A lattice-based approach for updating access control policies in real-time
Information Systems
The policy continuum-Policy authoring and conflict analysis
Computer Communications
Normative conflict resolution in multi-agent systems
Autonomous Agents and Multi-Agent Systems
A formal logic approach to firewall packet filtering analysis and generation
Artificial Intelligence Review
On harnessing information models and ontologies for policy conflict analysis
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Detecting conflict policy rules with concept lattice
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Visualization for access control policy analysis results using multi-level grids
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
A survey of system configuration tools
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Conflict prevention via model-driven policy refinement
DSOM'06 Proceedings of the 17th IFIP/IEEE international conference on Distributed Systems: operations and management
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Policy-based management provides the ability to (re-)configure differentiated services networks so that desired Quality of Service (QoS) goals are achieved. Relevant configuration involves implementing network provisioning decisions, performing admission control, and adapting bandwidth allocation dynamically according to emerging traffic demands. A policy-based approach facilitates flexibility and adaptability in that the policies can be changed without changing the implementation. However, as with any other complex system, conflicts and inconsistencies may arise in the policy specification. In this work, we concentrate on the policy conflicts that may occur for static resource management aspects of QoS provisioning, known as Network Dimensioning. The paper shows how conflict detection can be achieved using Event Calculus in conjunction with abductive reasoning techniques to detect the existence of potential conflicts in partial specification and generate explanations for the conditions under which the conflicts arise. We finally present some conflict detection examples from our initial implementation of a policy conflict analysis tool. Although we focus on network dimensioning, many of the types of conflicts we illustrate could arise in other applications.