Policy conflict analysis using tableaux for on demand VPN framework

The medical field has a requirement for ubiquitous computing with secure and reliable access control to permit patient information to be logged as they go about their normal activities or to permit medics to access patient information remotely from various mobile devices. Healthcare involves many different people from multiple organizations - general practitioner, hospital doctor or nurse, social workers - who all need different information. Defining the required authorization policies can be very complex, resulting in conflicts, which could result in information leaks, with privacy implications, or prevent access to information needed. We propose an approach for detecting conflicts defined in an authorization policy by using free variable tableaux. Our method enables us not only to detect a conflicting policy statically, but also to obtain information that would be helpful to correct the policy by using abductive inference.