Efficiently Characterizing the Undefined Requests of a Rule-Based System

Abstract : Rule-based systems are used to define complex policies in several contexts, because of the flexibility and modularity they provide. This is especially critical for security systems, which may require to compose evolving policies for privacy, accountability, access control, etc. The inclusion of conflicting rules in complex policies, results in the inability of the system to unambiguously answer to certain requests, with possibly unpredictable effects. The static identification of these undefined requests is particularly challenging for unconstrained rule-based systems, including quantifiers, computations and chaining of rules. In this paper we introduce a static method to precisely characterize the set of all undefined requests for a given unconstrained rule-based system, providing the user with a global view of the rule conflicts. We propose an enumerative approach, made usable in practice by two key performance optimizations: a finer classification of the rules and the resort of the topological sorting. We demonstrate its application on a well-known policy with more than fifty rules.
Type de document :
Communication dans un congrès
IFM 2018 - 14th International Conference on integrated Formal Methods, Sep 2018, Maynooth, Ireland. Springer, 11023, pp.69-88, LNCS. 〈10.1007/978-3-319-98938-9_5〉
Liste complète des métadonnées

Littérature citée [27 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01828305
Contributeur : Zheng Cheng <>
Soumis le : mardi 3 juillet 2018 - 17:52:04
Dernière modification le : lundi 24 septembre 2018 - 11:34:03
Document(s) archivé(s) le : lundi 1 octobre 2018 - 06:38:22

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Zheng Cheng, Jean-Claude Royer, Massimo Tisi. Efficiently Characterizing the Undefined Requests of a Rule-Based System. IFM 2018 - 14th International Conference on integrated Formal Methods, Sep 2018, Maynooth, Ireland. Springer, 11023, pp.69-88, LNCS. 〈10.1007/978-3-319-98938-9_5〉. 〈hal-01828305〉

Partager

Métriques

Consultations de la notice

194

Téléchargements de fichiers

41