Automatic policy rule extraction for configuration management

Ron Banner, Omer Barkol, Ruth Bergman, Shahar Golan, Yuval Carmel, Ido Ish-Hurwitz, Oded Zilinsky

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

We propose a new IT automation technology for configuration management: automatic baseline policy extraction out of the Configuration Management Data Base (CMDB). Whereas authoring a configuration policy rule manually is time consuming and unlikely to realize the actual state of the configurations in the overall organization, this new approach summarizes the de-facto configurations from the data. IT staff, instead of authoring the policy rule, is required to simply validate and possibly enhance the automatically extracted policy. Our technology applies data-mining to organization's configuration assets in the CMDB, and automatically identifies repeating structures of compound configurations. Based on these repeating structures, we build policy rules for compound configuration items. The heart of our technique is a new distance measure we introduce between the configuration assets, whose computation is reduced to a minimum-cost flow problem.

Original languageEnglish
Title of host publicationProceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011
Pages125-128
Number of pages4
DOIs
StatePublished - 9 Sep 2011
Externally publishedYes
Event2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011 - Pisa, Italy
Duration: 6 Jun 20118 Jun 2011

Publication series

NameProceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011

Conference

Conference2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011
Country/TerritoryItaly
CityPisa
Period6/06/118/06/11

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Automatic policy rule extraction for configuration management'. Together they form a unique fingerprint.

Cite this