This article appeared in a journal published by Elsevier. The attachedcopy is furnished to the author for internal non-commercial researchand education use, including for instruction at the authors institution

and sharing with colleagues.

Other uses, including reproduction and distribution, or selling orlicensing copies, or posting to personal, institutional or third party

websites are prohibited.

In most cases authors are permitted to post their version of thearticle (e.g. in Word or Tex form) to their personal website orinstitutional repository. Authors requiring further information

regarding Elsevier’s archiving and manuscript policies areencouraged to visit:

http://www.elsevier.com/copyright

Author's personal copy

Enabling decentralised management through federation

Kevin Feeney a,*, Rob Brennan a, John Keeney a, Hendrik Thomas a, Dave Lewis a,Aidan Boran b, Declan O’Sullivan a

a School of Computer Science and Statistics, Trinity College Dublin, Dublin 2, Irelandb Bell Labs Ireland, Alcatel-Lucent, Blanchardstown Industrial Estate, Blanchardstown Dublin 15, Ireland

a r t i c l e i n f o

Article history:Available online 3 August 2010

Keywords:FederationManagementSemanticsTelecommunicationsPolicy-based management

a b s t r a c t

Cross-domain management is an increasingly important concern in network managementand such management capability is a key-enabler of many emerging computing environ-ments. This paper analyses the requirements for management systems that aim to supportflexible and general capability sharing between autonomously managed domains. It intro-duces a novel Layered Federation Model (LFM) to structure this requirements analysis anddescribes the Federal Relationship Manager (FRM) which instantiates several layers of thismodel. The FRM combines semantic mapping management and authority managementtechnologies to help solve several of the general management problems that are encoun-tered whenever organisations enter into capability sharing agreements. An overview ofrelated work on federation and the technical underpinnings of our approach are discussedand our work’s particular relevance to real world problems is explained through two ser-vice-centric use cases which involve the end-to-end delivery of a multimedia stream to auser’s home across several independent operators. Finally, experimental results are pre-sented to highlight the practical advantages of our approach.

� 2010 Elsevier B.V. All rights reserved.

1. Introduction

The emergent challenge of planetary scale IT infrastruc-tures that blend and shape networks, services, smart de-vices and sensors is one of heterogeneity driven notprimarily by technological factors but by organisationaldiversity. The always-on, multi-mode, loosely-coupled,user-centric nature of modern communications and thediversity of operator business models ensure that end-to-end service provision frequently crosses heterogeneousmanagement domains. Increasingly the service deliverypath incorporates non-traditional communications re-sources, such as devices in a consumer’s Home Area Net-work (HAN), which are highly unlikely to be managedresources in the sense of supporting traditional OAM(Operations, Administration and Maintenance/Manage-ment) models, interfaces or inter-operator legal frame-

works. New resources also exhibit a daunting diversityand dynamism compared to more tightly-controlled, verti-cally-integrated, operator-bundled consumer offerings ofthe past.

The modern operator landscape presents an increas-ingly complex topology of organisational forms. Compa-nies are often embedded within complex webs ofrelationships with suppliers, collaborators, peers, competi-tors and a variety of other third parties. These broaderorganisational forms are described variously as ‘supplychains’, ‘virtual organisations’, ‘value networks’, ‘collabora-tive business networks’ and other subtly variegateddescriptive terms. While the significance of any particularcross-organisational model in this taxonomy of organisa-tional forms as discussed in the business management lit-erature (e.g. [10]), is open to debate, the increasingimportance of management approaches which cross-organisational boundaries and attempt to apply coherentsolutions and management models across multiple inde-pendent organisations is clear.

1389-1286/$ - see front matter � 2010 Elsevier B.V. All rights reserved.doi:10.1016/j.comnet.2010.07.006

* Corresponding author. Tel.: +353 871272940.E-mail address: kevin.feeney@cs.tcd.ie (K. Feeney).

Computer Networks 54 (2010) 2825–2839

Contents lists available at ScienceDirect

Computer Networks

journal homepage: www.elsevier .com/ locate/comnet

Author's personal copy

The challenge does not only lie in the technological as-pects of enabling cross-domain communication. Advancesin standardised technologies such as Service OrientedArchitectures (SOA), drawing on older technologies suchas RPC and Component-Based Software Engineering (CBSE)models, provide easy-to-use plumbing to physically accessservices in other domains, in a secure and auditable man-ner. However, these approaches require extensive pre-negotiation and advance coordination. The fundamentalproblem being addressed here is how to support moreagile and dynamic creation of cross-domain organisationalagreements to enable capabilities to be shared betweenparties. Of particular importance is the problem of manag-ing access between diverse systems to support fine-grained sharing of capabilities, through the lifecycle ofthe agreement. Another major issue is one of semanticinteroperability (rather than data-level or network-levelinteroperability). Even where semantic web services [35]are used to facilitate semantic descriptions of services,the semantic descriptions must be compatible and pre-agreed. Where technologies like CMDBf [11] can providea federated view of heterogeneous data-stores, the identi-fication of capabilities to share, and management of accessto them is still a major overhead in creating and maintain-ing such agreements.

Mature approaches to systems and telecommunicationsmanagement such as ITIL�1 or eTOM2 have always been dri-ven by both the technological and organisational challengesof the domain. However, despite long established signallingand media interconnects between operators supported bystandardised protocols, SLAs and legal agreements, progresson B2B interfaces at the operational level has been limited[24]. One of the reasons for this is the costly and limitedintegration of modern OAM systems even within a singleoperator network due to the proliferation of vendor, FCAPS3

functional or network type stovepipes within a domain [25].This leads to high integration costs and inflexible, brittle sys-tems. Even agile mechanisms to dynamically define con-tracts and SLAs between organisations (e.g. [20]) requireshared infrastructure and common semantics, and are lim-ited to relatively static, course-grained, producer–consumerstyle relationships. The emergence of new types of distrib-uted systems – autonomic, mobile and planet-scale net-worked applications has, if anything, served to furtherincrease the focus on managing applications that cross-do-mains of authority. Innovative operators and equipmentvendors have embraced this trend with a plethora of newopen service APIs for the network, e.g. Alcatel-Lucent’sOpenAPI, GSMA OpenAPI and Ribbit, but it is unclear howor if these efforts will support multi-operator service andnetwork management beyond critical functions such as bill-ing or how such open APIs can be leveraged in conjunctionwith non-traditional communications resources such asthe media playback capabilities of the HAN to provideend-to-end assurance and QoE guarantees.

The focus of past standardisation has been on long-lived(typically measured in years) management systems inte-gration supported by common resource models (e.g. theTele-Management Forum’s SID4), often based on green-fieldassumptions and perhaps implying support for a limited andpre-defined set of specific business models (e.g. TINA5). Incontrast, the work described here assumes that the manage-ment systems to be interconnected are already deployedand use heterogeneous resource models, that interconnec-tion takes place in a dynamic environment where insteadof extensive integration, minimal and appropriate integra-tion for the current task is negotiated by management sys-tems as part of a wider ‘‘federation” of co-operatingsystems delivering end-to-end services. In this work, theterm federation is employed as a general term for describingagreements that support cross-organisational capabilitysharing (as explained in Section 3.1). Thus, defining mecha-nisms for the establishment of a common semantics fordescribing management capabilities and communicationsresources is given much more weight than building yet an-other ‘‘common” resource model. To enable the distributeddelegation of local configuration, service execution or mon-itoring capabilities a rule or management policy-based ap-proach is used for the exchange of management requests.The goal of this research, from a business point of view, isto provide a lightweight relationship-management infra-structure which can conveniently support whatever busi-ness models and pricing/billing mechanisms are agreedbetween the participating organisations.

