Publications
201 results found
Lupu EC, Dulay N, Damianou N, et al., 2000, Structuring Devolved Responsibilities in Network and Systems Management, Networking and Information Systems Journal, Vol: 3, Pages: 261-277
Lupu EC, Sloman MS, 1999, Conflicts in Policy-based Distributed Systems Management, IEEE Trans.on Software Engineering, Vol: 25, Pages: 852-869, ISSN: 0098-5589
Modem distributed systems contain a large number of objects and must be capable of evolving, without shutting down the complete system, to cater for changing requirements. There is a need for distributed, automated management agents whose behavior also has to dynamically change to reflect the evolution of the system being managed. Policies are a means of specifying and influencing management behavior within a distributed system, without coding the behavior into the manager agents. Our approach is aimed at specifying implementable policies, although policies may be initially specified at the organizational level (c.f. goals) and then refined to implementable actions. We are concerned with two types of policies. Authorization policies specify what activities a manager is permitted or forbidden to do to a set of target objects and are similar to security access-control policies. Obligation policies specify what activities a manager must or must not do to a set of target objects and essentially define the duties of a manager. Conflicts can arise in the set of policies. For example, an obligation policy may define an activity which is forbidden by a negative authorization policy; there may be two authorization policies which permit and forbid an activity or two policies permitting the same manager to sign checks and approve payments may conflict with an external principle of separation of duties. Conflicts may also arise during the refinement process between the high-level goals and the implementable policies. The system may have to cater for conflicts such as exceptions to normal authorization policies. This paper reviews policy conflicts, focusing on the problems of conflict detection and resolution. We discuss the Various precedence relationships that can be established between policies in order to allow inconsistent policies to coexist within the system and present a conflict analysis tool which forms part of a role-based management framework. Software development an
Marshall IW, Crowcroft J, Fry M, et al., 1999, Application-level programmable internetwork environment, BT TECHNOL J, Vol: 17, Pages: 82-94, ISSN: 1358-3948
Future requirements fbr a broadband multimedia network are likely to be very different from those of today. Three key changes are identified - rapid introduction of new services, dynamic customisation of services by clients, and minimal management overhead. Application-layer active networking, perhaps the mast pragmatic and immediately realisable active network proposal, is a potential solution to all three. lit the 'Management of Multiservice Networks' project, BT and its academic partners are developing key middleware components required to support application-layer active networking.
Chalmers D, Sloman M, 1999, Survey of quality of service in mobile computing environments, Departmental Technical Report: 98/10, Publisher: Department of Computing, Imperial College London
The specification and management of Quality of Service (QoS) is important in networks and distributed computing systems, particularly to support multimedia applications. The advent of portable lap-top computers, palmtops and Personal Digital Assistants with integrated communication capabilities facilitates mobile computing. This paper is a survey of QoSconcepts and techniques for mobile distributed computing environments. The QoS attributes typically specified and negotiated for general communication systems are described as well as some QoS models. A brief overview is given of some practical systems described in the literature. The design issues relating to both mobile and nomadic computing are explainedand then the specific QoS issues related to mobile and nomadic systems are discussed. The conclusion summarises the important issues relating to supporting QoS for mobile systems.
