A Learning and Intentional Local Policy Decision Point for Dynamic QoS Provisioning

In conventional centralized authorization models, the evaluation performance of policy decision point (PDP) decreases obviously with the growing numbers of rules embodied in a policy. Aiming to improve the evaluation performance of PDP, a distributed policy evaluation engine called XDPEE is presented. In this engine, the unicity of PDP in the centralized authorization model is changed by increasing the number of PDPs. A policy should be decomposed into multiple subpolicies each with fewer rules by using a decomposition method, which can have the advantage of balancing the cost of subpolicies deployed to each PDP. Policy decomposition is the key problem of the evaluation performance improvement of PDPs. A greedy algorithm withO(nlgn)time complexity for policy decomposition is constructed. In experiments, the policy of the LMS, VMS, and ASMS in real applications is decomposed separately into multiple subpolicies based on the greedy algorithm. Policy decomposition guarantees that the cost of subpolicies deployed to each PDP is equal or approximately equal. Experimental results show that (1) the method of policy decomposition improves the evaluation performance of PDPs effectively and that (2) the evaluation time of PDPs reduces with the growing numbers of PDPs.

Download Full-text

Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA Environments

International Journal of Systems and Service-Oriented Engineering ◽

10.4018/jssoe.2011040103 ◽

2011 ◽

Vol 2 (2) ◽

pp. 37-59 ◽

Cited By ~ 2

Author(s):

Michel Embe Jiague ◽

Marc Frappier ◽

Frédéric Gervais ◽

Régine Laleau ◽

Richard St-Denis

Keyword(s):

Policy Decision ◽

Policy Enforcement ◽

Decision Point ◽

Public Agencies ◽

Web Based ◽

Access Control Policies ◽

Policy Decision Point ◽

Security Rule ◽

Private Corporations ◽

Bpel Processes

Controlling access to the Web services of public agencies and private corporations depends primarily on specifying and deploying functional security rules to satisfy strict regulations imposed by governments, particularly in the financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to the security of Web-based information systems, namely, the automatic transformation of security rules into WS-BPEL (or BPEL, for short) processes. The former are instantiated from security-rule patterns written in a graphical notation, called ASTD that is close to statecharts. The latter are executed by a BPEL engine integrated into a policy decision point, which is a component of a policy enforcement manager similar to that proposed in the XACML standard.

Download Full-text

Design and implementation of policy decision point in policy-based network

Fourth Annual ACIS International Conference on Computer and Information Science (ICIS'05) ◽

10.1109/icis.2005.46 ◽

2005 ◽

Author(s):

Geonlyang Kim ◽

Jinoh Kim ◽

Jungchan Na

Keyword(s):

Policy Decision ◽

Decision Point ◽

Design And Implementation ◽

Policy Decision Point

Download Full-text

Elimination of the Redundancy Related to Combining Algorithms to Improve the PDP Evaluation Performance

Mathematical Problems in Engineering ◽

10.1155/2016/7608408 ◽

2016 ◽

Vol 2016 ◽

pp. 1-18

Author(s):

Fan Deng ◽

Li-Yong Zhang ◽

Bo-Yu Zhou ◽

Jia-Wei Zhang ◽

Hong-Yang Cao

Keyword(s):

Policy Decision ◽

Brick Wall ◽

Decision Point ◽

Evaluation Performance ◽

Policy Rule ◽

Évaluation Performance ◽

Policy Decision Point ◽

Evaluation Time ◽

And Storage ◽

Target Attributes

If there are lots of redundancies in the policies loaded on the policy decision point (PDP) in the authorization access control model, the system will occupy more resources in operation and consumes plenty of evaluation time and storage space. In order to detect and eliminate policy redundancies and then improve evaluation performance of the PDP, aredundancy related to combining algorithmsdetecting and eliminating engine is proposed in this paper. This engine cannot only detect and eliminate theredundancy related to combining algorithms, but also evaluate access requests. AResource Brick Wallis constructed by the engine according to the resource attribute of a policy’s target attributes. By theResource Brick Walland the policy/rule combining algorithms, three theorems for detectingredundancies related to combining algorithmsare proposed. A comparison of the evaluation performance of theredundancy related to combining algorithmsdetecting and eliminating engine with that of Sun PDP is made. Experimental results show that the evaluation performance of the PDP can be prominently improved by eliminating theredundancy related to combining algorithms.

