62:) increasingly requires dynamic agreement (negotiation) and technical mediation as to which policies will govern information as it flows between or among systems (that is, what use policies will govern what information goes where, under what constraints, and who has access to it for what purposes, etc.). The alternative to developing these mediating mechanisms to provide automated policy negotiation and enforcement across interconnection between disparate systems is the increased "balkanization" or fragmentation of the Internet.
192:, at DARPA-Tech 2002 Conference, Anaheim, CA (Aug. 2, 2002); ISAT 2002 Study, Security with Privacy (Dec. 13, 2002); and IAO Report to Congress regarding the Terrorism Information Awareness Program at A-13 (May 20, 2003) in response to Consolidated Appropriations Resolution, 2003, No.108-7, Division M, §111(b) .
145:
in this context was first described in K. A. Taipale, "Designing
Technical Systems to Support Policy: Enterprise Architecture, Policy Appliances, and Civil Liberties", in Emergent Information Technologies and Enabling Policies for Counter Terrorism (Robert Popp and John Yen, eds., Wiley-IEEE Press,
70:
are insufficient to meet variable information production and consumption needs, particularly when there are potentially competing policies (for example, the conflict between disclosure and privacy laws) that are contextually dependent. Access control mechanisms that simply control who has access
95:
that manages policy rules -- can mediate between data owners or producers, data aggregators, and data users, and among heterogeneous institutional systems or networks, to enforce, reconcile, and monitor agreed information management policies and laws across system (or between jurisdictions) with
121:
Control and accountability over policy appliances between competing systems is becoming a key determinant in policy implementation and enforcement, and will continue to be subject to ongoing international and national political, corporate and bureaucratic struggle. Transparency, together with
78:
Although policy development and enforcement itself is a political or cultural process, not a technological one, technical systems architecture can be used to determine what policy opportunities exist by controlling the terms under which information is exchanged, or applications behave, across
38:
consists of many heterogeneous but interconnected systems that are governed or managed according to different policies, rules, or principles that meet local information management needs. For example, systems may be subject to different international, national or other political subdivision
83:
embedded in the current
Internet design – that is, to avoid hard-coding policy solutions in the transport layer or using strict access control regimes to segment the network – policy appliances are required to mediate between systems to facilitate information sharing, data exchange, and
65:
Because no single policy can govern all systems or information needs, methods of reconciling differences between systems and then enforcing and monitoring agreed policies are necessary in order to share useful information and keep systems interconnected. Current static methods based on
114:, among others; policy appliance technologies for selective disclosure include anonymization, content personalization, subscription and publishing tools, among others; and, policy appliance technologies for accountability and oversight include
176:, 7 Yale J. L. & Tech. 123; 9 Intl. J. Comm. L. & Pol'y 8 (2004) at 56-58 (discussing “privacy appliances” to enforce rules and provide accountability). The concept of privacy appliances originated with the DARPA
126:
policy needs. Increasingly, international and national information policy and law will need to rely on technical means of enforcement and accountability through policy appliances.
110:
Examples of policy appliance technologies for rules-based processing include analytic filters, contextual search, semantic programs, labeling and wrapper tools, and
107:
Policy appliances support policy-based information management processes by enabling rules-based processing, selective disclosure, and accountability and oversight.
96:
divergent information policies or needs. Policy appliances can interact with smart data (data that carries with it contextual relevant terms for its own use),
75:
is a general term to describe dynamic, contextually-aware control mechanisms currently being researched and developed to enforce use policies between systems.
47:
policies among or between government agencies, government and private sector information systems, or producers and consumers of proprietary information or
85:
122:
immutable and non-repudiable logs, are necessary to ensure accountability and compliance for both political, operational and
24:
204:
185:
177:
174:
Technology, Security, and
Privacy: The Fear of Frankenstein, the Mythology of Privacy, and the Lessons of King Ludd
111:
71:
between systems result in stove-piped information silos, "walled gardens", and increased network fragmentation.
104:
applications to control information flows, protect security and confidentiality, and maintain privacy.
48:
80:
44:
35:
27:. Policy appliances can be used to enforce policy or other systems constraints within and among
101:
97:
155:
123:
59:
28:
115:
67:
118:, authorization, immutable and non-repudiable logging, and audit tools, among others.
198:
100:(queries that are self-credentialed, authenticating, or contextually adaptive), or
40:
92:
55:
20:
19:
are technical control and logging mechanisms to enforce or reconcile
173:
189:
23:
rules (information use rules) and to ensure accountability in
91:
Policy appliances -- a generic term referring to any form of
54:
This interconnected network of systems (for which the
79:systems. In order to maintain the open transport,
184:Presentation by Dr. John Poindexter, Director,
8:
43:; or different information management or
134:
58:as we currently know it serves as the
156:Internet panel: "Balkanization" looms
7:
14:
158:, ars technica (Oct. 12, 2006)
1:
186:Information Awareness Office
178:Total Information Awareness
221:
39:information disclosure or
81:end-to-end principles
49:intellectual property
34:The emerging global
205:Information systems
36:information society
25:information systems
98:intelligent agents
88:interoperability.
86:management process
143:policy appliances
17:Policy appliances
212:
159:
153:
147:
139:
73:Policy appliance
220:
219:
215:
214:
213:
211:
210:
209:
195:
194:
167:
162:
154:
150:
140:
136:
132:
124:civil liberties
66:all-or-nothing
60:transport layer
29:trusted systems
12:
11:
5:
218:
216:
208:
207:
197:
196:
166:
163:
161:
160:
148:
133:
131:
128:
116:authentication
68:access control
13:
10:
9:
6:
4:
3:
2:
217:
206:
203:
202:
200:
193:
191:
187:
183:
179:
175:
171:
164:
157:
152:
149:
144:
138:
135:
129:
127:
125:
119:
117:
113:
108:
105:
103:
102:context-aware
99:
94:
89:
87:
82:
76:
74:
69:
63:
61:
57:
52:
50:
46:
42:
37:
32:
30:
26:
22:
18:
181:
169:
168:
151:
142:
137:
120:
109:
106:
90:
77:
72:
64:
53:
41:privacy laws
33:
16:
15:
146:Mar. 2006)
141:The use of
180:project.
130:References
93:middleware
51:, etc.
199:Category
170:See also
165:See also
56:Internet
45:security
188:(IAO),
21:policy
190:DARPA
31:.
182:See
172:,
112:DRM
201::
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.