A man-model interactive computer system for analysis of complex societal problems

A decision evaluation and conflict resolution system is being developed for eventual use by planning and policy making organizations. The system is being implemented on a portable interactive graphic computer system. The system features the capability of integrating societal system models with models of human judgment and interpersonal conflict.A number of alternative United States energy policies are being evaluated with the system to determine their probable relative impacts upon the U.S. economy and their degree of acceptability among decision makers and the public.     

Policies and conflicts in call control

Policy-based management is introduced and related to the specific needs of call control. It is explained how policies differ in important ways from features. Related work on policy-based management is reviewed, leading to the conclusion that a different approach is required for call control. A general architecture is presented for a policy system. This includes an overview of the major policy components, relating them to the system under control and to the context system that provides additional information.As a framework for explaining how policy conflicts are handled, the policy language for call control is briefly presented along with some sample policies. The paper then focuses on how policy conflicts are defined and resolved, using sample resolutions to illustrate the approach. Pointers are given to future enhancements to policy support, including new applications of policies to novel domains.     

基于策略的网络管理

基于策略的网络管理致力于实现网络管理的简单化与自动化,把网管人员从烦琐的管理工作中解放出来。网络管理策略的描述需要一定的模型和语言,该文介绍了策略核心信息模型PCIM和描述语言Pondcr,并给出了使用它们描述VPN策略的实例。     

基于策略代数系统的策略间关系分析

当前分析策略之间关系的研究多集中于访问控制策略,主要根据主体、目标和动作三元组上的重叠关系来划分策略冲突类型,存在划分标准不明确,冲突分类不完善等问题.采用策略代数系统来对策略进行描述,能表示Ponder中的授权策略(访问控制策略)和职责策略.分析了策略对应组成部分间所有可能存在的关系,包括离散、相等、包含、部分包含和交叉等五种,在这些关系的基础上指出了可能存在的冲突,并给出了相应的冲突消解方案.     

A privacy preserving authorisation system for the cloud

In this paper we describe a policy based authorisation infrastructure that a cloud provider can run as an infrastructure service for its users. It will protect the privacy of users? data by allowing the users to set their own privacy policies, and then enforcing them so that no unauthorised access is allowed to their data. The infrastructure ensures that the users? privacy policies are stuck to their data, so that access will always be controlled by the policies even if the data is transferred between cloud providers or services. This infrastructure also ensures the enforcement of privacy policies which may be written in different policy languages by multiple authorities such as: legal, data subject, data issuer and data controller. A conflict resolution strategy is presented which resolves conflicts among the decisions returned by the different policy decision points (PDPs). The performance figures are presented which show that the system performs well and that each additional PDP only imposes a small overhead.     

策略灵活安全系统的设计与实现

安全需求多样化对操作系统提出策略灵活性要求，传统操作系统把对安全策略的支持分散到系统相关功能模块中，如文件系统及进程通信等，难以满足这种需求，该文通过对操作系统中策略相关功能部件的分析，提出了一种策略灵活的安全体系结构，并在Linux基础上实现该结构。同以往研究相比，该结构通过对安全属性的统一维护简化了策略冲突协调的复杂性，既方便用户灵活配置已有安全策略，又支持用户针对本领域的安全需求引入新的安全属性及添加新型安全策略。     

Optimal economic stabilization policies under decentralized control and conflicting objectives

This paper derives methods for the calculation of optimal stabilization policies under the assumption that monetary and fiscal control are exercised by separate authorities who may have different objectives. Each authority minimizes its own quadratic cost functional subject to the constraint of a linear econometric model. Nash solution strategies are calculated for this discrete-time differential game, both in the context of open-loop and closed-loop behavior (in the closed-loop framework each authority can continually revise his policy in response to the evolving strategy of the other authority). The results are applied to a small econometric model, and show how the degree of fiscal or monetary, control depends on the particular conflict situation, and how conflicting policies are "suboptimal" in comparison with coordinated policies.     

网络安全策略冲突分类及自动检测与恢复

在分析网络安全策略冲突研究现状的基础上,针对策略冲突分类不完善及现在安全策略冲突检测方法的不足,指出由于网络策略之间的规则依赖语义和规则相互作用,一个成功的网络安全系统配置需要全面分析所有网络安全设备的策略配置以避免策略冲突和矛盾.本文首先描述了过滤规则之间所有可能的关系,然后对基于过滤的网络安全策略中的冲突进行全面分类,接着通过实验指出即使是专家系统管理员,产生这种冲突的可能性也很高,并提出了内部和外部访问列表策略冲突的自动检测与恢复模型来识别和矫正这些冲突,最后讨论了今后研究的方向.     

