citeseer PREFIX cas CONSTRUCT { ?x ibm: ? . ?y citeseer:coauthor ?x. ?y cas:author } WHERE { ?x ibm: ? . ?y citeseer:coauthor ?x. ?y cas:author } ASK – Queries as Conditions CONSTRUCT – Query returns graph patterns, used to display to the user during on a policy recommendation and for later auditing

Continuing Work ECR[J] - Event Condition Recommendation [Justification] The exact nature of modeling “Recommendation” Policy Language Overlaying SPARQL Details of Justification Repository Elicit explicit policy rules from enterprise management

Conclusions Enterprise Web Applications amenable to privacy policy enablement Interoperability across policy vocabularies continues to be a bottleneck Business Policy Enablement raises interesting future challenges –Underlying Knowledge Base –Policies or Guidance? –Auditing/Accountability –Iterative Refinement of Business Policies

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.