This research builds upon the authors’ previous work indeveloping decentralised policy based management sys-tems [18], semantic mapping [51] and ontology-drivendata integration [7]. The key innovations introduced in thispaper are: a novel layered federation model which parti-tions the important aspects of inter-organisational rela-tionships into six distinct aspects, each of which mapsneatly to a technological platform that enables convenientimplementation; an approach to describing shared capa-bilities with RDF [46] that allows deterministic manage-ment rules to be applied on top of an open andextensible RDF graph; a FRM architecture which brings thiswork together by combining semantic mapping manage-ment and authority management in a unified system thathelps solve several of the general management problemsthat are encountered whenever organisations enter intoresource sharing agreements. The rest of this paper isstructured as follows: Section 2 provides an overview of re-lated work on federation and the technical underpinningsof our approach; Section 3 describes two service-centricuse cases for operator – HAN owner federation to capturesystem requirements from which a general layered federa-tion model is derived; Section 4 presents our current workon a ‘‘federal relationship manager” that implements asub-set of the layered federation model functionality andpresents some experimental results; Section 5 describesour conclusions and plans for future work.

1 http://www.itil-officialsite.com.2 http://www.tmforum.org/NGOSSBusinessProcess/1648/home.html.3 The OSI management functional areas of Fault, Configuration, Account-

ing, Performance and Security.

4 http://www.tmforum.org/BestPracticesStandards/InformationFrame-work/1684/Home.html.

5 Telecommunications Information Networking ArchitectureConsortium.

2826 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

2. Background

As business applications and processes that span organ-isations have become more prevalent, problems with themanagement of such applications and processes acrossmultiple management domains using heterogeneous man-agement technologies have become more apparent. Muchof the research on cross-organisational management hasfocused on the specification of contracts and agreementsbetween organisations, which then must be monitoredand enforced by both parties, in particular focusing on ser-vice levels agreements (SLAs) [5,20,30,41]. SLA-driven,cross-organization management is typically divided intotwo phases – SLA negotiation and specification, and thenthe runtime monitoring SLA fulfillment and delivery, withassociated management actions to ensure that the serviceis being delivered appropriately. Traditionally, definingan SLA is a slow and tedious process requiring complex le-gal agreement and protracted negotiation. Approaches atdefining SLAs in machine interpretable formats have en-abled the dynamic interpretation and evaluation of SLAs(see [41] for a comparison of formats). However, therehas been little progress in the field of automated or dy-namic negotiation of SLAs outside of the field of cloud orgrid computing [23,56].

In this work, we support such cross-domain manage-ment by using Policy Based Management (PBM). PBM isan increasingly popular method for combining flexibilitywith efficiency in systems and network administration[8]. In PBM systems, decisions about the behaviour of thesystem are specified as rules, often expressed in a high le-vel language, which are then mapped into concrete behav-iours by the policy system. However, PBM systems haveprimarily been focused on automating management deci-sion within single organisations, so the organisationalmodelling abstractions currently used, e.g. roles [47] anddomains [48], reflect centralised organisational concerns.

Although most research in policy languages and archi-tectures has focused on centralised management withinan organisation, these models are increasingly being ex-tended and enhanced to include constructs and architec-tures that support cross-organisational management. Forexample, Organisational Based Access Control (OrBAC)[15] is an access control policy model that is explicitly de-signed to allow management policies to be applied in amulti-organisational setting. X-federate [6] goes one stepfurther in that it incorporates a policy language, an UML-based meta-model and enforcement architecture, and acommon policy authoring process designed to help admin-istrators from related organisations to arrive at mutuallyinteroperable management system configurations. How-ever, these attempts to support federated multi-organisa-tional management through policy languages andframeworks generally assume that the participating organ-isations will adopt a common architecture, common policylanguages, common data-models or even common policy-authoring processes, thereby conflicting with the objectiveof allowing individual parties to maintain their autonomyand privacy [54]. While such approaches may be well sui-ted for situations where the participating organisations areintimately related, but still maintain minimal coupling be-

tween their management systems, there are many situa-tions where organisations wish to federate to shareresources (and their management) with one another with-out having to adopt common management systems acrossthe federation. For example, telecommunication providersare generally concerned with finding easier and betterways that they can inter-connect, pass traffic betweenone another and share management information, e.g. forbilling or fault rectification. However, they typically havetheir own complex management systems, models andarchitectures that have been expensively developed. Inmany cases, the advantages of greater manageability witha shared federation-wide policy system is far outweighedby the cost of moving from their current systems, evenwere such close cooperation encouraged in such a highlycompetitive environment.

Ongoing research has also attempted to address theproblem of managing such cross-domain applications andservices by proposing common models, processes, frame-works and platforms (e.g. [19]). Attempts have been madeto define new management information modelling andservice modelling languages to act as a lingua franca be-tween heterogeneous network management models. Nota-ble amongst these are the Distributed Management TaskForce’s (DMTF) Common Information Model (CIM) schema[9] and the TeleManagement Forum’s NGOSS technologyneutral architecture [39]. However, a lack of a strong inter-operability mechanism and reliance on conformance topoorly subscribed industrial agreements effectively de-mote these to the status of yet further management knowl-edge formats, with which other schemes need tointeroperate.

In contrast to the top-down approach that is implicit incurrent cross-organisational policy systems, there is grow-ing research interest in bottom-up approaches. Such ap-proaches require semantic mapping between resourcedescriptions, management capabilities and administrativeconcerns across heterogeneous management domains.Resolving the semantic differences can be eased by explicitmeta-models that can be extended without necessitatingreimplementation of management systems. Althoughsome progress has been made in previous approaches(e.g. OSI management, CIM [9] and DENng [49]) it has beenthe standardisation of meta-data modelling on the WWWand the availability of associated general purpose informa-tion modelling tools that has resulted in the greatest ad-vances in interoperability. These meta-models wereinitially based on open XML schemas processed by gen-eral-purpose parsers and transformation processes, butmore recently Semantic Web languages (e.g. RDF andOWL [31]), and associated general purpose logic reasonershave become popular. For example, the FUSIO system [50]uses a semantic-based approach to expose RDF encodedmanagement data from underlying heterogeneous man-agement systems in a loose schema-less manner. Thishas evolved from an earlier non-semantic service-oriented(WSDM) integration platform for monitoring [19].

However, the actual conceptualization of a domain andthe subsequent explication in an ontology (or other model-ling) language is a very heterogeneous process [12]. Forexample, conceptual heterogeneity between ontologies

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2827

Author's personal copy

arises due to the natural diversity of human viewpoints in-volved in modelling a domain [16]. For example, twoontologies could differ because they provide a more or lessdetailed description of the same domain [21]. The differentlevels of heterogeneities [43] are major obstacles to thepromise of interoperability of knowledge based on ontolo-gies [31]. A common approach to mitigate the effect of het-erogeneity is to discover the specific correspondencesbetween related ontologies and to document them usingan appropriate ontology mapping expression [21,40,42].Kalfoglou and Schorlemmer define ontology mapping asthe task of relating the vocabulary of two ontologies shar-ing a domain in such a way that the structure of ontologicalsignatures and their intended interpretations are respected[26]. Due to the heterogeneity of ontologies, many ontol-ogy mapping scenarios can aid interoperability, e.g. rang-ing from simple conversion mappings to complexstructural mappings [32].

