Decentralized Regulation of Distributed Systems: Beyond Access Control

   page       BibTeX_logo.png   
Naftaly H. Minsky
Rutgers University
December 2007

This paper introduces a model of interaction control for the regulation of distributed systems, which can cope with their increasing openness and heterogeneity.
This model goes well beyond conventional access control. It is, in particular, inherently decentralized, and thus scalable even for wide range of stateful policies. And it is very general, and not biased toward any particular type of policies; thus providing a significant realization of the age old principle of separation of policy from mechanism.
This, so called, LGI model is an abstraction of an implemented mechanism called Moses (that has sometimes been called "LGI" as well), which regulates Internet communication, providing several important capabilities not present in the LGI model, but consistent with it.
Moreover, the LGI model can be reified into a whole family of additional mechanisms?called LGI-based mechanisms?which would share the basic properties of this model, but may be applied to different types of communications, such as wireless communication of various kinds, and can add a host of features to those inherent in the model itself.