Abstract
XACML is an XML-based declarative access control language standardized by OASIS. Its latest version 3.0 has several new features including the concept of delegation for decentralized administration of access control. Though it is important to avoid unintended consequences of ill-designed policies, delegation makes formal analysis of XACML policies highly complicated. In this paper, we present a logic-based approach to XACML 3.0 policy analysis. We formulate XACML 3.0 in Answer Set Programming (ASP) and use ASP solvers to perform automated reasoning about XACML policies. To the best of our knowledge this is the first work that fully captures the XACML delegation model in a formal executable language.
| Original language | English (US) |
|---|---|
| Title of host publication | CEUR Workshop Proceedings |
| Publisher | CEUR-WS |
| Volume | 1433 |
| State | Published - 2015 |
| Event | 31st International Conference on Logic Programming, ICLP 2015 - Cork, Ireland Duration: Aug 31 2015 → Sep 4 2015 |
Other
| Other | 31st International Conference on Logic Programming, ICLP 2015 |
|---|---|
| Country/Territory | Ireland |
| City | Cork |
| Period | 8/31/15 → 9/4/15 |
Keywords
- Answer set programming
- Delegation
- Policy
- XACML
ASJC Scopus subject areas
- General Computer Science