This paper
introduced Policy Description Language (PDL), which is a real-time specialized
production rule language to define policies. It is a declarative language. PDL
has three categories: 1- set of events (e.g. router is down). 2- set of actions
(send alert email). 3- set of functions to evaluate the environment (disk is
95% full). Each of these categories has its own class of symbols. PDL take in
consideration sequence constrains.
In PDL policies
are described by a collection of propositions of two types; policy rule
propositions and policy defined event propositions. Policy rule propositions
are expressions of the form:
event causes action if condition.
Which mean if
the event occurs in a situation where the condition is true then the action
will be executed.
A policy defined
event proposition is an expression of the form:
event triggers pde(Ml = T1,...,Mk
= Tk) if condition
Which mean if
the event occurs in a situation where the condition is true, an instance of the
primitive event pde will occur in the
immediately following epoch with the valuation of each Ti as the value assigned
to each attribute Mi of pde.
The language
is a generic language that can be used to describe any type of policies and not
only security policies. but as the authors claim it is a first proposal that is
expected to grow. PDL do not have the ability to solve conflict or even detect
them. The language can not distinguish between rights and obligations.
Lobo et al. in this paper introduce a new language: Policy Description Language (PDL). The authors
admit it is a first proposal and that it is expected to grow. PDL is a language
that can be used to describe any type of policies and not only security
policies. it describes policy as an actions that take place at a specific event
if the condition was true. This type of formalization will allow representing
obligations, and prohibitions, but it do not have the ability to solve conflict
or even detect them. The language cannot distinguish between rights and
obligations. If delegation looked at as an action then it would be passable to
represent delegations using PDL.
No comments:
Post a Comment