METHOD OF ANALYZING SECURITY RULESET AND SYSTEM THEREOF
First Claim
1. A method of analyzing an ordered security rule-set comprising a plurality of rules comprising N≧
- 1 extrinsic rule-fields, the method comprising;
upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class;
mapping said equivalence classes over the rule-set; and
generating a logically equivalent security rule-set, wherein respective rules comprise N−
1 extrinsic rule-fields.
5 Assignments
0 Petitions
Accused Products
Abstract
There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N≧1 extrinsic rule-fields. The method comprised: upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N−1 extrinsic rule-fields.
114 Citations
16 Claims
-
1. A method of analyzing an ordered security rule-set comprising a plurality of rules comprising N≧
- 1 extrinsic rule-fields, the method comprising;
upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N−
1 extrinsic rule-fields. - View Dependent Claims (2, 3, 4, 5, 6, 7)
- 1 extrinsic rule-fields, the method comprising;
-
8. A rule-set analyzer operable to analyze an ordered security rule-set comprising a plurality of rules comprising N≧
- 1 extrinsic rule-fields, the rule-set analyzer comprising;
a rule interface operable to obtain data specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field; a processor operatively connected to the rule interface and operable to; partition said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; map said equivalence classes over the rule-set; and generate a logically equivalent security rule-set, wherein respective rules comprise N−
1 extrinsic rule-fields. - View Dependent Claims (9, 10, 11, 12, 13, 14)
- 1 extrinsic rule-fields, the rule-set analyzer comprising;
-
15. A non-transitory computer readable medium storing a computer readable program executable by a computer for causing the computer to perform a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N≧
- 1 extrinsic rule-fields, the method comprising;
upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N−
1 extrinsic rule-fields.
- 1 extrinsic rule-fields, the method comprising;
-
16. A computer program product comprising a non-transitory computer readable medium storing computer readable program code embodied therein for causing the computer to perform a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N≧
- 1 extrinsic rule-fields, the computer program product comprising;
computer readable program code for causing the computer, upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, to partition said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; computer readable program code for causing the computer to map said equivalence classes over the rule-set; and computer readable program code for causing the computer to generate a logically equivalent security rule-set, wherein respective rules comprise N−
1 extrinsic rule-fields.
- 1 extrinsic rule-fields, the computer program product comprising;
Specification