In recent years the research on ontology mappings hasmade remarkable progress [16,17,42] but the creation pro-cess and application of ontology mappings is still a com-plex and time-consuming task [26,42], particularly forsystem integration where mappings may be required atthe technology-level, service-level and business-level[38]. Instead of recreating the same or similar mappingsrepeatedly it may be more beneficial to discover existingmappings and if appropriate to reuse them [17]. An analy-sis of the lifecycle of a particular ontology mapping [42,51]helps to understand how the mapping was created, whatinformation was used, what meta-data describes the map-ping, and ultimately how re-usable that mapping may be.Publications on ontology mapping meta-data are relativelyrare [16,26,42,51] and currently all phases of the ontologymapping lifecycle are poorly documented. The practicalscalable deployment of ontology mappings to supportontology-based integration of systems, and the associatedmaintenance and evolution of the mappings and the sys-tems that rely on them is a complex problem [3,4,22]. Fail-ure to cope with their maintenance can lead to scalabilityissues [7,1] which impact the performance of the system.However, modelling the dependencies between the map-pings and system elements can ease the maintenanceand evolution of such systems to some degree [28,36].

The transformation of standardised management infor-mation meta-models into OWL has been shown to have abenefit in achieving a degree of semantic interoperabilitybetween models conforming to these different standards(e.g. SMI, GDMO and CIM) both in modelling tools [34]and at runtime [29,33]. Semantic interoperability tech-niques have also been exploited during SLA and contractnegotiations in cross-organisation grid applications [56].The integration of policy-based management and semanticmodelling is already an active research area [27,52]. Thepredominant aim to date has focused on the increasedexpressiveness that ontology-based reasoning can offer agiven policy language [44,53]. In contrast, in this workwe focus on a mechanism by which internal policy seman-tics of a domain are mapped onto semantics that are nego-tiated and maintained as part of membership of afederation.

3. Use cases and a layered federation model

The impracticality of cross-domain management ap-proaches that presuppose common policy systems, infor-mation models and management processes becomesreadily visible when the requirements are considered forthe sorts of cross-organisational cooperation that will beneeded to deliver even the most basic of services toemerging computing environments. In order to highlightthese requirements, and the insufficiency of current man-agement approaches, we have developed simple use-casesthat involve the delivery of a basic service to a Home AreaNetwork (HAN) device. The service, called StreamToHAN,enables a real-time, high-quality video stream (e.g. IPTVover SIP or a store and forward-style shared DVR) to bedelivered from a mobile phone terminal to a media ren-dering device within a HAN. The service delivery is con-sidered in two different contexts, differentiated by thedistribution of service control and execution resourcesand the underlying organisational arrangements that existbetween the operators and the HAN owner to support theservice. In each case, the relationships, and hence theability to interwork in both the management and controlplanes within the context of a negotiated scope, are sup-ported by a service called the Federal Relationship Man-ager (FRM). The design and implementation of the FRMis discussed in detail in Section 4, but for the purpose ofthis discussion, it can be considered to provide capabili-ties that support federal relationships between partici-pants in end-to-end service delivery, including semanticinteroperability services such as mapping discovery thatenable the inter-domain operation and management ofthese capabilities.

In the first use case, the StreamToHAN service controlpoint is provided by a mobile network operator, perhapsas an IMS service. There are two federations involved inthe service delivery – a federation of operators (OF) and afederation between the customer who owns and controlsthe HAN and their local network operator (OCF), the pro-vider of their gateway/router and network connectivity.The OF serves to provide network operators with a meansof managing the capabilities that they expose to one an-other – this covers basic traffic routing capabilities but alsoincludes higher-level capabilities, such as the ability to setconfiguration policies or invoke services such as mediaplayback within particular HANs.

The OCF represents a simple means by which the cus-tomer can delegate management authority over the capa-bilities in their HAN, on a case by case basis, to theirnetwork provider in the interest of receiving improvedcustomer support, an increased range of services and easeof use for their HAN. These capabilities, or specific sub-setsof them, can then be made available by their local operatorto other network operators through the OF (although prob-ably in an aggregated, anonymised form). Thus, the mobileoperator in Fig. 1 has access to these capabilities throughthe OF when executing the StreamToHAN service.

In the second use case, service control is provided by athird party service provider. There are two extra federa-tions involved in addition to the two federations from

2828 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

the first use case. There is a federation between the serviceprovider and the network operator (SOF). This federationallows the network operator to make the capabilitiesshared between the OF to be made available to service pro-viders, including capabilities representing devices in theHANs of individual subscribers. This scenario also requiresa federation to exist between the customer and the serviceprovider (i.e. the customer has to sign up to the service)(see Fig. 2).

It should be noted that, although these scenarios con-tain concrete examples of patterns of inter-organisational

relationships, they do not assume any particular businesscase, nor do they presuppose that the organisationalarrangements outlined in the scenarios above are the bestway of solving the problems in delivering such services.Rather, they are intended to be a reasonably realistic sam-ple of the types of inter-organisational arrangements thatexist in the real world. None of these organisationalarrangements presuppose any billing model – the FRM isa policy based management framework and it providesseveral ways in which billing and business models can besupported – membership of a federation can depend upon

Fig. 1. Use case 1 – simple StreamToHAN service delivery.

Fig. 2. Use case 2 – StreamToHAN service delivery via third party service provider.

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2829

Author's personal copy

payment, use of any particular shared capabilities can bemetered or the business model can be agreed indepen-dently of the technical infrastructure through pre-existingcontracts. The goal of this research, from a business pointof view, is to provide a relationship-management infra-structure which can conveniently support whatever busi-ness models and pricing/billing mechanisms are agreedbetween the participating organisations.

3.1. A definition of a federation

Before going on to discuss the technical details of theFRM system, it is worth clarifying in more detail what ismeant here by the concept of a federation. This term iscommonly employed in the IT management literature,however, in many cases, what exactly is meant by the termis rather vague. For the purpose of this paper, a federationis considered to be a persistent organisational agreementwhich enables multiple autonomous entities to share capabil-ities in a controlled way. The four important points to takefrom this definition are firstly that the federation brings to-gether autonomous entities – organisations or individualsendowed with sovereign decision making power over theresources that they own or control. This distinguishes thefederation from the centralised organisation, which are of-ten made up of multiple entities themselves – divisions,departments, teams and so on all the way down to theindividuals, but the organisation’s management hierarchyexercises coherent decision making power over the re-sources of the organisation.

The second important point in the definition flows fromthe first. Because there is no paramount authority govern-ing the organisational arrangement between the entities,the federation exists by virtue of the agreement of its mem-bers. The members are autonomous and thus can choose toleave the federation if they please. Hence, if the arrange-ment is to be viable, it is important that its nature, struc-ture and evolution are agreed by its constituents.Furthermore it is important that the value delivered tothe constituents from their federal membership is trans-parent and clear to each of them as, if this is not the case,they are likely to leave.

The third important point is that federations exist in or-der to enable the controlled sharing of capabilities betweenautonomous entities. The term ‘‘capability” is here usedin the widest possible sense – it could refer to somethingas simple as a channel which enables communication be-tween organisations. The term ‘sharing’ is not meant to im-ply any specific regime by which access to members’capabilities will be granted. In this context, controlledcapability sharing simply means that parties to the federa-tion may be given access to capabilities which they wouldnot otherwise possess (but this access may be constrainedby the entity that grants access). The final point of signifi-cance is that federations are persistent. This is not meant toimply that they are permanent or that they must last anyparticular period of time. It simply serves to distinguishthem from simple transactions or simple interactions be-tween autonomous entities. The federation persists be-yond a single transaction. Hence the federation will havea life-cycle.

