1 / 15

A Goal-based Approach to Policy Refinement

A Goal-based Approach to Policy Refinement. Arosha K Bandara , Emil C Lupu, Alessandra Russo Department of Computing, Imperial College London, UK Jonathan Moffett Department of Computer Science, University of York, UK POLICY 2004: 7-9 June 2004 IBM TJ Watson Research Laboratory, NY.

garvey
Télécharger la présentation

A Goal-based Approach to Policy Refinement

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Goal-based Approach toPolicy Refinement Arosha K Bandara,Emil C Lupu, Alessandra Russo Department of Computing, Imperial College London, UK Jonathan Moffett Department of Computer Science, University of York, UK POLICY 2004: 7-9 June 2004 IBM TJ Watson Research Laboratory, NY

  2. Motivation P4 • Policy  • Flexible • Adaptable • Scalable P1 P3 P2 Policies need to be correct, complete and valid  Analyse policies to detect inconsistencies; Derive policies from high-level requirements and system description • Cassasa-Mont et al., “Policy Refinement Wizard”; • Various, “Domain/Role hierarchy traversal” Objects Actions Policy Refinement Events Constraints (c) DoC, Imperial College London, 2004 1

  3. Analysis Framework Behavioural model of managed objects • Ponder Language • Supports relevant policy types • Easy to use high-level policy language • State Charts • Widely used notation. • Easily translated into formal representation. • Domain Hierarchy • Flexible approach that supports roles/relations. • Part of Ponder framework. Policy specification • Logic Rules • Suitable for interactionwith formal representation. Organisational model of managed objects • Event Calculus • Well understood formalism. • Models event-driven systems. • Use deduction for simple property checks • Use abductive reasoning to deriveexplanations for property violations. Errors + Conflicts Property checks Low-level Actions Refined Policies Bandara et al., “Using Event Calculus to Formalise Policy Specification and Analysis”, POLICY 2003, Lake Como, June 2003 Goals (c) DoC, Imperial College London, 2004 3

  4. The Big Picture – An Example ServerSite 12.0.0.0/16 12.0.0.2 Research 9.0.0.0/16 Router 4 eComm SLA Goal 12.0.0.3 8.0.0.4 ... G5 – Traffic to Web Services Applications on eComm Server (tfcG5)get Gold QoS at peak time ... 9.0.0.3 Core 8.0.0.0/16 8.0.0.3 Router 3 CICS 8.0.0.2 8.0.0.1 Accounting 11.0.0.0/16 Router 2 Router 1 11.0.0.2 Engineering 10.0.0.0/16 10.0.0.1 on admit(webSvcTraffic) subject s = /DiffServManagertarget t = /routers/ do t.setDSCP(DSCP)  t.setMeter(Meter)  t.setRateLimit(Limit)  ... SrcIP SrcPort TCP/UDP DestIP DestPort PHB RateLimit Overflow * * TCP 12.0.0.3 80 EF 10Mbps BestEffort 12.0.0.3 * TCP * * EF 10Mbps BestEffort... Verma D. C., “Policy Validation and Translation Algorithms” in “Policy-based Networking” (c) DoC, Imperial College London, 2004 2

  5. KAOS Goals Objects / Ops Operational Goal Properties Behaviour Properties Behaviour Properties Behaviour The Approach GOALS SYSREQ Assign Resp. SYSTEM COMPONENTS Van Lamsweerde A., Darimont R. et al., “Goal-directed Requirements Elaboration” (c) DoC, Imperial College London, 2004 4

  6. KAOS Goals Objects / Ops ABDUCTION ABDUCTION The Approach SX GOALS GX SX1 SX2 SYSREQ Operational Goal ABDUCTION GX1 GX2 Assign Resp. SYSTEM COMPONENTS Properties Behaviour Kelly T., et al., “Goal Structured Notation (GSN)” Properties Behaviour (c) DoC, Imperial College London, 2004 5

