IEEE 5th International Workshop on
Policies for Distributed Systems and Networks (POLICY 2004)

June 7-9, 2004 @ IBM Thomas J Watson Research Center, Yorktown Heights, New York

Web page:

Technical Program

Monday, June 7th

  • Keynote Speaker:
    Alan Ganek, Vice President, Autonomic Computing, IBM Software Group

    Abstract (Slides: PPT)

Session 1: Policies for Self-Management

  • An Artificial Intelligence Perspective on Autonomic Computing Policies
    Jeffrey O. Kephart, William E. Walsh
    IBM Thomas J. Watson Research Center, USA
    (Slides: PPT)
  • Policy Transformation Techniques in Policy-based Systems Management
    Mandis Beigi, Seraphin Calo, Dinesh Verma
    IBM Thomas J. Watson Research Center, USA
    (Slides: PPT)
  • Policy Based Mangement for Internet Communities
    Kevin C. Feeney, David Lewis, Vincent Wade
    Trinity College Dublin, Ireland
    (Slides: PPT)

<< Back

Session 2: Routing and Mobile Networks

  • Policy-Based Mobile Ad Hoc Network Management
    Ritu Chadha, Hong Cheng, Yuu-Heng Cheng, Jason Chiang, Gary Levin, Harshad Tanna
    Telcordia Technologies, USA
  • Routing With Confidence: Supporting Discretionary Routing Requirements in Policy Based Networks
    Apu Kapadia, Prasad Naldurg, Roy H. Campbell
    University of Illinois at Urbana-Champaign, USA
  • Transaction Policies for Mobile Networks
    Nuno Santos, Luís Veiga, Paulo Ferreira
    INESC-ID/IST, Portugal

<< Back

Session 3: QoS and Storage

  • DecisionQoS: an adaptive, self--evolving QoS arbitration module for storage systems
    Sandeep Uttamchandani1, Guillermo A. Alvarez1, Gul Agha2
    1: IBM Almaden Research Center, USA; 2: University of Illinois at Urbana-Champaign, USA
  • Policy-Based Validation of SAN Configuration
    D. Agrawal1, J. Giles1, K.-W. Lee, K. Voruganti2, K. Filali-Adib3
    1: IBM Thomas J. Watson Research Center, USA; 2: IBM Almaden Research Center, USA; 3: IBM Austin Research Center, USA
    (Slides: PDF)
  • RSVP Policy Control using XACML
    Emir Toktar, Edgard Jamhour, Carlos Maziero
    PUC-PR - Pontifícia Universidade Católica do Paraná, Brazil
    (Slides: PPT)

<< Back

Session 4 (Short Papers): Automation and control

  • Policy-Based Autonomic Control Service
    N. Badr, A. Taleb-Bendiab, D. Reilly
    Liverpool John Moores University, UK
  • A Hierarchical Policy-Based Architecture for Integrated Management of Grids and Networks
    R. Neisse, E. Della Vecchia Pereira, L. Zambenedetti Granville, M. Janilce Bosquiroli Almeida, L. Margarida Rockenbach Tarouco
    Federal University of Rio Grande do Sul, Brazil
    (Slides: PDF)
  • Automated Generation of Resource Configurations through Policies
    Akhil Sahai1, Sharad Singhal1, Rajeev Joshi2, Vijay Machiraju1
    1: HP Laboratories, Palo Alto, USA; 2: Jet Propulsion Laboratories, USA
  • People and Policies: Transforming the Human-Computer Partnership
    Rob Barrett
    IBM Almaden Research Center, USA
    (Slides: PDF)

<< Back

Tuesday, June 8th

  • Keynote Speaker:
    Claus von Riegen , Group Program Manager, SAP AG, Germany

    Abstract (Slides: PDF)

Session 5: Security Policy in Large Scale Systems

  • A Framework for Contractual Resource Sharing in Coalitions
    Babak Sadighi Firozabadi1, Anna Squicciarini2, Marek Sergot3, Elisa Bertino2
    1: Swedish Institute of Computer Science (SICS), Sweden; 2: Universita' degli Studi di Milano, Italy;
    3: Imperal College London, UK
    (Slides: PPT)
  • A Formal Model for Hierarchical Policy Contexts
    András Belokosztolszki, Ken Moody, David M. Eyers
    University of Cambridge, UK
    (Slides: PPT)
  • Security Policy Reconciliation in Distributed Computing Environments
    H.B. Wang, S. Jha, P.D. McDaniel, M. Livny
    University of Wisconsin, USA
    (Slides: PPT)

<< Back

Session 6 :  Trust and Filtering

  • Responding to Policies at Runtime in TrustBuilder
    Bryan Smith, Kent E. Seamons, Mike Jones
    Brigham Young University, USA
    (Slides: PPT)
  • Cassandra: Distributed Access Control Policies with Tunable Expressiveness
    Moritz Y. Becker, Peter Sewell
    University of Cambridge, UK
    (Slides: PDF)
  • A Policy Driven Approach to Email
    Saket Kaushik1, Paul Ammann1, Duminda Wijesekera1, William Winsborough1, Ronald Ritchey2
    1: George Mason University, USA; 2: Booz Allen and Hamilton, USA
    (Slides: PDF)

