The Rule of Order Part I
-
Upload
david-sherr -
Category
Documents
-
view
231 -
download
0
Transcript of The Rule of Order Part I
-
7/27/2019 The Rule of Order Part I
1/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 1 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
The Rule
of
Order
PROGRAMMING
POLICY ENFORCEMENTBusiness and Government Regulations
An Occasional Paper
-
7/27/2019 The Rule of Order Part I
2/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 2 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Contents
Motivation: Verification of Policy Suites Derived from Government and Business Regulations ................. 3
Part I: Prologue on Cultural Context ........................................................................................................... 4
Part I: IntroductionFirst Principles ........................................................................................................... 8
Markov Algorithm ................................................................................................................................... 8
Whats in a name? .............................................................................................................................. 8
The Dijkstra Guarded Command ........................................................................................................... 17
Syntax ............................................................................................................................................... 17
Part I: The Sherr ..................................................................................................... 19
Guarded Commands ............................................................................................................................. 20Service Points and Provable Reference Behavior .................................................................................. 21
Design by Contract: Pre-, Post-, Invariant Conditions ....................................................................... 22
The Guard ............................................................................................................................................. 26
Descending into the weeds ............................................................................................................... 27
Bridging to the practical .................................................................................................................... 28
Policy Constructs ............................................................................................................................... 28
Implementing XACML Data Flow ...................................................................................................... 29
The Command ....................................................................................................................................... 32
Tying back to Service Point and State Change .................................................................................. 32
Part I: ConclusionBridge to Part II.......................................................................................................... 34
-
7/27/2019 The Rule of Order Part I
3/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 3 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Motivation: Verification of Policy Suites Derived from Government and
Business Regulations
Call this the Law of order at both the macro and micro levels. Each Policy Suite is focused on controlling
a small, coherent subset of Business Rules/Regulations. Developing the Policy Suites is, as of now, very
much an art form. As we will see in Part II of this paper, we can find tutorial use cases that help guidethat artful process. In one of the Part II use cases, we will look at an important financial service business
process, viz., Open Account, and how to identify the enforcement points for policies that ensure
compliance with theGramm-Leach-Bliley Actprivacy requirements.
The useful point to all the formalism contained herein is to be disciplined and precise. That is,
disciplined and precise enough to be able to make and prove assertions about Policy Suites that
represent Government and Business Regulation. The approach is akin to constructing Complete
Axiomatic Systemswherein we can know exactly what is true and what is not.
The Gramm-Leach-Bliley Act (GLBA) from 1999 replaced the Glass-Steagall Act of 1933 and that
deregulation is largely blamed as setting the stage for the Financial Crises of 2008. GLBA also has rulesto protect the disclosure of Non Public Information (e.g. Name, Address, SSN, Age, and Account
Numbers in various combinations) during the execution of financial processes.
TheSarbannes-Oxley Actof 2002 (affectionately referred to as SOX) concerns regulation of accounting
practices and how business processes are implemented. Additionally, it specifies who can and cannot
perform various roles within those processes. This set of regulations resulted from the several highly
impactful accounting fraud collapses at the turn of the Millennium (Enron, WorldCom, Tyco and
Adelphia, most notably).
TheDodd-Frank Wall Street Reform and Consumer Protection Actof 2010 is the latest set of regulations.
Dodd-Frank contains rules on financial transactions that are currently highly automated or will be in
order to comply most efficiently.
It is the Dodd-Frank regulations that will force many financial institutions to remediate automated
systems across many asset categories end to end, from underwriting to high frequency trading to back
office processing.
The approach here can be highly impactful for both efficiency and effectiveness. Many regulations can
be conflicting and therefore require some deep verification of their consistency. And this must be done
in an easy-to-use fashion that helps hide the technical complexity of such tasks.
The ultimate objective is the Part III white paper entitled, Codification of Core Dodd-Frank Concepts.
This paper and subsequent Parts II and III are a candidate for an open, transparent regime that
implements Policy Enforcement.
This effort is seen as leading to a capability to model and control transactions within varying Sovereign
Jurisdictions for the purpose of finding efficient venues.
http://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Acthttp://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Acthttp://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Acthttp://en.wikipedia.org/wiki/Axiomatic_systemhttp://en.wikipedia.org/wiki/Axiomatic_systemhttp://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Acthttp://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Acthttp://en.wikipedia.org/wiki/Sarbannes-Oxley_Acthttp://en.wikipedia.org/wiki/Sarbannes-Oxley_Acthttp://en.wikipedia.org/wiki/Sarbannes-Oxley_Acthttp://en.wikipedia.org/wiki/Dodd%E2%80%93Frank_Wall_Street_Reform_and_Consumer_Protection_Acthttp://en.wikipedia.org/wiki/Dodd%E2%80%93Frank_Wall_Street_Reform_and_Consumer_Protection_Acthttp://en.wikipedia.org/wiki/Dodd%E2%80%93Frank_Wall_Street_Reform_and_Consumer_Protection_Acthttp://en.wikipedia.org/wiki/Dodd%E2%80%93Frank_Wall_Street_Reform_and_Consumer_Protection_Acthttp://en.wikipedia.org/wiki/Sarbannes-Oxley_Acthttp://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Acthttp://en.wikipedia.org/wiki/Axiomatic_systemhttp://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act -
7/27/2019 The Rule of Order Part I
4/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 4 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Part I: Prologue on Cultural Context
Think like a Machine.
The Borg looms,
and
We become Part of the Machine.
http://www.youtube.com/watch?v=HwBmPiOmEGQhttp://www.youtube.com/watch?v=HwBmPiOmEGQhttp://www.youtube.com/watch?v=WZEJ4OJTgg8http://www.youtube.com/watch?v=F5iQ69z1uSMhttp://www.youtube.com/watch?v=F5iQ69z1uSMhttp://www.youtube.com/watch?v=F5iQ69z1uSMhttp://www.youtube.com/watch?v=WZEJ4OJTgg8http://www.youtube.com/watch?v=HwBmPiOmEGQ -
7/27/2019 The Rule of Order Part I
5/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 5 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Accelerating since the 60s, we have been washed in this meme of the techno-culture of Machine-Space:
2001, A Space Odyssey
Star Trek,
And,Star Wars
http://www.youtube.com/watch?v=cWnmCu3U09whttp://www.youtube.com/watch?v=cWnmCu3U09whttp://www.youtube.com/watch?v=wY9NkYGUEyEhttp://www.youtube.com/watch?v=wY9NkYGUEyEhttp://www.youtube.com/watch?v=7jK-jZo6xjYhttp://www.youtube.com/watch?v=7jK-jZo6xjYhttp://www.youtube.com/watch?v=7jK-jZo6xjYhttp://www.youtube.com/watch?v=7jK-jZo6xjYhttp://www.youtube.com/watch?v=wY9NkYGUEyEhttp://www.youtube.com/watch?v=cWnmCu3U09w -
7/27/2019 The Rule of Order Part I
6/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 6 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Man and machine are tightly integrating in and into the collective psyche. It is even more so today.
