Policy driven management for distributed systems

Separating management policy from the automated managers which interpret the policy facilitates the dynamic change of behavior of a distributed management system. This permits it to adapt to evolutionary changes in the system being managed and to new application requirements. Changing the behavior of automated managers can be achieved by changing the policy without having to reimplement them—this permits the reuse of the managers in different environments. It is also useful to have a clear specification of the policy applying to human managers in an enterprise. This paper describes the work on policy which has come out of two related ESPRIT funded projects, SysMan and IDSM. Two classes of policy are elaborated—authorization policies define what a manager is permitted to do and obligation policies define what a manager must do. Policies are specified as objects which define a relationship between subjects (managers) and targets (managed objects). Domains are used to group the objects to which a policy applies. Policy objects also have attributes specifying the action to be performed and constraints limiting the applicability of the policy. We show how a number of example policies can be modeled using these objects and briefly mention issues relating to policy hierarchy and conflicts between overlapping policies.