We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control model for the specification and enforcement of access control policies. To clarify all ambiguous and intricate aspects of XACML, we provide it with a more manageable alternative syntax and with a solid semantic ground. This lays the basis for developing tools and methodologies which allow software engineers to easily and precisely regulate access to resources using policies. To demonstrate feasibility and effectiveness of our approach, we provide a software tool, supporting the specification and evaluation of policies and access requests, whose implementation fully relies on our formal development. © 2012 Springer-Verlag.
CITATION STYLE
Masi, M., Pugliese, R., & Tiezzi, F. (2012). Formalisation and implementation of the XACML access control mechanism. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7159 LNCS, pp. 60–74). https://doi.org/10.1007/978-3-642-28166-2_7
Mendeley helps you to discover research relevant for your work.