XACML 3.0 in Answer Set Programming

Carroline Dewi Puspa Kencana Ramli; Hanne Riis Nielson; Flemming; Nielson

arXiv:1206.5327·cs.IT·March 11, 2015

XACML 3.0 in Answer Set Programming

Carroline Dewi Puspa Kencana Ramli, Hanne Riis Nielson, Flemming, Nielson

PDF

Open Access

TL;DR

This paper introduces a method to translate XACML 3.0 access control policies into Answer Set Programming, enabling formal verification of policies using existing ASP solvers.

Contribution

It provides a systematic translation technique from XACML 3.0 to ASP with a formal semantics correspondence, facilitating policy verification.

Findings

01

Unique answer set corresponds to XACML semantics

02

Enables verification of policy completeness

03

Supports formal property checking

Abstract

We present a systematic technique for transforming XACML 3.0 policies in Answer Set Programming (ASP). We show that the resulting logic program has a unique answer set that directly corresponds to our formalisation of the standard semantics of XACML 3.0 from Ramli et. al. We demonstrate how our results make it possible to use off-the-shelf ASP solvers to formally verify properties of access control policies represented in XACML, such as checking the completeness of a set of access control policies and verifying policy properties.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsLogic, Reasoning, and Knowledge · Multi-Agent Systems and Negotiation · Logic, programming, and type systems