PML: An Interpreter-Based Access Control Policy Language for Web Services

TL;DR

PML is a versatile, interpreter-based access control language for web services that supports multiple models and is easily extendable across programming languages, with proven real-world adoption and low performance overhead.

Contribution

Introduces PML, a unified, interpreter-based access control language compatible with various models and programming languages, simplifying policy management across cloud platforms.

Findings

PML supports ACL, RBAC, ABAC models.

PML enforcement overhead is under 5.9 microseconds per request.

PML is adopted by major cloud projects like Intel RMD and VMware Dispatch.

Abstract

Access control is an important component for web services such as a cloud. Current clouds tend to design the access control mechanism together with the policy language on their own. It leads to two issues: (i) a cloud user has to learn different policy languages to use multiple clouds, and (ii) a cloud service provider has to customize an authorization mechanism based on its business requirement, which brings high development cost. In this work, a new access control policy language called PERM modeling language (PML) is proposed to express various access control models such as access control list (ACL), role-based access control (RBAC) and attribute-based access control (ABAC), etc. PML's enforcement mechanism is designed in an interpreter-on-interpreter manner, which not only secures the authorization code with sandboxing, but also extends PML to all programming languages that support Lua. PML is already adopted by real-world projects such as Intel's RMD, VMware's Dispatch, Orange's Gobis and so on, which proves PML's usability. The performance evaluation on OpenStack, CloudStack and Amazon Web Services (AWS) shows PML's enforcement overhead per request is under 5.9us.