3.2. A layered federation model

In this work, the term federation is employed as a gen-eral term for describing cross-organisational capabilitysharing. However, organisational arrangements betweenautonomous entities vary widely in scope and can be com-plex and multi-faceted. Thus, models of federations mustbe capable of capturing and reflecting the most importantfactors that vary across such arrangements if they are to becapable of modelling the evolving, dynamic nature of sucharrangements in the real world. The Layered FederationModel, pictured in Fig. 3, is a general-purpose high-levelconceptual model of the components of a federal agree-ment. The model is decomposed into layers, with eachlayer representing one aspect of the organisationalarrangement. This layered model should not be confusedwith a communications stack – each layer builds uponthe lower layers and depends upon them, but in some rela-tionships there may be cross-layer interactions and layersmay be empty. Its main purpose is to serve as a usefulmodel for the decomposition of federal relationships in or-der to render their definition and maintenance more trac-table and transparent. The layers represent the mostimportant aspects of cross-organisational relationshipsthat successful persistent organisational relationships re-quire, with their relative positioning in the layered modelrepresenting the dependencies between the various ele-ments that constitute such an agreement.

3.2.1. Trusted communication layerDistributed federal relationships are based on commu-

nications. A basic requirement for any sort of communica-tion between autonomous entities is a channel withsufficient security measures to satisfy both parties’ require-ments for the current dialog. This requires them to agree oncommunications protocols, security mechanisms and evenapplications. These requirements cover issues such as iden-tification, authentication, privacy and integrity of commu-nication. These concerns form the most fundamental layerof our federation model because all higher level agreementsand interactions depend upon them.

3.2.2. Federal relationship definition layerThe relationship definition layer supports the definition

and transmission of the basic rules that govern each orga-nisation’s relationships with other organisations withinthe federation. This provides a generic layer in which rulesconcerning membership of the federation, sharing of capa-bilities (and their revocation) can be negotiated andagreed. For example, in certain situations an organisationmay make its resources available to third parties throughfederal arrangements which require the third party toreciprocate by sharing some resource that it controls orthe organisation may require certain guarantees regardingthe continued availability of shared resources or, con-versely, that shared resources can be unshared when theyare required.

3.2.3. Shared semantic layerFederations, as we understand them, exist to allow

autonomous organisations to share capabilities. However,

2830 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

any particular organisation will generally have its ownaddressing mechanisms and semantics for describing theresources that it controls and the capabilities that theysupport. If these resources are to be made available to thirdparties, the third party needs to be able to understand howthese resources correspond with its own internal view ofthe world. The shared semantic layer thus serves to pro-vide a mapping between the semantics used internally byeach party to the federation to describe their resourcesand capabilities to those used by the other parties. Thiscould be achieved by means of a standardised federalsemantic language, or it could be achieved by each partymapping directly between their internal semantics andthat of the other parties to the federation. What is impor-tant is that there is some means by which the mapping ismanaged.

3.2.4. Shared capabilities layerHaving established sufficiently secure communications,

a general resource sharing regime and shared semanticswith respect to resources, the prerequisites are in placeto allow capabilities to be shared. The capability sharinglayer is concerned with enabling members of federationsto manage the dynamic set of capabilities that are sharedbetween them. This includes providing a means wherebymembers of the federation can add and remove capabilitiesfrom the pool available to other parties in the federation, aswell as allowing other parties to discover which capabili-ties are available for use at any particular time. Such dy-namic facilities are crucial if the federation is to be viableover time – it is common to find that a resource controlledby an organisation is suddenly needed for some functionthat is important to the organisation and they need to beable to temporarily remove its capabilities from the poolavailable to third parties.

3.2.5. Operational rule layerThe capability sharing layer of the federal agreement

defines the resources that are currently available for fed-

eral members. However, in addition to this information,it is frequently useful for parties to be able to view the con-figuration of any particular shared resource at any particu-lar time. Similarly, it is frequently useful for parties to thefederation to be able to specify and define particular con-figurations for resources that they are utilising. The opera-tional rules layer provides this functionality to thefederation. These types of operational rules are normallycovered by what is known as policy based managementsystems.

3.2.6. Auditing and monitoring layerIn many cases, the lower layers of the federal model can

adequately manage their own auditing, reporting and com-pliance assurance. However, federal agreements may beformulated in such a way that compliance and verificationis only possible through observing aggregate activity oversignificant periods of time. So, for example, a federal agree-ment might include a clause that specifies that each mem-ber should more or less provide as many useful resourcesto the federation as they use. Due to random variations,traffic spikes and so on, such agreements can only reallybe meaningfully checked over significant periods of time.The Monitoring and auditing layer is thus the top layer ofthis federal model. It is responsible for providing membersof the federation with detailed monitoring of their compli-ance and that of counter-parties to federal agreements.Since such arrangements are based on the voluntary agree-ment of autonomous entities, it is particularly importantthat all parties are provided with sufficiently rich informa-tion which allows them to clearly understand the costs andbenefits of their membership in the federation.

4. Federal relationship manager

The Layered Federation Model (LFM), described above,is an abstract model which serves to decompose federalrelationships into a number of inter-dependant layers.There are a wide variety of technologies which could

Fig. 3. Layered Federation Model (LFM).

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2831

Author's personal copy

potentially be used to implement a software system thatcould support the management of such relationships. Forexample, the Ponder framework [14] constitutes a policyspecification language and a java-based policy deploymentand enforcement architecture which has, in theory at least,the flexibility to describe whatever rules are required in anydomain; XACML constitutes an extensible XML based policylanguage along with a general architecture for the integra-tion of access control policy management into any networkor application. It would be possible to implement a softwaresystem to support the LFM based on a wide variety of policylanguages, architectures or information models as thereare many that are sufficiently expressive to model, encodeand deploy a LFM instantiation. In the case of Ponder, forexample, although there is no explicit support for theconcept of a federation, any given federal relationship couldbe encoded by appropriately combining a set of the lan-guage’s domains, groups, management structures, rolesand relationships with an appropriate set of policy rules.

However, there are several reasons why using any ofthese solutions to support an implementation of the LFMwould be problematic. Most importantly, such approachestend to be relatively heavyweight as they are premised onthe assumption that all prospective parties have adopted arelatively complex set of common technologies prior toeven investigating any possibilities of collaboration. Thus,they are only viable solutions to support cross-organisa-tional collaborations when all of the organisations involveduse a common policy language (e.g. Ponder, XACML) orinformation model (e.g. DENng) to govern their federalinteractions. In the real world, particularly in the telecom-munications sector, organisations tend to have diverse de-ployed management systems, information models andnetwork architectures, and even when a common uniformplatform can be agreed for a federation, the costs of map-ping from internal models to those used by the federationare considerable.

When designing systems to help manage the sharing ofcapabilities across organisational boundaries, a useful ruleof thumb is that the greater the requirement for commontechnology, models and processes that do not already existacross the federation, the greater the barrier to adoption ofthe technology. Thus, when considering the problem of pro-viding technical tools to support the management of suchrelationships, our goal is to support as many of the aspectsof the LFM as is possible, while minimising the requirementfor common technologies, models and processes across theparticipants. Our FRM is designed as an interconnector be-tween existing management systems and existing semanticspaces, rather than a universal model that must be appliedacross the entire network of relationships. The goal of theFRM is to encapsulate the common technical infrastructurethat an organisation must adopt in order to manage andmaintain an arbitrarily complex set of federal relationships.It does not mandate any particular policy language, infor-mation model, management structures or processes acrossfederal relationships. The FRM is based upon the confluenceof two hitherto distinct research strands within the Knowl-edge and Data Engineering Group in Trinity College Dublinwithin the FAME project – the ontology mapping frame-work [42] and the Community Based Policy Management

System (CBPMS) [18]. Together they provide a basic frame-work upon which a FRM can be built that instantiates theLFM above.

