Tuesday, 13 December 2011

Summary: A POLICY DESCRIPTION LANGUAGE

J. Lobo, R. Bhatia, and S. A. Naqvi. A policy description language. In AAAI/IAAI, pages 291–298, 1999.

This paper introduced Policy Description Language (PDL), which is a real-time specialized production rule language to define policies. It is a declarative language. PDL has three categories: 1- set of events (e.g. router is down). 2- set of actions (send alert email). 3- set of functions to evaluate the environment (disk is 95% full). Each of these categories has its own class of symbols. PDL take in consideration sequence constrains.

In PDL policies are described by a collection of propositions of two types; policy rule propositions and policy defined event propositions. Policy rule propositions are expressions of the form:
event causes action if condition.
Which mean if the event occurs in a situation where the condition is true then the action will be executed.
A policy defined event proposition is an expression of the form:
event triggers pde(Ml = T1,...,Mk = Tk) if condition
Which mean if the event occurs in a situation where the condition is true, an instance of the primitive event pde will occur in the immediately following epoch with the valuation of each Ti as the value assigned to each attribute Mi of pde.

The language is a generic language that can be used to describe any type of policies and not only security policies. but as the authors claim it is a first proposal that is expected to grow. PDL do not have the ability to solve conflict or even detect them. The language can not distinguish between rights and obligations.

Lobo et al. in this paper introduce a new language: Policy Description Language (PDL). The authors admit it is a first proposal and that it is expected to grow. PDL is a language that can be used to describe any type of policies and not only security policies. it describes policy as an actions that take place at a specific event if the condition was true. This type of formalization will allow representing obligations, and prohibitions, but it do not have the ability to solve conflict or even detect them. The language cannot distinguish between rights and obligations. If delegation looked at as an action then it would be passable to represent delegations using PDL.



No comments:

Post a Comment