<< Back

Session 7 (Short Papers):  Security

  • A Decentralized Mechanism for Distributed Access Control
    Naftaly Minsky
    Rutgers University, USA
  • Unification in Privacy Policy Evaluation - Translating EPAL into Prolog
    Michael Backes, Markus Duermuth, Guenter Karjoth
    IBM Zurich Research Laboratory, Switzerland
  • An Introduction to the Web Services Policy Language (WSPL)
    Anne Anderson
    Sun Microsystems Laboratories, USA
    (Slides: PDF)
  • FlowUML: A Framework to Enforce Information Flow Security Policies in UML based Requirements Engineering
    Khaled Alghathbar1, Duminda Wijesekera2
    1: King Saud University, Saudi Arabia; 2: George Mason University, USA
  • Towards a Multi-dimensional Characterization of Dissemination Control
    Roshan K. Thomas1, Ravi Sandhu2
    1:  McAfee Research, Network Associates, USA; 2: George Mason University, USA
  • Protocol Decode Based Stateful Firewall Policy Definition Language
    Ravi Sahita, Pankaj N. Parmar, Priya Rajagopal
    Intel Corporation, USA
    (Slides: PPT)

<< Back

Session 8 (Short Papers): Quality of Service

  • Implementation of the CIM Policy Model Using Ponder
    Andrea Westerinen, Mark Carlson, Julie Schott
    Cisco Systems, USA
    (Slides: PPT)
  • Integrating Policy-based Management and Adaptive Traffic Engineering for QoS Deployment
    Steven Van den Berghe, Filip De Turck, Piet Demeester
    Ghent University - IMEC, Belgium
    (Slides: PDF)
  • Policy-based Congestion Management for an SMS Gateway
    Roberto Cosenza1, Alberto Gonzalez Prieto2, Rolf Stadler2
    1: Infoflex, Sweden; 2: Royal Institute of Technology, Sweden
    (Slides: PPT)
  • PROTON: A Policy-based Solution for Future 4G devices
    Pablo Vidales, Rajiv Chakravorty, Calicrates Policroniades
    University of Cambridge, UK
    (Slides: PDF)
  • Policy Control Model: a Key Factor for the Success of Policy in Telecom Applications
    Fernando Cuervo, Michel Sim
    Alcatel, Candada
    (Slides: PDF)

<< Back

Wednesday, June 9th

  • Keynote Speaker:
    Rich Friedrich, Director, Internet Systems and Storage Laboratory, HP Laboratories, Palo-Alto, CA


Session 9: Analysis and Refinement

  • A Goal-based Approach to Policy Refinement
    Arosha K Bandara1, Emil C Lupu1, Jonathan Moffett2, Alessandra Russo1
    1: Imperial College London, UK; 2: University of York, UK
    (Slides: PPT)
  • Incremental Validation of Policy-Based Systems
    Angus Graham1, Thiruvengadam Radhakrishnan1, Cliff Grossner2
    1: University of Concordia, Canada; 2: NewStep Networks, Canada
    (Slides: PPT)
  • Finite State Transducers for Policy Evaluation and Conflict Resolution
    Javier Baliosian, Joan Serrat
    Universitat Politècnica de Catalunya, Spain
    (Slides: PDF)

<< Back

Session 10 (Panel): Policy Based Management: the Holy Grail?
Panel Chair: Morris Sloman, Imperial College London  
(Slides: PDF)

Research in policy-based systems in various application areas such as networking, security and enterprise systems has been going on for about a decade. There is some consensus that policy is a behavioural guide or the rules relating to choices in behaviour and that policy is derived from goals. However there is no hard and fast distinction between goals and policy. Organisational Policy can range from a high level goal to maximise the income generated from a service provided by the organisation to a specific rule in a router to assign traffic from a particular IP address to high priority queue. Some people consider device configuration parameters such as buffer size, queue length etc. to also be policy. If a goal is policy, is a required response time also policy?

Several policy languages, policy deployment models and policy enforcement models have been proposed. However policy-based management systems are rarely deployed in industry and security policy is still mostly defined in terms of low-level access control lists and firewall rules. Is there something missing from the research approach which makes it difficult to implement policy-based systems?

This panel will debate the issues of what is policy in light of our experience of security and management policies over the past decade. It will address issues such as:

  • Are (event-)condition-action rules sufficient for the specification of management policies
  • Are authorization policies of the form permit/deny action when condition sufficient?
  • If goals are policies can we distinguish between policies and requirements?
  • Is a universal policy language/representation an unachievable goal?
  • Do different representations require different analysis techniques.
  • The AI community have been talking about goals and planning for many years - do they have all the answers?
  • Will future policy agents be intelligent enough to derive a set of actions so that only high level goals need be specified?

Panel Members
  • Network management viewpoint: John Strassner, Intelliden  (Slides: PDF)
  • Security viewpoint: William Winsborough, George Mason University  (Slides: PDF)
  • Language viewpoint: Naranker Dulay, Imperial College London  (Slides: PDF)
  • AI viewpoint: Jeff Kephart, IBM TJ Watson Labs  (Slides: PDF)

<< Back