Conflict detection in rule sets

US 20060010439A1
Filed: 10/24/2003
Published: 01/12/2006
Est. Priority Date: 10/29/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of identifying conflicts in a set of system operating rules, comprising the steps of:

a) storing rule data representing a set of one or more system operating rules, each rule comprising at least one system command;

b) receiving semantic data representing a graph structure of hierarchical semantic relationships between available system commands, including those in the set of system operating rules;

c) expanding the system operating rules according to the allowable hierarchical semantic relationships between the available system command portions, to give, for any particular system operating rule, an additional system operating rule for each hierarchical semantic level in the graph structure below the system command present in the particular rule; and

d) comparing the expanded system rules to identify those rules for which a semantic conflict occurs therebetween.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a method and system for detecting conflicts in policy-based management rule sets. This is achieved by expanding a set of input rules such that each rule relates only to one subject performing one action on a single object, and is known as a singleton rule. Then, data defining the semantic relationships between the different actions is received, and this is used to further expand the singleton rules to give a complete rule set defining every possible rule according to the semantic relationships between rules. This complete set can the be processed to detect conflicts between two or more rules, and any conflicting rules are identified and displayed to a user. Additionally, the invention also provides that the rule sets may be reduced to a canonical form for compact representation thereof.

Citations

15 Claims

1. A method of identifying conflicts in a set of system operating rules, comprising the steps of:
- a) storing rule data representing a set of one or more system operating rules, each rule comprising at least one system command;
  
  b) receiving semantic data representing a graph structure of hierarchical semantic relationships between available system commands, including those in the set of system operating rules;
  
  c) expanding the system operating rules according to the allowable hierarchical semantic relationships between the available system command portions, to give, for any particular system operating rule, an additional system operating rule for each hierarchical semantic level in the graph structure below the system command present in the particular rule; and
  
  d) comparing the expanded system rules to identify those rules for which a semantic conflict occurs therebetween.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method according to claim 1, wherein each stored rule comprises a subject portion identifying one or more system users, a system command portion identifying the system command to which the rule relates, and an object portion identifying one or more system objects to which the rule applies;
    - and wherein when any of the system rules identify more than one system users in the subject portion, and/or more than one system objects in the object portion, the method further comprises expanding such rules to produce replacement rules having a single system user in the subject portion, and a single system object in the object portion, said replacement rules being produced before the expansion step c) is performed.
  - 3. A method according to claim 1, wherein each stored rule further comprises a positive indication portion, which indicates whether the rule is to be applied positively or negatively, the method further comprising the step of producing from the semantic data a second graph structure corresponding to the inverse of the hierarchical semantic relationships between the available system commands, and wherein the expanding step c) uses the hierarchical semantic relationships of the second graph structure to expand any rules for which the positive indication portion thereof indicates are to be applied negatively.
  - 4. A method of generating a set of system operating rules from an initial set of system operating rules, comprising the steps of:
    - identifying conflicts in the initial set of system operating rules using the method of claim 1;
      
      and resolving any identified conflicts in the expanded set of initial rules to give a resolved expanded set of system operating rules.
  - 5. A method according to claim 4, and further comprising the step of:
    - reducing the resolved expanded set of initial rules to canonical form to give an optimised set of system operating rules.
  - 6. A method of operating a system comprising applying the set of system operating rules generated by claim 4 in the system operation.
  - 7. A computer program or suite of programs arranged such that when executed by a computer it causes the computer to perform the method of claim 1.
  - 8. A computer readable storage medium storing a computer program or suite of programs according to claim 7.

9. A system for identifying conflicts in a set of system operating rules, comprising:
- a) storage means for storing rule data representing a set of one or more system operating rules, each rule comprising at least one system command;
  
  b) data receiving means for receiving semantic data representing a graph structure of hierarchical semantic relationships between available system commands, including those in the set of system operating rules; and
  
  c) processing means operable to;
  
  expand the system operating rules according to the allowable hierarchical semantic relationships between the available system command portions, to give, for any particular system operating rule, an additional system operating rule for each hierarchical semantic level in the graph structure below the system command present in the particular rule; and
  
  compare the expanded system rules to identify those rules for which a semantic conflict occurs therebetween.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. A system according to claim 9, wherein each stored rule comprises a subject portion identifying one or more system users, a system command portion identifying the system command to which the rule relates, and an object portion identifying one or more system objects to which the rule applies;
    - and wherein when any of the system rules identify more than one system users in the subject portion, and/or more than one system objects in the object portion, the processing means is further arranged to expand such rules to produce replacement rules having a single system user in the subject portion, and a single system object in the object portion.
  - 11. A system according to claim 9, wherein each stored rule further comprises a positive indication portion, which indicates whether the rule is to be applied positively or negatively;
    - and wherein the processing means is further operable to;
      
      produce from the semantic data a second graph structure corresponding to the inverse of the hierarchical semantic relationships between the available system commands; and
      
      to use the hierarchical semantic relationships of the second graph structure to expand any rules for which the positive indication portion thereof indicates are to be applied negatively.
  - 12. A system for generating an optimised set of system operating rules from an initial set of system operating rules, comprising:
    - the system of claim 9;
      
      and further comprising processing means arranged to;
      
      resolve any identified conflicts in the expanded set of initial rules to give a resolved expanded set of system operating rules.
  - 13. A system according to claim 12, wherein the processing means is further arranged to:
    - reduce the resolved expanded set of initial rules to canonical form to give an optimised set of system operating rules.
  - 14. A system arranged to operate in accordance with a set of system operating rules generated by the system of claim 12.
  - 15. A system arranged to operate in accordance with a set of system operating rules generated by the system of claim 13.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
British Telecommunications PLC (BT Group PLC)
Original Assignee
British Telecommunications PLC (BT Group PLC)
Inventors
Majidian, Andrei

Application Number

US10/531,054
Publication Number

US 20060010439A1
Time in Patent Office

Days
Field of Search
US Class Current

718/1
CPC Class Codes

G06F 21/604 Tools and structures for ma...

G06N 5/022 Knowledge engineering; Know...

Conflict detection in rule sets

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Conflict detection in rule sets

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links