Policy-based management

Last updated

Policy-based management [1] [2] [3] is a technology that can simplify the complex task of managing networks and distributed systems. Under this paradigm, an administrator can manage different aspects of a network or distributed system in a flexible and simplified manner by deploying a set of policies that govern its behaviour. [4] [5] Policies are technology independent rules aiming to enhance the hard-coded functionality of managed devices by introducing interpreted logic that can be dynamically changed without modifying the underlying implementation. This allows for a certain degree of programmability without the need to interrupt the operation of either the managed system or of the management system itself. Policy-based management can increase significantly the self-managing aspects of any distributed system or network, leading to more autonomic behaviour demonstrated by Autonomic computing systems. [6] [7]

Contents

Frameworks and languages

The most well known policy-based management architecture was specified jointly by the IETF and the DMTF. This consists of four main functional elements: the Policy Management Tool (PMT), Policy Repository, Policy Decision Point (PDP), and Policy Enforcement Point (PEP).

The PMT is used by an administrator to define or update the policies to be enforced in the managed network. Resulting policies are stored in a repository in a form that must correspond to an information model [8] so as to ensure interoperability across products from different vendors. When new policies have been added in the repository, or existing ones have been changed, the PMT issues the relevant PDP with notifications, which in turn interprets the policies and communicates them to the PEP. The latter is a component that runs on a policy-aware node and can execute (enforce) the different policies. The components of the architecture can communicate with each other using a variety of protocols. The preferred choice for communicating policy decisions between a PDP and network devices (PEPs) is the Common Open Policy Service (COPS) or SNMP, and LDAP for the PMT/PDP–repository communication.

The simplest approach for policy specification is through a sequence of rules, in which each rule is the form of a simple condition-action pair. The IETF policy framework adopts this approach and considers policies as rules that specify actions to be performed in response to defined conditions:

if <condition(s)> then <action(s)>

The conditional part of the rule can be a simple or compound expression specified in either conjunctive or disjunctive normal form. The action part of the rule can be a set of actions that must be executed when the conditions are true. The IETF does not define a specific language to express network policies but rather a generic object-oriented information model for representing policy information. This model is a generic one, specifying the structure of abstract policy classes by means of association, thus allowing vendors to implement their own set of conditions and actions to be used by the policy rules.

Policy conflicts

As with any programmable system, a policy-driven one can suffer from inconsistencies incurred by contradicting rules governing its behaviour. These are known as policy conflicts [9] and come about as a result of specification errors, omissions, or contradictory management operations and, in some cases, can have catastrophic effects on the operation of the managed system. They have also been described as being analogous to software bugs [10] that occur when two or more policies are activated simultaneously enforcing contradictory management operations on the system.

Classification of policy conflicts

Policy conflicts are broadly classified into domain-independent and application-specific, [11] where the former, as the names suggest, are independent of the policy application, and the latter are bound by the constraints of the application domain. Example application domains that have been considered in the literature include quality of service (QoS) in IP networks, [9] [12] distributed systems, [11] [13] firewall security, [14] [15] [16] and call control in telecommunication networks. [17] Policy conflicts can also be classified according to the time-frame at which they can be detected: static conflicts [18] can be detected through off-line analysis at policy specification time, whereas dynamic conflicts [19] can only be detected when policies are enforced as they depend on the current state of the managed system. For example, conflicts can occur between policies for dynamically allocating resources and those setting quotas for users or classes of service. As such, automation should be a key aspect of dynamic analysis mechanisms so that the operational impact of a conflict can be kept to a minimum.

Detection and resolution of policy conflicts

To effectively use policies and drive the functionality of a managed system in a consistent manner, it is necessary to check that newly created policies do not conflict with each other or with policies already deployed in the system. To achieve this, detection processes utilise information regarding the conditions under which conflicts can arise to search policy spaces and identify policies that meet the conflict criteria. Based on the types of conflicts identified in the literature and the different application domains in which they occur, research has concentrated in the development of mechanisms and techniques for their effective detection. Although simple conflicts (e.g. modality conflicts) can be detected by syntactic analysis, more specialised inconsistencies require a precise definition of the conditions for a conflict, which sometimes include domain-specific knowledge, and processes that utilise such information to signal the occurrence of a conflict. Popular approaches for the detection of conflicts have been based on: meta-policies (detection rules), [9] [11] [20] policy relationships, [14] [15] [16] applicability spaces, [21] and information models. [22]

