Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Goal-based Approach to Policy Refinement Arosha K Bandara, Emil C Lupu, Alessandra Russo Department of Computing, Imperial College London, UK Jonathan.

Published byAlvin Lloyd Modified over 9 years ago

Similar presentations

Presentation on theme: "A Goal-based Approach to Policy Refinement Arosha K Bandara, Emil C Lupu, Alessandra Russo Department of Computing, Imperial College London, UK Jonathan."— Presentation transcript:

1 A Goal-based Approach to Policy Refinement Arosha K Bandara, Emil C Lupu, Alessandra Russo Department of Computing, Imperial College London, UK Jonathan Moffett Department of Computer Science, University of York, UK POLICY 2004: 7-9 June 2004 IBM TJ Watson Research Laboratory, NY

2 (c) DoC, Imperial College London, 2004 Motivation P1 P2 P4 P3 Policy  Flexible Adaptable Scalable Policies need to be correct, complete and valid  Analyse policies to detect inconsistencies; Derive policies from high-level requirements and system description Objects Actions Policy Refinement Cassasa-Mont et al., “Policy Refinement Wizard”; Various, “Domain/Role hierarchy traversal” Events Constraints 1

3 (c) DoC, Imperial College London, 2004 Refined Policies Analysis Framework Property checks Behavioural model of managed objects Policy specification Errors + Conflicts Organisational model of managed objects Ponder Language Supports relevant policy types Easy to use high-level policy language State Charts Widely used notation. Easily translated into formal representation. Domain Hierarchy Flexible approach that supports roles/relations. Part of Ponder framework. Logic Rules Suitable for interaction with formal representation. Goals Bandara et al., “Using Event Calculus to Formalise Policy Specification and Analysis”, POLICY 2003, Lake Como, June 2003 3 Low-level Actions Event Calculus Well understood formalism. Models event-driven systems. Use deduction for simple property checks Use abductive reasoning to derive explanations for property violations.

4 (c) DoC, Imperial College London, 2004 The Big Picture – An Example Research 9.0.0.0/16 Router 3 Core 8.0.0.0/16 Router 4 ServerSite 12.0.0.0/16 Accounting 11.0.0.0/16 Engineering 10.0.0.0/16 Router 1 Router 2 CICS eComm... G5 – Traffic to Web Services Applications on eComm Server (tfcG5) get Gold QoS at peak time... SLA Goal 12.0.0.3 12.0.0.2 8.0.0.4 8.0.0.2 11.0.0.2 8.0.0.1 10.0.0.1 9.0.0.3 8.0.0.3 Verma D. C., “Policy Validation and Translation Algorithms” in “Policy-based Networking” on admit(webSvcTraffic) subject s = /DiffServManager target t = /routers/ do t.setDSCP(DSCP)  t.setMeter(Meter)  t.setRateLimit(Limit) ... SrcIP SrcPort TCP/UDP DestIP DestPort PHB RateLimit Overflow * * TCP 12.0.0.3 80 EF 10Mbps BestEffort 12.0.0.3 * TCP * * EF 10Mbps BestEffort... 2

5 (c) DoC, Imperial College London, 2004 The Approach Assign Resp. SYS REQ GOALS SYSTEM COMPONENTS Properties Behaviour Properties Behaviour Properties Behaviour Van Lamsweerde A., Darimont R. et al., “Goal-directed Requirements Elaboration” Goals Objects / Ops KAOS Operational Goal 4

6 (c) DoC, Imperial College London, 2004 Properties Behaviour Properties Behaviour The Approach Operational Goal Assign Resp. SYS REQ GOALS SYSTEM COMPONENTS GXGX G X2 G X1 SXSX S X1 ABDUCTION S X2 ABDUCTION Kelly T., et al., “Goal Structured Notation (GSN)” Goals Objects / Ops KAOS 5

7 (c) DoC, Imperial College London, 2004 Example - Revisited int routerID setDSCP(DSCP) setMeter(Meter) setInRate(InRate) setScheduler(Scheduler) setOverflow(OF) setOutRate(OutRate) DiffServRouter state(R, dscp, DSCP) state(R, meterType, Meter) state(R, rateLimit, InRate) state(R, ofp, OF) state(R, sched, Sched) state(R, outRate, OutRate) R.setDSCP(DSCP) R.setMeter(Meter) R.setInRate(InRate) R.setOverflow(OF) R.setScheduler(Sched) R.setOutRate(OutRate) 6 Research 9.0.0.0/16 Router 3 Core 8.0.0.0/16 Router 4 ServerSite 12.0.0.0/16 Accounting 11.0.0.0/16 Engineering 10.0.0.0/16 Router 1 Router 2 CICS eComm 12.0.0.3 12.0.0.2 8.0.0.4 8.0.0.2 11.0.0.2 8.0.0.1 10.0.0.1 9.0.0.3 8.0.0.3... G5 – Traffic to Web Services Applications on eComm Server (tfcG5) get Gold QoS at peak time... SLA Goal