How many can resist the Smart Phone message alert Ding!?
And, of course, we have the current producer generations version of the Man-Machine Meme
Neo Does the Matrix.
In the end, it is allNeology(neo: new, logos: word); making new language.
https://www.youtube.com/watch?v=SdkdQtlF-RUhttps://www.youtube.com/watch?v=SdkdQtlF-RUhttp://en.wikipedia.org/wiki/Neologismhttp://en.wikipedia.org/wiki/Neologismhttp://en.wikipedia.org/wiki/Neologismhttp://en.wikipedia.org/wiki/Neologismhttps://www.youtube.com/watch?v=SdkdQtlF-RU -
7/27/2019 The Rule of Order Part I
7/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 7 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
It is with the above attitude in context of World Asset Exchange, Mobile Wallets and Social Media that
we consider the audit of the critical functions of social/economic/financial activity: Monitor, Alert, and,
Report and Remediate.
But, can we adequately comply with all these new and old rules and regulations? As Jethro Tull sings,
Aiming high where the eagle circles, Where he keeps his tail feathers clean, And
he wonders Am I still a free bird? Or, just part of the machine.
[emphasis added]
Popular techno-culture like the Tablet, Smart Phone and Social Media allow and deliver us extremely
intimate experiences with economic transactions and relationships. We need a new economic theory of
not macro-, not micro-, or not even nano-, but ofpico-economic transactions.This is theSingularitythat
Kurzweilspeaks of He isnow Director of Engineering at Googlewho also employs Vin Cerf, a Founding
Father of the Internet, and Hal Varian, Founder of the School of Information at Haas Business School of
Cal Berkeley.
Google is, indeed, a great candidate for the Borg. (Resistance is futile. You will be assimilated.)
What are pico-economic transactions? We offer a personal example. The maintenance cost for a set of
six grid computing server images at an Amazon Web Services (AWS) account is $0.15 per month the
cost of a few sticks of gum charged to a credit card. AWS has had two price reductions of 20% and 25%
over the past three years. Is the next one a 33% drop to $0.10?
Computing is being commodity priced, if not commoditized. This is the Grail of Cloud. That is to say,
the quest is for workloads to become interchangeable across differing Cloud providers. We are in a
market of walled gardens at the moment. At the moment, web service dispatch via apis and
virtualization is as close as we get.
Of course, as with all businesses, the telecom/hardware/software/service providers wish to create
walled gardens. This seems inevitable as it is the most sustainable profit modelwitness Apple as a not
so modest example with the highest Market Capitalization (albeit dipping to #2 at this writing) of any
equity stock in the World.
It is in this cultural and business context/milieu that we consider a new policy programming model. To
be truly effective, policy development, management and enforcement need to be turbocharged with
automation. Such an approach is offered here.
It is the Singularity to come.
http://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://en.wikipedia.org/wiki/Technological_singularityhttp://en.wikipedia.org/wiki/Technological_singularityhttp://en.wikipedia.org/wiki/Technological_singularityhttp://en.wikipedia.org/wiki/Ray_Kurzweilhttp://en.wikipedia.org/wiki/Ray_Kurzweilhttp://www.businessweek.com/articles/2012-12-20/the-ray-kurzweil-show-now-at-the-googleplexhttp://www.businessweek.com/articles/2012-12-20/the-ray-kurzweil-show-now-at-the-googleplexhttp://www.businessweek.com/articles/2012-12-20/the-ray-kurzweil-show-now-at-the-googleplexhttp://www.businessweek.com/articles/2012-12-20/the-ray-kurzweil-show-now-at-the-googleplexhttp://en.wikipedia.org/wiki/Ray_Kurzweilhttp://en.wikipedia.org/wiki/Technological_singularityhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdf -
7/27/2019 The Rule of Order Part I
8/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 8 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Part I: IntroductionFirst PrinciplesMathematicianAndrey A. Markovs 100-year old work is seminal in the area of statistical computing
Markov Chains. He also delved into the nature of algorithm in the domain ofAlan TuringandJohn von
Neuman.
Taking it from the top from First Principles, on Wikipedia, we have a very straightforward definition ofMarkov Algorithm:
Markov Algorithm
The Rulesis a sequence of pair of strings, usually presented in the form
ofpatternreplacement. Some rules may be terminating.
Given an inputstring:
1. Check the Rules in order from top to bottom to see whether any of
thepatternscan be found in the inputstring.
2. If none is found, the algorithm stops.
3. If one (or more) is found, use the firstof them to replace the leftmost
matching text in the inputstring with its replacement.
4. If the applied rule was a terminating one, the algorithm stops.
5. Return to step 1 and carry on.
The important aspect of these algorithms is that they are Turing Complete, i.e., capable of representing
any computation.
Whats in a name?
Juliet:
"What's in a name? That which we call a rose
By any other name would smell as sweet."Romeo and Juliet (II, ii, 1-2)
Juliet spoke this as she reveled in the thought of Romeo and his being of the House of Montague that
was a blood enemy of her House of Capulet. As we will see below, there is plenty in a name. Alfred
Korzybski,the Father ofGeneral Semanticswould ask the question, Would you eat honey if it werecalled bee vomit?
Without getting caught up in a human psychological discussion of words and names specifically, lets
examine the phonetic construction in the question Whats in a name? We turn to the Soundex
Coding, Patented 1918/1922. It was used for Analyzing the 1880-1939 Censuses.
http://en.wikipedia.org/wiki/Andrey_Markovhttp://en.wikipedia.org/wiki/Andrey_Markovhttp://en.wikipedia.org/wiki/Andrey_Markovhttp://news.harvard.edu/gazette/story/2013/01/an-idea-that-changed-the-world/http://news.harvard.edu/gazette/story/2013/01/an-idea-that-changed-the-world/http://en.wikipedia.org/wiki/Alan_Turinghttp://en.wikipedia.org/wiki/Alan_Turinghttp://en.wikipedia.org/wiki/Alan_Turinghttp://en.wikipedia.org/wiki/John_von_Neumannhttp://en.wikipedia.org/wiki/John_von_Neumannhttp://en.wikipedia.org/wiki/John_von_Neumannhttp://en.wikipedia.org/wiki/John_von_Neumannhttp://en.wikipedia.org/wiki/Markov_algorithmhttp://en.wikipedia.org/wiki/Markov_algorithmhttp://en.wikipedia.org/wiki/Markov_algorithmhttp://en.wikipedia.org/wiki/Markov_algorithmhttp://www.enotes.com/romeo-text/act-ii-scene-ii#rom-2-2-45http://www.enotes.com/romeo-text/act-ii-scene-ii#rom-2-2-45http://en.wikipedia.org/wiki/Alfred_Korzybskihttp://en.wikipedia.org/wiki/Alfred_Korzybskihttp://en.wikipedia.org/wiki/Alfred_Korzybskihttp://en.wikipedia.org/wiki/General_semanticshttp://en.wikipedia.org/wiki/General_semanticshttp://en.wikipedia.org/wiki/General_semanticshttp://en.wikipedia.org/wiki/General_semanticshttp://en.wikipedia.org/wiki/Alfred_Korzybskihttp://en.wikipedia.org/wiki/Alfred_Korzybskihttp://www.enotes.com/romeo-text/act-ii-scene-ii#rom-2-2-45http://en.wikipedia.org/wiki/Markov_algorithmhttp://en.wikipedia.org/wiki/Markov_algorithmhttp://en.wikipedia.org/wiki/John_von_Neumannhttp://en.wikipedia.org/wiki/John_von_Neumannhttp://en.wikipedia.org/wiki/Alan_Turinghttp://news.harvard.edu/gazette/story/2013/01/an-idea-that-changed-the-world/http://en.wikipedia.org/wiki/Andrey_Markov -
7/27/2019 The Rule of Order Part I
9/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 9 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Experience Soundex coding. Try this 1997 Genealogy Web Service url with a last name, e.g., Sherr
using Figure 1below.
