Towards a Role Based Framework for Distributed Systems Management
Emil Lupu
Department of Computing
Imperial College of Science Technology and Medicine
180 Queen's Gate
London SW7 2BZ, U.K.
Email: e.c.lupu_AT_doc.ic.ac.uk
Morris Sloman
Department of Computing
Imperial College of Science Technology and Medicine
180 Queen's Gate
London SW7 2BZ, U.K.
Email: m.sloman_AT_doc.ic.ac.uk
Abstract
Roles have been widely used for modeling the authority,
responsibility, functions and interactions associated with manager
positions within organizations. In this paper we discuss the issues
related to specifying roles for both human and automated managers of
distributed computer systems. The starting point is that a role can be
defined in terms of the authorization and obligation policies, for a
particular manager position, which specify what actions the manager is
permitted or is obliged to do on a set of target objects. This permits
individuals to be assigned or removed from positions without respecifying
the policies for the role. However these policies are insufficient for
fully specifying relationships between managers and the targets they manage
or between different manager roles. There is a need to specify the
interaction protocols and how managers coordinate and synchronize their
activities.
The role based framework consists of a set of tools enabling the creation
of roles from policies, the specification of the concurrency constraints
for role activities and the specification of protocols for role
interaction. In addition, the issues related to conflicts which can occur
between policies within a role or between interacting roles are briefly
discussed.
Keywords: distributed systems management; management roles; role interactions;
management policy; obligation; authorization; policy conflicts.
JNSM: Vol. 5, No. 1, 1997
Towards a Role Based Framework for Distributed Systems Management [Vol. 5, No. 1, 1997]
NOTE: only abstract of paper available on-line
Back to JNSM main page