4.1. The community-based policy management system(CBPMS)

The CBPMS is a general purpose policy managementframework designed to provide a flexible and secureauthority management capability that is policy languageand information-model neutral. The CBPMS supportsdecentralised management through delegation of capabil-ity authorities. Capability authorities are references tonodes on a capability–authority tree, and this tree is imple-mented as a service which can be deployed by the owner ofany resource that is to be shared. What makes the CBPMSparticularly suitable for application in this domain is thatthese capability authorities are higher-level constructsthan permissions – the standard unit of most access con-trol and management policy systems – and that they arestructured. This allows, for example, a telecommunicationsservice provider to grant StreamToHAN access to a partnerto all of their customers (or whatever subset they require)via a single delegation of a capability authority rather thanhaving to specify individual permissions for each userwhich is impractical on such a scale.

Fig. 4 shows a montage of two screen shots from theCBPMS management system.6 The panel on the left showsa fragment of the domain map, from the point of view ofan operator in the StreamToHAN scenario and the panel onthe right shows a section of the service operator’s capabilityauthority model. Federations are established through invok-ing the CBPMS federate primitive which creates an associa-tion between domains. Capabilities can be shared withfederated domains by delegating collections of nodes fromthe capability authority tree to associated nodes. Whencompared to the standard role and rule-based approach topolicy management, capability authorities yield consider-able gains in terms of the size of the policy search space thatmust be traversed for policy decisions. The ordering of capa-bility authorities partitions the policy search space. Fig. 5shows the practical advantages that this ordering brings interms of the size of the policy search space that must be tra-versed. The experiment involved randomly generatingequivalent sets of policies within a CBPMS implementationand a standard role-based policy system and comparingtheir performance over a large number of simulations. Inlarge, complex, cross-domain service delivery scenarios,such gains are extremely important, since many such ser-vices have relatively low tolerance for delays in establishingthe connections and even lower tolerance for delays in ser-vice delivery.

4.2. The semantic mapping framework

The semantic mapping framework illustrated in Fig. 6(extended from [42]) spans ontology mapping creation,

6 Implemented as Drupal modules, the popular open-source contentmanagement system: www.drupal.org.

2832 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

through use and reuse, to evolution and management. Thisframework is deployed within the FRM to enable the effec-tive and efficient creation and management of mappingsbetween domains to increase understanding of sharedcapabilities across federations. For example, in the Stream-ToHAN scenario this would include (a) the capabilitiesshared within federations (typically network or service re-sources), (b) the context used in communication services,and (c) the policies used to express governance over thecapabilities.

Current ontology mapping approaches can be charac-terised as: ‘‘knowledge engineers” engaging in ‘‘one shot”processes that result in static ‘‘one size fits all” mappingswhich are then published for indiscriminate use. In con-trast, the ontology mapping process deployed in ourframework is designed to: (a) cope with the diversity of ac-tors involved in managing a federation (i.e. not always spe-cialist knowledge engineers with specialist tools) [13]; (b)allow for the diversity7 of ontology mapping execution

deployments; (c) enable rich annotation of ontology map-pings through meta-data (see below); (d) enable sustainableand scalable deployment of mappings through dependencymodelling [7]. Aspects (a) and (b) are advances in active re-search areas, however, aspects (c) and (d) contribute to re-search topics that have been heretofore neglected but arecritical to industrial uptake and deployment.

In order to support the use, reuse, and evolution ofontology mappings, meta-data documenting the ontologymapping lifecycle is needed. In our system, this meta-dataare collected and processed by a combination of automaticextraction from the ontologies and mappings and manualentry of meta-data by the stakeholders. In addition, thecollected meta-data can be exported in an ontology-basedrepresentation that supports ontology mapping meta-dataprocessing and interoperability. Our meta-data model isbased upon an extensive evaluation in 2009 of meta-datasupport for management of ontology mappings in 13 map-ping creation and management tools [51]. The Goal Ques-tion Metric (GQM) method was applied as an establishedmethod for structured and replicable evaluation of soft-ware products [2]. The 31 evaluation criteria establishedin [51] formed the basis for subsequent meta-data modeldevelopment.

The meta-data model is under incremental validationthrough application to use-cases such as our StreamToHANscenario. Mapping discovery is important for StreamTo-HAN when a new media device appears in the HAN, forexample due to a purchase by the HAN owner from a thirdparty. If the capabilities offered by this device are not al-ready sufficiently described within the operator–customerfederation then some form of mapping will be required toallow the customer to share those capabilities. Given alarge network of customers or access to a global sourceof potential mappings like the Semantic Web it is verylikely that another customer has already deployed thesecapabilities and performed the expensive task of creatingsuitable mappings for them. Hence efficient mapping dis-covery and subsequent re-use can potentially ease thedeployment and integration costs. Evaluation of the poten-tial for re-use can be separated from discovery and is thedomain of machine-based mapping reasoning and recom-mendation enabled by our ontology-based representationof the mapping meta-data.

In order to evaluate the meta-data’s ability to augmentdiscovery, a set of common mapping discovery tasks weredefined (e.g. find mappings for a specific pair of named

Fig. 4. CBPMS domain relationship and capability authority model screenshots.

1

10

100

1000

10000

10 20 50 100 200 500 1000 2000 5000

Number of Policies

Num

ber o

f Eva

luat

ions

Req

uire

d

RBACCBPMS (worst-case)CBPMS (normal)

Fig. 5. Simulated cost of CBPMS as against RBPMS with respect to policysearch space size.

7 Mappings themselves are naturally diverse, in terms of complexity(equivalence, conversions, conceptual or structural relationships betweenontologies) and representation formats (OWL [31], INRIA (RDF-based) [16],SKOS [37], SKOS, SWRL, XSLT or XQuery and various proprietary formats).

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2833

Author's personal copy

ontologies, in a specific mapping file format), and then val-idated by a survey of 15 independent domain experts. Thisallowed lab-based, automated information retrieval teststo be run to establish if the retrieval effectiveness and effi-ciency was improved by using a semantic model of theontologies, mapping features and life-cycle information.For this purpose an ontology mapping management frame-work (Moom) was built as a plug-in module using the Dru-pal content management system and supporting aSPARQL-based [45] mapping discovery mechanism. SPAR-QL, the RDF query language, is used to query the mappingrepository which is a knowledge base expressed in OWL/RDF. Ontology mapping files stored in the Moom reposi-tory were analysed to suggest automatically extractedmapping meta-data fields and a knowledge engineer wasable to verify these fields and enter additional meta-data.In the experiment, a file-based finder of the mapping fileswas compared to the metadata-based finder. These exper-iments have shown that the metadata-based approach hasthe same or better Recall and Precision than the file-basedfinder and that some discovery tasks were impossible withthe file-based approach (e.g. due to the greater variety of

search terms available in a meta-data based approach).Non-functional performance improvements were alsodemonstrated – Fig. 7 shows a comparison of query timesfor the 15 tasks identified in the scenario. Reduced querycomplexity was also shown. These findings, showingimprovements in both the functional and non-functionalproperties of the system, provide evidence that our ap-proach of defining a richer, ontology-based meta-datamodel for mappings is superior to the minimal meta-datadefined by the other 13 mapping tools we surveyed [51].Efficient mapping discovery and re-use are key enablersto building flexible federation systems that will be ableto deal with a realistic diversity of model schemata thatare changing over the federation lifecycle in an implement-able fashion.

4.3. Combined FRM architecture

Fig. 8 shows the basic design of the FAME FRM. At its coreit bundles together a semantic mapping framework with theCBPMS authority distribution system. It operates accordingto the following pattern: the relationship-management

Fig. 6. Semantic mapping lifecycle with Reuse-oriented meta-data creation.

