Specifying System Configurations in a Federated Environment

Large applications now depend on components and services from numerous providers. Many individuals, and different organisations will also have requirements on various aspects of the composite system. For example; the configuration of a simple web server may involve some configuration which is provided (by default) from the vendor, some which is mandated by the local security policies, some which is necessary to provide compatibility with some collaborator's service, some which is delegated to a particular application developer, etc, etc.

I will talk about some recent work on constraint-based configuration languages which allows these requirements to be composed without (unnecessary) conflicts or manual negotiations. For both security, and "blame" for errors, we would also like to know who is "responsible" for what in the resulting configuration, and I will talk about the problems of attributing provenance in this environment.