Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Fast and Scalable Conflict Detection for Packet Classifiers
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Dealing with Multi Security Policies in Communication Networks
ICNS '09 Proceedings of the 2009 Fifth International Conference on Networking and Services
Modeling and Management of Firewall Policies
IEEE Transactions on Network and Service Management
Hi-index | 0.00 |
Modern paradigms for building distributed systems allow an easy separation of business logic and security concerns. The latter can be efficiently managed with the use of a security policy. The security policy consists of rules controlling interactions between system components, including access restrictions, communication protection, etc. However, due to the compound structure of modern distributed systems, the policy often suffers from inconsistencies (conflicts) which gravely degrade the efficiency of policy execution. In such policies, the main difficulty of conflict discovery and resolution lies in dealing with complex rule elements (such as user roles or service groups). An universal and efficient algorithm for discovering policy conflicts is proposed and discussed.