Skip to Main content Skip to Navigation
Conference papers

Efficiently Characterizing the Undefined Requests of a Rule-Based System

Abstract : Rule-based systems are used to define complex policies in several contexts, because of the flexibility and modularity they provide. This is especially critical for security systems, which may require to compose evolving policies for privacy, accountability, access control, etc. The inclusion of conflicting rules in complex policies, results in the inability of the system to unambiguously answer to certain requests, with possibly unpredictable effects. The static identification of these undefined requests is particularly challenging for unconstrained rule-based systems, including quantifiers, computations and chaining of rules. In this paper we introduce a static method to precisely characterize the set of all undefined requests for a given unconstrained rule-based system, providing the user with a global view of the rule conflicts. We propose an enumerative approach, made usable in practice by two key performance optimizations: a finer classification of the rules and the resort of the topological sorting. We demonstrate its application on a well-known policy with more than fifty rules.
Complete list of metadata

Cited literature [27 references]  Display  Hide  Download
Contributor : Zheng Cheng Connect in order to contact the contributor
Submitted on : Tuesday, July 3, 2018 - 5:52:04 PM
Last modification on : Wednesday, November 3, 2021 - 4:20:11 AM
Long-term archiving on: : Monday, October 1, 2018 - 6:38:22 AM


Files produced by the author(s)



Zheng Cheng, Jean-Claude Royer, Massimo Tisi. Efficiently Characterizing the Undefined Requests of a Rule-Based System. IFM 2018 - 14th International Conference on integrated Formal Methods, Sep 2018, Maynooth, Ireland. pp.69-88, ⟨10.1007/978-3-319-98938-9_5⟩. ⟨hal-01828305⟩



Record views


Files downloads