8 (c) DoC, Imperial College London, 2004 Example – Goal Elaboration admit(pkt, tfcG5)   qos(pkt, gold) 7 P   Q P   RR   Q routed(pkt, router, tfcG5)   qos(pkt,gold) admit(pkt, tfcG5)   routed(pkt, router, tfcG5) configured(pkt, router, gold)   qos(pkt, gold) routed(pkt, router, tfcG5)   configured(pkt, router, gold)

9 (c) DoC, Imperial College London, 2004 state(r, dscp, parms.DSCP) state(r, meter, parms.meterType) state(r, inRate, parms.inRate) state(r, ofp, parms.overflow) state(r, outRate, parms.outRate) calculatedParms(router, parms) parmsSet(router, parms) configured(pkt, router, gold) routed(pkt, router, tfcG5) Example – Goal Elaboration (contd.) admit(pkt, tfcG5)   qos(pkt, gold) provideQoS(gold) config(router, gold) r.setDSCP(dscp); r.setMeter(meter); r.setInRate(inRate); …. 8

10 (c) DoC, Imperial College London, 2004 Example – Goal Elaboration (contd.) classifier(router, parms.DSCP) meter(router, parms.meterType) inRate(router, parms.inRate) overflow(router, parms.overflow) outRate(router, parms.outRate) calculatedParms(router, parms) parmsSet(router, parms) configured(pkt, router, gold) routed(pkt, router, tfcG5) admit(pkt, tfcG5)   qos(pkt, gold) provideQoS(gold) config(router, gold) r.setDSCP(dscp); r.setMeter(meter); r.setScheduler(inRate); …. 9 ??? 2: Elaborate Goals Further 2: Extend System Description 1: Use Abstract Strategy

11 (c) DoC, Imperial College London, 2004 Strategies and Policies S1S2 P1: {... do S1...} P2: {... do S2...} S1(x) P1: {... do S1...} P2: {... do S2...} P3: {... do S3...} S1(y) P1: {... do S1(x)...} P2: {... do S1(y)...} DISJOINT GOALS MULTIPLE STRATEGIES PARAMETERISED STRATEGIES S1 S2 S3 10

12 (c) DoC, Imperial College London, 2004 Elaborate Abduce Pulling it together … 11 High-Level Policy A B C D E On admission of tfcG5 packet, (Event) if during peak times (Condition) ensure it receives gold QoS(Goal) P   Q P   RR   Q Patterns On admitPkt(tfcG5) when time.between(“9:00”, “17:00”) subject s = /DiffServManager/; target t = /routers/; do t.setDSCP(dscp)  t.setMeter(meter)... Objects Strategy Map Select

13 (c) DoC, Imperial College London, 2004 Summary Goal elaboration provides a mechanism, supported by formal techniques, for deriving low-level system goals. Strategy, the set of actions that will achieve a given goal. Abductive reasoning can be used to identify strategies. Strategies can be used to specify the action clauses of the refined policies. High-level notations, e.g. UML, can be used to hide details of formal techniques from the user. 12

14 (c) DoC, Imperial College London, 2004 Future Directions Integrate this approach with the object refinement techniques identified previously [Bandara 2003]. Develop techniques for Event/Constraint refinement. Develop tool support for the overall method. Evaluate by applying to real scenarios. 13 [Bandara 2003] Bandara et al., “Using Event Calculus to Formalise Policy Specification and Analysis”, In Proceedings of POLICY 2003, Lake Como, June 2003

15 (c) DoC, Imperial College London, 2004 Emil LupuAlessandra RussoJonathan Moffett Morris SlomanNaranker Dulay Thank You ! Questions? END

16 (c) DoC, Imperial College London, 2004 Example - Revisited int routerID setDSCP(DSCP) setMeter(Meter) setRateLimit(Inrate) setScheduler(Scheduler) setOverflow(OF) setOutRate(OutRate) DiffServRouter state(R, dscp, DSCP) state(R, meterType, Meter) state(R, rateLimit, InRate) state(R, ofp, OF) state(R, sched, Sched) state(R, outRate, OutRate) R.setDSCP(DSCP) R.setMeter(Meter) R.setRateLimit(InRate) R.setOverflow(OF) R.setScheduler(Sched) R.setOutRate(OutRate) 8

