MyABDAC: compiling XACML policies for attribute-based database access control
Proceedings of the first ACM conference on Data and application security and privacy
Survey Paper: A survey on policy languages in network and security management
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
XACML is commonly used as a policy exchange mechanism, decision engines are available, and verification tools are under development. However, no support for legacy access control systems exists yet. To explore the feasibility to support legacy systems, we designed and implemented a mapping of the IBM Tivoli Access Manager policy language into XACML. Although the Tivoli Access Manager policy language, being ACL-based, is simpler in general, it turned out to be a non-trivial task to encode the interplay of the Tivoli Access Manager policy elements and decision logic within XACML. To achieve this task, we had to come up with a novel use of XACML features.