Policy Driven Management for Distributed Systems

Separating management policy from the automated managers which interpret the policy facilitates the dynamic change of behavior of a distributed management system. This permits it to adapt to evolutionary changes in the system being managed and to new application requirements. Changing the behavior of automated managers can be achieved by changing the policy without having to reimplement them—this permits the reuse of the managers in different environments. It is also useful to have a clear specification of the policy applying to human managers in an enterprise. This paper describes the work on policy which has come out of two related ESPRIT funded projects, SysMan and IDSM. Two classes of policy are elaborated—authorization policies define what a manager is permitted to do and obligation policies define what a manager must do. Policies are specified as objects which define a relationship between subjects (managers) and targets (managed objects). Domains are used to group the objects to which a policy applies. Policy objects also have attributes specifying the action to be performed and constraints limiting the applicability of the policy. We show how a number of example policies can be modeled using these objects and briefly mention issues relating to policy hierarchy and conflicts between overlapping policies. © 1994, Plenum Publishing Corporation. All rights reserved.Accepted versio

Implementing interactive configuration management for distributed systems

Published versio

Project ATCOSIMA – Air traffic Control Simulations at the Faculty of Transport and Traffic Sciences

Air traffic controller training is a highly regulated sector. It is prescribed by international rules and requirements. The important segment of training is the provision of practical exercises on air traffic control simulators. Although regulations prescribe required performance objectives for initial training, they do not set any assessment criteria on how to assess the candidates, nor do they consider any flight efficiency indicators. In this paper, an overview objectives of the ATCOSIMA project is presented. Baseline air traffic simulations performed at the Faculty of Transport and Traffic Sciences of the University of Zagreb were analysed in more detail explaining exercises, assessment criteria description, as well as the achieved candidates’ scores

An Analysis of the OSI Systems Management Architecture from an ODP Perspective

This paper analyses the OSI Systems Management Architecture (SMA) in terms of the RM-ODP concepts and architecture. It explains why ISO and ITU are considering new modelling techniques for implementing distributed systems management. In the information viewpoint, these new techniques might be inspired from GDMO. The paper also examines the use of automatic translation tools (GDMO to CORBA IDL translators) to integrate existing management agents within the future Open Distributed Management Architecture (ODMA)

Deep Down the Rabbit Hole: On References in Networks of Decoy Elements

Deception technology has proven to be a sound approach against threats to information systems. Aside from well-established honeypots, decoy elements, also known as honeytokens, are an excellent method to address various types of threats. Decoy elements are causing distraction and uncertainty to an attacker and help detecting malicious activity. Deception is meant to be complementing firewalls and intrusion detection systems. Particularly insider threats may be mitigated with deception methods. While current approaches consider the use of multiple decoy elements as well as context-sensitivity, they do not sufficiently describe a relationship between individual elements. In this work, inter-referencing decoy elements are introduced as a plausible extension to existing deception frameworks, leading attackers along a path of decoy elements. A theoretical foundation is introduced, as well as a stochastic model and a reference implementation. It was found that the proposed system is suitable to enhance current decoy frameworks by adding a further dimension of inter-connectivity and therefore improve intrusion detection and prevention

A Generic Network and System Management Framework

Networks and distributed systems have formed the basis of an ongoing communications revolution that has led to the genesis of a wide variety of services. The constantly increasing size and complexity of these systems does not come without problems. In some organisations, the deployment of Information Technology has reached a state where the benefits from downsizing and rightsizing by adding new services are undermined by the effort required to keep the system running. Management of networks and distributed systems in general has a straightforward goal: to provide a productive environment in which work can be performed effectively. The work required for management should be a small fraction of the total effort. Most IT systems are still managed in an ad hoc style without any carefully elaborated plan. In such an environment the success of management decisions depends totally on the qualification and knowledge of the administrator. The thesis provides an analysis of the state of the art in the area of Network and System Management and identifies the key requirements that must be addressed for the provisioning of Integrated Management Services. These include the integration of the different management related aspects (i.e. integration of heterogeneous Network, System and Service Management). The thesis then proposes a new framework, INSMware, for the provision of Management Services. It provides a fundamental basis for the realisation of a new approach to Network and System Management. It is argued that Management Systems can be derived from a set of pre-fabricated and reusable Building Blocks that break up the required functionality into a number of separate entities rather than being developed from scratch. It proposes a high-level logical model in order to accommodate the range of requirements and environments applicable to Integrated Network and System Management that can be used as a reference model. A development methodology is introduced that reflects principles of the proposed approach, and provides guidelines to structure the analysis, design and implementation phases of a management system. The INSMware approach can further be combined with the componentware paradigm for the implementation of the management system. Based on these principles, a prototype for the management of SNMP systems has been implemented using industry standard middleware technologies. It is argued that development of a management system based on Componentware principles can offer a number of benefits. INSMware Components may be re-used and system solutions will become more modular and thereby easier to construct and maintain

Routledge Handbook of Public Policy in Africa

This Handbook provides an authoritative and foundational disciplinary overview of African Public Policy and a comprehensive examination of the practicalities of policy analysis, policymaking processes, implementation, and administration in Africa today. The book assembles a multidisciplinary team of distinguished and upcoming Africanist scholars, practitioners, researchers and policy experts working inside and outside Africa to analyse the historical and emerging policy issues in 21st-century Africa. While mostly attentive to comparative public policy in Africa, this book attempts to address some of the following pertinent questions: • How can public policy be understood and taught in Africa? • How does policymaking occur in unstable political contexts, or in states under pressure? • Has the democratisation of governing systems improved policy processes in Africa? • How have recent transformations, such as technological proliferation in Africa, impacted public policy processes? • What are the underlying challenges and potential policy paths for Africa going forward? The contributions examine an interplay of prevailing institutional, political, structural challenges and opportunities for policy effectiveness to discern striking commonalities and trajectories across different African states. This is a valuable resource for practitioners, politicians, researchers, university students, and academics interested in studying and understanding how African countries are governed