Figure 1: Description of the Soundex Coding Scheme
Invocation through the Web Interface Form produces results of Sherr S600as in Figure 2below
Figure 2: Soundex Coding Scheme Applied to Sherr
Notice the form of the url request (we are talking aReSTfulinvocation):
http://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.sh?Sherr
Click on the link and produce the page up above. If you embed the request in code, issue the request
over an IPaddr:80 and intercept the html response from that port, and parse it, you now have legacy
wrapped a function from 1996 by using a scripting language like python, php, perl, etc. with some
modern api infrastructure (apigee,mashery,Layer 7,etc.) to orchestrate the request/response. In this
http://en.wikipedia.org/wiki/Soundexhttp://en.wikipedia.org/wiki/Soundexhttp://en.wikipedia.org/wiki/Soundexhttp://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.shhttp://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.shhttp://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.shhttp://rest.elkstein.org/http://rest.elkstein.org/http://rest.elkstein.org/http://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.sh?Sherrhttp://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.sh?Sherrhttp://apigee.com/about/http://apigee.com/about/http://apigee.com/about/http://www.mashery.com/http://www.mashery.com/http://www.mashery.com/http://www.layer7tech.com/solutions/api-management-and-securityhttp://www.layer7tech.com/solutions/api-management-and-securityhttp://www.layer7tech.com/solutions/api-management-and-securityhttp://www.layer7tech.com/solutions/api-management-and-securityhttp://www.mashery.com/http://apigee.com/about/http://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.sh?Sherrhttp://rest.elkstein.org/http://searches.rootsweb.ancestry.com/cgi-bin/Genea/soundex.shhttp://en.wikipedia.org/wiki/Soundex -
7/27/2019 The Rule of Order Part I
10/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 10 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
case, the process is synchronous, but does not have to be using ReST. This is a protocol implementation
made Simple. Not bad for a Web Service that is 16 years old.
The complexity arises as we focus on performance. But, it is dynamic binding that makes it all work
seamlessly.
Specifics for Implementing Soundex, Please
[This section presents my thinking about the details of implementation. The discussion below shows the
development of the solution in two versionsTable 1 and Table 5, the almost correct solution and the
corrected solution, resp. To be honest, I try to keep it simple, because simple is hard enough. The two
tables depict the solution creation process. They are the order in which yours truly understood the
transformation. Hoping that this is instructive of how one may come to an understanding as opposed to
just the final state. It is called learning to learn. It is meta*]
Remember from above that the Markov Algorithm rule is of the form:
patternreplacement
The Soundex coding scheme above then looks like Table 1 below. Let the Subject String=
and useregular expressionrecognition semantics for patterning and rewriting replacements.
Note (a) that if no rule applies we stop, (b) that pattern recognition is caseless on the alphabet, and, (c)
that the recognition iscontext sensitive.
Using Rule 1below in Table 1, as a reminder to those fuzzy on regular expressions, in the patternon the
Subject String to be Soundex Coded, ^ and $denote the beginning and ending context anchors of a
string, resp.
[.] denotes a string of exactly one character. [.*] provides a context meaning any string, including
the null string. That provided context is around [BPVF] which denotes any one of the set of B, P,
V, and F which is to be rewritten as 1 as per the replacementstring.
In the replacement, ?1 denotes the first substring recognized by the pattern, ?2 the second, $4 the
fourth, etc.
A closer to English translation of Rule 1is
If a match of any 1stcharacter, followed by a string of any length (including 0), followed by
one character of BPVF, followed by a string of any length including the rest of the
characters in the Subject String; then, replace it with the 1stsubstring (1 character), followed
by the 2ndsubstring, followed by a 1, and then followed by the 4 thsubstring. The [ ]
groupings represent the sequence of substrings (?1, ?2, $3, $4, etc.) recognized in the
pattern.
http://en.wikipedia.org/wiki/Regular_expressionhttp://en.wikipedia.org/wiki/Regular_expressionhttp://en.wikipedia.org/wiki/Regular_expressionhttp://en.wikipedia.org/wiki/Context-sensitive_grammarhttp://en.wikipedia.org/wiki/Context-sensitive_grammarhttp://en.wikipedia.org/wiki/Context-sensitive_grammarhttp://en.wikipedia.org/wiki/Context-sensitive_grammarhttp://en.wikipedia.org/wiki/Regular_expression -
7/27/2019 The Rule of Order Part I
11/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 11 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Here is the whole ball of wax.
Table 1: A Markov Algorithm for Standard American Soundex
In the above Table 1, there are six phases to this algorithm as summarized in Table 2 below. The
phases will be applied in the order they appear in the list of Table 1.
This is because, in Markov Algorithms, the list of rules, by definition, is searched top to bottom until one
applies to be executed, the process then returning to the top. The Algorithm stops when no rule appliesor it is explicitly stopped with a HALT.
