Abstract
Policy-based management is an approach to the management of systems with respect to issues such as security, access control and trust by the enforcement of policy rules. This paper addresses the problem of integrating the requirements imposed by a policy with the system development process. In order to take a policy specification into account in the development of a system specification, the notion of policy adherence is formalized as a relation between policy specifications and system specifications. Adherence of a system specification to a policy specification means that the former satisfies the latter. The integrated development process is supported by refinement, where both the policy specification and the system specification may be developed under any number of refinement steps. This paper characterizes the conditions under which adherence is preserved under refinement and identifies development rules that guarantee adherence preservation. By results of transitivity and compositionality the integrated development process and the analysis tasks can be conducted in a stepwise and modular way, thereby facilitating development.
Oppdragsgiver: Research Council of Norway
Oppdragsgiver: Research Council of Norway
