next up previous contents
Next: 6.1.2.3 Policy Life Cycle Up: 6.1.2 Policy-based Approach Previous: 6.1.2.1 Events   Contents


6.1.2.2 Policy Language

The Policy Description Language (PDL) used for the operational policies is also guided by Koch's Policy Definition Language and implements a subset of it. Table [*] shows the structure of an operational policy in PDL notation.

The PDL does not distinguish between authorisation and obligation policies. The policies stated with the PDL are on the one hand obligation policies, because they explicitly specify actions executed after the reception an event. On the other hand, the policies are used to configure the infrastructure for granting access of nomadic computer systems to special resources. Therefore, they can be seen as result of the refinement of authorisation policies.

As discussed in section [*], obligation policies have the characteristics of active policies, and authorisation policies have characteristics of passive policies. As a consequence, only active policies are directly implemented by the NoCScontrol system.

Generating events by enforcing a policy is not directly supported by the PDL. Koch uses this technique for policy chaining on success or failure of a policy.

A sample policy is given in table [*].

Table 6.2: Policy example in PDL [Radi 98]
\begin{table}\centering\begin{minipage}{\textwidth}
\small\begin{verbatim}POLI...
...TRAINT (Subject.getState()=authenticated)\end{verbatim}\end{minipage}\end{table}



next up previous contents
Next: 6.1.2.3 Policy Life Cycle Up: 6.1.2 Policy-based Approach Previous: 6.1.2.1 Events   Contents
Copyright Munich Network Management Team