Resolution is the latter part of policy analysis, which aims at handling detected inconsistencies, preferably in an automated manner, so that consistency among policies can be restored. The process of resolving conflicts may involve retracting, suppressing, prioritising, or amending policies, and in some cases, enforcing a new policy altogether so that consistency among policy rules can be restored. The methodology in doing so depends heavily on the type of policies involved and the domain in which conflicts occur. Although human intervention is unavoidable in some situations, several research efforts focussed on techniques to automate the resolution process where possible. Popular approaches for the resolution of conflicts have been based on: meta-policies (resolution rules), [9] [19] [20] precedence, [11] policy ordering, [15] [21] and conflict prevention. [23]

The time-frame at which conflicts can be detected influences the analysis methodology and requirements for dealing with them. Static conflicts are typically detected through analysis initiated manually by the system administrator; conflicts represent inconsistencies between policies and are typically resolved by amending the policies. [9] [18] In contrast, run-time conflicts must be detected by a process that monitors policy enforcement and detects inconsistent situations in the system’s execution. Resolution must be achieved automatically, for example through enforcing resolution rules. [9] [19] Lack of automation in the handling of run-time conflicts may have catastrophic consequences on the correct system operation, especially when managing QoS for delay sensitive applications.

Policy refinement

Ideally, a policy-based management system should facilitate the definition of high-level administrative goals, which are easy for humans to express and understand, enable their translation into low-level policies and map them into commands that configure the managed devices accordingly. While the high-level goals reflect the business objectives of the network administrator, the low-level policies are responsible for device-level configurations.

Policy refinement is the process of transforming a high-level goal or abstract policy specification into low-level, concrete policies that can be enforced on the managed system. The main tasks of the refinement process are the following:

Several policy refinement approaches have been developed. The most notable ones are based on linear temporal logic, [24] event calculus, [25] and utility computing. [26] [27]

See also

Related Research Articles

Peer-to-peer Type of decentralized and distributed network architecture

Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the application. They are said to form a peer-to-peer network of nodes.

An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.

Traffic shaping is a bandwidth management technique used on computer networks which delays some or all datagrams to bring them into compliance with a desired traffic profile. Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds. It is often confused with traffic policing, the distinct but related practice of packet dropping and packet marking.

Content delivery network Layer in the internet ecosystem addressing bottlenecks

A content delivery network, or content distribution network (CDN), is a geographically distributed network of proxy servers and their data centers. The goal is to provide high availability and performance by distributing the service spatially relative to end users. CDNs came into existence in the late 1990s as a means for alleviating the performance bottlenecks of the Internet, even as the Internet was starting to become a mission-critical medium for people and enterprises. Since then, CDNs have grown to serve a large portion of the Internet content today, including web objects, downloadable objects, applications, live streaming media, on-demand streaming media, and social media sites.

A cognitive radio (CR) is a radio that can be programmed and configured dynamically to use the best wireless channels in its vicinity to avoid user interference and congestion. Such a radio automatically detects available channels in wireless spectrum, then accordingly changes its transmission or reception parameters to allow more concurrent wireless communications in a given spectrum band at one location. This process is a form of dynamic spectrum management.

In the context of software engineering, software quality refers to two related but distinct notions:

Policy appliances are technical control and logging mechanisms to enforce or reconcile policy rules and to ensure accountability in information systems. Policy appliances can be used to enforce policy or other systems constraints within and among trusted systems.

In routers and switches, active queue management (AQM) is the policy of dropping packets inside a buffer associated with a network interface controller (NIC) before that buffer becomes full, often with the goal of reducing network congestion or improving end-to-end latency. This task is performed by the network scheduler, which for this purpose uses various algorithms such as random early detection (RED), Explicit Congestion Notification (ECN), or controlled delay (CoDel). RFC 7567 recommends active queue management as a best practice.

Vehicular ad hoc networks (VANETs) are created by applying the principles of mobile ad hoc networks (MANETs) – the spontaneous creation of a wireless network of mobile devices – to the domain of vehicles. VANETs were first mentioned and introduced in 2001 under "car-to-car ad-hoc mobile communication and networking" applications, where networks can be formed and information can be relayed among cars. It was shown that vehicle-to-vehicle and vehicle-to-roadside communications architectures will co-exist in VANETs to provide road safety, navigation, and other roadside services. VANETs are a key part of the intelligent transportation systems (ITS) framework. Sometimes, VANETs are referred as Intelligent Transportation Networks. They are understood as having evolved into a broader "Internet of vehicles". which itself is expected to ultimately evolve into an "Internet of autonomous vehicles".

Mark Burgess is an independent researcher and writer, formerly professor at Oslo University College in Norway and creator of the CFEngine software and company, who is known for work in computer science in the field of policy-based configuration management.