  7. ServerSite 12.0.0.0/16 12.0.0.2 Research 9.0.0.0/16 int routerIDsetDSCP(DSCP) setMeter(Meter) setInRate(InRate)setScheduler(Scheduler)setOverflow(OF) setOutRate(OutRate) DiffServRouter Router 4 eComm SLA Goal 12.0.0.3 8.0.0.4 ... G5 – Traffic to Web Services Applications on eComm Server (tfcG5)get Gold QoS at peak time ... 9.0.0.3 Core 8.0.0.0/16 8.0.0.3 Router 3 CICS 8.0.0.2 8.0.0.1 Accounting 11.0.0.0/16 Router 2 Router 1 11.0.0.2 Engineering 10.0.0.0/16 10.0.0.1 R.setDSCP(DSCP) state(R, dscp, DSCP) R.setMeter(Meter) state(R, meterType, Meter) R.setInRate(InRate) R.setScheduler(Sched) state(R, rateLimit, InRate) state(R, sched, Sched) R.setOverflow(OF) R.setOutRate(OutRate) state(R, ofp, OF) state(R, outRate, OutRate) Example - Revisited (c) DoC, Imperial College London, 2004 6

  8. admit(pkt, tfcG5)   routed(pkt, router, tfcG5) routed(pkt, router, tfcG5)  qos(pkt,gold) P  Q routed(pkt, router, tfcG5)  configured(pkt, router, gold) P  R R  Q configured(pkt, router, gold)   qos(pkt, gold) Example – Goal Elaboration admit(pkt, tfcG5)   qos(pkt, gold) (c) DoC, Imperial College London, 2004 7

  9. routed(pkt, router, tfcG5) configured(pkt, router, gold) calculatedParms(router, parms) parmsSet(router, parms) state(r, dscp, parms.DSCP) state(r, meter, parms.meterType) state(r, inRate, parms.inRate) state(r, outRate, parms.outRate) state(r, ofp, parms.overflow) Example – Goal Elaboration (contd.) admit(pkt, tfcG5)   qos(pkt, gold) provideQoS(gold) config(router, gold) r.setDSCP(dscp); r.setMeter(meter); r.setInRate(inRate); …. (c) DoC, Imperial College London, 2004 8

  10. admit(pkt, tfcG5)   qos(pkt, gold) 1: Use Abstract Strategy routed(pkt, router, tfcG5) provideQoS(gold) configured(pkt, router, gold) calculatedParms(router, parms) config(router, gold) parmsSet(router, parms) 2: Elaborate Goals Further classifier(router, parms.DSCP) r.setDSCP(dscp); r.setMeter(meter); r.setScheduler(inRate); …. meter(router, parms.meterType) 2: Extend System Description inRate(router, parms.inRate) outRate(router, parms.outRate) overflow(router, parms.overflow) Example – Goal Elaboration (contd.) ??? (c) DoC, Imperial College London, 2004 9

  11. P1: { ... do S1 ...} DISJOINTGOALS S1 S2 P2: { ... do S2 ...} P1: { ... do S1 ...} P2: { ... do S2 ...} MULTIPLE STRATEGIES S1 S2 S3 P3: { ... do S3 ...} P1: { ... do S1(x) ...} PARAMETERISEDSTRATEGIES S1(x) S1(y) P2: { ... do S1(y) ...} Strategies and Policies (c) DoC, Imperial College London, 2004 10

  12. Elaborate D Map Select Strategy Strategy Strategy Abduce P  Q Select E P  R R  Q C B A Pulling it together … On admission of tfcG5 packet, (Event) if during peak times (Condition) ensure it receives gold QoS (Goal) High-Level Policy Patterns Objects On admitPkt(tfcG5) when time.between(“9:00”, “17:00”) subject s = /DiffServManager/; target t = /routers/; do t.setDSCP(dscp)  t.setMeter(meter) ... (c) DoC, Imperial College London, 2004 11

  13. Summary • Goal elaboration provides a mechanism, supported by formal techniques, for deriving low-level system goals. • Strategy, the set of actions that will achieve a given goal. • Abductive reasoning can be used to identify strategies. • Strategies can be used to specify the action clauses of the refined policies. • High-level notations, e.g. UML, can be used to hide details of formal techniques from the user. (c) DoC, Imperial College London, 2004 12

  14. Future Directions • Integrate this approach with the object refinement techniques identified previously [Bandara 2003]. • Develop techniques for Event/Constraint refinement. • Develop tool support for the overall method. • Evaluate by applying to real scenarios. [Bandara 2003] Bandara et al., “Using Event Calculus to Formalise Policy Specification and Analysis”, In Proceedings of POLICY 2003, Lake Como, June 2003 (c) DoC, Imperial College London, 2004 13

  15. Thank You !Questions? Emil Lupu Alessandra Russo Morris Sloman Jonathan Moffett Naranker Dulay (c) DoC, Imperial College London, 2004 END

More Related