Rule Pattern Replacement Comment
1 ^[.][.*][BPFV][.*]$ ?1?21?4 Closed lip explosive2 ^[.][.*] [CSGJKQXZ][.*]$ ?1?22?4 Open mouth explosive breath
3 ^[.][.*] [DT][.*]$ ?1?23?4 Open mouth, tongue on palate
4 ^[.][.*] [L][.*]$ ?1?24?4 Open mouth, tongue touches palate
5 ^[.][.*][MN][.*]$ ?1?25?4 Explosive, lip to open mouth (M), open mouth, tongue on palate (N)
6 ^[.][.*] [R][.*]$ ?1?26?4 Open mouth, explosive
7 ^[.][.*] 11[.*]$ ?1?21?3 Remove internal sequences of same numbers
8 ^[.][.*]22[.*]$ ?1?22?3
9 ^[.][.*]33[.*]$ ?1?23?3
10 ^[.][.*]44.*]$ ?1?24?3
11 ^[.][.*]55[.*]$ ?1?25?3
12 ^[.][.*]66[.*]$ ?1?26?3
13 ^[BPFV]1[.*]$ ?1?2 Remove prefix sequences of same numbers
14 ^[CSGJKQXZ]2[.*]$ ?1?2
15 ^[DT]3[.*]$ ?1?2
16 ^[.][L]4[.*]$ ?1?2
17 ^[.][MN]5[.*]$ ?1?2
18 ^[.][R]6[.*]$ ?1?2
19 ^[.][.*][AEIOUYHW][.*]$ ?1?2?4 Remove vowels and vowel-like letters, retaining first letter
20 ^[.]$ $1000 Assure exactly four characters remain, suffixing with 0s to fill out
21 ^[..]$ $100
22 ^[]$ $10
23 ^[.]..*$ $1 Truncate to exactly four characters
-
7/27/2019 The Rule of Order Part I
12/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 12 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Table 2: Phases of a Markov Algorithm for Standard American Soundex
Lets apply the Soundex Algorithm of Table 1to the = Sherr which is detailed in Table 3.
Table 3: Application to Sherrof Markov Algorithm for Standard American Soundex
Iteration Subject String Rule Used Comment
0 Sherr
1 She6r Table 1:6
2 She66 Table 1:6
3 She6 Table 1:12
4 Se6 Table 1:19
5 S6 Table 1:19
6 S600 Table 1:21
7 HALT Table 1:End
One of the fine points of Soundex is the way it eliminates sequences of similar consonants as with the
rr from Sherr above. One needs follow the description of Soundex as in Figure 1which is as not
obvious as it appears.
The order of the rules for consonants and vowels must be followed as is. Otherwise, if Rule 19in Table 1
above were applied first, then a German variant on Sherr asScherrer becomes H600 instead of
H660 in Table 4below. Soundex aspires to retain the distinction of syllables. Sherr is one syllable.Scherrer is two.
Speaking of subtle complexity, it should be noted that the Table 1Algorithm was corrected twice by the
author to accommodate this aspectfirst from 17 to 23 rules and to 30. It requires a trick of phase
markers to defer Rule 19 until after all the consonant transforms have been completed.
This means a slight rework of Table 1to explicitly add the Phases I-VI of Table 2 to the algorithm.
Phase Table 1 Rule #s Description
I 1-6 Map each consonant to one of six audible categories
II 7-12 Remove adjacent like categories internally
III 13-18 Remove adjacent like categories at the front
IV 19 Remove all vowels and vowel-like letters
V 20-22 Normalize to exactly four characters
VI 23 Truncate to exactly four characters
-
7/27/2019 The Rule of Order Part I
13/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 13 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Table 4shows what is wrong with the algorithm of Table 1.
Table 4: Application to Scherrer ofTable 1 (wrong!).
Iteration Subject String Rule Used Comment
0 Scherrer1 S2herrer Table 1:2
2 S2he6rer Table 1:6
3 S2he66er Table 1:6
4 S2he66e6 Table 1:6
5 S2he6e6 Table 1:12
6 She6e6 Table 1:14
7 Se6e6 Table 1:19
8 S6e6 Table 1:19
9 S66 Table 1:19
10 S6 Table 1:12 Oops, need to prevent this!
11 S600 Table 1:21
12 HALT Table 1:End
Table 5below is the Phase-Markers-Added to Table 1algorithm using #
-
7/27/2019 The Rule of Order Part I
14/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 14 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Table 5: A Correct Markov Algorithm for Standard American Soundex
Rule Pattern Replacement Comment
0 ^[^#
-
7/27/2019 The Rule of Order Part I
15/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 15 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Now for running though the corrected algorithm for Scherrer turn to Table 6below:
Table 6: Application to Scherrer of Table 5 (correct!).
Iteration Subject String Rule Used Comment
0 Scherrer1 #Scherrer Table 5:0 Begin first phase with # marker
2 #S2herrer Table 5:2
3 #S2he6rer Table 5:6
4 #S2he66er Table 5:6
6 #S2he66e6 Table 5:6
7 #S2he6e6 Table 5:12
8 #She6e6 Table 5:14 S2 treated as a double category
9
-
7/27/2019 The Rule of Order Part I
16/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 16 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
ApplyTable 5 to Lochson as detailed in Table 7
Table 7: Application to Lochson ofTable 5 (correct!).
Iteration Subject String Rule Used Comment
0 Lochson1 #Lochson Table 5:0 Begin first phase with # marker
2 #Lo2hson Table 5:2
3 #Lo2h2on Table 5:2
4 #Lo2h2o5 Table 5:5
6 < Lo2h2o5 Table 5:18 Consonants handled, on to vowels
7
-
7/27/2019 The Rule of Order Part I
17/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 17 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
The Dijkstra Guarded Command
Guarded Commands of Dijkstra from Wikipedia offers a similar pattern as for Markov Algorithms for
computation. The Dijkstra Guarded Command offers an if-then-else(-else)*fi structure around the
differing Ruleswhich are not abstract string rewrites, but traditional executable statements in some
programming language.
Syntax
ifG0 S0
| G1 S1
...
| Gn Sn
fi
This structure too has the merit of being Turing Complete. Without boring unduly, one can prove thesetwo representations equivalent.
This also is left for the interested reader. [Hint: The form ofpatternreplacement is rendered
guardstatement]
The general Guard, Gi, is a complex logical statement that evaluates Trueor False. If Giis Truethen the
statement Siis executed and the Guard is satisfied. If no Guard Giis True, nothing happens.
Assuming top-down, left-right evaluation, then we can see the parallel to Markov rewrite rules.
Spoiler alert on Guarded Command-Markov Algorithm equivalence!
To convert a Dijkstra (Soundex code = D236) Guard into an equivalent Markov Algorithm, we need only
embed the patterned rules into the pseudo-code below which implements the looping execution of the
Markov Algorithm:
_Exec = 1;
while( _Exec == 1 )
if G0 S0;
| G1 S1;
...
| Gn Sn;
| _Exec = 0;
fi
http://en.wikipedia.org/wiki/Guarded_Command_Languagehttp://en.wikipedia.org/wiki/Guarded_Command_Languagehttp://en.wikipedia.org/wiki/Guarded_Command_Language -
7/27/2019 The Rule of Order Part I
18/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 18 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
NB: Any compound Sican include a statement _Exec = 0; as a Haltindicator.
The next section dives down into great detail on the structure and process of Policy Sets. These sets are
the basis of Policy Based Specifications that are computationally complete. Policy Sets are useful in
implementing Policy Enforcement Points for any automated interaction. WithHigh Frequency Trading
accounting for roughly 60% of volume and the emerging Dodd-Frank regulations, automated policy
enforcement appears to be the only option.
Thus,a disciplined regimenfor definition, design, debugging, deployment and deprecation of Policy Sets
is needed.
