Re: [xacml] New issue#1 from "Boolean Policy resolution"

[Polar Humenn <polar@syr.edu>]

Hi,

May I make a separate proposal on this issue? It's sort of like Anne's
alternative #2 below with a couple of differences.

First, NOT-APPLICABLE (or Inapplicable?) and Error, are values that do not
have an XML representation and are merely a artifact of evaluating policy
expressions.

I propose the following consistent semantic model.

T = true, F = false, N = NOT-APPLICABLE, E = Error

The basic crux is that getting a NOT-APPLICABLE in the equation is as if
its the NOT-APPLICABLE value isn't even there. For instance,

     (and  x N y) = (and x y)
     (or   x N y) = (or x y)

I think that is the semantics we want. That is to say, if the policy
doesn't apply, it doesn't enter into the equation.

I also surmise to keep things easily consistent in inductive arguments
about ANDs and ORs of sequences. The AND or OR of a zero length sequence
of values can be anything constant we want, but the minimum element
NOT-APPLICABLE would make the most sense, since

 (and x N) = (and x), from our assumption above, and,
 (and x) = x, which is still another wily assumption, but makes sense,

So therefore (and N) = N,

but from above,

    (and N) = (and),

Therefore,

    (and) = N

So we would have,

   <and></and> = NOT-APPLICABLE
   <or></or>   = NOT-APPLICABLE

Also, to satisfy Hals "the customer's want it", I am almost on the side of
allowing NOT in the language with the following semantics:

p   NOT p
---------
T     F
F     T
N     N
E     E

That is to say NOT of NOT-APPLICABLE is still NOT-APPLICABLE. Then NOT
distributes through the AND and ORs (i.e. DeMorgan's Law) quite nicely.

(NOT (AND N x)) = (OR (NOT N) (NOT x))
 (NOT x)        = (OR N (NOT x))
 (NOT x)        = (NOT x)

(NOT (OR N x))  = (AND (NOT N) (NOT x))
  (NOT x)       = (AND N (NOT x))
  (NOT x)       = (NOT x)

However, differing from alternative #2 in the proposal below, I believe
<NOT></NOT> shouldn't exist, and it should have one and only one
constituent. And empty NOT is a syntax error, as well as having more than
one, i.e. <NOT> x y </NOT> shouldn't type check either. (how do you say
that in XML?  minoccurs=1, maxoccurs=1?).

For completeness the truth tables in the 4-valued logic are below for
"and", "or" and "not",

p   q   p and q
-------------
T   T     T
T   F     F
T   N     T
T   E     E
F   T     F
F   F     F
F   N     F
F   E     E
N   T     T
N   F     F
N   N     N
N   E     E
E   T     E
E   F     E
E   N     E
E   E     E


p   q   p or q
-------------
T   T     T
T   F     T
T   N     T
T   E     E
F   T     T
F   F     F
F   N     F
F   E     E
N   T     T
N   F     F
N   N     N
N   E     E
E   T     E
E   F     E
E   N     E
E   E     E

p   NOT p
---------
T     F
F     T
N     N
E     E

Cheers
-Polar


On Thu, 7 Feb 2002, Anne Anderson wrote:

> PM-1-?: how NOT-APPLICABLE impacts a combinator expression
>
> A "combinator expression" is a combination of predicates, where
> possible combinators are <AND>, <OR>, <NOT>, <N-OF>,
> <ORDERED-[AND|OR|N-OF]>.  This list of Combinators can be
> extended.
>
> Example:
>
> <AND>
>    predicate1,
>    predicate2,
>    predicate3
> </AND>
>
> The issue occurs when one or more of the predicates in the list
> returns a result of NOT-APPLICABLE (this can occur if the
> predicate is a <referencedPolicy>).  What should the result of
> the combinator expression be?  What if ALL predicates in the
> bominator expression return NOT-APPLICABLE?
>
> Potential Resolution:
>
> a) Any predicate evaluating to NOT-APPLICABLE is logically
>    removed from the combinator expression.
>
>     Example: if predicate3 in the example above returned a result of
>     NOT-APPLICABLE, then the combinator expression is the result of
>
>     <AND>
>        predicate1,
>        predicate2
>     <AND>
>
> b) An empty combinator expression has the following results:
>
>   <AND></AND>   -> TRUE
>   <OR></OR>     -> FALSE
>   <NOT></NOT>   -> TRUE
>   <N-OF></N-OF> -> FALSE
>
>   <ORDERED-[whatever]> has same result as [whatever] above.
>   Extended combinators must define the result of an empty
>   expression.
>
>    Example: If predicates 1, 2, and 3 in the example above all
>    evaluate to NOT-APPLICABLE, then the combinator expression is
>    <AND></AND>, and the result is TRUE.
>
> b)-alternative: An empty combinator expression has a result of
>    NOT-APPLICABLE.
>
> Champion: Anne
> --
> Anne H. Anderson             Email: Anne.Anderson@Sun.COM
> Sun Microsystems Laboratories
> 1 Network Drive,UBUR02-311     Tel: 781/442-0928
> Burlington, MA 01803-0902 USA  Fax: 781/442-1692
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
>