17 (c) DoC, Imperial College London, 2004 int routerID setDSCP(DSCP) setMeter(Meter) setRateLimit(Inrate) setScheduler(Scheduler) setOverflow(OF) setOutRate(OutRate) DiffServRouter state(R, dscp, DSCP) state(R, meterType, Meter) state(R, rateLimit, InRate) state(R, ofp, OF) state(R, sched, Sched) state(R, outRate, OutRate) R.setDSCP(DSCP) R.setMeter(Meter) R.setRateLimit(InRate) R.setOverflow(OF) R.setScheduler(Sched) R.setOutRate(OutRate) Example - Revisited 8

18 (c) DoC, Imperial College London, 2004 Example - Revisited state(R, dscp, DSCP) state(R, meterType, Meter) state(R, rateLimit, InRate) state(R, ofp, OF) state(R, sched, Sched) state(R, outRate, OutRate) R.setScheduler(Sched) R.setRateLimit(InRate) R.setOverflow(OF) R.setOutRate(OutRate) R.setDSCP(DSCP) R.setMeter(Meter) active 8

Download ppt "A Goal-based Approach to Policy Refinement Arosha K Bandara, Emil C Lupu, Alessandra Russo Department of Computing, Imperial College London, UK Jonathan."

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.
Recursive policies Expressive historical conditions with constraints Fine-grained defaults Abstract language for policies at all levels of abstraction.

Recursive policies Expressive historical conditions with constraints Fine-grained defaults Abstract language for policies at all levels of abstraction.
Annual Conference of ITA ACITA 2009 Efficient Evaluation of History-based Policies Jiefei Ma 1, Jorge Lobo 2, Alessandra Russo 1, Emil Lupu 1, Seraphin.

Annual Conference of ITA ACITA 2009 Efficient Evaluation of History-based Policies Jiefei Ma 1, Jorge Lobo 2, Alessandra Russo 1, Emil Lupu 1, Seraphin.
25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.

25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.
Database Systems: Design, Implementation, and Management Tenth Edition

Database Systems: Design, Implementation, and Management Tenth Edition
Lecture # 2 : Process Models

Lecture # 2 : Process Models
Www.wileyeurope.com/college/van lamsweerde Part 2: Building System Models for RE © 2009 John Wiley and Sons 1 Part 2: Building System Models for RE Introduction.

lamsweerde Part 2: Building System Models for RE © 2009 John Wiley and Sons 1 Part 2: Building System Models for RE Introduction.
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
Developing MAS The GAIA Methodology A Brief Summary by António Castro and Prof. Eugénio Oliveira.

Developing MAS The GAIA Methodology A Brief Summary by António Castro and Prof. Eugénio Oliveira.
Chapter 2 Data Models Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

Chapter 2 Data Models Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 8 Slide 1 System models.

Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 8 Slide 1 System models.
Machine Reasoning about Anomalous Sensor Data Matt Calder, Francesco Peri, Bob Morris Center for Coastal Environmental Sensoring Networks CESN University.

Machine Reasoning about Anomalous Sensor Data Matt Calder, Francesco Peri, Bob Morris Center for Coastal Environmental Sensoring Networks CESN University.
End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI 48019-2122.

End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI
AMUSE: Autonomic Management of Ubiquitous Systems for e-Health Dr. Emil C. Lupu Department of Computing Imperial College London, UK

AMUSE: Autonomic Management of Ubiquitous Systems for e-Health Dr. Emil C. Lupu Department of Computing Imperial College London, UK
Basic Concepts The Unified Modeling Language (UML) SYSC 3100 - System Analysis and Design.

Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
Architectural Design.

Architectural Design.
02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.

02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.
Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.
Katanosh Morovat.   This concept is a formal approach for identifying the rules that encapsulate the structure, constraint, and control of the operation.

Katanosh Morovat.   This concept is a formal approach for identifying the rules that encapsulate the structure, constraint, and control of the operation.
Compositional IS Development Framework Application Domain Application Domain Pre-existing components, legacy systems Extended for CD (ontologies) OAD Methods.

Compositional IS Development Framework Application Domain Application Domain Pre-existing components, legacy systems Extended for CD (ontologies) OAD Methods.

Similar presentations

Ads by Google