Business rules engine


A business rules engine is a software system that executes one or more business rules in a runtime production environment. The rules might come from legal regulation, company policy, or other sources. A business rule system enables these company policies and other operational decisions to be defined, tested, executed and maintained separately from application code.
Rule engines typically support rules, facts, priority, mutual exclusion, preconditions, and other functions.
Rule engine software is commonly provided as a component of a business rule management system which, among other functions, provides the ability to: register, define, classify, and manage all the rules, verify consistency of rules definitions, define the relationships between different rules, and relate some of these rules to IT applications that are affected or need to enforce one or more of the rules.

IT use

In any IT application, business rules can change more frequently than other parts of the application code. Rules engines or inference engines serve as pluggable software components which execute business rules that a business rules approach has externalized or separated from application code. This externalization or separation allows business users to modify the rules without the need for IT. The system as a whole becomes more easily adaptable with such external business rules, but this does not preclude the usual requirements of QA and other testing.

History

An article in Computerworld traces rules engines to the early 1990s and to products from the likes of Pegasystems, Fair Isaac Corp and ILOG.

Design strategies

Many organizations' rules efforts combine aspects of what is generally considered workflow design with traditional rule design. This failure to separate the two approaches can lead to problems with the ability to re-use and control both business rules and workflows. Design approaches that avoid this quandary separate the role of business rules and workflows as follows:
Concretely, that means that a business rule may do things like detect that a business situation has occurred and raise a business event or create higher level business knowledge. On the other hand, a workflow would respond to an event that indicated something such as the overloading of a routing point by initiating a series of activities.
This separation is important because the same business judgment or business event can be reacted to by many different workflows. Embedding the work done in response to rule-driven knowledge creation into the rule itself greatly reduces the ability of business rules to be reused across an organization because it makes them work-flow specific.
To create an architecture that employs a business rules engine it is essential to establish the integration between a BPM and a BRM platform that is based upon processes responding to events or examining business judgments that are defined by business rules. There are some products in the marketplace that provide this integration natively. In other situations this type of abstraction and integration will have to be developed within a particular project or organization.
Most Java-based rules engines provide a technical call-level interface, based on the JSR-94 application programming interface standard, in order to allow for integration with different applications, and many rule engines allow for service-oriented integrations through Web-based standards such as WSDL and SOAP.
Most rule engines provide the ability to develop a data abstraction that represents the business entities and relationships that rules should be written against. This business entity model can typically be populated from a variety of sources including XML, POJOs, flat files, etc. There is no standard language for writing the rules themselves. Many engines use a Java-like syntax, while some allow the definition of custom business-friendly languages.
Most rules engines function as a callable library. However, it is becoming more popular for them to run as a generic process akin to the way that RDBMSs behave. Most engines treat rules as a configuration to be loaded into their process instance, although some are actually code generators for the whole rule execution instance and others allow the user to choose.

Types of rule engines

There are a number of different types of rule engines. These types differ in how Rules are scheduled for execution.
Most rules engines used by businesses are forward chaining, which can be further divided into two classes:
The biggest difference between these types is that production rule engines execute when a user or application invokes them, usually in a stateless manner. A reactive rule engine reacts automatically when events occur, usually in a stateful manner. Many popular commercial rule engines have both production and reaction rule capabilities, although they might emphasize one class over another. For example, most business rules engines are primarily production rules engines, whereas complex event processing rules engines emphasize reaction rules.
In addition, some rules engines support backward chaining. In this case a rules engine seeks to resolve the facts to fit a particular goal. It is often referred to as being goal driven because it tries to determine if something exists based on existing information.
Another kind of rule engine automatically switches between back- and forward-chaining several times during a reasoning run, e.g. the Internet Business Logic system, which can be found by searching the web.
A fourth class of rules engine might be called a deterministic engine. These rules engines may forgo both forward chaining and backward chaining, and instead utilize domain-specific language approaches to better describe policy. This approach is often easier to implement and maintain, and provides performance advantages over forward or backward chaining systems.
There are some circumstance where Fuzzy Logic based inference may be more appropriate, where heuristics are used in rule processing, rather than Boolean rules. Examples might include customer classification, missing data inference, customer value calculations, etc. The DARL language and the associated inference engine and editors is an example of this approach.

Rules engines for access control / authorization

One common use case for rules engines is standardized access control to applications. OASIS defines a rules engine architecture and standard dedicated to access control called XACML.
One key difference between a XACML rule engine and a business rule engine is the fact that a XACML rule engine is stateless and cannot change the state of any data.
The XACML rule engine, called a Policy Decision Point, expects a binary Yes/No question e.g. "Can Alice view document D?" and returns a decision e.g. Permit / deny.