IPSec网关的一种分布式配置方法

IPSec协议的一种应用模式是采用IPSec网关间隔各个网络段,通过网关的策略配置,实现安全通信需求。然而,交叉的IPSec策略可能导致信息回流,引发策略冲突,破坏安全需求。提出IPSec网关的一种基于多agent系统的配置方法,自动分布式生成无冲突的IPSec策略集,可以避免集中式生成方法单点失效的弱点。模拟实验验证了这种方法的可行性。     

A graph theoretic approach to authorization delegation and conflict resolution in decentralised systems

The problem of resolving conflicts in delegated authorizations has not been systematically addressed by researchers. In (Ruan and Varadharajan in Proceedings of the 7th Australasian Conference on Information Security and Privacy, pp. 271–285, 2002) we proposed a graph based framework that supports authorization delegation and conflict resolution. In this paper, we have extended the model to allow grantors of delegations to express degrees of certainties about their delegations and grants of authorizations. This expression of certainty gives the subjects (e.g. users) more flexibility to control their delegations of access rights. We propose a new conflict resolution policy based on weighted lengths of authorization paths. This policy provides a greater degree of flexibility in that it enables to specify and analyse the effect of predecessor-successor relationship as well as the weights of authorizations on the conflicts. We present a detailed algorithm to evaluate authorization delegations and conflict resolutions. The correctness proof and time complexity of the algorithm are also provided. Since in a dynamic environment, the authorization state is not static, we have considered how authorization state changes occur and have developed an algorithm to analyse authorization state transformations and given correctness proofs. Finally, we discuss how to achieve a global decision policy from local authorization policies in a distributed environment. Three integration models based on the degrees of node autonomy are proposed, and different strategies of integrating the local policies into the global policies in each model are systematically discussed.     

CARISMA: context-aware reflective middleware system for mobile applications

Mobile devices, such as mobile phones and personal digital assistants, have gained wide-spread popularity. These devices will increasingly be networked, thus enabling the construction of distributed applications that have to adapt to changes in context, such as variations in network bandwidth, battery power, connectivity, reachability of services and hosts, etc. In this paper, we describe CARISMA, a mobile computing middleware which exploits the principle of reflection to enhance the construction of adaptive and context-aware mobile applications. The middleware provides software engineers with primitives to describe how context changes should be handled using policies. These policies may conflict. We classify the different types of conflicts that may arise in mobile computing and argue that conflicts cannot be resolved statically at the time applications are designed, but, rather, need to be resolved at execution time. We demonstrate a method by which policy conflicts can be handled; this method uses a microeconomic approach that relies on a particular type of sealed-bid auction. We describe how this method is implemented in the CARISMA middleware architecture and sketch a distributed context-aware application for mobile devices to illustrate how the method works in practice. We show, by way of a systematic performance evaluation, that conflict resolution does not imply undue overheads, before comparing our research to related work and concluding the paper.     

Conflicts in policy-based distributed systems management

Modern distributed systems contain a large number of objects and must be capable of evolving, without shutting down the complete system, to cater for changing requirements. There is a need for distributed, automated management agents whose behavior also has to dynamically change to reflect the evolution of the system being managed. Policies are a means of specifying and influencing management behavior within a distributed system, without coding the behavior into the manager agents. Our approach is aimed at specifying implementable policies, although policies may be initially specified at the organizational level and then refined to implementable actions. We are concerned with two types of policies. Authorization policies specify what activities a manager is permitted or forbidden to do to a set of target objects and are similar to security access-control policies. Obligation policies specify what activities a manager must or must not do to a set of target objects and essentially define the duties of a manager. Conflicts can arise in the set of policies. Conflicts may also arise during the refinement process between the high level goals and the implementable policies. The system may have to cater for conflicts such as exceptions to normal authorization policies. The paper reviews policy conflicts, focusing on the problems of conflict detection and resolution. We discuss the various precedence relationships that can be established between policies in order to allow inconsistent policies to coexist within the system and present a conflict analysis tool which forms part of a role based management framework. Software development and medical environments are used as example scenarios     

Heterogeneous Wireless Multirobot System

A scalable platform for decentralized traffic management of a multi-agent system has been proposed. Safety of the platform is achieved with a cooperative conflict avoidance policy. Security of communications among vehicles with respect to potential external adversaries is obtained through use of cryptographic keys and rekeying policies. A prototypical implementation of the architecture has been described, and some experimental results have been reported.     