Lets begin with the first step below.
http://en.wikipedia.org/wiki/High-frequency_tradinghttp://en.wikipedia.org/wiki/High-frequency_tradinghttp://en.wikipedia.org/wiki/High-frequency_tradinghttp://www.cftc.gov/LawRegulation/DoddFrankAct/index.htmhttp://www.cftc.gov/LawRegulation/DoddFrankAct/index.htmhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.cftc.gov/LawRegulation/DoddFrankAct/index.htmhttp://en.wikipedia.org/wiki/High-frequency_trading -
7/27/2019 The Rule of Order Part I
19/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 19 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Part I: The SherrThe Summary Slide below is how Guarded Command is summarized in the Sherr Lean thinking in a
context of Policy Management and Enforcement (represented inBackus-Naur Form (BNF):
This certainly has a European bias: Lean Implementation, Niklaus Wirth (Swiss), Guarded Commands,
Edgers Dijkstra (Dutch), Programming by Contract, Bertrand Meyer (French). Of course, we have to add
to this list Tim Berners-Lee (British) who developed the http protocol at CERN in Geneva. All these
developments were 1968-90.
It is Old Time Object Orientation and Service Programming from the European Academic Masters. Just
because something is old, doesnt mean it is obsolete, especially with ideas.
In fact, being Old means it has survived the test of time. Many times with New things, it is old wine
in new bottles. The recent popularity of Python is a case in point. Python is Lisp (the original language
for AI) without all those annoying parentheses. The Library construct of Python is content addressable
memory and was a central feature of arrays in awk, the C-like pattern matching language of unix.
And so, we turn our attention to First Principles as we provide very old ideas (Turing Computability,
Markov Algorithms, Guarded Commands, Design by Contract, and Lean Programming) within a new
container called The Sherr Guarded Command for Policy Management and Enforcement. Ideas are the
ultimate reusable resource.
In the spirit of taking it from the top, Wirths Law, Software gets slower than hardware gets faster,
drives us to First Principles rather than layering more complexity on a morass of complexity. So, lets
conceptualize operating as an appliance, that is, either hardware of software appliance.
The value-add with the Sherr Guarded Command is the simplification of programming Policy
Enforcement. This Policy Enforcement works in service oriented, distributed, time-displaced computing,
that is, in the current and coming World of Cloud. Moreover, there is an almost fanatical clinging to the
stateless processing in the http communications. The ostensible reason is to make processing
asynchronous. But, state matters and must be accommodated as in ReST Architecture. This is done
through Contextpreservation, augmentation and use.
http://cr.yp.to/bib/1995/wirth.pdfhttp://cr.yp.to/bib/1995/wirth.pdfhttp://cr.yp.to/bib/1995/wirth.pdfhttp://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://cr.yp.to/bib/1995/wirth.pdf -
7/27/2019 The Rule of Order Part I
20/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 20 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Guarded Commands
Recall Rule 0 from the Table 5 Soundex Algorithm as an example of a Guarded Command which is
abstractly, a specification of a state machine transition:
The semantics of patterned rules are very precise and, literally, programmatic. The Markov idea of an
ordered table of rules is simple. What is complex is controlling the execution of those rules.
For many use cases of algorithm implementation, this sequence of construction works:
Write the rules as Guarded Commands, order them, and supply the Contextwithin which
they are invoked.
In the case of this discussion using Regular Expressions as the heart of Guard, context sensitivity is
supplied by the immediate Contextstring anchors (^ and $) and the substrings (denoted by [ ]
expressions) surrounding the Contentcharacter(s) to be replaced by the Command.
In detail, how does Rule 0work as the start of American Soundex implementation in Table 5?
Recall, as part of correcting the error of Table 1, we needed to assure that certain rules would be
skipped after some point. Since the scan of the rule list is always top-to-bottom, we used a context
signifier ( [#
-
7/27/2019 The Rule of Order Part I
21/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 21 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
More precisely, deconstruct Rule 0, noting that algorithmic processing operates transparently to the
background Context, viz., the formatting or location of the data:
Context
A string sits in a memory cache that is implementable in a number of ways
Direct (PROM, DRAM, DISK), or, Mediated (Local or Remote Data Service Call),
Content
Subject String = Sherr
Guard
The Soundexing Process has not yet begun,
signified by none of the three phase markers appearing at the beginning of the Subject String
Command
Start Phase 1
signified by appending # to the front (left) side of the Subject String
Contentand Contextare a state duality that makes the complete computation (Guardand Command).
Fundamentally, it is point of view. Generally, Contentis changed directly and internally within the
computation. Contextis changed indirectly and externally from outside the computationanother
process Content. Both are required.
Service Points and Provable Reference BehaviorOnce defined and compiled into coherent Suites, Policies can be certified that they are meaningful,
consistent, and complete to the purpose for which they are fit.
The full Contextof the Policy life Cycle is depicted in Figure 5below (NB Certification is done prior to
Deployment):
Figure 5: Policy Development; Policy State Life Cycle
-
7/27/2019 The Rule of Order Part I
22/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 22 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
As the lower right-hand box indicates, Certification of the Policy Suite is to a Reference Behavior. Thus,
the Certification Process depends on being able to Prove the Behavior of the Policy Suite is equivalent to
some Reference Behavior. We seek the next level of automation of Search: not just the ability to answer
questions (i.e., deliver information), but to draw conclusions (i.e., share knowledge).
The details of infrastructure and implementation of specific work-flows for any enterprise are discussedin a paper onEnterprise Policy Development. However, important to this discussion is to note that real
value is in Deployment and Operation. Thus, Certification is a level of assurance for which one can
establish measureable service levels, and, hence manage the non-compliance risk by the numbers.
Design by Contract: Pre-, Post-, Invariant Conditions
To talk of proving behavior requires a discussion of the atomic artifact in the current world, Service
Request APIs. A Service Request API is satisfied via a Service Point. Service Points are the way
functionality is delivered in an asynchronous, distributed World of Cloud. The Command of a Guarded
Command contains the invocations of services via Service Points.
Service Pointsare invoked under service level agreements which include the behavioral constraints as a
part of their materialization. The following discussion is extracted from apaper delivered in Dec 2003 to
the OECD on Measuring Electronic Business Processes. It is particularly relevant here.
Service Point: The Picoeconomic Artifact
TheService Point is the central artifact to define and measure. Collections of Service Points yield the
Business Services that implement the tasks of Electronic Business Processes.
Function Point, Precursor to Service Point
In the 70s when writing COBOL/CICS applications, we would measure, a priori, the amount of work in a
system development based on a notion called function point. A function point was either a function
call or file interface. There was one platform, several mechanisms and a few environments to deal with.
Life was relatively simple as there was not a lot of choice of how to implement our systems and IBM
provided great engineering information on how to make the operations more efficient and manageable.
This is NOT true in todays world of Information and Communications Technologies.