Download Full-text

Spatio-Temporal Variations of Crop Water Footprint and Its Influencing Factors in Xinjiang, China during 1988–2017

Sustainability ◽

10.3390/su12229678 ◽

2020 ◽

Vol 12 (22) ◽

pp. 9678

Author(s):

Aihua Long ◽

Pei Zhang ◽

Yang Hai ◽

Xiaoya Deng ◽

Junfeng Li ◽

...

Keyword(s):

Water Resources ◽

Water Consumption ◽

Water Footprint ◽

Policy Decision ◽

Temporal Variations ◽

Added Value ◽

Local Policy ◽

Agricultural Water ◽

Crop Water ◽

Factors Influencing

Scientifically determining agricultural water consumption is fundamental to the optimum allocation and regulation of regional water resources. However, traditional statistical methods used for determining agricultural water consumption in China do not reflect the actual use of water resources. This paper determined the variation in the crop water footprint (CWF) to reflect the actual agricultural water consumption in Xinjiang, China, during the past 30 years, and the data from 15 crops were included. In addition, the STIRPAT (stochastic impacts by regression on population, affluence and technology) model was used to determine the factors influencing the CWF. The results showed that the CWF in Xinjiang increased by 256% during the 30-year period. Factors such as population, agricultural added value, and effective irrigated area were correlated with an increase in the CWF. This study also showed that the implementation of national and regional policies significantly accelerated the expansion of agricultural production areas and increased the amount of agricultural water used. The objectives of this paper were to identify the factors influencing the CWF, give a new perspective for further analysis of the relationship between agricultural growth and water resources utilization, and provide a reference for local policy decision-makers in Xinjiang.

Download Full-text

A Graph and Clustering-Based Framework for Efficient XACML Policy Evaluation

International Journal of Cooperative Information Systems ◽

10.1142/s0218843020400018 ◽

2020 ◽

Vol 29 (01n02) ◽

pp. 2040001

Author(s):

Yanfei Li ◽

Fan Deng

Keyword(s):

Access Control ◽

Policy Decision ◽

Experimental Results ◽

The Sun ◽

Evaluation Performance ◽

Évaluation Performance ◽

Aggregate Function ◽

Access Control Policies ◽

Policy Decision Point ◽

Rule Set

EXtensible Access Control Markup Language (XACML) is one of the standardized languages for specifying access control policies. Policies described by the XACML are used to express the security requirement in the network and information system when we study authorization access control. With the aim to improve the Policy Decision Point (PDP) evaluation performance, we put forward a Graph and Clustering-Based Framework, employing the aggregate function. First, we partition the rule set into subsets. For the single value, we select the best partition quantity based on the aggregate function. As for the interval value, we handle with the start point and the finish point, respectively, in the same way as single value. Second, the policy set is split according to the partition of rule set. In this way, not only single values, but also interval values are taken into consideration. After that, we explore the searching tree to obtain the possibly matched rules. Finally, we construct the combining tree and output the policy decision on the basis of it. The experimental results show that our approach is orders of magnitude better than the Sun PDP. A comparison in evaluation performance between the redundancy detecting and eliminating engine and the Sun PDP, as well as XEngine and SBA-XACML, is made. Experimental results show that the evaluation performance of the PDP can be prominently improved by eliminating redundancies.

Download Full-text

ICTs

International Journal of E-Politics ◽

10.4018/ijep.2015040101 ◽

2015 ◽

Vol 6 (2) ◽

pp. 1-13 ◽

Cited By ~ 4

Author(s):

Kerill Dunne

Keyword(s):

Local Governments ◽

Direct Democracy ◽

Policy Decision ◽

Local Democracy ◽

Local Policy ◽

Online Forums ◽

Data Set ◽

Political Issues ◽

Local Representative ◽

Western Democracies

Within Western democracies there has been a growing demand to use ICT to enable citizens to get more involved with local political issues. Western local governments have claimed that ICT can empower citizens and strengthen local democracy. This paper will focus on one aspect of this and examine the provision of online direct democracy and whether citizens do indeed have the opportunity to vote more in local policy decision making. Using Michel Foucault's concepts of power and domination this research will explore if local governments and their citizens, through strategies of power, use one type of ICT, online forums, to change local representative democracy. In order to examine whether online forums can increase direct democracy for citizens, a quantitative data collection method was implemented in this study which produced a data set of 138 online forums. This article argues that online forums do not increase direct democracy, because citizens along with local governments use ICT to maintain the political status quo online?

