incubator-imperius-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Wood <daw...@us.ibm.com>
Subject Re: Framework above existing Imperius
Date Tue, 21 Oct 2008 19:13:02 GMT
***********************
Warning: Your file, ibm-extensions-javadoc.zip, contains more than 32 files after decompression
and cannot be scanned.
***********************


David et al,

The only real downside I see is that it is somewhat at odds with some of 
the existing Imperius code (DataStore, PolicyRepository) as I mentioned 
earlier.  Below I've attached the javadoc for your review.  The key 
interfaces are as follows:

IPolicy - adds metadata (name, attributes, group membership) to the SPL 
policy string.
IPolicyDecisionPoint (aka PDP)- stores policies and registers policy 
evaluation point (PEP) and provides policy evaluation.
IPolicyManager - provides the ability to administer policies with a PDP 
and also allows discovery of the registered policy evaluators
IPolicyRepository - a persistent repository of policies (we have memory, 
file and JDBC implementations in progress).
IEvaluator - represents registration of a PEP and allows evaluations of 
policies with the associated PDP.



Looking forward to you feedback.

David Wood 
Network Server System Software Group
IBM TJ Watson Research Center
dawood@us.ibm.com
914-784-5123 (office), 914-396-6515 (mobile)




From:
David L Kaminsky/Raleigh/IBM@IBMUS
To:
imperius-dev@incubator.apache.org
Date:
10/15/2008 11:03 AM
Subject:
Re: Framework above existing Imperius



David,

I'd definitely be interested. Sounds like lots of good function. 

To me, the big question is: are you aware of any downside?

David

David Wood/Watson/IBM@IBMUS


David Wood/Watson/IBM@IBMUS 
10/14/2008 04:05 PM 

Please respond to
imperius-dev@incubator.apache.org




To

imperius-dev@incubator.apache.org

cc


Subject

Framework above existing Imperius





All,

Our group has designed and developed a layer of functionality on top of 
Imperius, including the following:

Extended Policy object that includes metadata such as name, attributes and 

the ability to get instances information
Policy repository - persistent or in memory storage of Policy objects an 
the ability to activate and deactivate policies.  Policies can be queried 
by activation and/or attributes.
PEP - a policy evaluation point, which defines the set of instances to be 
provided at evaluation time, and an optional set of attributes for 
matching with policies.
PDP - a policy decision point, which allows PEP to register and acquire 
evaluations.  It also holds policies in a policy repository. 
PolicyManager - connects to a PDP for policy management and discovery of 
registered PEP.
Simulation - provides the ability to define PEP via instance providers and 

to run the PEP over policies deployed through a policy manager.

Some of this overlaps with existing Imperius components such as DataStore, 

PolicyRepository and PolicyManager, but I think you will find the above 
are a superset of the functionality there (that is the intent anyway). 

We'd like to propose including some or all of this framework in Imperius. 
Is there interest?  If so, I can provide a set of javadoc for the 
library. 

David Wood 
Network Server System Software Group
IBM TJ Watson Research Center
dawood@us.ibm.com
914-784-5123 (office), 914-396-6515 (mobile)




Mime
View raw message