Dynamic Policy Access Model Based On Concept Lattice

As a new network management model, PBNM(policy-based network management) has more flexibility and can be used in the management of Mobile IP network resource and in the management of QoS to allocate the network resources appropiately and to ensure the quality of service for mobile users.PBNM has already been used in mobile environments, in which the policies were authored in advance by network administrators, and therefore could not perceive the changes of the network load in time. The business was interrupted when the network state can not meet the needs of users, which affected the full use of network resources. To improve the performance of a policy system, it is necessary to update policies or generate new policies according to the network state changes. Policies that can reflect the network status changes are called dynamic policies, which are distinct from the traditional policies. We need to investigate the generation model of dynamic policies, to establish the triggering, conflict detection, and conflict resolution mechanisms of dynamic policies, and to build an access model for dynamic policies.Policies can express high-level goals of the administrators. These goals are achieved by means of low-level network devices. In order to facilitate the translation from high-level goals into low-level device commands, the Internet Engineering Task Force and the Distributed Management Task Force proposed PCIM(policy core information model), which described that a policy was consist of a set of business rules which guided how to manage, allocate and control network resources. Rules indicated actions to be taken under certain conditions. PCIM used the concept of class of object-oriented to describe the elements of a policy, including policy conditions and policy actions. In the IETF policy-based network management framework, the policy information was stored in the policy repository. Other organizations have put forward various policy information models. Information models represent objects and relationships between objects independently from technologies, storage methods, access protocols, and storage types. Data models determine how to store the policies into the policy repository. Data models represent the features of a series of related objects, using terms for a specific data storage and access technology. Directory databases and relational databases are among the most frequently used data models.From the view point of supporting fast policy conflict detection and resolution, neither directory database nor relational database is an ideal data model by the reason that the core step of policy conflict detection is to determine the intersection between the conditon elements of two policies. This step requires rich semantic information.To build an effective policy system, we need to consider authoring of all levels of policies, conflict detection and conflict resolution as continuous processes. This challenge can be broken through from policy specification, storage and auxiliary tools in order to make the information models, data models and supporting tools to contain enough semantic information.The definitions of policy conflict and the methods of conflict detection are different in different applications, on different levels, and with different types. That is a big challenge faced by policy system designers. A policy conflict in one application may not necessarily be a policy conflict in another application. Background knowledge of the application is required in the definition of policy conflict and detection. There are various approaches to policy conflict analysis for different application types including language based policy conflict analysis, informatin model based policy conflict analysis, and ontology based policy conflict analysis. Language based policy conflict analysis underutilized application specific information. When the policy repository is large, the conflict detection efficiency is low; informatin model based policy conflict analysis lacks flexibililty when changing the policy language or appliction constraint information, although this approach considers application specific information, and can detect more types of policy conflict; ontolgoy based policy conflict analysis has potential to use knowledge base in the design of flexible conflict detection algorithms, but how to extract semantic information from the information model and ontology is still a challenge.The research work in this paper has been sponsored by The National Natural Science Foundation of China " Policy-based Dynamic Resource Allocation and Management Mechanism during Mobile IP Handover " (60573128).There are five research issues in the project. This paper highlights the access moodel and mechanism of dynamic policies, involving the storage, conflict detection and conflict resolution of dynamic polices. A new policy access model, a new policy conflict detection method, and a new policy conflict resolution method are proposed in this paper. The key lies in the fact that rich semantic information is achieved by using a concept lattic to support efficient pollicy conflict detection.Although the concept lattice has been widely used in the field of data mining, its potential in the area of policy conflict detection is underestimated by the research groups except from our research group.This article starts from the storage model of dynamic policy system to study how to effectively extract and store the semantic information from the dynamic policy system, and to study how to quickly determine the relationship among the conditon components of policies, with the goal of increasing the efficiency of policy conflict detection and automatically resolving the conflicts