Policy Specification: Meeting Changing Requirements without Breaking the System Design Contract

There has been a great deal of interest in recent years in the use of policies to simplify system management and to reduce costs. However, the major focus has been on the development of techniques with the greatest expressive power possible, generally viewing the policy authoring as a selfcontained activity performed by experts who understand the aims of and constraints on the system being managed. A system is normally designed to meet agreed requirements and objectives, which can be seen as constituting a design contract for the system. The aim in introducing policies should be to allow flexibility to meet changing circumstances without violating the guarantees given by this contract. This paper looks at policy specification as a step in the incremental design of systems and examines how policies need to be constrained in order to preserve the over all design objectives for the system being managed. It proposes a specification architecture for policies, discusses how it might be used, and considers how well-suited some existing specification languages and tools are to supporting this architecture.