Comparing Rule-Based Policies
Policy comparison is useful for a variety of applications, including policy validation and policy-aware service selection. While policy comparison is somewhat natural for policy languages based on description logics, it becomes rather difficult for rule-based policies. When policies have recursive r...
Saved in:
| Published in | 2008 IEEE Workshop on Policies for Distributed Systems and Networks : policy 2008, 2-4 June 2008, Palisades, New York, USA : proceedings pp. 11 - 18 |
|---|---|
| Main Authors | , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.06.2008
|
| Subjects | |
| Online Access | Get full text |
| ISBN | 0769531334 9780769531335 |
| DOI | 10.1109/POLICY.2008.16 |
Cover
| Abstract | Policy comparison is useful for a variety of applications, including policy validation and policy-aware service selection. While policy comparison is somewhat natural for policy languages based on description logics, it becomes rather difficult for rule-based policies. When policies have recursive rules, the problem is in general undecidable. Still most policies require some form of recursion to model - say - subject and object hierarchies, and certificate chains. In this paper, we show how policies with recursion can be compared by adapting query optimization techniques developed for the relational algebra. We prove soundness and completeness of our method, discuss the compatibility of the restrictive assumptions we need w.r.t. our reference application scenarios, and report the results of a preliminary set of experiments to prove the practical applicability of our approach. |
|---|---|
| AbstractList | Policy comparison is useful for a variety of applications, including policy validation and policy-aware service selection. While policy comparison is somewhat natural for policy languages based on description logics, it becomes rather difficult for rule-based policies. When policies have recursive rules, the problem is in general undecidable. Still most policies require some form of recursion to model - say - subject and object hierarchies, and certificate chains. In this paper, we show how policies with recursion can be compared by adapting query optimization techniques developed for the relational algebra. We prove soundness and completeness of our method, discuss the compatibility of the restrictive assumptions we need w.r.t. our reference application scenarios, and report the results of a preliminary set of experiments to prove the practical applicability of our approach. |
| Author | Mogavero, F. Bonatti, P.A. |
| Author_xml | – sequence: 1 givenname: P.A. surname: Bonatti fullname: Bonatti, P.A. organization: Univ. di Napoli Federico II, Naples – sequence: 2 givenname: F. surname: Mogavero fullname: Mogavero, F. organization: Univ. di Napoli Federico II, Naples |
| BookMark | eNotjEFLwzAYQAM60G67ehFhf6A1yZfkS45anA4KG0MPnkaafJVI145GD_57B_ouD97hFexyGAdi7EbwSgju7nfbZlO_V5JzWwlzwQqOxmkQAGrGinNGp8AYuGLLnD_5GXDaCX3N7urxePJTGj5W---eykefKa52Y59Corxgs873mZb_nrO39dNr_VI22-dN_dCUSaD-KqUUiLKVkTrNyQbnO--9cE5xw8lpEX0LrW2DlC5IDGhjQN9Ji1JHxRHm7Pbvm4jocJrS0U8_B6W10QjwCxriPc8 |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/POLICY.2008.16 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EndPage | 18 |
| ExternalDocumentID | 4556573 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IK 6IL 6IN AAJGR AARBI AAWTH ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK IERZE OCL RIE RIL |
