Application domain independent policy conflict analysis using information models

A key part of the policy authoring process is analysis of the potential for newly created or modified policies to conflict with already deployed policies. We propose an approach for policy conflict analysis in which candidate policies (either newly created or modified) are analyzed on a pair-wise basis with already deployed policies, with potential conflicts between the policies being notified to the policy author. Central to the approach is a two-phase algorithm which, querying an information model, firstly determines the relationships between the pair of policies and, secondly, applies an application-specific conflict pattern to determine if the policies should be flagged as potentially conflicting. The algorithm is generic in the sense that all application specific information is encoded in the information model; as long as a minimal set of assumptions regarding the policy model are adhered to it can be applied in arbitrary application domains. In the paper we present the two phase algorithm and describe an implementation in which it is used to detect potential conflicts for both access control and filtering (firewall) policies.