Title :
EXAM: An Environment for Access Control Policy Analysis and Management
Author :
Rao, Prathima ; Lin, Dan ; Bertino, Elisa ; Li, Ninghui ; Lobo, Jorge
Author_Institution :
Purdue Univ., West Lafayette, IN
Abstract :
As distributed collaborative applications and architectures are adopting policy-based solutions for tasks such as access control, network security and data privacy, the management and consolidation of a large number of policies is becoming a crucial component of such solutions. In large-scale distributed collaborative applications like Web services, there is need for analyzing policy interaction and performing policy integration. In this demonstration, we present EXAM, a comprehensive environment for policy analysis and management, which can be used to perform a variety of functions such as policy property analyses, policy similarity analysis, policy integration. Our work focuses on analysis of access control policies written in XACML (Extensible Access Control Markup Language) [5]. We consider XACML policies because XACML is a rich language able to represent many policies of interest to real world applications and is gaining widespread adoption in the industry.
Keywords :
Web services; XML; authorisation; EXAM; Web services; access control policy analysis; data privacy; distributed collaborative applications; extensible access control markup language; network security; policy integration; policy interaction; policy-based solutions; Access control; Conferences; Control system analysis; Databases; Environmental management; Filtering; Filters; Performance analysis; USA Councils; User interfaces; Policy Analysis; XACML;
Conference_Titel :
Policies for Distributed Systems and Networks, 2008. POLICY 2008. IEEE Workshop on
Conference_Location :
Palisades, NY
Print_ISBN :
978-0-7695-3133-5
DOI :
10.1109/POLICY.2008.30