Download Full-text

The impact of stakeholder engagement on local policy decision making

Policy Sciences ◽

10.1007/s11077-019-09357-z ◽

2019 ◽

Vol 52 (4) ◽

pp. 549-571 ◽

Cited By ~ 1

Author(s):

Le Anh Nguyen Long ◽

Megan Foster ◽

Gwen Arnold

Keyword(s):

Decision Making ◽

New York ◽

Stakeholder Engagement ◽

New York State ◽

Policy Decision ◽

High Volume ◽

Local Policy ◽

Government Responsiveness ◽

The Impact ◽

Political Actions

Abstract We investigate how grassroots stakeholder engagement in municipal meetings shapes the decision making of local elected officials (LEOs) by examining the choices LEOs in New York State made on how to regulate high-volume hydraulic fracturing (HVHF) or fracking. We analyzed the content of 216 meeting minutes and 18 policy documents for 13 municipalities in New York. Our observations suggest that government responsiveness to local activism is shaped by the level of contestation between grassroots stakeholders. They reveal that contestation among grassroots stakeholders encourages LEOs to try to deflect responsibility for regulating fracking. When this contestation is high, LEOs tend to pursue actions which may limit but not prohibit HVHF within their jurisdiction. In contrast, when there is no contestation, LEOs more actively pursue substantive policy actions that prohibit HVHF. Generally, we find that that the level of contestation among grassroots stakeholders about HVHF impacts the political actions LEOs take.

Download Full-text

ICTs

Advances in Electronic Government, Digital Divide, and Regional Development - Politics, Protest, and Empowerment in Digital Spaces ◽

10.4018/978-1-5225-1862-4.ch006 ◽

2017 ◽

pp. 91-106

Author(s):

Kerill Dunne

Keyword(s):

Local Governments ◽

Direct Democracy ◽

Quantitative Data ◽

Policy Decision ◽

Local Policy ◽

Online Forums ◽

Data Set ◽

Political Issues ◽

Policy Decision Making ◽

Local Representative

Within Western democracies there has been a growing demand to use ICT to enable citizens to get more involved with local political issues. Western local governments have claimed that ICT can empower citizens and strengthen local democracy. This chapter will focus on one aspect of this and examine the provision of online direct democracy and whether citizens do indeed have the opportunity to vote more in local policy decision making. Using Michel Foucault's concepts of power and domination this research will explore if local governments and their citizens, through strategies of power, use one type of ICT, online forums, to change local representative democracy. In order to examine whether online forums can increase direct democracy for citizens, a quantitative data collection method was implemented in this study which produced a data set of 138 online forums. This article argues that online forums do not increase direct democracy, because citizens along with local governments use ICT to maintain the political status quo online?

Download Full-text

Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA Environments

Mobile and Web Innovations in Systems and Service-Oriented Engineering ◽

10.4018/978-1-4666-2470-2.ch014 ◽

2013 ◽

pp. 252-273

Author(s):

Michel Embe Jiague ◽

Marc Frappier ◽

Frédéric Gervais ◽

Régine Laleau ◽

Richard St-Denis

Keyword(s):

Policy Decision ◽

Policy Enforcement ◽

Public Agencies ◽

Web Based ◽

Access Control Policies ◽

Policy Decision Point ◽

Security Rule ◽

Private Corporations ◽

Bpel Processes ◽

The Web

Controlling access to the Web services of public agencies and private corporations depends primarily on specifying and deploying functional security rules to satisfy strict regulations imposed by governments, particularly in the financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to the security of Web-based information systems, namely, the automatic transformation of security rules into WS-BPEL (or BPEL, for short) processes. The former are instantiated from security-rule patterns written in a graphical notation, called ASTD that is close to statecharts. The latter are executed by a BPEL engine integrated into a policy decision point, which is a component of a policy enforcement manager similar to that proposed in the XACML standard.

Download Full-text