The Logic of XACML - Extended [article]

Carroline Dewi Puspa Kencana Ramli, Hanne Riis Nielson, Flemming Nielson
2011 arXiv   pre-print
We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the semantics of the policy combining algorithms of XACML. To guard against modelling artefacts we provide an alternative way of characterizing the policy combining algorithms and we formally prove the equivalence of these approaches. This allows us to pinpoint
more » ... shortcoming of previous approaches to formalization based either on Belnap logic or on D-algebra.
arXiv:1110.3706v1 fatcat:j6bdmvu245d3npxvxfrl3extxu