Performance evaluation of XACML PDP implementations

Authors:
Fatih Turkmen;Bruno Crispo
Affiliations:
University of Trento, Trento, Italy;University of Trento, Trento, Italy
Venue:
Proceedings of the 2008 ACM workshop on Secure web services
Year:
2008

Citing 4
Cited 11

P-Hera: Scalable fine-grained access control for P2P infrastructures

ICPADS '05 Proceedings of the 11th International Conference on Parallel and Distributed Systems - Volume 01
An approach to evaluate policy similarity

Proceedings of the 12th ACM symposium on Access control models and technologies
Xengine: a fast and scalable XACML policy evaluation engine

SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Multiple-implementation testing for XACML implementations

TAV-WEB '08 Proceedings of the 2008 workshop on Testing, analysis, and verification of web services and applications

An attribute-based authorization policy framework with dynamic conflict resolution

Proceedings of the 9th Symposium on Identity and Trust on the Internet
Modular context-aware access control for medical sensor networks

Proceedings of the 15th ACM symposium on Access control models and technologies
Access control caching strategies: an empirical evaluation

Proceedings of the 6th International Workshop on Security Measurements and Metrics
A method to implement fine-grained access control for personal health records through standard relational database queries

Journal of Biomedical Informatics
E-EPR: a cloud-based architecture of an electronic emergency patient record

Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive Environments
Graph-based XACML evaluation

Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Emergency Healthcare Process Automation Using Mobile Computing and Cloud Services

Journal of Medical Systems
RETENTION: A reactive trust-based mechanism to detect and punish malicious nodes in ad hoc grid environments

Journal of Network and Computer Applications
Using XML-Based Multicasting to Improve Web Service Scalability

International Journal of Web Services Research
ERBAC: event-driven RBAC

Proceedings of the 18th ACM symposium on Access control models and technologies
Introducing concurrency in policy-based access control

Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

eXtensible Access Control Markup Language (XACML), an OASIS standard, is the most widely used policy specifica- tion language for access control. Its simplicity in syntax and strength in coverage makes it suitable for diverse en- vironments such as Service Oriented Architectures (SOAs) and P2P systems. There are different implementations of XACML available. Some of these implementations are open source and some others are proprietary. In this work we intended to shed some lights to the performance issues of XACML engines. We tested 3 open source XACML implementations with different policy/request settings. Our experiments revealed some important points to be taken into consideration when deploying an XACML based access control system. Besides, our results can be used as hints by policy writers and system developers for deploying efficient authorization services.