incremental policy/rule loading

[talbot]

Hello,

if you have a very large number (say 1 million) of policy/rules already loaded in the PDP, and you want to add a few rules, it is inefficient to reload the PDP memory entirely from the index file, especially if this happens every minute.
It would be nice to add incrementally to the in-memory rule representation.

1) Is this something you ever considered?

2) Would it fit nicely in the SW architecture you designed,  if we would like to implement it


Context: we are an IT service company, and we are considering using the HERAS-AF PDP for a customer project, with "many" rules.

Thanks for your help

--
Jacques Talbot - Teamlog 10 rue Lavoisier - 38330 Montbonnot
Tél: 04 76 61 37 12  Mél: jacques.talbot@teamlog.com
Tél. mobile 06 07 83 42 00

[Florian Huonder]

Hi Jacques

Thanks a lot for your interest in HERAS^AF.

Our view of the policy index up to now was always that it is very static. So we are assuming that policies (or rules) change very rarely.
From that point of view we think that it is the easiest way to rebuild the whole index concurrently after a deployment and then switch the reference to enable the new index.

Of course this does not work really good if the policies/rules change very frequently as you described.

To answer your questions:
1) Because of the points mentioned above we did not consider such a scenario until now.
2) We, as an OpenSource project, are always very interested in new input and are also willing to include developments of users into our code-base.

We are currently planning a student research project (master level) to make a new index concept. This concept shall eliminate the drawbacks of the current index but is still planned to build a new index after a deployment.

We are very interested in what you are doing, maybe you want to share some more information about your project (maybe via email [fhuonder at herasaf dot org])?

I am looking forward to hearing from you.

Regards,
Flo