Using Event Calculus to Formalise Policy Specification and Analysis

As the interest in using policy-based approaches for systems management grows, it is becoming increasingly important to develop methods for performing analysis and refinement of policy specifications. Although this is an area that researchers have devoted some attention to, none of the proposed solutions address the issues of analysing specifications that combine authorisation and management policies; analysing policy specifications that contain constraints on the applicability of the policies; and performing a priori analysis of the specification that will both detect the presence of inconsistencies and explain the situations in which the conflict will occur. We present a method for transforming both policy and system behaviour specifications into a formal notation that is based on event calculus. Additionally it describes how this formalism can be used in conjunction with abductive reasoning techniques to perform a priori analysis of policy specifications for the various conflict types identified in the literature. Finally, it presents some initial thoughts on how this notation and analysis technique could be used to perform policy refinement

An Audit Logic for Accountability

We describe and implement a policy language. In our system, agents can distribute data along with usage policies in a decentralized architecture. Our language supports the specification of conditions and obligations, and also the possibility to refine policies. In our framework, the compliance with usage policies is not actively enforced. However, agents are accountable for their actions, and may be audited by an authority requiring justifications.Comment: To appear in Proceedings of IEEE Policy 200

Policy-based autonomic control service

Recently, there has been a considerable interest in policy-based, goal-oriented service management and autonomic computing. Much work is still required to investigate designs and policy models and associate meta-reasoning systems for policy-based autonomic systems. In this paper we outline a proposed autonomic middleware control service used to orchestrate selfhealing of distributed applications. Policies are used to adjust the systems autonomy and define self-healing strategies to stabilize/correct a given system in the event of failures

Policies for Self Tuning Home Networks

A home network (HN) is usually managed by a user who does not possess knowledge and skills required to perform management tasks. When abnormalities are detected, it is desirable to let the network tune itself under the direction of certain policies. However, self tuning tasks usually require coordination between several network components and most of the network management policies can only specify local tasks. In this paper, we propose a state machine based policy framework to address the problem of fault and performance management in the context of HN. Policies can be specified for complex management tasks as global state machines which incorporate global system behaviour monitoring and reactions. We demonstrate the policy framework through a case study in which policies are specified for dynamic selection of frequency channel in order to improve wireless link quality in the presence of RF interference

A Consent-based Workflow System for Healthcare Systems

In this paper, we describe a new framework for healthcare systems where patients are able to control the disclosure of their medical data. In our framework, the patient's consent has a pivotal role in granting or removing access rights to subjects accessing patient's medical data. Depending on the context in which the access is being executed, different consent policies can be applied. Context is expressed in terms of workflows. The execution of a task in a given workflow carries the necessary information to infer whether the consent can be implicitly retrieved or should be explicitly requested from a patient. However, patients are always able to enforce their own decisions and withdraw consent if necessary. Additionally, the use of workflows enables us to apply the need-to-know principle. Even when the patient's consent is obtained, a subject should access medical data only if it is required by the actual situation. For example, if the subject is assigned to the execution of a medical diagnosis workflow requiring access to the patient's medical record. We also provide a complex medical case study to highlight the design principles behind our framework. Finally, the implementation of the framework is outlined

Adding Policy-based Control to Mobile Hosts Switching between Streaming Proxies

We add a simple policy-based control component to mobile hosts that enables them to control the continuous reception of live multimedia content (e.g. a TV broadcast) while they switch between different distributors of that content. Policy-based control provides a flexible means to automate the switching behavior of mobile hosts. The policies react to changes in the mobile host's environment (e.g. when a hotspot network appears) and determine when and how to invoke an earlier developed application-level protocol to discover the capabilities (e.g. supported encodings) of the content distributors and to execute the switches. The design of the control component is based on the IETF policy model, but extended and applied at the application-level instead of at the network-level. We implemented the system and deployed it in a small-scale test bed

Good Bulbs, Bad Jobs: Workers and Conditions Behind Your New Compact Fluorescent

The study highlights labor violations at a Xiamen Topstar Lighting Co. Ltd. factory, a joint venture in which GE has a stake. The report recommends that GE follow its own policies and ensure that its bulbs are made in a way that does not compromise the health and rights of workers who make them

Jaqalanka Limited and Free Trade Zone Workers Union (FTZWU) Dispute Settlement Process: Progress Report from Centre for Policy Alternatives

This document is part of a digital collection provided by the Martin P. Catherwood Library, ILR School, Cornell University, pertaining to the effects of globalization on the workplace worldwide.  Special emphasis is placed on labor rights, working conditions, labor market changes, and union organizing.FLA_Jaqalanka_Progress_Report.pdf: 25 downloads, before Oct. 1, 2020

The Crisis: Policy Lessons and Policy Challenges

Bruegel Director Jean Pisani-Ferry, with Agnès Bénassy-Quéré (CEPII, University Paris-Ouest and Ecole Polytechnique, Paris), Benoît Coeuré (Ecole Polytechnique, Paris) and Pierre Jacquet (ENPC, Paris, and Agence Française de Développement) provide an in-depth analysis of the financial crisis. The authors review the main causes of the crisis, pointing to three different, non-mutually exclusive lines of explanation: wrong incentives in the financial sector, unsustainable macroeconomic outcomes, and misunderstood and mismanaged systemic complexity. They also discuss supervisory and regulatory reform going forward, including an examination of the issues of moral hazard, the separation of retail and investment banking, the desirable size of financial institutions, risk management, the role of central banks, and other issues. This working paper was previously published as CEPII (Centre d'études prospectives et d'informations internationales) working document 2009-28.