Policy appliances

Policy enforcement and enforcement and reconciliation policies and procedures to ensure accountability in information systems . [1] Policy can be used to enforce policy or other systems constraints within and between trusted systems .

The emerging global information society consists of many heterogeneous but interconnected systems that are governed or managed according to different policies. For example, systems may be subject to different international, national or other political subdivision information disclosure or privacy laws ; Or different information management or security policies among or between government agencies, government and private sector information systems, or producers and consumers of proprietary information or intellectual property , etc.

This interconnected network of systems (for which the Internet as we currently know it serves as the transport layer ) Use policies will govern what information goes where, under what constraints, and who has access to it for what purposes, etc.). The interconnection between disparate systems is the “balkanization” or fragmentation of the Internet. [2]

As a consequence, the interconnectedness of the interconnected systems is limited. Current static methods based on all-or-nothing access control are insufficient to meet variable information production and consumption needs, especially when there are potentially competing policies that are contextually dependent. Access control mechanisms that have access to a network of information systems. Policy appliance is a general term to describe dynamic,

However, it is also important to note that it is not possible to use the term “policy”. In order to maintain the open transport, end-to-end principles embedded in the current Internet design – that is, to avoid hard-coding policy solutions in the transport layer To mediate between systems to facilitate information sharing, data exchange, and management process interoperability.

Policy appliances – a generic term referring to-any form of middleware That marriages policy rules – can mediate entre data owners or producteurs, data aggregators, and data users, and heterogeneous Among institutional systems or networks, to enforce, Reconcile, and monitor Agreed (Or between jurisdictions) with divergent information policies or needs. Policy appliances can interact with smart data (data That caries with it contextual relevant terms for icts own use), intelligent agent (queries That are self-credentialed, Authenticating, gold contextually Adaptive), or context-aware applications to control information flows, protect Security and confidentiality, and maintain privacy.

Policy-based processing, selective disclosure, and accountability and oversight.

Examples of policy-based technologies for policy-based processing include semantic programs, labeling and wrapper tools, and DRM , among others; Policy of technology for selective disclosure, including anonymization, content personalization, subscription and publishing tools, among others; And, for example , the use of a computer-aided design methodology for authentication , authentication , and authentication .

Control and accountability over policy appliances between competing systems is a key determinant in policy implementation and enforcement, and will continue to be subject to the international and national political, corporate and bureaucratic struggle. Transparency, together with immutable and non-repudiable logs, are necessary to ensure accountability and compliance for both political, operational and civil liberties policy needs. Increasingly, international and national information policy and law will need to rely on technical means of enforcement and accountability through policy appliances.

References

  1. Jump up^ The use ofpolicy appliancesin this context Was first Described in KA Taipale, “Designing Technical Systems to Support Policy: Enterprise Architecture, Policy Appliances, and Civil Liberties”, in Emergent Information Technologies and Enabling Policies for Counter Terrorism (Robert Popp And John Yen, eds., Wiley-IEEE Press, Mar. 2006)
  2. Jump up^ Internet panel: “Balkanization” looms, ars technica (Oct. 12, 2006)

Leave a Comment

Your email address will not be published. Required fields are marked *