Presentation is loading. Please wait.

Presentation is loading. Please wait.

Policy Management of Enterprise Systems: A Requirements Study Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut Pranam Kolari 2006 IEEE.

Published byBethany Sparks Modified over 9 years ago

Similar presentations

Presentation on theme: "Policy Management of Enterprise Systems: A Requirements Study Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut Pranam Kolari 2006 IEEE."— Presentation transcript:

1 Policy Management of Enterprise Systems: A Requirements Study Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut Pranam Kolari 2006 IEEE Workshop on Policies for Distributed Systems and Networks 7 June 2006 http://ebiquity.umbc.edu/paper/html/id/279/

2 State of the Art, Motivation Policy 2005 –Security, Trust, Privacy, Policy-based Management –Network management, Pervasive Computing, Multi-agent coordination Policy 2006 –Similar themes this year –Scope of policy management –Panel on Singleton Policies

3 The Problem Policy Management of an Enterprise Web Application –Identify Policy Decision/Influence Points –Domain specific requirement characteristics –Applicability of existing research/tools An application case-study –Elicit requirements from users GOAL: Abstract out policy management requirements for a new class of applications

4 CASSIS Used by IBM Centers for Advanced Studies (CAS), a university facing department Artifact, The Project Proposal Actors and their Roles –CAS Research Staff Members (CRSM) initiate proposal from Professors –Professors/Researchers submit proposal/s –CRSM assigns Reviewers and Evaluators to proposal –CAS Head approves proposal –CRSM and CAS Head monitor project Workflow - Actors interact with the Artifact

5 Management Requirements Tuning and adaptability –Address rotational management Accountability –To Proposal submitters –To higher level management –Comply to organizational and regional statutory requirements Along two axes –Privacy –Business

6 CASSIS Privacy Policies (1) (i) Java Server Page (JSP) templates common to all roles (ii) Field specific decisions hidden in implementation

7 CASSIS Privacy Policies (2) Role Based Access Control –E.g. Evaluators have access to all reviews, but not to other evaluations Adaptability –Policy Management Autonomic Computing (PMAC) toolkit –Autonomic Computing Policy Language (ACPL) –Rules hidden in “java” code were now made explicit Accountability –To users, translation to P3P vocabulary –To the enterprise, organization specific vocabulary

8 CASSIS Business Policies (1) Directly influences actions in current state –E.g. CAS RSM – When choosing reviewers, reviewer location and their IBM department are important Influences future actions incrementally –E.g. CAS Head – Past collaboration with IBM could potentially improve proposal merit

9 Business Policies (2) Event triggering for policy guidance –Screens used by the role players to work on the artifact Conditions based on Knowledge Base (KB) –IBM Intranet, e.g. Employee databases available within IBM, access APIs available (SOA vision), trustworthy –Web KB, e.g. publication databases available on the Web, XML data dumps, not trustworthy –(Intranet+Web) KB, not trustworthy Result of Policies –Act as guidelines (recommendations) to role-players

10 Business Policies (3) Traditional Business Policies –Actions directly executed by machines –Typically ECA, Event Condition Action –Trustworthy underlying knowledge base (KB) –Application area -- resource management –Policies are actionable How are CASSIS Policies different? –Actions filtered by humans –Policy results influence actions, guidelines –Underlying KB not necessarily trustworthy –Potentially large KB

11 In the Workflow Context WWW Justification/Accountability 4 4 Policy Decision Point 1 1 SPARQL 2 2 4 4 Knowledge Base Auditability Justification Users Management 3 3

12 Workflow Context - Example Policy: CAS Head – Past collaboration with IBM could potentially improve proposal merit SPARQL on KB used by Policy Rule SPARQL Policy Rule

13 Workflow Context - Example PREFIX ibm PREFIX citeseer PREFIX cas ASK { “x@ca.ibm.com” ibm:email ?email. ?y citeseer:coauthor ?x. ?y cas:author } PREFIX ibm PREFIX citeseer PREFIX cas CONSTRUCT { ?x ibm:email ?email. ?y citeseer:coauthor ?x. ?y cas:author } WHERE { ?x ibm:email ?email. ?y citeseer:coauthor ?x. ?y cas:author } ASK – Queries as Conditions CONSTRUCT – Query returns graph patterns, used to display to the user during on a policy recommendation and for later auditing

14 Continuing Work ECR[J] - Event Condition Recommendation [Justification] The exact nature of modeling “Recommendation” Policy Language Overlaying SPARQL Details of Justification Repository Elicit explicit policy rules from enterprise management

15 Conclusions Enterprise Web Applications amenable to privacy policy enablement Interoperability across policy vocabularies continues to be a bottleneck Business Policy Enablement raises interesting future challenges –Underlying Knowledge Base –Policies or Guidance? –Auditing/Accountability –Iterative Refinement of Business Policies

16 Questions?

Download ppt "Policy Management of Enterprise Systems: A Requirements Study Tim Finin, Yelena Yesha Kelly Lyons, Jen Hawkins, Stephen Perelgut Pranam Kolari 2006 IEEE."

