Geometric interpretation of policy specification

被引:6
作者
Basile, Cataldo [1 ]
Cappadonia, Alberto [1 ]
Lioy, Antonio [1 ]
机构
[1] Politecn Torino, Dipartimento Automat & Informat, Turin, Italy
来源
2008 IEEE WORKSHOP ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS, PROCEEDINGS | 2008年
关键词
D O I
10.1109/POLICY.2008.36
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The actual implementation of a policy on real devices must be done by providing a "set of rules". Nevertheless, no extensive studies were performed to completely model this crucial process. This paper provides a formal geometric interpretation of the policy specification focusing on the role of three factors: the detection, the resolution and the default behavior The resulting model allows for the definition of new resolution strategies and the definition of "morphisms" between rule sets where conflicts are managed using different resolution methods. Additionally, it provides a mean to classify conflicts and anomalies for the "generic" resolution strategy. The effectiveness of the theory is proven by means of experimental results.
引用
收藏
页码:78 / 81
页数:4
相关论文
共 16 条
[1]   Conflict classification and analysis of distributed firewall policies [J].
Al-Shaer, E ;
Hamed, H ;
Boutaba, R ;
Hasan, M .
IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 2005, 23 (10) :2069-2084
[2]  
ALSHAER E, 2004, IEEE T NETWORK SERVI
[3]  
BASILE C, 2007, MMM ACNS
[4]  
BASILE C, 2004, WORKSH LOG FOUND AD
[5]  
EPPSTEIN D, 2001, S DISCR ALG
[6]  
Fu Z, 2001, LECT NOTES COMPUT SC, V1995, P39
[7]   Computational geometry [J].
Lee, DT .
ACM COMPUTING SURVEYS, 1996, 28 (01) :27-31
[8]   Conflicts in policy-based distributed systems management [J].
Lupu, EC ;
Sloman, M .
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1999, 25 (06) :852-869
[9]  
MAYER A, 2006, INT J INF SECUR, V5, P125
[10]  
MOFFETT JD, 1991, P C ORG COMP SYST AT
12