Fast Firewall Implementations for Software and Hardware-Based Routers
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Firewall Design: Consistency, Completeness, and Compactness
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Unification in Privacy Policy Evaluation - Translating EPAL into Prolog
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Towards Standardized Web Services Privacy Technologies
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Specifying privacy policies with P3P and EPAL: lessons learned
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Conflict and combination in privacy policy languages
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Enterprise privacy promises and enforcement
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
CPOL: high-performance policy evaluation
Proceedings of the 12th ACM conference on Computer and communications security
The secondary and approximate authorization model and its application to Bell-LaPadula policies
Proceedings of the eleventh ACM symposium on Access control models and technologies
Packet classifiers in ternary CAMs can be smaller
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
A comparison of two privacy policy languages: EPAL and XACML
Proceedings of the 3rd ACM workshop on Secure web services
Computer Networks: The International Journal of Computer and Telecommunications Networking
Xengine: a fast and scalable XACML policy evaluation engine
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
The Enterprise Privacy Authorization Language (EPAL) is a formal language for specifying fine-grained enterprise privacy policies. With the adoption of EPAL, especially in web applications, the performance of EPAL policy evaluation engines becomes a critical issue. In this paper, we propose Eengine, an engine for efficient EPAL policy evaluation. Eengine first converts all string values in an EPAL policy to numerical values. Second, it converts a numericalized EPAL policy specified as a list of rules following the first-match semantics to a tree structure for efficient processing of numericalized requests.