网络安全管理中的策略冲突检测方法研究

本文通过对策略冲突进行系统研究,找到其中的主要因素,按照“策略冲突发生时策略的状态”和“策略冲突发生时策略作用对象之间的关系”给出了策略冲突的两种分类,通过这两种分类解决了“何时检测冲突”和“如何检测冲突”的问题。而后进一步阐述了如何应用冲突数据库来判别策略冲突类型的方法。     

基于开放逻辑R反驳计算的访问控制策略精化

策略精化是解决分布式应用访问控制策略配置复杂性的重要方法,现有精化技术给出了策略分层描述和逐层精化的方法,但处理策略之间关联问题的能力不足.基于精化树描述策略和策略关联,基于叶结点策略冲突判断,采用开放逻辑R反驳计算分析精化树策略关联属性,能够消解策略冲突同时保证策略互斥、组合、访问路径协同、精化映射等关联正确,并能够按序消解不同类型策略冲突、自由取舍相冲突的策略.实验与分析计算性能表明,该方法符合SaaS平台客户应用系统策略精化需求.     

Adaptive location policies for global scheduling

Two important components of a global scheduling algorithm are its transfer policy and its location policy. While the transfer policy determines whether a task should be transferred, the location policy determines where it should be transferred. Based on their location policies, global scheduling algorithms can be broadly classified as receiver-initiated, sender-initiated, or symmetrically-initiated. The relative performance of these classes of algorithms has been shown to depend on the system workload. We present two adaptive location policies for global scheduling in distributed systems. These location policies are general, and can be used in conjunction with many existing transfer policies. By adapting to the system workload, the proposed policies capture the advantages of both sender-initiated and receiver-initiated policies. In addition, by adaptively directing their search activities toward the nodes that are most likely to be suitable counterparts in task transfers, the proposed policies provide short transfer latency and low overhead, and more important, high probability of finding a suitable counterpart if one exists. These properties allow these policies to deliver good performance over a very wide range of system operating conditions. The proposed policies are compared with nonadaptive policies, and are shown to considerably improve performance and to avoid causing system instability     

基于网元的策略冲突解决方法

策略冲突的解决是基于策略的网络管理系统正常运行的前提之一。论文提出了一种基于网元的策略冲突解决方法,以网元为单位构造策略优先级关系矩阵,用以解决与该网元相关的策略冲突问题。该方法避免了大矩阵的计算处理,从而减少了基于策略的网络管理系统的计算成本。经实验验证,该方法可以有效地解决基于策略的网络管理系统中存在的策略冲突问题。     

Mobile home automation: merging mobile value added services and home automation technologies

In this paper we study mobile home automation, a field that emerges from an integration of mobile application platforms and home automation technologies. We motivate our research and provide a conceptual introduction, which illustrates the need for such applications by a two-dimensional conceptual model of mobility. As a first steps towards a solution we take the user’s perspective and discuss different options of how he might access a mobile home automation service and the controlled devices. Subsequently, we suggest a general system architecture for mobile home automation services and discuss related design decision. This design has been implemented in a research prototype, which we named Remotile. This helps us to discuss typical components, such as modules that integrate various home automation devices. A previous version of this paper was presented at the Sixth International Conference on Mobile Business, 2007. “Andreas Rosendahl, J. Felix Hampe, and Goetz Botterweck, Mobile Home Automation, Merging Mobile Value Added Services and Home Automation Technologies, Proceedings, Sixth International Conference on Mobile Business, 8–11 July 2007, IEEE Computer Society, ISBN 0-7695-2803-1”.     

A comprehensive performance evaluation of crossbar networks

A comprehensive model for evaluating crossbar networks in which the memory bandwidth and processor acceptance probability are primary measures considered is presented. This analytical model includes all important network control policies, such as the bus arbitration and rejected request handling policies, as well as the home memory concept. Computer simulation validates the correctness of the model. It is confirmed that the home memory and dynamic bus arbitration policy improve the network performance