A Hierarchical Policy Specification Language and Enforcement Mechanism for Governing Digital Enterprises

This paper is part of a research program based on the thesis that the only reliable way for ensuring that a heterogeneous distributed community of software modules and people conforms to a given policy is for this policy to be enforced. We have devised a mechanism called law-governed interaction (LGI) for this purpose. As has been demonstrated in previous publications, LGI can be used to specify a wide range of policies to govern the interactions among the members of large and heterogeneous communities of agents dispersed throughout a distributed enterprise, and to enforce such policies in a decentralized and efficient manner. What concerns us in this paper is the fact that a typical enterprise is bound to be governed by a multitude of policies. Such policies are likely to be interrelated in complex ways, forming an ensemble of policies that is to govern the enterprise as a whole. As a step toward organizing such an ensemble of policies, we introduce in this paper a hierarchical inter-policy relation called superior/subordinate. This relation is intended to serve two distinct, if related, purposes. First, it is to help organize and classify a set of enterprise policies. Second, this relation is to help regulate the long term evolution of the various policies that govern an enterprise. For this purpose, each policy in the hierarchy should circumscribe the authority and the structure of policies subordinate to it, in some analogy to the manner in which a constitution in American jurisprudence constrains the laws subordinate to it. Broadly speaking, the hierarchical structure of the ensemble of policies that govern a given enterprise is to reflect the hierarchical structure of the enterprise itself.