4.1 Previous Work

Looking at recent publications in the area of policies, present research activities appear to focus more on the architecture of policy systems [Marr 97,Koch 97], or deal with the application of policies in different areas of management [LuSl 97d,SlLu 98,Heil 98]. Hereby, mainly (technical) enforcement concerns are investigated. As a consequence the policy life cycle, and the processes involved in the life cycle have often been neglected in the architecture of a policy system. Whenever they were mentioned, they were used to model the application of policies.

[MSY 95], [Marr 97] and [Wies 95] use a similar but limited, policy life cycle. [MSY 95], [Marr 97] use it mainly to describe some constraints for editing, distribution and deletion of policies. In brief, a policy can only be edited and deleted when it is not enabled and is not in the host system; in all other cases editing is done on an automatically created copy.

[Wies 95] additionally derives from his life cycle that policies must be able to send notifications when the target or the domain has changed, which lead to a change of the policy configuration and its monitoring part.

[Goh 98] examines a Policy Evolution Life-cycle focusing on the development (and especially the refinement) and the stages a policy has to pass from the initial organisational requirement establishment to the mapping for configuration and the verification of the policy enforcement. Through this development process and the different people involved in this process having various demands, a need for policy management arises.