In this paper we present an “ePolicy framework” that can be used to develop transactional-based
ePolicy-guided Web applications. This framework incorporates a non-proprietary component
based architecture, a well-defined standards-based user interface, a structured representation of
ePolicies, ePolicy operations and user input data, and incorporates a maintenance management
component. Each component is self-contained and can therefore be independently maintained.
ePolicies and associated ePolicy operations are not embedded in the system software but are
stored centrally in an external store (Policy Repository) and are dynamically loaded as required.
Executable code (marshalled from XML) is automatically generated from the ePolicies and the
ePolicy operations and used in policy-guided evaluation. The Policy Repository, accessible by
suitably privileged components, removes ePolicy duplication and from a maintenance perspective,
this approach reduces the possibility of errors being introduced by data duplication. Updates to
ePolicies are seamlessly applied the next time an ePolicy is loaded. ePolicies are represented in a
standard uniform format and as all components use this uniform format, maintainers do not need
to understand or handle multiple data formats. They are represented using a policy hierarchy
composed of three layers: meta-ePolicies, ePolicy-groups and ePolicies. Each of the components
is designed using Object-Oriented principles. Our ePolicy framework will work in a centralized or
distributed environment. We believe that using our framework to develop ePolicy-guided
evaluation systems will reduce data maintenance and expedite software evolution