An algebra for fine-grained integration of XACML policies

Abstract: Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computing, often require integrating access control policies of collaborating parties. Such an integration must be able to support complex authorization specifications and the fine-grained integration requirements that the various parties may have. In this paper, we introduce an algebra for fine-grained integration of sophisticated policies. The algebra is able to support the specification of a large variety of integrat… Show more

“…We are now ready to introduce the algebra extended from [8]. We first define the syntax and semantics of the basic algebraic operations and then discuss their properties and expressiveness in details.…”

“…It will be interesting to see how the algebra could cope with high level policy languages. An algebra for fine-grained integration of XACML policies is introduced in [8]. XACML [1] is the OASIS standard language for specification of access control policies.…”

“…The questions of how to understand the interactions between access control policies and obligation polices, and how to integrate and compose policies to enforce consistency in a policy-based system, have not yet been adequately investigated. Therefore, in this paper, we further extend the algebra defined in [8] by introducing obligation requirement to support the integration and analysis of Ponder2 policies.…”

“…We start with a summary of XACML policy algebra [8], then present an overview of Ponder2 policy language [4], [7] and preliminary notions of policy semantics adopted in our work.…”

“…Operators on policies are described as set operations. The integration of policies may involve multiple operators based on the definition of FIA expressions (see [8] for a detailed description).…”

An Algebra for Integration and Analysis of Ponder2 Policies

“…We are now ready to introduce the algebra extended from [8]. We first define the syntax and semantics of the basic algebraic operations and then discuss their properties and expressiveness in details.…”

“…It will be interesting to see how the algebra could cope with high level policy languages. An algebra for fine-grained integration of XACML policies is introduced in [8]. XACML [1] is the OASIS standard language for specification of access control policies.…”

“…The questions of how to understand the interactions between access control policies and obligation polices, and how to integrate and compose policies to enforce consistency in a policy-based system, have not yet been adequately investigated. Therefore, in this paper, we further extend the algebra defined in [8] by introducing obligation requirement to support the integration and analysis of Ponder2 policies.…”

“…We start with a summary of XACML policy algebra [8], then present an overview of Ponder2 policy language [4], [7] and preliminary notions of policy semantics adopted in our work.…”

“…Operators on policies are described as set operations. The integration of policies may involve multiple operators based on the definition of FIA expressions (see [8] for a detailed description).…”

An Algebra for Integration and Analysis of Ponder2 Policies

Access Control for XML Big Data Applications

Authorization Policies Specification and Consistency Management within Multi-cloud Environments