Sciweavers

COMPSAC
2007
IEEE

Conformance Checking of Access Control Policies Specified in XACML

14 years 4 months ago
Conformance Checking of Access Control Policies Specified in XACML
Access control is one of the most fundamental and widely used security mechanisms. Access control mechanisms control which principals such as users or processes have access to which resources in a system. To facilitate managing and maintaining access control, access control policies are increasingly written in specification languages such as XACML. The specification of access control policies itself is often a challenging problem. Furthermore, XACML is intentionally designed to be generic: it provides the freedom in describing access control policies, which are well-known or invented ones. But the flexibility and expressiveness provided by XACML come at the cost of complexity, verbosity, and lack of desirable-property enforcement. Often common properties for specific access control policies may not be satisfied when these policies are specified in XACML, causing the discrepancy between what the policy authors intend to specify and what the actually specified XACML policies reflect. In...
Vincent C. Hu, Evan Martin, JeeHyun Hwang, Tao Xie
Added 14 Aug 2010
Updated 14 Aug 2010
Type Conference
Year 2007
Where COMPSAC
Authors Vincent C. Hu, Evan Martin, JeeHyun Hwang, Tao Xie
Comments (0)