2834 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

service (as shown in Fig. 4), which can be controlled byresource/capability and relationship policies in the localnetwork management system (NMS), allows an organisa-tion to form relationships and share capabilities with thirdparties and make them available through a web-service-based API. Standard mechanisms for establishing trustedcommunications, for example [55], is assumed. Federationrelationship negotiation is currently a manual process butfederations can be programmatically initiated, maintainedand terminated. Establishing a shared semantics for thefederation is normally done incrementally throughout thefederation lifecycle since the system depends on ‘‘just

enough” semantics driven by the actual capabilities shared(whether imported or exported) within the federation atthe current point in time. For example, a StreamToHANcustomer may need to augment the shared semantics ofan operator–customer federation when new devices withnew capabilities are deployed in the HAN. Thus the ‘‘Capa-bility Publication and Discovery” mechanism of the FRM iscentral to driving semantic convergence. This is imple-mented via linked-data style RDF publication on anauthenticated SPARQL endpoint. Hence a minimal commonOWL-based semantics are defined for federations, capa-bilities and capability authorities. However, these are

Query Time

0

500

1000

1500

2000

2500

3000

3500

1a 1b 2a 2b 3 4 5 6 7 8 9 10 11 12 14 15

Discovery Task (ID)

Mill

isec

on

ds File Finder

Query Time

Metadata FinderQuery Time

Fig. 7. Comparison of query times for file-based and metadata-based mapping searches.

Fig. 8. FAME Federal Relationship Manager.

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2835

Author's personal copy

published as RDF statements with a collection of associ-ated RDF describing the web-service based entry point tothose capabilities. This loose coupling allows for redun-dancy of capability authority definition and supports SPAR-QL-based discovery. Authentication is required sincecapability browsing is limited to a specific federation con-text and hence a specific capability representation. There isalso a lightweight XMPP-based ‘‘presence” service sup-ported to allow for notification-based capability discovery.Upon discovering new capabilities or during federation for-mation the semantic mapping framework can be useddetermine and manage appropriate mappings, or at leastto identify capability descriptions that require user supportto enable interoperability.

Capability sharing is itself enabled through the CBPMSarchitecture which maintains a distributed capability dele-gation graph and provides a Policy Decision Service to re-solve policy evaluation requests (both locally forexported capability authority policies and remotely for im-ported capability authority policies).

The semantic mapping framework also allows organisa-tions to map capabilities that have been shared by thirdparties to their own local information models and to man-age these mappings too as they change over time. The FRMprovides an extremely useful capability for cross-organisa-tional management: It processes any requests for capabil-ity use from third parties, validates these against itsinternal relationship model, maps them to the localsemantic space and delivers the request, in a locally com-prehensible language, to the local management system –which can then do whatever it wants with the request, safein the knowledge that the FRM has guaranteed that the re-quest is consistent with capability sharing agreements thatthe organisation has entered into. In essence the FRM pro-vides the middle 3 layers of the LFM (relationship defini-tion, shared semantics and shared resources) and allowsthe 5th and 6th layers to be provided by the managementsystems of the various participants.

The FRM configuration operates as a run-time filter oncapability invocations by third parties, which enforcessecurity checks on all invocations and translates them intoa representation that allows them to be directly invokedinternally. The configuration is deployed as a sequence oflightweight filters, as shown in Fig. 9. The lower trackshows how meta-data are consumed and transformed bythe FRM runtime, while the invocation data are trans-formed along the upper track.

5. Conclusions and future work

This principal aim of this work is the development of amanagement framework which facilitates more agile shar-ing of ICT capabilities between autonomous organisationswith heterogeneous deployed systems. Critical to theachievement of this goal is that the framework remainslightweight in terms of the common technical infrastruc-ture that must be deployed by participants, the overheadof establishing and administering federations, and theoperational overhead of the federated management systemon runtime service delivery. The work described in this pa-per has described several concrete advances in our pro-gress towards this goal.

The design and implementation of the FRM has illus-trated how semantics and authority management technol-ogies can be successfully combined to manage thedistribution of complex capabilities between independentorganisations with heterogeneous underlying IT systemsand management information models, in such a way thatthey can conveniently integrate the imported capabilitieswith their existing management systems. The use ofopen-world semantic web languages – OWL and RDF – todescribe capabilities helps to minimise the technical bar-rier to entry, as participants in federations only needimplement support for those capabilities that they areinterested in, without removing the ability to describearbitrarily complex capability semantics. Furthermore,the meta-data based semantic mapping framework imple-mented in the FRM also helps to ease the administrationoverhead of federations throughout their lifecycle by pro-viding both functional and non-functional improvementsin the ease of mapping management and reuse. The CBPMSrelationship map and capability authority model deployedto manage the distribution of authority for capability usageacross federations is inherently simple and lightweight tomaintain over time, having been developed and success-fully applied in problem domains where management re-sources are more constrained – such as collaborativemanagement of the resources of internet communitiesand consumer-management of information sharing [18].In this paper, we have shown that our use of the capabilityauthority graph to model policy can reduce policy-searchoverhead by an order of magnitude – reducing the run-time overhead of deploying the FRM by a similar margincompared to standard role-based policy systems. Thismeasure is particularly important in this context – as

Fig. 9. FRM run-time processing.

2836 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

shared capability authorities may need to be processed bymultiple management systems as they pass through differ-ent domains along their delivery path.

The definition of federation and the LFM that we haveintroduced in this work have been developed alongsideour engineering work to allow us to break inter-organisa-tional relationships down into dependant layers to rendertheir definition and maintenance more tractable and trans-parent. This LFM model has proved invaluable in analysinga series of use-cases developed in collaboration with ourindustrial partners on the FAME project. The utility of thismodel is accentuated by the fact that its layers proved easyto map to technical implementations. The FRM implemen-tation described in this paper only partially covers the LFMlayers– the trusted communications layer is assumed –and the integration work on that LFM component isongoing.

Furthermore, although our FRM implementation sup-ports easy integration with local management systems, itassumes that the formation of relationships, the structureof federations and the definition of operational rules togovern the capabilities shared across them is a manualtask. The FRM provides tools that facilitate such interac-tions, but it does not support automated federation discov-ery and negotiation. For the current work, we haveassumed that entities have some means of discoveringthird parties that they would like to form federations withand communicating with them about the capabilities thatthey offer. How they do so is beyond the scope of this workwhich addresses the problem of how entities can form fed-erations with third parties once they have come to the con-clusion that sharing some resources with that third party ispotentially desirable. A continuing focus of our research isthe limits to which it is practicable to automate the nego-tiation and formation of federal relationships betweenautonomous entities. The first phase of this work will belimited to selection of pre-existing federation templatessuch as the operator–customer federation type and federa-tion roles from the StreamToHAN scenario.

Although the use-cases described in this study are rela-tively realistic and correspond closely with the capabilitysharing agreements that service providers offer and wishto offer in order to deliver services to emerging computingenvironments, the real world tends to be more complex. Inaddition to network and service providers, there arenumerous other parties who hold some stake or other insuch services. Device and service providers often, in prac-tice, control some of the capabilities that exist within a do-main such as the HAN and they form agreements with oneanother which can be complex. Another strand of ourcontinuing research is the application of the FRM to morecomplex multi-organisational arrangements which involvean increasing number of autonomous organisations.

Acknowledgements

This research is partially supported by the ScienceFoundation Ireland (Grant 08/SRC/I1403) as part of theFederated, Autonomic End to End Communications Ser-vices Strategic Research Cluster (www.fame.ie).

References

[1] A. Doan, A.Y. Halevy, Semantic integration research in the databasecommunity: a brief survey, AI Magazine 26 (2005) 7–10.

[2] V.R. Basili, G. Caldiera, H.D. Rombach, Goal question metricapproach, 2000. Available from: <ftp://ftp.cs.umd.edu/pub/sel/papers/gqm.pdf>.

