Abstract | ||
---|---|---|
A computing policy is a sequence of rules, where each rule consists of a predicate and a decision, and where each decision is either "accept" or "reject". A policy P is said to accept (or reject, respectively) a request iif the decision of the first rule in P, that matches the request is "accept" (or "reject", respectively). Examples of computing policies are firewalls, routing policies and software-defined networks in the Internet, and access control policies. A policy P is called adequate iff P accepts at least one request. It has been shown earlier that the problem of determining whether a given policy is adequate (called the policy adequacy problem) is NP-hard. In this paper, we present an efficient algorithm that use SAT solvers to solve the policy adequacy problem. Experimental results show that our algorithm can determine whether a given policy with 90K rules is adequate in about 3 min. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1007/978-3-319-49259-9_16 | Lecture Notes in Computer Science |
Keywords | Field | DocType |
Policies,Firewalls,Access control,Routing policies,SAT | Computer science,Theoretical computer science,Access control,Predicate (grammar),The Internet | Conference |
Volume | ISSN | Citations |
10083 | 0302-9743 | 1 |
PageRank | References | Authors |
0.36 | 4 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Marijn J. H. Heule | 1 | 605 | 49.51 |
Rezwana Reaz | 2 | 11 | 3.32 |
Hrishikesh B. Acharya | 3 | 56 | 9.09 |
Mohamed G. Gouda | 4 | 1982 | 317.23 |