The altered enforcement process resulting from the changes of the NoCScontrol is described in this subsection illustrated by the metapolicy examples.
Figure ![[*]](http://www.nm.informatik.uni-muenchen.de/common/icons/latex2html-97.1/cross_ref_motif.gif){kind=icon}
shows the changed dynamic model of the
Enforcement Objects of normal policies and metapolicies. Additional
state transitions, events, and decision points are made visible by
stronger lines and slanted typeface.
In comparison to the former enforcement process, subjects other than
nomadic computer system are possible, and before a policy gets finally
enforced the Metapolicy Service Mobile Agent is asked for
approval. For this purpose, each Enforcement Object sends an
policy_enforcement event as shown in
figure . The policy_enforcement includes
information specifying the state of the Enforcement Object. This
provides the context in which a policy is enforced by an Enforcement
Object and on this basis, it is possible for the Metapolicy Service
Mobile Agent to take a decision.
The Metapolicy Service Mobile Agent sends an MP_decision event back to the Enforcement Object. This contains the decision for the enforcement of the policy. At this phase of the implementation, it only grants enforcement by true or denies it by false. Enhancing both, the capabilities of the decision process and the Enforcement Objects, will allow further events. The Enforcement Object executes the actions specified by the policy when it receives a MP_decision containing true. Otherwise, the enforcement stops.
The enhancements, which allow subjects others than a nomadic system, are necessary for the enforcement of active metapolicies. The process of granting enforcement by the Metapolicy Service Mobile Agent is needed for the realisation of passive metapolicies.
The remainder of this subsection describes the application of the example
metapolicies from subsection .
The active metapolicy is stored in an Operational Policy object by the Policy Service and enforced in a very similar way as normal policies by NoCScontrol system. The only differences is the different subject, namely the MetapolicyServiceMobileAgent, which performs actions not for managing nomadic computer systems, but for managing the management system. It invokes the insert_object_state method, which creates an entry for the policy object, if necessary, and first stores modified and, with the second invocation, to_review in the Object State Database. The Policy Factory Mobile Agent is modified to send an execution for each operation invoked on them. The constraint checks which method was called and triggers the policy actions when it was the setOperPolDescription method.
The passive metapolicies are enforced by the Metapolicy Service Mobile
Agent. Figure shows the enforcement of two normal
policies and passive metapolicies. The two normal policies starting
the enforcement process nearly at the same time. This will result in
concurrent enforcement of both policies. The two Enforcement Objects
send their state by an policy_enforcement event. This is
saved in the Action Event Database. After that, the Metapolicy
Database is searched for metapolicies governing the policies. The
constraints of the metapolicies found are combined by logical
AND and one large structured event is created. This is
necessary, due to limitations of the Constraint Interpreter, which can
only be called with one structured event. The result evaluated by the
Constraint Interpreter is sent by an MP_decision event to the
Enforcement Object of the normal policy.
After the MP_decision event has been sent, the policy_enforcement event is removed from the Action Event Database. This implies that an action granted by an MP_decision event is executed immediately which is clearly not true. This approach was taken to avoid the use of several events, notifying the beginning and ending of an action, and to avoid large changes in the existing system. This may restrict the use of metapolicies to govern concurrent events, but these are not considered by the NoCScontrol system either at the moment. Using events in general for notifying a metapolicy decision makes the decision dependent on the semantics6.7 of the event notification mechanism. This problem is also not considered here.
The following subsection describes the developed design in greater detail.
![\includegraphics [width=\textwidth]{Bilder/EOstates}](img53.gif)
![\includegraphics [width=.33\textwidth]{Bilder/PolEnfEvent}](img54.gif)
![\includegraphics [width=\textwidth]{Bilder/pasMPdyn}](img55.gif)