| ID | FETCH-LOGICAL-i175t-221772b2def50e8c9afaaa1994060e951dab3b8bc229c27c78dc7af28725d4073 |
| IEDL.DBID | RIE |
| ISBN | 0769531334 9780769531335 |
| IngestDate | Wed Aug 27 02:15:27 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| LCCN | 2007943663 |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-221772b2def50e8c9afaaa1994060e951dab3b8bc229c27c78dc7af28725d4073 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_4556573 |
| PublicationCentury | 2000 |
| PublicationDate | 2008-June |
| PublicationDateYYYYMMDD | 2008-06-01 |
| PublicationDate_xml | – month: 06 year: 2008 text: 2008-June |
| PublicationDecade | 2000 |
| PublicationTitle | 2008 IEEE Workshop on Policies for Distributed Systems and Networks : policy 2008, 2-4 June 2008, Palisades, New York, USA : proceedings |
| PublicationTitleAbbrev | POLICY |
| PublicationYear | 2008 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0000395915 |
| Score | 1.430255 |
| Snippet | Policy comparison is useful for a variety of applications, including policy validation and policy-aware service selection. While policy comparison is somewhat... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 11 |
| SubjectTerms | Algebra Arithmetic Authorization Automata Conferences Datalog query containment Logic functions Network servers Policy comparison Policy compliance Policy verification Policy-aware service selection Privacy Query processing Rule-based policies Security |
| Title | Comparing Rule-Based Policies |
| URI | https://ieeexplore.ieee.org/document/4556573 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV09T8MwED21nZgKtIivogyMuE3sOI5XKqqCKFSISmWq_IkQKEUoWfj12HFaEGJgsz2dZVt373z3HsC5cZdA6IQjgYl1ACXliGuGEbGY5ZIm1grfnDy7y6aL9GZJly242PbCGGPq4jMz9MP6L1-vVeVTZaOU-k860oY2y7PQq7XNp8SEU57QgMy5u1mEpA3BzmZOG9LGJOaj-f3t9fgp1FJ6rfMf0iq1Z5l0YbaxKRSUvA6rUg7V5y-6xv8avQv97x6-aL71TnvQMsU-dDciDlHzpnswGAclwuI5eqjeDLp0bk1HNV2wA9F9WEyuHsdT1GgmoBcXCJQIO4jBsMTaWBqbXHFhhRCeADjOYuPCKS0kkblUGHOFmWK5VkxYh5sw1Q7ckQPoFOvCHEJErLJZqqmLEWWKLZWxxC54kURoSWyGj6Dnd7t6D7QYq2ajx38vn8BOKLXwCYxT6JQflRk4f17Ks_ogvwAZAJrH |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LTwIxEJ4gHvSECsYXugePLuz2sbu9SiSggMRAgifSJzGaxZjdi7_edndBYzx4a3uapm1mvunM9wFca3sJuAqZzxE2FqAQ5jMVIx8bFCeChsZw15w8nkSDOblf0EUNbra9MFrrovhMd9yw-MtXa5m7VFmXUPdJh3dglxJCaNmttc2oBJhRFtISmzN7tzAmFcXOZk4r2sYwYN3p42jYey6rKZ3a-Q9xlcK39Bsw3lhVlpS8dvJMdOTnL8LG_5p9AK3vLj5vuvVPh1DT6RE0NjIOXvWqm9DulVqE6cp7yt-0f2sdm_IKwmALo1sw79_NegO_Uk3wX2wokPnIgowYCaS0oYFOJOOGc-4ogIMo0DagUlxgkQiJEJMolnGiZMyNRU6IKgvv8DHU03WqT8DDRpqIKGqjREGQoSIQyIYvAnMlsInQKTTdbpfvJTHGstro2d_LV7A3mI1Hy9Fw8nAO-2XhhUtnXEA9-8h123r3TFwWh_oFbSieFA |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2008+IEEE+Workshop+on+Policies+for+Distributed+Systems+and+Networks+%3A+policy+2008%2C+2-4+June+2008%2C+Palisades%2C+New+York%2C+USA+%3A+proceedings&rft.atitle=Comparing+Rule-Based+Policies&rft.au=Bonatti%2C+P.A.&rft.au=Mogavero%2C+F.&rft.date=2008-06-01&rft.pub=IEEE&rft.isbn=9780769531335&rft.spage=11&rft.epage=18&rft_id=info:doi/10.1109%2FPOLICY.2008.16&rft.externalDocID=4556573 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9780769531335/lc.gif&client=summon&freeimage=true |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9780769531335/mc.gif&client=summon&freeimage=true |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9780769531335/sc.gif&client=summon&freeimage=true |