Image Number 5 for United States Patent #7584499.
The present invention provide for an algebraic mapping of a policy expression from a compact to a normalized form, both in Boolean and set formulations. The policy algebra is defined in such a way that policy alternatives within the normalized expression will be the same across equivalent compact expressions--regardless of how the assertions are arbitrarily constrained or what operators are used to constrain such equivalent expressions. Moreover, the present invention also provides a model for identifying alternatives that are equivalent by comparing only the root element names or QName of each assertion within an alternative. In addition, embodiments as described herein can utilize the identification of equivalent alternatives in order to create an intersection policy expression to limit alternatives of admissible behavior to those in common across both endpoints.