The Logic of XACML

Carroline Dewi Puspa Kencana Ramli; Hanne Riis Nielson; Flemming Nielson

doi:10.1007/978-3-642-35743-5_13

The Logic of XACML

Carroline Dewi Puspa Kencana Ramli, Hanne Riis Nielson, Flemming Nielson

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the semantics of the policy combining algorithms of XACML. To guard against modelling artefacts we provide an alternative way of characterizing the policy combining algorithms and we formally prove the equivalence of these approaches. This allows us to pinpoint the shortcoming of previous approaches to formalization based either on Belnap logic or on D -algebra.

Original language	English
Title of host publication	Formal Aspects of Component Software : 8th International Symposium, FACS 2011, Oslo, Norway, September 14-16, 2011, Revised Selected Papers
Publisher	Springer
Publication date	2012
Pages	205-222
ISBN (Print)	978-3-642-35742-8
ISBN (Electronic)	978-3-642-35743-5
DOIs	https://doi.org/10.1007/978-3-642-35743-5_13
Publication status	Published - 2012
Event	8th International Symposium on Formal Aspects of Component Software (FACS 2011) - Oslo, Norway Duration: 14 Sept 2011 → 16 Sept 2011 Conference number: 8 http://facs2011.ifi.uio.no/

Conference

Conference	8th International Symposium on Formal Aspects of Component Software (FACS 2011)
Number	8
Country/Territory	Norway
City	Oslo
Period	14/09/2011 → 16/09/2011
Internet address	http://facs2011.ifi.uio.no/

Series	Lecture Notes in Computer Science
Volume	7253
ISSN	0302-9743

Access to Document

10.1007/978-3-642-35743-5_13

OpenUrl availability

Full text

Cite this

@inproceedings{00db8d6ef3624f5584b3cee72c84726a,

title = "The Logic of XACML",

abstract = "We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the semantics of the policy combining algorithms of XACML. To guard against modelling artefacts we provide an alternative way of characterizing the policy combining algorithms and we formally prove the equivalence of these approaches. This allows us to pinpoint the shortcoming of previous approaches to formalization based either on Belnap logic or on D -algebra.",

author = "Ramli, {Carroline Dewi Puspa Kencana} and Nielson, {Hanne Riis} and Flemming Nielson",

year = "2012",

doi = "10.1007/978-3-642-35743-5_13",

language = "English",

isbn = "978-3-642-35742-8",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "205--222",

booktitle = "Formal Aspects of Component Software",

note = "8th International Symposium on Formal Aspects of Component Software (FACS 2011), FACS ; Conference date: 14-09-2011 Through 16-09-2011",

url = "http://facs2011.ifi.uio.no/",

}

Ramli, CDPK, Nielson, HR & Nielson, F 2012, The Logic of XACML. in Formal Aspects of Component Software: 8th International Symposium, FACS 2011, Oslo, Norway, September 14-16, 2011, Revised Selected Papers. Springer, Lecture Notes in Computer Science, vol. 7253, pp. 205-222, 8th International Symposium on Formal Aspects of Component Software (FACS 2011), Oslo, Norway, 14/09/2011. https://doi.org/10.1007/978-3-642-35743-5_13

The Logic of XACML. / Ramli, Carroline Dewi Puspa Kencana; Nielson, Hanne Riis; Nielson, Flemming.
Formal Aspects of Component Software: 8th International Symposium, FACS 2011, Oslo, Norway, September 14-16, 2011, Revised Selected Papers. Springer, 2012. p. 205-222 (Lecture Notes in Computer Science, Vol. 7253).

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - The Logic of XACML

AU - Ramli, Carroline Dewi Puspa Kencana

AU - Nielson, Hanne Riis

AU - Nielson, Flemming

N1 - Conference code: 8

PY - 2012

Y1 - 2012

N2 - We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the semantics of the policy combining algorithms of XACML. To guard against modelling artefacts we provide an alternative way of characterizing the policy combining algorithms and we formally prove the equivalence of these approaches. This allows us to pinpoint the shortcoming of previous approaches to formalization based either on Belnap logic or on D -algebra.

AB - We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the semantics of the policy combining algorithms of XACML. To guard against modelling artefacts we provide an alternative way of characterizing the policy combining algorithms and we formally prove the equivalence of these approaches. This allows us to pinpoint the shortcoming of previous approaches to formalization based either on Belnap logic or on D -algebra.

U2 - 10.1007/978-3-642-35743-5_13

DO - 10.1007/978-3-642-35743-5_13

M3 - Article in proceedings

SN - 978-3-642-35742-8

T3 - Lecture Notes in Computer Science

SP - 205

EP - 222

BT - Formal Aspects of Component Software

PB - Springer

T2 - 8th International Symposium on Formal Aspects of Component Software (FACS 2011)

Y2 - 14 September 2011 through 16 September 2011

ER -

The Logic of XACML

Abstract

Conference

Access to Document

OpenUrl availability

Fingerprint

Cite this