Detecting Network Policy Conflicts Using Alloy

  • Ferney A. Maldonado-Lopez
  • Jaime Chavarriaga
  • Yezid Donoso
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8477)


In Computer Networks, several studies show that 50 to 80% of infrastructure downtime is caused by misconfiguration [1]. Current approaches are aimed to check the configuration of each device and detect conflicts, inconsistencies and bugs, other approaches focus on the specification of the intended behaviour of a network and the automatic configuration of each one of its elements [2].


Alloy Model Policy Rule Access Control Policy Network Policy Intended Behaviour 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Kant, K., Deccio, C.: Security and Robustness in the Internet Infrastructure. In: Handbook on Securing Cyber-Physical Critical Infrastructure. Morgan Kaufmann (2012)Google Scholar
  2. 2.
    Stevens, M., Weiss, W., Mahon, H., Moore, R., Strassner, J., Waters, G., Westerinen, A., Wheeler, J.: IETF policy framework. Technical report, Internet Engineering Task Force, IETF (1999)Google Scholar
  3. 3.
    Stone, G., Lundy, B., Xie, G.: Network policy languages: A survey and a new approach. IEEE Network 15(1), 10–21 (2001)CrossRefGoogle Scholar
  4. 4.
    Guven, A.: Speeding up a Path-Based Policy Language compiler. Master’s thesis, Naval Postgraduate School, Monterrey, California (2003)Google Scholar
  5. 5.
    Power, D., Slaymaker, M., Simpson, A.: Automatic Conformance Checking of Role-Based Access Control Policies via Alloy. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 15–28. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Hinrichs, T.L., Gude, N.S., Casado, M., Mitchell, J.C., Shenker, S.: Practical declarative network management. In: Proceedings of the 1st ACM Workshop on Research on Enterprise Networking, WREN 2009, pp. 1–10. ACM (2009)Google Scholar
  7. 7.
    Soul, R., Basu, S., Kleinberg, R., Sirer, E.G., Foster, N.: Managing the network with Merlin. In: ACM SIGCOMM Workshop on Hot Topics in Networks, HotNets 2013 (2013)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Ferney A. Maldonado-Lopez
    • 1
    • 2
  • Jaime Chavarriaga
    • 1
  • Yezid Donoso
    • 1
  1. 1.Universidad de los AndesBogotáColombia
  2. 2.Universitat de GironaGironaSpain

Personalised recommendations