Chalmers D, Sloman MS, 1999, A Survey of Quality of Service in Mobile Computing Environments, IEEE Communications Surveys, Vol: 2, Pages: 2-10, ISSN: 1553-877X
Sloman MS, Lupu EC, 1999, Policy Specification for Programmable Networks, Proceedings of First International Working Conference on Active Networks (IWAN'99), Berlin, Publisher: Springer Verlag, Pages: 73-84
Lupu EC, Sloman MS, Milosevic Z, 1999, Use of Roles and Policies for Specifying and Managing a Virtual Enterprise, 9th International Workshop on Research Issues on Data Engineering: Information Technology for Virtual Enterprises(RIDE - VE '99)
Lupu EC, Sloman MS, Milosevic Z, 1999, Use of Roles and Policies for Specifying and Managing a Virtual Enterprise, 9th International Workshop on Research Issues on Data Engineering: Information Technology for Virtual Enterprises - RIDE - VE '99, Sydney Australia
Chalmers D, Sloman M, 1999, QoS and Context Awareness for Mobile Computing., Proceedings of 1st Intl. Symposium on Handheld and Ubiquitous Computing (HUC'99), Publisher: Springer, Pages: 380-382
Koch T, Sloman MS, 1998, System Management, Information Systems Interoperability, Editors: Kramer, Papzoglou, Schmidt, Publisher: Research Studies Press
Nuttall M, Sloman M, 1997, Workload characteristics for process migration and load balancing, 17th IEEE International Conference on Distributed Computing Systems, Pages: 133-140
Is process migration useful for load balancing? We present experimental results indicating that the answer to this question depends largely on the characteristics of the applied workload. Experiments with our Shiva system, which supports remote execution and process migration, show that only those CPU-bound workloads which were generated using an unrealistic exponential distribution for execution times show improvements for dynamic load balancing. (We use the term 'dynamic' to indicate remote execution determined at and not prior to run time. The latter is known as 'static' load balancing.) Using a more realistic workload distribution and adding a number of short-lived tasks prevents dynamic algorithms from working. Migration is only useful with heterogeneous workloads. We find the migration of executing tasks to remote data to be effective for balancing I/O-bound workloads, and indicate the region of 'workload variable space' for which this migrate-to-data approach is useful.
Mansouri-Samani M, Sloman M, 1997, GEM: A Generalised Event Monitoring Language for Distributed Systems, Distributed Systems Engineering, Vol: 4, Pages: 96-108
Fossa H, Sloman MS, 1997, Interactive Configuration Management For Distributed Object Systems, IEEE Proc. First International Enterprise Distributed Object Computing Workshop (EDOC'97), Gold Coast, Queensland, Australia, Pages: 118-128
Lupu E, Sloman M, 1997, Conflict analysis for management policies, 5th IFIP/IEEE International Symposium on Integrated Network Management (IM'97), Publisher: Chapman-Hall, Pages: 430-443
Policies are a means of influencing management behaviour within a distributed system, without coding the behaviour into the managers. Authorisation policies specify what activities a manager is permitted or forbidden to do to a set of target objects and obligation policies specify what activities a manager must or must not do to a set of target objects. Conflicts can arise in the set of policies. For example an obligation policy may define an activity which is forbidden by a negative authorisation policy; there may be two authorisation policies which permit and forbid an activity or two policies permitting the same manager to sign cheques and approve payments may conflict with an external principle of separation of duties. This paper reviews the policy conflicts which may arise in a large-scale distributed system and describes a conflict analysis tool which forms part of a Role Based Management framework. Management policies are specified with regard to domains of objects and conflicts potentially arise when there are overlaps between domains. It is not desirable or possible to prevent overlaps and they do not always result in conflicts. We discuss the various techniques which can be used to determine which conflicts are important and so should be indicated to the user and which potential conflicts should be ignored because of precedence relationships between the policies. This reduces the set of potential conflicts that a user would have to resolve and avoids undesired changes of the policy specification or domain membership.
Sloman M, Lupu E, 1997, Towards a Role-based Framework for Distributed Systems Management, Journal of Network and Systems Management, Vol: 5, Pages: 5-30, ISSN: 1064-7570
Lupu E, Sloman M, 1997, A policy based role object model, 1st International Enterprise Distributed Object Computing Workshop (EDOC 97), Publisher: IEEE, COMPUTER SOC PRESS, Pages: 36-47
Enterprise roles define the duties and responsibilities of the individuals which are assigned to them. This paper introduces a framework for the management of large distributed systems which makes use of the concepts developed in role theory. Our concept of a role groups the specifications of management policies which define the rights and dirties corresponding to that role. Individuals may then be assigned to or withdrawn from a role, to enable rapid and flexible organisational change, without altering the specification of the policies. We extend this role concept to include relationships as means of specifying required interactions, duties and rights between related roles. Organisations may contain large numbers of similar roles with multiple relationships between them, so there is a need for reuse of specifications. Role and relationship classes permit multiple instantiation and inheritance is Eased for incremental extension of the organisational structure with minimal specification effort. We also briefly examine consistency and auditing issues related to this role framework.
