Conflict detection in rule sets
First Claim
1. A method of identifying conflicts in a set of system operating rules, comprising the steps of:
- a) storing rule data representing a set of one or more system operating rules, each rule comprising at least one system command;
b) receiving semantic data representing a graph structure of hierarchical semantic relationships between available system commands, including those in the set of system operating rules;
c) expanding the system operating rules according to the allowable hierarchical semantic relationships between the available system command portions, to give, for any particular system operating rule, an additional system operating rule for each hierarchical semantic level in the graph structure below the system command present in the particular rule; and
d) comparing the expanded system rules to identify those rules for which a semantic conflict occurs therebetween.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a method and system for detecting conflicts in policy-based management rule sets. This is achieved by expanding a set of input rules such that each rule relates only to one subject performing one action on a single object, and is known as a singleton rule. Then, data defining the semantic relationships between the different actions is received, and this is used to further expand the singleton rules to give a complete rule set defining every possible rule according to the semantic relationships between rules. This complete set can the be processed to detect conflicts between two or more rules, and any conflicting rules are identified and displayed to a user. Additionally, the invention also provides that the rule sets may be reduced to a canonical form for compact representation thereof.
-
Citations
15 Claims
-
1. A method of identifying conflicts in a set of system operating rules, comprising the steps of:
-
a) storing rule data representing a set of one or more system operating rules, each rule comprising at least one system command;
b) receiving semantic data representing a graph structure of hierarchical semantic relationships between available system commands, including those in the set of system operating rules;
c) expanding the system operating rules according to the allowable hierarchical semantic relationships between the available system command portions, to give, for any particular system operating rule, an additional system operating rule for each hierarchical semantic level in the graph structure below the system command present in the particular rule; and
d) comparing the expanded system rules to identify those rules for which a semantic conflict occurs therebetween. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for identifying conflicts in a set of system operating rules, comprising:
-
a) storage means for storing rule data representing a set of one or more system operating rules, each rule comprising at least one system command;
b) data receiving means for receiving semantic data representing a graph structure of hierarchical semantic relationships between available system commands, including those in the set of system operating rules; and
c) processing means operable to;
expand the system operating rules according to the allowable hierarchical semantic relationships between the available system command portions, to give, for any particular system operating rule, an additional system operating rule for each hierarchical semantic level in the graph structure below the system command present in the particular rule; and
compare the expanded system rules to identify those rules for which a semantic conflict occurs therebetween. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
Specification