Piero A. Bonatti, Fabio Mogavero:
Piero A. Bonatti (editor):
Formal Policy Analysis Techniques for Comparison and Validation.
Abstract
Policy comparison is useful for a variety of applications,
including policy validation and policy-aware service selection. While
policy comparison is somewhat natural for policy languages based on
description logics, it becomes rather difficult for rule-based
policies. When the policy has recursive rules the problem is in general
undecidable. Still most policies require some form of recursion to model
subject and object hierarchies, and certificate chains. In this paper, we
show how policies with recursion can be compared by adapting query
optimization techniques developed for the relational algebra. We prove
soundness and completeness of our method, discuss the compatibility of the
restrictive assumptions we need w.r.t. our reference application
scenarios, and report the results of a preliminary set of experiments to
prove the practical applicability of our approach.
This work will be published in the proceedings of the IEEE POLICY Workshop
2008.
URL:
http://rewerse.net/publications/rewerse-publications.html#REWERSE-DEL-2008-I2-D14
@deliverable{REWERSE-DEL-2008-I2-D14, url = {http://rewerse.net/publications/rewerse-publications.html#REWERSE-DEL-2008-I2-D14} }