A cluster manager usually is a backend graphical user interface (GUI) or command-line software that runs on one or all cluster nodes .The cluster manager works together with a cluster management agent. These agents run on each node of the cluster to manage and configure services, a set of services, or to manage and configure the complete cluster server itself In some cases the cluster manager is mostly used to dispatch work for the cluster to perform. In this last case a subset of the cluster manager can be a remote desktop application that is used not for configuration but just to send work and get back work results from a cluster. In other cases the cluster is more related to availability and load balancing than to computational or specific service clusters.

Event correlation is a technique for making sense of a large number of events and pinpointing the few events that are really important in that mass of information. This is accomplished by looking for and analyzing relationships between events.

Grid-oriented Storage (GOS) was a term used for data storage by a university project during the era when the term grid computing was popular.

Mobile device management (MDM) is the administration of mobile devices, such as smartphones, tablet computers and laptops. MDM is usually implemented with the use of a third-party product that has management features for particular vendors of mobile devices. Though closely related to Enterprise Mobility Management and Unified Endpoint Management, MDM differs slightly from both: unlike MDM, EMM includes mobile information management, BYOD, mobile application management and mobile content management, whereas UEM provides device management for endpoints like desktops, printers, IoT devices, and wearables as well.

A virtual sensor network (VSN) is an emerging form of collaborative wireless sensor networks. In contrast to early wireless sensor networks that were dedicated to a specific application, VSNs enable multi-purpose, collaborative, and resource efficient WSNs. The key idea difference of VSNs is the collaboration and resource sharing. By doing so nodes achieve application objectives in a more resource efficient way. These networks may further involve dynamically varying subset of sensor nodes and/or users .
A VSN can be formed by providing logical connectivity among collaborative sensors. Nodes can be grouped into different VSNs based on the phenomenon they track or the task they perform. VSNs are expected to provide the protocol support for formation, usage, adaptation, and maintenance of subset of sensors collaborating on a specific task(s). Even the nodes that do not sense the particular event/phenomenon could be part of a VSN as far as they are willing to allow sensing nodes to communicate through them. Thus, VSNs make use of intermediate nodes, networks, or other VSNs to efficiently deliver messages across members of a VSN.

Security information and event management (SIEM) is a subsection within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware.

In information system and information technology, trust management is an abstract system that processes symbolic representations of social trust, usually to aid automated decision-making process. Such representations, e.g. in a form of cryptographic credentials, can link the abstract system of trust management with results of trust assessment. Trust management is popular in implementing information security, specifically access control policies.

Model-driven security (MDS) means applying model-driven approaches to security.

Software-defined networking (SDN) technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management. SDN is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting. SDN attempts to centralize network intelligence in one network component by disassociating the forwarding process of network packets from the routing process. The control plane consists of one or more controllers, which are considered the brain of the SDN network where the whole intelligence is incorporated. However, the intelligent centralization has its own drawbacks when it comes to security, scalability and elasticity and this is the main issue of SDN.

Raouf Boutaba

Raouf Boutaba is an Algerian Canadian computer scientist. His research interests are in resource, network and service management in wired and wireless networked systems. His work focuses on network virtualization, network softwarization, cloud computing, and network security.