Similar presentations

How Will it Help Me Do My Job?

How Will it Help Me Do My Job?
Exploiting the WWW: Lessons from a UK Research Project on a Health Record BrokerExploiting the WWW: Lessons from a UK Research Project on a Health Record.

Exploiting the WWW: Lessons from a UK Research Project on a Health Record BrokerExploiting the WWW: Lessons from a UK Research Project on a Health Record.
DELOS Highlights COSTANTINO THANOS ITALIAN NATIONAL RESEARCH COUNCIL.

DELOS Highlights COSTANTINO THANOS ITALIAN NATIONAL RESEARCH COUNCIL.
Impact of the evaluations and follow-up activities M. Assunção, 13 October 2008 EUA Institutional Evaluation Programme, Workshop for Universities: round.

Impact of the evaluations and follow-up activities M. Assunção, 13 October 2008 EUA Institutional Evaluation Programme, Workshop for Universities: round.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
On the Structure, Properties and Utility of Internal Corporate Blogs Pranam Kolari Tim Finin, Yelena Yesha, Yaacov Yesha Kelly Lyons, Stephen Perelgut,

On the Structure, Properties and Utility of Internal Corporate Blogs Pranam Kolari Tim Finin, Yelena Yesha, Yaacov Yesha Kelly Lyons, Stephen Perelgut,
E-business Infrastructure

E-business Infrastructure
Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.

Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.
L4-1-S1 UML Overview © M.E. Fayad 2000 -- 2005 SJSU -- CmpE Software Architectures Dr. M.E. Fayad, Professor Computer Engineering Department, Room #283I.

L4-1-S1 UML Overview © M.E. Fayad SJSU -- CmpE Software Architectures Dr. M.E. Fayad, Professor Computer Engineering Department, Room #283I.
Pervasive Enablement of Business Process 徐天送 2004/11/2.

Pervasive Enablement of Business Process 徐天送 2004/11/2.
project management office(PMO)

project management office(PMO)
Understanding and Managing WebSphere V5

Understanding and Managing WebSphere V5
Ravi Sankar Technology Evangelist | Microsoft Corporation

Ravi Sankar Technology Evangelist | Microsoft Corporation
SOA, BPM, BPEL, jBPM.

SOA, BPM, BPEL, jBPM.
Initial slides for Layered Service Architecture

Initial slides for Layered Service Architecture
A Research Agenda for Accelerating Adoption of Emerging Technologies in Complex Edge-to-Enterprise Systems Jay Ramanathan Rajiv Ramnath Co-Directors,

A Research Agenda for Accelerating Adoption of Emerging Technologies in Complex Edge-to-Enterprise Systems Jay Ramanathan Rajiv Ramnath Co-Directors,
INFO425: Systems Design INFORMATION X Finalizing Scope (functions/level of automation)  Finalizing scope in terms of functions and level of.

INFO425: Systems Design INFORMATION X Finalizing Scope (functions/level of automation)  Finalizing scope in terms of functions and level of.
ICP Architecture: Execution and Control Bostjan Kaluza, Damjan Kuznar, Erik Dovgan, Jernej Zupancic, and Matjaz Gams Jozef Stefan Institute, Slovenia.

ICP Architecture: Execution and Control Bostjan Kaluza, Damjan Kuznar, Erik Dovgan, Jernej Zupancic, and Matjaz Gams Jozef Stefan Institute, Slovenia.
Chapter 3 - 1 Intranet Agents. Chapter 3 - 2 Background Intranet: an internal corporate network based on Internet technology. Typically, an intranet can.

Chapter Intranet Agents. Chapter Background Intranet: an internal corporate network based on Internet technology. Typically, an intranet can.
Active Monitoring in GRID environments using Mobile Agent technology Orazio Tomarchio Andrea Calvagna Dipartimento di Ingegneria Informatica e delle Telecomunicazioni.

Active Monitoring in GRID environments using Mobile Agent technology Orazio Tomarchio Andrea Calvagna Dipartimento di Ingegneria Informatica e delle Telecomunicazioni.

Similar presentations

Ads by Google