The present invention relates in general to the field of computers and other data processing systems, including hardware, software and processes. More particularly, the present invention pertains to the management of the resources of a data processing system using rules and/or policies.
Enterprise behavior is governed by policies that, in some cases, are translated into rules for computing resources. For example, an enterprise may have an enterprise policy (e.g., a corporate policy) that dictates that passwords used by computer resources (including hardware and software) must be “strong” (difficult to bypass or “break”). Such a policy may translate into a “rule,” such as a rule that “passwords must be eight characters in length.”
In some software applications, such a rule is abstracted from software code in the software application. For example, an application might include a function call such as “checkPasswordStrength( )”. In a case such as this, the function call can invoke a rules engine, which makes adopting policy-based changes easier. Thus, if the password-strength requirement went from six characters to eight characters, applications using this strategy would only have to change one rule (e.g., changing “if (length>6)” to “if (length>8)”).
Unfortunately, the scenario described above rarely exists consistently in the real world. That is, in an ideal world, every enterprise resource (e.g., software applications, hardware, etc) would have a variable or a call routine that would go to a central repository to obtain a current value (e.g., password length must be <eight> characters). However, many applications are hard coded, are overridden by a configuration parameter set by an administrator, are governed by another rule system, etc. For example, a line of code may be hard coded as “password length must be six characters” instead of soft coded as “password length must be <VARIABLE> characters.” When a system rule changes from requiring six characters to requiring eight characters for a password, verifying that each and every hard coded application complies with this rule change can be difficult if not unreasonable impractical. If compliance with the rule change is mandatory, such as a requirement to be compliant with an industry standard, a governmental regulation, or a law, failing to amend the hard coding can have serious consequences.