References

  1. R. Boutaba and S. Znaty. Towards Integrated Network Management: A Domain/Policy Approach and its Application to a High Speed Multi-Network. In Proceedings of IEEE/IFIP International Symposium on Network Operation and Management (NOMS'94), pp. 777-789, February 1994.
  2. M.S. Sloman, "Policy Driven Management for Distributed Systems," Journal of Network and Systems Management, Vol. 2, No. 4, pp. 333-360, Plenoum Press, December 1994.
  3. R. Boutaba and I. Aib. Policy-Based Management: A Historical Perspective. Journal of Network and Systems Management. Vol. 15, No. 4, pp. 447-480, Springer, December 2007.
  4. R. Boutaba and S. Znaty. An Architectural Approach for Integrated Networks and Systems Management. ACM SIGCOMM Computer Communication Review, Vol.25, No. 5, pp. 13-39, 1995.
  5. D. Verma "Simplifying network administration using policy-based management", IEEE Network 2002.
  6. R. Boutaba, S. Omari and A. Virk. SELFCON: An Architecture for Self-Configuration of Networks. KICS/IEEE International Journal of Communications and Networks (special issue on Management of New Networking Infrastructure and Services), Vol.3, No. 4, pp. 317-323, December 2001.
  7. D. Agrawal, S. Calo, K. Lee, J. Lobo, D. Verma, "Policy Technologies for Self Managing Systems", IBM Press, 2008
  8. B. Moore, E. Ellesson, J. Strassner, A. Westerinen, “Policy Core Information Model,” RFC 3060, IETF, February 2001.
  9. 1 2 3 4 5 6 M. Charalambides, P. Flegkas, G. Pavlou, J.R. Loyola, A.K. Bandara, E.C. Lupu, M.S. Sloman, A. Russo, N. Dulay, “Policy Conflict Analysis for DiffServ Quality of Service Management,” IEEE Transactions on Network and Service Management, Vol. 6, No. 1, March 2009.
  10. J. Strassner, “Policy-Based Network Management,” Morgan Kaufmann Publishers, ISBN 1- 55860-859-1, 2004.
  11. 1 2 3 4 E.C. Lupu, M.S. Sloman, “Conflicts in Policy-based Distributed Systems Management,” IEEE Transactions on Software Engineering - Special Issue on Inconsistency Management, Vol. 25, pp. 852-869, 1999.
  12. T. Samak, E. Al-Shaer, H. Li, “QoS Policy Modeling and Conflict Analysis,” proceedings of IEEE Workshop on Policies for Networks and Distributed Systems, New York, USA, June 2008.
  13. A.K. Bandara, E.C. Lupu, A. Russo, “Using Event Calculus to Formalise Policy Specification and Analysis,” proceedings of IEEE Workshop on Policies for Distributed Systems and Networks, Lake Como, Italy, June 2003.
  14. 1 2 E. Al-Shaer, H. Hamed, “Discovery of Policy Anomalies in Distributed Firewalls,” proceedings of IEEE Communications Society Conference, Hong Kong, March 2004.
  15. 1 2 3 E. Al-Shaer, H. Hamed, “Modeling and Management of Firewall Policies,” IEEE Transactions on Network and Service Management, Vol. 1, No. 1, April 2004.
  16. 1 2 E. Al-Shaer, H. Hamed, R. Boutaba, M. Hasan.  Conflict Classification and Analysis of Distributed Firewall Policies. IEEE Journal on Selected Areas in Communications, Volume 23, No. 10, pp.2069 - 2084, October 2005.  
  17. L. Blair, K. Turner, “Handling Policy Conflicts in Call Control,” proceedings of International Conference on Feature Interaction, Leicester, UK, June 2005.
  18. 1 2 M. Charalambides, P. Flegkas, G. Pavlou, A.K. Bandara, E.C. Lupu, M.S. Sloman, A. Russo, N. Dulay, J.R. Loyola, “Policy Conflict Analysis for Quality of Service Management,” proceedings of IEEE Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden, June 2005.
  19. 1 2 3 M. Charalambides, P. Flegkas, G. Pavlou, J.R. Loyola, A.K. Bandara, E.C. Lupu, M.S. Sloman, A. Russo, N. Dulay, “Dynamic Policy Analysis and Conflict Resolution for DiffServ Quality of Service Management,” proceedings of IEEE/IFIP Network Operations and Management Symposium, Vancouver, Canada, April 2006.
  20. 1 2 A. Polyrakis and R. Boutaba. The Meta-Policy Information Base. IEEE Network, special issue on Policy-Based Networks, Vol.16, No. 2, pp. 40-48, 2002.  
  21. 1 2 D. Agrawal, J. Giles, K.W. Lee, J. Lobo, “Policy Ratification,” proceedings of IEEE Workshop on Policies for Networks and Distributed Systems, Stockholm, Sweden, June 2005.
  22. S. Davy, B. Jennings, J. Strassner, “Application Domain Independent Policy Conflict Analysis Using Information Models,” proceedings of IEEE/IFIP Network Operations and Management Symposium, Bahia, Brazil, April 2008.
  23. R. Chadha, Y. Cheng, J. Chiang, G. Levin, S.W. Li, A. Poylisher, L. LaVergne, S. Newman, “Scalable Policy Management for Ad Hoc Networks,” proceedings of Military Communications Conference, New Jersey, USA, October 2005.
  24. J.R. Loyola, J. Serrat, M. Charalambides, P. Flegkas, G. Pavlou, “A Methodological Approach toward the Refinement Problem in Policy-Based Management Systems,” IEEE Communications Magazine, Topics in Network and Service Management, Vol. 44, No. 10, October 2006.
  25. A.K. Bandara, E.C. Lupu, A. Russo, N. Dulay, M. Sloman, P. Flegkas, M. Charalambides, G. Pavlou, “Policy Refinement for IP Differentiated Services Quality of Service Management,” IEEE Transactions on Network and Service Management (TNSM), Vol. 2, No. 2, 2006.
  26. I. Aib and R. Boutaba. Business-driven optimization of Policy Based Management Solutions; A Web Application Hosting SLA Use Case. In Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management (IM'2007), Munich (Germany), May 2007.
  27. I. Aib and R. Boutaba. On leveraging policy-based management for maximizing business profit. In IEEE Transactions on Network and Service Management. Vol. 4, No. 3, pp. 163-176, December 2007.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.