The OPL Access Control Policy Language

13 years 4 days ago
The OPL Access Control Policy Language
Abstract. Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration. We present the flexible policy language OPL that can represent a wide range of access control principles in XML directly, by providing dedicated language constructs for each supported principle. It can be easily extended with further principles if necessary. OPL is based on a module concept, and it can easily cope with the language complexity that usually comes with a growing expressiveness. OPL is suitable to be used i...
Christopher Alm, Ruben Wolf, Joachim Posegga
Added 25 May 2010
Updated 25 May 2010
Type Conference
Year 2009
Authors Christopher Alm, Ruben Wolf, Joachim Posegga
Comments (0)