among policies.My research has resolved the problem of low efficient policy conflict detection due to insufficient informaton in the traditonal dynamic policy storage model of large scale dynamic policy applicaton systems. My contributions are as follows:1, A new access model for dynamic policies based on concept lattice. Include:(1) gave the formal definition of the dynamic policy. (2) pointed out that there exists partial order relationship among the attribute values of policies,and this partial order could be used to classify the dynamic policies. (3) designed a construction method of classification formal context, defined the dynamic policy formal classification concept and classificaton concept lattice, stored the application specific semantic information and the relationships among the conditon components of dynamic policies into the concept lattice. The classification concept latice maked full use of domain knowledge, and it was established according to the attribute value domain, which seldom changed because of the stability of the attribute value. Organizing the policy repository in the form of concept lattice, we can get an efficient and stable classification at the same time this makes the conflict detection more convinient by using the partial order relationship among concepts. (4) designed a dynamic policy storage procedure based on the concept lattice, implemented a prototype policy system, and optimized the procedure of policy searching and the procedure of intersection computation on condition elements of policies.2, dynamic policy conflict detection algorithms based on concept lattice. Include: (1) gave the formal definition of the dynamic policy conflict; (2) designed an algorithm for getting the conflict concept lattice; (3) designed an algorithm to select the candidate conflict policy set based on the conflict concept lattice; (4) designed an conflict detection algorithm based on the conflict concept lattice. The experiments were performed for the above algorithms. The experimental results show that:after organizing the policy repository in the form of concept lattice, the main work remained to be done is shrinking the span of conflict detection, which is a structure and size-sensitive process, while in the real world, these two factors are usually unchanged because of the stability of semantic informatin, which supports fast policy conflict detection. The policy rules are organized into different formal classification concepts, which makes the new conflict detection algorithm stable and scalable to the size of the rule sets.3, A new dynamic policy conflict resolution algorithm based on concept lattice. Include:(1) defined the precedence relations and the intesection relations between the dynamic policies; (2) defined the precedence policy conflict and the intersection policy conflict; (3) designed a method to compute the attribute expressions of the dynamic policies based on bit vector; (4) designed algorithms to rewrite conflicting policies; (5) designed concept-lattice-based dynamic policy conflict resolution algorithm.The main conclusions are as follows:(1) The current information models of policy systems can not satisfy the requriements of large-scale distributed dynamic policy systems on the demand for rapid conflict detection because of different support degree for semantic information and different degree of the richness of semantic information contained in the model. Thus information extraction and storage method is needed which is independent from the information model. Although the formal concept analysis has been widely used in the field of data mining, its potential in the area of policy conflict detection has not been focused yet.(2) The classification concept lattice includes semantic information which can be used to determine the correlation between policies. The semantic information can help to design fast policy conflict detection algorithms.(3) The candidate conflicting policies can be selected with the help of the semantic information contained in the classificatin concept lattice, decreasing the number of deployed policied needed to be compared to the new policy. The flexibility of the policy conflict detection algorithm is increased by the seperation of policy conflict definition from the policy conflict detection algorithm. The policy conflict detection algorithm is able to detect new types of policy conflict if a new policy conflict definition is given.(4) Different policy conflict resolution algorithms can be designed according to different types of conflict.The appropriate conflict resolution algorithm is automatically called by the conflict resolution services according to the type of conflict, which improved the adaptability of the conflict resolution algorithm to new applications.Future research directions are as follows:(1) Although the information model and the concept lattice were used in this thesis, ontology has not been used yet. Next step is to combine the concept lattice, information model and ontology to further get the application specific semantic information, to make full use of the automatic reasoning ability of the ontology, and to improve the interoperability of dynamic policy systems and the performance of the conflict detection.(2) The methods of conflict resolution provided in this article do not cover all applications. Next step is to provide policy conflict resolution algorithms for new applications to improve the adaptability and flexibility of dynamic policy systems.(3) The access model of dynamic policies based on the concept lattice was tested only on a single machine, and multi-threading techologies were used to get concurrency. Next step is to test the model on multiple machines by using distributed and parralell technologies.