Sciweavers

SACMAT
2006
ACM

Towards reasonability properties for access-control policy languages

13 years 9 months ago
Towards reasonability properties for access-control policy languages
The growing importance of access control has led to the definition of numerous languages for specifying policies. Since these languages are based on different foundations, language users and designers would benefit from formal means to compare them. We present a set of properties that examine the behavior of policies under enlarged requests, policy growth, and policy decomposition. They therefore suggest whether policies written in these languages are easier or harder to reason about under various circumstances. We then evaluate multiple policy languages, including XACML and Lithium, using these properties. Categories and Subject Descriptors D.4.6 [Operating Systems]: Security and Protection—Access Controls General Terms Languages, Security Keywords Access control, policy, modularity
Michael Carl Tschantz, Shriram Krishnamurthi
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where SACMAT
Authors Michael Carl Tschantz, Shriram Krishnamurthi
Comments (0)