A computational model of XACML-based access control management in distributed networks

Abstract

In this paper, we propose a novel approach to enforcing eXtensible Access Control Markup Language (XACML) policy specifications in distributed environments. Our approach is based on a formal language theoretic construction, a variant of networks of parallel language processors. The language processors form teams, send and receive information through component and team level filters. The hierarchical nature of the network supports multiple levels of nesting. Consequently, different security needs can be defined at varying levels of granularity. We use various context conditions for filtering information, thus controlling information flow. Our theoretical contributions include establishing the connection between the growth of the number of strings at the components of the networks and the growth functions of developmental systems. © 2014 Springer International Publishing.