MansouriSamani M, Sloman M, 1997, An event service for open distributed systems, IFIP/IEEE International Conference on Open Distributed Processing and Distributed Platforms, Publisher: CHAPMAN & HALL, Pages: 183-194
Lupu EC, Sloman MS, Yialelis N, 1997, Policy based roles for distributed systems security, HP-Openview University Association (HP-OVUA) Plenary Workshop (Madrid)
Lupu EC, Sloman MS, 1997, Reconciling role based management and role based access control, RBAC '97 Second Role Based Control Workshop, George Mason University, Virginia, Pages: 135-141
Sloman M, Marriott D, 1996, Implementation of a Management Agent for Interpreting Obligation Policy, IEEE/IFIP Workshop on Distributed Systems Operations and Management (DSOM '96), Pages: 1-18
Yialelis N, Sloman M, 1996, An authentication service supporting domain-based access control policies., Publisher: Chapman & Hall, Pages: 482-484
Fossa H, Sloman M, 1996, Implementing interactive configuration management for distributed systems, 3rd International Conference on Configurable Distributed Systems, Publisher: IEEE Computer Society, Pages: 44-51
This paper describes an environment for interactive configuration management of software for distributed applications and services. Configuration management involves creating the components which form a distributed system; allocating these components to physical nodes and binding the interfaces of the components to each other or to existing services. Components and their required and provided interfaces are represented and accessible in the system-wide domain structure. We describe a graphical configuration environment, based on the Darwin configuration language, which is used to create the required configurations and maintain the configuration structure as part of the overall systems management infrastructure. The paper describes a simple example to show how a system can be initially constructed and subsequently reconfigured at run-time without shutting down the system.
Mansouri-Samani M, Sloman MS, 1996, A Configurable Event Service for Distributed Systems, Third IEEE Int. Conference on Configurable Distributed Systems, Annapolis
Yialelis N, Lupu EC, Sloman MS, 1996, Role Based Security for Distributed Object Systems, IEEE Fifth Workshops on Enabling Technologies : Infrastructure for Collaborative Enterprises, Stanford University
Sloman M, 1996, Configuration management of distributed applications and services, International Workshop on High Performance Computing for Computer Graphics and Visualisation, Publisher: SPRINGER-VERLAG, LONDON LTD, Pages: 255-265
Yialelis N, Sloman MS, 1996, A Security Framework Supporting Domain Based Access Control in Distributed Systems, Internet Society Symposium on Network and Distributed System Security (San Diego) IEEE
Marriott D, Sloman M, 1996, Management policy service for distributed systems, 3rd International Workshop on Services in Distributed and Networked Environments, Publisher: IEEE Computer Society, Pages: 2-9
Yialelis N, Lupu EC, Sloman MS, 1996, Role Based Security for Distributed Object Systems, IEEE Fifth Workshops on Enabling Technologies : Infrastructure for Collaborative Enterprises, Stanford University
Yialelis N, Sloman M, 1995, A security framework supporting domain based access control in distributed systems, Departmental Technical Report: 95/14, Publisher: Department of Computing, Imperial College London
Yialelis N, Sloman M, 1995, An authentication service supporting domain based access control policies, Departmental Technical Report: 95/13, Publisher: Department of Computing, Imperial College London
This data is extracted from the Web of Science and reproduced under a licence from Thomson Reuters. You may not copy or re-distribute this data in whole or in part without the written consent of the Science business of Thomson Reuters.