The Implication Problem of Computing Policies

  • Rezwana Reaz
  • Muqeet Ali
  • Mohamed G. Gouda
  • Marijn J. H. Heule
  • Ehab S. Elmallah
Conference paper

DOI: 10.1007/978-3-319-21741-3_8

Volume 9212 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Reaz R., Ali M., Gouda M.G., Heule M.J.H., Elmallah E.S. (2015) The Implication Problem of Computing Policies. In: Pelc A., Schwarzmann A. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2015. Lecture Notes in Computer Science, vol 9212. Springer, Cham

Abstract

A computing policy is a sequence of rules, where each rule consists of a predicate and an action, and where each action is either “accept” or “reject”. A policy P is said to accept (or reject, respectively) a request iff the action of the first rule in P, that is matched by the request is “accept” (or “reject”, respectively). A pair of policies (P, Q) is called an accept-implication pair iff every request that is accepted by policy P is also accepted by policy Q. The implication problem of policies is to design an efficient algorithm that can take as input any policy pair (P, Q) and determine whether (P, Q) is an accept-implication pair. Such an algorithm can support step-wise refinement methods for designing policies. In this paper, we present a polynomial algorithm that can take any policy pair (P, Q) and determine whether (P, Q) is an accept-implication pair. The time complexity of this algorithm is \(\mathcal {O}\)((\(m + n\))\(^{t+2}\)), where m is the number of rules in policy P, n is the number of rules in policy Q, and t is the number of attributes in P or in Q. This time complexity is polynomial when t is fixed, as is usually the case.

Keywords

Policy Implication problem Step-wise refinement Firewalls Access control Routing 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Rezwana Reaz
    • 1
  • Muqeet Ali
    • 1
  • Mohamed G. Gouda
    • 1
  • Marijn J. H. Heule
    • 1
  • Ehab S. Elmallah
    • 2
  1. 1.University of Texas at AustinAustinUSA
  2. 2.University of AlbertaEdmontonCanada