Model-Based Management of Network Resources

  • Fernando Marques Figueira Filho UNICAMP
  • João Porto de Albuquerque UNICAMP
  • Paulo Lício de Geus UNICAMP


The modelling of access control rules in terms of high-level policies has been subject of research over the last decade. Policies, in this context, define if an access is permitted or forbidden to be performed. However, they do not prescribe rules for the utilization of network resources. In this manner, a user or application might consume available resources with superfluous activities, hindering other high-priority users or applications to work properly. Following this motivation, our approach associate to a policy a set of requirements that must be fulfilled for each access. We adopt model-based management concepts, in which a policy is defined in terms of abstract entities and is represented at different levels of abstraction.


Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and Weiss, W. (1988). An architecture for differentiated service. RFC 2475, IETF.

Lück, I., Schäfer, C., and Krumm, H. (2001). Model-based tool-assistance for packet-filter design. In POLICY '01: Proceedings of the International Workshop on Policies for Distributed Systems and Networks, pages 120-136, London, UK. Springer-Verlag.

Porto de Albuquerque, J., Krumm, H., and de Geus, P. L. (2005). Policy modeling and refinement for network security systems. In IEEE 6th International Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden.

R. S. Sandhu, E. J. Coyne, H. L. F. and Youman, C. E. (1996). Role-based access control models. In IEEE Computer.

Sloman, M. (1993). Policy hierarchies for distributed systems management. In IEEE Journal on Selected Areas in Communications, pages 1404-1414.
FIGUEIRA FILHO, Fernando Marques; ALBUQUERQUE, João Porto de; GEUS, Paulo Lício de. Model-Based Management of Network Resources. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 5. , 2005, Florianópolis. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2005 . p. 253-256. DOI:

Artigos mais lidos do(s) mesmo(s) autor(es)

1 2 3 > >>