[3] P. Bernstein, S. Melnik, M. Petropoulos, C. Quix, Industrial-strengthschema matching, SIGMOD Record 33 (2004) 38–43.

[4] P.A. Berstein, S. Melnik, Model management 2.0: manipulating richermappings, in: Proceedings of 2007 ACM SIGMOD InternationalConference on Management of Data, 2007, pp. 1–12.

[5] P. Bhoj, S. Singhal, S. Chutani, SLA management in federatedenvironments export, Computer Networks 35 (1) (2001) 5–24.

[6] R. Bhatti, E. Bertino, A. Ghafoor, X-FEDERATE: a policy engineeringframework for federated access management, IEEE Transactions onSoftware Engineering 32 (5) (2006) 330–346.

[7] A. Boran, D. O’Sullivan, V. Wade, A case study of an ontology-drivendynamic data integration in a telecommunications supply chain, in:Proceedings of the Workshop on the First Industrial Results ofSemantic Technologies, 2007, pp. 1–13.

[8] R. Boutaba, I. Aib, Policy-based management: a historicalperspective, Journal of Network and System Management 15 (4)(2007) 447–480.

[9] L. Lamers (Ed.), Common Information Model (CIM) Infrastructure,Version 4.2.6, DMTF. <http://www.dmtf.org/standards/published_documents/DSP0004_2.6.0.pdf>, 2009 (accessed 25.06.10).

[10] L.M. Camarinha-Matos, H. Afsarmanesh, A comprehensive modelingframework for collaborative networked organizations, Journal ofIntelligent Manufacturing 18 (2007) 529–542.

[11] M. Johnson (Ed.), Configuration Management Database (CMDB)Federation Specification, Document: DSP0252 Version: 1.0.1,DMTF. <http://www.dmtf.org/standards/cmdbf>, 2010 (accessed15.06.10).

[12] O. Corcho, A declarative approach to ontology translation withknowledge preservation, in: Frontiers in Artificial Intelligence andApplications, IOS Press, Amsterdam, 2005.

[13] C. Conroy, R. Brennan, D. O’Sullivan, D. Lewis, User evaluation studyof a tagging approach to semantic mapping, in: Proceedings of theEuropean Semantic Web Conference, 2009, pp. 623–637.

[14] N. Damianou, The ponder policy specification language, DoctoralThesis, Imperial College London, 2001.

[15] A.A. El-Kalam, S. Benferhat, A. Miege, R. El-Baida, F. Cuppens, C.Saurel, P. Balbiani, Y. Deswarte, G. Trouessin, Organization basedaccess control, in: Proceedings of the Fourth IEEE InternationalWorkshop on Policies for Distributed Systems and Networks, 2003,p. 120.

[16] J. Euzenat, An API for ontology alignment, in: Proceedings of theInternational Semantic Web Conference, 2004. pp. 698–712.

[17] S. Falconer, N. Noy, M. Storey, Ontology mapping – a user survey. in:Proceedings of the Second International Workshop on OntologyMatching, 2007, pp. 49–60.

[18] K. Feeney, D. Lewis, D. O’Sullivan, Service oriented policymanagement for web-application frameworks, IEEE InternetComputing Magazine 13 (6) (2009) 39–47.

[19] M. Feridun, M. Moser, A. Tanner, Building an abstraction layer formanagement systems integration, in: Proceedings of First IEEE/IFIPInternational Workshop, 2007.

[20] P.J. Grefen, K. Aberer, H. Ludwig, Y. Hoffner, Crossflow: cross-organizational workflow management for service outsourcing indynamic virtual enterprises, IEEE Data Engineering Bulletin 24 (1)(2001) 52–57.

[21] A. Hameed, A. Preece, D. Sleeman, Ontology reconciliation –handbook of ontologies, in: S. Stabb, R. Suder (Eds.), InternationalHandbooks on Information Systems, Springer, Berlin, 2004, pp. 231–250.

[22] A. Halevy, A. Rajaraman, J. Ordille, Data integration: the teenageyears, VLDB, 2006, pp. 9–16.

[23] S. Hudert et al., Negotiating SLAs – an approach for a genericnegotiation framework for WS-agreement, Journal of GridComputing Springer Netherlands 7 (2) (2009) 225–246.

[24] ITU-T Recommendation, M.3050.4 Enhanced Telecom OperationsMap (eTOM) – B2B integration: using B2B inter-enterpriseintegration with the eTOM, 2007.

[25] B. Jennings, R. Brennan, W. Donnelly, S. Foley, D. Lewis, D. O’Sullivan,J. Strassner, S. van der Meer, Challenges for federated, autonomicnetwork management in the future network, in: First IFIPInternational Workshop on Management of the Future Internet(ManFI’2009), IEEE, 2009, pp. 87–92.

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2837

Author's personal copy

[26] Y. Kalfoglou, M. Schorlemmer, Ontology mapping: the state of theart, The Knowledge Engineering Review 18 (1) (2003) 1–31.

[27] L. Kagal, J. Hendler, T. Berners-Lee, The semantic web and policy,Journal of Web Semantics: Science, Services and Agents on theWorld Wide Web 7 (1) (2009) vii–ix.

[28] A. Keller, U. Blumenthal, G. Kar, Classification and computation ofdependencies for distributed management, in: Proceedings of theFifth International Conference on Computers and Communications(ISCC’2000), 2000, pp. 78–83.

[29] J. Keeney, D. Lewis, D. O’Sullivan, A. Roelens, A. Boran, R. Richardson,Runtime semantic interoperability for gathering ontology-basednetwork context, in: Proceedings of the IEEE/IFIP NetworkOperations and Management Symposium (NOMS’2006), IEEE,Vancouver, Canada, 3–7 April 2006, pp. 56–65.

[30] A. Keller, H. Ludwig, G. Kar, A. Dan, J.L. Hellerstein, Managingdynamic services: a contracts-based approach to a conceptualarchitecture, in: IEEE/IFIP Network Operations and ManagementSymposium (NOMS), Florence, Italy, April 15–19, 2002, pp. 513–528.

[31] OWL Web Ontology Language Reference. Available from: <http://www.w3.org/TR/owl-ref/>.

[32] M. Lanzenberger, J. Sampson, Making ontologies talk: knowledgeinteroperability in the semantic web, in: IEEE Intelligent Systems,November/December 2008, pp. 72–86.

[33] D. Lewis, D. O’Sullivan, R. Power, J. Keeney, Semantic interoperabilityfor an autonomic knowledge delivery service, in: Proceedings ofSecond IFIP WG6.6 International Workshop on AutonomicCommunication – Autonomic Communication Principles,Vouliagmeni, Athens, Greece, October 3–5, 2005, pp. 129–140.

[34] J.E. López de Vergara, V.A. Villagrá, J. Berrocal, Applying the webontology language to management information definitions, IEEECommunications Magazine 42 (7) (2004) 68–74.

[35] S. McIlraith, T.C. Son, H. Zeng, Semantic web services, IEEE IntelligentSystems 15 (2) (2001) 46–53.

[36] R.J. Miller, M.A. Hernandez, L.M. Haas, L.-L. Yan, C.T.H. Ho, R. Fagin, L.Popa, The Clio project: managing heterogeneity, Proceedings ofSIGMOD 30 (1) (2001) 78–83.

[37] A. Miles, B. Brickley, Skos core guide. Technical report, World WideWeb Consortium (W3C), 2005. Available from: <http://www.w3.org/TR/2005/swbp-skos-coreguide>.