Service Pointis a further abstraction of Function Point with other capabilities added. There is the idea
of both supply and demand with respect to the functionality provided by a Service Point. It is obvious
but worthy of noting that economies are primarily governed by supply and demand. If one is to have an
effective artifact to measure economies of electronic business processes that use business services, then
aspects of both need to be included in the abstraction.
http://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/NGE-Ecosystem-Foundation.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdf -
7/27/2019 The Rule of Order Part I
23/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 23 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Attributes of Service Points
Figure 6: Relationships of Service Point Attributes
A Service Pointsupplies:
An interface to request the service containing a name and list of parametric variables called the
function request signature;
A delineation of the data/information needed/provided called the view specification;
A semantic specification of constraints on how the functionality is achieved in terms of input
state (preconditions), operational state (invariants) and outputs (post conditions)borrowed
from the field of object programming, Design by Contractcalled behavior constraints.
This is the functionality defined by the Service Point particularly when a formal business vocabulary
exists to support the semantics of the constraints. It defines the computational requirements.
A Service Point needs to deliver on the consumers requirements for Service in terms of
Service Level Objectives
Operational Times: When is the service required to be enabled and operational
Performance: How does the service need to operatee.g., transaction per second, user
response times, data capacity and transmission rates
Transactional Capability: e.g., Best Efforts, No More Than Once, Once and Only Once,
Fire and Forget
Security Level: e.g., Public, Client, Partner, Representative, Agent, Administrator
Quality of Service
Availability: requirement for up-time
Reliability: error rates tolerance
Flexibility: time to change and test to meet competitive and evolving demands
-
7/27/2019 The Rule of Order Part I
24/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 24 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Implied in this measure is substantial instrumentation, monitoring and operational data gathering and
integration. Development of standards and reformation of firm system architectures are required to
measure service points. Both are formidable undertakings. All this said doesnt mean we should not
encourage it to happen.
In fact, we undertake a first step herein.
It is essential and necessary for us really to get our arms (do) and heads (think) around the problem of
measuring electronic business processes.
Behavioral Constraints: Illustration of the Conditions of Service Invocation
Looking at Figure 6, lets take a deeper dive on theMeyers Design By Contract Contextof Behavioral
Constraints on a Service invocation.
From the Service Point supplies list above, the third bullet point breaks out Behavioral Constraints
(Policy Suites) on application work flow rules. This breakout consists of security controls (identity and
access) and compliance rules (e.g., SOX, GLBA, Dodd-Frank or Professional Certification statusbothRole and Action constraints).
Table 8serves as a Summary Example. Consider an Order2Cashwork flow order change task under SOX
oversight of a physical goods or service provider:
Table 8: Behavioral Constraints for an Order2CashBusiness Process change_order Task
Order2Cashis the basic sale transaction: order,pay [, deliver]. Deliveris a separate process, probably.
On SOX controlling any change transaction, the goal is to forbid an OrderMaker from being able to
change a delivery address for the receipt of Physical Goods or Services Renderedsimplest fraud
change_order(order_no, delivery_address)
Design By
ContractCategory Description Application Security Compliance
PreconditionConstraints on Input
at point and time of
Service invocation
delivery_addressValid
&& order_noExistsIdentityKnown
Identityis
~order_no( OrderMaker)
Invariant
Constraints on
continued
operation of Service
per invocation
order_no_statusis
Open
IdentityPermitted &&
RoleisOrderMakerN/A
Post
Condition
Constraints on
presentation,
format and delivery
of Service results
order_no_status is
ChangedN/A N/A
Service LevelRequest
Quality of ServiceExperience
TXN:OnceOnlyOnce; PERF: RespTime < 3 sec.,BeginToEnd< 3 min;AVAIL:AnyTime; SECLEV:Agent
-
7/27/2019 The Rule of Order Part I
25/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 25 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
prevention. This rule makes collusion necessary for fraud. Multi-Party Fraud is much, much easier to
detect than for a Single Party, since only one party is needed to blow the whistle.
The principle is called Segregation of Duties. Different tasks, different people in a value supply chain.
[Quick aside: This style of regulation requiring theoretically more people is what the cost is. We argue
the necessity of incurring such costs. Regulation is an explicit cost to each party. Deregulation is an
implicit cost to the whole system. Deregulation as a policy is always a triumph of hope over experience.
It always precipitates the Tragedy of the Commons where benefits are obvious and the costs not. 2008
is a Tragedy of Epic Proportions.]
Detailed below, a little more explanation of Table 8 is helpful to describe instrumentation of the life
cycle of a Service:
The ContextPreconditions (Service Birth) allow the change_orderTask to proceed:
Application is senseless if the delivery address is invalid.
Security permits only known Identities to operate.
Compliance (SOX) requires segregation of duties.
Once invoked, the Service (Life) continues to operate with the Context Invariant
Conditions persisting:
The Application status of the Order remains Open since we operate in a multi -tenant,single Authoratative Store environment.
The Security status persistence requires that the Identity of the interactor stays valid
(think of revocation of a rogue traders privileges) and the Role of the interactor is an
OrderMaker (although not the originator of the order_no).
And because of the asynchronous nature of processing, the Context Post Condition
(Service Death) is one where the Service doesnt complete until the status of the order is
marked as Changed.
By structuring the invocation of Services, we thus can make testable assertions about behavior, before,
during and after invocation. So a set of Service Point descriptions at this detail dives the life cycle of
policies.
-
7/27/2019 The Rule of Order Part I
26/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 26 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
The Guard
And now for 9thGrade English where Miss Bergey, Mennonite Missionary, taught how to parse/diagram
sentencesgrammar in action, recognizing syntax. Miss Bergey was a grammatical purist, as pure as
pure can be (Dont split infinitives!!cue ruler smackCatholic Nuns had nothing on her), and so are
we formally pure here.
Think of a like the shields of the Star Trek USS Enterprise:
Shields Up, Deflecting Attack
In the analogy, the Business is the USS Enterprise and the Sherris the fabric of the
shield.
We use Backus-Naur Form (BNF) as a language, the generic structure of which emerges as through
explanation of Figure 7 below.
Figure 7: Syntactic Definition of Guard
AnXACMLstatementhas a set of grammar rules which are intimately associated with specific semantic
components around access control.
http://www.youtube.com/watch?v=Mh1ZXvD3l1khttp://www.youtube.com/watch?v=Mh1ZXvD3l1khttp://www.youtube.com/watch?v=Mh1ZXvD3l1khttp://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://liisp.uncc.edu/~mshehab/research/efficient-policy-evaluation/http://liisp.uncc.edu/~mshehab/research/efficient-policy-evaluation/http://liisp.uncc.edu/~mshehab/research/efficient-policy-evaluation/http://liisp.uncc.edu/~mshehab/research/efficient-policy-evaluation/http://en.wikipedia.org/wiki/Backus%E2%80%93Naur_Formhttp://www.youtube.com/watch?v=Mh1ZXvD3l1k -
7/27/2019 The Rule of Order Part I
27/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 27 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
The Sherris a superset of XACML in that all XACML is acceptable to this definition scheme, but
not vice versa. For instance XACML is largely a stateless policy evaluation UNLESS state is explicitly
maintained.
