Title :
Geometric Interpretation of Policy Specification
Author :
Basile, Cataldo ; Cappadonia, Alberto ; Lioy, Antonio
Author_Institution :
Dipt. di Autom. e Inf., Politec. di Torino, Torino
Abstract :
The actual implementation of a policy on real devices must be done by providing a "set of rules". Nevertheless, no extensive studies were performed to completely model this crucial process. This paper provides a formal geometric interpretation of the policy specification focusing on the role of three factors: the detection, the resolution and the default behavior. The resulting model allows for the definition of new resolution strategies and the definition of "morphisms" between rule sets where conflicts are managed using different resolution methods. Additionally, it provides a mean to classify conflicts and anomalies for the "generic" resolution strategy. The effectiveness of the theory is proven by means of experimental results.
Keywords :
authorisation; computational geometry; formal specification; default behavior; firewall rules; formal geometric interpretation; policy specification; resolution strategy; Conferences; Desktop publishing; Information management; Magnetic resonance; Management information systems; Solid modeling; System testing; policy conflict; policy resolution; policy specification;
Conference_Titel :
Policies for Distributed Systems and Networks, 2008. POLICY 2008. IEEE Workshop on
Conference_Location :
Palisades, NY
Print_ISBN :
978-0-7695-3133-5
DOI :
10.1109/POLICY.2008.36
