5.5.4 Conflict

Next: 5.5.5 Exception Up: 5.5 Metapolicy Examples Previous: 5.5.3 Integration Contents

5.5.4 Conflict

The example metapolicies in this subsection show the flexibility of handling conflicts. They are often related to more than one supporting process. In table

, some example metapolicies in this area are given:

**Table 5.4:** Example conflict metapolicies
$\begin{table} \begin{enumerate} \begin{sffamily} \item If several agents are ma... ...d concurrently on the same target. \par\end{sffamily}\end{enumerate}\end{table}$

The first and second example metapolicies provide data which allows the detection and the resolution of conflicts. This information can be used during the test and enforcement phase as in the refinement process to avoid conflicts in advance. The examples forbid the triggering of the same management actions on one object. This shows that nearly the same semantics is expressed with two different metapolicies. One focuses on the specification of conflicts, the other on a strategy for conflict avoidance. It may not be a desired behaviour that several policies are triggered on the same object. This can be a reason for management operations being performed several times, which is not acceptable if the operations are not idempotent. Or, in the case of different actions a ``ping pong'' configuration may be the consequence. A solution is to trigger one policy, which in turn triggers other necessary policies in a chain.
The third metapolicy denies normal policies to control the management system. This makes only sense when normal policies and metapolicies can be differentiated. This metapolicy is necessary because metapolicies and normal policies share the same infrastructure. In a metapolicy-enabled system, controlling the management system is done with the help of the same technique normal policies uses. As a result of this, normal policies can invoke management actions on the management system. This is not wanted and must be denied for security, vulnerability, and clarity.
In the fourth metapolicy, a general constraint on a policy is specified. This is as a metapolicy of the conflict class, because it ensures that it is considered in all phases of the policy life cycle.
The last metapolicy is for two specific policy instances. It denies concurrence of enforcement on the same target. In contrast to the first and the second example, the subject can be different. This policy may be needed because inconsistencies can arise as a result of concurrent enforcement.

Next: 5.5.5 Exception Up: 5.5 Metapolicy Examples Previous: 5.5.3 Integration Contents