Reasoning About XACML Policy Descriptions in Answer Set Programming
Source: Arizona State University
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled one to perform business services more efficiently and effectively. However, the authors still suffer from unintended security leakages by unauthorized services while providing more convenient services to Internet users through such a cutting-edge technological growth. Furthermore, designing and managing Web access control policies are often error-prone due to the lack of logical and formal foundation. In this paper, they attempt to introduce a logic-based policy management approach for Web access control policies especially focusing on XACML (eXtensible Access Control Markup Language) policies, which have become the de facto standard for specifying and enforcing access control policies for various applications and services in current Web-based computing technologies.