Policy Technologies for Self-Managing Systems

Product Description

 

Policy Technologies for Self-Managing Systems

 

Dakshi Agrawal

Calo Seraphin

Kang-won Lee

Jorge Lobo

Dinesh Verma

 

Use policies to build self-managing IT systems that save money, improve availability, and enhance agility

 

IT policies can be used to guide and automate decision making in the management of computer and network infrastructure, helping IT organizations reduce costs, improve service quality, and enhance business agility. Now, a team of top IBM researchers introduces the latest innovations in policies and autonomic computing and demonstrates how to put them to work in your organization.

 

The authors cover the entire policy lifecycle: planning, definition, representation in standard policy languages, validation, distribution, enforcement, and more. They identify proven patterns for designing policy-enabled self-managing systems and show how policies can be integrated into a complete framework for system self management. They carefully introduce key technologies such as rules engines and the IBM Policy Management framework, as well as emerging standards such as the DMTF’s Common Information Model. Finally, they offer start-to-finish case studies of policy management in areas ranging from storage and IP networking to security.

 

This book’s insights and practical guidance will be invaluable to every IT

professional who can benefit from policies: architects, developers, administrators, researchers, and managers alike.

Coverage includes

 

• Understanding the life cycle and components of policy-based self-managing systems
• Identifying your best opportunities to drive value from policies
• Defining the most appropriate abstraction level for your policies
• Using the DMTF’s Common Information Model to establish the logical structure and contents of policies
• Validating the consistency and appropriateness of your policies
• Making your policies automatically enforceable by computer
• Using policies to simplify and streamline configuration management for SANs and other IT systems
• Improving availability by implementing policies that can automatically react to faults and error conditions

 

 

Sample Pages

Download the sample pages

Table of Contents

Foreword

Preface

Chapter 1 Policy Definition and Usage Scenarios

1.1. Formal Definition of Policy

    1.1.1. Types, Nature, and Usage of Policies

1.2. Policy-Based Self-Configuration

1.3. Policy-Based Self-Protection in Computer Networks

1.4. Policy-Based Self-Optimization in Computer Systems

1.5. Policy-Based Self-Healing

1.6. Building a Policy-Based Management System

1.7. Summary

Chapter 2 Policy Lifecycle—Creation, Distribution, and Enforcement

2.1. A Holistic View of the Policy Lifecycle

2.2. Instances of Policy-Based Systems

    2.2.1. Network QoS Control

    2.2.2. Privacy Policy Publication

    2.2.3. Policy-Based Management of Enterprise Network Access

2.3. Policy Creation

2.4. Policy Distribution

2.5. Policy Distribution Using Repositories

    2.5.1. Grouping of Policies by System Components Role

    2.5.2. Grouping of Policy Components

2.6. Policy Creation and Distribution for Multiple Administrative Domains

2.7. Policy Enforcement

    2.7.1. Policy Evaluation Trigger

    2.7.2. Policy Enforcement Context

    2.7.3. Data Gathering

    2.7.4. Policy Evaluation

    2.7.5. Decision Execution

2.8. Summary

Chapter 3 Policy Information Model

3.1. How Is an Information Model Described?

3.2. Policy Information Models

    3.2.1. Why Use Information Models

    3.2.2. Condition-Action Information Model

    3.2.3. Event-Condition-Action Information Model

    3.2.4. Mode-Subject-Action-Target Information Model

    3.2.5. Grouping, Scope, and Priorities

3.3. A Standardized Policy Model

    3.3.1. The Common Information Model (CIM)

    3.3.2. The CIM Policy Model

3.4. Summary

Chapter 4 Policy Languages

4.1. Declarative Nature of Policy Languages

4.2. Survey of Policy Languages

    4.2.1. PDL

    4.2.2. Ponder

    4.2.3. CQL

    4.2.4. XACML

    4.2.5. ACPL

4.3. CIM-SPL

    4.3.1. CIM-SPL Policy Rules

    4.3.2. Policy Groups

    4.3.3. An Example of CIM-SPL Policy

4.4. Summary

Chapter 5 Policy Transformation and Analysis

5.1. Policy Transformation

5.2. Design-Time Techniques for Policy Transformation

    5.2.1. Transformation Using Analytical Models

    5.2.2. Transformation Using Static Rules

    5.2.3. Transformation by Policy Table Lookup

    5.2.4. Transformation Using Case-Based Reasoning

5.3. Real-Time Policy Transformation

5.4. Policy Analysis

    5.4.1. Conflict Checking

    5.4.2. Conflict Resolution

    5.4.3. Coverage Checking

    5.4.4. What-If Analysis

5.5. Related Work

5.6. Summary

Chapter 6 Policy-Based Configuration Management

6.1. Configuration Management Overview

6.2. Policy-Based Configuration Management

    6.2.1. Policy-Based Simplification of Configuration Management

    6.2.2. Policy-Based Tuning of System Configuration

    6.2.3. Policy-Based Checking of System Configuration

6.3. Example in Storage Area Networks

    6.3.1. Configuration Checking of Storage Area Networks

    6.3.2. Policy Modeling and Representation

    6.3.3. Architecture of a Policy-Based SAN Configuration Checker

6.4. Example in Hosted Server Environment

    6.4.1. Architecture for Self-Configuration

    6.4.2. Variations on the Architecture

6.5. Summary

Chapter 7 Policy-Based Fault Management

7.1. Fault Management Overview

    7.1.1. Fault Management in Networks

    7.1.2. Fault Management in Web-Based Applications

7.2. Policy-Based Fault Management

    7.2.1. Policy-Based Acquisition of Fault Information

    7.2.2. Policy-Based Format Conversion

    7.2.3. Policy-Based Event Volume Reduction

    7.2.4. Policy-Based Root Cause Analysis

    7.2.5. Policy-Based Remedial Action

7.3. Architecture of a Policy-Based Fault Management System

7.4. Summary

Chapter 8 Policy-Based Security Management

8.1. Overview of Security Management

8.2. Policy Applications in Security

    8.2.1. Policy-Driven Access Control

    8.2.2. Higher-Level Access Policies

    8.2.3. Policy-Based Self-Protection

    8.2.4. Policy-Based Communication Assurance

8.3. Policy-Based Security Assurance for IPsec Protocol

    8.3.1. Business Needs Satisfied by the Security Assurance Tool

    8.3.2. Communication Control Policies for IPsec Protocol

    8.3.3. Generating the Communication Control Policies

8.4. Summary

Chapter 9 Related Topics

9.1. Production Rules

9.2. Business Rules and Processes

9.3. IT Processes

9.4. Event Correlation and Notification Systems

9.5. Service Level Agreements

9.6. Regulatory Compliance

9.7. Proliferation of Policy-Based Technologies

References

 

0132213079   TOC   9/9/2008