1 Answers
Policy appliances are technical control and logging mechanisms to enforce or reconcile policy rules and to ensure accountability in information systems. Policy appliances can be used to enforce policy or other systems constraints within and among trusted systems.
The emerging global information society consists of many heterogeneous but interconnected systems that are governed or managed according to different policies, rules, or principles that meet local information management needs. For example, systems may be subject to different international, national or other political subdivision information disclosure or privacy laws; or different information management or security policies among or between government agencies, government and private sector information systems, or producers and consumers of proprietary information or intellectual property, etc.
This interconnected network of systems increasingly requires dynamic agreement and technical mediation as to which policies will govern information as it flows between or among systems. The alternative to developing these mediating mechanisms to provide automated policy negotiation and enforcement across interconnection between disparate systems is the increased "balkanization" or fragmentation of the Internet.
Because no single policy can govern all systems or information needs, methods of reconciling differences between systems and then enforcing and monitoring agreed policies are necessary in order to share useful information and keep systems interconnected. Current static methods based on all-or-nothing access control are insufficient to meet variable information production and consumption needs, particularly when there are potentially competing policies that are contextually dependent. Access control mechanisms that simply control who has access between systems result in stove-piped information silos, "walled gardens", and increased network fragmentation. Policy appliance is a general term to describe dynamic, contextually-aware control mechanisms currently being researched and developed to enforce use policies between systems.