1. Field of the Invention
The present invention generally relates to transforming a high-level policy to a low-level policy. More particularly, the present invention relates to transforming a high-level policy to a low-level policy by utilizing an automated discovery tool that discovers data dependency between high-level objects and low-level objects.
2. Description of the Prior Art
Low-level objects (e.g., devices or IT (Information Technology) resources) are managed not at a high layer (e.g., an application layer in OSI (Open System Interconnection) 7 layer) but at a low layer (e.g., a physical layer in an OSI 7 layer). Therefore, rules or policies at the high layer are not directly reflected on operating low-level objects. Furthermore, most of low-level objects operate based on multi-hop dependences (e.g., an application depends on a database. The database relies on a file system.). A high-level policy (i.e., a rule which controls the high layer; e.g., a business policy) does not usually describe the multi-hop dependencies.
Beigi et al. “Policy Transformation Techniques in Policy-based Systems Management”, POLICY 2004, p. 13-24 discusses a policy transformation module for transforming a high-level business-oriented policies into lower-level technology-oriented policies. The module accepts the policies (e.g., a high-level policy or low-level policy) from a system administrator and converts them from a high-level policy to a low-level policy or vice versa.
Ashley et al. “From Privacy Promises to Privacy Management”, A New Approach for Enforcing Privacy Through out an Enterprise, ACM New Security Paradigms Workshop (NSPW), 2002, p. 43-50 discusses deploying a policy to an IT system by following steps:                1. Mapping a data type in a privacy policy to PII (Personal Identification Information) stored in the IT system.        2. Mapping data users in the privacy policy to enterprise roles in the IT system.        3. Mapping tasks that the IT system and applications perform into a policy defined in business purposes.        
However, policies (e.g., a high-level policy or low-level policy (i.e., a rule which controls the low layer)) to manage low-level objects are created mostly manually and do not accurately reflect business priorities (e.g., a priority assigned to an application). Currently, there is no method or system for an automatic policy transformation from a high-level policy to a low-level policy. Sometimes, changes to the policies are too slow to keep pace with changes in business priorities.
Therefore, it is highly desirable to provide a system or method for automatically transforming a high-level policy to a low-level policy. The low-level policy reflects up-to-date business priorities in the high-level policy.