[38] T. Moser et al., Semantic service matchmaking in the ATM domainconsidering infrastructure capability constraint, in: Proceedings of21st International Conference on Software Engineering andKnowledge Engineering (SEKE’2009), Boston, 1–3 July, 2009, pp.222–227.

[39] The NGOSS Technology Neutral Architecture, TMF 053, Version 5.7(November 2006).

[40] N. Noy, Semantic integration a survey of ontology-based approaches,in special issue on semantic integration, SIGMOD Record 33 (4)(2004) 65–70.

[41] T. Nurmela, L. Kutvonen, Service level agreement management infederated virtual organizations, in: Distributed Applications andInteroperable Systems, Lecture Notes in Computer Science, vol.4531, Springer, Berlin, 2007, pp. 62–75.

[42] D. O’Sullivan, V. Wade, D. Lewis, Understanding as We Roam, IEEEInternet Computing 11 (2) (2007) 26–33.

[43] R.S. Pepijn, M.J. Dean, T.J. Bench-capon, M. Shave, An analysis ofontological mismatches: heterogeneity versus interoperability, in:Proceedings of AAAI Spring Symposium on Ontological Engineering,Stanford, USA, 1997.

[44] J.D. Poston, W.D. Horne, M.G. Taylor, F.Z. Zhu, Ontology-basedreasoning for context-aware radios: insights and findings fromprototype development, in: IEEE International Symposium on NewFrontiers in Dynamic Spectrum Access Networks, DySPAN 2005.Baltimore, USA, 2005, pp. 634–637.

[45] E. Prud’hommeaux, A. Seabourne (Eds.), SPARQL Query Language forRDF, W3C Recommendation 15 January 2008.

[46] G. Klyne, J.J. Carroll, B. McBride, Resource description framework(RDF): concepts and abstract syntax, W3C recommendation, 2004.

[47] R. Sandhu, E. Coyne, H. Feinstein, C. Youman, Role-based accesscontrol models, IEEE Computer 29 (2) (1996) 38–47.

[48] M. Sloman, J. Moffett, Domain model of autonomy, in: Proceedings ofthe Third Workshop on ACM SIGOPS European Workshop:Autonomy Or interdependence in Distributed Systems? ACM, NewYork, pp. 1–4.

[49] J. Strassner, DEN-ng: achieving business-driven networkmanagement, in: Proceedings of Network Operations andManagement Systems, 2002, pp. 753–766.

[50] A. Tanner, M. Feridun, A. Nikulchenko, Fusio: semantic integration ofsystems management and enterprise information, IBM Technical

Report RZ 3752, 2009. Available from: <http://domino.research.ibm.com/library/cyberdig.nsf>.

[51] H. Thomas, D. O’Sullivan, R. Brennan, Ontology mappingrepresentations: a pragmatic evaluation, in: Proceedings of 21stInternational Conference on Software Engineering and KnowledgeEngineering (SEKE’2009), Knowledge Systems Institute GraduateSchool, Boston, 2009, pp. 228–232.

[52] J. Tonti, J.M. Bradshaw, R. Jeffers, R. Montanari, N. Suri1, A. Uszok,Semantic web languages for policy representation and reasoning: acomparison of KAoS, Rei, and Ponder, in: Proceedings of SecondInternational Semantic Web Conference (ISWC’2003), LNCS, vol.2870, Springer, Berlin, 2003, pp. 419–437.

[53] J. Uszok et al., KAoS policy and domain services: toward adescription-logic approach to policy representation, deconfliction,and enforcement, in: Proceedings of IEEE Fourth InternationalWorkshop on Policies for Distributed Systems and Networks(POLICY’2003), Italy, 2003, pp. 93–96.

[54] B. Yathiraj, P. Munindar, Governance of cross-organizational serviceagreements: a policy-based approach, in: Proceedings of IEEEInternational Conference on Services Computing (SCC’2007), 2007,pp. 36–43.

[55] H. Zhou, S. Foley, A framework for establishing decentralized securecoalitions, in: IEEE Computer Security Foundations Workshop, IEEE,2006.

[56] J. Zieba, B. Kryza, R. Slota, L. Dutka, J. Kitowski, Ontology alignmentfor contract based virtual organizations negotiation and operation,in: International Conference on Parallel Processing and AppliedMathematics (PPAM’2007) LNCS, vol. 4967, Springer, Berlin, 2007,pp. 835–843.

Kevin Feeney is a research fellow in theknowledge and data engineering group(KDEG), Trinity College Dublin (TCD), Ireland.His research focuses on distributed anddecentralised management systems. He hasspent the last 13 years modelling, designingand developing distributed systems, spreadevenly across industry and academia, in areasspanning everything from telecommunica-tions and financial systems to consumerinternet applications.

Rob Brennan is a research fellow in theknowledge and data engineering group(KDEG), Trinity College Dublin (TCD), Ireland.His research interests include semanticinteroperability, intelligent distributed sys-tems, and the application of semantics tosystems management. He has contributed to3GPP, TMF, IETF, and OMG communicationsstandards. He has a Ph.D. (2004) from DublinCity University. Prior to TCD he worked in theEricsson network management research cen-ter, Ireland and several start-ups.

John Keeney is a research fellow with KDEGin the School of Computer Science and Sta-tistics at TCD. His research focuses on the useof semantics in the management of autonomicadaptable systems, particularly networkingand telecoms systems. He graduated fromTCD in 1999 with an undergraduate degree incomputer engineering. His Ph.D. in computerscience, also from TCD, was completed in2004. He has published in excess of 30 papersin significant journals, conferences, andworkshops.

2838 K. Feeney et al. / Computer Networks 54 (2010) 2825–2839

Author's personal copy

Hendrik Thomas studied Business Informa-tion Systems in Germany and won the beststudent award in 2005. Afterwards he workedas a research assistant for the Digital Mecha-nism and Gear Library and developed ontol-ogy-based retrieval tools. In 2007 he won thebest paper award at the I-Society Interna-tional Conference, USA. In 2008, he started hisPhD in KDEG, Trinity College Dublin and isworking on an ontology-based framework toimprove reuse of ontology mappings. Hisresearch is within the SFI research project

FAME. Since 2009 he continues his PhD in collaboration with MasseyUniversity in New Zealand.

Dave Lewis is a Research Lecturer with theKnowledge and Data Engineering Group(KDEG) in the School of Computer Science andStatistics of Trinity College, Dublin. He has 19years R&D experience in academia andindustry, with over 100 publications. His workencompasses the knowledge-driven engi-neering of open distributed systems for inte-grated Network and Service Management andfor Autonomic Pervasive Computing andCommunication systems.

Aidan Boran has 20 years research anddevelopment experience in the telecommu-nications industry. He has working on thedevelopment, integration and support of 2Gand 3G mobile networks, focusing especiallyon network management software. In 1997,he joined Lucent Technologies to work withthe 2G and 3G network management devel-opment group. In 2004 he began a researchrole in Bell Labs Ireland focusing on data andenterprise integration. He holds a BAI (1988)in engineering from Trinity College, Dublin.

He is currently completing a PhD in Computer Science at Trinity College,Dublin focusing on the management of ontology-based informationintegration systems.

Declan O’Sullivan is director of the KDEG atTCD, and has over 20 years’ R&D experience inboth industry and academia. He holds Ph.D.,M.Sc., and B.A.(Mod) degrees in computerscience from TCD. His particular researchinterest is in knowledge driven approaches toachieving semantic interoperability, espe-cially applied to network and service man-agement in distributed networks. During histime in industry, he was involved in industryand fora such as TeleManagement Forum andObject Management Group (OMG). He has

over 70 publications, and has contributed to several organizing andprogram committees in this field.

K. Feeney et al. / Computer Networks 54 (2010) 2825–2839 2839