Descending into the weeds
The advantage of expressing languages in BNF lies in the capabilities of well-developed oldtools from
unix. These tools can (1) parse BNF(lexcourtesy of Googles Eric Schmidtcollaborating in his Berkeley
days) and (2) compile lower level code (yacccourtesy of one of the many early small contributors to
unix,Stephen Johnsonfrom his Bell Labs days). WhileGUIs exist for BNF,as we automate and use XML
or json style semi-structured data (short of free text), we need machine readable forms of definitions so
agents can dynamically create and interpret definitions in real or near-real time.
The top level grammar of Figure 7 shows how to construct/deconstruct a well-formed statement in BNF.
::= means is defined as and is the meta -verb per se. are the meta-nouns of BNF.
Juxtaposition defines concatenation of sequences and | is alternative choices. ~, &&, ||, ==,
and => are part of the language being defined and are the logical operators Not, And, Inclusive
Or,Equivalent and Implies,resp. ( Vx )and( x )are the logical quantifiers For All and There
Exists, resp.,statements about sets of {x}, wherexis a free variable in the Proposition.
Sentential logic(propositional logic) is the simplest of logic that allows us to define assertions regarding
the state of the World, where the World includes its Mind (Collective Consciousness) as well. It is
concerned with only what can be stated and proven with regard to basic grammatical structure where
we construct compound statements using the logical operators, Not, And, Inclusive Or,
Equivalent and Implies. For example,
(Roses are Red &&Violets are Blue) =>I love You
Another name for Sentential/Propositional Logic isBoolean Algebra. Boolean Algebra contains the First
Principles of specification of Circuit Design for all our digital machines. A Law of Computer Science
states that all Software can be rendered in Hardware and vice versa. So Logic is at the heart of all
automationsoft or hard.
Quantification Logic involves quantifying (1)over only members of setsor (2)members of sets and the
sets themselves, first-order and second-order, resp. Sentential Logic is zeroth-order logic.
Quantification Logic is the logic of processing sets of data to mine information from them. It is the
basis of the newly codifying discipline called Data Science. This was just called Data Analysis in the notso old days. Once again, we have old wine in new bottles.
Policies make assertions about states and changes in state for sets of data and their internal and
external relationships. This is the complexity of second-order logic. Second-order Logic unfortunately
suffers the flawthat one cannot, at the same time, be consistent and complete. Consistency means
all statements can be modeled togethernamely, there is a possible world where all the rules apply
http://en.wikipedia.org/wiki/Lex_(software)http://en.wikipedia.org/wiki/Lex_(software)http://en.wikipedia.org/wiki/Yacchttp://en.wikipedia.org/wiki/Yacchttp://en.wikipedia.org/wiki/Stephen_C._Johnsonhttp://en.wikipedia.org/wiki/Stephen_C._Johnsonhttp://en.wikipedia.org/wiki/Stephen_C._Johnsonhttp://stackoverflow.com/questions/264262/grammar-writing-toolshttp://stackoverflow.com/questions/264262/grammar-writing-toolshttp://stackoverflow.com/questions/264262/grammar-writing-toolshttp://stackoverflow.com/questions/264262/grammar-writing-toolshttp://en.wikipedia.org/wiki/Propositional_calculushttp://en.wikipedia.org/wiki/Propositional_calculushttp://en.wikipedia.org/wiki/boolean%20algebra%20(logic)http://en.wikipedia.org/wiki/boolean%20algebra%20(logic)http://en.wikipedia.org/wiki/boolean%20algebra%20(logic)http://en.wikipedia.org/wiki/Circuit_designhttp://en.wikipedia.org/wiki/Circuit_designhttp://en.wikipedia.org/wiki/First-order_logichttp://en.wikipedia.org/wiki/First-order_logichttp://en.wikipedia.org/wiki/First-order_logichttp://en.wikipedia.org/wiki/Second-order_logichttp://en.wikipedia.org/wiki/Second-order_logichttp://en.wikipedia.org/wiki/Second-order_logichttp://en.wikipedia.org/wiki/Second-order_logichttp://en.wikipedia.org/wiki/Second-order_logichttp://en.wikipedia.org/wiki/Second-order_logichttp://en.wikipedia.org/wiki/First-order_logichttp://en.wikipedia.org/wiki/Circuit_designhttp://en.wikipedia.org/wiki/boolean%20algebra%20(logic)http://en.wikipedia.org/wiki/Propositional_calculushttp://stackoverflow.com/questions/264262/grammar-writing-toolshttp://en.wikipedia.org/wiki/Stephen_C._Johnsonhttp://en.wikipedia.org/wiki/Yacchttp://en.wikipedia.org/wiki/Lex_(software) -
7/27/2019 The Rule of Order Part I
28/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 28 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
without conflictideal. (Muddled together, however, is how it appears in practice.) Complete means all
true statements are provable.
We can only find well defined areas in which we can be both consistent and complete. For these areas,
we develop policy suites with confidence that automation is completely doable.
Bridging to the practical
Lets finish the discussion of Figure 7, the BNF definition of . A consists of logical
statements which can be evaluated to be true or false by the principles presented just above. Evaluation
is concerned with materializing the sets of data defined by the and its constituent parts.
Because of the speed of change in systems performance requirements, materialization of data is always
behind reality. Thus, real-time or near-time computing is necessary. Also, it is a workable strategy,
moving processes to data instead of vice versa. Materialization of data is the impedance.
Practically, we need a single source of each policy rule so that we may maintain in one place and then
compile to deploy policies in any processing environment. Maintaining different definitions for each
environment is a maintenance nightmare and so argues for a common, open definition. [This is The
Major Objective for this entire white paper.]
But what is the Contextof this discussion? Lets take a deeper dive into Policy Constructs.
Policy Constructs
A first principle is that The Business is controlled with clearly defined policies and rules.
Of course, clearly becomes the issue. Common language is The Enabling Capability.
The first question is What Components do I need to doEnd-to-End Policy Management?
Figure 8: Components of Policy Definition and Design
-
7/27/2019 The Rule of Order Part I
29/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 29 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Extracted from a detailed discussion, Figure 8 above depicts how Enterprise Intellectual Property in the
form of Business Processes is used to define and select Work Flow Design Patterns and Use Case Policy
Templates. And the Templates are used to create deployable AND auditable Operational Components.
The discussion below is centered on the key (in Red) Policy architectural components, that is, those
components drawn from the standard XACML architecture.
Policy Information Point
Policy Information is managed through a Policy User Interface that gathers Policy Information from
Points of Presence and allows Policy Life Cycle management from Creation through Deprecation of
Policies deployed through any Policy Administration Point of Presence.
Policy Administration Point
Policy Administration Points interface to Policy Repository Services which maintain policies and policy
suites: (1) newly defined, (2) extant, and, (3) retired. The Repository supports the Policy Test Workspace
which is where newly defined policies are moved through the life cycle maturing to Deployment,
Operation, and Monitoring.
