Skip to main content

Detecting Network Policy Conflicts Using Alloy

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNTCS,volume 8477)


In Computer Networks, several studies show that 50 to 80% of infrastructure downtime is caused by misconfiguration [1]. Current approaches are aimed to check the configuration of each device and detect conflicts, inconsistencies and bugs, other approaches focus on the specification of the intended behaviour of a network and the automatic configuration of each one of its elements [2].


  • Alloy Model
  • Policy Rule
  • Access Control Policy
  • Network Policy
  • Intended Behaviour

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Kant, K., Deccio, C.: Security and Robustness in the Internet Infrastructure. In: Handbook on Securing Cyber-Physical Critical Infrastructure. Morgan Kaufmann (2012)

    Google Scholar 

  2. Stevens, M., Weiss, W., Mahon, H., Moore, R., Strassner, J., Waters, G., Westerinen, A., Wheeler, J.: IETF policy framework. Technical report, Internet Engineering Task Force, IETF (1999)

    Google Scholar 

  3. Stone, G., Lundy, B., Xie, G.: Network policy languages: A survey and a new approach. IEEE Network 15(1), 10–21 (2001)

    CrossRef  Google Scholar 

  4. Guven, A.: Speeding up a Path-Based Policy Language compiler. Master’s thesis, Naval Postgraduate School, Monterrey, California (2003)

    Google Scholar 

  5. Power, D., Slaymaker, M., Simpson, A.: Automatic Conformance Checking of Role-Based Access Control Policies via Alloy. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 15–28. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  6. Hinrichs, T.L., Gude, N.S., Casado, M., Mitchell, J.C., Shenker, S.: Practical declarative network management. In: Proceedings of the 1st ACM Workshop on Research on Enterprise Networking, WREN 2009, pp. 1–10. ACM (2009)

    Google Scholar 

  7. Soul, R., Basu, S., Kleinberg, R., Sirer, E.G., Foster, N.: Managing the network with Merlin. In: ACM SIGCOMM Workshop on Hot Topics in Networks, HotNets 2013 (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Maldonado-Lopez, F.A., Chavarriaga, J., Donoso, Y. (2014). Detecting Network Policy Conflicts Using Alloy. In: Ait Ameur, Y., Schewe, KD. (eds) Abstract State Machines, Alloy, B, TLA, VDM, and Z. ABZ 2014. Lecture Notes in Computer Science, vol 8477. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-43651-6

  • Online ISBN: 978-3-662-43652-3

  • eBook Packages: Computer ScienceComputer Science (R0)