Policy based systems management provides a means for administrators, end-user's and application developers to manage and dynamically change the behavior of computing systems. One advantage of policy-based management is that it simplifies and automates the administration of IT environments. A significant part of the simplification is obtained by allowing the system administrator to specify policies at a high-level which are easily understandable rather than having to specify low-level and detailed policies fox each of the different devices in the system. Therefore, high-level enterprise-oriented policies will need to be transformed into lower-level technology-oriented policies in order for them to be adapted to the various components of the system. It is also very convenient to be able to transform low-level policies as used by the policy-enabled systems to the original high-level policies as specified originally by the system administrator. A policy often takes the form of a condition and an action such that when the condition evaluates to “true,” the action is to be performed.
As an example, the transformation module would receive a policy of the form: If the user is from Corporate, then provide Gold level service. This policy would be transformed into the following more specific policy: If the user is from the subnet 9.10.3.0/24, then reserve a bandwidth of 20 Mbps and provide an encryption of 128 bits. In this case, the transformation rule specifies that a Corporate user is on the 9.10.3.0/24 subnet. It also specifies that a Gold service be defined to provide a bandwidth of 20 Mbps and an encryption of 128 bits.
Transformation using static rules can be very useful in simplifying the policy language as seen by the system administrator. First, a set of static transformation rules for converting policies in terms of high-level goals into policies in terms of low-level configuration parameters understandable by the system is defined by an expert user, who knows the details of the system and the definitions of the various objectives, such as what it means to provide gold level service in terms of performance, security, etc. These rules follow a policy language that is more detailed and complicated than the one used by the goal policies as seen by the system administrator. The policy transformation module transforms the objectives to low-level configuration parameters using the definitions specified by the transformation rules.