Policy Decision Point
There are Policy Decision Points of Presence which support Policies at the Points of Enforcement within
Operational Components.
Policy Enforcement Point
Policy Enforcement culminates in the Policy Monitor which shadows the System Audit Log.
Implementing XACML Data Flow
With respect to the Data Flow Diagram on page 17 of the XACML 2.0 Specification
(http://tinyurl.com/j73hb), this architecture herein virtualizes the Policy Information Point.
We reproduce this diagram below as Figure 9. Its explanation follows.
Figure 9: XACML 2.0 Data Flow Diagram
http://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdfhttp://tinyurl.com/j73hbhttp://tinyurl.com/j73hbhttp://tinyurl.com/j73hbhttp://tinyurl.com/j73hbhttp://www.newglobalenterprises.net/docs/Enterprise%20Policy%20Development%20and%20Support-v2.7.pdf -
7/27/2019 The Rule of Order Part I
30/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 30 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
This diagram is heavily infused with knowledge like thePeriodic Table of Elementsin terms of the story
(read knowledge) stored. We engage in Design through Narrative with heavy reliance on use cases that
cover all the aspects we wish to impart.
A Story of Access Control contained in Figure 9is elaborated belowa story of who, what, when, where,
how and in many cases, why. The numbered list below corresponds to those in Figure 9. They are the
sequence of processing through the XACML semantics.
1. Policy
Here we see the Policy Administration Point (PAP) to source the Policy from which Decisions are
made during the processing of the access request.
2. Access Request
The access requestor interacts with a Policy Enforcement Point, thus beginning a journey
through and with all the component entities that deliver GrantAccess. The PEP then turns to the
central coordinator, context handler.
3. Request
Awakened, the context handler begins to coordinate among the Policy Decision Point and Policy
Information Point, extracting Policy attributes from a catalogue of subjects (i.e., topics), target
resources for the Policy (set) and embedding environment for the GrantAccess or DenyAccess
event notifications.
4. Request Notification
A PDP is notified of the request and needs attributes to respond appropriately within the total
request action and context. The PDP uses the context handler as a peer process to deliver
attribute values from the Policy Decision is made.
5. Attribute Queries
Specifically, the PDP sends the set of attributes it needs to pick the right policy and apply the
rules and logic to Decide.
6. Attribute Query
The context handler pulls the attribute values query by query from the appropriate Policy
Information Point which, in turn, receives
http://en.wikipedia.org/wiki/Periodic_tablehttp://en.wikipedia.org/wiki/Periodic_tablehttp://en.wikipedia.org/wiki/Periodic_tablehttp://en.wikipedia.org/wiki/Periodic_table -
7/27/2019 The Rule of Order Part I
31/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 31 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
7. Pulled information
From the attribute values from information from the (a) catalogue of subjects, (c) the target
resources and (b) embedding environments.
8. Attributes
Are returned per each attribute query.
9. Resource Content
Is pulled by context handler from the resource, and, then combined with the PIP returns
10.Attributes
Which are delivered to the PDP to make the Policy Decision, and return the context handler to
the
11.Response Context
From which the context handler send its
12.Response
To the PEP which emits either the GrantAccess or the DenyAccess event , and notifies residual
13.Obligations
To the obligations service for future assurance application in the larger context of processing
think of it as residual liability.
Thus, we see how data are marshaled to lead to the enforcement of policiesgranting/denying access
to data or processes. This is a relatively simple action.
The Sherr greatly expands XACML expressional capabilities to Grant/Deny (which is message
pass-through and local) to Alert/Remediate (which is action invoking and global). This leads to a useful
device, the Sherr.
-
7/27/2019 The Rule of Order Part I
32/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 32 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
The Command
The community organization where this author lives has a slogan amply displayed on tee shirts: Less
talk, more action.
And so it is with the .
Figure 10: Syntactic Definition of
Figure 10lays out a concise BNFdefinition of the portion of the Sherr. It is, as the green arrow indicates, where the actionis. It is how one specifies how to
change or prevent change to the state of a computation.
Playing along with our Star Trek reference as we create a great integration with our technology, Jean Luc
Picard would say
Make it So
Tying back to Service Point and State Change
In Figure 6above, is at the center piece. Following the figure, the semantics are explained
in detail.
http://www.youtube.com/watch?v=-ZxHAZChcYUhttp://www.youtube.com/watch?v=-ZxHAZChcYUhttp://www.youtube.com/watch?v=-ZxHAZChcYUhttp://www.youtube.com/watch?v=-ZxHAZChcYU -
7/27/2019 The Rule of Order Part I
33/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Copyright 2012-13, David M. Sherr 33 Annals of a Running Dog
WIP: COMMENTS ONLY, NO REDISTRIBUTION YET
Figure 10contains the syntactic definitions for of the Sherr.
There is a new BNFconstruct introducedthe use of square bracketed ([ ]) expressions. The square
brackets indicate that the expression within is optional.
Harkening back to Table 8, the as definedbyFigure 10 is
change_order (order_no, delivery_address)
where
= change_order
and
= (order_no, delivery_address)
Completing the in Table 8,we append Service Contract Constraints, viz.,
=
( Identity Known && order_no Exists&&Identityis ~order_no(OrderMaker)
&&delivery_address Valid)
=
( Identity Permitted && Roleis OrderMaker && order_no_status is Open)
=
( order_no_statusisChanged)
Per Figure 7, each of the Table 10 Service Contract Constraints components is a , while Service Level Request is a four-element vector:
=
TXN:OnceOnlyOnce; PERF: RespTime < 3 sec.,BeginToEnd< 3 min; AVAIL:AnyTime; SECLEV:Agent;
As a final note, the set of a to an assures complete
computational functionality. This is much like the use of special state characters in the correct Soundex
algorithm of Table 5. In case of , the capability is more general.
-
7/27/2019 The Rule of Order Part I
34/34
Markov Algorithms as a Policy Programming ModelPart I 2013Q1
Part I: ConclusionBridge to Part IIIn Part I here, we have explored the first principle foundations of computing as viewed in the context
policy evaluation and enforcement. Take it from the top. We have separated the fly specks from the
pepper. There is much more depth and breadth to cover, viz., creation of an Open Narrative to engage
the World Mind. This is a goal of 2013.
In Part II, we step out of the clouds and put our feet down on two illustrative tutorial use cases,
connection to the money world, and, seamless payment systems, respectively, (1) OpenFinAcct, and,
(2) ScanSKU2Cash. Stay tuned to @davidsherr.
In Part II, we will turn our attention to codifying the core of Dodd-Fran Regulations from the CFTC point
of view. Caveat: Commodities and FX traders beware. There is a Compliance Tool Kit business here.
Open Compliance Intellectual Property (Platform as a Service) because, everybody has to do it. Only
implementations are proprietary (Software as a Service)..