SPECIAL OFFERS
Keep up with new releases and promotions. Sign up to hear from us.
Register your product to gain access to bonus material or receive a coupon.
Policy Technologies for Self-Managing Systems
Dakshi Agrawal
Calo Seraphin
Kang-won Lee
Jorge Lobo
Dinesh Verma
Use policies to build self-managing IT systems that save money, improve availability, and enhance agility
IT policies can be used to guide and automate decision making in the management of computer and network infrastructure, helping IT organizations reduce costs, improve service quality, and enhance business agility. Now, a team of top IBM researchers introduces the latest innovations in policies and autonomic computing and demonstrates how to put them to work in your organization.
The authors cover the entire policy lifecycle: planning, definition, representation in standard policy languages, validation, distribution, enforcement, and more. They identify proven patterns for designing policy-enabled self-managing systems and show how policies can be integrated into a complete framework for system self management. They carefully introduce key technologies such as rules engines and the IBM Policy Management framework, as well as emerging standards such as the DMTF’s Common Information Model. Finally, they offer start-to-finish case studies of policy management in areas ranging from storage and IP networking to security.
This book’s insights and practical guidance will be invaluable to every IT
professional who can benefit from policies: architects, developers, administrators, researchers, and managers alike.
Coverage includes
Policy Definition and Usage Scenarios for Self-Managing Systems
Foreword
Preface
Chapter 1 Policy Definition and Usage Scenarios
1.1. Formal Definition of Policy
1.1.1. Types, Nature, and Usage of Policies
1.2. Policy-Based Self-Configuration
1.3. Policy-Based Self-Protection in Computer Networks
1.4. Policy-Based Self-Optimization in Computer Systems
1.5. Policy-Based Self-Healing
1.6. Building a Policy-Based Management System
1.7. Summary
Chapter 2 Policy Lifecycle—Creation, Distribution, and Enforcement
2.1. A Holistic View of the Policy Lifecycle
2.2. Instances of Policy-Based Systems
2.2.1. Network QoS Control
2.2.2. Privacy Policy Publication
2.2.3. Policy-Based Management of Enterprise Network Access
2.3. Policy Creation
2.4. Policy Distribution
2.5. Policy Distribution Using Repositories
2.5.1. Grouping of Policies by System Components Role
2.5.2. Grouping of Policy Components
2.6. Policy Creation and Distribution for Multiple Administrative Domains
2.7. Policy Enforcement
2.7.1. Policy Evaluation Trigger
2.7.2. Policy Enforcement Context
2.7.3. Data Gathering
2.7.4. Policy Evaluation
2.7.5. Decision Execution
2.8. Summary
Chapter 3 Policy Information Model
3.1. How Is an Information Model Described?
3.2. Policy Information Models
3.2.1. Why Use Information Models
3.2.2. Condition-Action Information Model
3.2.3. Event-Condition-Action Information Model
3.2.4. Mode-Subject-Action-Target Information Model
3.2.5. Grouping, Scope, and Priorities
3.3. A Standardized Policy Model
3.3.1. The Common Information Model (CIM)
3.3.2. The CIM Policy Model
3.4. Summary
Chapter 4 Policy Languages
4.1. Declarative Nature of Policy Languages
4.2. Survey of Policy Languages
4.2.1. PDL
4.2.2. Ponder
4.2.3. CQL
4.2.4. XACML
4.2.5. ACPL
4.3. CIM-SPL
4.3.1. CIM-SPL Policy Rules
4.3.2. Policy Groups
4.3.3. An Example of CIM-SPL Policy
4.4. Summary
Chapter 5 Policy Transformation and Analysis
5.1. Policy Transformation
5.2. Design-Time Techniques for Policy Transformation
5.2.1. Transformation Using Analytical Models
5.2.2. Transformation Using Static Rules
5.2.3. Transformation by Policy Table Lookup
5.2.4. Transformation Using Case-Based Reasoning
5.3. Real-Time Policy Transformation
5.4. Policy Analysis
5.4.1. Conflict Checking
5.4.2. Conflict Resolution
5.4.3. Coverage Checking
5.4.4. What-If Analysis
5.5. Related Work
5.6. Summary
Chapter 6 Policy-Based Configuration Management
6.1. Configuration Management Overview
6.2. Policy-Based Configuration Management
6.2.1. Policy-Based Simplification of Configuration Management
6.2.2. Policy-Based Tuning of System Configuration
6.2.3. Policy-Based Checking of System Configuration
6.3. Example in Storage Area Networks
6.3.1. Configuration Checking of Storage Area Networks
6.3.2. Policy Modeling and Representation
6.3.3. Architecture of a Policy-Based SAN Configuration Checker
6.4. Example in Hosted Server Environment
6.4.1. Architecture for Self-Configuration
6.4.2. Variations on the Architecture
6.5. Summary
Chapter 7 Policy-Based Fault Management
7.1. Fault Management Overview
7.1.1. Fault Management in Networks
7.1.2. Fault Management in Web-Based Applications
7.2. Policy-Based Fault Management
7.2.1. Policy-Based Acquisition of Fault Information
7.2.2. Policy-Based Format Conversion
7.2.3. Policy-Based Event Volume Reduction
7.2.4. Policy-Based Root Cause Analysis
7.2.5. Policy-Based Remedial Action
7.3. Architecture of a Policy-Based Fault Management System
7.4. Summary
Chapter 8 Policy-Based Security Management
8.1. Overview of Security Management
8.2. Policy Applications in Security
8.2.1. Policy-Driven Access Control
8.2.2. Higher-Level Access Policies
8.2.3. Policy-Based Self-Protection
8.2.4. Policy-Based Communication Assurance
8.3. Policy-Based Security Assurance for IPsec Protocol
8.3.1. Business Needs Satisfied by the Security Assurance Tool
8.3.2. Communication Control Policies for IPsec Protocol
8.3.3. Generating the Communication Control Policies
8.4. Summary
Chapter 9 Related Topics
9.1. Production Rules
9.2. Business Rules and Processes
9.3. IT Processes
9.4. Event Correlation and Notification Systems
9.5. Service Level Agreements
9.6. Regulatory Compliance
9.7. Proliferation of Policy-Based Technologies
References
0132213079 TOC 9/9/2008