| The intrinsic complexity of Internet and its resources pose a series of great challenges to the Internet service management. In the last ten years, researchers put forward many solutions based on the policy management technology. However, for many problems such as compatibility and scalability, these plans are hard to provide effective uniform management in large distributed systems. Along with the trend that traditional Internet is evolving from a network exchanging and sharing information into an open collaborative environment, its open and dynamic features introduce more uncertain factors which can influence system behaviors substantially. The network service manifest some new characteristics, such as complexity in service principal analysis, incompleteness in service information collecting, relativizing in service measurement, personalizing in service requirement, self-adaptation in service enforcement, etc. In order to meet these service demands, and to support the efficient and correct joint operations, it is necessary to study the underlying policy management technologies which correspond with them.This dissertation presents a complete and efficient policy architecture, and discusses the key problems to deploy network service policies in the open coordination environment. Its goal is to realize a relatively ordered, controllable, autonomous coordination for the service management in open collaborative system.We present a collaborative network service model based on the idea of trust degree, called CNSM. This model has the following characteristics: It uses the role concept to depict the functional relationship between cooperating partners, which can better satisfy the policy management requirements in large organization; It introduces the entity concept with trust level arguments, quantifies trust relationship between the cooperation entities, describing the cooperation behavior more accurately; It builds the service abstract level information model to offer a hierarchical policy abstraction, and to execute policy refinement operations through binding method, improving the manageability and portability for the collaborative system.Based on the characteristics of general policy management models, we propose a distributed collaborative policy architecture for CNSM, called DCPA, which is implemented using the idea of building block. Each coalition partner implements the functional components of policy management in a distributed manner, meantime coordinates with each other to perform policy resolution, thus guaranteeing the consistency and efficiency of policy enforcement. We propose a policy coordination method based on trust-degree and experience information. In this way we can model the trust relationships among partners and their dynamic evolution in collaborative systems more accurately. DCPA has good scalability, this makes it meet service management demands under the open cooperation environment.Most existing policy description methods aim at limited application domains and can't meet the requirements under open cooperation environment. So we design the general policy representation language GPRL, which provides support for many kinds of network services. With the goal of rich expressiveness, this language can elegantly express most popular application level policy and network level policy under the collaborative environment. It provides powerful event mechanisms to activate the policy actions. By introducing composite policy concepts, such as role and the management structure, GPRL can conveniently specify policies in large complicated network. It also defines trust management policies based on trust and recommendation rank, which characterize cooperating member's confidence level and trust transmission relations more exactly. GPRL has the syntax of logical form and clear structural semantics, which is advantageous in the conflict analysis and the correct realization of policy specification.We design and implement a coalition clustering method based on graph partitioning and a stratified policy conflict resolution algorithm based on the first order logic transform. This algorithm comprises policy resolution algorithm within coalition partner, coalition dynamic partition heuristic algorithm aiming at policy goals, policy resolution algorithm among coalition partners, and logical verification method for policy rules. Coalition dynamic partition algorithm contains some optimized choices, such as recursive bisection, partition refining and partition mergence. Experiment results show that this algorithm could get coalition cluster structure with the least policy split cost in the moderate time overhead. We also construct a logical semantic and transform system that translates GPRL policy rules into logical Horn clause. Thus we can utilize theorem provers to detect and eliminate conflicts among policy rules based on action cancel and event cancel ideas.Based on the above research, we implement a flexible and effective policies management prototype system. It presents policy editor, policy compiler, policy distribution and enforcement components, which are integrated through the policy management toolkit. Compilation process translates high level policies into runtime objects for execution, which facilitates scalability and efficiency. This system provides compatibility by defining a group of general interfaces.
|
PDF Full Text Request